From f1aa1351a197250c71a1bf6cbc063aefbf37bd40 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 14 Jun 2021 13:58:15 +0530 Subject: [PATCH 001/742] Training-DevOps --- deploy-as-code/helm/.sops.yaml | 141 +- .../helm/environments/bihar-dev-secrets.yaml | 76 - .../helm/environments/bihar-dev.yaml | 607 -------- .../helm/environments/bihar-prod-secrets.yaml | 83 - .../helm/environments/bihar-prod.yaml | 608 -------- .../helm/environments/bihar-uat-secrets.yaml | 76 - .../helm/environments/bihar-uat.yaml | 729 --------- .../helm/environments/ci-secrets.yaml | 731 --------- deploy-as-code/helm/environments/ci.yaml | 125 -- .../helm/environments/covid-uat-secrets.yaml | 92 -- .../helm/environments/covid-uat.yaml | 712 --------- .../epass-micro-prod-secrets.yaml | 65 - .../helm/environments/epass-micro-prod.yaml | 485 ------ .../helm/environments/epass-uat-secrets.yaml | 65 - .../helm/environments/epass-uat.yaml | 471 ------ .../helm/environments/nugp-demo-secrets.yaml | 123 -- .../helm/environments/nugp-demo.yaml | 802 ---------- .../helm/environments/pb-prod-secrets.yaml | 91 -- .../helm/environments/pb-prod-v2-secrets.yaml | 125 -- .../helm/environments/pb-prod-v2.yaml | 1343 ----------------- deploy-as-code/helm/environments/pb-prod.yaml | 1101 -------------- .../helm/environments/pb-qa-secrets.yaml | 86 -- deploy-as-code/helm/environments/pb-qa.yaml | 1003 ------------ .../helm/environments/pb-uat-secrets.yaml | 95 -- .../helm/environments/pb-uat-v2-secrets.yaml | 121 -- .../helm/environments/pb-uat-v2.yaml | 1087 ------------- deploy-as-code/helm/environments/pb-uat.yaml | 910 ----------- .../environments/ukd-dev-sdc-secrets.yaml | 73 - .../helm/environments/ukd-dev-sdc.yaml | 703 --------- .../helm/environments/ukd-dev-secrets.yaml | 73 - deploy-as-code/helm/environments/ukd-dev.yaml | 544 ------- .../environments/ukd-prod-sdc-secrets.yaml | 103 -- .../helm/environments/ukd-prod-sdc.yaml | 888 ----------- .../helm/environments/ukd-prod.yaml | 899 ----------- .../environments/ukd-sdc-uat-secrets.yaml | 108 -- .../helm/environments/ukd-sdc-uat.yaml | 887 ----------- .../helm/environments/ukd-uat-secrets.yaml | 72 - deploy-as-code/helm/environments/ukd-uat.yaml | 543 ------- .../helm/environments/up-dev-secrets.yaml | 121 -- deploy-as-code/helm/environments/up-dev.yaml | 681 --------- .../helm/environments/up-prod-secrets.yaml | 121 -- deploy-as-code/helm/environments/up-prod.yaml | 755 --------- .../helm/environments/up-uat-secrets.yaml | 121 -- deploy-as-code/helm/environments/up-uat.yaml | 665 -------- 44 files changed, 1 insertion(+), 19309 deletions(-) delete mode 100644 deploy-as-code/helm/environments/bihar-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/bihar-dev.yaml delete mode 100644 deploy-as-code/helm/environments/bihar-prod-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/bihar-prod.yaml delete mode 100644 deploy-as-code/helm/environments/bihar-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/bihar-uat.yaml delete mode 100644 deploy-as-code/helm/environments/ci-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ci.yaml delete mode 100644 deploy-as-code/helm/environments/covid-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/covid-uat.yaml delete mode 100644 deploy-as-code/helm/environments/epass-micro-prod-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/epass-micro-prod.yaml delete mode 100644 deploy-as-code/helm/environments/epass-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/epass-uat.yaml delete mode 100644 deploy-as-code/helm/environments/nugp-demo-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/nugp-demo.yaml delete mode 100644 deploy-as-code/helm/environments/pb-prod-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/pb-prod-v2-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/pb-prod-v2.yaml delete mode 100644 deploy-as-code/helm/environments/pb-prod.yaml delete mode 100644 deploy-as-code/helm/environments/pb-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/pb-qa.yaml delete mode 100644 deploy-as-code/helm/environments/pb-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/pb-uat-v2-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/pb-uat-v2.yaml delete mode 100644 deploy-as-code/helm/environments/pb-uat.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-sdc-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-sdc.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-dev.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod-sdc-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod-sdc.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-prod.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-sdc-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-sdc-uat.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ukd-uat.yaml delete mode 100644 deploy-as-code/helm/environments/up-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/up-dev.yaml delete mode 100644 deploy-as-code/helm/environments/up-prod-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/up-prod.yaml delete mode 100644 deploy-as-code/helm/environments/up-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/up-uat.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index bde048e5da..d3842b47ec 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -13,7 +13,7 @@ creation_rules: #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - path_regex: environments/playground\-secrets\.yaml$ + - path_regex: environments/egov-demo\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' @@ -23,145 +23,6 @@ creation_rules: #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - # ePASS ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/egov\-demo\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-prod\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/epass\-micro-prod\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # CI ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/ci\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # BIHAR ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/bihar\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/biharUat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/bihar\-prod\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D' - - # UKD ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/ukd\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-uat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-sdc\-prod\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/ukd\-sdc\-uat\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D' - - - path_regex: environments/ukd\-sdc\-dev\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #azure_keyvault: 'https://bihar-uat-key-vault.vault.azure.net/keys/sops/9c2ec70ac9584c4d9e458e01304ad07d' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # PB ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/pb\-qa\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-uat\-secrets\.yaml$ # PMIDC-UAT - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-prod\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-uat-v2\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/pb\-prod-v2\-secrets\.yaml$ #PMIDC-PROD - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - #nugp --------------------------------------------------------------------------- - - path_regex: environments/nugp\-demo\-secrets\.yaml$ - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - #UP --------------------------------------------------------------------------- - - path_regex: environments/up\-dev\-secrets\.yaml$ #UP-DEV - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/up\-uat\-secrets\.yaml$ #up-uat - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/up\-prod\-secrets\.yaml$ #up-prod - encrypted_regex: '^(secrets)$' - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' # DEFAULT ------------------------------------------------------------------------------------------------------------- # # Finally, if the rules above have not matched, this one is a diff --git a/deploy-as-code/helm/environments/bihar-dev-secrets.yaml b/deploy-as-code/helm/environments/bihar-dev-secrets.yaml deleted file mode 100644 index bce5b463b4..0000000000 --- a/deploy-as-code/helm/environments/bihar-dev-secrets.yaml +++ /dev/null @@ -1,76 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:KD1ngKOH+43OXNywaDGvkDR35UZS10MEIVKA2jNVOERYZc0Zmvk3kV178ZY6Td+Nh7W3NB0giQ==,iv:Yl4lRvBUl7hDxNjRB+b2LOpPOQ7fj+IxX6xP00To+ms=,tag:aTskjCN1JEPxyLXNfDTyXg==,type:str] - password: ENC[AES256_GCM,data:FBu15AKnWg6v4A==,iv:unsrWkbkKkFpEXENOhmqpjEn1BYTZbU55qNB0UO1Q8o=,tag:skJD8smmvp+QXKgfKdT8Ig==,type:str] - flywayUsername: ENC[AES256_GCM,data:Y+8y66WDbhYht2kA8OnItlfGiq4dkNS8PCsUmM9wrq4vSbIwKCRfCzyuVpIYG31z7y7HSqYEtw==,iv:U8jy1Vta/TO70rxfGe9BldxxORNtCQAiWMUVK0V9HTE=,tag:O9p8guN0NU3h7rWg//tzww==,type:str] - flywayPassword: ENC[AES256_GCM,data:Pxxomn8QKl5m8w==,iv:KdWpZeOLePMRuAy7HEOe0xNHU7pMysfwCfH1vQdffm0=,tag:CZLGDzO3btpfD6C5YOMzXw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:KILo0MEw9mI5YOQOFkLOdEmdLzA=,iv:BNLp+hCBi0a3UrRCTmGxUK5e7u5v9t+rovg/58YdamU=,tag:mZNWUYVbkKWWY5fG6tw+fQ==,type:str] - password: ENC[AES256_GCM,data:rzKJ551t7n9m,iv:BcvH2biM6w82cGkv4jOdFB/XmFZNlHUQ2JNm5myi3jk=,tag:rCmn101vJ8aIBjhQKQm54A==,type:str] - secure-key: ENC[AES256_GCM,data:K2INEEZX96Wvwk6KzBH1UobPz/tX2+UTszzvZttMtcOI8P7M,iv:nDEjLkVGWYJ4yHXJEBW5O4+SRItDTRBDHxJrFAQo2gs=,tag:l+GBxKbTkMJH7+ODTUVsCg==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:17CoySEiCzGViReNtCoUQsq4f/O/,iv:mE8rObxSICLE4++TMPThyZMofNBAUpg+mJqaofQqnCU=,tag:N5ajoSFUQccvNVChtGSCbA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:fZJQWq3nhyQJFg==,iv:13snN57tn1ExrfgNqxmlDK4q2iCmtl+uwya4PfehZXc=,tag:g29gVUVs3PNU7Faoakk7hw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:XZyRuAN55AraXjNnSvZ1KOM/Bf4=,iv:tXjai8KvDd6oFTYQ/6mKPrgLzFPHvW8BWcx/AP6ZIXI=,tag:Bm2KjMoLidr69TnP+tyB9Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:v3DYBCMNuiQMZ/4I/vTYgIQr0ADS6YkeEZ8RW8ndKfSdIJsBdpNxCQ==,iv:7/7vTVnQcMLMKQdXnFaeFdn7tTTZtqqT2kCRth4o5YM=,tag:+Flcm/yqUbbF90uz4Kt3Zw==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1Xuw/UIyCLJyN1JXDscoG37Dg58HzMl2M43zXGb6ORI4VoKMmrT4,iv:SPcwiLcwcWzdgesSIICUMxQJoTVMjFQBdjxBia/A2+Q=,tag:0mbVZSKhEWLCL39bAkieJQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:oAnkKKyRCRnCzZzq3D744X+1cMRd/cYSsNk=,iv:bDFbmd03XZ04okhqr+Y3jjt65QlNhij4upZw601rsVg=,tag:m2Zdiyp1e5ruVIwGsnOeAw==,type:str] - admin-password: ENC[AES256_GCM,data:7FB3OP8aY1wJaJ8C,iv:sB63ot3aei0o9epnWp/aQEGh80UdSmyaHi4OMsmPnzc=,tag:1VCXFHzSA3xU4+waWW0mEQ==,type:str] - read-email: ENC[AES256_GCM,data:QrNSxCYorOP5laMBhr4KnIsONLoGgxjSxg==,iv:FYs1C9CK7Teg1OU3KEYnYZwX1WJZ4uzTCMag3qrsT9Q=,tag:ZknZ1Xx1/9dpqmsvSvxvAg==,type:str] - read-password: ENC[AES256_GCM,data:0ba9OEZ/lldmc8CX,iv:sIXDygxFGd3lBj5BN4ib+edGEw6QOn61wY1keQFiuzs=,tag:GOGOgFuXoav8ACKFYmIi6w==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:SqQnOsjzO76XX7pux64B+g==,iv:vzRjWvphogjjRdXNMP3/YSTh+XVz1BWSXSUFI3oJ548=,tag:/n4lw5MAcWlKAwrFuZrivw==,type:str] - master-salt: ENC[AES256_GCM,data:nAxMN7oCtcA=,iv:Y+aBrsW5ES725hWEiSVTdMCDbV2aT6Vw4vHJKDxZgMY=,tag:6fvAPj9TVAF12EMBBvem3Q==,type:str] - master-initialvector: ENC[AES256_GCM,data:OggsxU6ADKDz7SWZ,iv:1S3qcTg8T6Tw+MK06oTkXBuRoLu10tBieohwn4fSOsg=,tag:Dkh9iHMguznUQZJttvk6yw==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:jf6bO6/gZP+fe3OraapO/XBAor81nWWc2hvPWA==,iv:vp9lHhFT5Cd5o3NATswWViF0/XQjygcjNtcS2NQYjt4=,tag:w4k+0gumrWjzr4bfMZ7mow==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:6NM04Z5ar+0ziF/nPfjymQ==,iv:f+Gnz5UlKdloOYv6twawxL/v0fEoEU+wDyO2IJ8iuWA=,tag:PJSy13GijX69z6xeAngvKw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:65Dqng98RA==,iv:F+Iz1MnuX99HPS4ewGL53dz1vitN4PtmIWrAzdS5+qo=,tag:DkGNRJ74SPjwfFR6hQyO7A==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:6Z3+x0Khew==,iv:KEDJ3/lDYcbkuFR6PpLzjD41Zzj/fs1ns0fLed1/09w=,tag:1dQVc/70pUU0xlmfVRgdVw==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:JQDUq6RJQIRTXQ2efHfP,iv:FX2ixXKrjoUH6Yg5j/WtDW1EReVycniC/ryAdKN7hZQ=,tag:h5OOYjYYiem1NcPhVxFRvw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:h7m1axNS2MukO1lLOB6Lb6NrxxPWEofsj3UjmF+9BbM=,iv:9Wt9rn0XvDfPxQuTRHvMNu28TcMyoB/uNoqXpAOkiDk=,tag:u7yLpSv5m+trgBwAoqsfcQ==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:L9bmsrzu,iv:ExZYm7XaxJyjki8URRmtUA8cWJvkyzx5zhnpqgaPstg=,tag:FgIPTv5COuGn3SgYR8mW9w==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:U2VkXqQF1ZY=,iv:jTr361iNWGN/p8TeJT72mUu9yuwfrX4ZVOnbQ/Y4qhk=,tag:jqegwS3awIWeKABoO4gIYA==,type:str] - egov-pg-service: - ccavenue-merchant-id: ENC[AES256_GCM,data:uqfyuApP,iv:HxLdDLrs6fpmH2WFvmpCRUQjO67obEvOHN5NAcUly2I=,tag:tTwF5Xgui81GKRQkPWgK/Q==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:/nUP+H/bUgkOPEoM2Ei6N/QYDvWyo8wdENyFp2zOr2o=,iv:dVqB96v/NluMzqFyb5Rb4sZj2KCTXxypwWaMhwsXvL4=,tag:5eRy7c/Rio/hy2PYh3HWOQ==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:Y34w51ZzXKefsvn+jbz1TNUEtySBmUOvGVbpoarHqr4=,iv:vJnm+JJznSnAgHNdRKZBbsesWYQ/IF0nCMCC6jDCER4=,tag:BCb053r7v68dVBQkde93Tw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:hOiUk3YIjkcgD5Aa3Nmv12qWfSGXvQ+ARP5/6p8ycPs3NQzUCS0Vgpaq2GDKVM7IDSnX/dHnWuGNeRnxnVmGWK4+F6qcEvGQE9zVutztbJDT5nVVR+KVQacD2yJMqwvUfW1pWSRGfkAsHjU91Y0RQd1evwZ5m2zUKG40CIm0UmhtdmuSSdm3gw8C2ITubGFbZgejolls44/VoqfTvb1oFlLay76UNEUnSVr1sU03hUtTRS2crA4NNMauTMEeWZsKyCZVpOairHqiIfjKoM/gLCRMUygSN4ch4kRn6nE0bk3tpMAihlc4CVzXeM5RJroN9cYbyJu3IEwv4vW6WRN9vM6GqMxcizAh0eAzqgzb124A5vaSv6+IBm49c/OxZ0FXS/8/A9mjG1K55Io0A6VPMaYtgtIpoyoT779DoxDGEfLu2j9be3/Jsz4qPMPIxCTCik7ptUrn6vaZA0kMpq+OoGdUQ9wUgyvCe+cNnakNw5IoT/QNji44ysRrITfysPBLCufMAjFJzmyeZJSohPNvuUGxLCDnGLJ4ehIyoAt2B5onr1My+4hrD2KIe36GTT1v59EiqO03ZzX5B5fcbLYgyTIC+V6QMISGc0SKLCc8ZQOKY6rds0BW+utm5N2WVBoSEl3PgrJvTzX6QjUWUgYZG1r2VjkMRdtpkHG0Gq7DO4bvlWRzXV0tEHn2V106tDSznRE7VkEvw4yvjUfDPUi0iAOpYzMy/j8OGiXwzj3GIyJ3NlUDAda/jfta/hSSiUGThUQQlmbmNDhACP7vO4bH+hS6B1fcbFdv4GsCvKidUlDpP0zXW60RnFHAM4IXLBcxKvNQvdznjKvJoBF9Bns4Temm0JUqph9IwoMttZUeXN/yMM1Vvlub/1J6pMAGUftxRXfFtj7vE5u8pUVwAZZwEfNFb+8+Jy6h8rcYYn9m5DkasczXbun9aKkN6WF1oH5Yq+WjxerXZ5t/srw8dqgYqorRflhPg0LQxUO5hIJ53JEPVPZ9dbJrhTmZFKpDPvhz+qdCCOAxhrR39g3N5lV20n3ZZGLfE6m0RPgzrbO6CUmAI7lTFYLqCT2nHbyXdm9ExIiXPcvr5il5UCsPaa3oiwbyaD/oWREkQEwEMWhkxKs3NK94FGXkh8cE/283+YGGVT/cYLqzFAybKPNR8TZlR08K3bCfLPtgiv7yNfCj996F8iwi15e2PFSS/LL5QBsif4ZHzC3J0PBqDJP8D3s5I2meKCSIy0GUfvAVpTwdDaHybFdhYV4+YH5SIuEv48j+dEhqQRe5uMg+gsP6RxcBUor0f64fuxEEIj0DakNyv6Kee+XaFToUnz2uUxqNE5K0HY3y4pl1vam7S5nGN8PYNh8o6wanIn0pxBrAirTILO5eOGjTOYyVWORCcLWWmO7kK/XsYk/cKryG7hDHRPa1pa2+6n+jD2tfNWg4WE46ecL1K4gez2Wo8BF6Ni9rxMzItrUO5XNAimaCLu5AIBvYT9HGhRCSeANa7lOSQKHboyUkscTypwa7gNh6NmDvW8YotfJfl0U2ujQbINzgABfdQNk+SX6hgfYVYFByczxyZFwAEtQ0xv1EsYYO3afgsszQje3Rn//aEWRaHEZT62vBDlWNoVQOMwq7NzHDt6+RTXkPrswZDlKIHpFo12WYSnFjIW4cVmemg4tRywZwqx6U4Qr0VgtbjM6Z9PY9cx6BoQfliuDE1Tlv3/8wBhOxlHLdAOFPoUwV56qNmulXMq+cbz2DYUJz+0oW9DK1jShBm1vnDs84IVIgH78K3XUCgk0ac5HebUxFFoBCuswgbHa6KHXgUlF3A4ihB1FNKvstELrVScIwijZyLZorvjGpaKQsM0MW+la+ujJq8CUN7xCA8ElPz4dCnLKTZisiHLr4SJ2t5nLJS6b8aOGulmXBkX2qVM9/IDCuU+6NbhUVouaQpg+oP1nMzD6gL4JOGhCn3Yl4biv8Otmc0Rc3ETl4kYrNNEDGzWlkE5fPgblvMPX2wMcU9YXS6P1JO/Z0aEojort92MdHMwemX/mr2fIeW0pIQ+gQ+RasA83XkhoxooafwZw8/EsOZha8pyEsROtFeu90x3IkwBVgej+EWmiVMAJf2gyMBLj2U/sE+NfeqBTCEZANNZl8cnUHBbXgKc07R5Vw5bxf7uIDZgltWoFQzI9Ia80svdsMgIGl3I8Aiu70ycCaFb0F7Jl1ohkD+DDnH9oi57Y9ceHQKjCF/wbHdLA+c/c3DS8shD3+Xh7PomGzjHLV2GNgi7D3L1istNCouGE3YVSFw00nTKWnpVueUEp5bSCqLCul4yEnWxcF48fO258eeqGZW7g5svHhVp0nZj1vO1yaleDcyjjudKUTQMH3ye69ypQ4GgZ3oHnAxiMuCELQGQNww5/11T+NXhHYnYciut9RL+v6k6rPl+1c37P7KSUoJOcQk7a08gjK1AxRiymZKZ22KYVPSLIvIm1uyeqIxNfmJwPHJAT7I3IB4hMhLjVTgsiziGH17345BdWYgOwUlInv+5zBL9VT3y6qQgenS2JzpOWVBxNarZ5leyYEq2FYu2XJNAnP6ejor6NnzxTFelbIBcEaQSZrrjEdgKxCt7b72Bn7xMiDkMb3S5PZtmR1IGxigtgiV6Sj9DB+oPc2NbBL6e8CvmpnDCBHQQF2rMTBzMOSzI40DPQmktclZb6y3qipbE1d8tNduDrMmywMqVB1jv5m/JXHfePrX+yzksedjBM+31PaB+fcmEvRYJNO6sQauwINlBOH7JwuxvrSNkygbZkF27a69orkOAodVDdYw34JdbPdM+C0hmRTHK8pirGSKLxrr6/gfhwKvfh4PpE3IvZ3tQwCSD+5bwvbuNvFlOXoCG4SXYw7MuaFR1sweNwOOeSEc11o6emUwQuXA7lvXUwmIS4sPzwyUAFzLs+SOl5e7r1fh5S9rBusYyfttCFnZig19fGqpXY8bvWqlsWtywkgQ0MAHlBCXwlzQkNBh8+PnWzSSdULB7ygkdHprv3iN3RsAr/2fXOD6Wmf7qPwMPse8Iuc6oOjoAfqAK4MV4qKl1+FrNcDPB0B38oaUhkZ3et0XvP2VoUsmLYUVg/OSYxGOG2IhJ6Rrhr5EOKLOI+nEuL0/BpMjeWVrLB48aP4vdWwCnB5Q2MhsSNGQJZqi4QmFRGXQdxuUn7mlFWFxKKEuHag/eMVvZxh/fmMimTpLurRE9Hk1bTB4SSE7XA0O/KNB3eUffmkcR+9c/VLk1Ko5FlR+sP312i9yy6rpLpi4Act3V+qO5wAjYNWxxWzEOej4/+ELUjBb+Z8U7lIfOKuhXmOB2ES+eDaJfrS6UVHRvUjQTqHZp/rTnCxAbBGeT20/RdGUXkk0qo8BuQMa+bQ9F9WoxH0Ch4kBHHjigTqBQE/r1JxFjReVEJVonEm07oFwMDoqrq4eKmG8z9KdvmneWAyxj7ij3xjzdyLjCtkIyitVdWf3KVb7ntYUbiAtmoCqW41QgA7Rjk2f8bXAUNLullfKHywc3IP1ZecN1OWMep7OUog3WOSdmumyJaIttdyrJd+7rVTQgHLWHvhndEpyd+u6JwIIyNPTzhHIy4RahnlLa7bzxf5C9WUx1LClfkLOSVPy1diSqE0B76Yn00qnGqKdrkc5FiucEwKcRrLcDOrbKldsNDt1r2ukcnCIdoGtJ7ScOeZgqRf165BNQC0gMxz5H9ttswNFal25GYYKxhnYOAmNTz2vZh5Ufn47TpNua901Q1i2d5ruWmclrgJcOCmq556BAcoNK6dYNes8D7tBt51Qm6rPBBJ9Gr1JjoQisFyDzljVZHT7/FQ23Kb8yh+8920oGi2NAP/KCToHgQlJyCnBbLJH5zN3RZSIqNu+hZa81bltYrjo9bCr92vyYEI28nqL8zrIQHps3u4d6Vy07CYcSkSBqcS34h1bwZfUswNhxKwPWm/QunxUGLsWS6q1o/wzure2RLLI/mIhp4RosFI1hJM0w4+wrGv0p+cthS9uB000LWIK8Z89IPSWyoB1J0qJLvO3/OX146aNpwXGFxZP381MavOjp+dK15XNe9njOcZG/bP32TymsKl3cB7u4EiS0yXQiZyybpqowZAYAB9POtsUUKxpp6heDXWhIijmmXCb/sjsSgJPrZeWVC0CBsAhhEMiI6Pmb6DuMC/g6tnvwvptMY+yFLWErr+LK0xk3YZI0xeHiUAOddJ1+RRUMbC0U/z6l5Q0gogJcyV/fQ/VgnsLN7MnPDlCA7pvXsCXMIVG7+ZGzMO0aNQ3Mgs/4HFLbBFSKS5NVYmPGlnKtS3kKqUwwxZ5CZZBCf1FsHL,iv:OgWRFszE0+mzsy1dRL9vNgO5p7oIcEsoklFsHtRKVB8=,tag:F977tdrn1hHMglffZU1X5A==,type:str] - known-hosts: ENC[AES256_GCM,data:ilXQMar8TSKdIatgqXAEaA4vQ80YWjNUwclsGXYNgDmFP9CRsq/zb7lcM1jWUhl8baiU7G5LX10dQbTReIRm2XIQn0KmN+FGn1flIg+UZXqyfMBHyTAkEXwncp1uNXQ+jbhXRQxXo97IdfCvUN21/dH+r3MvxbvatEjypJv8y6UbMsEIBW1UgzpyRwjgu+3BM50Eg6oj9E0nZX7mWu1b1gt4JG5D5WhHArDuR7Fwb4/tiuDnUfGyhH9OrItxiS6n9VE0Pezz3P+DUqeM5sbcAXsKD2cJ99/OrLrMDWgLBTjMX6tcYqEz+XHauzJHEyxf89sBFU3/AkFpvatJpDf0tuilVNpU12xa+gL3b/o8cOt0EaV+9B6jiV5ENo2dxnOJItrzcLQScRNq88wQSII/0RTcWtwvMD7paFJ7lszDLzzmSQRv8cmEWSnrh73N7VJbUpeHCgU6k1zJ/Dbk7Ai9bNl6hrREKPpNszhnzbxqG0D/JIzDLTx1gIaf7fdfrqjLD1jaAjp+Ag==,iv:k2PWqxd2LCx2skHnF+OvGseVnRvRzuXINy+BLfVQy8Y=,tag:LZUNn48VIzJuE6zSdDLtRw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:+LgPi3Rer+Ppjg==,iv:muRnBTX6KiEbTp//7yn2BKDcty/DswVG9xs7wN3IX1Y=,tag:E7Xr2SXo9SawbA+QBvzEEA==,type:str] - credentials: ENC[AES256_GCM,data:i0hzjD0K4YcFIrXqa2UNNouCtjDn0jNWTybbJdEA8lWGSOx30hC8z9nlhPLNfUmN,iv:qkeU5XYjQ7TTXKXArcyMYCBEt9DRjmFqFb58VrUN3eM=,tag:373j8eQXFUTRGNsiyM53lQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:24:20Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgH3IwPtqEIjUw0g5YGHQQrcAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0jIcyqJmkLd1bM0WAgEQgDs99y/UyBzaelZ6wm71XHR/NskwW/axTXXxwih8A0yHBXJRFaKfGdE6YhcgYNY1jMKWbaD8QtyzIDTLUw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-04-06T11:41:10Z' - mac: ENC[AES256_GCM,data:4EWGwIHnOiwZIlgAWp3zVMsAWtx932zElFUhEJytxmSSCBKz0lDr1l8Nyt3ISOd3uFgIBw0bFiG8D0OP0BaCsA9FV/FbZUXf3Tf1Pq1g1bfhQ0+5VsAddwiohQEKS0t9B5IdHDBOpEZ1YQgvvRwzhLZDDBjh6AOrV6nTluy7H40=,iv:VHIrpuMX9foqweFA/a8U5iC1OD07o2eNqFwJGz+oT34=,tag:dIlEmVdbvjVMaOTZbt93og==,type:str] - pgp: - - created_at: '2020-11-10T08:24:20Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/TufarQQ86Pi122egh9vhTAzQawsUTi2RoltZ+Eje9uET - y3a0FsUaexsrT8lUMoQqge1xajw81UpMdo4otts71z7qSgHJcnk8bhq41iyl2oR/ - z6H6oEZ/oOC3h9dJwyR2gZvZLNF94rHGNJaoPEJLFDnvHc43RcnNmWZbU/Z6Ne1m - s+W5Rzny7owXr5MB2Rlzly5pvl42wAUp8VWMTsoPq25l/8rzivwz7XcEl3Yv3UoY - mBACUQCqTiH+5v3QPpTy1C9ymfnVQoq8NTWYzTPCrdBvdub7QIsT3a2ontdIlu3g - 47bZcGQq0nOvm5XP0Z8sk/9wRCHamBaiWvweLgTJ29JcAbaISGOWPLL26ex9ZoPE - eS2uCrt6KvSEd0ZR7ehQsoimiR+GS8K6YmPGlVoN9KeHJL3wAAMgD1U/jCtRhg+d - 9fG8CyIEIjww4OphFT2nI13hgIuWfCh1kCMVAGQ= - =H0Dg - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/bihar-dev.yaml b/deploy-as-code/helm/environments/bihar-dev.yaml deleted file mode 100644 index 9f0c9a96b7..0000000000 --- a/deploy-as-code/helm/environments/bihar-dev.yaml +++ /dev/null @@ -1,607 +0,0 @@ -global: - domain: bihar-micro-dev.egovernments.org -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://bihar-micro-dev-db.postgres.database.azure.com:5432/bihar_dev_db" - db-host: "bihar-micro-dev-db.postgres.database.azure.com" - bpa-db-url: "jdbc:postgresql://bihar-micro-dev-db.postgres.database.azure.com:5432/bihar_impl_erp" - db-name: "bihar_dev_db" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://bihar-micro-dev.egovernments.org/" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "bihar-micro-dev.egovernments.org" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "bh" - s3-assets-bucket: "(pb-egov-assets|bihar-uat-assets)" - timezone: "Asia/Kolkata" - - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - bpa-services: http://bpa-services.egov:8080/ - bpa-calculator: http://bpa-calculator.egov:8080/ - egov-edcr: http://egov-edcr.egov:8080/ - - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-rainmaker # Only for Dev & QA - -egov-localization: - memory_limits: 384Mi - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "BHRGOV" - sms-sender-requesttype: "POST" - sms-custom-config: "true" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "bh" - decryption-abac-enabled: "false" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - -egov-mdms-service: - mdms-path: "/work-dir/bihar-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-mdms-data" - branch: "DEV" - masters-config-url: "file:///work-dir/bihar-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - egov-indexer-yaml-repo-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-bpa-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/bpa-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "DEV" - -pdf-service: - data-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-renewal.json" - format-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-renewal.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "DEV" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - -egov-searcher: - search-yaml-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "DEV" -egov-pg-service: - replicas: 1 - images: - - egovio/egov-pg-service - db_migration_image: egovio/egov-pg-service-db - ccavenue: true - axis: false - ccavenue-redirect-access-code: AVMT87GI61AL22TMLA - ccavenue-status-access-code: AVMT87GI61AL22TMLA - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://bihar-micro-dev.egovernments.org/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://bihar-micro-dev.egovernments.org/pg-service/transaction/v1/_redirect - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://bihar-micro-dev-db.postgres.database.azure.com:5432/bihar_dev_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-staging" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+AESGCM:EDH+AESGCM" - ssl-ecdh-curve: "secp384r1" - -cert-manager: - email: "devops@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 1 - images: - - nithindv/zuul:9-discovery - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/pg-service/transaction/v1/_redirect" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "false" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -employee: - replicas: 1 - images: - - egovio/employee:356-rainmaker-v1-bihar-bbc83bd9 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - replicas: 1 - images: - - egovio/citizen:336-rainmaker-v1-bihar-bbc83bd9 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -ui-localisation: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/bihar-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "DEV" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - egov-location-hierarchytypecode: ADMIN - tl-search-default-limit: 50 - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - -egov-hrms: - replicas: 1 - images: - - egovio/egov-hrms - db_migration_image: egovio/egov-hrms - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - mail-interval-in-secs: "604800" - images: - - egovio/egov-weekly-impact-notifier - schedule: "30 07 * * *" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - -zuul-config: - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/pg-service/transaction/v1/_redirect,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v4.1.1 - -pgadmin-config: - host: "bihar-micro-dev-db.postgres.database.azure.com" - db-admin-username: "bihardev" - db-read-username: "bihar_readonly" - port: "5432" - env: "DEV" - maintenance-db-name: "bihar_dev_db" - admin-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfDuQoLfCnKPm5GKw/Pgl0D1VcHGXxblruwkv8iUziC5VSPFLgDEgjn+1vscsbE4MA==" - read-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51frJ/am+/tF0yDpOlU7xGWD9kb4xhcEgseyNPT2/zSJg==" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#timezone specific configuration >>>>>>>> -time-config: - timezone: "Asia/Kolkata" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#Monitoring -es-alerts: - replicas: 1 - images: - - egovio/es-alerts - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - log-index-name: "qa-logstash-*" - slack-url: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dtrFP1/YcM/dZEYNdxfb7/ry3M/l8EsdD5voj9brwWUNxWAJZfWoMAy6DRV+q0Kad/dXa4joQZAkIDMwrrwzfFIfwDSz2ewWhWNv/42WR4L/8gM86ouhlQIZYr0eg6lYht2A+SFpt0E21gY7n7PfihA== -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - replicas: 1 - images: - - egovio/egov-enc-service - db_migration_image: egovio/egov-enc-service-db - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "bh" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.0.1 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.0.1 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - nithindv/cp-kafka-connect - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 2 - shards: "4" - es-replicas: "0" - storage-size: 40Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-1 - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-micro-dev_bihar-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-2 - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" - credentials: "qkp0ODShiI000hMgQUNEdfZtA1eTG2iNKp3ayXeISMTnJ2E0Ue2i6Jwiy3mzFtKt/aG4sZAQZtIpeI864kB/qQ==" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=bihar-micro-dev.egovernments.org - tenant.bihar-micro-dev.egovernments.org=state - client.id=Bihar - tenant.sonpur-bihar-micro-dev.egovernments.org=sonpur - tenant.hajipur-bihar-micro-dev.egovernments.org=hajipur - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - -# eGov-eDCR Mdms integration -microservice: - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - mdms.enable=false - mdms.host=http://egov-mdms-service.egov:8080/ - mdms.searchurl=egov-mdms-service/v1/_search diff --git a/deploy-as-code/helm/environments/bihar-prod-secrets.yaml b/deploy-as-code/helm/environments/bihar-prod-secrets.yaml deleted file mode 100644 index e955b3c63b..0000000000 --- a/deploy-as-code/helm/environments/bihar-prod-secrets.yaml +++ /dev/null @@ -1,83 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:8DDHWijrMoIrwuBFEMJF,iv:jf8+NXcc/NY9rr59ShI7/mxJeQNJ/YvcBnzUiKMsOi4=,tag:lU5eyJf9Jl9oHcfAyWKvow==,type:str] - password: ENC[AES256_GCM,data:7R4DPz7O4LUfOSkoHFuyqg==,iv:KjrjtdFeX1CLq8EK/fXibzM/vA1QKWLWop0DNSkdaWc=,tag:VdlzFFD/XCIr+Gpo4k7A5A==,type:str] - flywayUsername: ENC[AES256_GCM,data:IWwyE+AT0/RZYY8RFZuh,iv:yTicuuf3tBUU56Fu4SbanzjitHPcf+PBnYCgG668CQk=,tag:zsTk+3mV923QioKJsVC8pQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:N5cnA87OETn8a0vNOTw5NA==,iv:9G/a+mosfJ/dr5w4mplKZwvAxNSbTfZmCOJ71xqUHCk=,tag:gfXSpZTFvGBy0GA8hdwplA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:ex4vNWNc0oiilvZJ+GUiPgHN7dg=,iv:PXuwlgxI4FEezdKbXDTKWoZ0WEuGjal+XItXAfiMKg4=,tag:Ejt2Bpv9ICjxa4oq5M73kw==,type:str] - password: ENC[AES256_GCM,data:yHU4IEROTQtt,iv:lo5HJHqqsPg4381ONJ/ykpbovKeKenUmBMlJMenKhSY=,tag:+y/qUs5B+4FzY3YMu0DmRQ==,type:str] - secure-key: ENC[AES256_GCM,data:4s/WnnjF6blz59i+mBk/6eVFKfJDM+c5GVZYJ58v4nHn8j42,iv:0StQeDsK6BDKx7pt6m/9PfBTTWNUlgkOr9qHt+J8yHE=,tag:XkocN9HbLVGJYgwZLBKtCA==,type:str] - egov-notification-mail: - mail-host: ENC[AES256_GCM,data:V+PSyQBaEN1zjj21Bg==,iv:L5eTYTr036Ygm5Bli21ID+TO735cXLUUEttG6pbwWwQ=,tag:niXu525lLe/X5+Qbp4L6Ew==,type:str] - mailsenderusername: ENC[AES256_GCM,data:vcI9S5IziK2vlTSGRpry/nIFdQUieA==,iv:zwlyhrWH3sjSWBlYxhNY2F1222sGb+qtu/fhuy+FsPc=,tag:26K3uQljfMy1fIeTZz03kw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:Jb3doiIU7eZia5q++d8=,iv:KhQ9f4frAg7EfnTuy9n8zha7lYznuGTmdJn/yrxf/pQ=,tag:2mgHgQICNFd5BUf8qk7B5g==,type:str] - egov-pg-service: - ccavenue-merchant-id: ENC[AES256_GCM,data:ySD2dzUF,iv:rPamVbChwU3shJo/Xg8MCFyZJpQyyNrn/FWi6hf9n0o=,tag:yRn4ZX8hSnwHilhTQ3Ys+A==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:ZTBKGGQ+9pwm/c9m2m1qtxIsjiP3Np5oweThs1NBl9A=,iv:rVzghclYD30h1H42Xb9ezkYJX7/OvaH9RP+ZlrMWqQI=,tag:kVPtv7P2ddI6CwKS+j5sQQ==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:+Dix7V3W2iw+ZQTkJijjHZF8/+5yvaAc+piiOxNJxl8=,iv:7LJkzw7Z8El+Z0mRpgm/ifxUGVqeXbJqzTjTa3HV02w=,tag:qcTCombLFFNE+HD6rHRdpQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:EJBD2dVMdEbwX33qr7O2TSohnNg=,iv:U87xArS8E83Rnmtmg3ERCdVSH+MRWwmdwnDih88blGA=,tag:vbRxZVF+wEeLTcL0snIdLQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:VSsxmZwIIJSfObhNoHFyHFo0pNhg3KFVE1irtR6H5sploq80kjJ4lw==,iv:OQPIAf25JmU0HXqDcJDSHHYwSYSnPVOis8zZ8VEHLDo=,tag:Wydw0h9sZBU5msTNAJ1ahw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:rIchd+/zIND2ZXRhmKlO3AhzTFL3gkULANU=,iv:WODtPfp89nEpvOHOIVqZq94v1iC0e2kTQW8JFZlt900=,tag:R6WIom9N2APx8v4ji5SfSA==,type:str] - admin-password: ENC[AES256_GCM,data:fOowOO722BP5U5PX,iv:66eEDRH9tRMyu37p62qnjpEim60//Su96V8smdURbIQ=,tag:jFCV3uEjbXrG0kGpHRhNWg==,type:str] - read-email: ENC[AES256_GCM,data:tXv4gzOSxzf7SWllNNjckl1fiWC5MnWVVA==,iv:YFNiJLdbDC8Se4YuNpDBI3UXCVUDcpZ3bOzJr2cKaa8=,tag:s2inQktAdwGwjuiLHT8xLQ==,type:str] - read-password: ENC[AES256_GCM,data:hbfkYp0XpxLjg76c,iv:rTQpNuZTfNB6Oob14vctc7SewyInph7J2yVXWCRtZZg=,tag:BHbmBUAiKoNaPxIrjRZvTw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:adLPLwHuQqgBgdc60r5dzQ==,iv:WCpGV351HAXE5rJLHCRWsjSeMjOcK/56X5k4WCDieug=,tag:wYrHsR/oCx/ui6b+dzolFA==,type:str] - master-salt: ENC[AES256_GCM,data:ZjPq0h8jhjY=,iv:xGeL+NrrAM+wv7pkbX6ABQqlKGmS7jTjMNAn6XsSaVY=,tag:tYy4+hYwO0+VYr1Yo+w5wQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:BEdu6EIk8u80g3fQ,iv:68Mn+kEEVEvuBV7KMBr3ITgdBX3s5XS6vmWwK1DLAtQ=,tag:3GtW8gjC2oM352LBLww8Tg==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:PitlPfLkq8QkgW62iqu5zxc8CUbVf5zP6ciUMLSbFuokdQHUeSWgN4v4ohQW6BgQdm1v9vomUfrAFnmYM/C75Skg+o6R8x4gjkJHXBu2+8D5DdsUZIEAZZA44eO0irl48JGxiIfLhV2obYwc/kiLDgSTy3Z20HU+z+Idmoctm/KLpu/GbCZZGc/m2TY4N3a3m2xyPd4/R+16PfQZLBMVeYLYasplj2y6uJ0pCUTGfdnqR5g8wfAlexaXY1YT4K1BY0Rs/auuQIlPDDHl1J9sZKD+hg5ou2wBZh3v5StCA7bxCXScEFKQQxTaXomuNnWaeWdfVSKY7iCitt7Qpmubi9ubVUuWb2nfw8l8DLXt8p/WWZCAPqRhEKs+k6YGpuAX+lIS+Knx5FS+F51fSsAEGWrDHJ6bExdqPrRVSRXHYBMWQf4MRIWHm7f7yZ/qm2pFfvri21Y/ceCde2yiVFrBv4QbC3jra4e6S1hJhwOIrzyLxoESDi7IkQyP8KwAloiFHfTReCd8RqQNou1/685bB6PgUKLuMyXLpUqOoFYga8Ot+YJlGIa1CXSne1W0jrOYkimo+0xW1Ec1FbjoEP7j/KRGj8MF8He0QfBI7vejSkuKSHKnlGMqhpnxoYcGWa9u2ZfsG+yOnKkcw2lo3wykOIPelmvXPC5dpK1nlIskQa8ZeoniFyoxO0xr5q8spKX4lJxlKb4c+pmK/SuKK8+9w6g91TszJy3Tndc+N1a6KutHn+k/bg97C5UlcSaxTMyTere+jR0oszyytXlD8MO8CH5fyAYSeBWQ4KTIXz/adrb+6fmT8K2pnQFrkotrs/ihpMX5aaPEqtJzNOPmF+K7IuDCXF8PnPLLmAr4sTVisNp+bMtt6SZuGUTH5IKCd50stgxBzojZSa3LUfWfXt9YYxjQH0i6ew6HL/O7rJyVZ8u1UpoZ5Q9g7o9X4rq+Ym8C4DolnJNBm1agBio87Esgfm2YU9M0483aqP0ppxIaElGHJXAll3RJ+SzrKaQUBXz0WASM3mm6M0LhdYIhZ05pkVI5giY3Bx6JQXCgYmt9xHlBCY5/1shnzQp37COxTuqoml+86HGACw8PGjEXQxeGKgEQJMNfBoc2dwtSuludM61sqCobt2wK8JSHYk7gW1u4ewJkEQEfl0dmG27j5mOZe+BJaBF69awmi6cKhA9yVOazNfyFLQ3MWfgZuL/GiUUYdjmHRwE+m1AYH0uILwqnCxoJuH0Z+GZ5PvK26T+vNF6826DkuxbPuj8ZLFPBWOYLnlbRlFwXJkFaV7bfRDci0LJZskwHmAgZRhNwzbMmY7SjTcxOkzMGPk8zqI+dBWzV8u+MBRikcTg+/QxwShwYXVFALam/oENvM7KLrEDDMs0rDAyRtsjDOMV33/VQUg0Z5bUYcZ9tbXcz3wFG8NI5B3+NgjBIxvB7MYacqrQbKgHIaKuZwxCOObuqiV3JrK8TbVzgrVkQdhk2zU2DRQ+gBF1lDy7/9qzSP6f3/PHWy23M2v0ss6FLyX2O/KMlGTqbqJuK2UTcIfkcovoBBC9MW4RhoWzkE8sP2kpn3kJyIsvjKhh2aeULDVCe1+fTnc1TZHxRQqowyCwVzvZdgSEwcxi6SPCC8twBNqIOt1rjXTEMPNjYD3Khm+JIEHduuZB81UklAYzk7Fr1DnruVhszN25Pb1CkGPHlRMPnb5sEN2wiYXfBjmJnX/5MK53+YTeFe0x3qQfg652/pNtAVKQFcjverhFQVwznCM/MUzVRf9J7Ujoc2/bUadwyR7ugSYk9gTf+nalQU9cqlixUnwqfCpCfQ9iOLx0XW5ycmzvV1/tMndhGCticvCVVydxZJ5rWUEKgYizzAVMt9ojUlejH/tI2D5RweKi9okLC272NweIivTtyrV4NJVxCdRDDhNRANuqIUWHEsaZ6ydmBqvWKFNQhLOFv5ymbZJXa4cKNJCKqo12oOFuqA6KRuBs8IyF7tAAQbwB9LaxknL7RdOO+S0TvDdEwvPaPdvXDSCH6gyAM2mKYuWbFLUjf8TNq6dVpd8Pe4mEelAgMKs96DtfbwGEO+Ltqfj6hdB9cc36jg2wdcTHtfXDZILehuRx6l6hRsxm8Kuk6b+lqkG5GiE/Q03v2VZ+zWtssx/7XHUG/9bCxSiTu8LXhcVjwfJOM69spMV4gRAo4WCNa/wgriJnsy/0ekZHigMag3fH419n+xVCuLk3sJfS0KELdAZOPxxIhK41AObXP0AGmtj6HBhhDi5g3bYLHyoaDbSgn+amauNvwB2RHXbnEzWwXPiXynOrdyyp47/IbdIcm37gP8dWJKmAchOh7pWHdn9Q7ZHqKVZQkG1JkN61RR2UGk/sOpNLTNh/bI67q2cXqqPJIah5bNmrcK/5mKrIyYVEfTCmsT5uSIVhWXexDWCFL3eqRsuYaJjJBEtQl1eL9FLKlfh6YhPAANuk1iXRy3aO4LLbREjfdJnCrVrchsaDLOUMj1Bh24qvRsV+Sn5aGnwzW0gvZ9owbMHJn17Ta6Yqa6tWMcN63tYaGndF6Kl1LxKolXO/5cHv8PP0q5jcutA745fU9OFlq3blWCq9RsfKDaO8pttPLQQgOyQ8g322WaGpsbCPZ+dt1DCkFcfUTsPEqAekansrkATqDQa6Oce8TkNMlqXqgz4RxKLO2jBbnbK5M6iGfDSYZmVdFzX/39LVUQjeL0HcyYLkdlMJVuQpF4wtSrpLCWa9J0YvWXQz+bau6Pj1Rltmo+OneSr1bu3///E1kci9oXaDb4MMt+A0ke66Y+pZHDYWeQ1wXyU6o+ghWLMZ7SM84TsGpOvPRPRbnAQyYwJXaYkRTRZ3GnW3rP40o3xguHmbtMZa7Nmm+Hv+4uuoCG4bx935YMBgMkcUAm77vtohlHU3RdbvcAeY7Vxa4K5HT2j+ztgMMUP3FnaIhggBWvPwwRl6dp29T/jLaqjDFqeDSWH8YIUBHR9xWIqCUUDB2oDTgSWucxLUYf7WgRvFdv98lxZmrfk6coP8fN3p9/Nf//stpvI1yccWydg27Px/A/LkEDWC11lcf5iMsEATKn7VLRbS4/2ckSlw8sCripsJwn0bgsdtE2+D9/peNcNnFMsIbxKT15/oqZpG8S01U+ngEm03GG4t6n54hbozVfrPVZhCsojksaSL7XRTHMzieu0DE7pECt8RzYZP3C212pPjptz8tOAn/BZzLGe7cct10Bs0C2eVpD4Q2uTw1vKHb8lrDndt6H4tXtbICMi10Y0lqThqbFcmIBCoLHI1r3Frnbbj2+Az4TefZc8nYBeXu/+g0RflDTxG8k//i2BnPy0shqU3JF/rzToNFKaQyho7u5Zz2T7MbgLXawE84XDBqE2z7p9yVFPwcwAFS3CYZufvnJbfwkmiuY7b7QB9RAPHbrdGLJKK7c1Owrk+dax8pDHJkaVyStIeLHZXRFiRo+i9V/JJKW7t6AMzBKsP0PMsN75muLTaocxYnx8UxtgaRYsVsuii2jgfC9xpffjlyB9+sr6ftP1bPUjilDhI5KlLkBNBp2Fmr+Tio8lrifOcwJS6Dg3eSCK4ffZ8qyc0avyn1BJpKWqQcvIntk8sRGxHpIMWJawbLjJOP1aJFIpqXZaDponeIs5oudpJEUaqkv/bWWm6QJpBEHbevI+596j9z02TCfEU9r+uPK+9ZDt8Ygu5XRK0bwSkksVGQKgtJCy4WCZh4IJ9nfdVx/u/y1pl+fMOj7+lCr8/zjdPB76pxTunks6+sgOaY8f9OgkV24OXOBzCBE7fVdhwziMXhQBYtL9G2YSJHJt+RJEq46ktvFNDpQFQ1HUhdrSR9uRo0bvJyxpgy930cYTtk3F31XgdPHYpWPW6Pt9rruJkiIAqI7ruqub/D7E/egdB9+iOPKo6FiFR61jzknkd8TDa059BBKK5CuyIhmVmv3W1Mhe32vwJSig48uLNPG8hXOWlcUeMQ7JvHdW6BEhNJgFd5WsbgfihfpxZO92o+jiOuIyIc7lQixn0ee9Tg9kGuEsA8CME3RzDGRvjjhj35sjyCOm/MYCd5kz5rl4i9vMUP9NgYs9QzI0RijMgdurd8QusfhEV68BBSZD9eTStQfR20Qtg9HOhfhU2oa/8NQYNVk1wBGIOPrUlHb3jFW15b2e6HR/AtfTwvjkHMAGPQSC1pr2p6e/qepo3isrWoaA9q9FDuayONXcgEhBwQ/CceiXVrBP029bvxx4ahmXsTJBOj/utaEVH/UGtyDeUqA/lBEJKVXPPBP+1X7ZNIm5Rj+vrJBAsfPGoDtisW9ubrztPayHpzzC38B7KYnFfP,iv:U3A1E8F2hmmcwQfLoSKERyCnN+w68//VoJPCsDpUGt4=,tag:ZVtb6VSriQwezr3dZxIOyw==,type:str] - known-hosts: ENC[AES256_GCM,data:dDydv4YOpiSz6C76RoCqfZN5XgEmJimcVz0huqKx0dXwSOHJ+bF5R5hM/KyPm7Sg4+F+os6e5atOvEUj5NB5xoxodTBwG+hA27bpQW2awvU5lvx+/Kh/rZV5x6fqPVGXo6s0uSAqzhZky79lL6DaIxwEZzItCEQHF7CneK8bCbvw7thDf3vyWddA3j7JBX+aC0mxdBQMQM5nnihWbC3t4uFUpSHfaKE811BsVlcAdYDgCehTNkh9niF8BS/S1cDzfpD6LlQ1siaP72iTVZ4o/mh+gTkKCq9c+5TrjFhVKcdKcXIqHLXlUu1rAhqVN3gHtqWPbNTFHKgi5/rDpeHRYu4GtZD2V4ZDUw+OAsjROk7vHK2EwZvtpvqUcwHAHHAoz9tzAiXoPMA6RGcU7uX6vzu7bI4qt8k/lJClgrhdMgzr5Os/V+aQdY0CZLsR2jYklGxbL8WtsXFrTwY6fn9C+EUbOX3fIlzgtbRVd6WVWVKJCB5ddORsezzlU/NRap5EQlpIgTqZoQ==,iv:fZgH+KQQ7Ws0kc1a9bfmJwreeNosRI+6sGBhUtxP4Mc=,tag:205bT0jw6jFvybSHxpVmuA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:ZEmb8rq/3+7ftQ==,iv:AFRBL1s82DvV827UxQpmolGwZ90tnCSFuqf452gqZXc=,tag:qs+RsgAik3cNVCstCk0vYg==,type:str] - credentials: ENC[AES256_GCM,data:49FtBpaIj7tooTme6ChjQo7DAmZ2JzcnXe/Yf8yMshWINlWeE68NKgOtxl/Cd0+j,iv:vdlvrqW2l/P7qmify7k9HumjrmFsWdrEIgupEh5vgWM=,tag:js0Bzg//ZHMF2HzSbTe4FQ==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:vxTQz+T1FdAh77hullzhIA==,iv:c1QOy/W0hory7eY2gJut13ah+L/+MRBmUOx+pHsaB/o=,tag:5d6yez2BlDInATepU/g4ng==,type:str] - credentials: ENC[AES256_GCM,data:OILKaZ5Vi31dsp08O2Aw0oEIZMcvqBv9Goerpy5BkMkuOTscy+jrJElkZyr0rr/L,iv:bqCkTMi+C03bmc+wbMpOD2xMv+Sm3rUd2xgocY8S71g=,tag:AX7OV6t4kVypmJJEyaurmA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:TOgPnZ4IsqvgxtlrgXpo88TfKd/F8PC4xuiuzA==,iv:GrZr6eCJgU7yK7ZGvmZBO53Vsu7sWlbvLo9s6tZhDKg=,tag:ZEwGYw2SyF82d/lNL0FYlQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:JevZEqel174Hs4x2o4jnXg==,iv:N/uoKvVNAyXTov96BIaItDyGw/V1QKKjj0hHKYKeQR4=,tag:lThDEN/KEJduxXutazAo5g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Q4V0xsNmdw==,iv:8LBipBFW9ufip3fNm74rTPxmshFPMmymbY/T1v8usuU=,tag:yUezHfMwjbu4AnsHWw7LZA==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Zjbee36mmA==,iv:bNl9oxeLOXpVPRkpLf1utGY5TKDY394I64K6Rp9p3NE=,tag:9cr4eCNf9f2KgHnHOMdfHg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:90apSfqXE4NifXvJKZYo,iv:LbBueMvP7Qm7PiLuZok2R9/kolhpL09kIR5waqUtKZA=,tag:onZHluiTO09Jo3X6zMYibQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:ckXbLY/+dMjTN4Wj1AUx6PrsCJSyRNiWHubc5pd75cE=,iv:pFh0jYC1PmR9UIsYpT1n4W7fLdyRC0iJ8ulfbOCGtp4=,tag:Spr3Qz2gjOTQtKJuxgWozw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:XLmU233e,iv:NEGUGlgtoFu0md7oa2KP10U211KanyDmg2KOYjEkdpA=,tag:daoXQvUBz87BgjaoIEuCrg==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:9tPHJsY2baw=,iv:bBClXSM2ccqqOdhy6zqo9AgzjBY6ohS9YA0FERBmHIU=,tag:d2Ml8YxQMRd0e6e/+TGwzw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:26:34Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGvSvNm1t+fcU0Go50+VO9dAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM8yHnoItf9JkZFZ8xAgEQgDvbTLZXtjGqWZVnDNrfku8BBza59Vi8Mq2roczrxz4GMussHujMpAEAbZw1HAh+iWOqFXd1hc9shXR5dw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-04-24T12:37:16Z' - mac: ENC[AES256_GCM,data:T/94EyA13RiB7mZLSbPS8CKGl4T2omHBoVVSydC94OfMAG0SCO6NJvJVwZ/C7CDoKhgJ3vms5BuHC8mccDEJ6MKr2hDyj1ZT1w+W5FnXWF4CoWofqCcaFEeHPqCobwl7Z0u8EwXXYdqV/QQ7I5hKXvbCZhOsSMFSgDldsS9ywZ8=,iv:kMT9XYNH59HUZJZA06YQT5e48YKou/DbMEDcQxClHAM=,tag:Y6Bzfw/J+2S/Wn8HUlluAA==,type:str] - pgp: - - created_at: '2020-11-10T08:26:34Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA9mgzp+QW7TEAQ/+LnFZ2AcA8OiAAt3PyRfWsFUGPx+omftiaFiF2G1GkVYJ - XVS3+l+eI+APKf/r3mpDZCEwFv4vXw3uICWmAjHJwEq63ppqxqrvTIj9TekOM+Ns - txH33/KVxm0r/F3i9i03a85Dsl4darua02+koohUxnlGvlc93GBXau56d32kKJny - yJYrRZjo8fyMcywPwLwpV/TCHiUBSqQduJlERjPEydLtjUJF3eAVJO78vLbhP5A0 - 4QmCK4d7lnQrgY8AZOO93rkVHKZK0nP3NDNVCJysOaenXZW3gUrihm/RwDK+FQ+L - l6eJhAPoEh2DndArWvD5zmp1IT2IPFstZ2jyEa0NuWhTCwjz4viKRPcLL1DaT8z2 - nH9N/iKX0jjSKsoFCl5qBI7bHsVyCq0ZtBQM6Uc59F6ZweN+VC+14he71ZYY+vM9 - XeuM6DD+8lHTv5q81qsnuKFwoNBiJzDuw1t0IUQhFLHPWD/wLhcXmYDeZezglNE0 - P1ItQY97ZXslrT97/FMWm9I9E1WVS8hcy746FJXU87C3rkaq4/RV7W4qhzOlgPyC - /DNUoFnJHgLirHVDWR/XRoR4T3pBhI0sqSpRN35sj5GT56UoVxohOytZcpZH3eGQ - MR0EUav9hOFiVwn8TQ6+LkDliyEWgkxSKQ1uJQEIuqpEgrvgOv1ae5D1rQR+zVLS - XgH8dGbkRmPS9DHP3xeOW6e+aAPpswqd7hKxWCfeiVlIDBmmaHArgsiV9U/H2jqS - bgU+yqePxgqSi1O0KsNMk7Hmi0k9qtAk2PkTIE3RTCE/PJ3g7T9mWai/gmQp408= - =XA05 - -----END PGP MESSAGE----- - fp: AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/bihar-prod.yaml b/deploy-as-code/helm/environments/bihar-prod.yaml deleted file mode 100644 index 05fe04dcf5..0000000000 --- a/deploy-as-code/helm/environments/bihar-prod.yaml +++ /dev/null @@ -1,608 +0,0 @@ -global: - domain: mseva.bihar.gov.in - containerRegistry: asia.gcr.io/digit-egov -cluster-configs: - db: - db-ips: - - ip: 192.168.80.3 - root-ingress: - cert-issuer: letsencrypt-prod - appRoot: common - serviceName: common-screen - configmaps: - egov-config: - data: - sms-enabled: "true" - timezone: Asia/Kolkata - db-url: jdbc:postgresql://db-service.egov:5432/biharprod - bpa-db-url: jdbc:postgresql://db-service.egov:5432/biharbpaprod - db-host: "db-service.egov" - db-name: biharprod - kafka-brokers: kafka-v2.kafka-cluster:9092 - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: http://elasticsearch-client-v1.es-cluster:9200/ - es-host: elasticsearch-client-v1.es-cluster - egov-services-fqdn-name: https://mseva.bihar.gov.in/ - flyway-locations: filesystem:/flyway/sql - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "debug" - domain: mseva.bihar.gov.in - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: bh - s3-assets-bucket: (pb-egov-assets|bihar-uat-assets) - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - bpa-services: http://bpa-services.egov:8080/ - bpa-calculator: http://bpa-calculator.egov:8080/ - egov-edcr: http://egov-edcr.egov:8080/ - - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-rainmaker - # Only for Dev & QA - -egov-localization: - memory_limits: 384Mi - -egov-location: - memory_limits: 512Mi - -# egov-notification-sms: -# sms-provider-url: https://msdgweb.mgov.gov.in/esms/sendsmsrequest -# sms-sender: BHRGOV -# sms-sender-requesttype: POST -# sms-custom-config: "true" - -egov-notification-sms: - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "BHRGOV" - sms-sender-requesttype: "POST" - sms-custom-config: "true" - secure-key: true - sms-extra-req-params: "mtype=N&DR=Y&smsservicetype=singlemsg" - -egov-notification-mail: - mail-port: "25" - -egov-user: - replicas: 2 - heap: -Xmx256m -Xms256m - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "846273" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: bh - decryption-abac-enabled: "false" - -egov-mdms-service: - mdms-path: /work-dir/bihar-mdms-data/data - masters-config-url: file:///work-dir/bihar-mdms-data/data/mdms-masters-config.json - java-args: -Dspring.profiles.active=monitoring - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-mdms-data - branch: master - -egov-indexer: - heap: -Xmx512m -Xms512m - memory_limits: 768Mi - egov-indexer-yaml-repo-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-bpa-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/bpa-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "master" - -pdf-service: - data-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit-low.json" - format-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit-low.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "master" - -egov-searcher: - replicas: 1 - images: - - asia.gcr.io/digit-egov/egov-searcher - search-yaml-path: file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-rainmaker-customization - branch: master - -egov-pg-service: - axis: false - ccavenue: true - ccavenue-redirect-access-code: AVJF90HC92AK16FJKA - ccavenue-status-access-code: AVJF90HC92AK16FJKA - ccavenue-url: https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://api.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://mseva.bihar.gov.in/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://mseva.bihar.gov.in/pg-service/transaction/v1/_redirect - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: BH-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - - -egf-master: - db-url: "jdbc:postgresql://db-service.egov:5432/biharprod" - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -nginx-ingress: - controller: - replicas: 1 - default-backend-service: egov/nginx - namespace: egov - cert-issuer: letsencrypt-staging - ssl-protocols: TLSv1.2 TLSv1.3 - ssl-ciphers: EECDH+AESGCM:EDH+AESGCM - ssl-ecdh-curve: secp384r1 - service: - type: NodePort - externalTrafficPolicy: Cluster - nodePorts: - http: 32080 - https: 32443 - proxy-protocol: - lb-ip: 192.168.80.4 - -cert-manager: - email: nithin.dv@egovernments.org - images: - - quay.io/jetstack/cert-manager-controller:v0.10.1 - namespace: egov - -git-sync: - ssh: yWDnop6OESC1f6u1HUaDdhfpcukYviftE8G1BhK3ihsNXMkWvNK2LInRgr23Z69NZYSC3NfvGe6DOlX16hivEq4fZBDgc1TMNwTBihZSo6SCRY/KiMDbiB8WFo1ajwb1xiUYgmbNDvM38ieTkSCBGiBJlEkrC5bN+LUqjiFpsY8szAgoKkERuourrc9huKPaT9kPyN4yJ8cDrcikw0B6LPUbv+r+z86HWFFBxaYtigQsqnfbdnSGAVSCFSndDm0KT8srOGt8acXgkR7MlOEDrVrsGtCzPWFKETa0dUNfxRGuFJQ+2daJZgG9i9Hg9kmWLNKvh906/iIKCQVPdfaVQnQ1thy0qbVXuipC59RUQY9/b80jdOcR8Wf0yYATWCe/94E0azWDbMk6/IZJ+T/mkk0jWMikjESSmWFpsHN1kX83cJIsy/6e0Zg4f0pKcmc1kIkoWAHyDyPkriVb1E90zO2vCIAvgFxJHxQJfZ6Y32eyEJGTcmtImV52VlYfPXnMfDFHevUxk81ayvoZFD6LAV8rxOyQJ6Zd9QtyJtpV7spt0IDJAGAPFPBI9RTpICpWwwaB1jCcGYm0qcoDK/XzbtVk7ClKFZprszD96nnIOfclwq6hP+jHKlwoil0P0h+aLHF41CHDAQx3hqe+UlJF3DlB9Uz8kEIzRL7vZksiaIUk/WWRYnRlDhsmZRfzGnYRuIgg+beFDL2syxVZzLLnv04z2pHAMafV60kKPeLLSsQ1H4dQVGOwcWEJeoePvCuZfiFUkn2RNCnfWX4uU6flXSLpdLZ5s/b7E+xvIyYgLV2Fk57zvFlEbBjI+M73vxo/9BpY2djvUKlL/XOQMyb94clnOFUXcqtjiL3OhespWRXl3sIGVtiYQ8rcDgCPCn4LFtJoPhGzmkvG3ZHYi1p7u0UNqyBEUX+hbeL8e9Nz5PG/7tDO6ZszAyFuN2iu7Cib42zSsPvWhOdjaUmSZ8zJexK1RFoVm2aRJcRVWQm7Ef5yWXja44GhOmDyQ0eyBp2NjdpEUul4Fj25qVoMzXq495vomm+zXvg8WUMsjgm8J0Bcy6sBi+9EIFyJylqYULD67LQ5Av7BNJ9vcaMxX4t/PpACkJBy/9uGlOkmNiL2BfRkSuCQNyfFicalTVDT9BNMOy9wr+u5yaw9nF3l7ViTRrsN2H2ZNjXwQl64cD1rQKWpOs8p+ltkljZfWEzhuXaslLXFligEBJqC1TAaOsgGcwLLGiFBIKw3jcrqbeP+YzvpAa/jT6ooHeaya+92RNd9Ipa8lpcwPZrV+0+jjk3m5m+v2a3SISfRGJV6Y+DRU9l/lIrAnfXHERVr822Y2rWyJlptE00B+rvCXWR498yMv3UZnxxXpo2C/0Db1K5JBxAmw8IJLgQ9EL8jTwH3sf/UimcEkwZ8OdYjR0O1Ei5OcMtQJS464hUcqU0DaGS6PbukPjvHg3Mxn16ayeRI9JOwj0fGE10NnxZHv5oBc15qu78o+B7h8bAIVPeDNaRJEwVBafeGH2C4cORTunwAerUS+b194naNDEgXB+H8Kt+lFhlQcGOmzkBHo0MXwGY0UWd388dCUYmSeuXu8SFyD1/EqvbELUTcM+IP/s+SKpprbSZxBgC8hYtt8AoDkCNvPvgctUpJ+rdfTplqNhrCD4mkqs1cbuXA8IOclimUHYcu5ZlzPbop+x/f+EB2SL9oe5p+ZrwHoR9UHsxXfmYKCHjxddGbsrtxgAEtH9JKoWR5zESjt0Mhh2rkPYU47OY6AkEsGYODV5NaOGDVNdT0iKUo0AGEgxBho/9g0phbtETkPMiGqXngEBQ5IHzcJgwW1vhvi6FJ5V2Bq6wktNtmq+RwfP9cfiiplp/wdoXSv/vJbOmista8uAcfO50TjLiC3aXWbk9yYlbKLQn5E4cKfOcq88F0ppN0qN9xDvptfvnpoVyfrK1WVP78X/UNd4v5HupL0ID42slEhjcpB4kpLbQ6CMeUJwvUk08GX5i0AzNtKBUjA73I2vnR+s7GGrN/NGeH8RZb0kD6kLlhEm46hsyuCuWUgHasuj5U7FemwpkPqTyxWRn3vZPfxmjVP2ieEReaBaD4BrEUWqH4Mi9aVZV5XK2+ZhmwK+ge6MVpxS/B+2L78W/obzlAXr7aABW78FFch6l8yL5SAhJa6SDu8Bs2hUkzVFTGrHTeSTEE0MCqaYAfwr2XvzgFsrfXRbtJt7wrUCRErGtchvFxpDvmiXBi6g1CRpXZOG9/OENlNqJGpy9UWD90ohrBfPvwd0s9mDSkhVTKbVmwovqcwZ4ExvSp9lSPW+T4APtIIG5EreZ0uQSvWsIdU1gQuPW0kWBHFti003Dsg/J4Tt+M9RzjrzfhsxKX9MuC8IAdnrgH71Ye6Gzkf/SlDMHppUhANY8RCIho30Q8RYJlQkGaOoGxaQ4foIvhZwm0vZukQwJj63s5jDF+I+m2LTTMSsN3Y0PyjmT/4K7veq+hVqN7Mf3PqS8mXpiR23P5FgnriWYDLD1RM7QihOLTFIp37T1oWwj04VTiqD7cTfw2cTDmqIFP53sreAwzstC7ggjk5XC0X9W9zFQX5KmWE+1Po+DAouGm+fDj19p3V4wQ19qH0FQfAfUP0tDROiGpAS8iB1XI4FGJjsYEPh0D2XXP3ssGfKUfAvr/cRsjv7x7+5/nGhKZCWdIxlG2j7s5qo4fT7TIfr8pmhhXDQq8gwDFQpiFpNc2/isOv4bnW9V+oh/300KFmyk+N/1ALyaUla2lcgKarguqxxOmB9TjylceWrPUGSXtgI/w5CAumxzc3uTpkEFC09zu0kc87zUwQCkW0bvy2PXsPVp2dDj/s7XRfzC7EPX0T3beeNuYyedr+WQkhtk+4W+4ub/59VFA2ypuZNmTDnd0vhLckaAO7rJ4Me9Z/09PnkhpRBPHMel1JeiPaf2Toh5ZP6O/ys/2TTqrcTI0YrJIZmFpqs9d/RK55veVSmx/sKCdNrpbFHCsKMlGCTDHCflxaO8i7Zc3glvRus/5pECIllVmZJRFtMa0j67mtLkotdWT73GFAnLriCtSkSqa14Aqm2C79tj+m48HsRPG8P37xvFPenJfCMwOCEGK7sTzMfvufvTSK3kHc3NYcUrlFVut/rQuy5Z8OpcJ9NGKgdQxEhRIJYAPDdaTToVqiyPxFqGcMzlr/yI+AsFh7THQob5BKZMH5KsGVDu6vlgBz7626EeXxmrllqOqTfxLLiBgempp4WyX+cLbGn5Oif6eTLg3sz+GMxtNH/2qg0W+jFCmWDppGDb57wlYmYLiT1D1LAbbs/GuDYlQT18DaVMZkXzcAf+7wYNscxQx9gOtLfuRw+/5lfisuY507i7fv88kd659FAJq0M9hjYfOiJkW+p/kJpS4brD8Z2cJwVYpZMPf4SexjMJGi7ElIO/9D9b1Cq6mk4e1F6XOkl8ZaQQhfK4zpHVe054y2juM4Dm5ANJpxQTSN+nfk2wwwZKF689ul/4DZgN9UhCu7SIQ8gKOKbLbk9pw7JQlqZhn5cwMsVuy/sRUAShWuxE8YExlScNag0OLtFscz5nFQOpQf0Y5ehia/mQTpV3WWvhf3pswpFhssMoFsjiv/tAFDugTYj6H6EpNCF6VM0sxqgCOp7cRaDFdC1ExOT2mRBQSgUJHCI4x66OV4/9jGqnhlXbDdfRD1aas+rmwVLNMBNVosjrZDF2SMPgRnbQtDS1KojeduVJVbsEVgHEB6TWUtAclIpod655WsFHfZ1cTaGT5vsq0CI4SP63UsK7sdla9Z22qWVuzb+NmGljzCKFfaty2t509g4qkCyw1xA8fGte+Vp43NxaNsV5V2w0lr6jE5d/OpTQA+xznCkGOX/DPHyJwnxM+c+YQ9/UQOwbFrk/6akEkFW6/U8O4+Culn8j+um/fdPMRgosD5Gj/GHGTmHuCFbavHS9ALwV71J7swqX00PUO6j1+Zpqn9cjL8IqHGiWYDubKBZ7Zzo57SjyyspBxCaK/XXJ+FkGVsM+8h24WtcgIVCFTFmfMyc0CI+pe1TJhfc1RZLWU2Az8QxEUF00ROAJGNGOTg04bPKdfmvTGZQIm5D9RuQVCSk5XdIrxUQlJyP/LbgQG87xhGm3EUw/HZCRgi604uDpUAPv5hIJKlHqT2Yd61hlM1KxL1y/6qz5yhkbLHAN/l5vDx4/UdOqhk4Kmo7GoyustiUlOe3n+3h/sLntJqoPleE/uhTa/Mg10h+tIUPNe0b9V/OHFoRbCw/ppsWQKz1vqX5nT+haVxw2g9SbRYfNUhccZhZPIupxoe7/46zRbuXoQhfHbDKTqbu2oJt02RYsp+ic6cg5hEJtw4LE2Homwr9nwr0uL46lGZ20fmu4ylmwXTpizBjJvS1KA441MOMqj5rwPx8IQF6HqCiuJdF0kiMxvW7ACeGIIRk5J7HfOSBzvziTAmwgcn6AUicqGmR+AOVkHf+PdTmwxuqY/dCbm5k16Q7IXpE+jWEmAHZXXaMVUXIy9wXpZ93Wc8vjj3cdJMs5yiNdwgzgc4AIaMxRsIbRR6fPHFRstuHNDkWG9pQT/wBCNmvcP5P9rxKhhCdCNhGDTJo4/NjiCMVPqNQyteVSKyP+kYNeyo1SGPcb5X5d8yLC9vJ/ApXo/Ive0bGbKphEVCJ8iZxWlTy4gqndTYdjen8F5NqToIqKJmNniaT/B5mlGFe7RVOznRNBiQPukFhCIYNWSONbIsyWvsRf1vZ/3KSRrP3I7KdufqMSiGp8NJTYhxBJKIBKX3n3XRYgjr5+g/qeP0U0tw7x7ZcNx6KBZRpyudf2OGlxLAWWnqMTe5jVihk73Plex1ZkG8oGEr09wakJL0JBH2JI/iAVbdYj3Jzuy9+yah7X+wzoZoZB+tMWDZScJNuwTf06OZv+zcnK/Xnmwt29n6igZppH3yqjPRW9d6TkcgWNsXU9ByB6iall6YWmkKWqerUFFja6VcUayAS7IN43WZhmNdPOWfQvxetjegXfKCKLaEqG0CzDGyTXVel6e9ZICpeW0qx8Sq2CD2vSSfUiEcmieRsv744dcW+mLynwA21iaF99XjuA2oe0nKblH6YQFAJEHtmTH7u1iD9sAjXsKdlYChOKuJ5a4zknheUJahIQcW7aU1nZcFKP+QdSKqXaciY9s41Y/XHURT6RXWCjRgfF6dOHZLA5/8vkNH5nNZGYIRWi1iq4D4rVfivvwCGLLuzffYZOtBSt11S6UZuEL3A3uX0riJwpLpP5vNafm60GmeABcGGGUxPnPj2PTd0xur7l41nnXT9XW5SL6Ki2v6Xf8if29IT/C0J/3oWIqBgBT/WF1+dbk7huLpdDvBj+e5Mb+D6szCS0QYZa6CViuPFGm2zJGUBrIuzfN96tQ2hpXBUCr9nuinXluxIVdoH+bCWsdUg5QxvrLSQ9TBH+OG536YzC7UVBOOCI7hwPCOzr9c46++U5bq/vQ9PxU91USyyazfdJQ4A43JgXysMEwmDiZrR9eXpPa42+rR3fmjffPt8LTOHvYN8dGtvm3mqunFVSZ2736tQ7mTSL0Bx5fRzto5edpGsnqCVclOAuRUxFOr5TcUm/TxC6yJwVH3pLEu8K4XKkE3fKrZ8Iu2N2vxn3UBKcbQ2xngFt5Qm+0ckRXT7kKwi4w2BsXnifx/H8vHMFZqOe2wgGOSpcnN+RxojS3GvtcgJhcQ+2Be19z3d3ObSorOIwS9ZRXhUB3RpgjEOTA+5fgypUm36BGCA7OqeSZd8KsxjuddBZaZnpla04trg== - known-hosts: KLnFDDe5U9chjb87SQYJOs3A7qRVdaWGoG/JoPXcIW0Na5KVgYfe0FSEzfQXvb/Cl+GnX8j7PP5rE7t4qg6sXXdjDuZ3A4o9JLfFYtvA31oSShnADAsB25Ren2wIevF3rUo5P58StjcdzZtb7Z12cAWErCPlfohHsTWPX0/WN4XaHmSSEqhNUFoCUG2pn/+hsifHvGlVsFfj09K/IySE7iLRaniPbVc1zpKkgABeBiLb6I7OA93z8NaMQ6BkbOEQWLu+p7ibHQ54hNPGtonHZ0chmbpXEwpwdb0iOrx+R/6ggBkeAfTnznZFCLJMpjUF1golIEEPf6Ckt2vjtGuTiFHRBhOpsSKyXf1GU9yB4wbfQdAgJNqZVdZtjqvVHriEdGoMPKnPgxYfAPDMKYx/mTR4WX8cSystrC6tSM2UzR3bi5RvhEX7OEaB1ysRakSjwWVBKlTa5jvAdKEXKYDaDRKxPvWNewGtzYncmNV/puOa0ni9L/9NUxFp3HVRf8mKllRnCZH5nyLfvaMew14W2GMqI2Kg1TtPS8NY6MHQH9cRm7cyN98fo/Nbu7WHyp0X5A2OVffu0g3n5W0dEImUfbmDOddNAXed5A7p2oOH29/NcbYUTxs9UY5pO+lurvG5ZVtzbaEe+iRug6l81gQAwBNfKInUToGVNVaQ5Ano6sof6vBBcJaTGCWJdZI47G89 - image: k8s.gcr.io/git-sync:v3.1.1 - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: -Xmx704m -Xms512m - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: /user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/pg-service/transaction/v1/_redirect - egov-mixed-mode-endpoints-whitelist: /pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill - - - -collection-services: - receiptnumber-servicebased: "false" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - - -report: - tracing-enabled: "true" - report-locationsfile-path: file:///work-dir/bihar-rainmaker-customization/configs/reports/report.config - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-rainmaker-customization - branch: master - -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: open,assigned,rejected,resolved - -pt-calculator-v2: - logging-level: DEBUG - -tl-services: - heap: -Xmx128m -Xms64m - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL] - tl-license-num-format: BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN] - egov-location-hierarchytypecode: ADMIN - tl-search-default-limit: 50 - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-workflow-v2: - logging-level: DEBUG - java-args: -Dspring.profiles.active=monitoring - heap: -Xmx192m -Xms192m - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: -Xmx192m -Xms192m - employee-applink: https://mseva.bihar.gov.in/employee/user/login - - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - zookeeper-connect: zookeeper-v2.zookeeper-cluster:2181 - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - -logging-config: - es-host: elasticsearch-client-infra-v1.es-cluster-infra:9200 - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -redis: - replicas: 1 - images: - - asia.gcr.io/digit-egov/redis:3.2 - -playground: - replicas: 1 - images: - - asia.gcr.io/digit-egov/playground:1.0 - -pgadmin: - images: - - asia.gcr.io/digit-egov/pgadmin:v4.1.1 - -pgadmin-config: - host: "db-service.egov" - db-admin-username: bihar_admin - db-read-username: bihar_readonly - port: "5432" - env: QA - maintenance-db-name: egov_qa_db - admin-email: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfDuQoLfCnKPm5GKw/Pgl0D1VcHGXxblruwkv8iUziC5VSPFLgDEgjn+1vscsbE4MA== - read-email: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51frJ/am+/tF0yDpOlU7xGWD9kb4xhcEgseyNPT2/zSJg== - - -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: bh - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - asia.gcr.io/digit-egov/kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2 - heap: -Xms704M -Xmx704M - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: 50Gi - openstack: - - "d6152f4b-b727-4779-902e-2295f1dc1962" - - "d79f8cd9-c3af-47af-9880-7df25a66625b" - - "075107cf-8968-4841-b993-20dc13bfc880" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -es-master-v1: - replicas: 3 - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - storage-size: 2Gi - openstack: - - "961644d1-5234-481b-8292-38b55aee90fa" - - "2bd63da9-3f60-4939-a00a-be3392bc4691" - - "105c2759-0b4b-4722-9fb7-48f73baa1006" - network-host: "_eth0:ipv4_" - -es-master-infra-v1: - replicas: 3 - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - storage-size: 2Gi - openstack: - - "d3749209-496b-4529-8be2-6026f4bb4b8c" - - "8effd81f-6aed-4d3f-9ddf-30eeeb1b4837" - - "d6c2794c-96d4-4d08-8147-f60130f2ba0b" - network-host: "_eth0:ipv4_" - -es-data-infra-v1: - replicas: 3 - storage-size: 50Gi - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - openstack: - - "8699c2e4-82bc-40fa-b85f-2884ebf3fdf0" - - "71714cec-4f3e-43a1-b3e7-d07fab98a444" - - "68490d48-b5c7-476c-bd4a-082da383fb51" - network-host: "_eth0:ipv4_" - -es-client-infra-v1: - replicas: 1 - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - network-host: "_eth0:ipv4_" - - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2-infra: - replicas: 3 - images: - - asia.gcr.io/digit-egov/kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - openstack: - - "bbf9382a-cd8e-465c-bdbb-456f0b4a8a74" - - "9af163cc-ce30-483d-821f-75cc15ae6bbe" - - "97467c85-7f7f-4d8c-8f5f-f52c69345df7" - # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: egov-services-logs - egov-infra-log-topic: egov-infra-logs - # zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - asia.gcr.io/digit-egov/zookeeper:5.2.2 - zookeeper-servers: zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888 - heap: -Xms256M -Xmx256M - storage-size: 5Gi - openstack: - - "de99683c-2435-4c38-b864-897d8e84d086" - - "4a44cbd1-0823-42ea-b317-5bee930127f9" - - "1337f8ea-23aa-4b45-adc9-744789dbc046" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< # kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - nithindv/cp-kafka-connect - heap: -Xms512M -Xmx512M - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - shards: "4" - es-replicas: "0" - storage-size: 25Gi - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - openstack: - - "ad5ae563-49f8-40e3-bd26-a1ce3f920a4b" - - "0c65da70-b013-4f10-9e78-7fcc34314122" - - "c3d38e49-362f-4ad3-9fcd-35a3027ea2e3" - network-host: _eth0:ipv4_ - -es-client-v1: - replicas: 1 - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - network-host: _eth0:ipv4_ - -es-master-v1: - replicas: 3 - images: - - asia.gcr.io/digit-egov/elasticsearch:6.4.2 - storage-size: 2Gi - openstack: - - "961644d1-5234-481b-8292-38b55aee90fa" - - "2bd63da9-3f60-4939-a00a-be3392bc4691" - - "105c2759-0b4b-4722-9fb7-48f73baa1006" - network-host: _eth0:ipv4_ - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: http://elasticsearch-client-v1:9200 - external_port: 5601 - server-basepath: /kibana - credentials: qkp0ODShiI000hMgQUNEdfZtA1eTG2iNKp3ayXeISMTnJ2E0Ue2i6Jwiy3mzFtKt/aG4sZAQZtIpeI864kB/qQ== - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: http://elasticsearch-client-infra-v1:9200 - external_port: 5601 - server-basepath: /kibana-infra - credentials: qkp0ODShiI000hMgQUNEdfZtA1eTG2iNKp3ayXeISMTnJ2E0Ue2i6Jwiy3mzFtKt/aG4sZAQZtIpeI864kB/qQ== - - -es-curator: - schedule: 45 18 * * * - images: - - bobrik/curator:5.6.0 - es-host: elasticsearch-client-v1.es-cluster - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=bihar.gov.in - tenant.mseva.bihar.gov.in=state - client.id=Bihar - tenant.sonpur.bihar.gov.in=sonpur - tenant.hajipur.bihar.gov.in=hajipur - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - -# eGov-eDCR Mdms integration -microservice: - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - mdms.enable=false - mdms.host=http://egov-mdms-service.egov:8080/ - mdms.searchurl=egov-mdms-service/v1/_search diff --git a/deploy-as-code/helm/environments/bihar-uat-secrets.yaml b/deploy-as-code/helm/environments/bihar-uat-secrets.yaml deleted file mode 100644 index 8b25689cce..0000000000 --- a/deploy-as-code/helm/environments/bihar-uat-secrets.yaml +++ /dev/null @@ -1,76 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:34ZTlOu2yvh2TmTdItueRTHgpjagPpxWvhTQyDQDKEOb3IT4HI8L8hu+XwP3NlEbpg==,iv:PhWMRD1cPmnekIPDYr4bF6gxdJoWXKOoDq6QUiSNUS4=,tag:+gMiJZuktPX5kzS8w8i6TQ==,type:str] - password: ENC[AES256_GCM,data:t40VdnWAlj0d+V9W21ZC8w==,iv:hkOcE5q6qI+eHtODuO/0XmZiBUDw711uRj8U6taRatY=,tag:aZyHHtddhxi3dhTYUdxD+A==,type:str] - flywayUsername: ENC[AES256_GCM,data:vLYpsZWrxZifZUlHjQN/1PSSe5uJmsCQyd8kqWWi2vGjBFdBX7EPpbvu5yd/4yqvAw==,iv:HnJRkRCQRczX0RGs7E3U0F+qAb2XPEWwBXXOPY7SjUk=,tag:1jbObnvZtAnrL2w+avK5NA==,type:str] - flywayPassword: ENC[AES256_GCM,data:VlenHxan+hwQIIvM2dS//A==,iv:ePcgu6p04ofc0EmMwgLzn9NX7t1q4ScezVsmtL+dmJg=,tag:BpS9hFkmtdb0UvzlVkvlzQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:ifKTuyzAmsnchbF/e1VwcLUzZ98=,iv:PjMTKCHUC/CrYQjKcZ9s4cTPakNNVg+ly7oGFLvU60w=,tag:0K6L1LhNg3S7+mQxKmrLUg==,type:str] - password: ENC[AES256_GCM,data:J1tnzlJZpjS3,iv:6NErNbZkfyZAvqOs+dkNKdRXMxaOTuEMZI1sKtL/PHA=,tag:uxezcN7XEfPm/p7542Lmeg==,type:str] - secure-key: ENC[AES256_GCM,data:TcwgeGkuDc2w7nWqTJ5Bc8WBZl7kuuTBs9hp9lX3F55zVpbl,iv:FMwb95xmUfHNQhIZJcNd5LF6V4DX9eC4Z0Wrme8zxGc=,tag:hzCSlfg38oABV1fPup7dPQ==,type:str] - egov-pg-service: - ccavenue-merchant-id: ENC[AES256_GCM,data:Ok7561+P,iv:GgW9q9Mqaffh2BWpNH3SW3hDNdcVbL95N6sVaDBGABc=,tag:lqGUl2HKYkh9j9H8KwC3/g==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:r3cxoWKTrK8GjM8AJ1kxg6tI34JLz5mZNN/1EpnNUxk=,iv:DOPCZXDVL0PfOzFFgDutf/0D7IiFXeSfXo8wYDlkWl4=,tag:176fAKaPFmHCI3LaD4y/Xw==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:gGB4xrLMT+keScR/ziSRr/BDTXt8WCZnH1aXRFEqdWY=,iv:wH05qR2PNFgBEIEFmIc8W5YgoPzpe1/a6EKDadd8f1M=,tag:rwuT0/ne8YIxpAOFVkQgiQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:jsWHggb2yozjNVx84+Jba+BczPcM,iv:aDrJkXEOOo6qeaLETx48wcKZnHCy6LN1KsjCpKNPhJI=,tag:lRMlKMtJBNp7DL1kvsxPTA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:B+D5Z4msZVGQgQ==,iv:zsR1X13krxNVAudi+vWdpNgYJ/KzW/7VMNNXFr2o4SY=,tag:8U0wOS5jQ9Z4k0F4MwTJOw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:jRgkOpsxNUDMBqY/EDTyR8Vu1O4=,iv:mm8jcTYODjEvy7y/JC/eVCCRPimGjVkFAxEPZy3XgiA=,tag:ON2ovdbxYiqPxjN0h2gwVw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:Ns8Su7aqE3qhfhO95dcx7NFlvsR+Cm4YRiq/TjyNnuZBlKYjh+QCuA==,iv:Hz/TDIoqPRH/XGC7wn1eAjf/NYrEG9drX98+2ojXjRg=,tag:v00lB79Rzzv+UYvYN0y1cQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:d8N9EPBhaZ1DYfriAV+owD16cojAf7GH02eu52JT6vZ4iHw5Ejxr,iv:MBO8V98swJZAD6yEEYK+l2YVonTxv1mfvrgjh4f1BmQ=,tag:sFzlkSIyida8Sifpnk7X9w==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:ZdeBM9/cERe4Ct1j/2HlUQdNKuWoPV2zwaQ=,iv:MRkkCaO1L6OCMnonWvZUgWp/xAsNRqrtVMlDBiyl2js=,tag:heaoENYi+DmSQtyu7aIBTw==,type:str] - admin-password: ENC[AES256_GCM,data:QsS+2wkTdYlb3WCy,iv:S+omtkgCGzJxKGnfXAhOOzZI3NNakbXfv9GChR7/m6I=,tag:3irnlyZDHSMWtxP3IYgbXQ==,type:str] - read-email: ENC[AES256_GCM,data:MeP9p2ksIeEflMI4NeUT/gxjW0mtecazNQ==,iv:11xY9q8bZwjprHbj8ElZzcocU0DUAbgCMH3AKei4Wb8=,tag:IvzYbAtRLzdE/oEwoEotZg==,type:str] - read-password: ENC[AES256_GCM,data:A310MUvUFlqMPzBD,iv:c67yUXcdxJQ16Wf/sLqWyA12VAUN+7TQWQwkeZeKmWQ=,tag:GzXLYum3L6K1A2ZU+iIWjw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:RyWte/FthF/F0yLtlhcamg==,iv:eBuZfQDhVAtSBwmM19hAL1/0b6nVngdZeVXR/+eipbs=,tag:8V1QlaE/HCml0wY2+66B5g==,type:str] - master-salt: ENC[AES256_GCM,data:q4tVtb16S88=,iv:w5dimZGa0IUcqE2Rn8+BgDGzQaIK0qoMsV3teNnsOIQ=,tag:UcMv/GDnNQbXTgj7W9NgFg==,type:str] - master-initialvector: ENC[AES256_GCM,data:4nhD9Ha4CbRDDKD4,iv:vheUsnw99397soWHMA2omBEr9vFq7hIPnly4o+RE7mw=,tag:DnqRgmb/bvEdm858mj2Gbw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:4mgFtDsZ5cht/yeH0U+uMw8PMENLx7DUbvE2p4JURFDpA5GjxUIQUKKcCHraxIpsXFybUQ2UZEWpJ+Z/chGmZlPxxCiistLaDTxSS9nmoyGn2INIr8gMiOrPduiZgMEq1Z/eL5gXz+NCrzjinsJnuvQJd3QeuztzZIRD0iZZVm89KhSWn3zxFOMrNTgt18YySVL9yhA2Yhs0tPwopBQ6eAokIAECbA3JIQhV6thI8NzxvjDtUyTgofdwsXIxygY0jFKOOqa4aF8cFCkKlRcrxe87CqcDk6ae34b9fklKALT984G+m0+ULzcCB2D3qfl5+llQ6g5+efjOycMwyYExdOtgPu40h60N0g/fL7MbUJMIn+C1PfzJC2ACEJnL5pc9iLc5seVYSTrhB3DCjWoH02cbOSh3eTZ5KWVloOHrqu0noICx0Z8l7zCt6JIR0clxyvJqt+A6wLr7puvQyD2Xuh78xTJzmeAIf2XdmYv2lT91IwtApTmOh/008iz5y+44zFZMKNnRCTgAT8nNl+caN8kr50ow9ck93eFMWVgoFg42/g1ktRgh2K+iccvOjqhRHcGDL3cm7As+up8vYUaTOjL74KozGyxZZEWRTV5A13+Qlm0UWE6sH41NVC7D1Ztf+KOZEZa/xx67KGrXlP5zUyQOwj4q4kPbT83tYS7IxtHAzFeECPZktlCw8SqVxT2oYuI8Cm0Mieddg08Y1V/azjonIKIK4vqcLkV6sVMXhzCAzejwu8rJ/U/0rzSQkjUsnrcnmBb0q3swuqm3hCVAqijBusyNV6NKXHrnhmJOdh8E4nTCk9YOcnU1yqoz7Ean2athpCnYOP2MGrkDr7OMWvQbgAjxaMe+3P/o8X7AUq3S/mkPS9NYLGq/ePXg8ZxBC/9sdl6I8wlwgqiJR2XLGTJDJ4ipeLF6NaWoxAArEOKs2npHNNLSdJqDK2mDIr4a0b0d79NtOvNuO6rH0w3VBn7M/lmJEO2Av2b7r9VjV1e3lWaO3g38wq25V6/a1KDj3rLjEGDjoiXbqXAW5TGkPtdXfyWHAyBOkEQYqkb4Xp77JH2HL5lDpE+t+AC6PW2720mYBP9whNwtDZkvv5wO8gl+ppTzVGD7Sm0B5YjWjYyr7aPL+C36L6+Gu7h76DHkqjC52fPJMyqtRIvqYSm18Blo2FQEI1Fu05ba2oBKyoM+UPIh/7OhYHOBNBJ2HwPuJzVWmnu2PhzD2r4cS4rvrBsx60pgr0Vk1IXbou6ja0VY2bcsYkrTsrlHwfkhrqEmbeGOjQaZs9cIcYUp40AwqZehw7rZtkd1DzWteHrUL4e0XiXgwtqI3OWaoWaAnooES7v2h8uoaJfnIiYNffPsaH3TVJRC3pFNzpzyCb6GI6T2ZKgnVJUzTXjo4uDKCRqHn81nDreCp03qZmQmjTmMerk6eDq/jAn9lvsWlw3hldxFO7lbiGXpyWgz7RmXzShhfNJMWNMOy9RV9f67FNSdWUphkeIR8u5IOZle6xhw5AkIOwSUeCrz8WZJgwLeoDBI4b8MB5fsRje3EDBGmtfirtSQ2VoRiPoBXmR6ARO5lA0oeiJole/U9kjt2c40XqVJ5ostHOl4Tk5UY9urIMrntoa8Yeo+6NkAqb5Bgwy92l+SsU7MukZ4O6Es0tmoWvEdUOPlWNagTXooItiTHfIDoGzlxd9hGfcNYQfbsCme6tSWGSviXzPsYXehw4Jez/kghbZuroaT9WppWGpEmREU6+peIlrxCeRGIbrGQVmVZ172AZXUakXmNkQsgKR1ihEfycBzQ774zpMq3HDjuWr2b5TRF5fEziDZOxutZHgx/AKUZtXOJIddi4N0eiIUqG1Ydy+z3CQu6OCDzcHzeu+uVLcyB3Lmw2QEgDsD7Qo7/XNrwN4Eopj2YbjLSXJ60UoCBZtH7oYdnHyjFsdJ63ibWcfyweZO9LwTDyydGBeJ76GXtaeW7gziq0I13SWD2LeYHXzq0CSEp+ifHt+R9F9366Z0VVIuMTjc31t3gYT1BywqtBP0Uv5JdkqFlZs/KrlTRbwn/NPzQMHzcCutHyKgS6LfM8FVryENqep5/9DHY+mT5VNDf89/r1on0h3ASaJKbExM+m+VTGhCWFgo5wXrRQsWsGdI2I9Fk5IvjH0zbIdjbl3Ch+ql60wZCj6K0Hl7xKkniioK+rnLqxOipOkhQ4/r08pcbQqL2+NJRE5MC5wBzHjNKKq/kpHLBVv1Z3wavypWadgoDB9KVerZzQAhPERIZ7gBHq58Ijmzu/ELIX7EzJWkGp1g2qwzbotDumax82QBkmuzcRuIuobUr38yZAmsY8rmEVaddjSoVhnn/egIiMMI7KnxRbxLWocN6Sti3Jcbri4eQSrNYaLG1CNnp3cBPr+EWKt9Z53FN8KDI6lHXPaC/4HeaBaPk9nNqZHv1LKn0vbiiKGwxWALNhmKDFiVX0doJLRom5J0dZS7BbugzCR8JUKSXRiyel85wlcX4/x8K8cm9wMT5XIe19pUiYFQlIlIgCzGJVryB+yV8kYRolgqo8Q/YAO1UWHMcYM/lnslzHyN4Wm6fkTHG7ZqcA2W+jDV8H6PGdgt22HSRP/dRUv6iA57tLPz3igzdhwAvm+z/68zDa4/ZAxiXiefAANgOzYKXw0+uPIsmc7DA1sfVZlyR4YguAY/NgSpc9X7ja5HQnm22WX6lhqlfKHxeAMZhFJYaU5Q3xNPf5pZ6qMlHL40MDRs111i5PlAwqlek+FkiWsOu0UjbRFHKNFNXu8RA2c03bK5KT6ucanIlJ2fS+eHyUi454lICOPQJPY7UJebKYzJbvhgpKYfifff36b4nzbfcLRFpOA3kwHt4w/YaCHcmUbXXBlFsGkEkTPHMEtAYAZ29qCd1ze4FZWPBOAShB1kpUHZJEWZdi/1yosUHMwtKi4N6atXHNbqdnwPkq9YLIyUXDuxEY4hpJrLAaQn3z5ZuzGLtJoFMaG9X+Rmad69SFk9/NT6Q/pKyghlYvqwyjlCHdElLHWeqebmolATk6ZOfrKOPMRey/4EyQvfiD00o2l/KXLReHyVGHBDX6nCc/PQwxsRdWRXJPHfko0sfPCMeRU5ovGcg9Vm4tYM3bnlwWlicVCfIuPZVQVUVaf9RCx+as2/KghtSrx50rfSqYSbMIMUhu/+UZruKMGrOarQ/WzZ+LCGdOtfhjZDMLxEfA3kVppMKszT51nPU6GAhAkm0rIEJ7zgWnloq/h35V0yIIDr72ZNey+PHnJ+NUs9QIeVsOxAfqPsfNWoPbxc66Hyv8vIz5/4fJZrzyVQSEDqqMmAA1XAucNd+UhNyV+YIQa/phC0RLgHsP9Kp7favfgS7XzyVYTu9s2My8MHKzftFdpya/fjLCq4Jc0txcHI6DPK+xzv9mngwG9/LZg1NbB1Mhjt/rpVRQZoT320dz8BoJcsGbmRw9ncqkzoxFw9ESvAOEbWK4IZGK0w981r7NCwfkBNobSKd3YfzLc5vc6nqPoATaylxgHXDo7ZdNVbdtwHTRSE000gzOuEWhNpyXR8u9qCZoufXJQxQBnMB7zlDCnx4kf6dcGnPP2mKEg19FLtUjcWSE3h4ZBUXzgFna0+YYUY7aYW/zTkH0ZX3ATouMdEI8uWjDH8Tgq8jcVel6b6Y8h3/Z3J+mpr9QNKlmoq4dUvSHNRWh2T8ucvvG2+6DG5RTh8NxPaNdDSac+wKP/RVxX94mpJb2WEVC4qzzFHPOK1lFE8tJEjJ8lPLYUeQq5EGDe6d99o4FNuzVRFO8Fpr1oREYX61yYRCwmeeEdwjVA4fK/4PhZi1gvNwagUGBkopdrbKUAeUzDqe09Orwu7IlLW3yuGjGor9S/jmK4W0FO3oBaHxBIjyd0OMe+JO7Ary04oEUT4Fmth1XBEskKAd2nnIYsUpYSlV2nbq3jGt3tS/hmzPr/vMuvBrmBJJhxobhICQvILf7Mm58/PvGLUfhoysLr3OX8BbasCsJd8B4rEd0OrpoOWFCCuIswz2NIjoRNNw38jfRxNjoSaj/SPhxMqkbWhBsBfVqA2/Uo/ET1464j//HbVWnp2tMLC1dIxLWVeme8PVyFn/gjLWER9EmUy2B1/5UhKBXoErf1+eL5SRyx6SomzsrgsSFpzhzvpLPoaLgviDuaECCo+K7Q3A+rAEZrWDgu7ZzwYa0hJsM9MhrEhFnhapUheU48LvcAAbBk3HPpUhHOqNGNuPvmJwfSd3cGa8vf/iyvqYYBoVcdJxEB9MkTt1I/zIJpup2bEwqkZ5agnZI1wYHGonfL66Ld8SyYmNajfy6j6hZfGr4Bd9uuB,iv:wZojRs7iIwvYcw/h+54cthtocYMk0zQtuT5bKXMBh3U=,tag:hObGgTdGwD5QXgewUB9SSA==,type:str] - known-hosts: ENC[AES256_GCM,data:NbyWUp0az95X2euK1r57/SyFM2YF55F5INW0vjoOcnMjQll3/ZZzJDULVOvCzqFQ1BVxqII1a3WuuHwtBRt07MlNtdOg8KMXX6LHwS/DFuRJJOFELq2W+d+3ug0t6JQOj7GHwwsYrGW8UXFYPEg+nrM/DK4yOmOKmABZ+PbmB9q0D212g5pMV2bDvu60fLVPLiWIcWrlH28NcuNO50dAsoD6UX+/ARp3c2/aFLQfheKK+5xYUDvJjPE/ThmUfzTok4U1FcQOD45n6KhXGyrYd73xC3OftIaZuu6zVz7pTsoo2Q4whO4f0PuIxitRtX7v1bMfJCjA2yszMT47c9EJJGasTJx5awTJJVwH4ZCZ31cnQ5O1p8AEszcnGOGoWTSoII3brpWypSe793684XzgcHNoQbw95mSpqJGT+mecazolPbOrJB+YjZPM1v9vgxMcCIkPiAgPG+wS3ZLPfzhl7nLp2IeGjrwrYm7DRf7FjVkHNXcbGWhaefzKc7ZV7Hzlwwt3WWKHgg==,iv:84cdDLEvkGSiB6phUBoOFS2+aVVPgTRLw911vGSEp38=,tag:qgGrKpUnmYnzZU/nCLMvyw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:Ipl7dkMG2dDt7A==,iv:Vtay/uFm5ifrNv5RJa8bDwQrg/aBe6MDAijoamxuAxA=,tag:jl6PmskYen9cKTBl2mBd4w==,type:str] - credentials: ENC[AES256_GCM,data:9VygkPfLQHyF9TIKTdUjkbIjwD1O1n1hHTKCA7U2ghhk6h070gKjOUIVxv7fFcoZ,iv:OsI2r8sOHiN2TX3I4GgjFcreEIMS4ehmxaTbSoEiTt0=,tag:eTXJYBwCebtUArDyXoccuA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:07DWSYBcw0CkRB92fAuSeRcnFAPPe/tNVtPAOQ==,iv:uCQCtl1gxIKg3c/YkkPy8POHkKjCqo+EUl/DmekL5qA=,tag:1N9ki47pGl5LioE/7iGttg==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:TExfzegJmd5WTUezmPY2Yg==,iv:qO8KFoSnGGo58YDmjsmb9EOOfRIdHjqbeHM1UO8Y2Rk=,tag:6wCvyYyzOI/hQtkE8ewDvg==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:NPaVvGZVmw==,iv:uNlu4dVaaiXGDAUndG6dszVu5qWysLia0XRzhmHUBks=,tag:ZX4bAzD8Eftj/6wFw5dF9g==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:WA3+Bnq6dw==,iv:TrQbhoX5eqaEGzYoO9/YOg9EzZWqnx7cedHKMk4mHLg=,tag:CgXBYZrKzDw7GW9QPPMEMA==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:KjE7fviaLZrdGDOLjl8e,iv:KQdUmgga8nYK6UBvVyeUWlxPMV+wD6tiM1lvNmOYzm0=,tag:diyWK4Bpo41mEA/AUFxlog==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:FD1+0AAAuiiV/4Y6IieJPxf5AMd2+lYbgbDYmEl1W+w=,iv:HlNQ2e5lyoyaeVZBw9KAlZaUFRgUITUjwqIuwlUSBdw=,tag:tYIvcwZ8Qwj1TFUhJqdvLw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:NFtuFrzl,iv:vGHSkTCujrPHeiuuRG6UiFxwvc4AP7hHLlORUE/ihCU=,tag:2tDzno94SHRCxE+23hgfzA==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:PRj6Km3b5Q0=,iv:mgxv0yMbweCf8jpyl5l96wYz9PqsVl2UxccuIJJpGgo=,tag:lf7NK10gsSOuWGiI1/WFYg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:24:44Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFevWmbvehrOz2iEGNVMFqBAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMn0gVIwRuZwi3Z1KKAgEQgDvW4Q/SyxuwMdEDzSezNjzovyqsQdgeuWVgFD3h08j6Ld7hCynb5Ch6Hjeo156uQ6t55mF+HX1EKESFqA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-04-09T06:29:01Z' - mac: ENC[AES256_GCM,data:fyH8pl9M3OshmpQhNrmFLrg/XJYQyAFU8Ll2CYtVMLqRQwob2AxxU1Tb6P9YqwpAIzhkrwbv8ERjIjBiAWB6fCVGBwVE3uVIz0+gAh28fTQwwGockexxW8p2ybCRDTnlu0WwLom1QT/Xr9HiibxP/AvKcG4QfL3cmAL76bZZGj0=,iv:vMtjKJ9QqgDYmU5sscheukop4G8mwi9Y3qKvtb2tNiQ=,tag:i83JSpVbVX2ArAtHykN4JQ==,type:str] - pgp: - - created_at: '2020-11-10T08:24:44Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf9EDiGm9ZxRZ90mJW3J6ruMA0TSZRCDUbNmyLTQLnn/dP2 - ga68e+Lt1WnmJMOrm25Pj5XWWvKYVZJzqA6yh1w621NT+6thEbHWIEhUJbLfQD+5 - /bj16NqbeuM25sYPMPRXWn5ZfUmqri8R0yzvvuVWqID2llp8yFwI1o22+2odURGH - 3eI2pekuczeXe2c/smuQ2zVSbE1LOFLe1ZsAPKfY7qYfByQ2OeuX83yOJ9pinF+y - geuZVPQchN0Eu+yT1/OeQY8bWt/iRaNQCMXwEeeNszkSBV5mVjwDW3lb+4uqeSTn - 8F4DYH7Bf/zvTXCpS83rCZ52aMLQNETmOU/z/JNDsNJeATqfD2aHpI7cFtwBfK9q - mcqXrj43B0KxpAgFFZU/NH1yOwtdFo9zwx/xT1HkMjcxlT1uJfmF16p5vJDdKbHs - hsoGcG1Oz1ZGPPehH/JP7r5on9Wnrt2a2RHtCqzlcA== - =t6gE - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/bihar-uat.yaml b/deploy-as-code/helm/environments/bihar-uat.yaml deleted file mode 100644 index 6ce370aabe..0000000000 --- a/deploy-as-code/helm/environments/bihar-uat.yaml +++ /dev/null @@ -1,729 +0,0 @@ -global: - domain: bihar-uat.egovernments.org -cluster-configs: - root-ingress: - appRoot: common - serviceName: common-screen - configmaps: - egov-config: - data: - sms-enabled: "true" - timezone: Asia/Kolkata - db-url: jdbc:postgresql://bihar-uat-db.postgres.database.azure.com:5432/bihar_uat_db - db-host: bihar-uat-db.postgres.database.azure.com - db-name: bihar_uat_db - kafka-brokers: kafka-v2.kafka-cluster:9092 - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: http://elasticsearch-client-v1.es-cluster:9200/ - es-host: elasticsearch-client-v1.es-cluster - egov-services-fqdn-name: https://bihar-uat.egovernments.org/ - flyway-locations: filesystem:/flyway/sql - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml - logging-level-jdbc: "null" - domain: bihar-uat.egovernments.org - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: bh - s3-assets-bucket: (pb-egov-assets|bihar-uat-assets) - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - bpa-services: http://bpa-services.egov:8080/ - bpa-calculator: http://bpa-calculator.egov:8080/ - egov-edcr: http://egov-edcr.egov:8080/ - - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - - -billing-service: - replicas: 1 - images: - - egovio/billing-service - db_migration_image: egovio/billing-service-db - memory_limits: 512Mi - -egov-accesscontrol: - replicas: 1 - images: - - egovio/egov-accesscontrol - db_migration_image: egovio/egov-accesscontrol-db -egov-common-masters: - replicas: 1 - images: - - egovio/egov-common-masters - db_migration_image: egovio/egov-common-masters-db -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-rainmaker - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf" - # Only for Dev & QA -egov-localization: - replicas: 1 - images: - - egovio/egov-localization - db_migration_image: egovio/egov-localization-db - memory_limits: 384Mi -egov-location: - replicas: 1 - images: - - egovio/egov-location - db_migration_image: egovio/egov-location-db - memory_limits: 512Mi - gmaps: - api-key: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dyi/Sya9ZDtLZDNzSGtaGykvnF+wcghHpkW9T+oRVqtkTHKLLoCUXJf04VvvIQXtMANiA1syH+LaovWzb+X1eIQ== -egov-notification-mail: - replicas: 1 - images: - - egovio/egov-notification-mail - db_migration_image: egovio/egov-notification-mail-db - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: https://msdgweb.mgov.gov.in/esms/sendsmsrequest - sms-sender: BHRGOV - sms-sender-requesttype: POST - sms-custom-config: "true" - secure-key: UAT -egov-otp: - replicas: 1 - images: - - egovio/egov-otp - db_migration_image: egovio/egov-otp-db -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: -Xmx256m -Xms256m - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 90 - refresh-token-validity: 90 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: bh - decryption-abac-enabled: "false" -egov-workflow: - replicas: 1 - images: - - egovio/egov-workflow - db_migration_image: egovio/egov-workflow-db - heap: -Xmx256m -Xms256m - memory_limits: 512Mi -egov-idgen: - replicas: 1 - images: - - egovio/egov-idgen - db_migration_image: egovio/egov-idgen-db - idformat-from-mdms: "true" - autocreate-new-seq: "true" -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: /work-dir/bihar-mdms-data/data - masters-config-url: file:///work-dir/bihar-mdms-data/data/mdms-masters-config.json - java-args: -Dspring.profiles.active=monitoring - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-mdms-data - branch: "UAT" -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - heap: -Xmx512m -Xms512m - memory_limits: 768Mi - - -egov-persister: - persist-yml-path: "file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tradelicense-persister-bpachanges.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-persister/bpa-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "UAT" - -pdf-service: - data-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/data-config/buildingpermit-low.json" - format-config-urls: "file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/bihar-rainmaker-customization/configs/pdf-service/format-config/buildingpermit-low.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/bihar-rainmaker-customization" - branch: "UAT" - -egov-mdms-create: - replicas: 1 - images: - - egovio/egov-mdms-create - egov-github-pass: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D52KEzHorPnuq4Tr1+wvpze93FX6vffkLIxUOhLBdceO2Q== -egov-data-uploader: - replicas: 1 - images: - - egovio/egov-data-uploader - heap: -Xmx192m -Xms192m -egov-searcher: - replicas: 1 - images: - - egovio/egov-searcher - search-yaml-path: file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/bihar-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-rainmaker-customization - branch: "UAT" -egov-pg-service: - replicas: 1 - images: - - egovio/egov-pg-service - db_migration_image: egovio/egov-pg-service-db - ccavenue: true - axis: false - ccavenue-redirect-access-code: AVMT87GI61AL22TMLA - ccavenue-status-access-code: AVMT87GI61AL22TMLA - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://bihar-uat.egovernments.org/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://bihar-uat.egovernments.org/pg-service/transaction/v1/_redirect - -egov-custom-consumer: - replicas: 1 - images: - - egovio/egov-custom-consumer - erp-host: https://mohali-qa.egovernments.org/ -egov-index-custom-consumer: - replicas: 1 - images: - - egovio/egov-index-custom-consumer -egov-apportion-service: - replicas: 1 - images: - - egovio/egov-apportion-service - db_migration_image: egovio/egov-apportion-service-db - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -egf-masters: - replicas: 1 - images: - - egovio/egf-masters - db_migration_image: egovio/egf-masters-db - memory_limits: 512Mi -egf-master: - replicas: 1 - images: - - egovio/egf-master - db_migration_image: egovio/egf-master-db - db-url: jdbc:postgresql://bihar-uat-db.postgres.database.azure.com:5432/bihar_uat_db - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -egf-instrument: - replicas: 1 - images: - - egovio/egf-instrument - db_migration_image: egovio/egf-instrument-db -egf-account-details-consumer: - replicas: 1 - images: - - egovio/egf-account-details-consumer - db_migration_image: egovio/egf-account-details-consumer-db -egf-voucher-indexer: - replicas: 1 - images: - - egovio/egf-voucher-indexer - db_migration_image: egovio/egf-voucher-indexer-db -egf-bill: - replicas: 1 - images: - - egovio/egf-bill - db_migration_image: egovio/egf-bill-db - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer - -nginx: - replicas: 1 - images: - - egovio/nginx - - janeczku/go-dnsmasq:release-1.0.5 - service_type: LoadBalancer - asset-bucket-url: https://s3.ap-south-1.amazonaws.com - jaeger-credentials: jaegeradmin:$apr1$LYwa.eHV$zWn6CJySbyd729NMFcUQd0 -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: egov/nginx - namespace: egov - cert-issuer: letsencrypt-prod - ssl-protocols: TLSv1.2 TLSv1.3 - ssl-ciphers: EECDH+AESGCM:EDH+AESGCM - ssl-ecdh-curve: secp384r1 -cert-manager: - email: nithin.dv@egovernments.org - images: - - quay.io/jetstack/cert-manager-controller:v0.10.1 - namespace: egov -git-sync: - ssh: yWDnop6OESC1f6u1HUaDdhfpcukYviftE8G1BhK3ihsNXMkWvNK2LInRgr23Z69NZYSC3NfvGe6DOlX16hivEq4fZBDgc1TMNwTBihZSo6SCRY/KiMDbiB8WFo1ajwb1xiUYgmbNDvM38ieTkSCBGiBJlEkrC5bN+LUqjiFpsY8szAgoKkERuourrc9huKPaT9kPyN4yJ8cDrcikw0B6LPUbv+r+z86HWFFBxaYtigQsqnfbdnSGAVSCFSndDm0KT8srOGt8acXgkR7MlOEDrVrsGtCzPWFKETa0dUNfxRGuFJQ+2daJZgG9i9Hg9kmWLNKvh906/iIKCQVPdfaVQnQ1thy0qbVXuipC59RUQY9/b80jdOcR8Wf0yYATWCe/94E0azWDbMk6/IZJ+T/mkk0jWMikjESSmWFpsHN1kX83cJIsy/6e0Zg4f0pKcmc1kIkoWAHyDyPkriVb1E90zO2vCIAvgFxJHxQJfZ6Y32eyEJGTcmtImV52VlYfPXnMfDFHevUxk81ayvoZFD6LAV8rxOyQJ6Zd9QtyJtpV7spt0IDJAGAPFPBI9RTpICpWwwaB1jCcGYm0qcoDK/XzbtVk7ClKFZprszD96nnIOfclwq6hP+jHKlwoil0P0h+aLHF41CHDAQx3hqe+UlJF3DlB9Uz8kEIzRL7vZksiaIUk/WWRYnRlDhsmZRfzGnYRuIgg+beFDL2syxVZzLLnv04z2pHAMafV60kKPeLLSsQ1H4dQVGOwcWEJeoePvCuZfiFUkn2RNCnfWX4uU6flXSLpdLZ5s/b7E+xvIyYgLV2Fk57zvFlEbBjI+M73vxo/9BpY2djvUKlL/XOQMyb94clnOFUXcqtjiL3OhespWRXl3sIGVtiYQ8rcDgCPCn4LFtJoPhGzmkvG3ZHYi1p7u0UNqyBEUX+hbeL8e9Nz5PG/7tDO6ZszAyFuN2iu7Cib42zSsPvWhOdjaUmSZ8zJexK1RFoVm2aRJcRVWQm7Ef5yWXja44GhOmDyQ0eyBp2NjdpEUul4Fj25qVoMzXq495vomm+zXvg8WUMsjgm8J0Bcy6sBi+9EIFyJylqYULD67LQ5Av7BNJ9vcaMxX4t/PpACkJBy/9uGlOkmNiL2BfRkSuCQNyfFicalTVDT9BNMOy9wr+u5yaw9nF3l7ViTRrsN2H2ZNjXwQl64cD1rQKWpOs8p+ltkljZfWEzhuXaslLXFligEBJqC1TAaOsgGcwLLGiFBIKw3jcrqbeP+YzvpAa/jT6ooHeaya+92RNd9Ipa8lpcwPZrV+0+jjk3m5m+v2a3SISfRGJV6Y+DRU9l/lIrAnfXHERVr822Y2rWyJlptE00B+rvCXWR498yMv3UZnxxXpo2C/0Db1K5JBxAmw8IJLgQ9EL8jTwH3sf/UimcEkwZ8OdYjR0O1Ei5OcMtQJS464hUcqU0DaGS6PbukPjvHg3Mxn16ayeRI9JOwj0fGE10NnxZHv5oBc15qu78o+B7h8bAIVPeDNaRJEwVBafeGH2C4cORTunwAerUS+b194naNDEgXB+H8Kt+lFhlQcGOmzkBHo0MXwGY0UWd388dCUYmSeuXu8SFyD1/EqvbELUTcM+IP/s+SKpprbSZxBgC8hYtt8AoDkCNvPvgctUpJ+rdfTplqNhrCD4mkqs1cbuXA8IOclimUHYcu5ZlzPbop+x/f+EB2SL9oe5p+ZrwHoR9UHsxXfmYKCHjxddGbsrtxgAEtH9JKoWR5zESjt0Mhh2rkPYU47OY6AkEsGYODV5NaOGDVNdT0iKUo0AGEgxBho/9g0phbtETkPMiGqXngEBQ5IHzcJgwW1vhvi6FJ5V2Bq6wktNtmq+RwfP9cfiiplp/wdoXSv/vJbOmista8uAcfO50TjLiC3aXWbk9yYlbKLQn5E4cKfOcq88F0ppN0qN9xDvptfvnpoVyfrK1WVP78X/UNd4v5HupL0ID42slEhjcpB4kpLbQ6CMeUJwvUk08GX5i0AzNtKBUjA73I2vnR+s7GGrN/NGeH8RZb0kD6kLlhEm46hsyuCuWUgHasuj5U7FemwpkPqTyxWRn3vZPfxmjVP2ieEReaBaD4BrEUWqH4Mi9aVZV5XK2+ZhmwK+ge6MVpxS/B+2L78W/obzlAXr7aABW78FFch6l8yL5SAhJa6SDu8Bs2hUkzVFTGrHTeSTEE0MCqaYAfwr2XvzgFsrfXRbtJt7wrUCRErGtchvFxpDvmiXBi6g1CRpXZOG9/OENlNqJGpy9UWD90ohrBfPvwd0s9mDSkhVTKbVmwovqcwZ4ExvSp9lSPW+T4APtIIG5EreZ0uQSvWsIdU1gQuPW0kWBHFti003Dsg/J4Tt+M9RzjrzfhsxKX9MuC8IAdnrgH71Ye6Gzkf/SlDMHppUhANY8RCIho30Q8RYJlQkGaOoGxaQ4foIvhZwm0vZukQwJj63s5jDF+I+m2LTTMSsN3Y0PyjmT/4K7veq+hVqN7Mf3PqS8mXpiR23P5FgnriWYDLD1RM7QihOLTFIp37T1oWwj04VTiqD7cTfw2cTDmqIFP53sreAwzstC7ggjk5XC0X9W9zFQX5KmWE+1Po+DAouGm+fDj19p3V4wQ19qH0FQfAfUP0tDROiGpAS8iB1XI4FGJjsYEPh0D2XXP3ssGfKUfAvr/cRsjv7x7+5/nGhKZCWdIxlG2j7s5qo4fT7TIfr8pmhhXDQq8gwDFQpiFpNc2/isOv4bnW9V+oh/300KFmyk+N/1ALyaUla2lcgKarguqxxOmB9TjylceWrPUGSXtgI/w5CAumxzc3uTpkEFC09zu0kc87zUwQCkW0bvy2PXsPVp2dDj/s7XRfzC7EPX0T3beeNuYyedr+WQkhtk+4W+4ub/59VFA2ypuZNmTDnd0vhLckaAO7rJ4Me9Z/09PnkhpRBPHMel1JeiPaf2Toh5ZP6O/ys/2TTqrcTI0YrJIZmFpqs9d/RK55veVSmx/sKCdNrpbFHCsKMlGCTDHCflxaO8i7Zc3glvRus/5pECIllVmZJRFtMa0j67mtLkotdWT73GFAnLriCtSkSqa14Aqm2C79tj+m48HsRPG8P37xvFPenJfCMwOCEGK7sTzMfvufvTSK3kHc3NYcUrlFVut/rQuy5Z8OpcJ9NGKgdQxEhRIJYAPDdaTToVqiyPxFqGcMzlr/yI+AsFh7THQob5BKZMH5KsGVDu6vlgBz7626EeXxmrllqOqTfxLLiBgempp4WyX+cLbGn5Oif6eTLg3sz+GMxtNH/2qg0W+jFCmWDppGDb57wlYmYLiT1D1LAbbs/GuDYlQT18DaVMZkXzcAf+7wYNscxQx9gOtLfuRw+/5lfisuY507i7fv88kd659FAJq0M9hjYfOiJkW+p/kJpS4brD8Z2cJwVYpZMPf4SexjMJGi7ElIO/9D9b1Cq6mk4e1F6XOkl8ZaQQhfK4zpHVe054y2juM4Dm5ANJpxQTSN+nfk2wwwZKF689ul/4DZgN9UhCu7SIQ8gKOKbLbk9pw7JQlqZhn5cwMsVuy/sRUAShWuxE8YExlScNag0OLtFscz5nFQOpQf0Y5ehia/mQTpV3WWvhf3pswpFhssMoFsjiv/tAFDugTYj6H6EpNCF6VM0sxqgCOp7cRaDFdC1ExOT2mRBQSgUJHCI4x66OV4/9jGqnhlXbDdfRD1aas+rmwVLNMBNVosjrZDF2SMPgRnbQtDS1KojeduVJVbsEVgHEB6TWUtAclIpod655WsFHfZ1cTaGT5vsq0CI4SP63UsK7sdla9Z22qWVuzb+NmGljzCKFfaty2t509g4qkCyw1xA8fGte+Vp43NxaNsV5V2w0lr6jE5d/OpTQA+xznCkGOX/DPHyJwnxM+c+YQ9/UQOwbFrk/6akEkFW6/U8O4+Culn8j+um/fdPMRgosD5Gj/GHGTmHuCFbavHS9ALwV71J7swqX00PUO6j1+Zpqn9cjL8IqHGiWYDubKBZ7Zzo57SjyyspBxCaK/XXJ+FkGVsM+8h24WtcgIVCFTFmfMyc0CI+pe1TJhfc1RZLWU2Az8QxEUF00ROAJGNGOTg04bPKdfmvTGZQIm5D9RuQVCSk5XdIrxUQlJyP/LbgQG87xhGm3EUw/HZCRgi604uDpUAPv5hIJKlHqT2Yd61hlM1KxL1y/6qz5yhkbLHAN/l5vDx4/UdOqhk4Kmo7GoyustiUlOe3n+3h/sLntJqoPleE/uhTa/Mg10h+tIUPNe0b9V/OHFoRbCw/ppsWQKz1vqX5nT+haVxw2g9SbRYfNUhccZhZPIupxoe7/46zRbuXoQhfHbDKTqbu2oJt02RYsp+ic6cg5hEJtw4LE2Homwr9nwr0uL46lGZ20fmu4ylmwXTpizBjJvS1KA441MOMqj5rwPx8IQF6HqCiuJdF0kiMxvW7ACeGIIRk5J7HfOSBzvziTAmwgcn6AUicqGmR+AOVkHf+PdTmwxuqY/dCbm5k16Q7IXpE+jWEmAHZXXaMVUXIy9wXpZ93Wc8vjj3cdJMs5yiNdwgzgc4AIaMxRsIbRR6fPHFRstuHNDkWG9pQT/wBCNmvcP5P9rxKhhCdCNhGDTJo4/NjiCMVPqNQyteVSKyP+kYNeyo1SGPcb5X5d8yLC9vJ/ApXo/Ive0bGbKphEVCJ8iZxWlTy4gqndTYdjen8F5NqToIqKJmNniaT/B5mlGFe7RVOznRNBiQPukFhCIYNWSONbIsyWvsRf1vZ/3KSRrP3I7KdufqMSiGp8NJTYhxBJKIBKX3n3XRYgjr5+g/qeP0U0tw7x7ZcNx6KBZRpyudf2OGlxLAWWnqMTe5jVihk73Plex1ZkG8oGEr09wakJL0JBH2JI/iAVbdYj3Jzuy9+yah7X+wzoZoZB+tMWDZScJNuwTf06OZv+zcnK/Xnmwt29n6igZppH3yqjPRW9d6TkcgWNsXU9ByB6iall6YWmkKWqerUFFja6VcUayAS7IN43WZhmNdPOWfQvxetjegXfKCKLaEqG0CzDGyTXVel6e9ZICpeW0qx8Sq2CD2vSSfUiEcmieRsv744dcW+mLynwA21iaF99XjuA2oe0nKblH6YQFAJEHtmTH7u1iD9sAjXsKdlYChOKuJ5a4zknheUJahIQcW7aU1nZcFKP+QdSKqXaciY9s41Y/XHURT6RXWCjRgfF6dOHZLA5/8vkNH5nNZGYIRWi1iq4D4rVfivvwCGLLuzffYZOtBSt11S6UZuEL3A3uX0riJwpLpP5vNafm60GmeABcGGGUxPnPj2PTd0xur7l41nnXT9XW5SL6Ki2v6Xf8if29IT/C0J/3oWIqBgBT/WF1+dbk7huLpdDvBj+e5Mb+D6szCS0QYZa6CViuPFGm2zJGUBrIuzfN96tQ2hpXBUCr9nuinXluxIVdoH+bCWsdUg5QxvrLSQ9TBH+OG536YzC7UVBOOCI7hwPCOzr9c46++U5bq/vQ9PxU91USyyazfdJQ4A43JgXysMEwmDiZrR9eXpPa42+rR3fmjffPt8LTOHvYN8dGtvm3mqunFVSZ2736tQ7mTSL0Bx5fRzto5edpGsnqCVclOAuRUxFOr5TcUm/TxC6yJwVH3pLEu8K4XKkE3fKrZ8Iu2N2vxn3UBKcbQ2xngFt5Qm+0ckRXT7kKwi4w2BsXnifx/H8vHMFZqOe2wgGOSpcnN+RxojS3GvtcgJhcQ+2Be19z3d3ObSorOIwS9ZRXhUB3RpgjEOTA+5fgypUm36BGCA7OqeSZd8KsxjuddBZaZnpla04trg== - known-hosts: KLnFDDe5U9chjb87SQYJOs3A7qRVdaWGoG/JoPXcIW0Na5KVgYfe0FSEzfQXvb/Cl+GnX8j7PP5rE7t4qg6sXXdjDuZ3A4o9JLfFYtvA31oSShnADAsB25Ren2wIevF3rUo5P58StjcdzZtb7Z12cAWErCPlfohHsTWPX0/WN4XaHmSSEqhNUFoCUG2pn/+hsifHvGlVsFfj09K/IySE7iLRaniPbVc1zpKkgABeBiLb6I7OA93z8NaMQ6BkbOEQWLu+p7ibHQ54hNPGtonHZ0chmbpXEwpwdb0iOrx+R/6ggBkeAfTnznZFCLJMpjUF1golIEEPf6Ckt2vjtGuTiFHRBhOpsSKyXf1GU9yB4wbfQdAgJNqZVdZtjqvVHriEdGoMPKnPgxYfAPDMKYx/mTR4WX8cSystrC6tSM2UzR3bi5RvhEX7OEaB1ysRakSjwWVBKlTa5jvAdKEXKYDaDRKxPvWNewGtzYncmNV/puOa0ni9L/9NUxFp3HVRf8mKllRnCZH5nyLfvaMew14W2GMqI2Kg1TtPS8NY6MHQH9cRm7cyN98fo/Nbu7WHyp0X5A2OVffu0g3n5W0dEImUfbmDOddNAXed5A7p2oOH29/NcbYUTxs9UY5pO+lurvG5ZVtzbaEe+iRug6l81gQAwBNfKInUToGVNVaQ5Ano6sof6vBBcJaTGCWJdZI47G89 - image: k8s.gcr.io/git-sync:v3.1.1 -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "false" - tracing-enabled: "true" - heap: -Xmx704m -Xms512m - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: /user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/pg-service/transaction/v1/_redirect,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill - egov-mixed-mode-endpoints-whitelist: /pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill - -user-otp: - replicas: 1 - images: - - egovio/user-otp - db_migration_image: egovio/user-otp-db - -collection-masters: - replicas: 1 - images: - - egovio/collection-masters - db_migration_image: egovio/collection-masters -collection-services: - replicas: 1 - images: - - egovio/collection-services - db_migration_image: egovio/collection-services-db - receiptnumber-servicebased: "false" -collection-receipt-voucher-consumer: - replicas: 1 - images: - - egovio/collection-receipt-voucher-consumer - jalandhar-erp-host: https://jalandhar-qa.egovernments.org/ - mohali-erp-host: https://mohali-qa.egovernments.org/ - nayagaon-erp-host: https://nayagaon-qa.egovernments.org/ - amritsar-erp-host: https://amritsar-qa.egovernments.org/ - kharar-erp-host: https://kharar-qa.egovernments.org/ - zirakpur-erp-host: https://zirakpur-qa.egovernments.org/ -finance-collections-voucher-consumer: - replicas: 1 - images: - - egovio/finance-collections-voucher-consumer - jalandhar-erp-host: https://jalandhar-dev.egovernments.org/ - mohali-erp-host: https://mohali-dev.egovernments.org/ - nayagaon-erp-host: https://nayagaon-dev.egovernments.org/ - amritsar-erp-host: https://amritsar-dev.egovernments.org/ - kharar-erp-host: https://kharar-dev.egovernments.org/ - zirakpur-erp-host: https://zirakpur-dev.egovernments.org/ -ui-app: - replicas: 1 - images: - - egovio/ui-app -ui-uploader: - replicas: 1 - images: - - egovio/ui-uploader -employee: - replicas: 1 - images: - - egovio/employee - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -citizen: - replicas: 1 - images: - - egovio/citizen - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -hrms-web: - replicas: 1 - images: - - egovio/hrms-web -rainmaker-custom-service: - replicas: 1 - images: - - egovio/rainmaker-custom-service -employee-tradelicence: - replicas: 1 - images: - - egovio/employee-tradelicence - -report: - replicas: 1 - images: - - egovio/report - tracing-enabled: "true" - report-locationsfile-path: file:///work-dir/bihar-rainmaker-customization/configs/reports/report.config - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: git@github.com:egovernments/bihar-rainmaker-customization - branch: "UAT" - -rainmaker-pgr: - replicas: 1 - images: - - egovio/rainmaker-pgr - db_migration_image: egovio/rainmaker-pgr-db - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: open,assigned,rejected,resolved -pt-services-v2: - replicas: 1 - images: - - egovio/pt-services-v2 - db_migration_image: egovio/pt-services-v2-db -pt-calculator-v2: - replicas: 1 - images: - - egovio/pt-calculator-v2 - db_migration_image: egovio/pt-calculator-v2-db - logging-level: DEBUG -tl-services: - replicas: 1 - images: - - egovio/tl-services - db_migration_image: egovio/tl-services-db - heap: -Xmx128m -Xms64m - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL] - tl-license-num-format: BH-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN] - egov-location-hierarchytypecode: ADMIN - tl-search-default-limit: 50 -tl-calculator: - replicas: 1 - images: - - egovio/tl-calculator - db_migration_image: egovio/tl-calculator-db -egov-workflow-v2: - replicas: 1 - images: - - egovio/egov-workflow-v2 - db_migration_image: egovio/egov-workflow-v2-db - logging-level: DEBUG - java-args: -Dspring.profiles.active=monitoring - heap: -Xmx192m -Xms192m -egov-hrms: - replicas: 1 - images: - - egovio/egov-hrms - db_migration_image: egovio/egov-hrms - java-args: -Dspring.profiles.active=monitoring - heap: -Xmx192m -Xms192m - employee-applink: https://egov-micro-qa.egovernments.org/employee/user/login -egov-weekly-impact-notifier: - mail-to-address: lata.naik@egovernments.org - mail-interval-in-secs: "604800" - images: - - egovio/egov-weekly-impact-notifier - schedule: 30 07 * * * - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1 - zookeeper-connect: zookeeper-v2.zookeeper-cluster:2181 - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2.kafka-cluster:9092 -zuul-config: - egov-open-endpoints-whitelist: /user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url - egov-mixed-mode-endpoints-whitelist: /pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get -logging-config: - es-host: elasticsearch-client-v1.es-cluster:9200 - es-port: "9200" -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -redis: - replicas: 1 - images: - - egovio/redis:3.2 -playground: - replicas: 1 - images: - - egovio/playground:1.0 -pgadmin: - images: - - egovio/pgadmin:v4.1.1 -pgadmin-config: - host: bihar-uat-db.postgres.database.azure.com - db-admin-username: bihar_admin - db-read-username: bihar_readonly - port: "5432" - env: QA - maintenance-db-name: egov_qa_db - admin-email: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfDuQoLfCnKPm5GKw/Pgl0D1VcHGXxblruwkv8iUziC5VSPFLgDEgjn+1vscsbE4MA== - read-email: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51frJ/am+/tF0yDpOlU7xGWD9kb4xhcEgseyNPT2/zSJg== - #<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - #timezone specific configuration >>>>>>>> -time-config: - timezone: Asia/Kolkata - #<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - #Monitoring -es-alerts: - replicas: 1 - images: - - egovio/es-alerts - es-host: elasticsearch-client-v1.es-cluster - es-port: "9200" - log-index-name: qa-logstash-* - slack-url: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dtrFP1/YcM/dZEYNdxfb7/ry3M/l8EsdD5voj9brwWUNxWAJZfWoMAy6DRV+q0Kad/dXa4joQZAkIDMwrrwzfFIfwDSz2ewWhWNv/42WR4L/8gM86ouhlQIZYr0eg6lYht2A+SFpt0E21gY7n7PfihA== - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - #<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - replicas: 1 - images: - - egovio/egov-enc-service - db_migration_image: egovio/egov-enc-service-db - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: bh - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.0.1 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2 - heap: -Xms704M -Xmx704M - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: 50Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/kafka-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/kafka-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/kafka-2 - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: egov-services-logs - egov-infra-log-topic: egov-infra-logs - # zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.0.1 - zookeeper-servers: zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888 - heap: -Xms256M -Xmx256M - storage-size: 5Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/zookeeper-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/zookeeper-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/zookeeper-2 - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - nithindv/cp-kafka-connect - heap: -Xms512M -Xmx512M - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 2 - shards: "4" - es-replicas: "0" - storage-size: 40Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/es-data-v1-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/es-data-v1-1 - network-host: _eth0:ipv4_ -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: _eth0:ipv4_ -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/es-master-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/es-master-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_bihar-uat_bihar-uat_centralindia/providers/Microsoft.Compute/disks/es-master-2 - network-host: _eth0:ipv4_ -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: http://elasticsearch-client-v1:9200 - external_port: 5601 - server-basepath: /kibana - credentials: qkp0ODShiI000hMgQUNEdfZtA1eTG2iNKp3ayXeISMTnJ2E0Ue2i6Jwiy3mzFtKt/aG4sZAQZtIpeI864kB/qQ== -es-curator: - schedule: 45 18 * * * - images: - - bobrik/curator:5.6.0 - es-host: elasticsearch-client-v1.es-cluster - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/ci-secrets.yaml b/deploy-as-code/helm/environments/ci-secrets.yaml deleted file mode 100644 index a1a24f5deb..0000000000 --- a/deploy-as-code/helm/environments/ci-secrets.yaml +++ /dev/null @@ -1,731 +0,0 @@ -cluster-configs: - secrets: - jenkins: - clientId: ENC[AES256_GCM,data:xIQ1krQ+oWneuXP4l1pAORjk4bo=,iv:sHlWi8ZdozHxSaLbfTfyVwl1zvMzSzyNB0uSbFYSZ3M=,tag:Slar++x9HSFxh9WpRJ/RhA==,type:str] - #ENC[AES256_GCM,data:umO8ciP56hsVJV4J0uyyGldJIDsjH8VJAQwxLFS0R/8da143VqycglScOnwMQm29tCyjPblrgw==,iv:6FJrMapB2spFP0VHicHMp7Apq+HCYhQ/FgeMeBxVhVk=,tag:bTgWdtEhqivzlo7Q77jfaA==,type:comment] - clientSecret: ENC[AES256_GCM,data:UBZaOhwHcpVWN+NekVTzXfWlVSfdXzpKvGQEzyzSf3ce5MVn4VrFJQ==,iv:uowONeS1XbZe2oeFtizgzcVKeOMHaCaAXF0XhlImD3M=,tag:j7lHeQerqrsEAfmRPaqzNg==,type:str] - gitReadSshPrivateKey: ENC[AES256_GCM,data:Li/nW6qHkH3C01hXe9paeMncaz4ytyPtoipDTCnEb2pYBhObAMxAc5xUvqkdNrjc86mQj3sFDQcsQtJ6G1RiQMAF/XxKVhjPAQXl/6NdWpHg7hmh/JuhEClhYZeiyijZGuviMUOxIlX/Rxt2AczAPwt6K5z2DEHto55e/TGn3A9amzloX0RSGyELhCWKL2pVHBSk5UtIXXayRE7soGHSZOb86XWL+a8TTwsiO9/+/7dOVzvRiVDmr39T0qNjBxaIdr81NNMXvYrPUGsqxfd8hOEf+XT1OnoG7OOe2sCJMiS8to1WOnETsu34UHMA3msmp1MAQxDO9fdNOH9kvj5LvYM2tlOC3xHXrhxOp0GT6czBQr4ejwTQTcvb+Ys07l25WRm1DBVLngFf5hgwzyr/z4v7yuI0d+WvMXyLEumoTkpoX4JGT0AssI1NYksTKaHkaFrS+mBWd2M2tQDWn5HGz9cGSvpxbI5UIymvT1ypjWOTGrefsz06ukAd98bKGOReU+ExEEASLjjZk7nNy4FqCpLu+rz6FQzRDCw6vZkBO5hSm554gN7nzAYlCcx1aPUJdf1N5oDekID3rsbH51jvV36WjAJuiGbZ0R0psdFuGmsU1nDdogn9QWtc3ij+9rVkTla8giaQDrQ1vnDlk8BjCGoco4PP/g1WUDjS/eMkD27inBgfQOyKOKpTPyveDSOSM+YA+WNOyPTQWX50tB9Vl93rME4cFbI8rlFzSrzhbGEQoziWFjsed38NGkzbaKxo6gyEXaZHoFpIi4hXR4HwPHEk+aR1UArHTYV9EGtIRGWH+ka/xKFWky3QtBgpi5MKIOZ3Dmr5uUtGD0heEEWZH5kmwdbv5J/jooJxg/kmP4pKJn2D3VnNM4IVeFW78bsJbE+SGWgN4jzj7MtVoeC+bTdypam+CwJK+Ls4KvjE/1G5d0gk9SBY3QtzWFvUtsEDPM1B+RWYFhHM1iMRmSCRwk4Lu7BRV9LnUbyqwMIB2KhTljcXxH9t0SR6cJc7GHJKqCgvivsEuS/pSn6L+usoOHS9fHKr8t6xnI62uzlRNiUFNh7rzz7aiLzhZCoafUlAme/vGxuwsyd1u6T/iwiQhEYx5DyU1BI8lnUieRDc+HjzhuiaOju3cdzDIYGXhsIytoaw5/bPLwiOcEc17DC2vXnZ90wpCWaEAThnaOTc/9JedO1gxzqKrnAFHNqtDbZY9Obqwea+kMJA29tei1TYBBXj1fiRCZ5hz4blqd//1HQe3MgdvxEBQwX1XCTeGEgR3RMBWlJWhrD7j9zHjaCaL96iU1rLLdOhaJ81jInT5Yj0KWp3MhUFeV8p5y91IZlKBSoHxQ32gCA+ZGdXMhHbRB6ARV+l3j2DNnahtkV2qUJwIxlnS9ogHpPg7RQTOwnvs5O9+SET9y8KzunhtlD5JRupBl+UxtDTwUW7ltiu1aSk9aJuyneGuxqWsT67EvLBVtZ2llh/gtgftxm20Dttbu+DkBFuUUkJbZCrYE70LO56m7Hcc8eYlvaiTQkKUGi/5A7EJI5/XztJve917bOOTXZ49G62s9ubkiymNFsV65Mwf3j3D+sZ5A+/iHgSm7lw5kKH7VnvE3HtRDcAUP8dIIa574REcoPsw+yhe0/mK2+rfqCaNrgrgqVG/WGSvBGtpZKbVH3Y9E/tAbKGKJF+9YE7oJou0iabOn3zhlhZRk6R+8sac6PNfz1X4kLewIIl5I5IsALmj6pr959D/vVI/uYbI2XdUGyjrvFfouHOyW2KruVZgi/HOOzWmPd6Iezj0ydI9XmEjpHxSEpjLIn/88951hWV3iuslCQyT3RqvAk2RtF89b+SeeIKBDr6Vcf5FDTduLw9PuvCvCut0+U2+Jpx5tr35cpzW1JQO5Ug+WC1j8VC7xqYj/+dX1tavCO97e+idZ1A8zInuPMqEg9+8ZuFRup+ZKwgfrQEAGcG2Dmm27Ldz6J7EgH8YWtOM65j6qzogEFJ20CBNiSHKJkEuz0S2mZYisQhjJXR22JnAmNttT2pLanau/Z0TQFi2WrstPQ8mjKJGaTnEZoqfTXBf//SYq3i+k5DKtmHsMCJcrTVAgxX1fRE6vXXCKcHXsHxqAVXn3rvaxlKuWpnC5tzXeLgMMeEb1KMiiPHk7O+hEaiP1NBwZOnloXkIv/H+azDdbB64i+2EsFmqun5EmzT2DtZGYTr9toDjnl5oMjPl19kQtxtlhclHxgYycMaygird8u3H7EksrSJrmB4q9XAepBkPu9sfVHvkUDDO9avLnPway3g+OQfwxNlb0WQy4V4I0KKnQs6ment+mnRRa4NOmpzzBWDSsf2sfwFoWCruATd2vqRW0m3Pqnp2YrXer5wXn7uMrdLDU18jP0PLpTMYSFblZ1uSSwJRK26P/UQuFgcajzkJ+5SQLwqpGVtBRgGMdmiS3RAqFqiijP3EtYfdZc0RS3RBYrM2dSfm2Zrza/tkxCzpnzsfoWw1t9pMErtOt3+ksu/rUU8aR1Rf7RCh78YhPPp+rcI79hx3WfvRVMnPkqvZND6EZ4qTzAxosUS9+5tqkjxl3e1JN//tNd7O0vc0whs86J4y4kYtYEUBhcO0awZX5XyiRLtQB1EiK/x7iyYZd9W56mRmCMuck47Mb5W1XxcYbrUhjn5eHgzxJxqcfCVOUaFEmyP4toCQPtne/Exd0bOwUHwSvp07qffHLLNdsaErrIxcOj58OtRx//7EAVYGf3/eBz0zyPCGYkJIZzx2skCAujqQdQk67EZB1Rhg9YtmepakiQuiyRjzeMZP1466TXAgHL6AzycX6d0dfr+Ef/Y4tGl/d4wxgldycvMvpM3Cab0mp3RDJyr0kPXRhUgH/rb8sliBJQm961Qrct384FIUXHR3Im1zIcfXRsLNByNY4FZCazHhiv6tbO65WlXeyCfrJ97dYSZSsgPvVuXkYsPQ6vqD3yIQXU4maDqkC2KLdXd1L0mYM4aPL+F5tDCHzeHw1rqPfJBEfu6ln1alYxnTfYGZ8dQuyAgcYV09b5g3hBEWK7aw0y/vrUdjV2Jl+khZ8pJqFJx7bdYXDZaf9iFW8zpG4AaVuSNhM2QrIS/Xp/gzM/9rh8mMUOwjtVYzjRu0BIjq+UF+EHbXT86cByH+HBiMI1etTzReLrf6Co6bj5xroQYnS3e0F81JlKZcHsxaq6K1nFryXltJ6Q1/Uo7GfurKwC3Zz0TCmib4Fff6RktatPXcHK0fEQShCyS7/Kzin0rXLB1GkNHcZJFy5kz19vjAQ5uFGN16SIlNuIhJtloxSEK2S7KpFFnlnen5ruGAQEnzjlgZ+l3/suQ2ItLEAeRzD3OoCaXlCuzfaKtsGWIT+3sslQp9np5VN3dw9QDZnkA1nhrMtnGj890mNfXB/FY/XKcCsM1c0X5kHNEib3dCLXmjXr98IyH44VpE7belxCrdJ27iNyuKPL1dtkTHFElDNcQsKd5w1cz+pVDFrg0RIlS0wmlGUaz2NLRm38vgTqtt5jIXPnVrugkZjbU2AXMaj9OOHC8vui07peu8HfeGgbbCGLEXv61pjGalTf/71QsV1xxJ4TdZRmNIOD+S+7qjrCBj2UDBTJ+VMIETconi4WXOXtd8zCqEyppWX0rbBbZ7xuHG/iVX+v3K6W5INxIoeClE1DmhUlHaoqppK8pEdQGqbWJI00I9PPVQVw20Ff72AUrHeLGd4goOgDokJVeaVRHNkkeP7Pigd2HDGWCIQzjkkHqV86DFGMhapSUguMtQJhPi7oz3gSm+9x2G93kZUxe/xj8j7izEizuU/V139cfFtBkzt/XimiR838wjE7MflwEsnTMyiD5s+Pc1Z+cboD8G7aaGCFNUPdSQXkRTiOu+UyuaeO3H23z/e4+/UYjyCusF3rD4v943YNjDqevZjapsp6Xz7XvHZAbq9CvrLFq6S67FDVrwhQWgWjluyFYuuRq7r/kgE+b1GgE0Am4sGhC2KFU6XffqvSAG6CrrcKU7v9PcJ1LwcUQUbcCg5JCy7u1cx46IlR91Uaf9QCOFcKNSe5+N1yXEigIv27+QFlOybOUMUZA0yTE/Hytw+xeT5ivcVenxsBFjhuoZ3FONIUVAfNoemQs8x/w2/9g7JiK3BX+Gb6c3txYx4oHz+7McVE02BRQEZ7BNJ7z242IiwOrkZXBXL44poTQZhv/ZXu+7X4WRxtFcY6JaNCN+nZC3df12EI5hvPHVFKUmhz8XoG4IYFW+G5nt0VziBPTjLaKTATlgoC4WTjrUSZyJnxO9FcsP1aFtjhr9Tj6pgKVsAGZ5LXvrU5rUeGiDm6IQgc=,iv:TBgrviJ3vv0Gg1NL69hy/SGsIzLEw7E89v9VFNZbMac=,tag:TCWYv7/8MapzQvPtiq+MNg==,type:str] - gitReadAccessToken: ENC[AES256_GCM,data:X6JkMKWPAEUf4viSCeay7EFYkbbA/F/YyIX8DUYcn3mIOA33OPjYwA==,iv:sTFbOSyI+6DqGk682nSkWBPEv/Jgdbz/8UfbgELSlMI=,tag:3br0+0/ysyAjtsRfBWcqnw==,type:str] - dockerConfigJson: ENC[AES256_GCM,data:SRZfLAd975Rw86l2uVBL6MPUViW2NXMmpnWl66IuwJiqNGzSrhxLNY+B0ksvyHNebQX3koj7Rgq86sSSnhnlQy5jsDCbW49wrTOU1/dCyUVzgQ6TPW/ofHh0HRnyN9hW9upF1PrphZX7lr/4OQuw88Ri4fuAph7wLn8/pbiyOKLBoa/XH7cysmSdfEYcjzfSHBYGKbnL6UsTYAlVRq214oy7u+K00R+R5qF1jPS1e1FLwoXVZRLaVkR45b3ghLZGszp8,iv:MuTOBQBbEsldvA7t/BKh5Ewpc5eQ+HdTahYYuFJs4U0=,tag:ttDeDA8JSWnLeR1VdYjcPg==,type:str] - gcpServiceAccount: ENC[AES256_GCM,data:+c3WsF2wmAbL2vw5XoIup3dJpa/c+HUeuPVstueq307aH8zPXb2r0OkZ5C2oHpmRlteaJoWPzJx1nwt1hWaLaBwtKoyLz38Mwg/CWuQ1/PKMX/K2/QC1CfIqAHR6r/PQr+1tPOKt2/YjvqhMjphsiHaADzUNgsWZYxHcOVbMxFCMusjmoPzRZkpdpGMWuJFcFGG8U7jLlXe0YmrOpWYLQUQD3zsX6LZvhbCgCSn1u2qsSuOMvy8af60/ZBulTlQJQe9iDRvB6y0NQ/atH31rSZqjOCXO/vesmSdWZGxSTB4qYrjlAvhrSicPl/We01K4O1VkVTcyol0ustnnj+mywQZxrYqUCiu/OpzP7Gv16DvRSC0uolyh86huBPLD0Sv+4ebAFGcoe3fcWRHRTJUXcfdoCBB2cLpxs8hAGErFpPa+sRt9Y/B/2X9yWaEAcEXOuzPgzrAIMp+RvK1WmAWmNJeP7UkCmn/qCokcLEhCtMlQ8ivXXxDMN8uccym9neQ3YdvdV9A2xQjgXAxgZpB52KLxb4BPKah5/GVKYJkY8U8NDH1xQmWCC/ovL+V+kp/tVYiokLzHWNruoPPl+zOpDKf9VO4xGncMeqVhXzZpa2FEJbfefK2sGS/mSpkddQQv7pAkvtPolgEmvm3kVWOVpW+tWVE3YJadDsCnZKZiXC2eAdHUrmGsqQk+rdJiyD5LIpOqRBySF5dViICqslvVkdE7WEWv9yKnZOjH0BPycOFRTpvcUfi04xDloPQCiSpbIwJQm+ci3gk6G1qSLPUlfXaqRzG41ldLwT7kySnHNhvvAmazgt5Ei5eJVva6sHlCjUyBD4QXxXR1Z4zGD4JPGA+sVvlX53+EcRBPcRiBWIZABC3fNprdFRPvxm79nDvje2zMeIMC8cpN1uMIY9WXuazXVFkyv0g1orInBtsHWa1feu+OEK9UojckgO1dIEy08nz1jlR/7fj77Pw2/biFD2bmmfXYS52+J0SgJvxM0uoPEBt6ExZCcPcyuqUBhrImjlEsRGZHmxvqE/SM2hh2kbs9TofOhsp7C68Rxnuh+lX3p1dFtfVmB1MTdeMfLu01HNrkS5bPRb3xZ6SmBJBinjVnOq+p/IPIDR6VBrYeHDXlBsYs8x7Ing7GnfVBVl88r2kcYtQ5VmiMRgM+5hyjvJLEWPaErBXw76m0ckHzm1/zJYWx9peuqtlI5UOxnBlD5SI+gLOfoq8zJnzoJwrQvsj5v9X15C7RyY1/cNq71CCro/WYhjXVY68HWuwYVrEDrM/9UlfEIpJ4cYmC4VIkQenlc8WxZolLLjFqJi/k53xLZRofd9GGxfuZFMtBXJC7pcTewElCEbGcYxkaE++Ra6kfylDggW/p4tMKNCrHUHy5OvUeYqw5p7EyPWyS18l6vRR/Qtbr5SqpTL1cnN0P5hz58UEXUXEnLEYWPr1RshB9fp2fGyIUEZlkN3O4QMtNDODwVn6czeFYoVakBjixRb6olyQ3G8bW/CmXPG7Ts88Dadu/oOXxeVZvY7TMbRUMeNOsissIfHvrIFmLz667OIZSGG6upF69O2Ke7PmRH3dUmm0YMU0ZzMRYoXz4qHF7kdHBQsuU9Ty00okfYSjCkcSJ+T5vY3rrFy+bl/iHpsDai+7R1eR7vlEDKifLfvGLfHpzc5GSgNtuZQSmOY/dfKkkbqa7P0WOTbkMtQSYEKLUA10/9YCXgQqbPxcKzfpSwR8jxoKcAAB+GyEyZwPWAwDLsaZ5w5RKcXbka6ls3qFPRR4gzPC9wjyhDdT+6wtzyT1wXCYO+kaUdP3x2OpvpCQu6HWEFYNuZzc+OS4sw/6+1+0E9MYVbg3+kQQZ5BNTRIlnFPWgX8KM6OtjIGfcsnAPbDMgzMZz6PxczPdRD6W/ZNZtguxSuR2gdb6mNTaPvjg68HtoBm50nV7CgCd24IZo/pSdyJ+gPyzHkL9Wzh9E1ab71l3yyIoX8BnaAgAAKXkWUryLUkhlrYcIHD1Na3m8aTRiC/BEUKhvEqozG7etwhdfYyHJqoyxkqIg1yru4UUzioNRu7qXkuoCS5liIe5/t27S8si39JKq0eP1sVYf9B/Hn1WILicFR2/N74ywwFNWchT/CYFOa2Dns3EKM4PbC8vATylT2ypTed6w0qFWjN26lK7QkOD0hPlV+A1tap8rk211xPMc0ZwTq0uRxvc/gqW9PVTOgn8H05Q7+L5rNHQJjwCp4ZFxzi8vKDN20fiTq662ycThHfkyQAIWTNUsFA5EfMIcgoLXsTodeZiqmknSNpG9JgSneOuR0Pb+7Q1l3f5+667z6JoHVRT7Zdw1mgWBxXFUCuttlYKw7N1oq6lwZeUfv1HP/i1yRew1w6KqORBEh14+5nae0EVyb9M1HeqKt3lbcfM3MKNCfppoIxEl/GDN0hC837JPTcQDIf3kw+ESCi4vPwnIkc2fXoq+h/h8sKFohLpE1RFCVHHHdALR+GLMsMBfgnmhSr471AtD0807+yB1AMft6YITHRCqh4TYkjzznhB4BW0f2ExFUWbqOCDSSw36oVQic2qdQC2HVZzbhbSZPPNkTrqJbKBiLI3Xr0+Uffyy6yGKNLc9e3qpPsYwe0t+aAxCKNmlWCSYr46+o/EDVCm0uesHwhGAMinzIUzH7Ck+OjWjSenxRyVQ3WygQFS4rvJZ18Susm+UcMjk3qlO/ZgnwsPJrnGAiCY6X6NbXwUuqLQytJgh3JnBESHs6Ufu2mfGv+Naeis/fSPFcIosm9HOATClw+fA26VXyuXtzqnnxX9pGEP6mMX7WTSw1ecyxi8oiyrjtnJQE9tz+qslZWGvgxNBZK8VTHWwas5VJyjGIgUvgFOrrrA0seTiO5JKFeiyxn1cPY374kqNoqRp/aXuqT0su1pXCqJvM/Kj3aeyEALLYvwg346ZfSx7oakio9s+nzslAQhq6h7eJk9Vpe3XiIQpMc32yW/NKZ49l3W6siOzU714kshvt0CuDzb4gOXfXrHvzz1RNJynUHUuH+clDBPIQdRjIEsy6YJb4Vde4+6N4GWDD7w4lrzx15AMNKjdiVO4jqL7m6Zfa1PDotcHePRJ4w00kz809tN0cYmFammh,iv:HHE/cZ78F57Phg5oGiz3Y8EwAml7Uq5O2ni4Hop80Kg=,tag:dgKzlqwNWPTvSG1aI96kvA==,type:str] - gcpKmsServiceAccount: ENC[AES256_GCM,data:7ffNxAXesprqci7DxDtMUZydi4/EJEIWtGp+quJPDsvnkVQqjH7v090bi5/G4nCV16rdLreJQD251kfZIYBl5WRgw/4L/DApuI3UwuY+xjwn/QOYDkzR94nd69X5FuBAHOjplYvyLslfKsAUGpwo2UbdKsKXMWkNKsDvS3SWoYF/PYYUxe6e/Jgj27r2e9Gx+EUt1mXDaKfk9s1H+bXPcPqTdHO2CLoQv8LJIWdvqZsAZvDbIyoDL4ofQCWwH8YHITrLKoeAGSNL2myh2ynKUrvgcuQXRK4+yMeyGgA0o68w0EraSRgAhzA9FKgLcU16EdqhzYzfNnQHX4bDplZ4g+6yi50C9z5dt5tkeWJQWMPkTqMS3GqUEzp2O6tJjyB59m4lH/rztJZAcdE9+Z78ny1w4Asu3zv6WFcpgM1VaZ14mc9usnARBZgAXhvPnc+8/lLKi5cVL6xJf4/52EyIn7bsjWJNXpHnr6DzHhEIoeR818vTwLzu0C+7DAO3Q5Z4hGCUmZCQ6Kx9ijiLN5Odmva+OoI7XJ6QExj154zOiEN516xrX+9ewtNSNSTwk9Kvkr0v7ELMZ0FtXj9rzp8gKOR8rmcWh2NkxG6fWvCtggLij85zRFLBfdPu9WZnAbQS78vQvkff6GMOXdfHiP0uiRrJNj2fypsen3iE/zl931Pe82k3jdG6nNU2p6TovrF5QzLWRFZ3IqY9EHGJs1SAJJfNrv6vM9UZJh5zMXBQb4DBPWaTQeVp0gIjmmN74j2108v1eAI0Bdu4Ny3vKZLJGFjQ+dLYrYnmf48HSJr1JKiqBkKt3cchICA/88BkIakRBP+GK3fkYoiXG2f+VdoVz4e+vVFuiSD+InKxBDfnmmuGtHnnuyOOOhDyL80xqoVPL8PBxH7j5ofo+WqBTy4+QW2bJ8bbLGri4PmIa6gJiXMjv3gMx/onbkUe81vKCZSdHhwHQIVIvkngW5CAxESYJGPvGNQWMbFIANRf122VvF9YS/0lOy8UtoYWd/jMXlZFktlvnEXEUIEiZgstm9fKkYcZ2h+0hZ83WGI/ZkELtUAbJzjLgqmR+xvB0rjlh3Tug0yUWgL1iHbUCTz8wqIEqIypNACxAqfyiorGqh/N2S5i3CkfOjomst5Dc46lrFWtoZWdAB2RmaYlr7lAQCAsFWMd2sRc4xI/GhMyOctC0kK8suYYyILAmMT4rqGkMq+EW6MU8eCylraINZ7vXwEqAR1PsR46yblwa/R0wHEcu7lYL1whQ73egmG6Ni8CLEZrVbsbKc3JKZ2f3Tle529FPvH7IvU5OPJTqzaXz/GXLohblDYdHOIQDfvfWwEdJcCtEzPKC22yz5gUC4U4tNr1wX7hKm+yZ5n2DeuQ3xnNhZHpos1FtMn5rd/4byVnv9Opplzl/icAjmSQh1jhDFe4GHrxahmZ2sMivj9zLG3P6DHytFu/PPKtjYe4KWk0t4NKBKhcPtc3NHMhJEIQMejFUWB8+Q85Fb/JvvR9sTsG3r6XtWK0RKAq1CTP+jyGyJS0q6GcecMSCGBwbxYzFWfSQtqFVEYrzRSWaPBTpHP1z4We1KHxrprNMYlxc8CxoCOBNUaMXsn5nQxpv2g8fk6Gow1DXRqEmwYdCmdg4LUs5DRulCS4R0QSAx9AgDJgoGMTlmnjmf9l/p7REOeEQrikUtH465JFHsvIn4F6hCZbIZAJiDoFT4PJ+mfvInA0WhfsyHaZnb5erg2RGSjhdBKm3vUeXJRhM8cnZmw9hYkpnERl+CMZM9jmn0CVZ/jDsoiE+KP/D67AM+31M/vQH1pSsCOWJ+LKw4QRSjpVCf4xqfflRfN/Xp/M2cuIDs4gGHTF3ZDos1TOK5z4WrqgGuFHPqqJY1vHf6U5p/Hicd5etGABuA+LqhnkOXgcM4NG4KuIMccRlL0IaxbasE8LJZQbkPWPdSeY0ansJZrsIg8zLAPA+Hze55nPhZCCR1b97gRMwAHn71+AdX2jKpRsGIGdJe6dffQjngQnRyu5Yc6Lpfz+aiJnA5ACgRuuD6oAja9E6xooatd5BmpQWinzKY+3xBj4oTvEEjQ67smljxrp85tktbaYssHf4qrzD/w2edlKH97o6pKCGEV5vQAKknFo7O1Acmiqx00Xb4KE9Zx12w3NQiJl7MyyTWbFy4t/0/634nvmb5tRvqwmqhrbg+egGS/th5pbrGBsNxOPl4ESnsZ55CZ+Zhhc/uG4eJC62W7OINFoaPlbQX2Sp5ALVZzy7BYO9DbBlhjbcM1kiC3bZmpjc+R1vZ9GeWn/FghjZ1y2Rj0TWui9kPy/aWIqSJl8BalAJtx7/DZxDgrHg8mjXuV/QuING8BzwJJ3o3ulakJuL6fBYixky1Trbh5jpRZpP/pVozHpPSdAq14uhgoWhgIzkcQTisMJfrmu9vED7Ik4k2BeNFZR4f3fxg4QBjHPn/C1qGZTuUtDwAi4nve0bq390aVT3t6fRqyDhRspM3I1MP+t5WQFV1h7tNRnh1HZ+Qd1lR4rVDbO3pBlw+h1oKJjzh6lW7IVYnxX3NSZvFgbDBij1W1FRYTxmuYp9CHhj3sY/uu4Q6l+qGUZ0udufW0nu15PnIk63EiWpnmsA6SMSqX7dC+DOuEwv39viB9FICKVeIjgR7utVq4c8bs5aglMLq3ws5Vkwr6Y+Pzg9ESVzGQD0sBaPrl/Xn1T9JxrYjebaY1DmNez+33XVWpWCA6CjPAV6ntIyNMJkFMqwaw14CSuyZM0SkCtAUp6prf9Ut2mW6CWN244Cfi10xc3BoTWsgjY8MOeaWKl6KjWteNwQhGwI3X3PQZJK/QgorAaYFP4tj7VKeFjtpM3GO+r4qHmcSUG6M9xmnJqgCisNcQe7aeZo+CBv0uKqG8lG3QWRkjBukVRpPSBo8Jn5ZeE6xY6NMVXniSfRDDjfZChESEt5q1HJOV9jdxO4+g3tGkfxtIYvAo5LrOVsoAoAJtb+1okU5C3N9/X+SR9e0O28Scq5ovvuUIJm9LwOC1Czp4N4lrQMYl2q5SNbfvVuW8AWVcO886dMEbZarOMiGn6cjECFkf3/A==,iv:pEffnR8VnKEyCZipcjZN+BmpPz6eQItZU+GT0A0jndc=,tag:gXHyPw6ixP9fPDMcdak/Iw==,type:str] - slackToken: ENC[AES256_GCM,data:hWcmZOGTpj9ol7Sibuu6qh4tMf7k9M1J,iv:5kmtbdugPaNwop1GeuWKrha48PPpzOhWhfEdznoI1q0=,tag:VTy1HL6y9tT7rO/RBVwsCA==,type:str] - dockerUsername: ENC[AES256_GCM,data:q3tEOWPGZw==,iv:Py1Lbr+HSnEu8PXS93amDRUE9V50JSO8CU/xDskJQEc=,tag:o8DbUsahqhAJ03neVAD0fA==,type:str] - dockerPassword: ENC[AES256_GCM,data:A7gq7P1/Z2TPiw==,iv:o6UXpQuv14/QrzossOiPAGj5CBMckcS8+BhDZ3jxl6c=,tag:yx245PNa58XLSYzh/aB6jA==,type:str] - nexusUsername: ENC[AES256_GCM,data:9JIeRqlk5Cgi7g==,iv:4ZLsUGLzxz0AMBXdww1mruHKDJ6kV4mkAO4BAI8+O1E=,tag:7gyx9cBDckLbS6Zn2sfWuw==,type:str] - nexusPassword: ENC[AES256_GCM,data:rKw0Wxp4OrBwPiIqWw==,iv:Jyn1+KS9ChyPlsP+RknUXboDSE5jGRafflB8R2A0c18=,tag:kR/16xY5wuE/zNRlKzPpwQ==,type:str] - ciDbUsername: ENC[AES256_GCM,data:qfDroTCsZ90=,iv:Fu8/hS215gT8J0MUr+jiK5ul9Wjv3RUigW/qF/VXLTE=,tag:e/Mpj6ZSdibXWDejdQ9vIQ==,type:str] - ciDbpassword: ENC[AES256_GCM,data:KStN/oSCzWY+j02UANno,iv:BPyvmA6cawFb0T+4C7OZ5u/Zw7yoTe1OFflM8Ud7C58=,tag:R7mGsEieNlfSWCKx/ja7YQ==,type:str] - kubeConfigs: - pb-uat-v2: - apiVersion: ENC[AES256_GCM,data:CSk=,iv:PT0MhxEwfFWUw4BhJ0V2A+dLHaH8yFAQvBsHopaz7yI=,tag:Op7mB57DtVrmqL6lmSw1ww==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:I9r3LJrUT1YD2XMPVbNXXYvHQNhmuVHpXKlUjSiwkAMKPekyA2NEp0NHy9yjTJPdhacr+lQCG37UTDN3TBNodBfiKCDLR3cZNoYg6/SMYvrBlEoDNjX6jQ85zFxXLp7ifDBfEhEzzVUa9XUv+CCErKvvu/6NkrkhTHb8DFXzV8oYCWzNuPnUR8QnVsedgC2qA/84LYz+7/mnBOyYncYTq4nVlx6HzWJT/n6d2PoL4KbaQXz5W1fzx6AvQ/u3hL8T2tpIU7DiFXyqFoEkvX9rH8oFA90sHG73kenyxFcrrwDCr/RbFzxO3a07gm3Mrt2TnpM9Re+OiakZd06Dl1movu/wmaO6AiVHX03iZmWYt06mGG7knEnfNcBIvCYCyYGoyoQI3WIEc/9SSlYYfyGCBCkPLfaLI67YTEyV98pQKfpNiL/J7zpaFjccQC4DULqnMMLDE/JeQ3vW6w50TiZ0Y5l39H64US6F+1aQVANth292RzDfwX/LGUtvqZslubrOm9AmAiafMTY+/vxa/y2oVjl0wp92ApxyrV1+qbMF6JjkEuRdnxZwFMfuyJ8L6IkViRpRQkXl6d0AaGh6v+e+Lp+8lw66x66HK/0X9EWSOtwJKqk7pWAvm62AjQGcvH5lWUWkAjyqX4x+rf8XzAu4RzCuA6fcRgYr+d16xJe4cIwHxEHVj0cLQt+/+r82hvO8vn+EU2ghtgxwXdurr9GJhySOeIvRRkkZ+rwGchGRrMOMzw/SEA2xKXZedjoKUeffBvy+a89uuMaLu5pVzp8Pn1cL/fmnt/igkmQm/xj7pJwz3uvU5RbFUQLdfMdq62vr1OpGA1XMEXnKBJHBeA657693twig/ZnDTf1ua4SA2z6r7KtmxdbvfzR38raODhYSRz5EjOOgS0q1vhdxRyoyhioWOWYHdVHClEooHh/zu+hh2gLJONNoFjfIZTi7XEVl7lZ6mGbBct6BGQHKAWBiv9rvzxq2DiJUs7CAvY2fGxhwJwlPiQcEMlltrRA2AQ8G9Un+tCtybPValF8wnXDmRsRYFZMzgqMFzePeOcnk05ZykEicFODr9sSn44YFq3GrAmtk69AYJrOr6/fzvBDdxx4VfVvkma6fvTuHdRn07OIwZj/xep3eTqfEdTuJnWoXBSmKhlJgZWyQk0eEViDPZq/ufy6YO+QA2F2YJEqyNxxfjESBaEKqJGkuVHgIST9Gejotp7IMWhsLZ0TtgrdDbBCkrIhH5FsvaKbG8qW011/HQVtxe8Pn7YG/lgUvoWlTC3x7NETs7bsFomIE/p1kdxoIoqY3e2cIt4OZRjAr7ZJ9tY613RRC6ZcevDi/bKCFhhcm8c2x18cQe1eTkYsF/NJuJZqbOjJ/rr27QCnF+uxdt0EoqeM4ojYQEtiTnO9h2FNnyxUGt9nSp2hac0eGBjSOBTJbU6fUGLUAClKZ5m1CLMpCojDx0jEaV4aWeiVkdMunVhOGpo4uc/CN0pEvoqUJY1b2dwCNKBrt6iGMQq09QB3j1GIsZCn+HqLafLE5IcjwW4DntmDYmC4NgmOzjgbDoKEuryE/+qxb2RBfRMXV8t29nVeGDpgPYWtPDwr0S3epixkpg7EQ+lladzgE2lZTi6dHQn4+wSiMcqsCKF1poNc73AY+Icd8c1fhT0kjFLon3UxwIJoQTTNOt5NjSXPvSwkQ9k/4E/pjiHSai3kRSs/bc64hQjUwZtSmB6NDmOLTc9ysK4Obi3siAdtSTl9TqBad/Yu6RjjS6mcrPZGf65ze9G3qxSsbopWK7352JGAQIrmE72mmOPsf8sal41MuI2PBXfKq,iv:RuBvHb0kC/7eNTMjKCkTtjwYdyPi0w2K6lIaxvlYoxs=,tag:x180xlEJH9/68umBsxxbBg==,type:str] - server: ENC[AES256_GCM,data:u6RmzrsbXJhC/orMnO3QUVYDc/utlMFHTOI/aTkgEPZp48vBfhcTtBzbH4jFOby3DESh+GUIU9MAA7Ijiejla5bGzIqDEsj8YA==,iv:aVVLH/emnUkgSmr9KRU088Fxthxxwx2nS8JM8e11z/A=,tag:k/AdePgiR/kE2X/xddF6hA==,type:str] - name: ENC[AES256_GCM,data:fqiTUhCzwokVB3G6TQ==,iv:n4kz0gw4cJV39Dl4pKmMLRZVP9VEtCg0mw2ubFx2g6g=,tag:umUDEZr82dEHzYxD4eDKBQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:Exxk4rDXZ7iOI/wzrg==,iv:Khj14ivaFUOJYWq+auYQNDcE/lvPZT1YwYHKVMO+sVs=,tag:5iWSokP6XWK5oJ3KYapAsA==,type:str] - user: ENC[AES256_GCM,data:ubzYHwo8x5WVbdcy2g==,iv:hOkvv6shmWK2jcqyjvIKxgqdxHcZg9z2BIjJHWVj5UU=,tag:B6VBeQRoNfFm4lSJyX0GCQ==,type:str] - name: ENC[AES256_GCM,data:3QnBpGVOURtUYeTejQ==,iv:dzcfeKV8EKiHNIIQS/9oOC6dm2OvcEqYeMtE8AfxTAk=,tag:23WA1Wf2eTPVPIqlwqP8FA==,type:str] - current-context: ENC[AES256_GCM,data:egWKQFzStt+FVB0UiQ==,iv:ZU4JjrscePIFhSI/sPhaDdVszBEgQT4DOVpUuxZsDgc=,tag:tlyPa2eu816WOP2xz4BdEg==,type:str] - kind: ENC[AES256_GCM,data:mwS142u/,iv:1/d81Bgr8MkvnItw6sJPEHYCXQdUqhI9tmfJO5uOYk8=,tag:04CyI8rePP+6l7lGcHG/Tw==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:zVBsT1aU1Jc/GDHfIA==,iv:ayAOfisUgaF04ZB4xQ9B8HzL4cBMaMMw9dOUhmefrCA=,tag:lfXDiXrEwUYroJEnpnhUAQ==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:D63ZbZysrr814ALw8LlR5GUmBhr5/VsHPpyhB2u2eBh2X8LX0Q==,iv:ROZUfN4u+9+6ZPycu8a5lRf9YaOPI45RItfPa47H+4o=,tag:EzS2MSQB/mLCZTMYykt1cA==,type:str] - args: - - ENC[AES256_GCM,data:xKl+bVw=,iv:JIo460bUWv715N5dZa7Y0mjDxu+Jli3QjYKVtRI0zVE=,tag:MMDaVsQ3Y8pcDvim38eicQ==,type:str] - - ENC[AES256_GCM,data:31o=,iv:08waY2mC8okMO5cezYsEo83FxhOrPHUrryURGAH3WCA=,tag:/Uz/cYFwLsMlYBcrSdfHCg==,type:str] - - ENC[AES256_GCM,data:1j+K+Ie+58hq,iv:OaKFD7jOA4Iaund+3cbDFZb2aHfIfSle3elv2NAxTvA=,tag:w/nWlqrXkzPNnV8rDgu8cQ==,type:str] - command: ENC[AES256_GCM,data:CoyHqN/QBGK8cPOyn8NSd6M8L0FV,iv:ToF0R8jRCRJ/3tpUQoVwwlSntMAY1hM5iDl3gBG+tbU=,tag:qQLvqv0xNF4sBZG1Tz0aMQ==,type:str] - env: - - name: ENC[AES256_GCM,data:7egPTwLh6euvPn7/A20=,iv:qezxMDjpcUwYER45ZbpdZE92zyajOzgKpXSw0jq3DZQ=,tag:S8X4qxuFIk6oahdknGDiTw==,type:str] - value: ENC[AES256_GCM,data:zdloprwbMQ36qXu+G3le0T5/4X0=,iv:VFyDxix01l1nZV+z4q+DR5JJcBYeh9hMb7R4w5meVpw=,tag:z6YkFOQHHDacCM8wy8cZVg==,type:str] - - name: ENC[AES256_GCM,data:jOrL4Shi/LTFNucbpMzRWaPkAoVY,iv:uvri4V+U3aKmT9KBw2UBsSCRMDWB/NhJ5BDXjsvjhQk=,tag:qtg3f/n9XQbm/usE6dLaYg==,type:str] - value: ENC[AES256_GCM,data:NYbBjpfvcpzCRlMFcBgIFsRaoQ/S9YMhqixLUuGQnb2ItTu6TaWWYQ==,iv:p5hLkbDFajRKbu8C8HZxtpPMPdrOTzveHzCzy+QAib0=,tag:LuQ7SZ1+/egbPl7Yo5N5lQ==,type:str] - - name: ENC[AES256_GCM,data:tFSEcU3FutrWmg==,iv:2R8AZWBKSLJRuBT7g9Pm+NwTqyLoUEfO+aGbj6Pxx1U=,tag:amKX8veaISMCLdUZnWgtrQ==,type:str] - value: ENC[AES256_GCM,data:BX3BM31PzJ8kRw==,iv:tZICKxWWnp7mdnwFJe/siKVSpzP1E0ZSGQC/+3MhbsA=,tag:7lq/aAeL5ESNr/U1LjGXww==,type:str] - bihar-dev: - apiVersion: ENC[AES256_GCM,data:A7U=,iv:veAZJkulo67GFWczhFvdjy/RIWtKtz8AsEsWUwAePJk=,tag:AXXfrmF38kTmZqZhy3ZwEg==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:wJPv8yZqx1LLmp3dZlfxqw3jBkMPWqmWL7+miKAkNbkNbQCSRF2HaQxHkN9vxTxTatVYLQS8UwjgqQZpmcOFH9B6sOfEsovmGao8jsE7vddRI8m1xfB92XyGQv0fdaosh7sXzo4yiJvOcHX00R5CFCGo86+/MjPK3hQqfxTLTkz/R6lIZBpbdPeiCX7mshvMBy7OlxnFRdfHZ48IfLjg0CW4bL6ebRsd/LwehD6AFBW8gVANxmZWzIOf3JasKLQmILEdjBPxTsZE2L9cFd/TI967x1KYjQx8/tIoEcuM13EZ8BkQD05Q1uKm1eJ2bU+smghfmwlqDUSKMh8AnDVgQw6oFtLhdXiN8vcc+E8g9cgV3+ig51O6MOxn8ton8i4dXaGpWhFwdP7zdzC7yebOQW+dDL7wvCgmVujOBXs5d5kk8zvUnzh76jCk/ogda1iF71K4pxVGlcKvKQfcbDKYHENNPfhJ1YYL2k4FRoeRnOt5VAAMRNz+jrCbs5/BO0OSsMi7mnJnsLB4zKif7H5wm5q7Hzht1gjilrXiszoel+oVyNlDEGwEPEZJEvw0vK0DObtxoaRTUgDzhmYKX23DLtHuEhfYyxn4P7YzeCCMwbGifIjk7sJ2dL0R0GGK4vNfdGeNS3FCDToMuSb/JplrRy6A4as5To+ufz3VsUEhZj59krB2Tdp8exmVkvxilmWzobPnLIGPOxK0A2i3mc0eGRBQTlfeHJBfJoOTZtGSO8wj08Jo/CjyCOL4BaM9x9dD5OiRY7637nJow+GN/T1/3QFAwZ3fRHKDAQssQnnEeCFdiHlBbYhplcr0A2WyRvTJZ+zMoJZvFIl8ikOjj60v0TnkkwppRuCoBLN3Xf4pcYrAg4LPdZSFEfKkDLe5wrxjeMgQcsVnWODHC4A7vUXM4KY451/YY8x0cPSjBo2JP4UytAhC1cg7gR9YaagQP2G5ehiOiWiUkcf3HPnzKutyeXB/4bilmA3+pg8/x1Q0rJmnnD7qJAXhdhLgyKYS3WZhmSc5fPkTw4ljHPZetdeMTtGztIZYsBU5Pc3lbj4M4hL8V2BVM3RTXiOKW4UWNsdY9rnPXwopS3fGYZKeVvcHj3XMK8bKyaVczZQ6Oe1HcMwUX3aEDgPYkL9kwKpAL6YE0W4sIzZv9nK+rolG5g1qAo+8f3MpJ+baiwMIYpff/Tj+AsUxn/1ZJsP62T8IbtCPxLMN+HIOuD6qAlW9rz2ONjxbw7GYy2KkJheMS0/HDPr89wBRWfWlSqgc0J6Zs6Aa6kln9+d2WybG+/wVzuVBsOSa1LXbFzKCfRbXdtgY27lbGwhydlSSLtigrfJKVRfH9DTWEbWWYg/harZ82tXxkZbCw4WX6DGLW7S3sHWSY+RshGJobg24Gr/65rkTMVHo2fsNdwSPJJB173/lOqI4fjNVFcC147ta1sfhFViQpOV1X8Y43nLjV7+HpkzwufQZc/FJgVsfPJB8gfbnDfIiYLiNyidPlZ1jwlB3LoiJ6XE5JSb6wkPfZUE/vEFX+XU2xm8iuVEA+N6WStucHMCvFT1ZPTZlovX+Idgh8Dr9wwi8OdNZfjZUwa+Mqh0QJTcI3pRaHqPDivYriASLIgSEU7VOpjSa5Hgm2Fv61VZWl3wdyhkTt3loRTXrkF6X2MtYK8vixQmKn8TwMM7p0ogPxsGpFGMxRgOJevQyr0JVwp08qEAeAFyuVn4N79iY5sf07L2BO7bj8Eo+0NAqUFB0AFIj+qWv8wqrNqmoazN8qdudYgKRea+LgAfYjwzTJQUK6h+qH05dgZALmG7kw5SyWVcxTR4y1XOFQXDFuJbHDQbO8rxkm/Malr62HPPCO+HxfEcMVFpSGnaNY3xXtHOOP34ky8e8lgJ11fZLeGw8neL6YUIryyAJDKRtWzlrkX1t1AH96auWYuI4mdNpZiA4xBuWebPO8K7tWFKzinhondHK3iWrS+qHed2344Ac7JBfeEIYkt0Gyc6AvKwsc3zOhUy0abweLZ2Gux+/dt3qzO56M1YXv1EdQpriiL3wUtKQH7BJzk6zP0lKMMEYsO5xth2TJcCqPO9Atcn9YVKbpmsFHsGhrMNJiMO5v2+PfZFtozE4qJVmiNtrWi8nQBqNXQUvFDvoIJK2bSqA/7yP2H2gKR23kx1pI9oXKUIIKu6l7QbFRNMsbrettAT4ZSRQwNa2xlweBLannuLRunzYOypyslImQap0krSAbD2Uyf3BnYhCYijh7Y2dNjh/SgTDTHwylXloSpcsgvdQcb+uRmWza0T7lMXlvh9asY9AzsRs5CESwHEfh4RJ05bjBFXOc4RbDNq9b5jHynelnqCrHZd9wgmHzoASsSA2Z0R4H2nSSnF3jQQt0TIQNdyTzNSncegPdBNCGmzkbCfkh9O6sSehaXg6CX26gWf3dUc17oXYrgMj6HiEc7xtQgnFADW9yN12PQrObI7YM6oKErIEi0TtyNQjctsMRVBsw2FwYI0iUz/Pwwl/jIVX0jMlP5gOU4psbphGeKn6UC2ntHBQcgu6GWDh0Bv0mg1/KpJZM6/ZpIe3kv/UcX56LS1AcTvAWsYH4mOEfjEfRmNxu4Lx+FuKktjDWPw9B/Vc2Lk39t6AQRmgsRBlXc4/Gm0beA5HG3D8a09sI0V2LAlEpIIEXj7S0MSXWYnuphZvq3ZJwiuddvcgdnjRbkbw+YEgZ7iAVqnvu2Km+KB7speeRgdFV4KB2r4IOz5ay2LfX9iB/ll+duRFqeLtLTSyZp6BcioMVppGXYQK0YIFs7LuW6hQCQhHas7h5T42N/2BJCarbe2+3lK01kkjU7iySGtyrNO51XZgSeQAffOwYduJQDiox1QN7ssNVbuqC4JHiXIfyuqqh1he3AbvK2UbeljlAkkjK+buV2y2FFeiBc4icbUlxdiW56rhmCAXyglGCKk7gQko/JAoeYCMZmxF9P+UtQm9T2BB7bSioUeyDVPFS+c86wCZCL9ZMPAfpftBIlHJsOSJh5i+i1SdWU5qGtxfGDQlKcfIF3z8K5nkN/B+o5w/QuM=,iv:5uuMyopdM0l1lIT4elqsYXmP8XFEjSE+ssFKnED5mtQ=,tag:3VV4CrllzY0LeQ734qj0sA==,type:str] - server: ENC[AES256_GCM,data:Ih1mSS3RIdVupf5411h4/H8Tx06wz8WIghyFdEekTqYve68CAtrdR6/uOliQlLZlz9Ts2831iYqLZi6GAw==,iv:MXQrHV71uOES1gNqG6bRFzFDGb0vaZ3aZmINDLElErQ=,tag:2YIzeD3DzH2XrkuQtngKrw==,type:str] - name: ENC[AES256_GCM,data:RsjQ1AU4UGp7GJusRCEc,iv:znRbLwe8/9V5xo66kS06wvNRPztBPxzjderiXczYrRs=,tag:v+CLDY77Bcj6iH4YYVrH4Q==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:2aWZ8FjMsAUeJG87IEnJ,iv:RD2JSHgbmKoe/VUkfxQxpDtoPQiJuSUx8pzJKsNOUGY=,tag:zJvVBW/aq1oWD4+3aVNC4w==,type:str] - namespace: ENC[AES256_GCM,data:dQDZLA==,iv:FMo3/+9/WMxJ9fzm7saMSp7QJ8jqZMutU6OeLhfd4LA=,tag:yqYJWBk8wp1q4bihK9oW1g==,type:str] - user: ENC[AES256_GCM,data:b7hO58Z8GTd2xSIoduYuFbW03yHUM+XvTBNx8LW8D1kP0D2Gs/DmafSHbw==,iv:ywbmFeDl68XF8GejLlV1yLqSSeKl1kAQsF+/AyrOO0U=,tag:2Tn7ncuNgK8/BshV2DrwUA==,type:str] - name: ENC[AES256_GCM,data:GNfHBsL0l8eV8ESoy6Qh,iv:TCMI4SHiyidj/xIyLXyQn2POLQIF3Yxp3lH+i+GW3tU=,tag:kabJg+ml21FfEvFVhh9iUA==,type:str] - current-context: ENC[AES256_GCM,data:fCPwXL9MTWNzCXsrsf5u,iv:0w3PxmXJQwgCFy28/Y1cZfssgChql/1QEMc2BiLizfk=,tag:5EuCKNp6kJ2wENwCFJuzAA==,type:str] - kind: ENC[AES256_GCM,data:fdG5vNOA,iv:RBFLItKt6sS+CcxPKmxW9uNya3Eewh1rD0l+0TPLAVA=,tag:k4R30ZgYE+8bAfQj06E1pw==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:bhauuG6OjAdGDFO0y+jfRmrbrA9gyJNCzYw8eIH9t44WD1DYzb88skqGfg==,iv:4X6CiDwL2CcUn2uEQCnNXcfzGKd1ALy6vAeBXNsCPWs=,tag:IDgr4pdtP5CcT16c214hQQ==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:nxgprHPT9XuzpFIDKxEv7pjsRo9X1RrTCSaPmz3xPvKGr5NOVwBzPwT0qoUxEgGPrtBUbhLJMiTIxpkNuQHnO1jlU4+wNFiuswFeTdtiHF0pn17sqARmH1W0XXP9lkwnOyu1RHApMEekBpFdtx9yymH4no9V16bgIeWbf8AxMDTFy1UM5Sv1DJuJNob6TaPPYkUiXt0DnJoNUjlsC2vT9FiglMmigXhUNZunCHV4KV2I1i7/xW7K7duvb/qyixeSVqtABh4DvY4RkJsBDvWstZCZ7w7OqJetKZcxZ2BZ1qbO77p94TO/rDNF/xHjl57/0wDImpCOY2OqMH0KCv7Hop9syUjCDXdbGgMj+UhsaCJCjGoRMjbln4W5RW/fUuvaI/OpG8gULYs4F+1GbriS3Lf02e9q8Vds3+uhuoIzoYsRNijHrfrAqtoV+g4Nvyl7mWvZU1VnqFwI/M+L9nU/mmWdYw9ekTUFAgUWM9Rz1DyC2RQNuDJdDOwqRWwo8wMF3g6xRC6EuKPv5lQYDt1ipyV0tZL3Fj9oJZVFZM6aMzaKCW6Bwqrr/ZmLe++DZuR2CPIwvAdur/5ebhDo96WGuWwD8mRiaMX/UrhASdLgVZWo/iKY0kNT6lb1F3Kpced13L2DeGR6lmG2agC9eBt3tpWpLyZwE1eP856JR51x1Q1tnhmhFL4rzWCTrbmss4bMf1OqBUTc4vLugq+EWgzSqX0e0d1H+CVBwAGRZC4RzUXnpAWUHz9+1p1ksRZADMmQGvlvPAJSwQZxCld7pnVIkg6jl+3XRvY6YR8Q1V0bOkmHSNaJGDWXzK77+EqKBOtbXIM6gPBh3SojqFZHvAcO1s7d4tNJyNbnVhxm7Qj5zKqNEfBd9V927qj/YHJBlqxOuEMZfn0hoSLMkr4GoAAMOUUbgLevpVE/pjDxSXmAG0b59qyZlDmOpfXc5VW+B2IuJGuEWgZGpFPKZAOwIOCTIYkCmGqOsy+1C33UytRu1/uSLrpyYn3tdgD8OJ4PWFi5p2/LmW3bCc7NIChfKTyTBUJldISqwDlAaSOou2a4s3ZOBHjW2o0oY7E1/lzG7+VVfXcrLtrDzKMXqFtt+5uTeQjFewqGkXp2n/Eqor/owBMySMlYLWiY6F0vM4tM5zMmQ0+vuMpohcmjgMs/K2bMel6yiYo2SlnKrNjElqPTvUdFtsArlGRY/19eBItEOMdCC6qYhzxzB2FBbBSD4OgoXYTS+Zw8jXZldPWjhBM8myJrhjgZAg1ZhM8GQhqxo+JWKqM6RnKtHV0bm8u+sYhv6hLV5KHQF5LiV/Gvp6z5eYo/DTmRmGs9USQzhgKdZvXyvY7LiY313ZwEgiV+HeE15QkOA12LTdie7I+oOD0EMpuY1DhmqVf0aLnwo0MKHe9CrD7LRVgOmO2EAq0ZQMkumpXgxhov6cbP7AnIkt3iVuo/uhL2xABXGOQWjrx+VaGE3pC+uFy/+n/Q4EPkjEILvC/omNHNOdxUQWfB4ptN2iSgMM1FxsKd6G09dNJ5846W017h0BzT0pl0dJRhH7wox0eeAUGvLv7Av4X3nmKEN/9O1ULqcgBdd/cs//8wQE4cGYky3R80ghlOEcqgW2sCZT+SUlL1jt+R8nA78rfdupbdr3OwpVAa+1YN6n/AB6JTNHj47T8zOQKtWnApPQ26/uWIMOXwH+EP/qm8IdgJYEAnzBKtf3Zw5gPn162Yvps8Cv3M0DC+cPbXhSWjW+xD7KeqCTW5EwCMXc7JneKlihH1RHdvBqYjkMvg0BFR3Nbpwbf9IBtDvv5veKaJRvzsKGdII996V0tMVM1dbQSTHlskGeizJa9SZCg170DuF/C/CDKgWUnSLUBGQVQMXZxeQ0kr+XmvVRjug3X0goRJkAC/RSuSnyxDdMBBnfBNnxlLBWlSfO4dezhb28Sigs6rtQIIZ6WMTIUBtvr07+ogkxDLyHbHu4yv90bJJGIpUTRuLHmexyLpRVOuJrM3/h7FuhC1p9QJqTW3nYINEifmuVo0JzuvOvP/lJhczB5CQEV8cfr26zoinMqhzGYRDxpT3BM2K2VIdIS7l9YZECt2Z/y0OQyDVVmfEB1BsU+ij6hDsx7gjkXktdRp0bn1QwzbdDXbRB9vYpboJu6QgK0emDDYJODqCVTV4MqT91BOfxKa5a/w9BAn3tpIIr95AE6DjfeglWE053or/Olc7f2wWz/7miMLadmRdVHpPt8se0BwsCXJMYPBUrKQsRmyJtiIcoo682lBER8R01QLdwimjNh6f1fc5d5AD+UztUPMNncZAqHy3TMQql5YgKCoMvYL819BfYru4GdFzDk4P1SnaB82Sk6+NONTW5NZNbIyAGSTGlTkbEuukX0lgZ3/BnS5nG4H90J5uHkQTR3fZyEOLLExEoDLKri1kg/qVQpgFWWhOAP+r1eCxSLymBvX0+jeHsUqlS1ojaX9vD6R/9RqrM8L3yTOpY1E8OA2hvA9V02ykBUtYDveJf9yVQuK6sUskc0K1EKZkMkRieu3oJG+vpYORNOn+orcGzqd2GILPtcvCk7Cm5kcoYZntXXf4+dLlHwBF3XNVZkHU9Uewh4lgbl/AOJ3MXxVZyq4nU0rd3/X/fAjlbBXwisZE68mo6ZGf/mPO4WU6F0cA8zSKvuxZCFjCESUB9gN17wJixXzhCuA4i6raP82pbUl+KOgCG4FBeQ6XduvCLf046nrzEH0u6m/LNuRzlgBpFjctGcHHf7j4UOI1PWoaATVMkZUkgbQctkpPYZGROkbgGHvE9U9rn1G5fUbvfu2W7bIdwbNue03il3nHwlqAsSZZRqHRlxslT+KyFZvBNhbv5c6Ws2L5L3eeCrqCx2FA5yfPVzh9BtFrvgUQE1iLICmVTg8vcPx59ejxBIGYP3ia1hHvCviU/JGZuxkaKtAJPyqK/Yrfw5GT2yNyz01DgBVl65+0fRZj5MsoxTmiBavKcw/SpgRW9K5k98sOUZLIpaM78pV0NEsh5fVTFJGB4jnwolLJP/2jqMTMEJcC4bu1EAZVuQLYceyIkekp4OlOodkiRBaEZwV2CcvMsRAXiWIu3mTwh893YYYrbtqbHBYKU+qbe6B3oIxO7MC5PD+ApOmO2TZL5ckAtv8L/VinO0obD6ep4ZK4k0V7druirS4IOBjikg73rzmXKeE,iv:Rwo7homJJSMmOy3UWEB3gpZqDPrltZA/oD5s9PrpFsg=,tag:XGz/maIT56C+pwilnzeYlw==,type:str] - client-key-data: ENC[AES256_GCM,data:hGwlrR6KYZsyCKUOQEddkEBx91KNjUa91dK+03gFtQG2KX+0tYwbHMkkGAdPHXKPIRrKT7OVl7E63d2Q/RxLiOw56xxrMnq/9N8lF8zVorgAVnXF3h0jlXVWMfkLg60RwQSLv5maZeszI+b2Q+pr+zfrls5WIG2jecIYnR8AW7+ALi7MG7xlRqI33IhV8avLvz29k312Q6xezyi2ERpdO2u94j4Md/FJfuznMTg5dV4TBVTtya7TIm/XtnYB+domI93zyAWA5RLxQt9kp8ngWOtQl7GZ2/xRBG3h6wYIIcp/jkUIRv1CUvkyulfi7CaVoGs99HvTQvG80QxkzFZzreMlQCBZgO68AW5xiXpUk7mysryb/2v/VoNRuN2604xqlzw01pcuVqBwQmOGNFwAUGie3zym3EZpnaRWLJHIVeR89X+tV1RAfT9uUr9HURxpe0V4KaC3Bkgq7KVghBPRo6+EuQWiKSUp238/l7MchoOkWnBCINH+AQ8U/bJEsxgIXWQiToMbVrewW55BKVUDc6W+dlY+lUefmKvw66/elhH1SRj1RRulPbwUl/KdQgnvyI0YoFxMsyjfmSb0C/wSk+SvdteEf8VDCRxhXDVyDbaNC5oTU4o8pb93gEvjq0QU6d/YJr4y+V+f4MdKuViij2Kk+w5U/2FiLhDfYGp7vIAqoovFFTY0c81NKumI3Kf0hCQW5HxeonIm1/ZV+Ucstm9REoK223FSICNidIiBwM3ESxjUdqVWZjS6XKJYeBJWoZnL3i94VddG99iszmqgm0wmpOhXoCXp0y5rMXDp+zPVTnTlyNtwPCdkv8P4kLtkbWEKfyzIcmGde18oxvumQYfxUsgw0Sdev5ZUHLSr5kwcy+CmKzUXNzfsfwSOK0JrUpLHKU6Y8Z+8csuPOZ/hr/CrnroStKY7Zx7VsKEmdog3Ifin7iKSQUCU5BEM5g1Ir5JhSv4V+DuQ2MIFY/vuOI9b8hwyXd00c7kfxrOgY1v+SCcL/IhETLzFGLDnDvTUKuxj9xG13zMbZKa1L8y9zBiGn5Bixy+RSGZpaccfvcSGk0tTdzu3ssi2xgqhnpPmbSrmXLpmvcOhfeNNu5audOS5ue8gAlTHMCLfi9C36IWvwMN3bKaPaWRXXYQBTPtiLr5nVNoyPcWHVsFMKk+VuQ7yOc83tcF3k/UzXD2nmlyM1uiZB6GTvnuXU0JlTMpp/rCjxOSeeLJ2qDWiFKUWFDDFlYTW5VBuKgRyOVdd5FC+kbOC3C5qBwzcR7qk0Co+Aa/3ZGHNsHCNIwDHdiCE/vKPEgFg70z0eECzPSdO5jb98qd0JvyxopeyniUq3ntuAWYZFZJafAc8wOh91EEhYR0naEtRLYIJB4KzUMeM1VKqIclua9FA2a8leLzglpRl+9epU/D6Xy83srr4dkoKN8iMGMnYu1NSy27IvykZ+MCs3bYoSxwp3qsvTizbabyUfyeybr3/dVOY62rLBYfkWq9pjFiU3o7YeZ2KTLOqVUmXmHAEWMgYE7dgJxTerJd7v8+84fZZk2ILcf2w3MKYg5EOAFI0FbqbRZwY/N+qFT0BKj4HOZJBXqridVYH578oESxYVSHIloEz/u1gW4OjRGja+dL5SDtsxsm++/ZlkZkAU1cK1wZAUsKzCo9MtvqUwckc0WEXPagqEp3QAK7PZViT3DhjEVgL0mTNnfKTPv9TM37OD92S0T5PGAeMBmgknFgoIPLnmYKxV/SBGh74wJjkmoKypvS4H06eYflf96M6emUedSUiu4lcH/hF6Aw6Ihk9apHAaM3UXEUgOhMg6wlwtOwpblKti4fAV6RAOvY3fFTiW7jzwUrjaZ+nWWq/bHR0pdzJYOtCB5q87LTzpQxttTabebw3Ikpb/05CwqfbY9qeqRY2I15beI3FuFDJqSmWJs7Sb9T33iLCksKDFORrcCwFG0d8ERTbOrF8udAZFfDxzlt+BVs/rrEZf57aByuCooljAr2JPhruKBYzgq3HAxIfXQo8Fbh4ci4sl0KeWeEj/05r83DWfREhKGtJ+NRJbfsCTjEVzq66NvFWVZH7b783zJiNo2iBgNCs8LOhqRpkhnWr8Zx0tiZiG7Mxdhgk+PkyU1jQArw2N86VzmYDfPkMZOeBGVviXmTieRJ12E/eDkoOqzkzRJuqsxZcgM3IQBneCaiiBw20JY9ESU+GFO4d0654/8d0ho1mw1+bkL9HuQozndjjU5BvoVihetoYBUkmbiZ5glk6kM0YsSaJrJthzs6rTVvxJehzvW9uGTcLl9Zyf0t3ciFp/tTu2cIJpjuH0bOsp0pQr5WzUxQl9LVO/S20K8b1cgEPJgtta01+spg+qI0bKfRDV3gfj00/e3UfZUyXlMFZ5LmpWdrZSk2wrA7TVyaXJ1pmnteFAWhRIWOdRsLbNAAcyB/atEsyC72bNde0k5+coB44zna8yWNEFS7ETlmNTy05rd4rLQ0gACmPIhQeoU1NJAKEbu2ZtKLd2fuWDGh61kaqyu0KmTDZPacCfnXfiZpQOvg0W21AdUCm9jDeQFuQpRBOzza9V3VrT0wTzAWHpg/KslvzeuLrurvjjUKQLYnWqTlDgH9tk94YQiMIb5UWCa2xhVJ3Kx7MV2eg/iGAQ1MbtOX1AD3wlgjfJjvjB9NGzfCAWcn7Evm0Ss9SuNlrRkq/rcqgitGGD7+fqJJ3xF/boT++wWPp9xSLU0StCiED5/fZO8RuOEuiEuHeEjl+fduYO2PU+/UZfJO9aWiOm5KuzAtmYbtmKmAd9q/C6ywbVxJl1hUtqXY0imiKBIso3NsxjW8OT/dd7VCGoK/mFbBR0O03dRrXfvLdl9FI5gmtlPJMNcw44h37DHB/GszkuEuBMgVcl/WM8ByXzsZBsBid5WPGxrVbcCUwnaIoo9V6j19MREmymBZ5WJ3l2LUKO9sXlSbHFoz6RgO/7erJNUdEs0zPXcWuawfZ4qFnr1Knd4qdjWhX73oC84U5hGmvkS2ZNvfPjO7l/qkYJFTaohJA9pBOfXvRG3rPtgYD4mhYVagrxY1Z5b/L0xv6BIHRItss9sWg1FixtRuQhXZ6CJMvSwAPqU9e6WPuGeJZoga9E0Bkxx8X/Y+ob29ukDFLVktm/g/uOETplBdyKWimGQzNpGmZCVY9zVSqhlMgxTX1pvPQ6Mkg7PWtkyNeCtk4mAYBGpUQA4RiWdSDk8e9i/+kVEOLUT6DJTQYj3PZ91CU3AgyFiy88U237UPuorAR3zEN49VR5+qUG4CbElbK5YaILstWDXUI7/dDDvggTHa5qpy0/nokqZELlfm5swYZluk3qRKxp71yaauaYrJa0TX2yr1Xj6YlBR7vO1hZulV/Vu7j3EwkfVPzrCA4y5hrroIFpHtS9Vi6pw4EXrUY9Kh1zhgISRYVKsb0NrF+uicps9S83i3xYxOfwMJmhvDAu9/wRe26EnFsXjfpAWO39FvTb4NYdUB51ry7/8+RorE7XjralG9cJo75V+h9luBMJPdbYZowFf6GNmGbmUNY63GsStUkHz+89dzjO0d4cXtmCh9tYRrQatjXqmLpmDi6SGvpYE7A34g+nK4QAZiztQBW9LL53mhO13sZxIFLcrMHZqC+Uk96uGsmQTf3Duw4C/TFrnfV88Dj8lYbjv7uZN9pKZke3iYuVBmuKvWXKwfVpMFaAvn/YneJmFyDWXjJ81+6T+5QuP9ZMm8K5wMoHhoO6HIjk2HFGegVGzqTe8Wb05hllJAYWL0DBx0doVhOOvajH13EWQVyf5s7JFzDuprcNfaNQDQuHOLmeHbD4pHt7pZBfuZVYxh+SdWgrbYKS3tyXy5mY5Eg4JLtg/n6CD6o+gDCbhQGPCMimuU+fNyLbeJzMQ9Q0WiRPgqeIXPbApIPQAcZtXNnL3yX2jy9iqnJPdF4EtTecAWH11iwwj/cyM72FvbpbcH5NjIo7o8mN+Hs8SMxxO4Si4C+E1Yw4TyZ4FDx5o6cyuaLqQ/DadeKRflgp5KBYz5IW4XRZ4Sv5HKDUiqdivPaXirqX90OZIZqZv0N7eRcC1lki2cOEznBMxDEHE09qc/wy1+avRsM3ChyN2+rOsuLeNgr+8RIPg7E30m/lSOI6gchYK0aE2GMpK9uj8nfl7Mxr2I+kDsd4pSUzz9Z+JBlQLvIS5do26iE/pthfC/972D5LtLBY6O0bHPHBaYR+AFXCayWS70+DQXl7cZni/XubZXsJh71PwEl/Cqt4SdE5aS3qUAmETAeHb/rC7IkC4TK9Xjjd2RpujXJogV/riaG04HI1UQiIweLH65fA40CSB/AeZ4jyt4Mt9+xBFKkj+zca1s/geuznA7P4+8VF7m3s7Jy6Uso4eNeWg3H1JQ8HCTJvS2+XIsjBTJ21jRUNHcuG5N4mkgrJYcbKthovnNzxH4j55CYkyqVTrt/wcUudWCQjR03lnGl+ymvZxsyTRv4/Js1oUt+vtK2L4BladFeFHiwVxwIMHEAlGexja1syfkvAfFsAAQaec8qVXfkW7pq48PVO6kXhvekG57XapfyZ4FhJz6rwfFK1fMGqHOlj9FyBQwetTur1poS1CyAEN2QvDMuMV5xDHPsPfcbeDDwiDgaUDAfOGIgHFoDd1iV0xnI4Aaqk4WY/8xWeG3ItELfksos+Nxm41LDEWQGEsd9f2qVzuJthPGpmArDScCmqldcsCY5vEbMG5dfsrZrcteZKtp2XkahhMSLlom4u5Xb0tEFmnF2O+iN2U50OcM6SMp9lD8MiDURSRBsoNpubzAZl8DEDUW2ULRBY6YSqevpZ3oR7ydHYHyVzx5tS9L6eow7tmRmdsCYNCxmWxUomXdIB3esfGIPSq5I7EtldFL2D/wqhuQcV6BF2XIbMKjkpmzbHUF0Wow94UIw1wnyuwCVjEDphM1RU6g/QZP0/BWJo6qe6UffmOpYB9XTW+ZPr1s7O5l5B4Lv8RDzKfdHoHQaPmqkhUfWfHEXvwfl4GDSpFUgXOlEB57Em0KobwyKKXY8gc1ryqIGjiOe2Rz+XJbftLN7khKmN1KfGmGGilYzyFPJd+ICJLZ2ZKWOul0Jtgin1GUveZxS/11WI/g5NjfeUsLvqpJjDq9bPwhzRUK9aAN+J9RwG6I7tp4sO8uCrKmydB0HHMSUY9SnyCjbPjq1TWHGJwwltIkfgm5mSV4hj4ZEqYAshRU7Vgd0xq2/3Wexy+5cbFW9ZcKoyhf6goFJ9XR0/F7NH9qUXT3hKTeAWp/ntHYtgl3FF8FLjuUvHTe4uGinCylE/omTTCqhCeM/PE3cX422RUNuChQ/I+t5gGa7nstqXcggzEcuhd0GJeqOUGDPqAvS6gtU8tT8sK6gwW2kpIid7tAa1uNfASbzh1HwhO4zRAVL2yZISQ/vMB/bEFXyCI7bch1lmnmFYIavqVnNVDdieGNv/kv/wSJjnkDx0FfIrfVN2cRJedWMlZuURAAdEOM7Jb3X5njCMTssR5+FsZJfuyn7wIjTsMwDqILyFUDX3NXdvyBkS9RAA9GJOYHIPdx3epVKyCMQqp68wnmtejEfSiJ/51Xd2XFqcHtMqILYoL6lW+3lW/eEXho5FD78dvqkG+so5HHrwjPo9v1orLRZ7N81d/hYFZT4EHg3K63fmxOBoQGiVlMbVoL7tUi5orJVzQkgGHjXxaYi+UC676CvSnhKFwB6uAjrnUnmAmfB7J2LmUakB6O3s+Ccyd70NsQJLxJesPQtpKXztrgAz7kFriv2h4HW5Q==,iv:Wm4JuLf5ADXeiEkG+zP5XVBsDeOlEWbOdNqjCIYzg28=,tag:yyI77+vEYPpUKxuS+XvRkQ==,type:str] - token: ENC[AES256_GCM,data:dpL47nPmcTMLfXKXcGrsyzrJN8IJKdR870eejw0DT0DCC8Q45RDp6RsOCEzGJYjDYxvNKDc1uaM3U81vq8NmsZ0ePJDbYGTHuAeWRILLrIBPjpS3b5Eb9P79ZZk4xN6WSnisuDRjZEODVqu60GCwSL3Uf+3wrmlhAwJueN73Mn4=,iv:SWCGymXBJlbd1atrh4oZL8cPKbIX1X0vgcCy403INVM=,tag:qJdgU/VCAhUIcfy9AS4YQQ==,type:str] - bihar-prod: - apiVersion: ENC[AES256_GCM,data:+p0=,iv:jXhDVDFWbtGq05E5HfGTVOeh9EiatQ9oCgk/WWtqx9c=,tag:4UtnMelk/fe95tZp2Q7YDg==,type:str] - clusters: - - cluster: - insecure-skip-tls-verify: ENC[AES256_GCM,data:TITlEA==,iv:LXXe5R1GQ44R2FuL8GAE0s14BKUwkbrMq9si2GKNmrY=,tag:W+j/mRSEf5RP1s/B31ndBw==,type:bool] - server: ENC[AES256_GCM,data:gdz5h/1nHyzETWln5g944Zs+caG4yfOuzOc=,iv:wPbbaC/l+7xzt6NdNSMMMmU4HzrEh1fdgz/E8/gdDJg=,tag:HFrZ+4HXYY9ELApgXIhiNw==,type:str] - name: ENC[AES256_GCM,data:75JDMkvGf5fTrQ==,iv:X0H1F76YYCzaWJyzAs3i29VB8V8f6OHybZKjwkeBHEA=,tag:qBx0124mZNMs/8zKSglRKQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:FlwDah+bDwU2jg==,iv:5ZHJZVYt0c/F4skDTcW6ZkTR+OftyFEyxIRqRxTNU7Q=,tag:hK/HKNlcCpts1i9eINvgYQ==,type:str] - namespace: ENC[AES256_GCM,data:x1eDSg==,iv:G98WdbwXjlP1K75vpU+KmbQ/hsYqQQlJQpVZg2f5Np4=,tag:6+fo5FRh6JIm7bIq8BdphA==,type:str] - user: ENC[AES256_GCM,data:PbqLRu5qLe01LdvghkAiPA==,iv:srAeJ+QqTxz/gkJWECFIennPf1QZcuGQcItMPEo7coM=,tag:kDJPYiYZxBqRZFWpV+OgYw==,type:str] - name: ENC[AES256_GCM,data:n3NwzVtFoff2ew==,iv:pUQSXP18vpr/YcbUZ3WvMjazkmZGtPiHAkHAVBRW5eI=,tag:dkxYGAvIMmG2XtIKOYFz5A==,type:str] - current-context: ENC[AES256_GCM,data:7GLjEnqI81+KGg==,iv:IxATfxSf3wfnP1Te8iyJMxseVIvy4wqriWIVGuosORs=,tag:HgU0dolWrtUC1trBGoO7GA==,type:str] - kind: ENC[AES256_GCM,data:VJYU6RIq,iv:GUSOqByrEmL9AK3P8qVwkQMbNtYNcLnQ2uSdazQzcjE=,tag:g7oO4U+o5TSGnC2iNc05dw==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:rBgt/I9h/FBthM9cZgH/jg==,iv:X3qfbrd5SG/FYlkQ35hhDm/MSoFF7Vr52spHZrAyofU=,tag:YtLUzdLvPurlEXcP4j6T9g==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:3YbvQwPAxvy5l8L23SBLCiEkajEPr/IQ4IxR0PdXd1um0srxjXIZcYWrzKMb3yLCJigmsAMJWWUyLhteCfdB7WzwgN6pDnPwLVYPmdqeYFibDOZL4Qu+FNTDuuOFVrMOM/RhoG1trxBNSoTDqXKcnr+MKMX0FRkrzhBJqNcfV0kFf59eHjXuSoTDNlyUbR1VlU0ACFUifZO/vexdJgx9QgIF0WBHZIfrmJr8laFlKnglkOfoAX+7vhAQZk9svuJzOTMthgmFEnU03DTTSGOiwt19MFtTxnKDYZTqlT4PZDqk6Ld5R6HulhY1z/JPTaebi8UjWUKvc14fZLqvdM9l5fFKUMvKlWZ7S3iAOcYowhagYt4E9wF4zohZL96H+zZLiVcxthgVbIKfijt9FjMNHKP2oSEa6jD6gIg0AweLrHf/6gslB6EMtiaC4oAnRL6RDH+F/NCRNHVLkV0mHY38DPrYCB3Pnn00MZFryWAh46Cu7w4FeFVq/oEbvV23DCCkqH2ATa+HqziZZEF8+CZgrTjyKydBr66IIMhLsLRWwBDsbsZUdBd13muZ2X2nQevHwEdiLKdQ4kiv7e4EnWE4cZjFXKqudF53g+D8+9ShmkACb8htPHKkAJZFzcn9B5tyaQSXF+3e499NQjU8SqrX/1JSFZKRCChRJ+5kldUJxrxpqH0zb+iDjyZTynsycqhOleHIqSRLw9S+jQV2nLAzhJK85RmpYjExplmCvEwxyFLKVRqh+HvjaEAM2v4Ev0Pnre1fun8S1tp+DEKdJYqRM70CCTg0HTtXgAnN1KzrG2stSBNb4T7TrKf5R8pPSuQC4sX731sq8njz8gsKijK+A9/f901jiBoJxbDiSn+dxoz5OFK35tYhVDoIzaNun6yww8hApmRNwxYPqVkMJUGldNY4tOkIZbHcSD4zZAzx09qOJ1JINwlMGYC13sh2rIqBBXKJq08KmZnrm2Rin6IPcWT86BCDtqLR3operxCaNNRji9kQ2D5iLomvLtFBJn++1CFNuhhzvB+xnE94poOJVciCpcryAb3VeH0gooIZaFHKWCe4SanD21ut2WUdDDWu/d6y05ToFmA1YtgfRpqulp6fXzCpV937Yhc6LPzhnMwcmVAkK8vBDE6mNzsJq9lxZdK5LvDsiynQfDdkHFC8TuCZbCzSFb9bfcdzfRfsUGQz66VKQqZJtOktmzSuyslMmSIGoG1nf46P87LFlQSZdfBR3n8y24SGadV+DGv1FSZnJscdLVxSnC36n2iXrPB+e+lm1Vc4VHA3z87/TggGRqxF24OFEn02sSc1IU/Tf0SHsaYnmmrdgSMGvebDUoGjmKuV+2J5A6eVa0mwCK2r0Y9dBK1qHCdKB4HzcWOmNzvri/yY39OL2n7plbiBX0RdRvWDGTG/9PAsD3IlqbspJTDzW33cpIggw7+MwZXVa934oMw36iIVA+WqYui+/R4huJspdqZWVW9qjjtu6lkywMdjIwcSik1nVVuU4QZW3xydcGBlCOihGnlJrY2KhyyR1JrxcyjpfUky+EHSiqQIQAmIk/zZjW2HTliO68GiJHKw3YcmW3l+0Q9QveCrjwjpDuOfE4b5ockuzNQNWxAU+UwAA5PNSzh7Oe7byhzGWFzEX8NoawunSVnzEB7ENcTKbIz5gBXspFMVIAwOj+/X7fgsZj9hh84FxVbTR37MbIDOigZ5efyow0TMEg3G94pJC+YfBZO+iT6yaNdLv63vCphIlwVQxPuzJGxqhg3g4fRB0PxBpGwu64ZBHQwFy88A/yv11za9yMcEOftATqMoUlk2itGFReALFp8CwF2RLwKrMWFtSmEEIdL4hNTR6w4mjqr2HEeUiRrCvUulnliaQq/gzeuzEQaIuJ191esLATrTrD/sal7ebkODrIlR8M1PBO1Azg==,iv:V12sGAoobzKetUO3dqhf/tQ+o1rYVKKE8FfI6V9cK+A=,tag:54oF2lM3a9ql3kYN06iyOw==,type:str] - client-key-data: ENC[AES256_GCM,data:VI/iI6c+V2o4Zz0TGS7FwmX4UKdOMusOu4KeFqjdV7wDci578vO6zdWH4oIQvcOQiRIV+80sTiB4HmKJpLLo68TG5tpkY02xzA4Vxqpj9Xcn4xw2QaPCiyJu+vDam4mXf5OlXKWjenHROVz6MgLgelarwYja0mI3/l1/Uv5GKCiJ9jLLGxAXfpLx2B5uPxW9In8UCO9p5NjLx2cW4pWkaPxgl0wzr+PRyn/mdC1wmwllrBnNZ+hraf7Am1XQFBa9WTVpLMQPbw2DJtPMNw0B0MIrC2xo9ol6gjdo5Wb9RAtbq3L5OyarsNSkvHs6/6uqefGHTANdcQWdKyGjT6LUPzftTmJkKc78G8k+nSSaewpe5JjZQbpLqSB9SWnrBeNwNwKlHMgqf8O9YPI/w2yYUE+ZshPFd4j8v/PVpj3Zl+phboo55D7k8kjF0RSSxkpUnaYGPKFYPIXFH5E2ylHXdPkHdJ2UwX5No/HwFIhxHNmOHsh1/nIVXr38jzp1tjYq0HqU7wNYF1b+ceypDCiLeTwgiWVxO7UC3uRcieuon/J2fckU5V/8vXSAPYbFGuzSBeHb2JzcJ300eLq50fMY1wKDxwpfTP+zvbrTqjANIx8PFKg7SKYXjMnN+oj3MLyugc4B698Ll5A4KDtNO1Hj/w+O/9ry+3uLcTqvZOq20NMllxfzLqWXbrOrNsEBwd8hIrS7LPf4KNM+OWRTV6S6ojM7gxiQFcR+HhCHLl9swoQwT2ozoPQr6l/to+imHxb5RbL7K0ZtDlmHGs3dFEGmOjDJGNkOxvsmQ3D+jmX+TbRURWGU0XZQ+Q6qLrAcDFX6Vzwh6u4muhIgMKAfPcp/QHmdbp+jegn5KLLo+D8Z8sbrmS4dUKwX+/dDZPSUkiPtCdJvrLmM+Z3dJtd9SZzEUaOZ1ixU2P0F3DHXPznANaV93ZWJcHCw/BGcBRMo0s95kRKLm2x9TNWxsGGw9nweCNmgGjhsR+/GjLFaMmqRbsjN9paJ6FUzMTCbNMS1JnYv0dRitFUGFqsTCCWMVqsE84cLBMQwZKLrDNo66tcBng5BfoXq4S41xdFtEQjy4i3AqDUvzJZ98zgj0fQYZWoWrPQAVJbjN9Cvi8zSQM/LupJ3C6H+aiBH/uw2c8w1UI+KfvCngjJtxROBpxP0VTj9cVK5dQPEieYv4fHhupryl/TNWerFilEBuzZgPsCpHjiz7K0IIn528mrmmftprRw1NcFTe5rS6YSqGN9WzIyKL7gulAe1tzjAb31FxyblE5KqNeQ3rOkycUIrFdaythsfj0IUtcKovb8JD9pTitWYPrVXLwhxnNARzJsJTCaUQ2jL4rLelbuvMC6xdsKZ9h6kRzvAaJq6pwULuc+ENxtZwY37JAys/H4HIqzJ8B/cUuB/UeD+KwRkf6zDqMPWFreWG7TYtIkYk7zJS/DYTbc9ECto3MErA1C9I/AC0tAvnL0gCuCScDfE6zFax1aUi5I9tzOJbFwXiHvhNYscodzJ7bMREidFmLyJAQzwrDSDU33/hAwQb3li5g4W0ghDAaS+qzIducQGmX9NLPRPcHikqpfSLLFznz13FePnutS5f6NW0DM+Eej/b7moyLnqvjSrlFE999yPMuDEWgMHBcB4O7rMbWiu8ze6/c7UmxvNWGo+dk035uxY86mOHk/sjGe0XjV7GF0qkpnm1LNtSxztn/cs/2Uvzps8KaIZVbEJYHGO8Nkw9ZlkgtduB3/Z+w/KmEaJMpFE/pmiAid4Okx97bwL83NMW9Sv+p0htjW/+7P1N2UFPbLA3A6yA2FqsT8kQ5UROThxhTN55+t5LjlD2Zdp/1YGOV5M552tKgeD6QQ6t1hsQIKcRAbda++hIvGOHn0TVCIDYC6cJh9VSQZnsIivrzJslZb7YUaMSLyV7wIOfkX3rCOuZk8KdHL9kcCu0uwXy0dI9Al+3SPpVSWL+aJbh67EJVtAlkqplIz+3Au1w15v46KlhKnziYbM2VqII9Xepnz8nzip2UU2tuz5vhNlSN8w2ldazqoRIkb17UGLxXVY2mJ10dDSQ1GAhO8LW64X29GwCQDOrVs2WiEDgGAQW+cQXI+Ca//76O7L3b7cFrHFUqLNTF9UHFumu2boH9nQz/10uOdrfbp4cIORLRu/BkX1Jp38xq+l9PGNGs1vFzx03VVkzPnUGHBG0j3D1qHAXvOw91s2ORpgrEd7y/PyKWFvypD1xF5LUkHnuTSbcG3p7QUBAW2C37UWasKs6a9g7CJYHQDKhu9pJgJCm4hUmuw+asXP/nf2lh20QDqH52PTS6Bthp9dKmJq1SE/B0N4bn4cR6GEc1fbUyrWRAZpM0mYboEYHdnE0FJ8qKfzFhdS7ec4Ad2pV1sBY+oDJs5yCLJ3a3QYPJpH1eLIsZlgst7wrBIRaomkuhbOLp0BURF6tHVMCH+vTCZsxsyQTkq+DZlb4mnc4xqP6GI08dUxLjmQl6J7isVXc+TpiulWDIToxLtkcXW8Zv6nF0nsSzN8wU149VZEuJ1zeioB5TjKFw6rZXHvGCDSZ2503JMMvQ5hir4MH6ZmxIeXGInrl98tg6VvIRVtdVF5Mi64K1fkrhnUyuqNnuSIfhrFrYV0E3+u1SaYzOsT2qHnGjg6s430Qvh6isJTMd6utltqSog6QuyG/9+uUqzyJKfRrxlsUJTOfU2BooqT++NLK+I8FQLDS7PtRCppCSn6KOL8J4/jANrSroCboBWWCO6eylsZg3ew6rwFbTxAriFF+9JLjJxrGNcQEEGuvXS0vQ2goc6MY+P7zEOs+HuDZ9bBFnN1QnTyc4HLxNH3R2np3sZ5BtNE5yyOXtT6QVkoeP4t6g2wGSSzxDU2j/rhpkew70QxDEEshbIT4nror2F3NVwNVC4STW8W87SpKjEN4sijTy+Y41uLBhou4Qtee9+7uzJX2nFF5NRvDyXZzP42gbVnuzbKbVXrfwzbi4zbz/tH5e0=,iv:mqXwOlwJLsuSdU//iI20TEFlvBIhWMA4fk68duf+IwM=,tag:RhwQ7D7tssvvM9jcBicxrA==,type:str] - bihar-uat: - apiVersion: ENC[AES256_GCM,data:Au8=,iv:WYIopBDGkp6ylds33wyVpsJEI2ez1FMQYUjD+dffyZI=,tag:q3ryHRLWKjC+VTFpvY4Lpw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:Aef5c5sJUChx7SxCUMAjnTx1A31zLsZxyz7SMNcFTi4eKvlHwr3RQSxwyAI1TsGyHjN6O+BEa7kv9bKwqYL5j9k/IonHsxBn8rAF+WgTM15iXXXu1cmxZUj7q/M0UAjnXiTwiqEeE1V+WH6LjZxGGLBfaQhbGJ7hpMdmrAhl6n3P9vY0JGN9TbmOKgx7mONW/2WylXk1OpJnq6iSGI5JLJSeV6S3CT42NtmowWeNaK4UcHbGuSBJA1U0BrrlOlCnum/K1e+qVO12gz6MNEL7opzXKQB7PuD1N5xCfBsZz6173fQVOCujPNAnSIQ/bAXTvo89jBp+fDt9FvPuJ6+D3rpNHXzQI72claKpaZv+0uHKBZqeB1z4vCV4fPS+2YoMCGGhbRfhl6DxVhnWCWNb3yW0rUdPyUeFo8a1pJAqrN3sP7b8nRGgwfdCHD0g2h3M9zlVoewOLe2LbYpuUynShKq4S6rVwPkMzNzBC5ICrrR26WHsDdY1l7KC9uotFijqmfQeRVj5iuW1NAjSZxCAUPkrV88CWdaw5vlbuld9W9c79GaQq1duUcswgSsx9aSz7iLjeyKDuvw7I/zF21/v/da/YNzggiTIfGm70Hz6oLUqcpJz+8mXk598w4iLoApNMHzpncNZeVmtYZZ2o8d+IzMUfOoMMVi60dAGxCGwZuczbbUGfpOIf+M61dZWxP1mJ/pNOHq23W2qQ5kxDIFlvZJjyNnTW0MUMjb2Sv6kt7FGxIJDZrdS4Nx6xmzu3OmZRUx4JpN/IT2ds+eTKhrKbifTO7ZSFbdIuCsqX3Vbav4iPkPoWEdz5+5DcLTZ2s8TT+Ct1OF2EvOJ0XaQsVVLdikLqeTu7R/WbDNTJBpxxHvESG6pT8e+b2MJntPHBdBhyEfmeXwRSVKMI0OFXVV3YU+XSZAXY7QKQijpDSlogZp/usOR/ymmuA/ayVS7B4R1W1030XMg+Hobxco0dxKt7gjmb0E3pxyjkDdxI68R/PnolUGdDH1xS/c7POpsUEvRcKR4DC9ieKJQs38Du/kAKgWs1JeNlu/AqhKXuUdA30GIS0spfrz5gDrwOvmd97ppkUbZ0sirQEZgUezu1uIe901/DO8iVwIwAOaeLZFjzogSQXA1tPnsnEknoRiixYjPaU6Sq2+vw0v5MqQ6Mcf6YQlF9j7xq/ckIl+AD0JzpkY2ys8bY2/ciw/ZGDX+mHMn8I285BsTPaV3K/6YafIayiH23gyLm+Pde1NMJTRoJYcCdH7CZ3psTq8BoHpUoS5qYSrcRyDdMLq6scfOfQos3fVZt7pZgUkawJeJjNPiyWCipxb3fJ6qgxclwLfwNuCo7VNgH1r3sc2Gx82NOl8j750o06NWEOY+wQxxwf+UZLM8UWyHtRmVvSe2CILfpyGgw/O5YyRcC0D9BZQe73DgNqQ/tZ7RmWUWBcRxGXynYYn/J8qef/F3M/gedeaKs5UgCIcO7PqOWN9EFZVZ+wN/5ry5OsqEPtDTcvdRJNbW75/GEHb1jqkB/PCcE77RwQibQ4ipgq+nw3Thi5NigMatADVTUtZwyQvsHRpQccgdet1xc63ZrGM7JOoiN+3Bh2n1vZL7AhVLudOwTaeu/Xky2tgvXq0vnKNkK3jFZhytt/wsVHjIFA+vw5Fdh6QMMPdj/5FuUmog/NGB8uDcVBrjsZughQShsXV9iaRuI4LX+tiFO3UTTMJMm+Sf265tb3Gt5+ObzINszw8lppRCnaNeiiWz+7LpKCmPrrn9bsWaBZAQ2p9bB3/2nDGpqTT8ZRjrg33Fd/XRdC67Ez5gExRy/d8WNwADzE0KpSqUiGz/TPOOW6OfSPdDTvYPIUoiPfCChMPUwULA+jf/V60b9IGey/vrWOfT5oCgMpKUmYvzlyCJ0pk8vTq8JrR3rbweeHoOpbjwc58eQyGf6D7bk4MYKw1LnYqTKotu3+4sKehUM2xyuUAPNrnzdxKYa8vMm8vQ+C/z7aHFms0DwsI9X9dM100angZC8hukBNZsiLwD015iyCHYyjzNC/y9CTkohY4gpi5Gb4Ev435xtDyKHq/DtcDg2pQvIIo0ziVKmdWkgmcoZi4oMYQsRxn9MRtGXRCdIsP2W4JrKX1FZPQ+RVfTrQGmzm8FhndloLb8RCBgiwo4hQbuUpROug6RXz1sKNl+tHvj7v0Q0RnbUyTHY2uUI6OqUgAlnA5XlnZYQpuYAECsQbXwTGZDWoom4iu0trGGLdqn0+J4BE3z3hPVodo3bOqadVz9I4K+4UkifchTN/6PVFi0eGbGAAeSxjo/zorLcDVIk4fKKYCraslIch3fawtd5tJrwQSZy0y/VvKysysSmFoX99Wb3LN2ZrOgLr8AWxuACG7vx5WfHaVm7mVBuDQdfczoa3fgVE8D4wJfPOOsUlZM0lWQdmckKX5/b3k5aEAUgNDlpHdK28lg085D32ltKu367B0T9sdNRWccrkpf2OG9d2mKBT2NU1eLVOok7hrdn8ZWDsb3pW4U5UkLGOS0bEhWr5vJvnaMnPEBlcAPWfOPbzFe7xLCsm3emfFvRTVoAS23kdmGpVlaD1bCE5qKxGT2CZB9zAaGYUBHkZLU6cK32WW8cFg8ouEmaHGApGjS/2Xm6AETQ2/xJ1G45hJOR7dMMtWDRkyavl7h0gi4xdd/IQMsIUkj8/m9K8TEZFvHkRbgphsIMWjAhahEoD4Ve4ya480gl/166IRRBrXyLdpz2ei9j1ofAD7K6GZq1mxxI8hAlrsqANMrfdH/gz47FIQ+euEGojS/MyV/O+oD99X3rzXO5CNuxOKxUxs3SRNL+fFooTPepOVMO85RS73xHi0ArxG03v0yE9Maj6kbaP3JeSKsFKcRoObYXHMAeI+noabv6E2YwCxV6R5iLGv5LOMp5s8OHuS8aoWnueE9cOTz8CHpqf+xOa7OfIu7Jvm51H2XPRItCodoGsv+sLnWnaVXRLvct8QKKQUp8+Kp0i92crtj8SRf4PiRRxoDCviL+uOGzVbJGjXyk3I5ocbruKdTmDbwB1DpT2zL6HlFZQQz7BNVKQ==,iv:nJpzg3+b9SInMr7MbwS2JtX3y1XEyzzRLUvhjSSLszE=,tag:7DuBM/ER2ssv7xOjT+pVzA==,type:str] - server: ENC[AES256_GCM,data:EE7uafKPDeNwuAf2EZmMNJ5zACbk1mrQjFIpLUMCydZDBQUzb5G1F2IwCn/Qv26l+9li1eQYgN8E,iv:L+WneiGozgyEcUiXo9Mg928tkVMFT7U92CWc94GpgMM=,tag:e0r+2tdCbTSMN6FetfXs/g==,type:str] - name: ENC[AES256_GCM,data:n2tkreggkNgW,iv:Gss1KvxFSOnSVg1GK11Q3sUgpe+IoheF+04mIP6vZeo=,tag:ghnexHp7GWkw6XCJvz7Dxg==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:uKvYp4GnXEqP,iv:9iiJ7CLTG82C8YG1uAs4pIhtF3O5Ov4ZNs6D8SdExjU=,tag:tHsDg+0vOh5r98Q3y5PMjw==,type:str] - namespace: ENC[AES256_GCM,data:5FJ6TA==,iv:cfnu7lr4vEckK06Ri8SBoymoEBbBIqvE7UyIfe0xAiU=,tag:pkwcLOfZarO6S0vq+C+Thw==,type:str] - user: ENC[AES256_GCM,data:pD2LxKyorOgTL1VA5kLXHElHLnl6BygBMI+nT2qAzg==,iv:pUPUgH/1mgjnstZn/wMP4osx+89k8pRpDtE8L6Swr58=,tag:oNRykNJkSVXbR5u8NCDN6A==,type:str] - name: ENC[AES256_GCM,data:1SAM81RsM0eY,iv:BigtaSFu7pP2z5lnzrxukuEGKYg1VQRD8T2nPONy5jM=,tag:yxMhFDLdAdO+QZqnYfl38g==,type:str] - current-context: ENC[AES256_GCM,data:tbzL+x1YtZfu,iv:SsRD1CUVA0sOb+QULhxTyb04kluDhCR9/TjkoWwOJOE=,tag:HsERra8cBQYBnphCCzIl8w==,type:str] - kind: ENC[AES256_GCM,data:1m0tn2/n,iv:5OLEUorPbXILHqKlt1uje0nx7SF4POQbYvFQGqjysD4=,tag:noc/AeVHcQReKKWkKS6RMA==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:763roy0RAwJ1zeWGhFVPkxcq1PkxF0y6peTVndtXFA==,iv:VwYGNWUjnMgtdFcWX0cVs7Sw6aHntBVik1aKepjSdEw=,tag:X7n3QDL0PqWDBLZyYlkHPQ==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:LfvRzs9AcHXSDTkfo2PA0DWvbGk2y2e8rmSUdSz/o8YP2Gkv6dBFsp42nIBWCZ78DFYWBqZWBvjJVi3lRCeLH9LzWSmrsfviIdCcXwRRFa6pz9wqp9OwmCNaNqhpOA0VlQNqQ4rZcKKnkxtTzZP30R9t7VYW4pqF2JZfkSRuvccM/5sCbxcO8+pzriOwl4TZjhQGw41gwkDFvNnH1l2wJVO7YIKimU7YqKViHa6KkfnFAczK84K4d2gF3H6hpFQskXuxRPL3qjLwuoPh47r5CHGXqHLn9cADEQtC2IRYefSAX0xxaFMPS/f1cJoGnRGt/5ZwShKGIn871jHKWvTWkHmSLGFoxwQfXPXEpoNpZquMW/PlXyxwn4IvoHs8JVt9aLbMXbW/9zPQdqbXWgLyKbtBNHhjQpZ8Z/p9eDlZyMN9U5JhFG6TBIEQpyv7Vm78J0M2l3RPOMLkAkCSG7dCiRS3DZWo/uZ6zvvEEJA55YsTImz3/pCxq5/TnB++3E3ghrsggruM+/xT76aqYOJQKdkwRFz13DTiCoYK91JMt7hwvvuy3wp9P4VYOE/VwRxed1+Zw4lEyb44BD0wrgb/gozXvDvRGrIfS5iFI9eTLZqP99cGfr62E0psv3Wm7hXIWmlpBj/9COBw2iHbbIcLG3r5CHp9CEZ/JuDhc3+gXtTDjonHgrJXYy/GR+yb2xy30yFy+0Ap//F5ZO7E1y7Opv46JTAVSK8KIYqDRKGZYbjF7H6LQf0f6HFP1rWm8LNI6MlNej4GJVxTOelu1DvEwoIYNhLFJfIzzW8KF52BPACeWblKcWLbduJY4RPDkvmTqdpbzqbL4qVsbWfOT44wQF/piAuI2Rla2uqniHB1oBvp40foVeyFZqZZM1zSa03EVe/J/Wc84xwweuPgNW8elSIPNIfTMa7mrw/eY26BxGqpkpLi3D2LaYn1YAq6RxUl2FySgy8uMhGDHHhiPZt3dYHM2spHv8Tg5z1MHgcS1i9v+8h8d//s6ycfVMEb3LLaSSMVmUjdd68D8T6hKOYmFJGrr1Xm7pcmNcMiBFaTPVa8Kp0rwSiihbDmoYTKa2+8XekEhsSZTQWLEad12Vxa0HByJu5r2pnLvpJJLAIGUskWBF59rniUKLtX3gQT+G5BVt/48UBZlfCH2mIZI9ZOXdGFFzi5pRYMe6mAr8AEraFfSa6pnUydcyNflXs0OEuWwgSARfzIHB7BPeIpdzTNxTkWHgM7OhlBFzc1SgHK9z5BcUzNX9mqGhiIfQWlYc2jcuD0KtxwajtofSaLTINUg+NrBK3r5Ib3k4Zx5cYp/aM+X7XIStIR6Toh8PhtK3XD4dfa+ajV9m3XcrQOi+dZ6EXcMYmkTlm5qGwvQ6u5cZz2/lMFizcIlLhkeTuwP/QQGAw2zK1bqinlcoSZOEiK1GmfEZx5Ib4iwHG0nrAaFHoc1PRFhP3rx38eaOrDeAN3FMUYpW71AHjAxybd/DvTIFp4FKfGyROv5quoLW7SZL8si0ZcnA5bRSWPW8B6d8LXOEUaOxePO8zA3kCJGFfAVUylYAezlWz42+ADJ242Tf9eYqkf64+htAnndSIOEr5E5brSv5XRS6ipUl2xA9Ql86N+JHiBpakK/zjfZyS0nwDlkPTIcxXzo9Y30GLCkN6NuBQdbDZehIO1TuT8QcKbTIonlVBfMLk4JR6lb3qgC73k1Yskhk1QvC0Wz41yfgkzOPJvmZ7c8xhUiu4xR4s3gM+6iB7lhk0rTi17VIMWk6XWPjrWany3joVtWrpg3LKE8DDi9PQmhfj70QkNIUqaVDwSPH7bZhw+52tC3qLSJk0Orn9TNdnz0H/KNPA2ErGBugW3IXeZabiAHnVkrs+P2jMui5MtGb3IGFWg1UNOjnt3pB2u7D+hldcqKzq4MdhfzFqdC/3Nm5ME8KR0DBATpkfc2IZ+HAxgm5aEZjT14LENW2aP6KBW3wK3jgZvMljjA7/Up5KLhfY89fGqCMdWqGVSgA4DsvstRPdN5Xr/qWn24OSbkv6TmeplT5mE+6+/N2b4Yi5YHQr39onK6gc2on5w7pwFcz4SHypbcded0ACk5vqBpgnClrAfLRs1rQGX4nxIE7dqrOE+9OTzTs1PQpNhcIAUsUqGgU/xlP9939iZJGQHU72bFIdVGyQ6PCQ9VOOr9ZdPuQNgkXfSrm4UNwq4XNokHlpWaqB/1SykdqbTrbszDuZlk6PNRy06YUsvtMYZoxm922SE/Cw7L1/iv2J7WAx0gZJ37KeDSnIYtji3yp/skwChe2WmUhsNbV1xuvvUwrwmhuh7Jg0Xn28FCJdvb5h0yehImAUIQgssmlAMumMFcJfOGOtx4mFMv6DqIMqtgDW7xRfroQEpbuIl+eTkOmQFmwT75ebAopIDbGl18JA8r/r1sYgQOv7nhYErKg5HJo+BsJTi1BxHyA7zBvuKK8fvOCr7U2AYP2892bL63oMCX1bXTHu8z8H1hFERbo7VFLzYGm+qX+/i6mIA5CeVr5p5bXMdUoqQF/5nAc2OhIYaiJtZqMkC2S12gpu1Ru9bKQ1N8LMcayn9JPnR1Yn8oKF0vsXCg909a7gkHQnYJCSY1T+EHq+CuWA0DOF2GFQ+oop9xppXunLygY8GDAa9oGvGfHo48wqzewuzZrAGPtztit2HqmxjmQfESHO7P5GWFS3pLisyEa4nl0m6Z9KkMfmN5rtpUa/SOaLlyKxJsxP0fABtaLl5o7sQNV9BBIbNLIxov1LpcOwuSB/eAiJpBk3FOdbKjmUEZNSkpW62c/+bWqtHe+PBsVmPEijxhYUkW3W2n00T0i75nE+Y+thaMDVZWeZdHHIBp7k3eQQuspEHxZvxEhxotrnFzNb6KTc8NgWA5ux3ZZamTO8QcDInDbTXjuWQKTJ7f5Ay/bZ0CIuYF2ZlGr2dY18P5ZyhSnHNi/xar0gb1Dk/ApZhAH5otBssjrDJSpY81a9KkaPatAOfuhxd1g4zWxDAZvSIo79NgS6HvBBsyv7U9b7svp4JmkknkajmsvBrZz5zxKAvqYVWDUjS3iDofFO45pXBUDdtU6SvaFFXcOZtWf5vYjPKZDG6MCxAbgQL5FImepLTk1WWed8PJxNgAQi4AY27iECo5Ffp7Bowrjopazqd+nIp8IjLV1qbMdCDcBh5yz6ZE831,iv:bbFVtbwYZ+1kSoZQyXmVflPuNfjdlKh+BGUVpm9U7JI=,tag:oO7Zvcw25LKom+tSTR9p1Q==,type:str] - client-key-data: ENC[AES256_GCM,data:d5Ya8l17GGv0R+W92nC9r/cY3/3TCX2f3A8iLzN5JcR3+FmRyXeG+mdTPe0YvRMMdd5+ifgqR2Nz8B69Js9dtgGBOPgAsXESFBBkJ9O3/IaRqTF92E1RX2Je2n0VO4X1SlX9kn8negpUuUQxRqvycMI+ISQ2Iirwb++uwYFnKw7YWxBMkZrb5JkCD94pdPNf1T8IkGVm9subH7VCg2VMsUXmjD4DUBkHwucvDR2YpUsP3ZZkwCU5A4pbO6TZa3+GuB+U+geEFKJQNwmLv6NphENYHY1yf0bxVj0ogGkqwW0SZjQjBwkbxHd81uwJpgmJfgy/zClCGPzvrk2RSC1cX1g8kgIXgFSL1Q5E/2I1DtU/8j90wqKnTOJH4GkIa05giIt8+zDEKbi/kOLGI5fW3xTQL4rpsOdq7FlgUCCWnhFWIOuZi52gldpIjn7tqe3O8wtaX1l7+pmOA+g3RencrdEeCqEFsJt3yNDH4YeqlaIW0VTrF/uQYoY7+x+H0QbIlD0u5pN3VgZGnefdJK4VrDowF7zBf7q0rQ37TR7+sGJ8hIMZ/zvQQKGovZBAYB7dKJWq6k4Hmx8+66szwnJllKIbuIAQE7AZ65GhHtpA9Qvayc1DnzEoKvpH2mEYWsPEMWAqDFWRgkpOUd3TG8o91nIrrFmUrQBY7pL35SaNUoTuT4bByfe3N/tzSx0atFsZwBEsBNYmU1TxkB3DsBlNGKabjfeV6vPCfstcausy7lc4MLFiCEQDdmTWk9yiGE5Zo2iIhqxXlFJuxyGMJyNfwcqDf+5QM0798qxu3eQWiwelxuiU9AuljluIv+P13rjRhLJdQv3RUy6Otcnyzv1cN1zddhjIPQ2c2KbDg0KL3lfKldMzcUPgIKDc4C9slFJFQ2HyuuciMJOlwgYVZZ+uZscSTFSzUJXnv6tmZ6piIQE9yV6k2ZGPyjDlwtLcEStuwn992uZSSPq0D5tchlnsXuO+C6iUyptzuIoo5J643hLfINFF78xKzBJHqNr/VVzeifEoYi/AGIsKqzdWLGYwomzsmRu9lzOqSjVEomupFvqSGckV49FZdxBleld6cvIe0VkPKN8lYxjl0x5FzjRw/G5aHBU9jNR4C4wkCP+nCodYoLDHaRYL+0J2TWp+hhvfsavCFfqU27WCxDty3umKXfGiekXZl3ibSyPQc96csv1A5ySMfw8mdAmDuqcEdGGUGDFv03Sbgq6QE+dn0L7UwPNYbZLYZ64+WbKhndHhrulj+QU+MBvrOMqlLGaL8QdBFtpB4wd3Ve8Gu0/okJceHUM//8YsEG3VnRmhrae7DyFY74TFWxEzsy8K9pDIvT3jV51tn6JStdbXkEoVCsEZNkBeQsJqjSlXIMCcR5PX/chEA6PyuaiBNVyF5YJ67FHvv2kOh8Qa/LdrjEipJFJ3uZZ/bWYrjQYN2oUzVwm95U9T2V5rJay7qgbXWN0jOQYD7kdQpXIPWpmr7BKAAFqvdr+JFMguvxwuqdkMBz3AVkP2pHii84holOEnPP0sqtFJfqWEILh12oUXj9Vh7RMtvVtrIn1DtX9owvl4Dma2qLpeTk84tIloBfPBro3MFn5VNojRCcmYaXOoSJ/2jZAq1IrDJ/5XYngblso+GAR+rhgvm4YJLrC3RARzHKLc0TLGl7vlVCFZSfffZRflZP4Dq2EMcjx+Qoavhy8nyJpvEjDo/VOAKV6aDtuFHRU8kHTP+p/BDWdd7h3D+yjxXOl3OXi+UKFRtYhUPFDmHqYm//7HJ0uj5xshca3rLVZOk4tayJaUoPA8Mp8E2Fj5ZI/IM3GyBgg6Y+PHZEPLeNGfJ9zKP9qRfkpHqoUKWmHfXBzhgF94470XtRmuIfRwGALqhUO8OyUxp+eQkTto+h4RVYGhT9bCqA+MzNrS790g+E7Yx7No7kgwdM4AUkvqmdf+5rPnAPMpqsKx8XrymOIDxRdf4V+mA6nDBFTcnnvU+BQlUOhJoF7JBsmkHnFbE18XzQw5mj9oM+5Mp+ps/gXUcJkavgz91RYRF37W5R5TdVAm4fdfyajnBPL4PlAJC1MdkHFNY96bT61gITkhaRTwDLepwCPhp3nMmq9InCxJj2y/PmRaJb2nyN8M6nxpkuC+sob948ztDPTGELkQ47OzrZzKq5DYypWZ1HL5UMKjgzqbIwOZiCXYbwEAI7liv/X8SG42ecImM6HgZAspTFhQ/SUlyP8f9KWNF/7fP3Cuilu7SgdqliNkVOh5FdVOs6nlvZ+RzkXtF2ZpreayER75ogiX6k0QkW5MmUEb+hLeclypJAyI8ernZuqROB22pM/fbHJGu56sm4q0d4ihrwM2mzrdlku348g3QzQkXHbgAGcYWGBRtN/ntIAW92enPCOjtXdWQyzQ6qhRJSFKcbXYMrij+hhwRPjv+k6J8XqlZ1mYguK0BBnJY9iJ3M3vksec+Vt9x81ktnPIY0eaXoYdd+nUrtuo0urcTEodSyrLsyj3fgQIjgQ0aFYoaxfO+4XR6SIFw7NA7T9u029O29B4g6wyoVK893HyiQWp6GUNqQxnrV/bB7BP25mE8aLgW6vrKCpSOelNQI1lw8Kzc2m7NktvF6Hf0POr/x15lYDik/nLq31xL4gyXcxMwasZIL+kV4priINU3TJ2fwAkEkapGwMAov9VjX2BOvG8ygoZp52FJhcrLVUzJFnRNC7n6vp+HgSj41w9zMdDNFhAwcnJ1JyPjMmLbXq0CVVLYRy0wKzDGUQqRCLYWpUuhpL0cTLHcTNjP/22X9pbsX13wWfET/4FcMKsZbUGrpj05l/nxBp8WYoFqwkLH7lwJfwhPd2rDXJQRmkbmRIwle7OI41bysoF9QgB6HHzyLTbppM0DGvTbPNKB8l3NOivk4K4pVOF8ukebGkwC+DAVZk7bKlspGTokrlBTvKat2kX3FFyPCvK2sjkknX7kWUzKF1zpMJHSLAM6YzRu9tcttzlg+54+LpAHZYmtbrbItukiZiUZRepMh7yyJAeeckbEDXNpXJRa5E2DeHx72Q08kDXdthTXfNySvfu+sNbPvi2zc6pXa1JMtlmGN6yb9fIb5PobrAzN/jq8hOgfJnhwjbVOMqJR59dBLwcNor9IqEgXilhYAZSKfL/RlGGxgaYZ8GtZ0mh3b0h5uJVyssoGl+wgz9Lm6zl5wtNG+M2PoembzPZJqDxFGF5lMJy2saXsUEL6UuQs+GFc35hjWlfkjxKqd3HauDQ5R1fR5X+if1MKzboNBoJ1s+/6E2yqy9yHUGSJ9b5+zM8wvTGdCcnGivDItwKBZ/izLG5jLubu0S/NOj3tjr2zvkWRD8l+SCPK2LKIOfoqPEo+IyKNQGv9nnPwMTR4yHjchU7QGKA7Yep+4RFvNcHSRr+XayAgQxio4b7ZaQVTDnCUeBZSyCXzULfIXQUhSBGk6BD/LwnICd02eAeyzu/4yFAyqZhVRRTQDhtMRQTMpzTMXWIsNicNVNyMPJj6BCYQUZphmwSBo5oB3VlZgh6QloOtqRrOE26x1v2dsbbtuNwXp7l8CVYcdkh8jNp9vmivmYrbFzw6WCUvhO8TGwJ3JCtY9WiiUR8lR4HXLxKSs1MQxl9wSW6VTqdmbA+QRkvIdyQhRBokPnnl/oAjAQ6NvqBVlyItjyvESSKfaAeQpNUFIt5KAmiBDzakGM4HQOlwpx1mFF87fizPOSkXek4sZaP8eObxNmkqRoWosQMDh+jloXiUsv561ujM0OPf+vWO0eqZnApNLNup8j0LOAr/Y14q8rYAo4IoreLJ2u+F2eWYNEr8t7S+3vQyErcI+S3YJ0MKqwGN5lf0a98SUCVrWpD2irhV6OkIk3dlETfrOXvxZ5GIKV9+aJ11kArNYS0BlFipuQe9L32SN+004XrXR0RMh7Ph7Gejk9iP6dVAJbBP6tE0wIe8HC7aqx7px1m3NyFA5lPuJep6VK+tYJxij/r0x2C7tPDwp9errZF3s+0UGyHkr75lMpDfJcI5VOPa10EKhEyboTTFAtX04a+jFKjzbuD7XnVzZi8be/qfMTVp/IRN374ST1e7xlxWia6T570VwEKOOVW9tMi4sNFs4RYXtTgxOXS8dvwWttrEL6xMWl6SVTgF7P+Mn1seVzNM9usRoCpYV7gN55l5OAobg6G7urCG5zTDL5FPzCODTiZ+Z+FaCVXknoBtdz41F8D1axUgKSHFGTI5S2O3WC3I41mnF4ObqwWcWmXqBR4KvkA0XxdA7MlU+cC1whyadrd1kiXFXs/T2u/rV2Hmy8S8x0qEpsMoptf93g4L32y4NGnIIsRTm20ouP+8YB4PEysZ5qJwijcEfM40lRA8GBd2ZX4d0R68b0ZPl8NHr6jxZ+HiIoQ2/sK55GTsAHMPJRQ5Br+1+BepusfPFfnTMbSq0kD7mw5noZacZPMjnZXAVy2XxRwa0aPxtBz9t+tOASqpjyA9EAzHVChWm625kkyfQL4X8FbeeViUQK4PQFI+Zdt5AhtlMpJpW31pMjB8Pcu+uNXIPwtXztpDjFoOgfh7x3J0cUfWYT3Qk4VnjeBar0j8Jl3O8vrw6zC1Ii2BNrSL+oYvMNlXBMsklycUrAC+H6XjasUhb7qxE3xLvzw5yKOwy4D7gPtfdMcuutzyd+qyVxRu1X1g6KKfwqDBat7uU3frvAd+oS6HEsOTq8a+lYcoDYUsxkAjg8D3JaNymtYBcaTvGU7uy8aHmxmmAgWRcCdm/xJ2D2ZIAgwvg4AD+Yfr3JMK5IgWPzgfhU7XrVqVtAqvcHaxZ9m8Yl9bWg0jojwsJgz/C11V4OIk30zb+9t6+oO/jGsgxvpt4fY8NiZMJVrkbIZqo1wbbJzPkklOw/I103SH3BRvyqva7Qb2EHiVNzp/e0bKH+CPhT3Tvr3yW4W4FXLVcEbb0SnKfXZ0mStpWsMYCL2AGafob5D+Yj3euFMwQ5QRNKYZMUbeaddOwylw9CEKt6B+FsqvvV1V6KW3ckzLomOlqiGClnDMgzle9r54hdFy/mw4x4/1RfMUybMXxl3dto+38CSHyqnZ7xtqlowk82dWEkaGIpUC6Bib31w3aZAa8SqKEOW35YB7xASzhWcSIjrnM9aKGvBlrjaA5slUkL4zoDlbRRt0CzoJc8LOLAG6iU2cnFc+TT4wSd7ZRUMmUojfrbxcd30/rLszTBhL/JTJeq3SBElR036bUNH1YQBrkO7xTNZZgdkkVrYC2NkwuRNNGZwsK+MzyNVnqgLS9OI0azc++31V4SggTzhzMIqejXVzHGmqRe6goWrkcXcPX9CHyVcZFLrxe9bOhgzGW2nFgcjUQyo8NjlB/BAz/St8L7cjH4fFs6QytyGcMLvscjbp+XNugeAQZ3OD+jWNRR2zia6+/1/fyh/ERNEPIgYWIFk8ABAvhPSRUcSOTk8FiXbiOfgsxC7B8d64fa/2LrhqJ4jx98WidTcwNZ8f7kRVxvA+TCcKQIt8ywAJIFIhZzz1q+jUVWqOuWXFK78LUV1OsQYzDN8VixpzVI0iPIDqMpt957eebuJ/AvB9a6GpKhwrXW6d4IiL+KMJ/Hxt6fT0rkCzLdRAVSvnMC2FhzS65AIjkKelfbk2WKP5Hx2edKTV/1TKHkkAwkm6/6V6r0SmRsrt/cQPNCX3WDFgmLPVigPEsW1iYr7/cnWZrhMfk2s0iwwr6pSz1VCkG2C3CSTxZqLQfF6mYkEnUURlmAJveT/f4VfzSlM6P6zLxtFN6hxe4Z3kqm89cVstnPChXzBa8gA,iv:wCv5cVuXiV8eO1jBdtPnVwos7l0UcA15l5H9qBxsyPU=,tag:H4++KQucvCOXZsloYqSELA==,type:str] - token: ENC[AES256_GCM,data:tRPhTOcHhjYr1m/q/r2XDa+LPWynO3RPo5aCcgtl8aE=,iv:Kd1IJmFwnWsrRGaSG+RYcIHuMZSGW+EO3Q4rRr/wcVo=,tag:r+vaRs9LyC0m8sdW77Mu0g==,type:str] - dev: - apiVersion: ENC[AES256_GCM,data:jIc=,iv:V9fpGQfx0eTGNIUmc14ImHi6k4TkpkkL7cWX0i8E9w0=,tag:1NkS/8fx8wH6plyThdtIPw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:uYC6SQ6S4WiiDJWCQAsHI+sadziRE5oDrj1gWYBYOCkno9qsljL74codv/lrQYKQ/9ji0PgzT5e/fveQlRGPwAQkAzi6EM31LaiM1wcoMZn4+UQDY6Z8WjyyoQBI/gMzBgmVnKZCPOo9Jz/fkFbLPLux0gekZQYZpwlfM4JWnEV2s2uvBv2v91Pl6ZKal/BuqpM8ZBFSbk3G/yJSSkCkOJ4VGU3Ve902ZiE6qelcmHNWvCowo4ZPW+vHFDEyP6JswDjngWJdvLwtv4dKZos/S+21tosYfitfSPpP3aBZGh/mcsez0I8KtqlEuCDN3y335ZqZAMJFh5smlBDh/IkmR6i2Vf/ll4mJKSUMizmDhHnzjxXCBU1K+tBxqxaV6C623fFVkKLy8zk5xyJZb76OVzq2qU1PxycESlsEz18txvTZBR5aViwqaA2ZBalcXsFCMOON+Jn9NXeb0A+kVD9REgTSOJEzIiBPx3BNvPtsF6cAnCY3y0N1rIbI7AiVLDyJXXX9dwjh11MgCytixY7djKjsrP7YIhXWHrKdcoQvRkY37WkYkXQ7VKz1MS30a+DFUtUP7qSIZx/yGRpcPQ7jyKojqn7tDsRE1eyx+CCOeTFs2YPwG8keFWVIJ/VyAFePizKa1ygeWXXByzghkAECywJk/NFb+RfqHcxa4H6U0mEBilT3BtnycY6URYbJUVVW60P75AtSHYwO0SOTsfCPKqivy/rkMwCBaPHyn+982flhh5u5ISJcYYtijRx6GYsMFxwb6GE6dsgWd0Nx3NorG6WSx4BUkvVIfNETzq04M/M24m0nBVKGN45/V+xViaR38aZNZagNQXcvDqjXZvQtUgMTu/YLx/4C8TIMhblRHQnntZKjlAhhA/JnrFwxY7voTozFdVxK+7ejzUxoBAcO7vjp/NVYnVHQyHvFrObKA5/EJgzzwylOH4o6vh7PRcauDIytUqETNHFQKQr35MI4E65FlHcdxxmPTWTZtE67PWgFggjZa6R+u7velOO62bQ2aMAPAeRw6RxGimX9RAxSzAQAtrywpJDT2iJXurvgFvB4PIoRXbdM8CcQeiMpu1gXmuXHfN4y4gpjAQ7J3YvUQt7tvLDcaKL3PgjYJwfyElrppxRtXX+Yn6iSYNOrby/P55SonRERAjJqmZcK9y/rKGfLe0MiVcJikO0ewAlHupepZ7GHjGBDEeyVx99t2PXukiAZYLuWanjs+CbmBXtVhOhlUq0K55QdwheOqE4JQ58w8PGNTa+lnCMXuz31tVWyDia5ZpU4Fi2/LCwyl+YbpneQJWgKa4ily9GzPf4J8BTJysXlJ+8AD2kQ4agMYkybcyNjxMG7C1apTb6BDwB7lazdMnyEs4uhC+cijrgeoqIjUqjBdHYwDzsuxPsHupKC+79kSqZ3cwp9Hv51ZR5ZQT5a6KybYGVtNB3EYXMsUpQoO6xr/7jI9V/ZtWvPo22+GzSK8BtbJ3ShcQ0F2TBTmAsHyREAXX7xgn3LYguWwV1saKOFWTIEigaNNZQXPwqOsP6vsipAyQtLOS5UXu92U1pM+42x50zR8S+3otcy1onTMaO4zIgLLVI5btAFoeA+4g0C8BE2SO3HfAdhrk22siyRve1qLGtnvwDGw4/Qfl/d12crj7t2k5/FDEu5X72zfESeq7W2e+F014E1TztAy5eLhs0uUeAtoZW55yKIWHUAsq5SRj9uOND2EyfudCo/PTUHCWebEej2UF5QKX21QOZvHmLI5T/PhJCIbRMlxYleM0si+VQhj8gOrlb84MCJ3isr38wVsz0Gybh+CdZQrHPTdA90FY9W,iv:XqYelD35KzETy+QCMVEh3V2UMKcjaUKDIFXN9URmmqg=,tag:Cr4FmQqoRsXxV3RmzNhjbw==,type:str] - server: ENC[AES256_GCM,data:b634kM8RmHlS9urUMkwaCq7TAYg+DMOk1otc/yMfHRg32B42hpiaIvOqehjNVMhU8FJFQ7bvrbIAKUqncVUyxtz9v+bWgQlB3Q==,iv:+qn4w2mxnjE1qKW1QjVaHf9B1i/m1D5Yl/PIczQdm9s=,tag:ii9dqSPfHfUMjFRxblRVTw==,type:str] - name: ENC[AES256_GCM,data:lCrCSTnjmMo+FQfV,iv:dJ96D+GFZiK4My5O9fdokDOq4GP1H6k1S5iXjx1MZlg=,tag:u/JcmCMVDWYGW4fN/jkujQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:RVFc9y66MFuH+bTS,iv:uJgSD7QtsM+PhD8ft1CLiP8AxbA5HohOCuqKSfiLNh8=,tag:I1JrlLAVuWTOFw5DWCjCzw==,type:str] - namespace: ENC[AES256_GCM,data:U7vZUQ==,iv:NhxVyH0IJP4AYbdeqYCWRtQx7V2LV/rq5PChljDyNXY=,tag:h6e8CghFNmfSoj4docYMHg==,type:str] - user: ENC[AES256_GCM,data:BPQbMY6nfoLKbNV5,iv:kb6wv1e1QKyLsESC6IDtQeF8leRsMhfqLthy1VVFr6k=,tag:lhlHw/KQaEpXDtDQamGYWA==,type:str] - name: ENC[AES256_GCM,data:gsH5,iv:bIPEBou0cWf9m66iqU46SZ/5tW/yfnh0I8vG0lKJ2Ec=,tag:g2szAj2fISsC3Sb4r+e9lQ==,type:str] - current-context: ENC[AES256_GCM,data:BtjC,iv:PxN9e9N2/YFmMCgCXp7KEBrYR3qaKZlIuP88STsyZGA=,tag:awViisXyeOPNOReS35moxw==,type:str] - kind: ENC[AES256_GCM,data:urNG+zhW,iv:mUXTbXxAEQUIGIKQhhUfw0aMsikdwAY75ItHDT5EP5w=,tag:UJxRAGs+zg5D0DiS7Vf6aQ==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:qpoxmGJhjgWgvLBz,iv:rD9NLA4TmbNJzjW8wpdoO54YYk1HSk3iQKb+ftdrF94=,tag:yHeQwSp2DlxSLEWiviW9Ug==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:mcxYrct3qBDyM83Fcxj50hU/bnt1Ujd5ZwL9XrtaJMBqF00Xcw==,iv:4wMtee1rmc099yMn14QqPSyVx+cyrxhyB3YI3K5BO+0=,tag:TXlPlSCR50Hp93BnIDb09A==,type:str] - args: - - ENC[AES256_GCM,data:WBccCqo=,iv:gAYTv8l2JK2ATWyJI9zUdzNImULN4/74wDCZmOiCQ5s=,tag:unXsaf5Rk6V0hyyWF+sJhQ==,type:str] - - ENC[AES256_GCM,data:Nnc=,iv:nEF16NElpzgn6hGfdf+H2V0hxbRU5T3/thqNEixibzw=,tag:3e29ss83iDBQiAWkq+BN6A==,type:str] - - ENC[AES256_GCM,data:BEFo4c72MUA=,iv:FSXTo8t0vTxaDY1/NuahsKoLFY89zxh/z949RwMqnEM=,tag:6lSEnSBzjOKhoF6MEvQsIw==,type:str] - command: ENC[AES256_GCM,data:1nJVSi0/opG0+loZJthQDUQVuWaj,iv:4pbel7J43Liai/dZ6fEE8GjLGmaO038vC2W10raDTMg=,tag:vVC512y12+gqNtyPMRcz5g==,type:str] - env: - - name: ENC[AES256_GCM,data:wFoCj/5YAtdDb1tWoJs=,iv:xYLdRHQ/DTr9Ik5uTg0ndDDAVA9wQJySKNFD5QCvUjU=,tag:sNEf4GQ8AGqyatKCm1x3vg==,type:str] - value: ENC[AES256_GCM,data:lTCIimkOH7cKFV9H+8BfEYvhzs0=,iv:4CBRdwiqRTRGL0KhOXHeU9RtohnbRrnrG+CKZOqbMaU=,tag:V+vikMOHH+jiREED6INq5Q==,type:str] - - name: ENC[AES256_GCM,data:jUXlLVlHsGYg0l3IhU+5iCgSA0aU,iv:zmXspNChwTTci9y35GzNDfberjFyhaHoHm645Y4M5S8=,tag:ebIcraixGpPqvJ5/EGyW9g==,type:str] - value: ENC[AES256_GCM,data:5ltZsyB77xuMZWxyTyZ7Yxpt4Kg5Ltfe9ikp+8K+XKD7lgaOVIbw4g==,iv:oBPCT2KynhjtLaL0QPfO30QJfh1Tl0qt7g0pj9DuZNg=,tag:I1IhlUm5mUn24IYpPIhwjQ==,type:str] - - name: ENC[AES256_GCM,data:j2qW8JQqq02JoA==,iv:OC4mj2NLgjnlBFZz0UAJvuIUCxi2t48HrkfyQF+w18c=,tag:3Gw/n1Hsn4XYD30V4gKNog==,type:str] - value: ENC[AES256_GCM,data:Emak/6dZct1AGQ==,iv:zZjWymapfRFZZvEiD/GpoyqFCbIeL8SS367QFMcDhmg=,tag:501Udo4IplvczQDG2yBOhQ==,type:str] - qa: - apiVersion: ENC[AES256_GCM,data:0VA=,iv:jtO3q9re8lOAebPd4u7+jGaItV8xG1XMALJHHJXPVP0=,tag:MfXMwUZ93o4L6EkNDEnXDA==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:P+bLSp1RVniH5qeZCX0EVxF0sBKtBwBTKdIbIZ+I1JmvPJcpTtuNYeuwc0qENjApgT5Pe2Unq7d8HpvVmiybGbzK79LhO2e2Xwodi8gvVD3ccowJLtJpEowEng4iX2H/nTouANKsRY8MhfVJFwIpFaMfHKXjShWKUgSZu2rUOM3KsgGp6NHfOeHr7+FbBWb9qri+wCR4j8QMAyyYLh1V/BoHatLE1Ep8GIF3jvBnMBJEfu1K4XzU/R0W4AN6ZHY9i+zSNgC1WXI/iMXS3oLRPjou0BnIwqiyfQRVPOs9R8xIZo+3YUWBzqiGkAbZ5HFjvMPFK2xSSY85TO72WgcA4oYkxtP01bllrufbMU85tQEE1GePOeFCiDDmshpmazYYjVohvekVeZ6cA1j2hFev1zGuujG2Ay3D8UrPHaSPTuIvFP67cz13GegoWMl/LiULHVKJuS0cRy5db0V+KikQ+be8IwWHc0wKrgRZJgOIgGXs24QBG4zGkk/wVU8FKO/8uApRMjIgXBB2bqCLYtzmTzqPSq3ot/QZB+GKVyd4KBv45eyrlnD9DIOYiOAHTSfQCXZd4p8vdXDgc5+mdmyPORKhPkDTNyGB08JjMH5S7yAw+CIEf+S0NPSxWhLRe3hGt+3AFTm1/Q3pyGtuBGV9a3lmhLI4JXsaiXizWlpBzhBJoOITc3z7dF0+5zIX8mH+giKj+/vKdAK8zwFM69I9FUrMLsVbW6NW+Ez0lZiTWwWzuLqM7U5/y1x3RXXxW8rTZErytevky4BssBExCYKw6+MAHhBxTrxCo7Z8t6ThozUj5xgAJHe5NYn+AcWjw5qroeGgWZV0swHUE7ahJQT5dagVTWlqxICLtYTo8cAtr3MnTwkVMY2mk+4JW5JlTVgLtYIWB77UGIjznb3qjcknBgDQXcJXXRNs6iooE6WsfjdBLu26sANZXApnC/GX5AMK51ntBSXZPYHob3765HJ+9ifOrSJP6aOE5lHEuBis3i8saXYVnKCywseesOrgs6FdohbM2jcKpx3rSyVgkYFpPVbLJqqQhZXsjgHehzfa3B+xlvpxbSCoeJHC921sPAMCT5sd44uROFkB8Zb0bSDgSGJSpe+4CR08ZJnCJyM3QqeV968IMjPk+y9/wy3w5wLJjMgaCj/UagWD8MbI3cAIjI950dnnsIu0Yz95gRxx1yQUJmvVQGpADv4CX54T+aJ1V0CAa4CRgYdNB5WPUl08jf/aijRX83qXzv4vxIh7G03+odQeC1118KwUG6Qc4xkToOxVv5Tms125zAo6oQ5rv4qw2blOY63ZUUGHSG3hI2PjBnOXFsyyGsYy2hSu0XLMxNblz5vEPkFQd2OGgmE2XkzVTQoMq9b+MI9BcBmgWokKmrrHmiOKkfRfWD5AUi1d7whthkc5I3/L6CHPM3LBeEt67ZGmE4aofcm4JyA+WKybn2gyyNogielg8t1GS/0k7dLy60IIm7iFZ1pHXbrWxCRJxp/WnMyb7kZ3YhF2rK/BuUOCL1bln/8/myFJVio6j01gPuxBGoqCxwTL1SVSAY5GDrHfz26bLopzrrqDYanpguuGbcvrILQkveyjQLSXwgqJn6jGZGlb++sMO2Tq8KiLI7wW15k5DJcT5ujOjO9vFfrOf3priYQILsIoFOPjAeD/H0g8zhweEGM/2o570lRYMibNq+Y+7RHu8mWc4qZZYloulfvY7vgAejXbatQ7v8U0Wc21H3NPW+HMcnsuyFTIFZ8AJcPbLFwegzm80pecOFeFW2ph3FwANpyOoW9Nzsd0em9+54VEvjUggU1749cWaxL2INFy,iv:tnMNZ7PicAic/qxBU/V0YWk439xlfA7TVWuPMzlAH9I=,tag:7ITuR7Ay4WO0bts+NBXtqg==,type:str] - server: ENC[AES256_GCM,data:hT4mJaxWcuAXF1VoThcqX7Pke2gP+zY0c+s7U2QZaju2E10RyRpWZTvdgqDcG4lsr1vKZPcu9Rehh0samv+rlT1nuZ6riyOg5w==,iv:kJGuYN+/aPdxYyQ6wEZYJzIweuo5NpGgLco4p4U4SyA=,tag:pvlx8y8oZ7yxGauKEpruNw==,type:str] - name: ENC[AES256_GCM,data:cJ0klrPJjX9+6wc=,iv:BwsCEMXaVAzPfTyTirGh1TyVD0wjsBTLTvmCl6B0e7M=,tag:MrJeMiQDQYz0hrZg3A2DKw==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:owNNGQccKT55Ux8=,iv:qMnefTjsXdOx4oTPiXJ720m3dXGwB2H0c2JH6gQucLU=,tag:ZESrowy9XRyjRGqsKgEOug==,type:str] - namespace: ENC[AES256_GCM,data:4hHTyA==,iv:qjOTG8dxepQxHi3qWqWRtpYnEwsrLosce2Ngy8gjJvk=,tag:lEpWXWmMyn19ZKOKApYShA==,type:str] - user: ENC[AES256_GCM,data:4nEUJ996VQZ30ec=,iv:b5OH8d0UYdLHZde9ypKB2ieitksWlbRMmQDkAosWY+U=,tag:9e5wwL8sLzUca64+YUUd/g==,type:str] - name: ENC[AES256_GCM,data:eRHfWV3j7w==,iv:xjGGPbowuWf4EmMrUpu1QxHpQktcXkaM23N7SsuUPsw=,tag:Es99fZrb1EqXbyNbHle62Q==,type:str] - current-context: ENC[AES256_GCM,data:AOJBiXIg0A==,iv:cixHxuShv7vR5JIe4YAAZzycwmGaOFkXI0nJwLAo53k=,tag:gI4uhJqwt8MmX1YvUt7XLA==,type:str] - kind: ENC[AES256_GCM,data:k3tEzPEk,iv:ihfR2N4s6hLZUp78BoAzHiR0iCb0CZ2sF45BCB8A/lo=,tag:9OOa2ku8a98we/eTzrzHWw==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:G7lWK9NYbNjgYTY=,iv:X/v59PrLWbt1BRC0Okv3U/ARX9ksqC59ehXbroK4SyU=,tag:66kdbceCnhrAxfutKFF8Bw==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:8O6c48fFjq6V9tGiSmgbLCIBFUbtU1MtudP2FQkUA75+HwTTVw==,iv:i0FOtrN8cNjsfoyfglmd+IpPDNXP7dM7r2A0hstwEH0=,tag:1jPqNxz1+0nVgGWsHIhr6A==,type:str] - args: - - ENC[AES256_GCM,data:FQ8DcSQ=,iv:9di5WFTRpyxq3Sr7xQgDd4+EhaUKjGRmWaltlfz0/YM=,tag:yNW/h+4jn2iitTVVGP51ng==,type:str] - - ENC[AES256_GCM,data:E1I=,iv:8Kc+QqWo7qaNNe9oZ+XpQ6BjNypuwHWI4iFZJOWhmZk=,tag:kxlzKn2oC5l2uG/+eRUzNA==,type:str] - - ENC[AES256_GCM,data:8kf12+Loxw==,iv:wCr9Fz10lo61QLYsNPMU/1c4+IYm+C3Y7XjzwMul2dM=,tag:adAdiw+oat1Wf+u+FNBZ+Q==,type:str] - command: ENC[AES256_GCM,data:ocBACWHB5/h2lZXz/Rz3IZXDnVyk,iv:Xw/5wJJ1wkmVURcW11kJ/PyB1ev4MyUjCs39oV5UEL8=,tag:3Dz5iJt7qO3yqzcWiJPzeA==,type:str] - env: - - name: ENC[AES256_GCM,data:djPX79/ubIQtuA6cQ0A=,iv:WYTRy6PWW8bZs6JXp5biboRGRerviWh9nfFonf1rRGk=,tag:iMdBzbAHv9nVWEECXvcdZA==,type:str] - value: ENC[AES256_GCM,data:7MBc7ql0YLEJjxnr1k+/LdGdH2E=,iv:JynbZpc383uOIg2ep1X40GCYilQKJm+jVZ7kREPpeBg=,tag:qx8Q5jdiXuasXTTHiRyoWA==,type:str] - - name: ENC[AES256_GCM,data:9gbWAGleKcnfLaF9dHfeawU9Lbsw,iv:sSAhL1SXnw/mFJ1luYH1llOOLK47qPHhcBcbsNrbfwM=,tag:mYXLklo03RmDP0QflWEC3w==,type:str] - value: ENC[AES256_GCM,data:YpzekQQVisHKaqgTjAS2eOeekLGa5MGObZnKc4U4FWt/cOMOSiNjVg==,iv:mctKJMXgqORP/NlqGEhOLFPv65IfMI8GHRvB6zspnSo=,tag:nw3pQT/yqfwcn1WGyM4m2A==,type:str] - - name: ENC[AES256_GCM,data:yTjZzbHSC03OyA==,iv:CqX43YZw2vPpQlyYqYmhL26sejf48IJPMA11jx36f2c=,tag:YG8ecYcgr9LT+n7/KQTRcQ==,type:str] - value: ENC[AES256_GCM,data:4XKghaP+2llGuA==,iv:xICs+Fwjo8FzFLEbvfb7Hi+pri7KVOwCVEOTIos7e4g=,tag:MArVDnPGkun7CksmUSm3pA==,type:str] - pb-prod: - apiVersion: ENC[AES256_GCM,data:5b0=,iv:gjIe3tjoFSKG/2cD5BzGdJSwblKUhprlW2gPp051NsA=,tag:Hp79WrbBO34YL3ORJN+94g==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:NlNRecarZ/Q154G6SrhEqTx4czKA0/N8xFa1eZ66SWq5cUE/DrNiLt4BVKtRqxcGpYOOuLAec/7g3f23FS9XSBuP+l7dWz2Of31Aw+YkxiAf6JA64y8PQQ8TAwv3J21EvOzuIDb2+1GXjMytiFbQU0QQNCPgfhObPYcfXbvkeB2E4L7Ja+kUXT0QElV3KQwmF0JKcoC9XfdOsmL0efqW2zJlZmY+PPi4u4ckL1x8sHH4r0oxDDdljLSqmeTQac9EH2TWqlwK6ofsXTfSiK/cbmvGgGdWw7x8rETJO57oNZ/IaOJOVpwuXEmbCXAB4daZFivoBQhvo9ygCzAr5ThO4BpjgxHldwUHWk65P4KdO1JiVOWMUi0YREouHI45KEpYa2FhfE/fiAhRfk9B+/K7MQy75HqlLDLrm6qZHchpli3zfl5J7TUVpJwozP7YbxvXDZ+cAmUz6acZ30l66JiMbFqBZPziI0pGWv8CJzum8MrYoa85iA+BH3Zj/nT95khsNaPX4ChGrIVjZo2IQikMtWgDkthRV/MOIhAyCheJTK1Vc1jmgnlG3E6J3OUFtQr1TUq9nrGe862pSyW0yqBjimuTJ6hVhYUdPPhGcvlMy27E/3hb1J8BDxzp2garSfDstwTmcSVHHOniBlvr/1aA8CE2ZcxqHNKTSVgGSEFaaAvUH9pv4jRQOE2i0u9CweTnOpc4qyO+jcLX6lDKHs/ThfX0W+tFatMHU8PCZUOfF8/i7H1zkimpIw+z2XPtcbwM4plkKyceb2JFe6mqNOb3VDQZTYe3BABZCSiy78ndSK6Agd7Fkw9fGF0Q6zwCiMo9vuot8byksju6MVpYVvX1L7RQ4bhZ61PEHs3Dlkeh7n0Sp+IS5t0SoADIiyhlTvdUW5Dye2/3WcfP7U6Dapc2xXiNMvurwBZJHAHBfynI3A4H5Slse//hEIF4dUtkDicQhXzvarX5CI6RcxSoFL6XdqbSntu6hn+jdZEumxxNa3JAA5dUXkb6x3Sy0GSRlwKF7WLJ68VTndEfe2MS/36pS/V3VpaIvhUXqac0I8/UWiqHvr1L+jTT8erQUIdsfkHCjNBsR53+jaenTyU5KpY1hQQdVG72GQqXH4bSHBKxe9SeOyoWW1ysSS5QdTFqn3BySkWN2OiDYgomec9P+6J2lNIHUR+EhIW+4tTmbIVgmlQtoCtSELN4pAt/wwryJPOJtO2aUgKsM9tYEtgAcGExcbQC4AcwfkZzH/K2Ovo63+MlKrcfUmilqJUMjE3ATQJVrPBjrtKeXR9h6blJakOhx4T+GVdLzjrUxqf/Ky/wh5M1HSruBEmFo7USLgfPt/Z79SK/ajhmJSknZjpdd2pdWBWJAIXmAhnLMK1ILZlUFgUexhmLurcbwic3Aip7u76zohjNUO2EldapInrt5/9RV/kT5tfF+NF/vGgoTRRl1FcqcAZJI/q2drnDy74sAyAaX7P5VVpvKmdarXAJDsfddbhFng5ZjIOwgxxTW5G8Lm26YETHZZ5zKhJBxhb0f8T8GT48pCsf/aMx4inEfroiH/k3xjzbssO5DMCVCRXudQ4DydkGylkhZ/WK9fHHm9yf/NKFNwjgpdL4p/tdA6rVV6wlIY79zG/rZjKJc/I8HRGpyxvK1ifJ7e4l49cQIM0l7yxz5VlbvsXGAxSo0YGwhanlNII3Yr8LALK3U+HLYaB7RCjzr2NSSBn2hXApnWIaAlACcHwGSIWOhZ8us43b95L65GB3IH4jzt5E33Be2YKst4P3fxBk/SvnCArb+Z/Q3+d4ybwSKTaGm1APcCxfS8ILNAYBGL5i,iv:u+6AcWcrUcixykUsu17Ml8zkYvtWTPIZre/SugPge2Y=,tag:pitqXDdS+1JCNtt3WWKtxw==,type:str] - server: ENC[AES256_GCM,data:qJ7/D1xOJTwjtRsFdllArGlVEdczZf/gSBo136ZlCJS1YUS5l0ApALUDPRIV14Pa+hZ1y/VQ+3LZ8BNyB62wUoDP8cOgvsmsQA==,iv:qpwfnzqGWIkYnRY8mMOyMbMsMkjNuUOV2hpAvpskuHM=,tag:CAr4tmHDbqbAsB69zJh6vQ==,type:str] - name: ENC[AES256_GCM,data:xSiNkGp/uU7prG2XBx9gkMysg82mKczZyjzKB9vjNskYZtihj9Fq5P0jb2VcE6dvzFvhdjJXwPsB,iv:BczZp7LGXMlzyBpBadQVPHS7BeyXuF1TJ2PCfg567aI=,tag:W/sByvlDpuKmWmFsAzYW+w==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:Zd1K0iBoK8W3jG1sDCzc8XSrQoGFesm5j6+whfCmBiZmZ0TbyUXlQl7QoB2RWzc3IUGvK9CQ1HEJ,iv:ZLdBQOAHm5Bi3uaSqbVA/53oTaUrMc2r9zxCvkFK2fA=,tag:cUEdBUO8LR0hie/RhTWjBg==,type:str] - user: ENC[AES256_GCM,data:dCed5eih57qxqzZjlDnVNTNYUJXUefesVXqa/7d+xgSEXGeT/Ez0W28TjwZv0efZcMwxfM0O02Jx,iv:FFL1imrLX+sDPBzoswFUJJBg1MQxQR/AnQ76Mb0naXM=,tag:cKDavM5RfAsEufzq80ygRg==,type:str] - name: ENC[AES256_GCM,data:XFF17qgsOFPmeHA=,iv:jsD6nn4dLhJsKr+dm2Gk/TNLRhmI0pHKPGao8BkSc1o=,tag:qzrSnyZRQDa3quxfl788ew==,type:str] - current-context: ENC[AES256_GCM,data:Ms6n0RxaLVuEL3M=,iv:C7H5OUqXAu6wjdKVeJo/Yo/6goeeh5Lw5NBAz8HmOng=,tag:CKVB5En40Ogt5+tV1RQPZg==,type:str] - kind: ENC[AES256_GCM,data:PpijtBq5,iv:ushDcUaJ2+XOZJmepXX3DOmKPsPeS1wANAEOvKKfEM0=,tag:+ZaNuON3QCfXdkmxSqhjCA==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:SMO+kmIZinpbh7WiKqKrXVdVKLSErVbo+MZSGYQg6VmiI8Z056d8R2rwPPLVeMIw1gwtOTHAR/XS,iv:tnh9L03CU2l4w5PhrO6hO/C/fBdE+5lR7+XRFsCcvC0=,tag:H62ZyLnO8FrWZo4hx9Q7gA==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:geuMEnam0Mcx6M80F3gZ+boaO514ixCEGo4Z8Q2kd5PYVqrsLw==,iv:N26s0LuEtpAtKretwefma1Rt419s7L4iGVwBZX0IlxA=,tag:h5l29QSnslYnhLKqHXTF1Q==,type:str] - args: - - ENC[AES256_GCM,data:znWNYmM=,iv:0Sw40D7m2hgbNK35WhJT2tz7qyVAjUtH7NhIGpGuo3Y=,tag:B7lvWFTFEEQkk3Io9IVIlA==,type:str] - - ENC[AES256_GCM,data:QN0=,iv:xfXS/28AnGHT2HAJ29Sa3TCXpu5/Syfpg1DFwyseuNA=,tag:RklPtJ1gIPV77EnM7ceAyQ==,type:str] - - ENC[AES256_GCM,data:AIFQJzHzL+smj7Ig1Q==,iv:i4GeHp3nfvpyC+36KzvXRvBnWVUChDa1pMw9p0ZOyg4=,tag:hciTQ9fMVUKIZFM9GLQatA==,type:str] - command: ENC[AES256_GCM,data:f8/o0DPwX3SbuCOeYgl8+Uo2m4VC,iv:fKT1P0JGTK66jKEOhNndOSSatN9RKIk7MepKniKZJKA=,tag:0R+VVMFfX6mHrfYL80FeBA==,type:str] - env: - - name: ENC[AES256_GCM,data:zr3YEhURNDcc0y/nAPc=,iv:+olA55xCE07yFXvkf3qkCzfYaUcqkXIJICw8KVmby/4=,tag:GoJqdPMwmtec+P68onZrWA==,type:str] - value: ENC[AES256_GCM,data:NspwHsxtMwkr6iC6qUk9IHAeVu0=,iv:V/v6XWu4YpkxB54fK3r1rAABON4efY6L2UlN+Qq/HzA=,tag:8U/6VP9TJ8zX3u7vkm9gmw==,type:str] - - name: ENC[AES256_GCM,data:kGLTdTE+Kz7jHm4tlAh8H52AnEZ9,iv:6JmBMLN7jVwGAyRdBy7gKQ+8MQqBdY9sXCE5Ux3VNx8=,tag:Yo7wNQORnRi2rykqNtiLOw==,type:str] - value: ENC[AES256_GCM,data:6eSKOmHnA5sUZRQlUovO6fOKLYDQhFZH3/cXmxOkGDuSDRzt3XznBg==,iv:UegqRJ2Y//ja5xqn9exT44B36zIl8JyL6c7deFEZzWM=,tag:ycvnzXu+YKsUdVz24shnGw==,type:str] - - name: ENC[AES256_GCM,data:YmzVehZr/RVo2g==,iv:JQaasK2tDG6jxOiL2uF8+Wjddf5ssl6IvP/MghhYC5M=,tag:E1ySfBC8M72VvruHkXCM5A==,type:str] - value: ENC[AES256_GCM,data:cyqiTyjXcQ/pZQ==,iv:KvQBWK+OeK5z9Nj1XvyPudpboXx6g+HWm3nTY6C9GlA=,tag:mEEfqszb3JtZRM/NE1Hxcw==,type:str] - pb-qa: - apiVersion: ENC[AES256_GCM,data:iIU=,iv:htJWv2LZJ0BW+O/zu7lcF285SziqmnQvjazmcSRZDWM=,tag:NwBvsEZvakXSOVfAB3v9Lg==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:pZ11Lp2o5RN3EiEB4hHZtI25gv8Xg35QO5u7a8HH59Cq/us0nUZJyzZMZZ+M8fwbvmpBP0U044w6cBLv1QRNxOZ4GDTgYAX66JVFCVsyH2kKv98YTv317H24SsXZQxhUsDVs+q7+Vb075zLUhUFRyqgO7DfiXMgUm6E4sDDOYVQOsOomfQi9z40X3RHD0F16Zt8FAdJMpzfHuXaTpVnnk9lZnzm/9b71v2NExw+XAv72lMv3BciEPqfkFDAKOXPLiUzZEM9n5iPQkjz4rEVrlXpQ+o9+TBlWQ+9R5f0drfhqNKG169Gu1XDwKwigAXNlOiM0n7a9xN9fPjcn4zU3gV0qyGE8MnYHXnkCZqf3NdMrRSuPIijtYM/82rIf6kMhNxAI7DScCpSh7W8qwhS3Lf+jSDTBO5Rq8lUBtEB5GoQcNfhwPKvZXY1EjKXFBb5DiR2jINTKwouqlWV+dV3DT8QmudU58yEQD1304TA9ppSB3kzlKpHDECqyRJ/jvcRA0WIiKdSpSCOtwA5Wd1doZL+kAYWkFyPo8rGmFYd3D9FXYzhnP1SOovBnge9NK9+5Dw3FOMmp9no4PsGBsRGNdwQKIJoyNHGVRgZhTsZahRMX77PdnjIjTDkHJ0S5K+6jinDMMQ12MuDoIAB0JZJ/FJJ2yt6MXJjXkZubWd6owR8VM27c8wNGhcPeuSSllx2kLLzWq4mXHP4aIGFqtsu7b/a50J6xMCKlbm9Kv4lB8rfa/SW5quDM1boI7MHNevFjfS4ZXNrHDL6GKu3wVqFhjOArQXgpRHwAQUAX+U+0W4Q7Cv1xCWDnmbYexikMNZN9iE+dz9pmaKV2fUjYgRGK7+VNA2+4sUNdNa/UTwx/htlNgCjfzOVmQ0yQPdZVkU06puwe3ueQ1SBHuTW2oO7G1U263loJkwAv3i9oC/mdcnsxt9NvAKzZTBDX6oE5oCuBEYVfxDYR93RnekLQkd3JoRV0bzKtZTsyf5YHAczOQNMNFtpvI/C+UWuwgp3kVDvRA1uZlmsvCkK5g3pHjHPCZY6GEgHzt9g9lzzD5mzCBZP2sL/FPuGKZ3TmuqbFUV4SEZUFqcNbqF0v9l7kmFI5o/NKVWYnJ2XOB8wJuizO+bVBk9VV/tCssI3mEgyUUV0lCtodFUfZ4A/jcfoKTadzpGkLUIXxg7gwbIyuskrFLgFodDgIewOchxlPWDPJwxtqCmih3PuQbplgoo1uANtmILZ+HFk7nVaY5z8uQDDB3mEUHELmN43k5sgUuV7zPyS/bdi5FSGUFYYL3NJ31tCrTh+NAu5cipqBNqsMnDrh3TStYwMMGaSTWTycvnSfcu/4039gvqMdJ3dSHE4KdZ7x+OPNh4lpIUatbO8umBPs0nnvwAJhgvNnnVCCbJurB3eMNytUjZLMkROthjoQQ78kkUFxb78nvdjk6dtUUd01LTf9T6E187aUCwLgeACFSEBVrYYhwZC5e3e9wjWhYMRLHrGP0qNEsPb3qlk5gfDN3UNXzBJ4oLZqx/q5jNnq1SREfBlzcQtyf9X50DyNzxb1zdh3ftenor6yggAtNTrADeHnKgOtAVobHi8JP4UgTqcm7h6mkhdj6owDRPCC1d7hJKAz4kAPu0a6z1W7nLcPRYDRq2ei+Ccc31ZIXTVfbjNcPA+VfrlF1pxB2orjGgFXE8uU27pIcUj6gURS3OXA9c1+p507OEXezgU3oTe5ikZT5+lWRMrKitFV6Kw7f6oqeORpQx/57A+6TYHFUKjF7CJXU1zw1r24yscMnWddiIDFRycYw2ct4PiEQqOFndUP5E2igCoQ6r+C,iv:W0VMRtbAVSC+c0c/2hPN5fbKg+qJpSBt147VrRlcWSw=,tag:P9we24pbTl779DtERgzDFw==,type:str] - server: ENC[AES256_GCM,data:P7x3tj69hAZ6SuIRTAHcecLrhSIB4/889MbhUGpPqbZmyyxlBcPXePHmAjfNexFfhJcx6KgXEM9rN07Bt9Hv2wFcCJcZyaEmow==,iv:k2mINT+zJxnJruYNxPP9Lt0ft5DLNmB/0qzor1CAGZ0=,tag:nTsYCvQg/xG7y6nOAIWs7A==,type:str] - name: ENC[AES256_GCM,data:GE048mbNtANl/Nwghu9kXMUYMrMTD/fNVxAZMlu/JXCBU8MRZmpSYtNjvaxx1nM9ePcSXMuJGg==,iv:/DK/Vlq5nXl1RDfZAFb543PBDDHsjp3yb2KRH60JrGs=,tag:dw3hyS2BGRecvSQVvJRV/g==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:zlRZgjlirVsUYF9Y5pecLjUs6/8IvBUcCYv54CI1kw9r2bzXuvALak4Z79Yj9O4xtiDki0gd0g==,iv:mbGlXNccW4arcqboB5SvB0nmiFtaI8RGGCauuX46+cA=,tag:jsfEGg3nCZEQEzAOffnjjA==,type:str] - user: ENC[AES256_GCM,data:NRqMwAOdFggCZVKMks/YygYSDUXh6kmJhA5xBxDkgafuMlUATYc1eH9bBsTE9z6+2r8QKFEGGg==,iv:Wwd0VKdshcG6yo7l+kX06Z0kIH2oR8PDpG057edC8sw=,tag:ai3gY92pGhjlCo9TgDIh8w==,type:str] - name: ENC[AES256_GCM,data:Elb+CAyxqcONIy8A8I0jtNReIZq4BdhEFwEp8VRuNCMxTfAo8hU3LLaJSMgpFzvDiGeHXKfwqQ==,iv:hLx5msi4MF7chfvX38eN8ARDs7lK658idzhCE3XZi/U=,tag:SSkPFhlyUMCsTUk3VbLvIg==,type:str] - current-context: ENC[AES256_GCM,data:QcvGHT+Q4GQ4kW44lP8FZp36Zcs6YGJ7/nWgG5xO74gpsmr2Hjw4CdCLpCWidQ6D4/x/usUgug==,iv:Wt4Euqx40puIWx042gV0NTzQaKeMpWgLEeGwCnM4ry8=,tag:DXWuDXcztN7VRVb7DGazkg==,type:str] - kind: ENC[AES256_GCM,data:5IFPsG0V,iv:foPestfuzlJjnznw44k/La18v8T/8oUmJPYZpXjXND4=,tag:1ItdnekJQM7OJnBN7XOMlA==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:6LUG1uYXDhnndRe8W8EcM8iTFKctY7LFZpd1ZpgXRXOyTKIOFGRQAc1rzJ+E9sqrhzjRKT1I8Q==,iv:G76RvRr6MvySsXI8Qdj0pKGbOFUCXGcTrNnOv3BQBmM=,tag:jMZ5bEALVrq3a6tB6Huu4g==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:o5d7PUMGppc/8ropatZgcRenDmykY3lIQ8yDYbb9oFqi09/9eg==,iv:wrAb+ghUfC4YL0tTSlMsdgT3j+qz6u1P5y5oQhwPfdU=,tag:BnedSan30U4EGjwXovLS+Q==,type:str] - args: - - ENC[AES256_GCM,data:M3+IxgQ=,iv:DI8slug0a0jJgUUBljD3ta/V3+8oDVvjQ8WeqIEAWFs=,tag:oWcNf15kFOwzmYdJJ8GNYw==,type:str] - - ENC[AES256_GCM,data:BW4=,iv:14akgIFx2CesbSC52ujo+07/PTwx9Vv/jXVg6mdpwJ0=,tag:8TA10MmeFpHIg4claPfAAw==,type:str] - - ENC[AES256_GCM,data:fw7ie3y7AoqcFHA=,iv:WyagUGhWBCPDwAyVWTCxZLnHK//cfD0l6C2i6DQFQps=,tag:QO5ILxsf2wwevPhmSRbYCQ==,type:str] - command: ENC[AES256_GCM,data:TIEeHjCwt8S4ia0u4+fPLt80ftCa,iv:c1gHxRekip3DB/+cgwdsSglHjw8M8jbZrdrp3SBwJAM=,tag:olGRzcWqqiuPgLJ5qJa1zA==,type:str] - env: - - name: ENC[AES256_GCM,data:nPMGhmCWG9VLEvuw9Oc=,iv:XVcR4pN/SQsQNCsIhmHUZJAWT88+TDpHY54MIinvn4M=,tag:1A53eD3312XWdiu9gIqHaA==,type:str] - value: ENC[AES256_GCM,data:3Xc9QI/tW0BcbnQvv0mOov4IcYQ=,iv:Xebs6VAFtnz8Gh88f6G7c6qm/egTeXpGhv3pfOSfm90=,tag:jGdgSrp9+53nhlS+7pqEww==,type:str] - - name: ENC[AES256_GCM,data:qnOuekY9hBSsb+ZDUL/z5Q08qmCj,iv:s23VUZYRUviC8bEnpCQOayjdTXw0366Be8FtwJ+HQHc=,tag:XOtgu4wCCs7YKPDTTAcWQQ==,type:str] - value: ENC[AES256_GCM,data:A0y4yEZGhLptiB69VrawOLNAMryKEoLwMjsHLrWnWQTS4zUyXnALbQ==,iv:O5cnx+Rx93wwo1YSpulwtdm6qG8OrQC/PqP0HCdIElA=,tag:YE/YkPag80ijKLxholQ/eg==,type:str] - - name: ENC[AES256_GCM,data:U41FeCM96RshGw==,iv:wjQLa48n9ab2OQSbCdtzGoe0QDdYlsZxusp5pSkSLq0=,tag:XYQzP5DHgVJTaBUAm4Q5oQ==,type:str] - value: ENC[AES256_GCM,data:MpiRbWQ+d8FdvA==,iv:zVmugnYNzuyyV8pHOmwrTrRA/12xan8t6zjlnCUoZAU=,tag:Vxn/d4hVJHSQyehyokvmow==,type:str] - epass-micro-prod: - apiVersion: ENC[AES256_GCM,data:6vs=,iv:ULHkKMwjRPeXYQZ7Dc5EKnrJGB/MY2MUSHYkkazgz8I=,tag:wyQNRGdYj8aJUXY6Veydzg==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:lsWfPv6zkO18KR2KGWl5EX03jlyZB40ez1gYqNbs2S0tgnEv/8U9O9TbLMOcJW0OJBq5l4luCsjgIDqB6Uo3g9YnfvjrJC6Dv/hT54xvf6R6KjtGHn6Oicdn1wNeGt8RkA9zFNcIXEL1J/WKF/ef5e4T9spz5C17Dgn2Bnpsa/AbqCksCsHU1lBJ1DY45Oyw+RCBS7ZgGklEL9xL6GwJFMj3slCKvo/UDEEOT1B1WnVvzssokhAcocJOqJBRuIt/uDd6rr3cjq44psv5ysOvF5qfVFDATLO6kTsLv2UDyCk01zdKPL3Y4oiOCHxNMMfVUl2gAzTzTMu2eafnhdXcXsJmRfY0XMZItTInjCDNnQmwMAfTMT1o9GZyhj25gPhxR6YqYxNBYfxt2M+Cu9fMGWuYTus6VBdKms+ubxdgRi0mJ21lxKr2GE8wVCayG9hU1spEIfEEMuCklVNZ406mJJKbLSPCgwwuLKe7aAy5BXoOG5kWXOFDwWy5stfFgNKIJWI4ZhlVBBGcNck8RZC8VtCZrDVUNXnf3uuFb1foZ0LnECLVX1aeYAT7z4F/0at9OxMViv2/hWylq3qYng7OriXDjrVzTeukJBOKseyFbMmBT1povxVTtLUXGlVkQhNb5D01rtQ/V3Wi5JzdSDMTGY6m8P5XS4+92HYWmIhQJAi0C9iDwJn9wO5i4qs2cq4ashrXfTYnuj5/pegwe7claoN8XHjNWzUyNBCcPdBTqPcmULdNfVY1LAS1DjP/UBClqlApXJkBWQZaD/d5ZhBg2Dii7wa324viM3mtrctynLCZZw66ETA99XEdPTO9B8+YvWdKOqNTlcV3bXL/gO0kCSPiuOGs2QtYXrzCnQuyjreWyspSprWrzdxHV5J+U8r2ery+gNvCw3lWb4K78eWH817PRLPgQPybjcRjB/Q+QL/Q6DTtRDCVes79QyB9TUtEdowuxRv5A5C57wL73tF8B+8h66DCaj85BKwKf3Y/SgPx2yEhTegpJkKOMUts0ijLRhiYZd2TdAV30O4F39smCSm3YaHjYRNvxV5GHYrhd72ZsM/b9u2KLu/m4PLkAOphSwZip2WpdS9woV5+YmLP+k7JJw/F4S1oWaSzKw2bY1wEwsqRUuIg32TxxsdNcj6v9W5+R2VXPaszurDFhHu1wWDqnsXv7LjC1AeNWoGsvo64S4Ixv32y52K+iOSkTxe2U2Y/Q17gdYCsIsHyq/TwYq5CCLPsPWBoPhwV0lLFSPSm2ViZxx4842XPpOYAl0mqrwCzNUX8MuS8Ny820Gv6emvHprghml0dsR/ABDSDODQMG1YePXfvht8cPMUYB1Mw7rlv4GGTQrdDdB9dRkeUF0UKEBwxmo0udFKjsDUQDbgwcgjpPBS5T3Qm9BB02csqEHFZal7M8vtXpSMf3xvUeWE6FT+8I6dYYcFaJp7XBO2fAvKKivBE/KZVKTV3HMZ7AWQWTZyE8dYCBfQgqsPGqDN5ZH8i7Y3NOtaio21ltMFV81tL/2AuHN8t2vbcId1uiq2oK0JrKu9+TFxTLj6SlBN7dcR8/gB/ss3VDQh39eZXjnOKUXbziP7d0EXu/OTEqUWhNZazcE1WSXZPWOIQONeNK4iWWgsicwRBsUsTM9h4OKWdd6v4ZQ8WgwI27HrRqaN7xLX0KWN+ugcJY1Ezrt9Y6LLmiVX8NRQ17uFkU41Qe0/0Ay3HIUYxo5Jr3/cZUuF6497cIZjHcX9g25Rqic9kxPDc23uCIaA7n+k8DoJggLbdLWVjwtVdl7N64Vfe1NWPxUjwUwHB0U5M/x7hdtSoXYVK9Vpe,iv:lf67T2kxwn7meJk22DlVvwgYWX1MOhKW3b3oU3WXHYQ=,tag:/0ISokdCsCb6JJ5IKnvNyw==,type:str] - server: ENC[AES256_GCM,data:gf7NCW/hfMGIZVyvHZl6mRzTVwGao/rAiGD4KhvtBKoY+jAEOA+hMWmEpP5Gje6GUvVUVrx1dTJJR11KbspRaAIo5HAWAWQsWA==,iv:Xq/RZjWAt/RnYBClSud1EJg382MwezjD/77MjPZ/A9M=,tag:tumqrw4Fl9hXMj90c7NlCQ==,type:str] - name: ENC[AES256_GCM,data:RON0w9fZHAC2M5gCGN9KII9Y5jt/6tS72gtC4kzJgqokMiHlOFNHqvVhTKQnRcPFRplXx+YLg9G1XpU8,iv:JnEbFSgIgiVW0JBVyFqjGcCfI4r4OY4Pe9Wy2+HarAI=,tag:Zz3xADUbQQnSv86i2Ys0yg==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:xvBH9maeGjhQ+Kal2xEl2Zs8o3/TKKsYcyGU+i3bOqnWb5UiqBsW8Ej38u2aLXhUQ6h9iglPikMOzXq2,iv:DYWovxLqHOWo9lNx3iL7K8+RsNwIhEOvuVshVev9BmA=,tag:7BNILI0QKTrJc4pYldndZA==,type:str] - user: ENC[AES256_GCM,data:IO2ukPN1SrAMI+9MVsG9He/CltR/e0xrscGp451ho9o2GkWbA3RmahHReu036YMLPy5kIkWSdc8419UJ,iv:h5egFqVYWwW6U6kOJ58BUdpezZ2mpZtKhEtzz41kODw=,tag:AV5Qu57oqcd3aNK9e38XhA==,type:str] - name: ENC[AES256_GCM,data:dtwhnnldzo7kw8Nehw3WaA==,iv:7CQjad5ep9F/GuLMtFxB/ekirdxx6DoLQ1txtmWvdag=,tag:COoL94nz23OVC1cmMQfODQ==,type:str] - current-context: ENC[AES256_GCM,data:IUrxPs2LfNf18f5RIOiT6A==,iv:ekaOV8GPkYJm2AqJTJGmqK/hPMdZS33gjTrlk6x+vKI=,tag:vlhkPJGIXWVAEfSOvgJw9Q==,type:str] - kind: ENC[AES256_GCM,data:HjsSAoDy,iv:yAzDtOeWJDmB321bV+nv/vZHUTVeQbuAQlxXNqyv+xQ=,tag:WXKyqSA4Aaw9WbxAVFEisg==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:rl3QvKCvhVELsJAagF0bfCZpOKjpGnAqnx0TGMj+8IRAFvWpCYzZVW8L/84uZlXJYuriNvJou8axGTeE,iv:CL/q8l1kvZhjV2uR9opF4SqOWYEd8DHKwEjl/k2KiiI=,tag:GiOdHAZ5qDVIABXax6MPsw==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:ZT+U4hGatsbnRD9Y0KIEZz4zxfENIU18M8pD/2dMV9/WOF16Kw==,iv:ZeReNWwFhAwJR08OV/ILDfOHUeImvloMG2VsepUFn+4=,tag:XaGokQnn/bG0q1XZJ2FCaw==,type:str] - args: - - ENC[AES256_GCM,data:g30Ge7Y=,iv:WBsr4q+HcIc0vfJeF+dubPF8fIdLXuqRaAHXwfFenyM=,tag:9mMjoEt0ZgN25s3LTCwjbg==,type:str] - - ENC[AES256_GCM,data:npQ=,iv:tNPHSYvNEb1Z473G61H0RYwOKuNWmJZuumUZANpaVGI=,tag:Uumhhbsi7vHthFeYAUIl+w==,type:str] - - ENC[AES256_GCM,data:WRmgtq5OjGTjiWXvNymF0A==,iv:3UE4cRx4j3EOCWFy/b428g/JF/U5f4US6JgSe74lvIQ=,tag:GcQfpSpumKpyDidcw+j1Dw==,type:str] - command: ENC[AES256_GCM,data:RkJxF6SesEM5IuFD7l3KERWEjhdq,iv:Pty5pGIjMG2qHd9n4ppL4ZHR3ZEtn9J6vhL2C3fQh3w=,tag:HJSP94eJluhVd1PDAob1qw==,type:str] - env: - - name: ENC[AES256_GCM,data:OB46TGG+hotidHOOV74=,iv:Qb5Ngfa5JKlYDZTRXBqUUfysHdu7gUNhFDv0K/1mM2E=,tag:c1nQ4aCRfww9WRyrU9pDaw==,type:str] - value: ENC[AES256_GCM,data:PqBAWklDb8oROMx9rOYb0LSGu5U=,iv:8hlQEQR1qgQ/XTWdxGBK5ZnWZeaMP35tdIsSd1Bd2Tk=,tag:nGiQ6PbTyvMsSzrhnjkSVw==,type:str] - - name: ENC[AES256_GCM,data:hGAJyVapIHFcnQocTJ7c3N5EJQr0,iv:UNbOfKLlPO54vXnTMMCuLJgRiKbkbBR2Ej77rDjX8EE=,tag:poG4gvxfDw2QMu9Nz/EJqw==,type:str] - value: ENC[AES256_GCM,data:u7e/u9GKQ4FqcNlP5odIzDtw4x5gkJKAHOs1Dr2223zxg0b9G1J8tw==,iv:Oi6sxO+hwDWFpZyJZOJM2UyeDBt/A9Q+elTBv02KmiM=,tag:HlQAphq8zNXJ/RurKQN1Wg==,type:str] - - name: ENC[AES256_GCM,data:apdjecSofP2wCQ==,iv:b05Z0RDOwqdI1BZm/n/ydZSKVhlW2nVeBV7IzPZwaHo=,tag:HCd5Lk6OVc1S2gRTZEzt4A==,type:str] - value: ENC[AES256_GCM,data:JEF9PjEnHZ3mfQ==,iv:Ltay775koF1hway3buSjwqzL6aSckxqR7rqqH7TrZtU=,tag:yETQmSOz7MI23iAPZkjPKw==,type:str] - epass-uat: - apiVersion: ENC[AES256_GCM,data:N+0=,iv:wqyqfkpk+ob4DRMZe1P/+m4fuHTPpzJfhy5hMVsQmB0=,tag:q2StSBivzyk4RTdlrBKmKw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:mNoEOudAyrVovfxJUoOnSoFxpaLyE+L46SXTMzdwd/Xb8We4re73d00JAQD0Lx+3AGYlUW/X4BsNptNEKo+D5KlMfoz+cZ2KBE77iMrAArwDwcG+JRpa1Y9S+SJ9muL47bo5v6LczgdxLSiYJE96ZbV2dyOUb4uzU+aGaTHW6ldObOQro8EvGceAVkHVOKkCUreBFmvNT7nT1L+sAMSAFR9DMgiJ7Uhm03t3PozMGPGt+Y8keEYucpo8avUDXtT/g+X0VYE5jwTNm2Kl3o7nsZCQ3ZJZYK82otYD2W5iufF0nIChgbFOSa+d/ZpvZQlKwgbWrlYCyof2UklrZ5z05UHUL1ybR+QNTzPHDEFccJRgFTAlEM+QTKP3spgb2z3XdQwMWt/rLVj9NhAol+CGsU+ZIh2ow0iPzeRnfJ415lX1Zz/1WjrkTQoLVrafPYc8k945+3hjyIXiJiZx3X5byK2glceyGPsMI0NNehqddK7cH+R3oek55MoQuC7uN1zlbG1NdSi5wNvR8XUnXM7RYaWDZaHJjeonEqp7VnuvPER7Yi4+Y+qxbgN8e/M6XAjpHmBY9I8uCR5cXpI6UZXn1ad6GXc4bOWOFyfDBFERGaZiuDX+Dv2+ibR3/K0MWegWFbvE39fhxjQCvvRKOUQHRqX7d2AijTO7zscKV7NItnZcrVZKuu8Bbcp6oOjKhhGd1LNAdKrjlhYrrTA3ZiUgBfFDNG26C5uSKTb/a7eNrs5LH/4n1ZsBRNzGMPY9TxjySJeoQ62cV2VYRZFMJVNHzp9kAflK+PquHIg0uvrSYvCi3ZXjl9FeMkWp2R5ZdlSLHZcxn2rQ8qfuOzrphC1RyqD9JKa5Exk0wnZczyHguwwGlNeniOMjobPQ7MnSs7vSLUqlOwCeOnX1CeWZatFwXZRzAlZ+ztaIPJDC0nc/xUn2kEiYgujCg3178Hkd0fAW7g/6qP+jpaGXWKmhBESDJsg28AXk3DUOM+07H7hvFAaIWM+YGm7ANk78lZ5cB9ediOi9+dwUOBh+lD0+S/lAMrNPnNSbHlohd8K8mPLbc1YzWEZ7FvLN74jEX5ZAKvv/98EcObCzut9stnj1c4msIwEbexQRklSq5sjR7pVD1EMfA7PDUVlriQ3pfTMVyHwRw3bB92prcHKFtkDF14UFz8AJUSkdTPw5plhUOznEaexPvCjHljNTD+UORdLCSLLeQ9WC9Pq4Gz7l1C8SF1HGUfHQfrKX2KNoT2A6+WKVf412KuWvFHBQhXXFh2clEtcUpLud/Nys/NVn86+idgXxsU+pU21QaGpivGUXq3kFR6fQIhI1emgIva+VSt1WsVhQwWVCbLNy04ksL/frDHBNZs+p1Q9tIIJM3IMx6dtJardyd3QX1OD3s2NUH3bylRj2u7zjATDhqlMd5QvQrjhOxq7nJVzsiGUi6hiDVvF95BEbkv3qmADjuloiOIc0dU1L1ZskKrKwqcExsFOtCGoHSzmEfs5Kj0KBbfv6fQ7VjqJzI9v919pMFZRSNWpo4W18HIvF74kfHGulPbgJs7rMDwAoXO+MM1fn0UR+ASFB0xT+Orb4fAUZMxhLleaA4yS6EOrhLOQQHgwsunD3GI9o4zq3uKLqIIfK1uDaMGH17hmUmFBoyJBtP0cvNEbYnO70o4nlSXpsVosIx8vFTN5Hta9/ZWb64s/m80DzHsLn0jIGZsk7WvwXdcP7YfLQmHi6HQRqTsP5xzN4TFy+lVR3cEAag82rG3UHXXLAh9MA6u1T2Hv03XtzI4AcjFIKtrEmgIFqP28nLtVrMKw4enr/LLeUqUgizhzZ,iv:dwGF6JeoMyd2z46bspJZxO8hK2U2Prw+sdSye7WMoGE=,tag:9YxjKaDSVxHFNtwi9tc/EA==,type:str] - server: ENC[AES256_GCM,data:Qs2viu957F2siiGEx4OTzCmfN7cbnd2rnM0uxLmSyiQN7Opg53NVEvcsIAtfucZt1D+dAU7o+mAucQ2wGdb8XGK4X/SFr0nW1A==,iv:aXLhf+Y6X7vK+6+zpn0YE7u8Ds2U1f+7rFmFFX2WDdE=,tag:eEUsLRGnlN84BcXtEL5Wbw==,type:str] - name: ENC[AES256_GCM,data:OdXHYP8cYSKFn4mtGxfRkm6Yo5KmiaPtSdmjV1Z9G2S048OQD+zVUcHSOPjck6Xg0h+WMjA=,iv:w4qbVV3WsZPHBxJEDneG5i9hvTNihBIMCTT2dAtiHIY=,tag:MRcBp/mq/Cuf/HAi6FiE6g==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:u9DEvT+FbM6SSkDDvEEOlI4hqFwR7BQR6XBD8wJjF0OmrIWZzaoS1VPzgHggE40eTeMB9BE=,iv:KVNxrv/LEpVEbcPpriHNv2s5vCv5mdA7g6LlgG56U4Y=,tag:0YK4tD6jqLwtqZOCM3d3oA==,type:str] - user: ENC[AES256_GCM,data:hDAA9TzvtuBXH8qDZnn+s+h6Qs4eQGxLq5oHnuN7RQZBecwRtc809A58wDqhl55pz8i4bA0=,iv:q87JM8g/I76zc1/BUeGCNh3Wkz5IlXtfzXoeAi9p/T8=,tag:cKryVqsaWAfbmAsEaIVJXg==,type:str] - name: ENC[AES256_GCM,data:Ps8x/RiGXwG3,iv:v0WWdkRwIC2I30U2AtaNCvd5Wyzlp91Zq9ks8+T7mkw=,tag:5fBDX0BYGzCNMFDnV4m05g==,type:str] - current-context: ENC[AES256_GCM,data:j+Uhz7fGLI4H,iv:0n0REYDSYfdegmMdpbWT07do+Ip0wW1UNa2wyE0qg5A=,tag:YveGudk9QtZKYM6O/CW/4A==,type:str] - kind: ENC[AES256_GCM,data:Rrt8MTJc,iv:vYN3mJk2AW6zyc40Yw0JYwYj9B2Gsp9UmiEetDItXao=,tag:QQexAo229TqsWS8LN69Hbg==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:4O0R5I4iPjw7wNk65snkQyCaxWdidk1ggc2AVLgMjga5qgKDpDPVZRsz9kk5QmHCIzDlxaA=,iv:2J0nB3bjEJQd4Ygd1AdXGzhl0GQIdAmWcmY+rPAvEVQ=,tag:n5xor585my7e4ZqnsqmqRA==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:NAZTE0Vx7usDyjmfRT5GOxGXWmoFAh7gMqSK7i9EzN9fvO1sxg==,iv:06ddsIa3Gs0CLkPPFerbZ5QQJPdG3Bw1aTt5jLW0cHo=,tag:dLmuWpsiWuRsyVyqFxjZ3A==,type:str] - args: - - ENC[AES256_GCM,data:bsAM8ic=,iv:bEe8fazXeSFCuCggJIPJQRyElWEO5urfa9E9Cfzm6Qk=,tag:tcNsI9U2urtqZGNMearnoQ==,type:str] - - ENC[AES256_GCM,data:z2E=,iv:ELEzv4V5mNbbo/H1UQQO9/ik3VF7HmXoOImB2q8+9l8=,tag:vJ6K2e+SqKiB5xMl7PG1hA==,type:str] - - ENC[AES256_GCM,data:owwKEmcU8bz5,iv:4oJ526GF3SWnm4Gk+OEKvrx6OkzA5AsCIiBqesWItuQ=,tag:Lxicfeg6eEiJxu/s5Q2ZNA==,type:str] - command: ENC[AES256_GCM,data:5U3/Qt9zXNqnLhDpwn7y/IjSmIi7,iv:bLiKJ7EULkQgt5tLNrNF66FeZ5QrhTDiK7lYgI0MzHo=,tag:ti8Au9dFznlCDvvP8aO60g==,type:str] - env: - - name: ENC[AES256_GCM,data:Js5waTfsZQqaWH+j2CM=,iv:rU8DBNfiC6LsBvs7NdDD9H9/Nis7Rf9IU+L2nCH9zg4=,tag:XuY8P89oBiS8VLmTAKTlog==,type:str] - value: ENC[AES256_GCM,data:oyQmriUxteKKCJ8qIh5PfZz09d8=,iv:9dhIHx3w9BkPWDCzq4JWVdBsnfl0vqj9eNRjQTnSI+w=,tag:ZTWgFc711Q9eLrNonVCdsg==,type:str] - - name: ENC[AES256_GCM,data:31W1A8+seFzCIc4pz5TFWe/JX+cU,iv:BdXEYG2+LkkDUXQGMwynjmkHNud5V9JWKWO29s6bOJ0=,tag:utjXtgUELECX2adAHfBQ1g==,type:str] - value: ENC[AES256_GCM,data:SncwxvWKjTi6eaLg6b0izxEHFgTMvJ8IaWvInamTuWersw6wZbZbYQ==,iv:iadOwr1wOtehiKZhXAXNSEU02ELTqFjU1woWdwbVOi8=,tag:ot51rY8a6wGaSfDV2GwtWA==,type:str] - - name: ENC[AES256_GCM,data:CsDoKgyhkdBTdw==,iv:yv2Mk3LUiw3WaFTa1ganZbn9yhawgVjpUMcpgupD3Ew=,tag:bDYfbXrAmRRCbV6L967mog==,type:str] - value: ENC[AES256_GCM,data:w7qysHz7QcRnig==,iv:26hr88Ypg2elDfskk804FkwzXFSXgGgRmrgEpF1rqXk=,tag:90FC2ESI4PDUTyg3b82Jgw==,type:str] - pb-uat: - apiVersion: ENC[AES256_GCM,data:4XE=,iv:8l1Ad+1hOWtTQXqCwYPfF3r+XS5pGY0q1SkTxUPZfYQ=,tag:dyZwwjpAzj/xxR9vTnWLzw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:6NZeAcRSmTi+s8MUy9BxlEDv3bFvzdV6HG79XVwadJTS3fwd8tTUpSQLiPXbCCmGx5B2v01rz4HDoG6rtZmRsY+vCx6owfUf8iH4OMS/QlzhcT1DSkiY5j2Wb0TldISqArWO2YKPXemEjOC5/ecR/7i1u/OXgomZIavxp/60e3zNwvo40Q3jZIp0AM0Cjo2UNF8yHwQPwISlmUl1+4195zFe4ixtIvgQ0vvMmggiXqE4QbqIz9Y+HZKsz+3lp6wQkez7LvnMqMT8gefqdps13Gg4kHqap+0e7a0sxmaSmjGGkJ998Ygsc6Xh1QePG2jMH3udrxTPWMFkwpjFGLrtBHZidGliH4TYPDWqpSdeZPVSdKD+KPdFm5UyqgjlhnxAZOdFu3voWBjo2JgGq/Y4/npS+56rzEXZfioeDEn7elYAIX22Z/j5yl3qJe2BoGKir4E9ekZZ8T+ZLWZu3zC0JnNpy6b2Kq5lhixDPFKgWtaOcSaFhnzWuKpcR95HHoMhZ7UojdTd2ggHLSGAfZY54mBDV7X2dJDAsNelRO5yRfBv1HX9CgC6gMjOUmpeNNBFLf5xAnvEcGEAeJxtvhVPlMq/edscVCcie/80FYxp9PwierIN8VU5snNqHfKdPzU8k2zWC61Wjw97Qvfl7Z2E9jQY9KhlGx8CSIf+d2VUzzFdd/7InT08AGanTiZm1Lt0EKn8zBpPhNqyMsdTFsSSkLdu1/5l76L0p5079BvcPC7c318De5HWUFCn0dwD+bsNrRy2xGwuFEj3sru+AhWFJ1AdlyAFZ4GpHJwLJ2sIz1oF/Lx8DnWAAyJ2Rc576o79Ax7RG7tSSi/so27JemgvqwnUxB5AE6R0wqhPappmODvXqJIsPeMb3qa5QPvqQwUlRz+0hoK5y9gPuQ6ux071zf/FNfGsBBpsugiZH+RtsN1y6A/wbnn6y0qG0qsDdJuQueolL3ub29yrCvxY1t3QR3wlU0/V3QxpiQvUq20RD4XMXgZFCZdidpg0yzSfCCe/lnr9xDCWHjH4T0LY2/JKLqnSxBIn6yMdoONI8d7waY+3YnTG2EQNNQLMvj4EBAgFcblNDSjc3WTwaK/1ccyKUn2NbbLauAwgnZa+LNyMqjkGIinDmSVaQKEE6+o7DVus6Q77yaR5vqokBfDpOtI5DJo8vLVuTZ/40BRIpxK0uFfhiutl7g8+wY7qDTY/xNML2Hcx4li51+Vb0SlVhfCZoZmXiJPPnhSE5mVlzGxE0+jFM0MdV2WBcHxRDGDNooHTTsIOMP2zTKcp/2FtxQWaT8Rq0GJFfW9cQmWEHpPARlMQzjOBs0LQYaTKIFY+u1LQzpS6z7WgROS3AlVn76E/cpAPOxfLEo3MIIrdyXzVQBTavUhi0g5l3AsEeQ0kdUoI2h3QvGt/k72DoW43yGqDoraISsXHDyxmL9/WqO8sEjk8rhr05y4eeHZ/5SEshdrrRD6frWDPQBUhkANzCtHy6DlzLoVE0FNO/F6cYGUNSk+d7CzO2ceZRl1EcXzsb4RqxnB+8n5xPPDx7yDBtjiJZEO6sowOLgp6pSwOTlMccv+njLH4zL428L8BzgxuLLQqkTo8e8d94YIzxpCAPoEOosn+1683tWguoq1kXroRMGtQK24jpVXf7MYgl5oVbwj5ipS9KWN/0NI55yphbSWJosKheihMokg0WkLMomD6dnBizn7Or3DJnRslvQxojb4VkFsik59bzBceI0u9FJrF619IL1nr4mjgvbBH8yOMGw4Des3cdyQx0NlIDv4Oq/quA+BQGZf+Doik6zgLux5ON9TiYSVhLB9S,iv:S2Edz1DuF6tmXf1Tryfow+Cul+BCthx8ISxg+4XivZw=,tag:OtQbqq0doUiJ2pV/bDJ6Hg==,type:str] - server: ENC[AES256_GCM,data:cHQb/580FVUYWnNWqjEAU3XUv9ymSYspJqD7zfaYMA3dkjJ5bEiQKPvWuXX57nD6IjuTEY1RQpqEIU6hXwxYsWDGBdomhitmxA==,iv:KOSKVqt5y054AXT50nKz15Z+egjWb81yrBwRNoo9Y1E=,tag:E1s02xsFjfHydFjIzCSJVg==,type:str] - name: ENC[AES256_GCM,data:gnBDdfGPdgjcbJ7HtmuPErPbBEpey6BslT0I9+wiD7eYvaLDkIHrQKq4a9N2YvlzO3tkbcm6PWE=,iv:hwUQLWqJIOQQIy9Qdd3GTzQczjYUwskxjVzfTj5X6/Q=,tag:+cZBzu6cDwCyK+F+juH2dA==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:QyJiUvfpYkpVmKQn4vLh7TU1AeNcu+SRpP0MKVylfFQ1DK0AVOItXvT+l6d2xiPgECJ2/JhJx28=,iv:9Hc6NdyrGdJzE3kMTsCMH7ufEL967iWkDx2cSS+L+Y8=,tag:TxYefjEjeHKfR77JlWPccQ==,type:str] - namespace: ENC[AES256_GCM,data:ynwrIA==,iv:XihLi73nD3UphmJ13I4fcpquPVevBP1ezCNp0Zixg1g=,tag:jxTpfZ5LxcNSLQClkrgXkw==,type:str] - user: ENC[AES256_GCM,data:fNIXepC7nhnl2EWsJcPY39EnwHC9qtC98I2oj2St2H8y8i2JW4KhsTMiXJkr6jfup9kkDzWXPE0=,iv:nPyEW7Hqs6B2v2oKYGY7WjsYmbEn8wwrBuVnMs7dnwI=,tag:6pZ1OZDIaaiuh2br997LsA==,type:str] - name: ENC[AES256_GCM,data:v2intvMfYIq3Vzg7,iv:L19t5G1HY5E4pWb3RGRkaCSzR0auDuVmektwmfw4BJ4=,tag:5onrLA/4DZALc0fTd+Ya5A==,type:str] - current-context: ENC[AES256_GCM,data:rM6u30hGCEZKmiis,iv:LsPt9WtJD/ImRhlyyq24dKojFHC8Hg1dnvEortAogiM=,tag:4ZYdSXFo4iZT8osM3oG3Qg==,type:str] - kind: ENC[AES256_GCM,data:l3zQ4/r0,iv:0A3Atg0AIOTkwTsBOb0Gl8oMmW0FR+RXj317n0MvyLY=,tag:aY2+RnM1lWs4SAFPbarVFA==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:OWTs9Pi0aCs+qld47pYKXkmEfXmt7NQ4/SnTVPtNJNZqYA76VSLQWSZoo4d24PhLW0DMLWCP83s=,iv:Ngomx1wrGEy6tqNxOctZOqESMITRWuK16AsMsfL0wRQ=,tag:7o89IY5IDaodvAmGa/ZyJQ==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:ty92jvPgox9wZla+LO2l9NJLpnYo2JcE6ZrdfK0AJrM/AXz7MA==,iv:BzdI5S5FjMwt6ZbwwE5n+O3Bsb1tvpMIfJXE0KFK5ts=,tag:K4XOqXPhTxuOSut+JHfxOg==,type:str] - args: - - ENC[AES256_GCM,data:0gR5hSM=,iv:nwu9cwYGrxRNA4D+Af3bPyW+kDal9VB8hWLwXKDbyRg=,tag:bIf4n9uJA8F0ZlQ/saVOpg==,type:str] - - ENC[AES256_GCM,data:OEM=,iv:ORTz4TIws7a6rSvjPmVL3iQtqp8mkJgm0NLUJDDiHuE=,tag:NLq0j0UF/WGEKZiBiH5wpQ==,type:str] - - ENC[AES256_GCM,data:CfFwN7efLlVCIl9C,iv:+HBZWBKMvsC2afv10CDZZPbfm9OaI+raP+5zG1MEMZ4=,tag:ngth7TbGQwSM89UOAGGugA==,type:str] - command: ENC[AES256_GCM,data:moMmrDCzghHTVMMHbaz0Jz6/bmYN,iv:ubTrRlwpgwNHTCVvVeQ04JfJSoOwzfmgMuxJEp68u9k=,tag:pZ2V1YNmZfBNYq9RZab2Nw==,type:str] - env: - - name: ENC[AES256_GCM,data:iBIK3kj+5LmbXIKRdOM=,iv:agXiJm6F/mgpWWn/8vuqKuLEBat4AZ3e52sdfZOyU0k=,tag:XMRTHuyRe0bM+iMpJFtvDw==,type:str] - value: ENC[AES256_GCM,data:fol0vO0EqnRpZjSpWvh/gyXTuc8=,iv:QlTnX8jtKDIEtL1Fu+ZKqdy3/mUPol06NO+WNQ9jXDQ=,tag:a2Ss/6wB0nwHnQ8xFUjZdw==,type:str] - - name: ENC[AES256_GCM,data:20gWxBjcVGWH9+jNcrIM2DSU8wqa,iv:g/UzBbEWTq4wn46q5rNOasz6eRTupCU1bZag8Xh3WJc=,tag:pZBgcCYQraRNXZGlHvzj+g==,type:str] - value: ENC[AES256_GCM,data:hN8VoPzKwkIb+9Dr/6sLtT464ZtafP63pgbe8c0UoWvnj24kOMuJ8Q==,iv:KsfWJoqyTUUTPsTwpNRbGrdefGykefTW2ClodRmdhyI=,tag:OePxvtixJEm9kuPlO+7SGw==,type:str] - - name: ENC[AES256_GCM,data:pTF5bra6m0xjWw==,iv:7S48/15liK9LzCtrU7bt4Fba6UR6y+u+Zwnvl2E155E=,tag:PGzxBMV4+mcURbBHvXKLNg==,type:str] - value: ENC[AES256_GCM,data:rieF/oc0Cn8+HQ==,iv:KSol6A6eZMvNFY0Fw31APoDwVBUIo25fYKt3U2OXGrg=,tag:GFspVmQl2aIraneciuBGtA==,type:str] - staging: - apiVersion: ENC[AES256_GCM,data:SdQ=,iv:RfCNNgeUS8YH5oG0RbJwfEiR1kWI4/rjRMuqrTa9of0=,tag:kQNUpa+jCRG70BVnpMNqCw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:TX8o05VG9PC6/F++BIMELUrtjOs5IdgxRZwrFvwkq1ZXa+QSAueTmleKtDt9BfdGKh7JItb2DA8MXNAQPa7W4MNRKq6Vw1sLo8msTO7HrB0Ns320Z50UMK84uRvyQORizqris96+/nWiPxinVA3/ymeD2uUmSvHe4bvJWh7v8jFwPMILf0igAm6K6CwjoY9RW8V0Bs6ZIZlr4JO04uDT1gP6kY3SNrdUy18OqWlaF+jYsxHqsfHVJ+6NH/+5tHrSvpQgVksmtPQ37KWjTA1xpmVBUl3jwKwlE7bWC4yx7v0CgTeQcHVNZbI0LjDq9w6rl8TtVS8mkMUTjMniN0njXA+R/TQQq7BHpuOuPvGCQHwc1x++fCrN3G3uO1ttHY/zokY6/MPzPvsTf/R0XIF/dbVMc9d+FuubajRRjIgIhzWPcDbEvWa60BHlGcvCMzaaX2Jduhmlsl0mTeVfIjAiJDKHVfobxH4ITx3RCvKa6x83W/2EB0OA+3KfM11jWqeuxkQg+KIhSHr5AD0/bm0SbaxDZaL7A+3gsah/3U+hkT7iD7uHuBnwTQFtsGtZ5N1ruKxEufSJxqm4sAJOLl9md9Jpbelb+TJS5KpsHdepaUcT+i8P2W7gNBfLTG6DLGg+a3fJnlwuamQK/UR8hM5scxPiCZTdFyFqlIC4aJv0OJwY+we6phK/NSGjZ9mrqZPqpbnmxXOWALx/9fAndgpeobHWkgUldJSl2x6zrCVZ6IY5OefCk4/nkWsOnvcsUqxUjJrhOM3n+0LI7zI7P8KImBb+jAItuhYSd9HUwkt+Pg2l5aph0Nqpnn5UMTq10doq8BKi9r9b/dp7QYNhSunq/Wi5hHQDx/C68sgrkEMSPp4D4EsnNYmXmzM9R7pMnB6dwGjdnGL0Q+7SLW+7pTEl6XEWgoTw0fW4Bh12QlMBKZMqM+q8icT2Yas9gZliXYKj5qQ6kBk2960NofpOYvsKLfbyjQhJqrP1rw21JdAmIGFqB8xmgWFcXmyGVky0qu44kJRi7PXpieKaD4fcw8NuR4OeASxBkMT/PDquBeFtO3MHv23nhuyuNiZEsFToPweXRv9yUJiHpm2jvkFKEN0RDXo9paNX9DXjuRqmVkQfWw1wPN4hxf34ihuirUwz0tRuPv6yJJLRClxA34Q475nZJKpkgUgb6vzrSoX5xfnvFZlVf7RrCmEUJ6L+r8IMueK8ituMl+XglirN+SmD9exYVf+PbwEIIOjwTJUtJ9RKB9RGe1AbCe4XpKC3JWgSLHjdmNmiJCl4XCqS1PTQ2FvcR4gpnijX5UqibaDEj/eWo2radm9r8ioB034I3qpQ7AfaNv+vVOZzWaGZgT4a/xEtvivBu9sAhSaeEdGB/+A9k3d0SwGvHSx0dev8P3vImwuiqxZJvvU0WgtbfelBBMEyEZ+N31Y0RkS5oMYY++CifhBMa0Mw2/NPqkQBiuMY9SQvbOetGc2UmqTjZJwKib5q2O8TccWABhpIJ0oVm8mHwLDHkUlaowi8d8uNMK4jsOR5kwEfigCRup4d7ZjqbSJep6JaxYqkgQ85YIKNxjNVNpc1rGpN5mUDNRPvA3gbXdKlGrBGrHBeYY2gDOWih80mwoXQ1D1EesDs2GPJoV4iUx/hzoLfgW3sy7H20kDwD/+1mAamYyB2+UsY07dbP7GKAX6GKEzb7OMNvcDljjyo6fIEDG7kHgip4y5DZuzyxJOzIbGdP1UwWEaltV3gYWj7eyEoNhAe6lmxM2grIk75L2r5iNhH7pZs/2qaUvBPbMOktCehsVtbXVMx3FlztIgVE+GBdLK2vfyh,iv:AwDAYivpC1mox0sYO9tiDQMG5DVApa4iaPNmJ4Q0NoM=,tag:Mv0AZGIiyBPHtXCf5VPVPw==,type:str] - server: ENC[AES256_GCM,data:gc9BKWpJMBHxsYwnVtFQI2KjNTVlgKk9oTUsXtlQHcwFcoPSaB09kdncnApJ4OE+T4IqROz9GxSxSlsb/BDOB27aPM7oq3RonA==,iv:oVmF5E3Tc/6KZH5I5KIX5YICpKEW6lZU7etEWzN6KVg=,tag:tVtTEb8e1XB4S6QnT3Csrw==,type:str] - name: ENC[AES256_GCM,data:fEil7k8XVoYUrI1rEWAJOA==,iv:EodjmH8aYoHNQIzWPGX6fQuRZB6AcOBEqkKWzb+mQHo=,tag:UZt4nC8sV7EBWNrOMgGcxw==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:XQ7pvMjZ2nZDzL5OoE43xw==,iv:1zRO0pBwd06AxQOWHAGD1nVaQjEoAcKfdv+BbK/6Plc=,tag:BhfD6+Quxfikm1STzx76BA==,type:str] - namespace: ENC[AES256_GCM,data:fOkiXQ==,iv:uITwCNgNonkYZyxZlkut1PL6AMJ0L6D30REo6ZvQzCo=,tag:HiS61lUiZAurZFxO9DAvRA==,type:str] - user: ENC[AES256_GCM,data:6IVCjn1Ruz2GBTxi3icNuw==,iv:bQqbSeU1TldiJb0mrCuVpdfD30DVlLiMqglt7UTMXWw=,tag:c3yFNSx9TRnLisnZrMUXDQ==,type:str] - name: ENC[AES256_GCM,data:yKj7B/Wt6mt1fI9xKSDGrw==,iv:zKX2lnYI9oesluP68b7MaOiRIjGAwZB9Z6oR5bZ17Sw=,tag:x36pKX9FO+kX3TwKHZ31qA==,type:str] - current-context: ENC[AES256_GCM,data:BcwkDVOtXH6xf/GwJ21IaQ==,iv:ZWBjMVlFIqqCi9dBRKOYZDUM9qQAkjSgaclS46wvQe0=,tag:6DHXhjcVPdT2FSDfIBtdQg==,type:str] - kind: ENC[AES256_GCM,data:Y9NFP3Al,iv:fL36kvvbRnHxcHr7cdmegz1ZQKCP/qQR1U1RnaLYAew=,tag:UEUhHW493Zg+nbIRpWdt7g==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:nttj58Q7ym+iQ1Pg8bZDow==,iv:5OoRsRyG4UKYZYE5GIS3FVNLIZQKE/EwPCOrXp5+vGQ=,tag:bd7IqyNad9G6Q1J5dT9FPA==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:583gxzSiFmvxar/n3tqOq1vUALW4AYx7qpaLWZ0I0S+QGb5R0w==,iv:K/r9ld3a+NPJdE+zsDZ4cr2kPc9ij1cfxppWaJfIEQ0=,tag:hP0N1LLlF6BnAdFUdmQFsg==,type:str] - args: - - ENC[AES256_GCM,data:8fddHu0=,iv:Qvuvi+Y+X9gQzMPvHJxOIk7CBMUtYoJs34RD/Vnpenw=,tag:Li+fa/aNX+3i02WWrJ9OYA==,type:str] - - ENC[AES256_GCM,data:o9w=,iv:wzi0JIBeuZoExXsJ1oWnMOmA+/Xt/JPU6T30/ASVJkQ=,tag:AJR/fmOKMtOF45ERV5e94g==,type:str] - - ENC[AES256_GCM,data:wrT64NnvYSl5KNlz,iv:xGRPzosmcLhzlAoZ3nsk4elVzpXkE1kZBze22zLcbME=,tag:o3Ykb9nVeVgkNUcYM27PmQ==,type:str] - command: ENC[AES256_GCM,data:Xd79OcsOZ4y9qHZU0VgVxqMKBnSk,iv:MAbXdk4MlRe1QJeQr0eVF2iOLWmgW+XXEY2NnEzC70Q=,tag:kLU7lW6E1mj0qN3GWV+KoQ==,type:str] - env: - - name: ENC[AES256_GCM,data:hgMzPEpuHkUo+KTrzMI=,iv:3Ef63InFlHfjQc+4zyHsyBnVQXT8R/8oNjFT6D3kcEQ=,tag:IgDWEmhIY0CiaGL3ABgE0g==,type:str] - value: ENC[AES256_GCM,data:t9hwpn+m1KoZP7I9E7Y1GyqEi/4=,iv:VICFA/yL1BDZt9NgR8efBpz1ug0Oq8qgpq4bgiTCCeM=,tag:guzI8s9uh6iuyO7NXQa5Ig==,type:str] - - name: ENC[AES256_GCM,data:co1bh54UdRLE2rcgdFxR9f/9z1iu,iv:mnHBvWpQs6+cSCZagGRU8iYYJgLvCSQM/Ls2KPFxVUk=,tag:Y5HEqrATIwM8Y+CiCN/aiA==,type:str] - value: ENC[AES256_GCM,data:x+/3pq/q0DdtrFl5IJw8BqSy/Z0Rl/VLMdFHdV0w/jNhbcJws9R3vg==,iv:f07HkHZuyhjlhjVv33E4mJfUSIx7P/IwV/63CvuN330=,tag:tOQ8KI4kvaLMZ9L8wUaI/g==,type:str] - - name: ENC[AES256_GCM,data:llwZ1zYimrPH8A==,iv:mOaiGX/ZbEdLlwx+OtLKFOGl0VykX7VpZRJGFasezqc=,tag:OXQ1+hpTxGiaVoGotY9PZQ==,type:str] - value: ENC[AES256_GCM,data:jeVt0tVX45zlCg==,iv:WFuRQlHeeZWcq0N7t40BkWNUl5fSIOLG4xOZWfxqFi0=,tag:tYztOqtLtaKQBI24oXkfww==,type:str] - ukd-dev: - apiVersion: ENC[AES256_GCM,data:arQ=,iv:SGUj6MbjdYqRSyWp2ZStePJeR5cgwhWfT8x5xctVZm8=,tag:jMsnxMtWnHeWC5q3ADAm0g==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:NvZTijdNHB0DNx6p9jcLTtxTst9QF+F5b6lYB4ivTNYw097dl882gj+j5ImDVzYsMw614tT3BFeKTvgjTR+rBZqSwc0aPLABA3Y0yasXyz4vyQcIaUowozWrzeoL7oGJP2Nc8SuFx+Upc+nPic/C5b2gfKkk+qJ5gJYlwMDx96Fv3ACTNx+Bj5qDSQjTFOfMpWdi3/pS6MnjZdP83VmaFZS3s2lTboT3oifK/ON5/xYbE5yYP03+DEmiz4S2j5mykMDd2JdU19XUJMWz3YO9ekdxg7DGqB/IGnf1upCV/+cRhX7E4J1BWi2s0TVUwqX/4PXcCN3h4febbDiv3jKXb9jg2pL+F4f28cnB/g/dchLIxtOg1Nrq5KMstSZxaga+h6308snyylsRuYDuIewGm1SZ1R8IWtQW68dTDaQF1OdB/KbAsg3RxCeJXddNyW4JIaT5XjvZcj4FFl3VzHeO8xBAZ0LM2ATMky/UKPRqJilRlXjBtG6mA9ZtqqfIdB+xmycHfYkiNK/437olmpePXiwHdWZhYL6vW9pczgZMXgw3XIfwcLrsmi60xxygvfHPwLspq71zV9D+Ok9rtorFSDEDRHoOA9a+tspyXb67llkEo4jw52OrF9Dt+atlSN9dwbyr1Ol30rANMgw0qDd8GJcjnvSUsOIN63GLEzEB5Peq2GvJygXZOH3PKHWz6ibjwOTnurzcl4KWw04+jlzwcldfkkN7OGvZPpin6sMdFyoLWMOVzk8ZbZgUA+TiP4j97EFuhxif3c7Ts8s+2R27kT8s0P0lRNWsKIZ87d974yKp9A2BIFIZCl3Xglw+YmrnXkR+iPAiavNbX1la5DtV5+XZZ1GXAaCNZb05wf8gxuLzQ/iis7t9XVQcgYNxQj4/iydXhs0nhW6x/zpBEu+wo+Avyw6pPmdK8oTlXOwmT9H+iF1DK/mUokyL+ZquJTejC9Oxpw17/7bGGS0rlMf7y8SGpPiiZFRC4ZAzv1A9pfvI5asNutPMqm/HnuzTC15gCXymmcveaSsdA8X902tddRm1HnN6O+YjQcC6BIL08X46qRA7pCoCAqFi6ZlJNUgHJTPOa8QEBwIy/sEqSFC+xt+O6EUNF+9b9aj5fYnkODHrTu9Ktcc5h2rSI/qcqPKWBG9E+CsaN0SnDmyej35P+C3RBOaY9ajijaTnck+k31nkefVp00GfxoHeVK3KcMRoHoSFcEQv1k+o8/UlMB2Qez2T4w6XwUARspgKhu3hH7Rqk1mrVFP9ApjWlT2IVJDQwUiUwWTce26vCXT5te4ES4Co8y7d4CG9WhnHVSWglrRiSwp215YtgWhazD4DUIVGqFlqUI7weZTNzviM30s8CC+J8Uu/q4aBriHig1F3Md5HIG8HPmdI/h5oby9ujjFmOod4wJqZY4vv0J9AQA9tKZqtESXhTrx0Nu96Fmcl8/BhzN734AnSeFTnur/IYT2gPpmeruU/sVOvo30+J/s02lB9Mc2f8Uxc0u6Pk+b4gay0Dq6eMdDBnKywCRVEkEva8KXs2rnwTo6aPQqxO0quyagjBxVLNbhEvP+/bpaLfqRuNyvuBxBlLdGOuOatVvyaZJ1QZ+KpiO9OnjmsFeUY+PzDw3reTHRYSmC/p8hCKL0TXOISSz6y/NuMM8/8aKyPT9jFrwb5qq4qptQF3+JOG37wvZkho3hl3dGVZNnx4miC2e7pBiANj2EQZ7opDGcQ5fbzcCnNQmnET1QR38kwf7sNCTQxtZ8N7n2ziZEj0EzmXsv0mBQ9EktuhbpDLD4K9zJ9rY4PVecirY9tgdznCeH0xQQWcvoY0A/XuoERprF5Mzj1Qm4Fqios588zfUdhw3tVcoJy+D9qBo0X+0JjSlk0TxANGaobPXBt0VL75PD2nogw+A6d803FaKJSljsQnB8/r1dwiDrfmW7NBXIlOvhQvl8y/33QhdnPlupyUW1R3dDhh2WkxgLox1k1lo2qnqLHHNIamzlXLNUk8hD1AnjFrDlfOI/SbZqoygaw38mjUSm0QietBoZohW0kW+9EKn/NcjWiRibh8bX31/nYfZOiKK8w2fzJK2DVEDoA/a5Qmo0TBRxwE7BtzLx+YlO9XvOF+BL74DCy5ZMleRfHB85LtwFkIpV8oEf1SvslscNcSCejpVJuLvdDS81XiVAoCf7o2WRIIKAWqTQv2MFROnd12BCtPBUXUfaJOOJ6O0xMcjMNMyTx/PmDvWfaemNIkw5aLJ2TLW8AdE6Oftu+PURxdc8l5vIo3z64Lq+DZxUlys6oZEnb/fo7FZVr1H6iU3YVFA6G+MXbi6zm6lf0RCIcpyWw8jXe6gE3wg1pwARoG+gTufhmZRftFLm8c6Wm/TGOTRrSCh5ly4iG+zLxV1YArf+LsDxTT0t5nzMiTgykv3k/ufDMl34Khfqv0UQbGDX5+h34DsL5MosGiP1cUProoXt4p5zLpGvZo1lkI6QN3XqP2RV+NICljwrLVJ5kIb4PItANW+f4YpbffADZ97uxN35C1GEjdZA/O7ZQRUgUMvM7XNu70+TjtKS7vBbHoWl4ri/uZQysTqAsEj3Jof8ttPaZkIo8X8iPTLuIcRB+VL3gkzUK84M7/csIfS4CeeH/06PfXUyjQltT1YRmpAtDFxrPdj6peyd/GigKHeygJgXePHv0PLR5AdYBNENaY24Y9IPPxR52h/DbADpwqnveiuBbpt7XfEKZ0r3g63+a5bRtcYdielP9eUeQYAwm68I+V7VaHQmcNa65JTYQVMUwHzIaFB2leP/NANf6dJsIn0lH2lTXpOVHkxYBVLCYH2iPLdZhE6ikPon8Yr7+dOB/vXIAfAEwZxqg4jXIU9KzA9bn9mTHohIx3NpF3PruIusc7+qrcw0TzHYG5z8O4R2ckp79X97n+OKCwyE0OuPAzMR1bTE5pkcPJemyBVt7vtZaPb/6uqf0Fff94jxfNE/7e6leMuCoaznv6NLA84p7BId8bzYXvJkDS9aGuZ5JFLFN3Lf1ozNsWbUMbE/Y7Cfdp6NF0GBlHi1uCU0sEbM=,iv:Rj4FK4SPPtmdT6TSuNItO60316h5uOwuEOdZ/wEzCS4=,tag:Q98dUgwaemPphF6ivpTGpQ==,type:str] - server: ENC[AES256_GCM,data:JLeRJ6X00B33ZRiGtp06tMKb+944T/u0F2wBZ5CNpFM07zM8fSQL4z5J4dgwY9PjG5PJqwk=,iv:NaY9NAPce0gMIhUkRr4OCT81NU0iF+nPEYNV+Xc3Dj0=,tag:z8a2yRT9mUaZj0k0PqwDMQ==,type:str] - name: ENC[AES256_GCM,data:3ZeyRZ8NAsJjiB8=,iv:EL8e/00nAgJuu1uxKF1FNBw7Lb9YdV8BQRhU80dXpA8=,tag:wdVDi+0uANAtcESW1Mm8lg==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:so10iwm5cQ+0Obw=,iv:adkze3pWOJPbkpBv9QXJo+G5Aa5RA/JofWrUWxwhyMU=,tag:8+/35fTwMU016NBM+FRi5Q==,type:str] - user: ENC[AES256_GCM,data:eswYQVAwtlykM7F3Em7iiZu2iCRp0HsWg850,iv:BDzyx7LGh3jQ7vLNyuhUwER2H3w5p8U4NfJJREfDaYM=,tag:oEM81lml18Sq/2596Z9c+Q==,type:str] - name: ENC[AES256_GCM,data:bMX0+OewQQ==,iv:bmr69TRnp+O7Uu/Wg5B19nSVHAF/H0RGNJQ/svhH048=,tag:q5zacuLKtOdmDJui1HB62w==,type:str] - current-context: ENC[AES256_GCM,data:LFSf1V82hA==,iv:pPpUm+FI1W1xv/a4XFXnaQIWX62jjEwbhtgNl2F/tLg=,tag:W36cmLJJfzi1HAWWKLd3qg==,type:str] - kind: ENC[AES256_GCM,data:4B7IdnUZ,iv:tyRXeDcxeYDkU/rT4pPpi0hilgVU2eqRYDIJ4wz338c=,tag:GDuJ7mlWab4D59gPhHVJqg==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:rvycCX0yGnx3ws3NdrYJasr5J1b46275lJn8,iv:C7SMB1528GcFshkxk5S43PlHKJptFw5WElWpwzafJVo=,tag:tCdvlwtOdbV4bRuo87Advw==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:i9mB+Ci9bg2ldr3Zo3G/9n4wP5Bp+nlgkbrCbl0WGR30ub6sex+XMr4NnHXdvLdmZ/bBIfASbRLlwUSyP3TSGCtuQfJyA+BO/FlAyD0aP6bUmLvXsCvp0sMOtNBpqjpRN+9OBf2U2qONPXGP79Fk5OzM2FcxpuDlTo6mCIidMwQjSLbXzLtszQLfnyn9saM+Rd9cY4S52Ahk6Z3hMfxL6xD2X4lHB0/M9noWIv5SO334xjlESm+7wC5JjKRZxFplOrv1c6kAKGeNRtWNg5wqZOQRngVaaPXfXy9XXwLlT8Up9hDc8SJ8Uz9qj6xH78A0GCgvbK6KQ4ngxgRCOlnChWdqZCeVGGUbYEtr6IDnIDMMEcjLbrhVgs6rNs0s8iLFN5MU6ps3L4W5SWfx1xg00cqHd2YiCRqR9X25bRqRllXvgKb4Nt1IRf9KCmVCQRq6BJB9DaO84YOub5E2c8cTC9DYYNviTiNHdY+UlS5lFuspVF4roBrw/L8Jz7YG7xDDCF8Qfa3v1K9T5dBHnoGuZu22Du+xnnABJCXx+B3Q9FTN9S02Xd5v0YmgOi0Yxfi1As6Gy+p/8BQypiAmzmSt2sVrwDtCZO/rEqqTB7PA1qMr6Cd4S93YsvCln/CR/r58NWBCmOW5qF2hWX7FZBTJ71YNf00a6AwPi9HhTARd1RSQhVUhJ9k+BOz9YTL0AvvnMzgZfJ4kH6jcuApeJxQqLIV8H7IDzAbNYFufn6ZNbRDj9x/c+UApP58gD7lSPdO6m6qG2WSkdY281p999blodPa6LDEqRe884kOZmv86AgTjnVJTvlz9JfcbiwzT2rssTaiRyW3Dfvu97+P4ROpuLGFzrev5hWQRFFatKtv0Jfmca6rDegfXX9ys4TY9TWV/UjAZPgMgixz6Hy+LHS4xhZfiZNxncmnBKbSOGaLvbEUIuWoDRxEiFELpT96aSi/T8OHjLyDMweXg0MYMk/8m1LEfB9WQWVUCBLdBg8kkejDz1awze95CGXehkPi5F2Qfx90kHcPV9MaFgDPIq86u9b+iHsLMAwHtj84rEkVRlBrlZtK2G/mxnsBxd4eBRAE+knNAFHR0zvp6qZHUx0+SqMpxeXHSkguorHPi+f24J1+kqA5hw9cfmUT05DSgxcvrCJEqWrb4+qVpmYuUwZlYe0YwHx3l9CjseGesouRqG4kOKRNz4loxF+WQrUOca8/tRVU9tfZwF+UKJb75FlUByukh4ktODIylGYeGNVO6zwZLni/yPQMGtjN5MBcDzHb2hPtzDPIl7T/PhddZb8Bh2X0D4aM74Cs3/0aDG4H0ZK3rHoNZAsqNFzMSsqyWvAC3Muf35Jri1ZbtyWE2ULkMXZpejcBvpGw/Po3W+1eQe01fHaqtQrztc/6e54f/VD0vcxGWftiOZPW6lKsx2YDzO1bd8sTRZaU5kKp7JylhrDlHiL9wNHO4M54blLBzCsh+nB1rgTnaFiJYwvmaMDOw9ymD+nAgG5J/0PhbP5ZCnRaobKKWbOjh0r1125zlRVd84YG4ipkFPTN2yp7nWT2q/9troMb5OvL6e6Y4WV/TPvz/fOUzgoitw+PVI60T/ryCTkmxMDhRvpCCIpoAB+8lsAELrG6RDg7291uErbtx/PWSp4V6KKq3HOvbinqeSRgL+BGtfDXkVH0rf8jCisDkHgDkYe6lU30DBz85cvcKCvEzPDOVUKUaLs0Jo8abAYgWVCyFxzRMa/rlKcdq1Kk54VBAxh4staBS1Y64Emj23B6kwOEa6WA+BqYK91JSFNiZIEGFgIxQdCg0ry665Fw1cvIwdFSoJSWnjVBNzP1EGR2x84IOyaNxBDpIjiHXD8yetxKgDrDVKEsIfw7Pna+ncW0mFsKqPtYg/pLHci+9ks56wy9SGfjrYbhey0qiLod3NTcSFX4RWLaY1pKFsJoTxUVNYZZMtfLftJ2dgdOLT7NLsw+Es12YdL76tN3910voP8U7W6ncMKkurJicOvORUwJT2WDeBQjJjx2U1HHyoFlVZNdcKsOTYMR/G28Q6GpoSwWkmzEQlU4EKEwvQiAfO9KzdoTfmplwdIZ8YKO6GSBuS/awr52KDb0W8uorpFQMbVZXwKuufwJv62gm1T5GAuTxMkyf7pAqkVjbSdAbfMWkxVNjGIr+aIfDog4psEMNJAVU2Vjbh8gQ5GQoZQIvOmnegR+MOc2MVDe6EiX9CV8Wmln6MZ2Ra/td9qi8Zr73m1h43kCYEuFgKR4bKwfkgW2fUV1yKph4J/q6ezaPsLShYKV3kHXcardiCEKWUL0dVtds1uDo84WjDdP8m15vrOEyHupUntrudwFHbhJ1wRG+WBFkqBj0Y/wLCpb+tBpEq8/wHbYHjjfAz/GIBGKr2qvxZw59Wx12liJZqCMFP8CmCJ1BPIeaSu3Zp69Hlk032g6OKkhguqc0Ckqxg7K+N8kbrM1qVh60/WJZ4vNLn7FTjMbN0c3eOwlnSWliKtKGgEhqE4WL7tOkdNpTFHCBwC7zjL8Sx7QtCOpeLCEo4sS5VNgKAp2RcKXTae9YB8LpooauFcXAPJEWSwSujrjAq0FUFlfXTPlbm+8cHzLZyK8dCgEqIcMKne0IWj0EbrZtgRFyHoOtn6+i3T7jSsGQfQsZyzEtIaWlm7tB+agt5wQgqRJb2DI5VTKaXE8gNATm/oRci+CGUN2D5yRNqv69ZC4yrrb+p+nNmozFSW7ZhWgNHXVh7zwUo22h5hXiv+c9GM2SCZV89AJJy5r1HijLagVpTO1e9O/bQDRkce6bKnDvpcLUBYYWvUlt+UkHoRjeQACAi38QSj4oeX/FVaQ1CNskOWhZp0S+D3YiiLysGScSQf1YYuIJ2hLajWQ6qzhkMNshistNLZhprphDkDzCdDQy9nc7YibpNKRBO2bntcaO9GfZij1LhYek26eFVC+NkR0e7b1Nj6I469xXZCQ8Dw/6qMd1FdzqKrNoPpRyclo5JP6jcD2o/7HYMLYvZXFICFg4pwi5KWRIwCMRtkUIUJ2/97RtbRJDnMqDqAxXC7/Sb1UXtEOxATC0zR94BWdFlgpbxvMK5jn3PsOmaRHnBEnFLo/6QQaWocn1/TAnZy3mnaOq71wxHxEDWodUG1O+9wKua5fkZPGwtsb/6+49N15foXf2VM3Umv9tnbICzRHD52Gt,iv:ovxXgG7I6smhF//90ZHN9D8A/9p4nZA1fuxW/wI4wqM=,tag:y4pymYm3bZVMbXrPTLuviw==,type:str] - client-key-data: ENC[AES256_GCM,data:764KFSZ52ZPCU5Xxn1IWeyk37nzN+IZOp/l+utHx97Ow2Abki9WDT6tzBg6vzQbiPjzYCUHkkBCES3VZ7bECMF+CIEAGHmQAWch7G7FVB2fSoYdtte8ZUijJllTcXKCW9gGsQP/FDCpOaXYN0un+pxIHo7hg5A40T8RXMi4PSjpThc7RWHGjcXKCQwT5AAnmfd8cdsETgNZcv88ekNx8sCd9WknToX2Zr5+N7/TsdagT94AWnosYsysgLjs1oHAlnFdXMFM2L7QhHN0fSe5uNrVzCGfe3yBlRiGDxQeCV3C/bMnhz852lL6Zt+FQP49tEGQyChMeIrluwo2ctkSplfj9ytz8DsTRcRfDzPdsTzrfMwId3Kiib1HSb+fA4OS3dDefLiBE0beZYI07nhAUD2WG/75E0eAa6KiENLM+u8SH6rT9+l5dseH9XDC1K1gzKbO8lMtBZZxBnu81wlqa8H+a3pCeDIftjsvWot11YwUK1tZf/yX8NKayKK4lZQpKIFVcLdeqLcpQeNMAElOTJfirLA6AdP78pFaYufJx0Ljg+OStE9UokV3uqEDmufJe+dFLvHFRRmCe/0VdRR56aRKV9jOybCCry9nv/OGJHeUJ79P5K+iTgsa/CVjFZ8FZFX2mepCaSLRNsO9+GXsPYgPL56YqRQLp+bgj3vSio0y1/VchcrIBOjsAkMIXErjyS/UBOs4kwPI0Y44+ifGu8BWebrmyl7dIjQDcYxMW1fL642XA0jQBtoj5vvCRIm8WDNntlupHs1xhxMeagyYDC48FJl311aVoM2XPSaUX1/drkGl2z0POSEddWzAD8+YCb89hkIjkVC9RzgKFz1fwsgx62hESlTv9R82vJBkkA5HR+PxZOBdOv66xMS5cm+R+Q0+x/kBsAX02WHbVaIH2nw7wNWbwjr5/9EwQs9gbqC4AWt9bkh3R+v9WmF8cLH0wr1jnYVc8fLoPTOPLPn12zdnfuVhH7sMRA6P8Zn+Jk2gdV/7+upwPbqV7Svyi2kezNqEtuP5/9Ec4ECQ/27UHsTnSvZzbZr0VkK6l9R0ZEthTwrLq9lXw7HOjhG5hQ8w7qUdYqaLGUTprkyU+aTAefTkfsdSoefyQ83xkOdJR91mfFnwwtpRj4p7KZORDA0exrJHAYikkWccCPI36Z3VektxI4xLNQerQG3SAOE9c+V+3EYdYymF5SM/2uBBEDYMkvv6T7T1ARhYx4nMBiYBNNR9FtuVhzn/6iE/9rKZR4CNWRRTxcuKNGqIqO42s+GI6RsMccBoP06eN2+51UCIPml/j39Y7W2eKpP1JmE/o1DyaNrqW0cvqkruO6ptW/OdH66p8PBbwQGEuazBltKpTgLiJ4ewtwGWN0vWGy16apygWhsWHN3/lS5jKpOYjelarFDTt9PdgVLEjjFvCx+mFb+G+lZUDG1rxLSwCXE5IR6EAHHkS3b6onfQDfxCGXC8vowiIovBL6Iw0XVVINL+HBpjDca66TIk05HFyOmaf0c+++GNkEtBKh8GP+zc5oTZbHh7lH/OCD0j5IL/XveW6h2vN4hj9htvZTKnqXHSqsejE6ft8/s/K1kM+I1ZcoJGkIo6SQ07eR+0flJZ1sxCcnBKpsOMgmUS+OAYUFjfJ7Ky+gaVmyR2QXrj71jntmZQDylwOa3rymvzQp0pd16uKUNdDF50Cc2MW7/NrqqIahyJWGOa5H0Z+DLp35JYlK5XMV9Cb48/o3XlZCvRftwSv97JGGeErDrgwXqkGrG0fr1Z1aQPFIf45Lr+I3pGyA4/suvMk3J+jVW2f0qIsl86teMn/mJ/9tYJCikkDcKX5IgY3KctmJ4WL3FFTXLyw9WWuHHQd2t4kqJFosTqD3nYyfLDkPUITe7RMhtnDY7dl86TSiiT9Ieme5NvCuHaVv9WL74b4ewqwvu/vnn0tzxUwGGP9c0GIuSMbb3I77i8rusxse9G4YvBMh73AeoIQn70KF9lAU0oOVDBQFSryNefMOQRdA5b/miQ1wBjMvJeAXPlvUSmPdZsOtSVm733g21YckxRJcBHXdUScNoMyZvQ/u5FDj0usKg/wPMqbDHsaFTMkRL9k5I2QLfEYrJB65NAoGry4Meznfg+7o95InYhGRfRgqLH1dQC2I94/B9WNJOQmuJoWJSg5zhJV6HYCN3UzMFPrljSr0rIgOZAGwRglMDQ3pVtdTowRK8OFICRNhmqolW+gSJcUAjO7Pciy/3ffewJ7xREIxkG5XK/zvC6FvhuEMvRYgZFgWIFxegm+Wc2o6y/rI6k6g9tuGA0v2tZHsDR8ij7uYwxOWSNBbDJ/GSVHUoK2wBzMyvSi5ZcIdyJMRgPL2a+EmTd6UMQk8k6MLCLs92hGfEgnJV6KZDxF1slxk5ZECpMHpjrBk5xU+Zi3r21eRFarsLC8w/XjGQ3vEmmTuywUrtIXHEMO3u3rrcr/ZNfxZns7cDg3RPoXTnza5JqXPP/fjNzVcR4g7Ek02kXHuQdOTfk9vqwQPcq/rbDnZGffX2T73HYlhWh0KEpp1TxEK0PPKdEH61eObc6jP5lv1ck29wQDmZTO4yh6P+ka0RDxgxm7WUCFfgFAOJlExVrDO42uxHX4CDDKvhZqZkcDN9LIXC+T4KW45JwOS3C7Cvds6mwAyn9p79sOBJ2s0pbf9i44LrB9k//nHGl0bFAv3bq97zypHYfNFfvO0rj1Nt/n/rlgUZsNdHlArn+3uPRT5POksLPVHmxVi42ZqdHFsBZ5icmpsLJpfkxvzSnHEyZm4f7sdcltouMKM+gGmmYFwRBak8uHPngA2gwJpiHcfukoUJZNJS1cnsJ04nZTcyGwZC0WYffWWfMfpaPrgxNcrORFD2g8w2KmkyEb5XpiFdmdkMxFvqpylYl4Pqsr4CRb4i/gwJxGsa8r4zdhjslNl3WcJGSPJF+SsQewvHD3hVHT26H+zm3YNlvsnb20YxraGKL1BCVGpz+5tZFN0BxA1a3KAZ9lF57R8/H2D149vRnthZXhGvrcWcN/Gxxl1c0WIX3mXhtHo2zO7YuPETz9bRLolZu/ayfU61zVC5JxZYKIudzgiiEswAxxAqEJYnPJ6n6bQqc9ahcHiZYXwXa9XZgRtneWeedcrXSGPsWhOtF2Bm0Uzip7fvY5B0wTuWhgt7QsRxGkmaB6TP9bmJbSJ9yiXmEn/QEDa1X72Ew3NDdu6yhIYpy10owolCNz5CdQLBQInuHKk+xT9LlYV0bcgg+7laWNutJ4YgmG7FV8mOVZm//WqOLfuD5HwtBVo+wLQQ3VAlKTW11bYA8SeN462n/i4hco+kGQXTn77w3O/YlC3wX64zr3hoJtWiFZ/FZ012rozA1MPhkVL7glGJb1ZcPI2ELFmTtrS/Bw86AxzPykhdNa9/zmgc9IBQqawhjnp8UEr4CYgYI+rw1J2+f7DzB1NQBBaounfEvJ3fQ06e8rNcOSqWYXG0yva/elJFq9kxJ0T6EyGFjHLQiubrSz04DTqDQRiViQOxSLC9Qmqc4TA99bFh4JEroVDDq4emXdT6rWQOKjUq+4c/aA/IPdX0WCS/ebwtpsEmcnuipwJsopR1FApynuqv1zErSXVHa/yvb5QF4bRjcm0L7iCjTvxmqY7CnXbe+fJj6QEhzFFNox4KniQNs+aLlIyM8t/EeuBB0eEsj8MWN4LKkz4bzznxaQqsfbVFkTjUDNWELLEVjVktOKibV84dR+i22he+iGhiGgGPB/U3kxFYxOvuqq4SIEBJfMl9eyh7aUo0qTRUwtWbUeSP+lnuFPOf/uA84N1O6/8f8EUeIDe9fg/aVValSukWHdQLrpssoMQR1CM3USNYMWOHnD8a9WEhtPDW/n5nWHdq4i03hKzrUP24v1s9UNsi1UcrH/ybJZ0NxxrrPHGT9ZTTy5wzd+7m0hVrHAuiB0A7XMxrlybmQpLkl9KRBpkSO6E49TJLXAZR/kQrJwbJBz/C/P6+n6CiFSUspNeIbrOxxwUVG/s2BF9b1fpGxdIo+b5k6vC8F9bxauydcD5lGbwGTt3UkxEyI3oLCl9jKTTIqbhqlHq6ftmccbkriq1b8tLdV+tGutC1XjnwlHdm84TytoDpzKcyV0OvQzAA6a8Za3DKMMlKUZbyFJRxBUxYC54B0HNphIIa3c2+yTaUfc6b53dtjNFFWZuNJg00c7IMrgMbb3xerycPhSKvIa8eUKVvGEqvCqR6Eb+e0W6tZn0S/s5+dt2+rKJ35HAvlbsMMVYnZE9wQr1agcDNYEFl9465NqFzgDqrcG8I0PXFql6UvcC14zLTl0GMPfrmZDOGyhPV/mXE07XFuFovQOyvoU8tYiWOTEAHODx35q8NokKAc7srA1buYMI6/5+SZUPQo+J0zU37IwTuRqmi7C46Ddrv/ElTX5CoEARFmCCIdmy41naUrNFZFZAD+QakrxKPhJ5oDSbTmyVTqQKhSVf0GdUwOu0jvawvQliIlZsQlIPOHFUpPMaVUbwplXcKwuIOLUYvxsJNsCL39dH7mqhx9bUJqZEyx0I8P+S1r/KKAX1zFmJXoXdE+k4gmohSl0ZV2eeRnFZNkIQhAhF8wARHMpBqd4pMeOSHzRGlblBVq90b4JuVy9KobnMf0GODSnEPHIQArAOmmmvbPMPDZsPbwRU43LT1986vA7PZfQypz/rlHhSvQXIik5IZOI/l7UAYOZ/6xEg7wRxrEolal5c4isjgbxpjNhzjJb7Bd3q6rdL3xA4bNFpwp2zOe5Bj2eMuGAO8Sb6TJ9cTEyw6OZ+B5XndF4v8jafYiS597ylnX68rLgycDQQKxBgZeGOcYDHUslSd4CNcvdUkt3cZKW86lo3pfeWJoP22xriEvXxFVCT5pajZCNpf3AsZawoac+Ous3ufa4iXlVThRFRirzAMqbkcJr1el/VGdOMQc6MXByeqXKoR9hgWOywkdPey/ErJ7hY+sFcPkd4Vh90Gb2XXfbsyTNtMWwwAuSsqQ3PxRD9/K+AdPQLLhp2qTJULX2+Hpd913oE/dBaBvdTKVONy9ZdZ+/1+ZwLT/Qa11m+d2R3f36NnDLfzJVlp3uazHlSATgqCf9a/D4diJ0ddjKs96u9RbpA1DpHZMli3c32PLO0hrHky0RDGAF42VIxvHVlK9FOEkJYBqaPvfb5qrWexsdiP5HQXb4pfdfFAXBVD1ZKL9k1NYd8l6bo+5WFLTPDoYzg63eaGKioga1OQrW+oCBOUQ78j7LKHJIeYU/H+HcaUAvHEPuMk4eDwj1Xirxt4J5B6NlKWtaQngRVDRTo9u8Dh/Y96Y/ZzLhgXPYx7G8B8csbGyajRhDJCvTxaybKErdFxOu0CkMrTay5s8QHV0j5PZWzpzXK7gqy698wEgUhFsZLJI7bDkRC9BZBVo8HujJpTXsUXBS0W3wPyVLiaK/07CqffUrUhm2jwPzUBDwG03V/FUhZOcYt3RuM6nlD6H6dVxpZX9Tjhh4sdtbRNWojz/wV6ug17WZSH2Lj0P2llRedI7KHRufzfrJEc1uLa3oQJDc8f3AnjSSA/N29KCpj78cwLnf8Kg7v7oC30o1qy/oZqifn5l7RL2/ZnOxuHHJ9dKTVAMWf7qvqrdMcDpACo/K7Tsryrz/YhgFVs5GqI9U1beOUvp1XkHa4/xdgLkQm6ho93Rg2oah9cpCT+8Ws2sRqM3jwTFHTzV9eK++EH42kJ+JsNYbknCgIwzx2ODTc7mtREyIzH0ZdVMxh5rPb5rzWdXu1WxZoEHv7QyeVSkl,iv:SV5bX4gEIOvtKKzlOxPJy0ZRL9fJ0gjaIKt+yBFYVgM=,tag:XF2ngd80Xo1xWTL/sl9Pkg==,type:str] - token: ENC[AES256_GCM,data:1f1fWF+wCOqcuhF4RYl8Pwzu3GdM05xeGIu82gTnOwJ05rZqSJq415+p5aNDra0bunZPBCenUntGal0kxZlRo1RzZO3MUP2YKPjnQrW4Jn7wmUREmUzdPaGy3EQjP3uOVVUf0SOqs9Ql197oYLez0PKNScbMx533H3unNCGt4gg=,iv:ZB64ejN0QTJkjEwInZlcopS8VovjX/+NjJ7IzNWGoTg=,tag:0ZTzEXdEzGFzQD1QK5htFA==,type:str] - ukd-prod-sdc: - apiVersion: ENC[AES256_GCM,data:ATA=,iv:avMhvQ2q7VV5fiThLUVJjTza+bztfOHNbhuQC1EVTlI=,tag:q9hq/boCj5AtUqo4RWse6Q==,type:str] - clusters: - - cluster: - insecure-skip-tls-verify: ENC[AES256_GCM,data:A/Vbig==,iv:UQqbH2t9Flule5hAdaXwpryRiqfeHBqEiVm8x3Lpbgs=,tag:WxjMxvy2eSXoTw5YYG5uTA==,type:bool] - server: ENC[AES256_GCM,data:8tBVRHsYcQA/PJnLAkecW4ytBmz00/eVQYs=,iv:ilfrl8qqYrxoM5PxWHIlOBGlYQymjmADdhvW5BNaZxE=,tag:sKIq8KL0gPkigNdYxODW7A==,type:str] - name: ENC[AES256_GCM,data:y37eKTxpOcz+bbSg,iv:Wg8MeEUjEu3Q6/fukGJBMl75e+D1+qFQwdBlJQKGhXs=,tag:nGOJ/GyjKBXnblTcpRYsXQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:ZZeII1/PWJWpvmkv,iv:W3M0/qIc6yZkiAeqyncbu71LIsEwRKAcMousMx6FaZ8=,tag:yGuOmJdo05bjAKNwsTi1WQ==,type:str] - user: ENC[AES256_GCM,data:LPnkFHs=,iv:qpxmoGfI443CUOpC8DR85cO3cJTE0ZnSvrpdMPEAM6g=,tag:18vC2IHG9GYZgUQBFn+vFA==,type:str] - name: ENC[AES256_GCM,data:R9WpPNx95cm0KxQa,iv:ha31scBZQ7HmaC+yBgkQdZ0IJqulC7hsjVKlVBXfMNA=,tag:dAIyW07f2PvyvbK7wYsXew==,type:str] - current-context: ENC[AES256_GCM,data:6Nwio/qEauC/0nNQ,iv:BtZ+q5lYSgg5RQ/+HLpt9U+ZZYXACiCT8g4Pe+WQzsE=,tag:vmQFOuDu8t0YQXq8n/ZjHg==,type:str] - kind: ENC[AES256_GCM,data:gux459K/,iv:s8QSufDGUS5pPzLWaHZ/42+ysKT4RvnhLGP76BzisDo=,tag:FLMYvaARIjI2k19IlQLDeA==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:HsFeIfc=,iv:VAyeExZ3NjeWnTgSBvxprg20C8l3FS+vlGTKRHpT2mU=,tag:bgo3PZHSpGPQj7X/MfCz8g==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:xYRVDgbMy8omfZ0aa+g0DnMY0ra68K+3u7dvvrIyEftIF4QsSaaSco64+E+bgRK5XmkMiCwvFlzQ0yb2pDSYMbH1lJeyhZduxjy5g6LT8zEEEde63ZCoBVebOP/Dhb3ktMA9f0NrXI0L/HUWQdJTPMpgcScEABZrJ703yghXPojOdMpDTNSEhRUDdnQNHYCgtZgxyBYITLmSLU6PMjApOYjWLMEI8HdRSl6SMN1PcygpIaJEv8jQzvAa1hm7IwFLU5EjjQC958/Q1l0ZM6tzKAl/2bJK/VYwc6msi2C7oWkCq3yNZGtG4lUnyPqX+i4QdRyk5xTb9zHxOA+gJ1iCBeIEOmNcFW1eqKyIpaJ5lcgCe5zbm3hgA9EV2rnSXXvtNPFj+vaRpioirAC5rVzAXQ+ChSJSGNsMnPKcptcZWcwRHsnuTu+uKMagcZTap11mmLQjKawQlEtUC82vA21Wu6Q/fjdZA6XFP2M68j0iH1dVhSm5xb8S/T5/vNSlEPSW1/MPGKSc48TO2Lhy8bdDUnMYGds8MVIbmlCQMbDZlyf4aVHUAmldMjk03EfCX/WSztduPQKJDrrXY5q2leMq3NBqu7KxqmW5mms8xdgnbI9Lf1nuK4AeyW8y3q87ItPoQjxSh9ghzqv9v5BZeZkjIYK8X2C9ppTS9KI27guSgEFEbOWkYzNqvCHTlxl70SSBecnUOaG5PGeZQ5pXqLzZslH5i8CBTFHAUGoYqZEUwZBOrxxxCo8ipJPYClhDwJ9TZdcjs4Ib1MMqtk0zZNFNlGXTCZMZj4f5TEJS8hVJnJh1THVfGl+LxPK/IMBZg/pcCTI2Hkc1kJn7+8pgoB+Sy72wDlvdS7eyAWmAdn70wWDlTgQBUAB2nR4YXP4/qolE4gfOA7Zqtjlf7DMSug0s9IQJMhis3XPb7DKBEb4hrDX7vK1nQKfbUv3jRHR474WwACVoCaKKNZ7XpVfMvvPQd5Ewl8cT5uaL5O+LpeHECTqmCRhzkjtikgnOAnfl9zS0XcK+jzDTdvtGfE+75mnGdu3St8CXU6yW4KDMgPrwryhcL28EtEP4tjOlxfQE1vzcnocdVofeeYhe18PKduDFg54VhQXxJENi4xVKnotfpBULT1qjE1GJbeK3nBPKNRODRfHn54MAXPbmN0LTernzyN17Vik4kFxfUr3aeFXfdYT9/c5bqhCqUZlyCLGDvwV4Eb+1FMANONLJ3upFH1bM5tOyu9VWbq3wPjik2gvJg/QQmNKqbrgHJmV1lHFONuC1VRSViYCcdYI1D+wZ2gE1xRRq9NG72nZXwTM8zdj2o0QxCj3wFOovZ+jlEMrXZauvvXGyYNH6onZqTaFEI6KwbQce/+u6JvLZnKK12NedTzTKF8D3rJ6aGjuDcR327y5cfcbnH2lWtFtEeDjzwqPv1rkrBVERilUcsCJShfMVqVWLW9d1HM5tMzIO5+w0WSljl7q0UauDfVN4EidnUnj7WjwFTTrH2k2nLr8r+VuPjF85KwBdKHxPO4x6PxD6X1LCCzPoB95CxGtSuWY6WjUEyMDF3E+O2zGdbZ3bjvDOl+L1AVLE4cp4ZUaM8PB4hZeQiIDcK2HdqraRNEGztGtwgRlQA5AbGg9UrMG3H5URccU7knN11q1OYIDmijaq9q5W88gxXXjeXCVUjRoVc7lw7c/K/U7Lok4goGpRFJBZyZN0cHii25BXpqCWkgensibK4HMCtpyjJNi6JM7btcZlF4QkQLZg2ObcYdlP00rPqixziw4RMVHGriiTkKodV+jeK5KGwcrxAJD+HoVbOp0Oaj3xk8w7OI8LMncrmn+kApjiyrNdxWE71+os8lXieae7w7L7VWCdULU9KMvckMQQrzL4HAGHoriYEFo+fQZEuECdddkrYySJT1HMC5VT9HVQ88SzZQ==,iv:NzKsxmpYl0jAwtKjoVRlN1A/0DIGYmXLAx2M7NlEG1U=,tag:3VaLPnO3lEHV9o79w0uR2Q==,type:str] - client-key-data: ENC[AES256_GCM,data:0tAZd5lg4f0mxoQjcwl1WGv0JYCxEVYezWo+DZO3uwGpRpSqFpUaE+njASRCbztoNzcN2QeesyBecnwY2xALwG6NV1jwxnyfQ7bup8WiJ/XdvO8CUQ/eCoAzXFFsALzxYJEGQyi8VO/Lq02XkF0nkNAq6ju9jIYABs1jNO/RRVG8H/PWnY0Fq8YjxS/fmOYfwIv+NbZ36Jki1ElFOLEyokwPGVcOltlUjOFuDj6X5Y7dPwVani9+Y4Vl9sYOPsd5gYCyJWJZgGa/qxTFGXpRdaxIryY0oJayusIPf5liSrBVwfx3Aq3hIs0z7HPUZGo9+WhWCZKPHpF4asihsVMWACBrzlVr6GIU8QQLcl8TrW9aGAXq1btbqjZCuiu6YdPaI1iXON5n5lfgCjENQwX/RvMvyxKY0fuXxNP0J/dryMONjLGdUY7pgNyXUlL+vByFnfi3YDKXwVJmhQnjMBxam6qkad8wSLiw1kmT/EOh6+zlqVGlwzcZASRoMHhTPzpi8y0Qszbi0Os/aH/a+qHD+QHV8/KkK2z4jM9IJoWGfTpqIHbyT/ecjsOxqA8ojzO8LhyNx5gQGq2o9EteIcMo7jRqWx+erVO6p2ZUqcLnppHAG1os6IGho6qoBPlo/QzMdvTloBYGvvmIccrQ28Bvrn5/HsMGZaLYgswhJeaCssEzzejWk6ReRVD0/K2Jn1/rleFW1YI2mjImgkM3JxJ3Zh7q782l7YuryIqjI/E5zUMyGih/NYBRGvbzA0Bj465K3fjjKvGDR29P7cMqvIpDN+K8qqQeP96DqQtwlbuYWZ1ZS3JwmYl8LDl5+FQX0jESL3DeWvaCB1R8KbK6GjiVNetgtwIwqWidEsYjvOnVzYFXmVjiDFgLibhW318cVgKftt+8i3FhWVyAjITm/AtWcuZUT2AuZYQzfN7wfDOOqDJb6RSWZGGr/LaUAITCulfLpHkAJ/nMOUBTjxhOPdJUt5MjN/YY6xH0PTIk7oV/+rBWQTTmEEMgFATLkyensSVYaSiHWpmtiKgEv9xObmPc1FES4gxOJCmFuTjFRTpCts0wZomfUtpXz8zH0Ti9sMFZy4sWa5NQKnFtdsPipj3wgQGmVBLDg+neqSWgQG+lCJu+31DOEH4qOVZiUAb11DRu1xEWlTtxmr8CszZGRZAYLso00tAb5M1ZAwfOj6ZlcUVl1Rp2ckm3Q9YbQNzDtYBMI6RI9dmYhlXGIaPAJ8RnpU5yAwHYJq37VH8IeLaC4pcEOe3VphrpCSsY9OIbB5IswZk8928BvHnGWswpnmhrJIxfUNBYAx9mav2bk0oxGRpoOtJN3vju7aKC9F/ortFqewmQcBE0uo/yVgwgMUfEIJgRqwn24tJXcLJ471LiaiAmln0ecYY9Htk3EEU99PI1mpoSlC/ZmzE0/K9YD/ZG8XZsNL8oIgBOidU3NjUZaukI6XfuUfUc2zBEvciz6Mne8T7p2LKoQr+Y8W5BHHZGNsp9WPWSCpwcl9oImWW7R9QKkzm3KQzCu/Y/OUfYotSdMmdumgynQtBPjjc+rhp0q4UlglF6baMKewd0t4X0vcWsWxMFHipjHhjak95Ke/0jIp93XRQQn7wPqVSu6ggODlo9zhFLh9ELDKeR+3DtyMHazkUR/6RgpK+g9M6v1QsdNH+MY07U5I91Uy/Ii9BVKFPEy9vSuyydynox8OZ7S2GHLsw4s1qQpnJv5IOmCoNVI18ws9emvlz2/8fWe+VYqvuWthmGBlah4iq5VgnvHTGZqQP+WUZ7k4DiLE9VtJa7mShjAbwQFKXUMkE0MbrcVg9tSfgSpfRuBsZuARfwdEer6FZ5S/1pIRcS6SqnolqhlR7FGo9NH/U/EgL+yhg91KxmLg4Y2GHwiZlJFMDHPK/7rAUPAeVECZWGQ48gt9udeBXYxL9vr6MMbNBrq74zsot4K0EVkyYfDJInKa5ET0wUGxCyxkdBBnEEZMTkmrOIbY/xkLYgDc7J2O6KSQ2D+HYb4m79xP26oHeCnl31yPn3yxczrdZhVTYe43sRWaMZ/Ak86RqJ1wxnQU93vrRcwne5DDpbJ63Tzzfq8nc83VU51PQgUe/STXOgp0nQ3wM4c3X1X7ju1GjAbbmaS7fMUFNb2TJ+VaYOR4/8fpvLHQc4aVXVZbz73SsRsfLL7BsdvQPvWPwPQpyf1Vh/z2nzGBtIS9/XqPhkluxeI95vnjiMiqlRjXEoZPPD/5BxLGEvbdf8msiXLFR2vVnwdcvd1vLY0w7VB+/uuC+OaCgE2lGyERz4VI4j1XE4anlHa25/DWnKM71UPFFl8gKMi0bY8QHoSGc2H6i8TbUex6tOKYA2o2jKtWcIWhb9C+h26fDygU98HOj5FWvoKhvh7JxalXB9dhnRhucWmj/L9wk9846RXz/aGCSIuthPbBUdKsrIF/0lkpY3yzjeCOcUjgwGEZDBtcjIFdyPgv+MDXDazXibT920b2RotrJyXdnQnM/txfAFuV92B9ChTvTwzlWdSGPVUmD3cb0YXtJ2AoFh8gbhyuRs1zwLv3QXXEJ0D78ActMQjvXBBBa/7fTC1XaYa78K4b5sB46P5qQLO+4RMy+nICNdfEemiJpKEHQH3F9/A0ylBOnKGocmG/Yp2oKxGImUOAzwfYPcv9quV+OevqiECitg1n8yar75YEzrX8efg7yAeyjYH0IjFXtI32epJGIndEnTXoRrgyW9syOMLyYi6ZClEXsbxYhP2iNbrHrbkmzxKV67Uj+Wow3QLD0xEdaZ/kkcd765w4hIn4+HQy8+tHPs8ox7PQ4BDGbYbMqU63tZBMJJP71PYt303eGEPVmhDQlMduv+EaC8SFBQtjkgrCloRx2ABJ6fsZ7PDxIaZ7f2rWBUgJehL21KOWJEPwJ/AEkEELP4IB93GwIsSD3MvCYhaEBUKkgU3zK++L4doVZGwz+/1DrQWVpccI1A9ng8rgEVHLrmY0t/EImFX6g=,iv:q96jcO0G8igNKlrUwNxP46n9kHGeY3DfyiYY5DtdW/k=,tag:P0qNDIE7Dr/mg5Necckkfw==,type:str] - ukd-sdc-uat: - apiVersion: ENC[AES256_GCM,data:GHI=,iv:yPVn/0jNmycqtR/sAa5QOBAXbhwvhylxsCg1x3Kgmuc=,tag:7fxNhUGJOVzIzDx0d2pNEA==,type:str] - clusters: - - cluster: - insecure-skip-tls-verify: ENC[AES256_GCM,data:dgaJ8A==,iv:xQmlluyatYXhkX5LKtrAbbZA4YsraNNby99OVbb2hyk=,tag:SLUag9bU/zsPosVyXQcy+A==,type:bool] - server: ENC[AES256_GCM,data:ZOr5lOcoyM7pLgHU09IAY+Rmv7lJb/mPfAORwGOSTKFuS2SpecKegt0=,iv:6Ya6apI7yaU26nNi/CvAOQJuUa8ZqCfVEiF3sUJaBoI=,tag:+qhGA19cNF9gQIFkcj3xTA==,type:str] - name: ENC[AES256_GCM,data:Zhm+Owoc/sDZoQ==,iv:4mFXJEECOXIgQ7lsiXdyXdZ5h9QysF+dGQeixhqw5vo=,tag:DbZS1JJtGR7AC0Dmhdqg6A==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:8ud83twZ1vi0wA==,iv:pVjhpG4xurDMAajJ23ajGNOXVS7cusI59vuIMJm/tlI=,tag:SvPUJJTpN/xMLGoNpLZUlg==,type:str] - user: ENC[AES256_GCM,data:+QcJVmZoTAyzhLU0NIFBsQ==,iv:A6EzbPFnNA3VTthm3MBPGVJ8/hnyi3mB8wWcXpDWbVM=,tag:L1e0DdUB1Sd6cw3dkRmWJA==,type:str] - name: ENC[AES256_GCM,data:2ip3yO0rYMp7PP0=,iv:8cbAQxTZFePHRWRVj+sFXS83XbE+HwukQLRxHqa8dG0=,tag:bldZO7juAq5teLRn1I3veA==,type:str] - current-context: ENC[AES256_GCM,data:Xe6YxkpzErG0VB0=,iv:ZhTz5tte9ljjW5LtI4//XFYEqwCXKDVpxHo4/iUyhO8=,tag:re9P1DEHl47gXwLNIxADrw==,type:str] - kind: ENC[AES256_GCM,data:faPJ+rVQ,iv:V5ZADVM08O+swlPSLc59vxBu8gL7ujF9IsdKMFVIJ/I=,tag:39CTEGGJypW4xVLj5EQkrQ==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:yhr3Pqsvw78otGbGXGBl/g==,iv:iTHpeUQjMcl5e8yjz9vw5DsLzuQo/wZAXPXqYvKNWgU=,tag:ndOUqZRldNehFLzO3obKPQ==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:gdZgnYXDXo5hkfPirOCGpcGznnEhIER6FjDT0bg6TKUOurKpHBLk7ffuEoDdOd+kTgEA7AEPI2O6QHthxxc/0H7ywwdKctp8gXbswmsrTBlLk2AEk8g0P1KB/OUDfgWsjsawczfJOW4Av+U1mdIYQ/05mvk0YXjTTXCSY9baex3DUKBSbks7JG+UerFy9vq9MG9bryW7Sbi2Hx24hutTtVQElwp+uKTfGUIhwuwpkbxEs6rj4XzT+xM2eDv1zAw6ndtbSUJWPR79Pn35+m3hLKE83shKmW+VE8bQjykW4t54sQ6G7yweCBWvy9mclfNzKWE4Cc1Oxu7ngUxpf44cjHuaqcCQYppOnbwU424gh7sbqXGR6aCeUfw806xK0nqpOwCp7y6tRpPRBLmVZ8NbFlBWLzdKt5DWuL0bFnHQiwph13YVMXv9nGWX06Bg81v8VjLsP9MASAL/S9cG2ewLTfEbPsoR6/VTL5HyrZdDIjWcyzIoYWALRYdeFeezGKFo0M4If8CwgYbA4nv0ANuKzFWGfnE2zhmkFKwjfCz5qEpQuGJwx+DY+QLdxbmLlv282DkFS4CXoMIZbdItBIo+judU7ctp7OgHUp7GOmz1lwxV21EHNA8AjGOjsaGsP5B8KWtaeb4GJ4bOnXONoBy3jOBAm/bFeH9CxcBxAmCCz6ZeKXN8gjLrEojxJ+ohafcwxjM/aNlK6gFJ5MgvbiUYz9mA4h53klYyFTDAidpBJc+loWggjgK35B77gBcnebsZWcvWYhtxiRHDReYZISrKQT11+sISrDcFLaNYdWwXmcBpia+xpL+f1cz7jQR9b/1MKtYgb9Y9uqnJb86DnbLgSEyz4hIsbd61Fkakj0voht2wwHcQK1Y0N4922WDNoTRSfbczHbVhm5XLT53Lx11plhySbsC9NBYUyNOpxI+gawpHG6Dl+5zblJhk+taNuixRrXSNxBzsNwBQMXsFeJrJeSC5Ah7wqxG2qYnn9BcaUC5ZG5OTxDr+wbl3XsUZusBeffzXTOvNGULnW/+kK3JPmHi/k2l+M1YsEbtbfYWPkK5hoq/IBkSbXhKfAbHnz1OTlFOaBvK3xsW3WfkaqW20UoNJDYWIM23CY8gs04agZh9FZX2WABUNu9ws+X8D+sske5Gl+8RAxR2kr3Qs11M2NXnbDGe9heFtu+krt06sEVS0QRpqO2Y0c/XJOmiy/um0VGu5wnsJSbNpjLVm+vqaF9yp+KK8MB7wVdsTT7G0MVA+0qtm/yjH7CXPQjGYDsBhhgMTzPokTDLd0ynCQjkd5UGvrZbSMoPet1ERFwSmDXaUoCRVeBlmJ7mxt6NNqiKLvjeJpPfqy/JPq3ng2n4okrY4htQojfDvUVVy7spXaG2YXeCGeiPkbZbjK0010KXKmZRBQ8pi0Aw1yrf4tMBC5KaVgPRps5opmWr59xjkZBXyd2FWfoumW6gaabitLn0BToqt2KFCDpsHBOeOmo/UnOuo0tDwJo1KQ7sL3DHkFS8cLLYgnW2s+4EcYOdBPji6tjom7t9rOs6KpIahu+f7anhmNJGvqr3Uko/s5WfOH9USkmb8LBJ81rhrwuGPKwpRvlyyMtrGX1XqHkaaBJV8IHsqk5MB70N7UrXujK2H1Z9BcfSbPmsv3LZQfHDxhtHoz9F3/EnKVhs8fkEj0lCX8eZMPG/HKYdyWEoOvJKCwi9+YGbi92ebX9a104qE0dR2rw1LojgwBSIgPmzwW/5BXXfS25bJw7ctYyUY/wKG4L16wPl4IeHD3mFT/XFTA+kCQYvCLfrbo9f4xYZLxwh/FnZ+apIiY2Cqa3kA/f9iCzgMFu9Wp7LaaCfce1WbyT3JGm4Rt1cwdeExN4t6zRc6LvPITEOWKrOXAh946+RC5BUodZTRpeMvkrpc+mlyQXC/HMwXzA==,iv:urkh0bK0wdqk2UfwTKS3D/Vtn4v8MtKA0PkGjdhx6Is=,tag:PJUP5PFtFLkcWNlpGoKzxA==,type:str] - client-key-data: ENC[AES256_GCM,data:TXzSQToj68u2C31CHMjAxvlniXDVHxnxbAVPmyoOKvsIIAdYsv+c6iH2RHwShQFg5GQVrlpy4jKmExIzXqTBTPzW2gHrwCX4STKRLGmLVVfDCc1+AFrHTSztILWR1YB40OXB59P9it/DcSEYBLbgDh0FDKZbt2B/0DIUq75ZwoA7QfCeIGB8xllXykdSytIxHXzKnU9gCoxN3GWRPK/T3wONCnwBos/sV4LBycFBKa0D4QqMrwKUr53wWxZIFpAqBdPIrDOjMNghq27huPm5uF+XOdntY43usmBEAnN0P+Nnv0YKkwRI0664Q71ogKkuQvY2Qeg6JURfK9lO94uhYt2BHq+CIiAVXhJh2VoAu8WW6SdoTD8lIlZy2OZqZBXObEoK3Z52+4jmLH2DBPyr9Vr3zp3AVLSgRDyPuuZEq0lzoC2H0CD4erPP2rAMkMvYnY5JgGGc6e3yX68s9DpgfEORBK63RUwNwTF/QBNqs42ib7+orZtujFKhIl/qSVfVmgZBvBB1IiruE73l/xhN131wgalM+L6oVh3GGiFHBO5Oud0O+jM/O0VcTTV18P8teHMXND9ZBZ0uCApdNsFumwCIPUDd8erA1zzcibdYeFNzUm05IOEaGRfEAC4qggh44nOREzsQylll8yQv0IUXKrVy206Jv0vUamypfES+E1Ow9gMM3hGKH3rNiuAAUvgwHOW+FRK53OxbxvOHpfakNoEmc6+AIUkU86ELzya6s/FmYOX+vy0qBH+pirYFNbWUsba2l1Pm7zzgW0VHwR6ZMNqwckSeXEjpe6MNoW/10JOv1pksenYfJ05eQ62W5VQBuvl+55DKU9lO0XyKlv+cRBCKdv5k4XLGyxHflCXz6BfG9zPyBcA2moCbcXYiSNSho5Nq2po6/weXWzwF3/Y3fsBGZ/TYIxoZ9yuAKeK83oO8zwxrYCAmQqw5zQEz73sn31E7k8QMCnZNOTHT5G5rs/uVwPxiQku5H6xG4ElEYB2kerheSUT6zjn/lRYjoAF/eCTQ9pWIwIS2obiOGe6QFHFj4oh3LXhh3pZPHiU4HxJ46tY+9hnqPzkX/abjEiQh4v5RxgNuiEhOyyyX1+3j5ufdUO47cKwI/vvrU+JgZu7eDdRPcAaxwBumw1aDAGDVFRWZlVTD+UKU8Y3o5J3O6gbVHquuUo8Kd9wO3rmDogn3b3JrLeCBF1Z/bGGT/3eRDEMA1+FuTpoZmeqF1CCgytuRi77nAPUl7J1y42RnmqbilXLgMTtn5QEVLvFQGpMwbQxUVAxi6N1dSq1NfTVny+RZlqKqC2F21TSJFqQEyyc4Jh1zs6k3MK21N6mXSc1OnPf+PUF5fK9vCcuLaoo5ozt3Y9QYw+4Pbolt4W3WGaejLT38uR7RNIBhC3l+AGQMI4fohMYT8WxAAdLWYQlNnIfOjEq5RimMmoZ98+UFkuZ+syn5qZx6etZv4Mvy7G8CeMVk52GTeQb2GlyBnolPljiwMY3d5nfdDVe6jdl1nOHqGqj03D3A7T/LEc2WDJk6Y8N3FCUYl4ee0uP3REqmThTtSZR1ot2aD4aVehoGFnhXc63IXN2GCsFCiPKNRoH8muSq3Gcea1+LqLk+5wWUKeb+Zqs1A6F7lrGmjD8qze0HBwaj0H+jjAAFwiEhsYdWG1W3/6nIc2QJYbrZxFDlgUEwM6BAaAZvr0UzXnWakRvCtgn19uencUnHgcnOPBIOxiqgwn4+uKzTsFFyiCKCB8H8txnWm6vafE0K7MFa7Wxy6CpEVGplozE0zxy75+nhNiwrtASQhr5zZGVW0GJgfRu4y4KV6jMJdMXuG6QOjmizHqPJK1jYKLdvnUHI+2quGEsxfTUEG/HGvNLxH+Tq7To8qWroIUT6XgFY3WnIRvbBejnG8jHHBLv+ThFJIdIHDtDFpgpKUpbDEJan3yKkAKawIMWI/36kKiKHnZgrm2+OCDhfrZa72DeXLvwkSNHo7ltYk3SU2AqTqUimul4BUwG0BcL8JnxxO3b6Wv6l4FdbA3/u3Z4hA76UziP53wbJzmLcrhYxKiCPrJpwOsmabXtRbbOjplCSlj1xXistV622RZ5cZOvE2pBFRvOPXiRWV6F2zVk8vKCfngB0ycGErBWdcoYedRx5+5BKUEtMARWYqdoFNiO9j1qtjF8VT2IHCDOEMW37quteQihfwuZ9UBf6pWnBBQa05ucIiW0cFQo99RKDHqALIh0HHaMUEytdS9GW7P2VPNkKMWV3vsmxFJGarUe25kwvFveDNwSuFaEVttpB3UeQ3podXl5hi0TLpVtXNNVw9pj+kAAVXDGiw4aeA+iiZhC+sEJZq6yurtensKWTpUxlQjb35p0JnV5a3KvHzAItX/q8zOnakNN4pxLuy8TNnaNUF08/0d1WnRUn2+GJ2+B0C7tj9ChDKx6DCPOUzLPWVIuecHLY9YEiAO8uKfWeJPsI2jAQs36EG06h1bxgyzrD4Lyiv/un1SkwMvjB6thNOG/kQemaiDp6/+PW+p7pfBxrywhkt8mrFB3yVPoMk2Al4sTu/8s5Mkub6o5Nj9sMw6nKadqNiwrz3+GoIRefWYn3ssVVnO54AL8R/DKkzrkrIjLaXlKsfK7gF+WHu4zLxluqmD6tcXE4j4WELM4h0IwnNj5UuERhM3wTYkywSg/w5r/vdg4Wkwx/EgYunwafowkhkLn0hgcF6XFFoM7RKgG+QbxkdfeaRulZA9Sd516CdydwaikNenRJBZ2L6B/g8Dd2p9KJu76fmk4WtBRstgnatawNE1I3ZULvcDFG0EGvsOWzq2keKWeAHuVRFuyM8/OSyALhpch/3njD5h7XUWymgCRxXp8f7OaLj17VUNEl3ib+39AFAptbpnJ7qtYLuaLXdIU/InWlUqUrduySlQeRwsGQdFoN6J86Q5TIAeMpQh9mQ7Tx/wCuh2+zRERHfTj2NgXj7yKqi8zBJxVIbEa3uf8NZdR1ImY=,iv:cbQmvsothpbTgt3xd5vGXKTrk1FlROzwEV1TGsf1aPo=,tag:HuaMUHRI56Nuo72IGEhYoA==,type:str] - pb-prod-v2: - apiVersion: ENC[AES256_GCM,data:Kng=,iv:VjbhP4WTWChBvWbe+tFcc4RekiBx4vLVwfvtw6rz7F0=,tag:I1yzcHLcaThT6dhoGj/p2Q==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:S7blg/zRi0kX6hM1I/Ta0FPPza12uvxErhDPHolNRG9fqvLH4g7CF36MKzjlCVyB4WLqQj7FRnGxqo1ZqdqT641yoHPF2CF/Rree9XJSdW7vOOf6xY5d1X62LrX6/KZJm5X8aHZ4hC+wRZZJXY/q41VAMW2+iunMsN48Lgxj/rqQDRwIPmySXLncmzU6NoDnQC94mJLFRNI+onKfctk2wep/Eg54P/0gFkLAUt79za5iD2v7eufj2OYWDUrafczEh/39lYX45gfRKVnjRLbWZj2QNYjbqUs4HYwjK7dDWKNSbRRtg9x+Wxfzu4iOaUmZKqtEB7lsRd0dHdUg6ORjIVLd4FP5y8ASQJEWx+Nhh1GBmfTfl0kU16k60C/8biJUXhx5DYvnTFX/NBzja5E/3+KG+ethYnGWy7nSaTaAAwQk5hT+jlnzBCMoIMSASnNcJ6/ura5z1dihbIi7D3TqtAjhDbHmkHZNIZYn9zdngFNH3THp6+zKEA0W4LefNEjeGLPRVdUqmNW8P1amrCwU2fjUEZnnx4z8YUH//kAWwOESku+ma94q7Sh/GOuA/1cU3ur/nll2tyxGcqufWHsjTv2E84PDlQRKL88EmXosY9GeKgoFEkyXISLDyLlalSXQF9nNv2pNyxiTeyB4147Ozef2wlacdwmlSP2vjYTxJObeQd2W+pgXb1rklyNGaLU8tDpZa6cDd7yvzp67CyfoOikSh3mXV+v0bGSynIpGVOL/59leGIYk2YAHktWcMB8bGoWl7LK4laqCYZAoQ0Te+rPQ9GCAclQSk3DpCSlxgymySF8Pqx+yCBprjw6IsSu7Roea4fhiSTBbuP9yTJk6hLdrLQ1IQBkOFR5HzP5+7EfdbAWGiZEf2lmBMlfk/KgIR2bIda1xdVKXji17txqc6P/aeFapnxJMgxrukbzka0w1db1EwAo1XqBi4EaOk9O3xwZxw+NiGuvPqB0HYuwV2n4awEWFKKTjDyO5mLP6zOYLH66LThX5cs9arkfAYNs3DAjStfoEeLQpGh9wHcyXOv08t6+PIQU+VbAmhKsQKwHfOnFRtI4Oe/dL5T7+l2eMZUlXzI/lbA2Zs0N72hensCv2/27ISfuKmeTf9CxApU9GWuqphbEUfBc0pUQoqwCoRmnoEBrfudcNJw749MCNbndcXtWRVe9PpE3hsk05UCIg0Yfq5G7h7BC6U5B6wwhmXZv6XyBg8UkIO1n4H6jryyQspC3XzpfQVVthl0G2q/AHAWBCGVQvszpKW9UmYzj4qjMi10n9WyDDtcX65kA74gx09EdN0CUEZ2aM8LY3TFu+3mH65dg94tpPExRccNI6PI+5OhfKJqWuDUUQ79Q9MWiY0Y6ZlvEd6F5XiJ3F5M8535asjgHyFrbpWzs9Rq3TJmc8c2Hw5i9WPo2AMmrVXMe947waYUcjAvLr6k1liEtBZcwVSUgTV7EseNkkHjgC6bK7TKQBqegUtoBgAKGr80SZV6GcBIwKVEFvJUdpI1EHuvaI2jfheVtDB4pryHQG/Rn6ZPoFzQ9KJIUjLoBhMNAmlbepzjIUCKj2lKSkJ6gWv7cZwrgc2AULCfwn7v3PIFOsgrKWDN4tqJP3WAcP60FmmxsCkGGGDLyNi3t9v+3Qz8FkNJpnnhFGykCQHpl6UwxTURvokPrwTEx9hJfEFDeywU3jPNMLled3k8/X40IOH+PE232kP+lZPEF+x4u1dl1iEEv3myoPg1AGpcUAlbSr1VNwx2sq+na9nGjt0z96ZvK6ZVwgNlq/fFGYE+ajsqPV1VzQPhY3BcpUXQOsfcI4r6vYR8lE,iv:ZYWGqAPhDTyOBP+1Z2q6vkIA6jaty9zX4MoOpoMZDKg=,tag:Dd2bT9Wu7ZbsIDDh1dX6/g==,type:str] - server: ENC[AES256_GCM,data:2gMi3SMInc6t+YaErhoNDbBjN7WY0xNb+v4j8uE5UfD0a5gDjPtPKgqWSA/23yCU/UE6+fgPHyNikuUlq+YJPxjdMyBbnMKNrg==,iv:H/8ydBjTblq/7JNFj5t/j44Z7Z8TmWbW3SmAIOZSzAo=,tag:bmN/bKT2XZHVlpiY2T4Mtw==,type:str] - name: ENC[AES256_GCM,data:j0ECz9c68s4jf0Bqno8=,iv:XtRT2KLhYhpvewbvfg9kTiTBPV7dvDDgU2MI/JT1Wsw=,tag:KSB/tYbNagYNbnuXKwB72w==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:pIiPQFBXHCFS70LicQQ=,iv:8DVY3hxGwudgb/dQhRIyywLyO+mEkIa35xgux7BRHRg=,tag:910mJJ4EVCfzbImto6PJQQ==,type:str] - user: ENC[AES256_GCM,data:ZNsvKSQO/VVDy4kMqeQ=,iv:4+R37CRPh9bMw4EehDDSj4n0yaTsFk+j2kSdcnM6eo0=,tag:ZWpS3pym4TcyLOgug51Bzw==,type:str] - name: ENC[AES256_GCM,data:34c61PHQv84X3JlQyIQ=,iv:6RITIS0gvN5US8F+lPYj6WEZ6NOteCQJ7o3LVAAMwng=,tag:Gr1T0K2ijUvoO8l28Ig6aw==,type:str] - current-context: ENC[AES256_GCM,data:c4F+1di+MkIylP5hI0I=,iv:WCO88Q/7GK6zTkEPHwwy69PyXA+sfJBz+zC0wQ2kZVo=,tag:5a9KXwzPBLiZYk0BAmsd9w==,type:str] - kind: ENC[AES256_GCM,data:CicwViR7,iv:qb8+5f7TP2B5VY9uneKzbGOheGp+NdSb389jGx612XA=,tag:54ZkbE+YrtS03/SKYL7E5A==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:1dTQ5sdKYKfc/DY+xOk=,iv:5dIJNlgHU/cualzgu3C7lV6DwF2/i+mhakxvGevnE5g=,tag:RRgC1SdFwf5h90rFrePMJw==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:kBH4mBQKtMAuR6RebCfv2QfJGW/cW3WvGdlj34USrYi5OkHcIQ==,iv:VyW677qT1TqI1ihDpcui/zmikqVi9BY7eI/kqdyZWEU=,tag:i1WsmXAaI4P+NuZCrr4Cow==,type:str] - args: - - ENC[AES256_GCM,data:1GTCMro=,iv:YzkVAfoFr/R4MAeEg5xKY5/wI5r3nmV/yZPV+O7BjIo=,tag:3tTUHDv1BHzVb2wnurz8Bg==,type:str] - - ENC[AES256_GCM,data:vv4=,iv:1XXSpFl4MKux+kjU8N5DfTD3qiy3cLWG1QD7MJmVVHQ=,tag:UTyOptbtcr7dtmrOsfNTBA==,type:str] - - ENC[AES256_GCM,data:e8+U16dRJwx6lA==,iv:jHIt7JOdLNjEKLkBRNKM+8oZTGAcZ2W4YO7AVt/ARlE=,tag:AP0KiIanbe2WdEkplWe04Q==,type:str] - command: ENC[AES256_GCM,data:Reo510SC2NQTTjPVuhuM8ldBbe4m,iv:MJ2SIKHzUL14N5Itg/VWBwVNhkbNBWW60w58FCS+wi8=,tag:rUzgZ8buVNlMCCWTMD79Jw==,type:str] - env: - - name: ENC[AES256_GCM,data:Be1HBTDVwkTCF4sXmC0=,iv:0j0uSI0Bj646QYrCJW3dGc1DJX73voBAPHr+NwCFM00=,tag:uATzX7Hu7INdj2UjwpLRxw==,type:str] - value: ENC[AES256_GCM,data:+OBGpOepnMkUrWkUa/5jctslGLs=,iv:pod0TRwLO2Z8mfpQ9u4jXt1dcqTrVtQ+E7ghdNPejKA=,tag:d+KTznCrLrm7wYUNLnTnjw==,type:str] - - name: ENC[AES256_GCM,data:jVJ5yMpBgblP3P43EKw0dEtEiKSw,iv:pPvO8NU32+sRuntonuP5frpyBDTKOKc6k7oStflGNTk=,tag:3PwA+0S+E97j7pHr32axAg==,type:str] - value: ENC[AES256_GCM,data:eG3YssWm9bf+IMfcEAWodWa4tA5ritfvGDjBvaLkqvYntKDC1wnvGA==,iv:uGjt3ZIhU9MzIgO/DrMR5syOpqfiqKcENasykDaDNoc=,tag:DmInrS56nAJOd6Dy2CLH8w==,type:str] - - name: ENC[AES256_GCM,data:irWZ6fzTGuZUzw==,iv:43b7sOUYXsOHgLowGelUxn8w/vDam/GHEyYByc5USLc=,tag:ArdyA1YlovUR4Hl4Paqt/g==,type:str] - value: ENC[AES256_GCM,data:ssYvcRFnC30pBw==,iv:+rL4GxtVkaopditJQiFmhvKm6trNVZ6+sCUoeDQBbHA=,tag:oxMmarKVpi03KiSatVoZAQ==,type:str] - uat: - apiVersion: ENC[AES256_GCM,data:jWk=,iv:+JT86rw2tGd1pzGSS50YrxcmefwfSsC8RS/vPtTQ4o4=,tag:9U2x7p6rtom6Rwi1UZPg1w==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:3rwqR0uv,iv:5wHAfg5x3fyo/7+8mqDnoJM1WLsue6JcgnVUz2QM92M=,tag:uVEnbAFehq7sjqWMTqQ2Ew==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:j60kUf5j6n9mm36VBFSRKxyFDvgY8j2XGVWt3CSkdO2gZJzGde88kwvPKdzUDAVzRcckjtNE4rvCOK9li/fT4pt8djZdzaDXxQ==,iv:5lU2QF71H+mj1aU0AWeFFo8aMyKzv6aGTmTEIui+thg=,tag:QVpVXeyn1fW1H9RQ3Eabhg==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:krgyrpcEdShgzpi1PzmqlLwzunuWylYUC0fo5FYU8PJyBzsSZ72nHD3oEHBgoy7COvhQn7a09zPsrgdQzc+x8AEJHwX9zl8SimrT0lfq3yPAanxYQJeob0l+NGZsAQLuiVC7+Q1wG5PWdxV1BFQKHv83OJGl3ES6RspwvUksGa0qs6SQDkNPfIPejOYnocwOqVhl0/1ZpCAjtABxGfCLP4ZsErltGEd23OGiS120AdrIvp9STCpTTc1EbWrdRuU0Cyvbf5YiGBNSjHIWEAJN64UssGQZt3bzvn/tu14TZwW9rYVvZDiB0xBlTkWhiVbo/yFoF9KF+eGxMfr/mI+dlBbufjsZ+PGXZzq6jz6MC6M7BRZcTJAdYzPcQQuYGf1zj0LcLBluTkgv66skPeS1socXm778SthQxId72wG2Qwu6iejFinzKKR8sT9nMpy9naTifRIOxIa8+PtEWuEyBdckfSydViYz1ejVgT8ARrkd+2XhNGzJ/KY6pVJbbEcEGnrHCyflvTfyi6qiHojZnjoPCfkGvf0XdE1VQV3EFnGtIewn6qa6F2cWuI9XNaccHbaTSEYcsU0sPS7H38wZjurbyfL7ClHG4x/pK7iMgtESKl3B5ZjDyfi0GDGBfq9knKN3d1duHO3R4KU3Pt47kQBa4OtJjKwOctRZ/Ft7I+smE+br9NAr4Pwm7ewt0DqpFSoUfgHtDeTTptmzZyVj19FMMf20Zdw/RkjZJ+T3IbaAWw+YA5zdV8IgSg6uvu2zWi6uGT5H9Rl+g2HSHQfCu0dO/hvUkKrQfw3N8JPMIhLws3TyH/BOlqqHhl28oJhq61jeNYzbmashRFVfjip6K7OCv8RfNWpR2DSK2xi320o1HxP/unYAY9nKEzcYAiSFg2ryB894yfJp1EEdQmMRDEMD54GtAlRH9LzRoX8rE4e8OqxVpWVP3tI4sYV5UaRlie2kDcd8F5mWr6sf4hxmF+L6xdR7D8V+p/P64++31Wfpsv4oeXPcASB/MfWrTm7yqHtgnrG1SIGN3GnDa+NGHsfHzPkwmSWcr044MMk6XOiPR+a6rcQeNjzHfJ08xgSrrl3HZEPfVnJzhavdfg7NUpIC6PEAdgGz0EsPekgHcAMYR8NGc0vW5/sDISas2Qtw36/DNYrZVa23qVU7b8LogW/4bQHc7+/yHPnyjggzIKGfs6nPav+lQPtlJG1v988dsArj2iroHGg0o/96S7Qj5rPievpiDUOc07jrrEiRmILhbBESnGjC8proerbgsjKm2Fmvj5Zx3bDvY1ULbvFTeR4N0zT3u84HQplu8yPtmdzts0JXejbggN3h5vcmwEXbkv/vPIpVa1zSMtuLj/Ufa8tqJ2ncSeIju0uKSANFzvW+B1x3beK5CDNOJ+Xu9lgd+ARswbee+bsXQMKQGpz9QqM5TKAVyfHaAi3/O+l9FB7tdQiFxye1Lh9oUJA0m3veO3QgusXyyTFSTeIgYc9MMk0JsnW7nqSqlh48dtqkkRgnzZ9gcUsutGMeCtMSid24jGsKswrOuTzlQjrb5lj69YijB3AqQQZevFrhz6C6h8srh+u5JDli+8iNtIQmH+SAhuLlWuLTR9AQOd4e1BChJRcfmGdIBAmYrKNvgThiIqM5hZyjvEGxNyVMsjLxirqvqtUMgVbjL9iZDYDpu9tw6jo2+DffEWV2BrXDSQeTVndgpC6HwDOf/oEsWJP3GIMDAbjThrZILpfrFCGLPNR7IuELfo1FeH21zxjujlrkDWp5/fEY39JbUHhhGWEhxTLbEY85r8lzfzoSQcOk28QkK19PvERJycuKH,iv:gx8wDchveC38XL1cDRzcXFR+7MdSQuTDVBBQ/JUW6lA=,tag:nXj0DIUdAfkr1HKf4jKexA==,type:str] - name: ENC[AES256_GCM,data:uY1ghyC94tADTpi5,iv:GE5GsnVHQlo6/JcrSoEbVqfzMM5s82cX3hdjX3fUzIg=,tag:WORUKgqE8sPXgRL0vtyHKg==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:G63xEz666zkYZQ9/,iv:1pqCctrZQA5hIuMtynfHqLxTqz6/zAVCV/F0LxpZEgc=,tag:ysswk2tKKAU4nKDy10kpwA==,type:str] - user: ENC[AES256_GCM,data:zsMgdVA33W13bSyW,iv:+UqopPn/W+F/3IjDljqrEm59Kf85TOwj3q8cBahYyjQ=,tag:rEB8Y9p8C5UO3nemSFh/nA==,type:str] - name: ENC[AES256_GCM,data:pfQzIJ+mKK9cfcuK,iv:clhmV1ukWH/E/D7PXPfUNxTEYt6CRPMrzJ7yVCzQlNg=,tag:gu1bW4NOcqjc7DzhP2Jbyg==,type:str] - current-context: ENC[AES256_GCM,data:JRqjdC02aFu8McQK,iv:Hc4XkRumhRRM+spJYdl1sjVNIXaKz55Q3vRuHFDpU2E=,tag:peIMWgRWaZyUdoPNR5wI5Q==,type:str] - users: - - name: ENC[AES256_GCM,data:GOO454cxodMcC8Oy,iv:VBUjmq2i06czpdpv8CCAURYi5sutN0VrUtO7PbaOijA=,tag:jiN5lfpR86D4wFG/C0ptug==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:qGWNteRKwx3skaXv9YNZlk3XnNy0Ab8B71RotXVLx+56yu+G9Q==,iv:8wc6Rm6jn4W5K56kpMZlj7VbSfXEsJiC/S11cccVxtw=,tag:A0JLcJovkKCb477Hrzcnjg==,type:str] - args: - - ENC[AES256_GCM,data:EFMOL2w=,iv:BcNPSnsyy61yrVQLJZ5F0/4DNiJV+xF0QexcXVj6XA0=,tag:GlCPi+HKhqZVKimkb9hkaQ==,type:str] - - ENC[AES256_GCM,data:buI=,iv:Ql8uv9zWVX+AxohYQpORmXqWfKEra1LOwI5GdwkmY+o=,tag:MdK56oZ3WA1QaL/21QZ0GA==,type:str] - - ENC[AES256_GCM,data:swgGXGpJcmQ=,iv:jmlMTN1B0GfgCnBJG/n368iP4DVzhA6Z3Du0LnzGT7g=,tag:lRHyqfwVaa84ODETauG8Hg==,type:str] - command: ENC[AES256_GCM,data:IvgX73I/alnZSaszfKBABdikGva/,iv:XmcLlcqXi96ukULaggFMqJ+vEY7v4vjCJ2r6ChkhxWA=,tag:BEwKI5MG3qMRd+Um7RQgdQ==,type:str] - env: - - name: ENC[AES256_GCM,data:8LYG4/m7vzeOpWSMcw8=,iv:Kr5bG1pC+O7haOv/na9ly6slPPKN9VflDJxZLmcwzls=,tag:BLtn1o3oj9PNidX8qneGvw==,type:str] - value: ENC[AES256_GCM,data:MoSd/48A7jA/KrHFp+2ZtDL6jyE=,iv:vRljKi3U6LpTgbLbTBTCtETm9uKmLqjahWjNnsqD7j4=,tag:ev6weOPZvIby81aIOk6B5A==,type:str] - - name: ENC[AES256_GCM,data:Axm/GMfFIpfYRiKNZH1VnRUCZeJE,iv:GPMgKfew8BgiWanUKBSaxob2h5CngKvjpmbC62fJziY=,tag:vzPxnNP6PJzAiVGga9XWhA==,type:str] - value: ENC[AES256_GCM,data:2wjVA0jsCZ0i2NaIr0GbydDLjoNbf/Ti4M+LoqpSEffrK6auff+gXQ==,iv:HuNRClJ3P8wHS1lpzglA+cqWjbSedcj4+Jo1bMuTXYs=,tag:Ia+8iY8bPGWihrkGW5TzSA==,type:str] - - name: ENC[AES256_GCM,data:6I2XzPDT4Eb91w==,iv:mAN/WfrOHiYqyxTweYZDofh1z3YJhAVMcg/8BivyLpY=,tag:GQUvAj5PF9bG5MdwF/M9NA==,type:str] - value: ENC[AES256_GCM,data:ICyyONELFc6Kcw==,iv:SZVfveRaOaW3ervTlBOojCgaPA3Nm/rVoiEVDRErfBo=,tag:+gD924YZuoTgDt/JopYzyw==,type:str] - ci: - apiVersion: ENC[AES256_GCM,data:Qnc=,iv:RSLfsDrgvF+Q360X2kbEfospWbVB7ELbZX3bNY4D9Y4=,tag:c8fV9RhzmXX9FJTyf6TUhw==,type:str] - clusters: - - cluster: - certificate-authority-data: ENC[AES256_GCM,data:0emfjpxn5A7pbk1x44IxxS+ORsD3sEU++TYfz43sgY0Y1P3RxvyY4gOpnDNfLTqBQsdvY31922xjWdQTs6wX6DTZnZnuXNtn6eKhDn70MnAr9zfByj9RTV/aoq69BVZoWJWoOG+d/1IVyiFJEkFiel88czvzc7aoMp4Ww2zkfZjWebRnOSeGkb+pK+SgpMzqSCS9uI12t3a6B5jUh6WYfNlLsVSNnW1L3PvRjqOvSHMD3wPmJHk4p8PxIFjqQ0mT3Fyl6S3awmwYOVre/NmED988FOal7cRUlQYXFwPkbFofLJEM9jd7CjuGy2k6lnJ/Xco5paGvR8Q0tOn8/h49f6IE0pFwhylR8uSkzoXUcnhjM1lGtiO5T3vOjgsg1N+JuxCqNF3k3NbJvDbIMhqzh+1DsmqASfUnocVYBP1VDFK/MmTeGFd/ZUPmh7jfd1mAoF3juUuE7v0lMAkoXgEttxwdAM6mJdroC9trg7NkprIMAjOULBnIlqs2mFOzTM6RiFdYD9t2wJyB3kfUuvDO3GP7AsJF8cYNz+bl2iyyqaRtrTodjC8R+ih8FI0NxYX+xPZq4GvC2iK8dSU9CnEorEM7yw3rOtDNI191My3wKns2xz7eNTQEF2VLLDSdtxmdh+HpzaIo7dssqUGWl49Ie0lsY91TTBqEbtD/zAKk7CuFOR1yOJ14JCuguivwJT2odR2a8DM+fuc7jQNy0dG4RKg9o3X+7BgIprgudMg00eMqip7mglL1Fyu8HcQvFTBcvdEj5g1YMQtip+gpbJkx/AY2Za6U37Obb6VitAJbqRYcbpr4kbuGdJugUxH5BwpvecHgXqSMg4S4Uktlt3fSQJ6WZvU1Y63pUTQWXfzPXG4hL+SnWiVE3sXoJ38d1pVaul96k2bIv5ZRQHD3Xc3yoaubEAtRcMIJSTqG4qJOUHCd0Irj3fOeKbWrLnhaXISRIdi91dMfDu+SeyswePdx4YX/hXFRY1htnu9cmCBUsU0fh3qlFUN+BEV/CuGWx8Ohjtn8i3gxLhIe9GPdYXYUpA3kFsgJMg7Uc+WXJVh2bmV+pKD7PdwDh8a2UZJ5hsdNW6fTo/aU+cYRP39dSyVvmNtn7mBSaZXW5uwCbMAqaVSZFNYZhxyyTjyYiYREqQbAmbexmmLXyo0IXU2jcrzDUV/9E8d4uLuhetEfRaxJGo03oxhTXuq4nrcN8SO5+FZBegXoU49VZpPFq6PYPLn+Q7SHavKQYTJ1Fr0fIxKSSauYKlpRdW+A3ng9QbyjKWhVX3s2XlSHWg9+Y4p57L3x1VplzysvSe3Suq7BTkUQr6wETIMil4x6V62sMbtew4o59ltwUUsM8dFjfSWPQPl2RA+Ffh3YhHEAQys4XMdonml1vH/fRrH9VXo2qUkGD6HfcT0+VARJAKDgNMgl0B2HZ9kact26vWvOCfYEWqdehO6Q4/eizocMXKkGSJqKs4dC7hRLR1QBnndY1i+uNRXE0LZjcsXGsDtj80xSQkUS+gVXzlB3xOl3QbLGGHiZn3i9kOHUXAO+Wp6vQQwxJq0fh/7/j0QFJDEZUWa3k2mkoK1/b/soxr8wKN0GvTOHzKGzVckLKcYQcy7PePBGhXNzpfscdXqHkvhTxArkaTHlqId3AelmE9b8yWxIcK1K5ceQmrbxqisuEC5h4w8fReJ8fprylpHgcLhEsIlk5bmh+HGTl81aJkMwcTkXUsPspruJ1VSG0PXZ5o7i+et4HXREuw6syfw/XyzidKMi5AmTGUCwUrZ+dGYoXFNAbReU+hD4f0sSYcyGzjPlnVxRoOLRKNJgzwDFFP7u,iv:+Al5q1CEDtRoP9gRoGzao+Y1ktZQlEz8kqvNOvIVIiw=,tag:icrEVExAKGnQPGXSIzB/6w==,type:str] - server: ENC[AES256_GCM,data:tN3O9mv7wrbe8f9fiO4QRbR26LFeSDn28sLjuXRbpIvXraSqQeRDnQSDYPYdK8jogowtgJbvL7zEocgkLFK0+r/V54BFJBSwgQ==,iv:e0xcPtWw/Rorfn6AeMCloyA4cxKcFf5XB9YUM1Yv9KE=,tag:JQcA7RqOIR8UlkqZSQqJbQ==,type:str] - name: ENC[AES256_GCM,data:mZ1A2LF48Y8+M5V4rw==,iv:oCffwlbJXYz31ac2TGo8qB94LNf9DNkufx9Oq7WTmtM=,tag:gTQkyoz0yMSSXdOaD+LgvQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:+QagNy9iiEl7SsiAXQ==,iv:M2ThYcim7nbQ1sxt1cMmqDyu1VL/Hroxuj1ffBQpYbc=,tag:WU5mVJSLBYBLv+HmLNa7iw==,type:str] - namespace: ENC[AES256_GCM,data:dvbhwSF/5g==,iv:H7AqH3Y7vAqiIKUNNAS5rP7g8EzM2XrCQniQSQ70oOo=,tag:pJtKtAH0WJG4Xn4uLg+0dA==,type:str] - user: ENC[AES256_GCM,data:929YN0AvHF7TTtNUTQ==,iv:uzrZKnBo5vHONTGPp2cb7o/dG0dvX0BvwQbUFDkx2hM=,tag:+vkzdJSDaTiHgjr1e0DzRQ==,type:str] - name: ENC[AES256_GCM,data:i1zKKTdQUvQOPpYzDA==,iv:Lpx5XUQzF+9HEp7/BZaApCGN0gVMD4ks2uPufuLnxdU=,tag:QLTsUTAy2zUYJdp+wSHLew==,type:str] - current-context: ENC[AES256_GCM,data:CNNX5NFpy3vMvIzlEA==,iv:B1m15h/0DGnkwj4jKTfeEw5mTXzita3u++wBKiXS3Cg=,tag:X4oOCmjjO65b+qjivQdIbA==,type:str] - kind: ENC[AES256_GCM,data:LahO8WjL,iv:3whYipH4ltnlxYH2RNFHxsMZ35DxAMFtIY7TBvAK/GM=,tag:RjyWvNbV0t6CwWSME62XeQ==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:dR50jQH5rpF3uAUD9w==,iv:GVzZz9mDd9df9b+AtV99uSxP+1nnEk0HaS8hpwgC/bk=,tag:73S6tEzZekGQqdqOQDpIRQ==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:rAXT3NQLQwAzgDQdVEF1XKEBnaMn90Sy1/F9EO6VA2fZmZNRyg==,iv:Ad4dsDP7guCah4lgijWh032Qyn4/iOtWDzT+IdKG9A0=,tag:XcuskfkWGnGAH7xw/C0FMw==,type:str] - args: - - ENC[AES256_GCM,data:pgfIqAY=,iv:o4Y6qW++L/zH3NqfaEZdmBD8IqI4DRsXuD1kqPWkn7k=,tag:n5ZOh2OLJo8FnVmEi1HmwA==,type:str] - - ENC[AES256_GCM,data:FeA=,iv:Gtrzfo3zTppMhVmIfDQOsh9ZkS1RhoJ2HrhivPhjK78=,tag:61gqTDs4obBDgg/bBxTo9g==,type:str] - - ENC[AES256_GCM,data:fPlo1RgCKZi5,iv:CqUzYOiGqNk+InIyh2TpwfTsGngqKQ5q+NxYvYY8Gz8=,tag:6o8chbaRM2Pg1td5JKjGKg==,type:str] - command: ENC[AES256_GCM,data:tsR6W17x2ysu91AjGONMEuj9pwaf,iv:3ujm+o3nvEo4uw8cvusf0kHQAyJbZB8hJKDAS1bTI/g=,tag:1ybuOF1u+T/Xh5F6ENDfzw==,type:str] - env: - - name: ENC[AES256_GCM,data:buAbimQGroCN9Wf7Ty0=,iv:IGPz54M9qZWkGeFzDdEKWuoyeP0mDXHQcswaJrTAMfU=,tag:NsquEFCswz6cKo5iXKIp/Q==,type:str] - value: ENC[AES256_GCM,data:i79tVpYBpxfAnlQp4yMud3ItbgE=,iv:Hj3FtD773wnO+SbLTE6pzs5xpnfpL4kx4tXHrcOswSY=,tag:6El8mWl5hEsEe69hiIEOzg==,type:str] - - name: ENC[AES256_GCM,data:0JFXkiCBGkTMZytZhEHgvbyRXNBA,iv:XGnaroUY+5Ij+QQ0uVQC/YmbMLKrojdQGKQJOhwQJ1g=,tag:DC+JXfzN8boVIqtNK3rQ+Q==,type:str] - value: ENC[AES256_GCM,data:rDEb8bPgQxBfrd9nHyock66ACx4b5UEDLu2f2wusRjkuqF4gUbYJoQ==,iv:8bCRtGDFRu7YKPvcp/qVXiYPCYxf1nui6dqpNCJGTuo=,tag:sE5VIzxF0NzMzr3dNU8mhA==,type:str] - - name: ENC[AES256_GCM,data:7UPYdtDmRh5nag==,iv:VDznS4jMroXFjyRpLnfTYGA2jA0r563CUUzoDXC4LjQ=,tag:Uwq8UAM0CCp1CKaEeQ0Kqg==,type:str] - value: ENC[AES256_GCM,data:LWq7HSQJrN+8nA==,iv:YGktcYcjFUl0G09xc+mP7R1EHozlMfs3Vf1S5jB+1t8=,tag:Dqhl4LP0noj/GZVvaA+jlA==,type:str] - ukd-dev-sdc: - apiVersion: ENC[AES256_GCM,data:GDs=,iv:+Whn6D5qFY76evRpFmNdnp43oubQE4S1kRXQO1L3yro=,tag:ODIiTFNPNzS/bJtsZHsccg==,type:str] - clusters: - - cluster: - insecure-skip-tls-verify: ENC[AES256_GCM,data:47+Jxw==,iv:Cop1dIFtsxd4YxpF6jn09lxe3/+LKl233vZzdnEjDPM=,tag:pQWrdJ/SD7neJM5xdcyllA==,type:bool] - server: ENC[AES256_GCM,data:T1SgPZlo/650xwNg2uQvm79IxytBgFjIHyqc,iv:frTkgC7a6RFGyjoFUMdxYamBarRYhcLzEs6wDeozh4w=,tag:KKMFQwIq2DnClDTq5p0dPw==,type:str] - name: ENC[AES256_GCM,data:OqulHWFfli6KOg==,iv:YHJn2kx9dIz13+ob1MSNIJeQSdpBJH8Om/so323J+gg=,tag:l3lqZLgkUOp2de4bHS5OhQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:+FKyBZFX/vzvUQ==,iv:Qp59Yfo2p4BhJNSIYw+1744h62uW0yKgvxa2fC7cyH4=,tag:vrFmfpDaofpJ1Kh13vU0bg==,type:str] - user: ENC[AES256_GCM,data:Hr2CIm8=,iv:oV7GWoq4oB8j83XueJM9q+bynnwfnX7lUq1EcjyDs1o=,tag:Mi3td8vKPKC9TMQ/hXQe4A==,type:str] - name: ENC[AES256_GCM,data:xDK7mK63+bRohA==,iv:mY5/Texj7O/9nSFezug7HwvE+WlfvQmvQzq7FwxACE0=,tag:Ou8JGikSwvqeyyFL+ESz+Q==,type:str] - current-context: ENC[AES256_GCM,data:uhuYmA+/JWmctQ==,iv:1R/veFF67JnKAVftmXeQKYf3bxOddHBIlJqwmJA9iVk=,tag:5+cDDy0lKQgmPY215s+XoQ==,type:str] - kind: ENC[AES256_GCM,data:NzB0yEVk,iv:tPQmmgNpfNDpSLvMnZNgkDQXY/gxZUWKgGR5kqFl2FA=,tag:XJZHasKC6kKkauw0Ers9KQ==,type:str] - preferences: {} - users: - - name: ENC[AES256_GCM,data:83Br7zY=,iv:NR6RsIR+BSw1DdwXjCSApcgfk1Skp8H2LQuy5jOwVlY=,tag:7hSLa9hWxzibDPk9gOFtYQ==,type:str] - user: - client-certificate-data: ENC[AES256_GCM,data:VQ3bnpPqVAl7MqNSgzEvTB5vIedygU5uwSfNsgTbripRg/DPKT2t9XBeL/doO9tcz8XHH2DTSEwuJ3iWYljkuixVTqfMeBpJ8wNZOYQ5PFTyzRf0kgRv58HrYDg6k9XgUxITqBtLLvVTHgBRZC8ZXZ6Q8dsaXZMuVqeHUNy9O60NZO+XMLFDahmm0ka1SmWG8nxWGMrQkLUFeakyzh6XIzi5VXyFX+fGUqUAiU1BRsuGO82aU+AdE9OPFrOCRYhbij+dqAao8s1qsDCeH7Bt9hQdTfH7k4zriPjbTOzEIGpeEiwHpHEAKsuQREu683N2gwg396FenRFJIBUr00XuGIiEgqRWKYl99J7ku7CPYQlszv/5Uc7I1euS8TpFD/Ql4vdpMrEvdBUztqvXKX1Mjt/YfUkyL0H47I+UBeUz7o1GHCfIS4VXip9IHFGvK6HZbe/hg1c19S828VHCNtIgQcUkVgg7zeqDBRCFZZkvFx7OGRvfB1LSLdCfNImfaH/wBq79cwylNnHSXZE7o41F79iAH7SLmqHfUXaQ012P+hXd3ArdxDEn092XWCdWAi59AkmAFXEzPyVjwTITHktlgH7k2Noveg0bGvLh36jAdtFArpvwftVONBu6rRrnyeVzoXj70TIF4ej4QoLvj3grI/J9YfaeacVdpMAKal7z07mcUzhYH3qAtbiRw2pTEhskmLy1QazH2DULVHNPf3alImkYtkl2sLs4Z49miOjGB29k6uoHq5tPQCCyon/xMxhtzeGmLgLKKvMw+kAwx3cSAmgSSihmz/M2z0xMqNRMV19ZKUVgWjBBxK4pK4cAz1eVJpBdP2v9p1H/fvBKObOQoss21lgAgSw116fbsRAUX6RxX5PCHonABBIvg7bjrh/5BCADOW3cn3sHiiUdN29ynHiXQTv/pvYFSDujPHJQLloLlff/5mxAWR6R+F+27FNaIPyR2OEBkDXgEAI7hxfy/k0GUnFtwrR4pEMOd9C1uQX18DtM+bXrcFHjiw9ljSzFT2TVqdJEVeU2dbv5nuKRfIL3sLqkmL3wqAMo2SWpaudGeSeVll3PM+hNCNZaMRR4J54h3Y4I1pVYAOB8pgynTDzIzURaPA72i4OdD8qHxCf77Y0kghLlR6oTGyPQ7BkwCb8t1I5yw4dVqGoJsBeLAdeNej4B5jyMc+EL/HGmc7EJmvWu1Un4FoqSs4i2ZCZHV+16jMGec28kxQ/DxiY92WqieO2Y/I7/okROIhL0zVh0a1M7x+6dvih6FS2y+fOnTdmyQ5LQdBvgoL1C/iJusMOMKNaVEmANHuOi1tw/xTq67O2NUnSHWMrflH6tw9Q4q2mZht2xAKzkb4NnN+MPcXAINV6MfW78LyrVhknb7NS+t6rBoDjyy6N6We/BoTk0wALGSs0xR6tLT7UhrLzaGVygaa0rOevIYxX7hprJ04pOwb7n1En4MSf0iX2I67fVSgxxipPowUPQlf0kfdwobmX+EjwSS35vAYF7OD9mfZEBVkTm6XRPmlBF7RzLmbw13IQFn4aq3llzQ5BNZTZ/ZSs1IE7HINdNTXPaD0TccBkxCQ49D9BfZ8rxb6HkWKCLIFgh9CScXYdexAkGQv/JMpOqUr6XfLALtcyTBJrRk5jrQMJqh4AOOhreEJCe+iCO582eEWyzSEYxLPVcCWyCUzPoUlm7g1keupXjO5TV5Nk524Jnk6PpEByDFHgHiV5MQCLOHTCGYyPachWEHgIdEqBo7Lgv4izttkbRU7VLG/tKQv2s3uYKG4xmV6mbIgt+ffII1j5zGYcU5DkOCZ1wl3Oqqr2MTt5A/LdbQOXvzSCyP3kxury+zaxnWqb8liqUF+WhBWp/qO0CDSDATndGHJaPoRnrKeIP9vNedRRLGjsLW6jGuCNAH36yEaV/vo6jEcHhJg==,iv:4JkaexbKQzNe+J4Mqz5vCMn2BvAueOyZxcM9iiIT+LE=,tag:d8UdLAfzNwgMv6qJOe0pnA==,type:str] - client-key-data: ENC[AES256_GCM,data:f0lhmhqPIJWNx0zYHQu/VvnAD5xCVwesBSE6BmZaHkRQM7w4MyAcG5pa5aVk+5GrOox3qn2Emic4GvQyCQEzKLPaXsQUHBcubYGR0zdD2wNMj1rFZ2r+nvNi/oiDjmyt28MYhoie+gvlyNU9HIpnCq0hnqLvcwftH3rJu5o8ehekQC5409tV00WDJe17k5JbPoAHDFaSJ5/yTRC84qW/OZ1DJvYWE7dTWtro1gGCH31UGmiJ8yNBTaNzVVmxkyiX0pq6y4ICR2bm7EF2DBMSayXBDaqEdlVrxFe4pQeCTZW8SQSdQFs2uuIYsH2uNkkRl/hERWwuz5FBrRsTtVsnjQ64P1on6NIcMPhrjXoNYPRgSP0mSxvHTNt4SGxqHDKujHx3W/yudgTzgCe/3UI9WDtinRXCtUya/31DAR+RuLVnf8eX5HLAP4C8MpJMWPliqjCiXcCqkWstnC/K0QV2IGpGy3hc/JQz9yGP+0VitLij97qkYw9iROfW0O36oTiirCIt5AWd9j2JhaIrw5gaFvoxZSQ0oWxkuJY9iVPEV5j5WDZPGSd6TdzXxCiDel/guJK71eVyPY/cSmrKhB4t/bMVuMnVXFdC0xbNddaZZivfjBNkZTmBcu8jKO0FY0eXswLv3OaOB54wnIxLGG78iAtlQ0TsnnvozQYjGBekbXtrO9lpV0hTTLk44YgD6LkRF2tBDTFiW4jXkL3J7wJMtgCM5qbqr3ZBGChKGD+75Wy/kMdK0iZgTMooNe8q5CE+gNo3GdvpSFhEtp6/1mbQ9AAeWyNAEdon0N+cgoyTTpnOVGXkTdPM0ZMOZDqoKOAILhJCNfkdEvdGmK+0EwaohXT4+HXq/PwnCFk42m2Q+P7OXesx2J64HqiOsofTU7p4APV3uFaMowfsUALl4ORFXqjuMFc8ihqdaZpN+/WaXhpMfcz2uSqgLqaITlTZ44oFbYMr4yxz4L4CxDTU2bNNfMI4d5scY9NGt0y79X9wjyfet4tlh2YYdBJxEGLIQJA374JLADkzh7+AjzC3nSAP5hiG626PQ9hK/O1JipWnkojEQ8b+TvYKQMSuvZF1WbAdbNd60Vifg34bkxRwpOvvLGZiHj1EuQ3DF+cYw1ywywd7ii+dz5YHUgJCDamMG7U6frI0EWzBXdW9u2kuoFEF2hLFDIiBesjZHRkGfXpLyRTycNJCZ7LWphxkmez7kvfV03hgiDs5Jg7m+1PKPu1rf2nsCoRTYgQTfeSLjzqliIJigvRyp9S981FKEx+Tsrq/5YTasY219pUKCyUQPWv1Bi1bZkcniVwcGHPCeoRzXpIFUmB3tKkJ0aUQSDIAkDWzvOGY4TDiD3u2OU0A2Fca7QHiWAhCZ/tR8QhwkS4QSExMmZZGiimcPS2vk1eFJ+6x5JhdzHz0ZkgKSiqpn5fxaKeAemTrTLr3krjZ7BmSxfIGQe9gKxgPqrDKgnblSCj6UNeHxpPlmDBrL64ogdpaolOLuTw5JHzu2dCRtujLw8BhoR85FpDqLT+4LxukiNQS6QkP6TpyjnBRfYLwoZdNMh38EMAC68tf6UNAcH7rh5T4tk6/WMvHdF6YrKBLB5O97SuhBVYpGLHW8/4Om3wz1Gxx3TJA2M575oID++bR/KQUO3lVB+joRnL145cd4yJ3afRzfZrpzJuhwaKN5uYHVa56O2fi6UfkvKtITaMA0TI53W8a5i9eH9EuVlNxaGqloamFzLZi8KRXdutrZyY/spVBkC27vTBy6xJNcEsNncR4Wm6iB6e3yRRAF7LSlTogJqGCB8ZfXPpspf15lU/xFuGegX3hZNQTdgMhvLCj8ogHCCq000Nyt0ztW3T6B8ZAYkROr8KVIt/ii0hOfClBCDz3XsBfaLl133fqTJoVdNNFUT8Ofpm8T3TtsauVCp4HgNkgfb+jHwBtGxxpJqcj6bYAOrJJv1G9P7OEPeRqBSDhh1r3KdD1D/+F5jhASo9MWoe4f/0QQuDjCUarwlaWNsqEAJZRI9PwJfoYRDv5Z8LJkgrvkSUhXZDxFTIRhcNv+DBS9x8yI3XRt9W3pacsoi9QiWSLRY63+ea+QKnHbNvRfavtqpqdQ5xJTiDB3FZwca0SpizWdpHHyHqpkDkFCLh6fMB18qSpkkUByHHTDV7Hh1RSO2td98hyCyw83oAJWpbk7D1fZkHehxMNi7IDcUKRceCOcEj5hQtkocbIGrBOyHiFk0ZDQk0DjttTbBK6fDJp8UpsskHiOkOi7cVawdONITQ3LIPbRekRnCzj8EmD5tbJUiPGM7P9OmFTVp21o3k4Vfml/06FAPUOPUqfbIOU8A/TIP06vv27/slCYfTrgqUL0p9uP0tPg84bmlqdnle+Xp4W2ZLBcpIZ1LxO3qNN1iM05edCeSTsH0QvAe8C8mykVmAlCJivqtTKnduP237zvL/l1zzMg8zo0jMhC8YwNaxv6zxnTycUSI8gAeELgtB8p69W45OJN2bheUZySCrgEznuIGAlOuphERILXROUmB7BINZiTtTF82Z8/i5nQ/KV0VKoMIkjnxxTNsYOONkWmzWAYy4WdWWlTq0Pd2KGb1dClyKS1NrUtd2h8EqugOdo60J2cHCUF2YgQrmLLO8n/J7g5piXD2hJNC0X4zfCt6BNbhB0f/qhlhpiJuKxlfdKTn2GrHXFLApteynG/wwGVe8niSByNRNTpoLNdmHdxbRKQ2uWD1+bGB6jWSF6rM4qMam5px+h1lH4xfZx7uKI0YPpq8hBrUtBn4mDdOyU1I/f2ZnZ4lVTPuJNdaDHVQjF3h66R3FfN3rXVe0HGJ6FwVLsKwO6qRbrGWwzMQc60nXFHT8FjN7+m06XNcbRC8F/1vKcMi2Cp+hbPlb3cV/e5TUuPJXxNMBz3vAJIEqStl6yi2dvyX3v1X5FhuiFtnZtjfqzaov9OYAYIX3C0KAIi9E0dd2ODwinnyQWpWmcwDqbV7J9As3e1A==,iv:GflVJaPKzmF/3oRXArpgl3qHoUB6UQ0h4ksyk1fTXhQ=,tag:vIqnZ3CAi/zkitFceDYhGQ==,type:str] - up-dev: - apiVersion: ENC[AES256_GCM,data:zi8=,iv:eOCC+z2lquxfk/mjMuo3colt+8+Wfrnk6ACy2Pl7YN8=,tag:k1L/S8vTBR/SMZ3CJsBVPw==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:TZ/hq31W,iv:QKFm0YCqlqoYNLQ1yx606O1HeHTsgBXwsuSl84Afeiw=,tag:0EgEWK+mjXjePtr37eeeqw==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:pscULGoye3veHCIsxrBfe5Za5EEJblMa+XHWl+3j4tUluQ2sZZ2MUW2cDnpyBhMKLmAJAE7rNRKO1sl4LRkR3KGP/V/z5Bfvow==,iv:gmq75UPZj20HZlaNJ37Ae21lbcIGap67r86RKa5qWQE=,tag:wAYS5ZBHmV9Zb8mzPsSrxw==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:YR5a1IZ9IcMHI/Ud/GB/ENdVPAoPrWLfKn2LQINPIIk37eyEWCu8RXshC3E4KE40izAJFJn0meZdzRnr6e3MJr/Kn2yk90jHqsVA87qoY44RHkNkxGUf1c14WvD3XBpf4Y0xRF12oHk/6VXBfhWTfbkUuAtFgPKtyxgBlwbOF18/wbGtyyTf41d3jfDVLtA8nisebUNKDelAyIAVxtwubfvDeacvASTeS7xGEMyXRXNVVecMpTQpAg38bGmr9XR9rzX/v33Sck/O6gZU1cIU/7lYkcWnsJawDnLDaR1RsLSnnAZk+JwmkyaCL1ErabL8RczYYmvnzk9NYGmxbkAhtKfjcBqucBdJwG43J6j6VdhyykeRF/WKUcUHuy6hzsExrywhbSvgcmdxgUwOJsOsJuuuY0zA8/WHMWecD+VIZtR6ufqEXAMiRSAnYG2VXPRr1OwrCbPishnEiSdyykDHJgEs1Oy/Jxvzia7dNThJo+b6rR+RMnppFQlLhS1D7ZkBfw208qvHzW52EkfxXcQEZlRAdF3Wn+19xWnWfQzT49wlsf9QBTuKLOODf0PbcPsk3XO4ggfES3FIvXeUqkAR9zgRqKKjxx+9wCIVt9OVdnorbgXpCH6EZtXWRA1K6Jnq0XDXNZbWGC9P3ltd7V45A6+kngaNvixUnByYjLpb5lqpzTZ5GWoPhDAqTxw2qHWyoshWdROR1yD/Ulj9RRi1CdZZBjSHVw7u7Vv3VI3wbZ5DNo1ctaWpIIJLfMlliNVAx7YAKbOaFiBTsbhiGjIwGgn+ZbdolCxxG//AMCs+0YmL81n3tbugW3VWyUZQzZrjImMfaNAAI5hrNr0884/lmNCiYUvPQUIOQhsr8PYM0DNbEYiZ27joeaTDurxHIICuAPPbY89taZnUQvNP9qgrSct8y/QBU0fx+lrloivX2rFHdt1KC/LY/hXSl1hwUFllkNafDUj7Pk6EkcBLTK3wyooSLgJ+hHCcAd6+hafQ+xfFGGuJ7/Wof3IrJ+0NSV9Q5+9D+6OMhoSNArmZcPGr3iCUAdZbMk6+mU2uoqArwCfcn8mPu+6BtqjhLBTNivwVBQeZzb/yNxqdx5HPgCL1oJ0l663Kc4oRdYrV4Ogu+FBMVtcOZd7FbRteBMGUrjyMUOVyY2jBIEcq+JAlSz9jcgwB7WMzk/uNSXdFg7ag6PjKkKDtOi9A9PTg9i0YU9o/cewBtwN7zjWecmZKll6CDzeDZce/2ztYoe0KKkfTfnluBZFi/WC8gddH9wFivffM8pnRlj70TerfSuOV6uDaihJIANq2wbjMgm3snTLX9ah/ds+GfS1/1nHSx35HN5jwZLyaS3Xz9Nh+Rt1dpIMdKYiFR3M0pIgAsCquYSScRfuzpkFfXbAJMhJWtHmqpBVfWpQpVel8/88VR4mRszDSAUWHKpMAqDzfRO31i1JfgicnJkV1LkfLka0gDJYU0gMpI3SHUx10K8uWNM/05CJO/k8O9W0yKkbfFZGwg/wTPOl8OhGOPSY9CT7+bDfh46xVxvDzpZMDUpQ65aPzhG3sJAuVQPtEjUz6a1YfioZv1L/z5nVDQ9s87FXsuOs1+TpDi/RKQvvBaK7roiVGxKMJJMyjNMKFrcVAoafOFzc8+sZoGoMLHawcxa/4Pgr7mbkhuMFTq1B7qH9z8IyCutCHZVZsrMuvvscLfAALDvPEw6A32/mEuC5rBbLvzjg77Kn6OvqE+ypfyH6lKACyPvBE9KT6qPJKXvo8nwz38FHeWDtAmqpgYp1uRgVH6/l3BWMMseLAzDNDS3/rUImxNzxZZJY2V4UFaA2N,iv:KEmYGzAuJH5WHO7qhsWypAu/h9v6/p6qz3vqoMuKTtQ=,tag:bkc/taoZfU9D5W/YY+r6dA==,type:str] - name: ENC[AES256_GCM,data:sOsMsVBQ,iv:gp/lVjb3FBvD8oiu3GrHIchxczDpB6sZwYtd87vqQRk=,tag:0C77zzwdFeeEXcrVbKV16g==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:g3uBCwc3,iv:HCyfSGFaHWQ1jm2Y2j/76mAUEbq+OFwHMutvd9/Gc1U=,tag:rK1SaLVq4ug/NEVba4igyw==,type:str] - user: ENC[AES256_GCM,data:lxYFJroq,iv:hW+HjyxtmcxLxKwmX9rPOQzcPyL3Ekbg10NgSEu91os=,tag:uoGQRw67acqrJ+Op9Qox6g==,type:str] - name: ENC[AES256_GCM,data:CGzepiez,iv:NCxgimTBtWNjZjfumOIZKYx8cGd/H/HVwM0h3DPKsCs=,tag:vDWV1xIRvKnfO6MNNINaQQ==,type:str] - current-context: ENC[AES256_GCM,data:D4Y8xWtg,iv:eYEfTMDrsQjQzAFq6tj9m9VNZQhhimj8TNt7ooNWaJI=,tag:vcXvY57JsRF07zg1gJcc1Q==,type:str] - users: - - name: ENC[AES256_GCM,data:Aq2FDSSd,iv:32gohg6Z4Z/WYW9nOsXUNTVgeBFoIExBwivj+xQdJ4I=,tag:FreFCZ1LruItAUOqWNyS/w==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:xw17eersV/uw0uYUwMISl2NHF3hMMsSZrMJPUhZm+28nb5yOzA==,iv:PnlkWFi2nljJx38GcClWNEXyJT6kgL0Ie4NqVfyiG+w=,tag:yQPE5tz5rvX4zwBEpxM8Sg==,type:str] - args: - - ENC[AES256_GCM,data:Iyacw/I=,iv:6oKoMSkhDiddsIjwI3bfUmby8DAH7jYVn2PA3ePf08A=,tag:nJv66ap+N0n+TewOqqVBZQ==,type:str] - - ENC[AES256_GCM,data:WGQ=,iv:XTjVNi5sRzTjEaS4QkVHMHtXk1IxpEVTXLaBBPwHDfo=,tag:rSn4UbhBbD8y+Xd67xemHA==,type:str] - - ENC[AES256_GCM,data:4C4DtHY2,iv:r/IBMS9hKoB0YIEe4YQdEf0ClX913fIZn/GEGJRlfhM=,tag:a7aorFBh6UT2O5d1AnS97Q==,type:str] - command: ENC[AES256_GCM,data:Qhn3kKNSTDgFN4VaLZuETZCCG8U+,iv:xHnDU9eI7dqnzdMaaWOxQrVh6WIoTJa7+fhzkjOBhvc=,tag:Ez0Gi+SC7qCwWi962mXXqA==,type:str] - env: - - name: ENC[AES256_GCM,data:z454WEDBmTCosPxvDBk=,iv:wur7l5EbNoWDXegFo9KCfaf4psCLKVmGlMC9EiFj/i8=,tag:KHzwt9oaFOGm0ItCU8gUQQ==,type:str] - value: ENC[AES256_GCM,data:xXaQ4KWRIhWEuZeIWioD4txNyp0=,iv:GaYI5ctcuT6TBsvkp+yHqJe/iUC90iJxQCpoWXMvT08=,tag:wXKFK/+BeM0ToURAuFwNiw==,type:str] - - name: ENC[AES256_GCM,data:y6YnGfsK8fL16RsFZwleTMXuwmqc,iv:aqc8AC1LR/xZCmCEMVz3YlN6T0s1EhYjH2Bm6zdkUA0=,tag:5hdaOiVoW/VZTO4WdmA0nQ==,type:str] - value: ENC[AES256_GCM,data:IWSEHTePV3Wr6N6RV+a4DSLnrzuWrS6Xt2q2RoEjEVEna9R9WPP8Ng==,iv:oRYhaDOXwEBOo7iz9uTWbhIdgQYRpHGeoZXVvYAsdGE=,tag:T1On7y/5L2GvwKnSRIpKJg==,type:str] - - name: ENC[AES256_GCM,data:zJ9KMp4MqoQoHA==,iv:n5Cgh1+TTOHavUpMOwRDRDOV1i3Gj7mCXU4FrZ5KN+I=,tag:IAcnwXwH24bz2ze1GhwCOg==,type:str] - value: ENC[AES256_GCM,data:3IJvLZRnZra/qQ==,iv:Sfm5+Q/9H7cqFORKMtkNYe8/sieLI5jKUnKYDrK+skc=,tag:wiZMMub3OuDQHIniJ3lNoA==,type:str] - nugp-demo: - apiVersion: ENC[AES256_GCM,data:O4w=,iv:+6sCozP/g0+JHgvLyxr1NvicS2RaBBg8rm94hO52aFA=,tag:k8/hvEzA7kdm4t4EQdz0NA==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:XkKJsg1e,iv:NPkivDhftUEzxOLTVAQJ6hF1O6KF1XJ5pngfbo3U2BI=,tag:gZOSocd9cpK4mchdoYo6Rw==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:dx5ZbHMmvDxE1mRLGd/yBA6WSnE8RFiogqHA+eWDopMkqtcPLiDL8W65O0N6wEsYm8EzjVEqN7LbVygnOndL23gOtZX2+8NrpA==,iv:T3yGvZozHDIsKfWl+2RZVF1r1C28V4z04wgeG95r7mg=,tag:srEnAtxEfrHmpDj4do8f+A==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:q7Un3Pw7L/v8726oPxITJYBRFpQ/JT6ra5tWfGOl+7uz+Ews8E3wvnhMZoRunwL7mFGh7zwo+BusF9vyZm72YeVTdp3Nz12CDYLzbPO6w8xt2+zfc0SXn+g/TlcFG3mhUZe0AWchH3RXzzwS3elGRFi3Pc0oP2zUcO1MJTJ18iz9EWq1MIqqY8K2INL7KuvzEIXf8FwpoR1uiwL2ihf/KPCP1kUO6nph6dtCM2Ch5+BX5y6NVrfhCLuLWDR3U+DDxYGJB44Rp/6JGh8fwO3p9xArHLXR1MV9R54QaAPaTEVTmJbQPY1fqfN7E3XBrxtyV8MJkZgJuR53HqBM4Ga9bwCIdzmcA5ABn+H9CYRadkdJb5I0NcO6s91//JVZCNfJJ8k92cQYFcMg7bezEkocpKsrUb2HcyvA+cNPLj59dkUkrz/YVsix+NNazIjgEyNeTZy9sPIJKKTv0XbI8yh0atVBlbTtTB1OQRh1Z1hStfXw12nJgZk5GZYopPJsj800ZsfnBAMRWsIrymDvgrfC2hZih9g8+L96zQoVJWljzeE2TTUwEcTVfBL+5mLedw+jNChagu80TpXP/j50aglRoZeo8+BQ2WBTqExP4cz0ZDO4FfoJs62NC0UyoE5BEAlEcdVLuK6aW10KV/zb2+Zh1rIa9v3BGdKbOwSO+IZJU1tD5yl7rv+A4WcoBTEt7ma3pFqnWu1HFCpHbvp3aZGpd8OXbRttFLoxE/9q/a3FNJBiOPM0cVLrR6dNmJAInjEXqKuNCRr4xuYzZBX2U5bAkHprOmCNw5ar1tAyahbHrAU/cil9HoK4+AUMNJ33qs9ek+vCuH7nUCTEAV0MlKXrYCaBQ+y7eaEwN5ZgrfXCFt+I301MI1ZQRRLNmd3lofsz4D4weUbiwzEsBFqDWO6pwLpu0E986KrM4QvbTG3ARggDiBNTu/Qz6tuEzOx4EIJ3PO0fE5NsRmu97k/vEaIAhOeUJ60aYyJ9CpClvYoyMpN1ZytUFJGzsOBAbuIXkneVgRi77pvTKkVBJcMRE8u4LHK1xtnItiWgtheVMfwB6Lw2mdXZunXM9O/zfnD3fe2rtV2MqkirJaUHu5IR/Q73eBW2t2YzakD4+LQPTL0xcuU6DuBNej82Ei3f4Hs3QSM+nxseTd3sAeMklZIicQ95MCKdptZmW+RV2wqlGhr4aSvVj+tFiYXZm00bvQTXSHJQWXBf3subaYlrF6vNT+IE9wh+XebDu50FWJmkhkSB9vMBbXw+jzjj2CDM6Q1L231Nz9HfOIcS0kPw1Yfggwb6R+nPOA/1Gzh3pXbaghgRm47fsm0FVDWHCNeQdiKnZ7DuLgF8H+Qe0njopoi6j22qNMaoRYq+H6Bh/GOjALuftQim65stNDhhvk+gf+JBXnULMDq5Fq33uCaLFis8JLLYvDLu28eouTr6HfCn1UcitAYD2m86mYZ3grMoUej2ESwJIfnsrIh36GCDE7/ZBRwhfVp2z3yLKnkDgWia1ZGa49OlGH4i34e/LA4traUIcTBczU0achDiDlg2h6blCqHlQ2m9K3mqvPbqQx2yVa53/PIIgzLpFiDh/3nWB9e1Nrd/iKlKqFoQL1Kt0ltEU4fMv7yewWe3GXJp7YT+6MMUda5I04KQMk1VStHV5ly9zwFSe3kG1dU368IdLuJ0FEjZLmui02XEn9t6CFZ7AfF48etNDaxFryndZqb7DUI93fz6k77BCLTIS3AdHcoZl7WFXUGts/DCBnV1/gYUAOHPxKNEmRFbYPX0PVVlGmS+rqlc96LlDzYr2j08xww9x7KVemGBAz41oYub,iv:iVH1Ds5C9r3FXkn6FRHlXbTBlzy7U4j6GlroyxD7Nq8=,tag:D6GncwCBxSRCm/9Ezob02A==,type:str] - name: ENC[AES256_GCM,data:CZAG4Cx18ABB,iv:2/w8y+vogpG3SgXNAjmx9qdESL6wNHiA2jkITZuuucs=,tag:EBv73/cWbQaHBoiXofXcQQ==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:kjAAyMmvOD0z,iv:Dow0yWU2p+y+ejafGb2g7wLVxIE4cu4cOLvJksavixE=,tag:i/pkq+kd+RivwTSXIOXCUQ==,type:str] - user: ENC[AES256_GCM,data:o3v4t0KryvcT,iv:vi+sYcqIUmyN9XpYvrinrY8jIcQBxkrKFUkRUGCZUec=,tag:OMfjdgyn5OocEOVxar/L6w==,type:str] - name: ENC[AES256_GCM,data:wlW7z46x57NK,iv:h34fyiNlPw9+Ab9wyDWVEUGZieMExWRad0nsSBTfMBE=,tag:PSaDe6mgkvgLUNlR2VZh0g==,type:str] - current-context: ENC[AES256_GCM,data:Wl2+LqmJpHpx,iv:eVi28/TcmMDH26kmlpVML1QqKN1fjf2Nb/+kNxlnW4I=,tag:qezf/nlskc/eWl1gb3mVlg==,type:str] - users: - - name: ENC[AES256_GCM,data:v1z6Tl4erOpS,iv:p9l85XJFfVN10ob65x0qS2840m6e9zOAXew18Je6PzE=,tag:5Bsli586mLqzDVAV18l3Hg==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:gEZJ5PfCqqZWHnAuNGWqBMyk9hcvyAT6E0pFBz0L0XeY4/rZ3A==,iv:xNOfzbBCQXM6c5bC2K8rQVgLvLfWkaiHyICHj66DIeQ=,tag:k7sW3wmza0jIwbTcJI1Q6A==,type:str] - args: - - ENC[AES256_GCM,data:tWCpZ7c=,iv:8mfam/YAAuqe7BkuTilXr6rFeI+LJejqSqPEfCyRSBE=,tag:FEyIHwJjYAg+XbFG41r5JA==,type:str] - - ENC[AES256_GCM,data:c0U=,iv:lhgov4sDuAjdQqlJ7c16j7mfLsZtzWTU1/Ae32rKoMM=,tag:TgisFK3ntP3ZTQWAjdqTLA==,type:str] - - ENC[AES256_GCM,data:hYETfT+fbt0J,iv:SX9lQ57mr0Xv5g5jdfrrXJnyyxB7tEXTvODAUQrDHH0=,tag:GoK+14bpI1ZjhSYAHClHvw==,type:str] - command: ENC[AES256_GCM,data:2uXWuR8AcTokI0KIOOzhfQnn0FUs,iv:9XNF6nszn665/TYG0MQg8/WczvC7f7bHb4xBQJymB3A=,tag:/bn5t74/fG2CVnyWTz8ewA==,type:str] - env: - - name: ENC[AES256_GCM,data:P9u1gFGqb+9+U8DdG3o=,iv:ol+P1HnCyj25ZrkiOm0J0ifQ03gLgfuH2/O6s3Iz9c8=,tag:HAM4cj6nUYNO12CszQ8k0Q==,type:str] - value: ENC[AES256_GCM,data:31qUZJuYJPprKFg9O4TZSKCTGE0=,iv:7Gk6mQ3YH8OcKVY6erjM/SJ+KYjoby4XXhO5oAtdvbw=,tag:9yRdEH//yMFz3xiJJ156jQ==,type:str] - - name: ENC[AES256_GCM,data:YAxukG86Ub5mIfQplDlFX5bzINt3,iv:4xCwjlZ9JgS1psyzCCecXZFcoexbUvtjZ46n9nIIW38=,tag:K4NM6vntjjeOKC071PgPSQ==,type:str] - value: ENC[AES256_GCM,data:BEv/m8NoQMBTAod6z27N4wOrjbprkr+UhE0s0g5/V7SarFwMdLhTug==,iv:8f34lpRxghe2/lea5oEp5aidMYQjrlDCHkzenv2SEPA=,tag:7Ih1e8gJ+jUANyCvlJVPRg==,type:str] - - name: ENC[AES256_GCM,data:iOwpgD+ltvUqOw==,iv:Mj14tg9kRiatzAZeiwE3NHttg72jyzL7zN80PahHNxk=,tag:zSkejgbp7oo21S0BugWqAg==,type:str] - value: ENC[AES256_GCM,data:UJDFR3R/LDT37w==,iv:0/0jgL5pbuxuAyXZqCiq++/o33eAYj2JTkosgFNSk3U=,tag:au9DGmqCMGza6ySK6zsw4A==,type:str] - up-uat: - apiVersion: ENC[AES256_GCM,data:BPo=,iv:SW6QdTnK85JfpTCgpeSdPDezsmiFOjKYoek8niXwP64=,tag:GTFr5E9cFoY4tOY0CkJw9A==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:GHF7TToc,iv:NtrqCpP0jkiUqpZJ2ZJqqvdBRQQ5hps7arTOhopG7FE=,tag:e1S0fqQ0uAJ7tTLyxeUD0Q==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:tSasBn4ke8c69dBB2mp7jvlBqa5x/Yap4nZOs8X+aNCLHNMWCx402u1HBmT9t5kxhX7CTOjYIS5YdF3YkOIitcbrjFLVdecDUQ==,iv:8jn7ReTiacbbGedGfNVHGLV/uoqup3KzStOGHPXOMWM=,tag:HCulbSoBGcR9gKTT5EQw4w==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:prfGQrotHlHo3ReKTR6XJ1jW4OStglae9SR6+X8JcRKjD/vycEFrTzdtVgPFiBrQOXUzfUjESfCNf2fG6ksgegZe1p/f4Beurqs9VYduJ7A2lmJWeklFOtfee1O4xM37KrEJwzu9PM1lsoFhQbyzXGDdLpt3+U1JvAhVUE+sd80Gjh8bj6PEQOMqhLD0+8yCk3Tr4g/CHVOaDos2tRuNHe/qyi+19fNWf7HnrCRp1BRNgVHAedzFMY2urMC1Suy63Sk/wnpQv2ilk9SCyQcQ96p6kg7ZnX7CH8YZ4QgPFKeM9oxpKLKNsqpZVKMrWBBVgXU13/aylPohx589pXPemJJHRgmEFWGbpyashcXVGIDlMXIIMeNv9cC8Ty7Ebh14wvQU1ofrcQ5lAFGd8vyGQqWVibPDQcB9Yjx+ZuGxDUuME3H0RUBid1WKmLyzjy+pxb8pOh1o8SJQhzkhjSQc66K3Bi5stgS0perzjZzU/H8UofQfAhUsk/PwOq4Zxse9+q0TkF7IyoowjmA+qEb3tsljUA5/pPcKCMlXFvoHRjR1grXH4r6/DlH1XOrl3K2GwZ8MzRYs3Cx2eoVEJ/lx3oFbjdUAxT6Tu1BD4CVAFr71EDMQCOfeG0+D6G9MjeFXzRh0YqqPtA7lEIR3QkJJXJxZW9x1EGiMbD4pcaFMp6S1fBEwOV1Ungw+axEUkI4RJwIXtAY3jyyjeDQLKMpjpkiwKKbmUScabBMygrvXg12wGebxyI0z/DTXVbcsj0QXuAJ5Foed9NGXuSEvAuEwkHbqDqq2ikNpDlM+lZLfk3txBvinGDbMUOOJJ5wCdu4WYAZhUfIuKuq2lBfkwLJp1fZ8BL7VnXLCGhJdNzeUilZXhbPUl5h7oBqKyV43b3vldHZDRLwqElH02jiGI2MKPPqRvAJydnXz4yIOhC3g9aFawMEA42u6epChbIt+s2L/7oFt4oGj0om3TqqEI3TlirwMm69kR566UrAXrBtadXhP28Sf2Qr0/umA6mLqyk5r8LrAE2SJ3MaJ+LzVal0GDnrZJUkXutrv6U4X39GXx6EP01QVdQrElyGxkzT5OuWAsipD2ODsGi+7qWMFoDga9r9JxIJaOUTNEaC+kv7He8ESmurcE2cTZTK3IqAQ83ZEsldSHKUAEIx3cXju5raY6UEi/Ru0Mh3v15JaG535o5RaFNaiPDaMnPXSb39aH05YFWFYVe2HwxQ6Wd05zGuQ3H8oB4LiAIacOPZiTk7AeXbeX/ui2F1XDJICkUtKO0jMT31+4kFQbh1beax3z+9MRrp6/O7rGZ5PmAfwie2xq0zskkU5BCqxzTFqSMkOq4rfiEe0BBGhuFcZtBdqdE7DRJyL1476MyEcQBWVhq2+vbjTllQj1aXk2fqTna/vCVm1QklTBjJEpY07IbSIngpykT4ZswfoexbvaT6QyOUH+P3qqzRKoDYEwnMz7KqhVH4BN/CaProeQqQ3Mgt7SFZl+K0hq8Ito1Ri/mVswF66QgqtmWfawdgXpmhSHN0fE3GCW49vE9EWmUO3fKcEPK6Iz9xdKo+EDC1+b019K4P8F7O4lSru9IfYqPG+JfqrhoV1xToVHenlJ9pxiwfemEtXixLR1TgThE0ojfzGBU6AqFveBHa0bZQURPTd9jtEtlBdbsF0XBavrJrsjFw+AVrUC2W1PUoJGfoR1DgEoBxnCa9jzDNbHVpcyFbTy/8r52qAaOHCM0/xzPfkj8Xo90TWKo0CBvjVmk/28IxHek/07JIsy3hO2bNv5fPfWqNU7KeW0AzPr10hdrMUg5j+sa6JOgZePImykNmq,iv:Zv8x2aispkIUmr/BRsyaUml0wn94V1hKCneHL8r9Kn0=,tag:j/EIZjNL5x+ZzpNf7GxMzQ==,type:str] - name: ENC[AES256_GCM,data:m4IEkwNG,iv:dxOpJ6ydTqCLZ62MfU6dI4Bt2vJty3Z/wxcxpFrd7D0=,tag:FaTKjaJxH4yfSNNsSlytwA==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:5BAsrkDr,iv:E9BNWS7up+2UvxCMO5laCLNjtHvF5aTm08GXTGyhfnE=,tag:PchgU7kFMBQ8LsMOQVuUFg==,type:str] - user: ENC[AES256_GCM,data:dB7/h5DE,iv:VEsAcgdt+khK89vcwPWfonAuBv1bIqEtUwJZQm7BiUc=,tag:9yBxOqFeGQKfQI3VDb602g==,type:str] - name: ENC[AES256_GCM,data:5CS0QN4n,iv:5e+GM9zZLpSkO6eyOU/bp+ZX3m0HFyeDykp0wqV37Ps=,tag:QNbXNvRoSbPOpaUunV2mxA==,type:str] - current-context: ENC[AES256_GCM,data:dfnqq7Wq,iv:4+/ZdR5HS4Zg3exSbkZmVzpyC6gFGNDjp6yaTwg14rw=,tag:nxmfng7GOAv5XwnJjVK64g==,type:str] - users: - - name: ENC[AES256_GCM,data:a5ooLSAG,iv:bgExPNGvIRXiDR+G7uk93M2P2guZlPQyfNtgdNNLP4Q=,tag:B34sm72oWtltkyAX++lWXA==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:0DAwuKkkB+mzYd7HyU244QnP7vfvPUN+A1JCHCei5KgeBAOvIA==,iv:Z5o+jZ/Y7gs6FbtjGDzlj12WFy5iQSHK6ZKXMfgr1CY=,tag:2uu7qjYtgvKZ9fFoOZtm0A==,type:str] - args: - - ENC[AES256_GCM,data:4rftbPg=,iv:foJV1uff1CVoCm+klFc2mZ793iy6PZCybb3fX3r5LWo=,tag:kLe7tZDmKZqhGweOeMSCkQ==,type:str] - - ENC[AES256_GCM,data:/mc=,iv:X03kGmUBXh2dtqbOY8avW0xiJVKx7L8v+L+hsMMaeMM=,tag:TLDxM5kVetfHtt3nyHIlXw==,type:str] - - ENC[AES256_GCM,data:UiNtPWS7,iv:KUw9p12hZYS3TvzWRc3M1v4MiyhGcgUSaoePT0/nAfA=,tag:HUGlb3ojOhwrPblsxRU1PA==,type:str] - command: ENC[AES256_GCM,data:IoX2wVbCcYhMoEPfho6XCHLyLBeP,iv:v4C7oNZQKai8kuoJZ/wg25b2biCt20bjg75WbroBmII=,tag:M1BjKPWr4Li3UuKk12qydg==,type:str] - env: - - name: ENC[AES256_GCM,data:LZtINkshFqqI+6rR2Kg=,iv:U5XjZ42CJAGj36GiNBSgo1xQA/uH+kGX+CIRK++xLlw=,tag:Os/UGmGALTqid6fBkASSNw==,type:str] - value: ENC[AES256_GCM,data:1/8domjp6Rx27LaQv9IqS3zGnVM=,iv:68lc5OZkQkXndYTKFhH/wNsR4BEu9bnDgi5NjWImmGA=,tag:6DW99H4I0twUX3ZJJFsTwQ==,type:str] - - name: ENC[AES256_GCM,data:2m55rs0o5VafbLI+j2XfirmHCgvv,iv:94x5wkYKCgdFL5PcNku5QY4IuAGEvtdTTtvfUqZ3pYo=,tag:64FygVfxeo1uRo+b5diZ2g==,type:str] - value: ENC[AES256_GCM,data:KM6hJxRHcBjPI6t+9WABgjPemOgBFkkpGVLv6MwZ3VvErhl6LNSGmQ==,iv:UojNwOmc55HPzV9m6MIkGvPTiTA8pJcVo+TfyuHYoBU=,tag:7vwZXSvN0jfjsXCWc83jEQ==,type:str] - - name: ENC[AES256_GCM,data:OQFqcnSyQH+Y0g==,iv:j6sA80POq30eaFzm+hBfd3vHnRyInEuuRZpfP1lUQTw=,tag:lNfZNHyJ3/jyUMWQPHB3rA==,type:str] - value: ENC[AES256_GCM,data:c172rYlLazDgpg==,iv:eqqcPh+Kl85HPwgAKxAJB9T3gUXbKTo8ysN7SDqaX/E=,tag:5aKvMd0w+Rn+MvBCbEIWPg==,type:str] - up-prod: - apiVersion: ENC[AES256_GCM,data:ceU=,iv:as0+IFSUIe142b6kQ8Zu7Hhdd9pK3neMBcbiqdl8Sm8=,tag:cxGpRidgCnd2frO8Gs8GSA==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:M8qawDAG,iv:I099r+5sqXBnQHGUvbealKSoccqywT0W3/as55gGqdI=,tag:0jxKvVHE6GEU7OmL0bVzkw==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:LBbIhXBHMWa3cEKICRRXI89dosBIxs7uA7MAOb9SLuhCpOIyLU9enQ5Ui2UcJ+vjL1Z4b0ug4+lvn2lWhnYuJtbpTbxBljsbXg==,iv:J8ynby2rxIuYUpl7vzByypCQsgv9JLWxYa4RWtJ9r8s=,tag:B+ay8OQIO8dtcrTuZT7QOQ==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:i7Ji+Z31y1krZ/QeAEEAtp/MvgSSKt5v4PBTmr5trqN0VTT2XGjHxJN8pwSIbZrggvr+p53hxQra9ZbaJcsisyhgMKV0jgvssmayHCtNxlwVhFNwWtHdEG7kW3OwA3JAgSDansI/N/0IFkuvQ5qXKuZ1DMH+OxwwhGPZ5XQcBuDeuvRPl+BL0OgDF78PhaySlkV7xJCoLr77LECE//Cs8VkMxk41vrYlB8WObkW2xZgnqeocjxpkA/xQvzHs61nsPSEDhQmxZCRLriWr561qX4GISUZXp+t9yoB4XgHLCkzvvCeuknqJI0LgHgr840EVGeefeK7ecrPjUI5WZsOjrJUwufpajK5efgbNgRVE5B+qE6DGy6lfqnbXFAhVKmJ1Q1PQxZP64mLocF4NHTkNoQnPOrns068D+ddmPq+sm8IXncAO+MxOeJVPSZV4Hy9zbZ2km9pxCGMeM8dFEzQ2kok+pUNlpgSf+wG8ddbmGXjQQmyBMubbMcLlVvPyClfQTEGyPXZLdt+St20gyOANCEFqC6KRltmIlCNVvoa4fNdsaBvbuVhwg2VWhw8nEyrk0S0lomhz5EhLrMAo2S9n7qhcd8QPaMUX7LT1di34aGI5E7MiE1JCCmUUASflzWO8PdZV+AY/tKyb6yF5jcrO2yW1k2uEUXZX2CO8ZC1iUvRsh2shCH7W/49ImW4LMtlyELaVHsSiYAvbZAIlarFXDsqQSIesw97u58UD9x62lf9GWlen5g90VvI5Gp8TB9kbAHls4TSX2XfLjB8biNSsAFEwRp3LFVUv3kXw7rQGLqnhsNMqGklh48rctyYZE7Hfdokd5b3MO/D2NcBbUJY/GmktA44RgiGz0X39Wp7zEGrDFDjxAwPyMiAKTQMTFS1a/xi4de8CrDEm0mB+q7ORNZE1xx2l5ryzuQH1j6dy+KIpceH1gir/wcIEZ39KcBE5AZrm3bKaMhN1eO2eQEUddCFh2v3UJv9IhaCn0eDAG4R1pqn5iH5ossFT89D/xe5SlokQ9RT8OLJmtsDI+3Fgs6R23y6/s7rBiexg9imfYBmMjiNJRXqE5iKtyxCPA3Cl4SeG9hzqTKnLJYB/RvACDt0fCFATWxwRC3Sqtq/wqZEI821InTACKNSmd9wQehKQjgrIoYpLaXs1esNhgbevpdkefY7TuPLqGDyAv/Ry/gXrP0jftiRINr8xVsHadsn99a1AKRylJdfjE/A8QiAKQ+g05IuBbId4hn+laajCre8G8wrays9s1VRKjfLEyd+0b2ROhrRwIWu6PaedFOp+a53y9N3makIsIx3ecWj/FcOGF1TuaGON/jMpb+4vvyd7ylzTlQzGo5ks8CDKbC/3Z2QRXBg0xUZ9w+6nH72gGSRqXPp2G8voppjGnX9+E1wTwB27y4a2t7nXKkwJOYeXeEXSVJvUpJbwymaexcWWstEAUcYdoWgBIx450iDN6yxSVR+/RgvPnSRUUTzECuWIhe+wpwufyHNfucwTf3Y+AnFy6D82ATGFwjvIOxqWVwE5RcmEMVo6rvlTDoA1GwGOH5GkSIJR6j+A1qJhyF+pG9pIHK2WUwVLUN7HA9/vUlOjRGBHutMnaxtC52VKg3Q55KDd3IKFqMGOlXWsmkCvAErTma041EQvC54GesNIdfT1aduKkq9UgdiQXLs28ApD+YJqpChuWegnpypjZsIs6IYkGnIEut8lUnX93cJE1vrH8G16vblwLMibzxn4g78zjWMgJSKMB4IsG+LxeB4ElDC4ujNXstfdhOaWt0EPWAEmlIGltRDCW0p0u3aj3apxek6ENxUnoAV2,iv:9mM93408cdQGWrgYxKhwpfVdxtE2hs3kC8jCacewjxk=,tag:679Cftk8R5eYGAnOxYuupg==,type:str] - name: ENC[AES256_GCM,data:VTPD9S9tqQ==,iv:MDhZaJQOmOGLV7EdL2rK26gTdSeeXtJd5mtnaUU7uA4=,tag:h/9wm2ASC3os94O8ZVNsMA==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:tlhMJo59hA==,iv:4qPRpyCyVaSbI4o/WdFSPFSO3JlvQmYHDZYK6GwH/+0=,tag:y2YuoCfNEiObzOyDRQHujQ==,type:str] - user: ENC[AES256_GCM,data:pgwUNcJkeg==,iv:RxwMi2EG5DBXPgT2HtlESeUH64GvojyclWGx6PkDDu8=,tag:wSByZXWJAnCmqm2uG4c2GQ==,type:str] - name: ENC[AES256_GCM,data:ycg/9icy2Q==,iv:eVl5pJXAiV6sB45TjEa3stLU7vcU5SuYC3iHKSZ/TvQ=,tag:yATz//1yjm8BGBC6Nze7vQ==,type:str] - current-context: ENC[AES256_GCM,data:aA6gUpwNAw==,iv:CmcYw+vmG2Ni8IBdFwrQzfF65He4kiajdrH2pyzO4ag=,tag:WPB/17bR3JS5KZJQbuVL1A==,type:str] - users: - - name: ENC[AES256_GCM,data:0Ilp40vIoA==,iv:Ulk2TRL72sQpcaXjDP6j2hyPK51kZoDZeuii9GJ4mLo=,tag:Ft4AuOa6IaFIrvQVZU9nSA==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:ddcIq6jsbZwmc1aoYPDSd8vU0l6aZYwtnsic8n8ocr+C6kfEng==,iv:+7WkcADvTEiL5o+/Ibfccwj/4nhjsqHFA0Obu9gFGvo=,tag:ggkSfADeXKYmajhEpVCGnQ==,type:str] - args: - - ENC[AES256_GCM,data:3moviNo=,iv:0PNDfwI0LGOxsXaOjPRJKOrYCBqY4jBAQIgfzMdKwLQ=,tag:iPjaHZXa/cVRQ3skUIOnsw==,type:str] - - ENC[AES256_GCM,data:C00=,iv:d/46FQnhz1c7s/ybPd8uQUWpgxr7KvhADgB/4syKvoI=,tag:dxhiStX1iIwOeCdFXv6+rA==,type:str] - - ENC[AES256_GCM,data:Mx9G8g9g1Q==,iv:krN41AxSV3QA30KQj91P8uOJhGrloDF4/NE0pGEYwbc=,tag:yE0gKqy2Z9ahKWayLj9KWQ==,type:str] - command: ENC[AES256_GCM,data:QLRuMnevcFiNi9Q4r8e/ONCuTe8D,iv:JTzQadfbKlOTPGKt9NXdOqxkmsXo5D4Ozm/hngVgOuo=,tag:rWeWFLS63a5IKKL6g1khtg==,type:str] - env: - - name: ENC[AES256_GCM,data:xnAP3ojg3Z3w00vFr5k=,iv:IdhPOs8UJnLRmphO5fuPsknOcdTpfY6m15oA+8wLaGI=,tag:27UxLl1OYYSsmLo+/9TOGA==,type:str] - value: ENC[AES256_GCM,data:nQiNkbfk9/q9C763VOYn6VNmiuc=,iv:KZT2s29WMO5mEovx7IDG4n74rtsuFMcsEsBKNQCan2o=,tag:5aq8r0pLXRnN+wS4u+b/IQ==,type:str] - - name: ENC[AES256_GCM,data:+1VhgibN96Gvg+UG22jDOyddhD2h,iv:mbdshyhKrdQNhHY6vjIEVbOigd0w19EaY7N0c8ewH+Q=,tag:LJsCa06Mke00cR3+w0BBBw==,type:str] - value: ENC[AES256_GCM,data:Uw8a6pFqrb+1R2oZvLrSTPsGXyaZVDTjcY16HByLP4v6Jo0StmdfGQ==,iv:ZLh+/0BPj64PPuwCCqi4D3/fgqN4gvQFAw4RfR1t1lU=,tag:MgcmFop0i1okN6qKPKKRWg==,type:str] - - name: ENC[AES256_GCM,data:dXgAgKIliNWPIg==,iv:1D+4WpinYBjXlq54PIHRtUosEW8mZT358XxsioM+5bg=,tag:lf4+cObMPgkgFMgCcPA5pA==,type:str] - value: ENC[AES256_GCM,data:YKDTYhP0fX9EWA==,iv:LeASBliTf+AZpUZYG5328rVxEoDMXwZg5YwKRi7K1LM=,tag:kHW/zDYO9qmjn4CD6KBZkQ==,type:str] - central-instance: - apiVersion: ENC[AES256_GCM,data:tcg=,iv:OIhgjHszViYY3Nd4ArO0FnuskO4pboxtMRSBtCOtuCA=,tag:9JQsF9VONhVvULqo8fR/Xg==,type:str] - preferences: {} - kind: ENC[AES256_GCM,data:yP2HNgtk,iv:uU0jmCiQONv9qDKb+pPIpJXq0XEOaig+uQgrAPiMOeE=,tag:vWyRfeQGgs5jX7tjctqUaw==,type:str] - clusters: - - cluster: - server: ENC[AES256_GCM,data:FUv/YgJBmYy3MpgwFAFSuZ6484LMeZ+V/n+A2/SkvsAi2bw4bsv+dLo5rsYzHcvMLVwgE2Bsf2rjosKg4GSF5Q0HKZxJKbmsVw==,iv:Kp97V/Jh/z6JJB2VFoQklGryd5kRDHAcjjigyObrxHE=,tag:sn/vZtCtuADx5yhOIZtU+g==,type:str] - certificate-authority-data: ENC[AES256_GCM,data:jG/tNwMlO6NnyxPIByZq5vzwl25+cE9ZdQO0I/AdPWsMYcsjoNObG3TI0cZGzMGG3F43yiS7A4t694F15rrvwjes04aE0rl5IW4j5vWImjXrkFjKt0T92bS4KHSsKORTbYGpzVMWcGFCEctQHVXsnrf4dSPQyXlwTYH8d1mjDiDoPTXr3bvhKioK7fTKC9PskKU98E3DHtUbrqw2Vu7/a6DFRUDJLpqTkQSq9ucNr3R+QUgLV/w4/omFBzsEtiMdfB2/TiSpXLFOZmXeD1uMLJa7a8IEMKWpChfwB/nf6IAonNnDhLYHwcPfHG+zJx6TxfxOR2oIzTUkY0nTDIrJB2YXpJcsJv5eIuHiH5/W9xq3YPLKlyYN66WZwDatToRsl5O2xRmTHVyD3VNQRxU7YiwkZU51M1pDfrr4R1WsbJ1rlswgucXtfWjlhm2R2gJWsjXaCiCOIcRH/9MZMMi6Q3Iwgxo8PGKPA4HKehfHGEQ+TPnUC1CBu9YMRg86vTcW1gyk1wxFNhdud6aBEKdQ2L3nEVn2XjQiDvmVe3yKnbVFsFJhJL12tiTa6VuzqORbxc98Pfze0l+2/H8G32t6smhgGoNrNLaCe3K6xjlhYl3p8+XN0c14MyGaZI9ncXDZa5C6FB8Zg7gVMCm1z1EUIZCnR7LslvevWvuHCBiLtNqFzPBIsZkOBH/UAKIku6LbVmbrsDKNXfJBoAJ10lMbj9OwrRnUEHfgJ2miOIqZcQgZnZQof2ksV3+odC3hW+IGbaB8GRfySe+wVaOnHYiKDEJ1xSjkGMTs9EbjvWp96CAvJCAz8k4FDLLPL4zTMs/7JRCPlbatKR6tlMFQwbdUITCfY30uVAeUBnEWWXpD6XQsGeWGUNQBqhXonMh6ruplDgECDZuhWxUNA76X/3zu3d/UvTdcF84optEhboef9IaYvlg80WlFqV8ZpX+CH3sBdJqQ35G7xiuyZ92F/S/sGoxH24QWtmMeYut6bLm2cjHpwcEAJ4859nNvuy/4h+e76f3M8ue3DGK9HPoptl7B2w3Mm8+vAPUkh92xlPEF7KLCBc1qB8At+62UMzMA7Dxrn61ep/u3+1nX/BHPYejnaAHUEA7Q+cOW77opTo77hKKXfqxkeQqY7T0KSgAXiXSEfq9rJ5U7DmjTsbOb4oltv/8aaiVGj5yT+U4fUA4hFCUlilOXgKIBrC+hNW9bCBjzUfvIW8hx/y2I8v4kPYDyOUO3UAHP9c2wNUuZaehz9dOIhDxIAmnLNl4HttJCX2/vezce4p0uiYXZ6M3ldLZg7VTOYtn8zPkBpV6zuVXS/078nxonHDa0DD6fX4IWo5OKdGjDDq2SZ1OQwDTVT8EkdtO1N7t/lqwLqJuux4T6B9pzk04OT1LWikR6BRxH9pVY4MoiHtdzSNW53HV6GDnInXjJ8D1xchVtKzpdrqZZLQLp++BswiM160NJYTjtxTHAete+Jl25ufPQEUVoFKvDab+72NeN1Smf6m/FwWCouej/ZpRNqu9gTY0t47EVK0nhwlx9zD+FrQNlUpJVju2vUNVXacPKmNaRBF/01ACkIc1MuyUN+cB11hEhUpPCgnWdMJmJ3RxJCP8h8NSH9pqqlOc92T5BkF8PzB9+WjusZonJtcvisv92TC5MB2ZxMumMqqAXVmfcuh4sIzJAXazsVBl69WVzShSQrvP66Be+MkrRnpIHz6UQ4CxsD1LCzBM+A75zS0/PlGMzJ/EWCy10lpsw+MnZChTfOR3JFpUxu9xYLyeoiN05TFdyzme/HzxZn2xs74Sj/844ZHZJwdoO4MKN4KRxOpNy,iv:WM2LZakIapEUE7WpcP+mHF7UP+MSVr00BENupBaHSxE=,tag:uB5uDf1mbn1nmwMmA+h5uQ==,type:str] - name: ENC[AES256_GCM,data:tKZnxrlU3vqRX1qxYiYuAF/izYI=,iv:XFH9vg4c/r1IJm2mec0kXs7GqnUWiQIR0DfXWR4GQVA=,tag:Iheg7DWO7bdPh/wOvcoXow==,type:str] - contexts: - - context: - cluster: ENC[AES256_GCM,data:RnKXdB6koIZdNVB3jxdVzTYuz5c=,iv:K7TZE7pNPqe0jkRGZ07VlyWzK59GyqmUD2NbbxUB21U=,tag:BukTxgRcPxsO63qXykBaIg==,type:str] - user: ENC[AES256_GCM,data:UiwuS7Lh+4/RtXQD/IsUXSUiees=,iv:bCQbYvgO0rHZHNUxMS4rrrHTTS9gU+wS2EQRK9lV4WI=,tag:sI2XKcQjg+QFa7v5pPo6ng==,type:str] - name: ENC[AES256_GCM,data:ofZ5ar7bEayYnOqPkCKIjVmbfqw=,iv:06GyeK6krpbnx1rzRh6DtbA2DIBkt2M65eXPpkvKf2k=,tag:rWn8UKW58MDVX0rksFHT3w==,type:str] - current-context: ENC[AES256_GCM,data:YIxyu+/tS79SCcfC1Ffzy2P6c0I=,iv:rHNxDzfUGrLRUEzQpunXR2Qbqa0rmsfX9qRzGSVxyk0=,tag:X6Ll0Jy2Pp6XWlX4GIBtaw==,type:str] - users: - - name: ENC[AES256_GCM,data:8c1fRN9CLLXjRauaQQ8vdbuOteY=,iv:UcbjxwOFRgRzaF9GPj4xg6lohhbXFa/ET0CJXCYiHFM=,tag:rGAkmEsHwce7FmYbl62O6g==,type:str] - user: - exec: - apiVersion: ENC[AES256_GCM,data:xwAKWiTSPTUmWaGVJ6FCTpEiIZslaD6gECqYXHPGWiNjWqiEsg==,iv:HZn0cNFcuY6iuGptr6Fj+5aItt9pHLzONpBmXhtuGkY=,tag:ZIHDLlXddPmi4Q5ITp9mJA==,type:str] - command: ENC[AES256_GCM,data:5qJZvmVKN09KwG0Oh+IqRqS95Id6,iv:lL6N6RFMsPoNYikIxY307ooaW3x0jxhRwIvPjImn47E=,tag:9uyHeY/U33+SS+0UF1CfrQ==,type:str] - args: - - ENC[AES256_GCM,data:EZ1EsC4=,iv:rdxdFGh471knCD/OjYmhRBE6aah58VdEM1lkRiJU+1Y=,tag:s+l4iWSOVZrUQjOfgzvNBg==,type:str] - - ENC[AES256_GCM,data:SDs=,iv:Mv3dcCHWIZqyhUPOAcIJ8u4p3ASrcctPMGgiMYmWNgA=,tag:zm3IXZQjevU0JZ9Rh+GNGw==,type:str] - - ENC[AES256_GCM,data:u/hJC5fy2efIve106jamsQ==,iv:VeH8H3UZa42cMoTK/viYtFdcD/69djbzQilbdWnwrto=,tag:r1csAElUkxB9hiTkP02TIw==,type:str] - env: - - name: ENC[AES256_GCM,data:zDqbB+1ZobaZ0NXf9ng=,iv:TYV7Z3ZdDADOP/BApech14FwrPpQ1eBUQW2NFEcPblU=,tag:lHfaMiszAadCnXD6xFkV6w==,type:str] - value: ENC[AES256_GCM,data:PdMQoZnaHO9mcIV4NJxOrTrXtno=,iv:Upi8HlDBI6ANhblohjXO7JVScWn+WStPrq9rw1yyyaY=,tag:3IUPombgCihqtFJ8yyZJMA==,type:str] - - name: ENC[AES256_GCM,data:wyh9QkeGytZ+hB803PBVocVMy7oM,iv:HPeW0j/VtRPm9ev411spC22PR/GBaExTgsxFep35PYc=,tag:HLrHxrMGBRvKb2lYkdLXOA==,type:str] - value: ENC[AES256_GCM,data:aWoVaKcq1rieAraxkJT9jS1JWTMyKEhJseThEOJ27HOVeDzvgTI83w==,iv:DARu4SRdUE9TIlAjYeRuz5Me7qdzLU6Ftu+7BpzrTq8=,tag:mn6SZEDX9TqFB7u1tSCfFg==,type:str] - - name: ENC[AES256_GCM,data:LR2YcADjvE71Aw==,iv:qIyvuhVVfDOCPrZiVARCAo1UsCnH8Y7sc+QShfbp8ko=,tag:084Wd5UG7WuoPRsoM8N3nw==,type:str] - value: ENC[AES256_GCM,data:CZ5KRZ6MEY4C4g==,iv:N4ux7CSsyGcQMpL8/TTw6PkcuG2XwY0tgepRW4w1WjA=,tag:3Ucc2nLXVGwCboTLt/yUvw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-07-16T06:27:48Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGt0N8wLqktjyzxSiYwjBs4AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMG73vwk4q/FWeWwgFAgEQgDsF61W4Wstk2d88gxS+Ql8jg5h41lVQ7CqXccGntVHOJy0cWG8jPcVtmiLYrPj/JyOs6c06XKTy1/IYtw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-06-11T15:41:56Z' - mac: ENC[AES256_GCM,data:aBsEF5DVyFSY2ihL0lofKKq3tg5BbplRuOK9ROhUdNKiMD92C466GMkT/maJhXnd+LWN/wOGifpvcbdAh+FdDcZvUD4icR4POLc12Hontctkx7Oju8LvXLRs9zirZyuyDPH6IBXxBvOVWQClNOcA8r+v9FrKwzdzi3IJlxJnkq0=,iv:OeSdSW01Wwkk+Y6N6NyOb0NJpxqU95/tAmXqt40ch7c=,tag:blvdZDhy4Hnr8MbqPChDjQ==,type:str] - pgp: - - created_at: '2020-07-16T06:27:48Z' - enc: "-----BEGIN PGP MESSAGE-----\r\n\r\nhQEMA+gtFIQvidpKAQf9FlfcstXejz7f804cGhSm0Eyrjkn+BV3zfdgqfCFu/kV5\r\n7rSZinxjfDG6FV1zWptlq1Tyv6w6Dg4+f1SatRLsM8wR/+Kb+PSkDgQcs19mM9R4\r\ne82dkywfjRwF7jBmFiSHwhMf9M8mHnpmtNJBIQu9lyFMVM7d/H5MKj72jXUmADEo\r\n78LQ8uxTOFWY7mfh0xBZYJ1P2gJgujar33CGQcT34iUxjScMZztwcBs15ZjqidbQ\r\nLkEsv1pVkn71MV/LZ5WLlC0b6/T+z0rJD+y4Kk44G3C3CxwuV4Ge3tCsejTy4itJ\r\nyY1DBb+l7l3ozO8pBqulQVhwDTh9Uz26Si6NFpxpbNJcAXGsbOBiayxAZTGV5eRn\r\nJF0w59TDHywO62qGG5yRS6EViEcrIzCIsX9LuwYKG4gdwsAVlqVEQIJVpF4bAR4y\r\nHhyoZvA43i9JYDj8/gpjvdek0daqU0NZ2HlSztQ=\r\n=33Ur\r\n-----END - PGP MESSAGE-----\r\n" - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ci.yaml b/deploy-as-code/helm/environments/ci.yaml deleted file mode 100644 index fd30695709..0000000000 --- a/deploy-as-code/helm/environments/ci.yaml +++ /dev/null @@ -1,125 +0,0 @@ -global: - domain: builds.digit.org -cluster-configs: - namespaces: - create: false - values: [ monitoring, jenkins ] - root-ingress: - namespace: jenkins - serviceName: jenkins - servicePort: 8080 - appRoot: "" - cert-issuer: "letsencrypt-prod" - -jenkins: - persistence: - enabled: true - aws: - - volumeId: "vol-0d9d8225500722e76" - zone: ap-south-1b - oauth: - enabled: true - acl: - admin: - - egovernments*micro-service-devops - user: - - egovernments*micro-service-dev - - egovernments*ukd-uat - - egovernments*bihar-uat - - egovernments*tarranto-dev - - egovernments*tarrento-ws-dev-team - - egovernments*egov-web-app - - egovernments*wt-ws-dev-team - - egovernments*Devops-partner - - egovernments*micro-service-qa - - egovernments*micro-service-uat - - egovernments*pb-uat - - egovernments*up-team - - egovernments*nugp-team - - jobBuilder: - repos: >- - 'git@github.com:egovernments/utilities.git','git@github.com:egovernments/core-services.git','git@github.com:egovernments/business-services.git','git@github.com:egovernments/municipal-services.git','git@github.com:egovernments/frontend.git', 'git@github.com:egovernments/eGov-Punjab-Implementation.git', 'git@github.com:egovernments/eGov-dcr-service.git', 'git@github.com:egovernments/eGov-dcrclient-implementation.git', 'git@github.com:egovernments/covid-backend.git','git@github.com:egovernments/requester-dashboard.git','git@github.com:egovernments/approver-dashboard.git','git@github.com:egovernments/eGov-wordpress.git','git@github.com:egovernments/eGov-infraOps.git','git@github.com:egovernments/ukd-rainmaker-customization.git','git@github.com:egovernments/egov-smartcity-suite.git','git@github.com:egovernments/punjab-rainmaker-customization.git', 'git@github.com:egovernments/egov-coexistence.git', 'git@github.com:egovernments/eGov-AP-Implementation.git', 'git@github.com:egovernments/eGov-UP-Implementation.git', 'git@github.com:egovernments/test-automation.git', 'git@github.com:egovernments/digit-ui.git', 'git@github.com:egovernments/CoronaSafe.git' - - deploymentJobs: - - name: dev - acl: [egovernments*micro-service-dev] - - name: pb-prod - acl: [egovernments*PB-PROD] - - name: bihar-prod - acl: [egovernments*bihar-prod] - - name: bihar-dev - acl: [egovernments*bihar-dev] - - name: bihar-uat - acl: [egovernments*bihar-uat] - - name: epass-uat - acl: [egovernments*epass] - - name: epass-micro-prod - acl: [egovernments*epass-micro-prod] - - name: pb-qa - acl: [egovernments*pb-uat] - - name: pb-uat - acl: [egovernments*pb-uat] - - name: qa - acl: [egovernments*micro-service-qa] - - name: uat - acl: [egovernments*micro-service-uat] - - name: ukd-dev - acl: [egovernments*ukd-dev] - - name: ukd-prod-sdc - acl: [egovernments*ukd-prod] - - name: ukd-sdc-uat - acl: [egovernments*ukd-uat] - - name: pb-uat-v2 - acl: [egovernments*pb-uat] - - name: pb-prod-v2 - acl: [egovernments*PB-PROD] - - name: ci - acl: [egovernments*micro-service-devops] - - name: ukd-dev-sdc - acl: [egovernments*ukd-dev] - - name: staging - acl: [egovernments*staging-qa] - - name: nugp-demo - acl: [egovernments*nugp-team] - - name: central-instance - acl: [egovernments*micro-service-dev,egovernments*micro-service-qa] - - master: - ingress: - enabled: true - resources: - limits: - cpu: "2000m" - memory: "4096Mi" - javaOpts: "-Xms2560M -Xmx2560M -Duser.timezone=Asia/Calcutta" - -nginx-ingress: - replicas: 1 - default-backend-service: "jenkins/jenkins" - namespace: jenkins - cert-issuer: "letsencrypt-staging" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - -cert-manager: - namespace: jenkins - email: "nithin.dv@egovernments.org" - -cluster-autoscaler: - namespace: jenkins - cloudProvider: aws - awsRegion: ap-south-1 - autoDiscovery: - clusterName: egov-cicd - tags: - - kubernetes.io/cluster/egov-cicd - -postgres: - namespace: jenkins - postgresDatabase: ci_database diff --git a/deploy-as-code/helm/environments/covid-uat-secrets.yaml b/deploy-as-code/helm/environments/covid-uat-secrets.yaml deleted file mode 100644 index 4b20786e2c..0000000000 --- a/deploy-as-code/helm/environments/covid-uat-secrets.yaml +++ /dev/null @@ -1,92 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:PkJvzgg7tII=,iv:/ekMiaGCabAwdNr5Su2Flo7dFoSNakp2QGgdNDqUeoM=,tag:89I9JbUBnYtdKHjlDBeS5A==,type:str] - password: ENC[AES256_GCM,data:hsfVIIXeeaOGQcbn/03FVQ==,iv:WCi9zdRk/OWHs4FcFc++VWl05GAzWA+Ssbyw3Sp/AgU=,tag:eCWlNFfgXjPvwHJiv4b+Vw==,type:str] - flywayUsername: ENC[AES256_GCM,data:opLcT22IBEU=,iv:zzSyMx0BvXZsW8uIXZSDDp39m4PPncDVREcsrvZjZpQ=,tag:6k4cJT1Foc4ZhGMk2j6v1A==,type:str] - flywayPassword: ENC[AES256_GCM,data:PwMTeqkDvZEkSgnlgdlewA==,iv:miq3w0vli6vtI0ZohG+YDL9Ardj00/DoU55SCXY1u+s=,tag:oTFYomAmjH6V8NcftnBFDQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:AEDhjq23cw==,iv:RNH03BW09tL4UL2bsBevRR18XCu40FfV81jmu3Q4Zaw=,tag:QR476MHvCCI+GWNED1XkSg==,type:str] - password: ENC[AES256_GCM,data:sxWgumh/qg==,iv:/qWHnTFtVg2rTEdU/q0nU6LZSvTG9k2GFan3PA4+Of4=,tag:j2+f0h+IvjcrQRwicbr04Q==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:XGbmcq5op/LbTFSNZTb3hJQnG9s=,iv:eW9yNZCeEu5IgYZH8m2ASJqbbB+oUVT57kl0GMwZajk=,tag:PAg6hmi+F9bFXE0FXbeUMg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:hjLOUr76jgG70ssmdyk3aMnTSi44P45Ltbv7COI9b7FtfHHZ+O6eJA==,iv:uRKzT9Lwl9KXX8JSPQfNStN2aR5sDJX6hoTd5Z8g1/g=,tag:9u8LWVFcH+fJ2jlSifCQ7w==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:qONOEpSecwtErIceOjuhaw5oI78yyhA9T6wpX+UskHz8xFtdn1N9,iv:a/cdf6W52QqaG7a3toQKuTv+0CUoSB+BUAZ7HApuH9M=,tag:22YOWjQz3OkjQap/XBedYg==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:8bN0YyQXXV4czdC/ZlRMIA==,iv:UHY1X8V9DrItVqfK0bSRzdKgHViGWKmPPQmvOtYT+Fc=,tag:LmhjAx6SmQepdAdzNAjx2A==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:zjv2eWhQnpSxRdnUVzP8jsVBnYwG2naWd3fG6pacpPw=,iv:QwPoVGVhZOrOul6cV0MUPQp//qshHyU7ex/U3dl06Cw=,tag:W40dtScoHIyKkbDHO26Qag==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:FUMOGKr+BH91JhBiKO4Y,iv:RIDUPYgwuSmWSXNc/OLC1Iw8FIk4HG5tgz0aDMmyBXw=,tag:xMct28SLauhIE6Vo26re7Q==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:smBvFGOSJE3xHjA=,iv:vf94lE338pL3yhqxSfFEwFBB9tEcn5t/mEeXGT97ZmQ=,tag:fViHiT2FXKV9jGWbbUObVg==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:7IIzA4JY8hU=,iv:jC0gyvtWK9k5XJNNTKV8tPIrq8N1H1IaUpJ/fBG7hHg=,tag:MknAj1S9jyIBMjr3x3FvXg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:zK5RiRk5,iv:knKQptPh4yCMEcQwG1H717xOrWcrkSMMwv0zC3ahcLI=,tag:hGV8Zgtz4QqpL0jTk54JTA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:6oaEaHXA5UI=,iv:IPDtksoPT05xU5wNvQKJXZnPfWaSOftOqvqmXwrvRsE=,tag:QMQ+hpHGdCku92O6y0QeLA==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:hxxN8yaegAdbwMs3Rp7lTh/gTDgyM4A6UA==,iv:9KaZ+ua0/jItZs9O0MmJdVAlfbGSj1ZVYBFEc1TbH68=,tag:SgPc6rrmg/24vIMvvYgXlA==,type:str] - admin-password: ENC[AES256_GCM,data:fjnmZ9L7WM5Kc+YKeL4=,iv:njEkqEauUDNzYKz2SIshWzMve4xnCngJlf4Fotfxb2c=,tag:dyoZKf34qfXRZV5uHOjyiA==,type:str] - read-email: ENC[AES256_GCM,data:gd68/IlRVYb3+PeOg/Aur8p7SgpLuODK,iv:N3PZza5GnzzXDnlIomBwieix00qraxqu5iD+OtmmgxM=,tag:F8egSsuyjvE6c1TlaCnpXw==,type:str] - read-password: ENC[AES256_GCM,data:3IUtq1dKTpOodAQEvgok82c=,iv:7Pv+HV1q2uzf1j7UUk7zXPd/qQcOOn4BgLZQSc0Ox+E=,tag:DSxNjEXNZMGt0CgQe6oEJA==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:B3u+pZGJhehhC3bQIi8teg==,iv:VAmdX8BE68exxZhgNe/HbysqZnCOq8KS9FnrPBgzN3Q=,tag:tka0qtbhcnDdiYWdtcrkVw==,type:str] - master-salt: ENC[AES256_GCM,data:XkoQnNPb4CM=,iv:5CNeeXXxclSD5912H5EGbF5o+AUGPmXiB9YuoVOU17I=,tag:4tvUbVu2j8p+KJgn664tmg==,type:str] - master-initialvector: ENC[AES256_GCM,data:o2C3VJUk4AL3A0Zh,iv:VkzMnqp8a4B6uxAbcS59aX3vh3IHO5OXfZM92KlnvkQ=,tag:rzbMazuI6NpCVGFBfuLKbA==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:SbFP0lS4uId+1L5aSM+bvEikHLffR+2vYvPHnfA=,iv:ycA9O4PsmkVsmmcnaoNZliPELI2/OsVna9KaLSx0ndg=,tag:rl2YAOY/NKiHLbGk8I7PjA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:Rw+XxTmjq+s5DsKNv5LzsW7Y,iv:mqGA+iM44SXEu29mC9uaqaTYhV3Mn38qPCHEQ9rLFUQ=,tag:X2hMbk6CaT/a9KrMV0/CeA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:B8XTWk3DrtHAGrM=,iv:YUjIXaE3e8mMLlG8cIZt4CPP7fNo1JeMgGWHA8Nepjc=,tag:ZzExkAFkrWvNZER1wO6xgA==,type:str] - valuefirst-password: ENC[AES256_GCM,data:GHv0JTCl2+A9,iv:8uS7hUmw0xZx7taWUkLooKAH2Cqwbx7EuT0/kEj2RwA=,tag:JiYEKC9JOlSXgFlqmSGRXw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:HvMwnYtB,iv:VpVDLi05gvikEf6yRWbp1CuvumJkBCIjIJ97/14ghzU=,tag:2JcGgRZWTOdLZqU+VgzGhA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:aU/yMKHQI7ivUBgVbOWFhMnEbCZDKgM30+wS0TBARQQcVS75I1fJwpoSzihalBvf85NKRaIqtaQ6mMWaYiCKjdKA8jS/x5zodABzzllTccIm7mRITNYkVHx7ugzvWriKhjhuVDlz/zbaBlorQPZweNs/D8iTEAYisAopk49BP5kzshFAxFG48+c8+L4byX1g2YvZAYdpi51bN2VycjoQX+q8U3DQOc8YPymL53OvYRS4olUurVtIb5ILZmGSctGNSwESsL/E4zlpbF5e/Z/eACYOBz/XbH9CvkGGRH+pJKLsWSpSDAoWZz3CQVDBV1XcA3MwoKqfTsL/gryEZdp7eTQ8GiKcTnsVEpCDBgXHVbAEbaFMKwIi+sX17mg1MQ52qgbqqx3M4zk5uxAyJsdLqEK/PRwuK80v9iSWwQ87C8GHBxG0kempVKgXPvftmXXRu298FfgQAG/AdqhwlyudD0GSppA7efGBu7AIeZa71rKN1TxfdZH6YU/SbYe5DvJxXnkv1fh6GeAWXIX3kedMz8aih1tdjgTBcSuBlETxSeKaqL7DU0m+/wzvjaJvExATyH+PXf/h0I1KzkewjNp7jqsAV/yhY1z27MaT11ybITtsEf2pSt1tDR6lBZER+W/8tvi1R26xlJKEBwm1GW69H62MFjmqUQb5brqjE3aRC/R44U5LlggOEarZ3kOIhMtvno3US0/wcCpw+mVtVUcK33Vf2HIsz/fUb4CRrS6Ky+ZgtonB73OLukCN/kpvbO4YsC+snloXWWRTAV+g98ctVKVvflvI3k+Yu1HRYZsvTnJTVnRB5Eu2U+pZreBKEPOY1p7ZLnfchLZTqZMHImzQw3piBaZJbfNafEHVamNmB7/fhuCy+A9wEs9KAiZ7j1GKs/2OTPqV4+F6CPN0qdxKJfOg8FsUE6g3Fs6PDVyWqcf+YQ0f5Ub5jkbcePPw7TvBr+0IaNXAVCNwC2oCDU3UXDxJCDJBbDCBt/qbM6sqDNLx/1ZO7j9RXwR4cb58ocneZLQwTbKJUKRdEKpzOEiH/pf/UFombfYt53iVa/9NhjhMQ6eWBocwMEZ97qwvb8Awj33XmWzE0/OmJVc8IZhl7Dcb+0mEqEEdV9CUmXBIhU8ZnH2xVV+hWTZFbfns1aAbcgM/21cX4MqHv+STpFgWymlIAWsuy1eYCg6CDU9osDuG/1ioACNuhR8t6IrZXSF8Py9l6jcInK7sYTPbFITiYRUQ1Xt69BtOF4AvbMwi26rZoo+OwM4/YZy3w6wN7HY6rpOa81OiWJvZ6Zux5+hIpj6ywh9vIGbs/u3vqJyr3SAVm95KLGPkcd4LEYTMdl9TLfRwJfvDvUv5ZBj5xtKGjgwXaUp1JhGC3jDFa7iH8vLdZtJmRHgxUgmxlBhcJGUGw8u1fZ2c6jZhl/N7djxHSIsEnl3sz+h/LMaUrbUB3g8W0AHt1DXN9zbNj3D/zd5FX+iIh4Q3jE+Gm8xcw56Lx0flFwHwmsdYMB5kxC/Wf0P++PAfVvP24X82fUWtCft4k1EjKj5JSQQ5GerdyO3SfPTWPjjqBAjqt7pEQ8qK4i0C1JvKGFrmGCIajmXpBGJT8CGJLAor8PAW/kzP8onF1f5/XASWqkX3D5EYw6KHmn8taP63DM9ASnbFYNDAUry2YjS6u9sjmFmQIdXN6lt9ssUj9lHeDWKxKym2Y6Ul6eXPrWdOjmY57qAcibFZJd8qwO33T15Y4JJ7I/mAeGgymX1cKDpc7iDIyyfDnvF+Pn3HB8dT3LIwJ/TabxPLrMa4X/26PR6CmZHUQH8FSRJQdcW6nlnr1RzC61WAmWm7GHtDebuLip5uedpzkEZoaM6Z/SLw+TqlnJGuTEI2wbXvdIQumU0nHldM2tJ+hPlKVXxNflUkahq/fQdMQIiM+ZE/QX4RqLjuKNfz9OZvcwjzkiHsy/pJUJeL10+6/iil1NptWdvgvSvzBxl4jtsG+EXTQLSsVKkjM289jlhT8Cy0R8MLKr/yR7y971UJfznG83g/iUlq409ajiFYOOk5it4WYYLYAowpZ6ROve3Gr0OdK5tZ1g+Ya/jK6LTLwFKAGA/UtTznJjXmZatBae/gXzrEgEUAZTjUFF01otbJ0Ues6LafR9ps1uE8QQ5iEd6vVbsvJRr3ZeGR3wd1jil2MJbBrR3/toGGC2bxeUSM922DnRrvS8RWa0xThpRFtVKwZfGH4W83k4jSPXDZ61aGvS+/oDaZoJXElRuqM1Yg3oiENhry8OxKkcoa6INX/Ml0lgxSlguxPIZg6MkKmL1nDXZax4dwLEFSw8DybEALeVgpK++LD7m1hUdjVmaSL1mBWCoP8Jgk10D+uUUAaFjCo0O4/T1xkkBT5k9ueJyjCkRhPr32ELIKd6p5lsXp5Ms1h+DxHM0Ze+MCj0XBHPxQovX9Ud03M0pkYK/rt+TgsIQMgyiclaJ83Gt9jHsySGmVOZu3l7OWFyBheZENe/YNyZfn+TleZLbGnaCqDO9DIjWaklqJ8n4H1/Rh4pvA1WXPIy+pkaq5V+bKeLI1HYAxjnLtzWT/ny2GdHrCB9IhJUsLFGhjCXEzEyCbbN9gugG+nhEcslGhhGU3NywwqgxkeByUGMjVJBZ4SW20TO/Y9VtMM5p0ZrOBKUrSiQcorGTA88OSDuLO+NqYUf+csUcQ0/XBpiSlyz/wbxe06p+VjqlVERBeJmy2XgeqX3zCRYVFyTwZxpJzpMNlo2v25YikTeRyYC+S4E9r+5gK/XeDZt5cUlTDpc1YIcJA1x5j3exa1ta4gudaRziIMPKONivMr3tQ0eFaFdRI6rNZFXoqNxD2oo2YH3tgi2wviWMcaXlyUjQdiPR/T+GP4+6HvOJ0sdBTroNsQzU5jFK9yiJYXiQAsUqNOi3VI1isvpigJB4uQEtwRpnRKvRUxirKP4STY4ig1wAC1MRu4LzCiFanT2Gsq1pAzb9P7BJa52I9paP389qci3+/qEh7HgSUnq65HTw2XFMcuFuOEzo2U3FiTEHYGlVEIyZk2ZyJ2w74wB4mfuCK3n8NhndKlt6nzT2T2HXt73B9RiiYQog5BgZ8Y1XEmGHM0xb7d41lcWU6YBhzL/MB4yEoJcA34SObGdsLJnFZdh30UEvfJ2eZuXJHIeR8+NLc9wZ97IgQAJvBOcYJZmEOx6973ZS1kUwBLscXE/w+k1p9ahb2vR7sgWMNyitFLeQxGzC5BWWk3VQim85Z8vrKrip6fPFz1cR+lBA7u2W3BIJd2oz2Bt3h6qRNeqt6mPqJh+IWs+cM6Kt2IpnIpQzWVtoWz7+fUYTtKfqd/4b6oGjLtwvmcDuFAoANt/gWUNgHz1wK0pez6b4x9l6PZPba16QwdXvcvtzpCliIW/xT/oXMUG+52jZbs8ZyVASV1NcXkYE4GleAEUQbOHTSNSQtQKbURvHN7hWoO7PU3JLpOEATM0+D3g3ZzqRsbnkDqj5Jk3OYHILCSaoGX1Cfu7VnIVu4SYJAhPW8p9IiQR534dsNGqRQA3SxpziT3y9LYghRi+i2+gDp/ZjaxWKZAMa6FdhD/1kH9dZTTyxDljezN3cnahF2Ljj75em6Q5wta/gvxzmv36pBkMVPXEduKf40DIf12A81qfhI1Q0owQnIM98fEI331rw3FCNUkFpgaGRI63U6wPfBTFyMHGoLcTt0oO7+z/IvGuO0q8bmkj4mcdL6t+mtot5en9+wgPP26egd5JRLPi5IQqFmTgw40074exs1NTWbxxd+1B+vyrafRx1CAMZ/qaboaCpDNjZkNzM8goSrLpslL1oUohfwVHdij47o6c+9o/YffAHSXMXsvY9PUYw4AYS4Vh81QFNuEQuK2RnqiS5DAqe/NaxKfEOeSA3aalrnk/+uhbLIw9OiZmGFXtEzOlq4hmoWC7myAyuqtsSMfVzqyM6AzbB1JD6tIIlzoGV/+sewJ5swVIfkw46zQyXoIqdRhQV6X01Cc3o52r9gk3z3fqz/IK0PPunX6g9gQXo5PqMgPnr6jlMU8k1I0/q2E8NzuAKjHlxfopjUdKvyQMpx4hpRCjQs9slODmCKAYwKLmcuvhS6KYpkZs989QfF+gLelnyEGPx7ET1d2sUPv6YfEttwtjrEmTTMu+mO+Uy8MhVypCVxN/Qfb5iTOMkxuLUom4L951vCEHLx5FUQvbb+bGj/FKZfMvdCQIsadazSe6RXcSprfltWr02Xpjyu/ogbi0lqTxqoV65lqjRk7CK5PbFC/4/XFFGcq4w5l1N1Ldh4Ett0Zm5yBbNYZEdUjYIWQeINvIaU/X57U4eXSrJg2DgC,iv:XfHyBOe/mzMGa8RTLgiABv+kZlYgX0Ry8FTLIAWmhW0=,tag:EDY9349myJXqgEMVYBe8/A==,type:str] - known-hosts: ENC[AES256_GCM,data:U/pbh+xgNXA8emiyNiqNRBBhgV5KQdDRffjzC5v8Iww3CCECEy6RQspN00+UUer6U8TLUC7UXK1H3QtGcCp2Jw6G/0XL+U4yzNTREk7ZH1mU2iZFZ83Nc35I8KljGYaaB0+5mDHqFPf6YObdGjixmig0HMJOU12+jyq8tj4OMZjA9MVKJG69E33SZaUsFyJ62qmceAvIKFVmjuB9cgteYIxej0HDtjq1I6TEDHFHa0DRC3luPBmDMvOF1uQiYX4zdG22VdlL/IVgTseM+XBUm10wXeZIOcKH7nfIrjseErFccdQ9sKM+YpUXhnJ3onmwsghqb0MvfZQAcm7jwemCCkv9sUGwZdZC16qOHxYEt/9LI5Z90zqRfqb4MncVwBd78+zgl60F2+oAX8QRK3gjBsy47fIH7b7TRFbWqCjJfNAgicvsMkD25EQZAsSClspNYUETkLSVbxH3KStzgJg3NWwVluVFRkiO51YPOrDIpqE9cWCy0kZyIIZAKDYtkrdUwDQWp9tlwA==,iv:7JDKPX0KwBhzMvRcwpBkSYVV49fHlkbo191uhiB6EGI=,tag:7touxwbJPBgpRxkmiBTO1w==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:xwfJ/HX/fkxozQ==,iv:0CXKUvxDVWKJ/zabOZebSF30BU/L53Ml7X9Fjy1EX5A=,tag:eNxptUGYc4XDCceiVVA9wA==,type:str] - credentials: ENC[AES256_GCM,data:q4cmlhVQ5Oz3vPUpQ/X9m5MpIyEjy0tcVOfCGFlleOQtLfQmsDBMYnAPhFaQD8kf,iv:6T4IPR2G7ppI2CDOIbpYUvkHKvktoPr3Q+EhM0UOUxY=,tag:Q3EzfUmXqubReX7nB4ASiA==,type:str] - ispirit-ecurfew: - karix-auth-token: ENC[AES256_GCM,data:3UE23PfJmO3Ml72wN5wsDHKeVpWLxy72,iv:UUeNeAdc6rOuY8nY5UhvlW7et+S4pz7q/6oMzHS07xw=,tag:WG0NLNwpyT8jHkllA5NtSA==,type:str] - db-username: ENC[AES256_GCM,data:Bv0YMSTiP68=,iv:lkFIOXtI9mC8uhslYHorkCy5Rm0CP+YZyKbklWpM+h0=,tag:ptTLftF4BmZMREKqSOMS9A==,type:str] - db-password: ENC[AES256_GCM,data:k7qVf7DtoW6vqKWx+W7ANQ==,iv:UkG2N6qbZF/kKh3a4JFqGJ7gk6EHnn0qgJCtwrOYbE8=,tag:2oN5bcevyk9MkBj//sYX2Q==,type:str] - s3-accesskey: ENC[AES256_GCM,data:X+s0452KggmWN/oVeoPvyCl1/mk=,iv:jqBbbDMGFP37ZnFVDYZrs+h3Ep9ABPoarwfcTTG2cW8=,tag:OAFKYYqtVijICV9zGr4t7w==,type:str] - s3-secretaccesskey: ENC[AES256_GCM,data:FiWwtzYZP13Y9/NYUE46WNxBjFliDKYgMZVA1WTzR/TUh0v97OnqWQ==,iv:GS9yy5V6zVJrRmJy/fHOrSjOewJADFcjAJKRC8kFqb0=,tag:fydvpJHe/v4yp5t95rS2cA==,type:str] - twilio-account-sid: ENC[AES256_GCM,data:dzCqXn2KjCNCWysZ7OxFwLvTebHH5jizvxYn+QjoMklIoA==,iv:Wyp+TbrfucSvvhmti0i9911W8ZVJ5Fw1WZUfpSutTIk=,tag:qgFthMvZOfroIkFXISsO9w==,type:str] - twilio-auth-token: ENC[AES256_GCM,data:CfEVHACfaATh5LaJSmg/k5h/e9Vnx2Vr0VLkm+KauKw=,iv:pkcczC2P/jLsMbeX83wCiMXVMdunrafDSvc7zlRF4uo=,tag:SQai5kO0PwJ8C3fDgRZaXw==,type:str] - twilio-phone: ENC[AES256_GCM,data:x2nj4AR7oRsFtgPy,iv:R++h9S5IbiP4YyT1H/os4RhS/sqeNjWMF4WKaozoCsc=,tag:MkU0bENmMUOJbcWV18WCnA==,type:str] - sendgrid-api-key: ENC[AES256_GCM,data:7wki7DCx8/9HO6LusFHpVbzeLh8F7G9Bqdmz5n/bm7mQx/BkK+q9+QxpKsQTMHCy1i9FWPpaRwP6+Ez15QgUda4iuIej,iv:Xg0p8k3diExXORd2VZVjCpG4KN08hZNAGRpOqZMlCAg=,tag:8twvkZmkCXrmV9T1O8xc5Q==,type:str] - secret: ENC[AES256_GCM,data:fjc8GA8rr8tTrJVODyzI6g/bwijPRz3eOeuJynhBlqNwbcCxun4XJkZipy8F2Q7vkKfiWNqp0ydjcf7UTdVAZA==,iv:bpNMpDlAimGRc88ZT3F5MvcYlFK8Cj8K8gL7WER4D8s=,tag:U0snDbV762buBR46eN4bzQ==,type:str] - auth-token: ENC[AES256_GCM,data:uwct1ikALFD+M5ec5dLVzKvPbw/OdJXuij4+/LyUIhvA7zEz,iv:ysi8YOHflDCl29u889SbZ6d3i7cuIiO8FAniBS1aEVc=,tag:5x1l9n0n+aKJKyEb9CbcNQ==,type:str] - jwt-secret: ENC[AES256_GCM,data:ctbi0cVBG59KUcvrJUXFSWRU+e2IhkR9sc7Lj7+Z3RHcO1+qJLcJ8WWM3pgt9aPS1kRJ,iv:frpNBdFopZZxZ5779HYAHndvOzsVleD/ZxFM4pXNvuo=,tag:gaS72c3aV73TkLthn+qdcA==,type:str] - public-key: ENC[AES256_GCM,data:Fe115WAJErMMrpcujctEyqq3R0JmhnpdDKcw/YAmCWeBUvLp3P8K0cXeSfyCWh8dWm7VhKXsk58zwWC6ItlO2DjooFE4loYPeBNw2t5nDXjWfpe0o0INo6KqKjdXPRovdbTUETmgxcxV0SKSl7C22z63VhdUnlBUe/E5D1+9GrDuJiXTPKgR9w/Hbe9gIXzliD36djsbUX1nRc8VW7pBFwI5lylC+EzjoU2y+2uLrGTOwoc5LlargxLHTRYNo9kngCeA/+yLulzrI4gCgzAqjOfaLrLw8eB8KNbDcN5svQDkX03EHc781p+2cfgNn1K8m/PiALyE/knbbqTmbrY0K/MWwUBxHPAqvgn3FTyrfS/aTSkC1g8Fszz9xQpyVlMmYU3lU4nibQ1AbXJaosxE7VL6XhHybLJYBIOWJH95tu1Jo1Bitpz98Jaj1EeP/+syY4IlQpMmK15gHCC4m0/Reqb8udwwMVC+hMLx2Ah36ucJfF0ZIdGy2HcCyc2EJRrcj0Hr1FaUzIBB1xtd9vFmJtMzGRU4+p5a9yUjlhhKBKin4bADUnRd1QUseA2OIIb35KgTfiblcf6vpJR2/OS/Jl+JrzmX23b61+rn3hMWI6cDl5xOCpNknLfSy5bQuD8yPH1UbtzzizSC7TsBTkq7Lq7i50FpCg0wqKqgoOgTB+etynKNY/yTHn0n7QVhnhdsUnuEtqZLGQyLPwBo37+ZO7u8MumwcMh9bPN3UkIbg0wcu6EAhxXA2UlYu3Yy8LUQnE7BFdIsuGGmA9UU3+UC/Xg5+A+XuqS5hIW9QmXlQIKcm5J9hHRPwZv9nIEgm9DpCa7C8BNCePcf50ds8/KzbPfNKaDyKLZrhFnaVUQQpfod0eVj4JNzRrFkGsqSH47rL/92j3X+WW99ChhF4+J0h8agtevZiSSEffhuM2GFU4euqlpJmOFBC4ORVB/7eLs9H/3tawz/YjYIfPjzPXejdzKblxYbIqERtCXjTTxpO2i33IHAd9/3p27hPLbZlchHC87YK3fiCzsZgFhxVW/9qx1d+MzBe42m70slMjl25IC42KGf2DNBCg443ykJs04v6qpwsx0Vf18RqLfd53xoPQniNAq0Az02DmbFDsBm04mKJJVprnHz15ffPz9oZOlAw/mR+goq4tEhBrgmWsXupD+cDWp/Xj91toOHkI9OvcJq56sc8kY2JTcD3cVjzWD6enILGRhhrjTytHKOHN8dr3sYRVSqNBfNTqS6yJAuS4a4V7WNYRenIn4RoPt47iHvlPF0s7ZfuUuYWUEo0h6mdPwuJO13vuTdVTP/cWhrsOyuIbR+Lrer/F9on9HvD8yWG8sPXlSDhp0ngDTlpdhLRYSP77D02dw9Z5rmnr3sMvD37xQ+MyHVJIaTD5sRa0tzMuAy3fjLepfdMbq3zLnuZRI9ManvNtdFxUKaVd2sp7HRcHeoTP2tL5mSNGi5gz8hK4ObZKpHac3TKyxioP9rJEQLnlJ/WPi+W4pe1DufDCTyhWMp8Hhacxu/Mj3SM5lt47Ffu/RD2/d6bGTE0dHRmc6B7OgGWPbbBFC8TMsWrNpSXd6hlb7ZNMBp,iv:+f4lH4pCh4u06Ro2qN69bpBmwqLPNNuR+OHnQL5MlVQ=,tag:Lp5uj8biWH8nFjGSBcTNSQ==,type:str] - private-key: ENC[AES256_GCM,data:Gpfh8IloAULrp8Jk2XUgdp7NjGw5aNnJzNQm6PaueJv76H5G+mYWDl3V+JZeTrHwSi6kayPdmsOlB3vU6YPqNu4X6Ahluvmr0U0N3d+N/XQ++pmYSSOR2+z6Lwbsw1/7Z/FEH53ESOAJpFtrJe5WZ34cZJ+fOYSsLbD4AZP47n7qjfh5GJhUPRxlnOYEfI+5Xkux5v/MdScYxAKmTqVqQoeFy2mB9weBjYtA4Cl/K8dwNDuqU8IyEos93EJcVlbrNCXhzurLeAB0SeNDjiQqgauMk+4LK9n1OF7EjRSilZvRpr/XsB66x/5nRqdeZT4+cKAFzKfrjdvXl6EHwByAubNysuKs7lkHIqMuMKmeL4xml5L/eDp9np4YAfP3bUKezx0Y4PlVEUUZh72MAxvkfAKhFqWNrEF6ySZZz1SECf+AIgGwO/7zWoAYw+Mf/WkXTZI4atLG9RLF6gzA4KoKVzX+Dr8kacR6hw5K0v2JtH9oU1Kb2UXL711Dveg5ztXaNoYy0fFzVhXakfNex+7u6KSRFFbJmD+0IyGP0Bqc9TNgLZXw68BevEkxzJmVhBBNmf/KvM/bpCwksD4M40wzDmz7tLYcq2HaeDvlbYvyn2p4G8lX3tDe2VHQKtpeCJN07pMtjXYPllacRF+LcZtYeAmt05koeCG8AisOaOErxLFPwI/7yFTvIMyenIhjG0TYSPLDDIt3SoDjOSujvLALXwX8yG7+hDO4LkzxnjAVA3JUdsUlafnPiwzDd61s8U3Ga5oG+rv43WguP7pKdmvRKLJjnyUxsQd6LUWhxhDvgykndM1wQMVHt40MuRdK8M578X7S2eHKxIgk6n8+oLxIbzTZ8jRJjW0hLRtGAqjnJ/h59g3tnNbYz3Jr5wMgz70GufaACh1Lo6RSFzh8+2WN2AOn9W1HEWq9/pl3MTqqd4LLjtnBaUGW3KJw/XkShCLh/eu4xx8nUjzUZCmlUX74CfHQYBg2SZ2W4WpSfTIyB8E6BVr6dqTSQxRQ+DJnNW6HkFIEvx0ncRAb1KUWMvcJ8piNADV34BAy7GV7mG8BtPVI15XGZE+Xeap6Cy9YEx6d+cSZaaid4+Yxd4DmADfDAttsnKRh81WgLu4rJM9TlHeTi79+kH3MGO4RA9OAicn2rGWppvKdjEbJQKDnve/W1sSySdl7AOUB9qs=,iv:e6Ad4o/ZVg6B3fHJOqPcJAClYpy90fckB6eZzGtNsgg=,tag:PgWcOLBQmg6OmlCB0VZKQQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0 - created_at: '2020-04-17T19:43:28Z' - enc: AQICAHjXjz4fWXXrCcg19yhtDeV2nkk1xwTTHP9xuxv2y/YYDQHboiScRzpNOe5TIxJ88ly0AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMMWTkkJrNfBg3EBArAgEQgDvZg1ocD+LtGYIojVFHFq8Vuh41s4C6zOe/0JN1H4tXTkh9D0IRlWEW792djebKyYj7glTom97VM9DgUA== - aws_profile: "" - gcp_kms: - - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key - created_at: '2020-04-17T19:43:28Z' - enc: CiQA7dyWCkCnQdJ9BkTS+nZ8zz3fnhiX41pOGucKL7WCu5P8tSgSSQD+2/5WtaHBeQTP+C0yMWQ+kKdu5+7wzYzkzZCaaheNAqE/Z0OfqQeev89XUFSDV+nSdMCoZBSXQeot5+d1Rh88HyxdDcImkjU= - azure_kv: [] - lastmodified: '2020-04-17T19:52:40Z' - mac: ENC[AES256_GCM,data:1lSHeI3dBPgvSZyRQbLRgPD10RYs6fDy1enkIXb5M929LC1jC8RTlp2q1MxcHX/5vo5QVVv6+SnLzUlDeP2q0tF3BmQPVFk7y93hpVrDjr7XuSbwhXKgdhwK60C8vX4XbdOYSvLeRdvOi2144vsHCAND4T5IpD5nEy/vPVhQ/Xo=,iv:rJ8NUrukIqbx4YOA7PwgaRJmS2vkS33A2t84vIEK/t0=,tag:PGY8v/SWkTnjY8DlR3Zqlg==,type:str] - pgp: - - created_at: '2020-04-17T19:43:28Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/cC19TkxXpWY1ZS1JnP6YLRw58ztjyrN5hFWQxjmu6y/O - VQIssHrUG7yEmhEtO3yjnOOoVntehXxrGFNBLbV6q73rlyQGNzOkqYwoxUYo5HuB - llBQFHn4V6kPrq93UYg+BFQiEySbi+qB3sZp8lI6NDEE3xnUMRmnPJKMnuJPBnUs - AFjacDp++9EDUUZkoQ6ShBfxleAuXoIxfMLY6F9hQUrVpvR85IBnMvkTtg3XjPtO - NjI3e7QM4Mm7T57MviQyy9AD2ga9M/K8IqVgP1Ekt2oDvHQNPvLjz+uST47Zep2M - 7lOnvTQY3O5orPtrtLhKQ9q+EathaK9yjvDWdCJMBNJeARFpq6rQB8KeGI9YNyCF - 1vRcr2n09IBIx/bLJu1tqU62/v4TKlD6BQKqQBAknjfqNwIIF94U6GRRYNa8N0ke - REqU4TVBuI9plmQlSGvilTZRHyfZHJEXbiJ8G4QcpQ== - =ucT9 - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/covid-uat.yaml b/deploy-as-code/helm/environments/covid-uat.yaml deleted file mode 100644 index 4cfeca9acc..0000000000 --- a/deploy-as-code/helm/environments/covid-uat.yaml +++ /dev/null @@ -1,712 +0,0 @@ -global: - domain: covid.egovernments.org - moca-domain: covid.egovernments.org - -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-staging - configmaps: - egov-config: - data: - db-host: "covid-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-name: "covid_uat_db" - db-url: "jdbc:postgresql://covid-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/covid_uat_db" - domain: "covid.egovernments.org" - egov-services-fqdn-name: "https://covid.egovernments.org/" - egov-state-level-tenant-id: "in" - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - s3-assets-bucket: "epass-assets" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: uat-epass-filestore # Only for epass - -egov-idgen: - idformat-from-mdms: "true" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "CURFEW_E_PASS_DEMO" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - -egov-pg-service: - axis: true - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://covid-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/covid_uat_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/egov-pdf/download/epass,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - -ecurfew: - replicas: 2 - db-url: "jdbc:postgresql://ispiritdb.postgres.database.azure.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: ispirit-emergency-pass-demo - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fppp.cowin20.in/api/v1/users/epass/status - aarogya-setu-check-enabled: true - aarogya-setu-jwt-token-expiry-minutes: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - - - -ecurfew-cron: - replicas: 0 - db-url: "jdbc:postgresql://ispiritdb.postgres.database.azure.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: ispirit-emergency-pass-demo - from-address: secyhome1@gmail.com - -epass-chatbot: - karix-send-sms-enabled: false - message-epass-create: "Dear , your COVID e-Pass valid till has been issued. Pass valid with Govt Id in . To verify pls SMS: \"VERIFY \" on 9686454890. This is a sample SMS for demo purpose" - message-verify-response: "COVID e-Pass to is valid till in . Pass valid with Govt Id only. This is a sample SMS for demo purpose" - from-address: secyhome1@gmail.com - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://covid.egovernments.org/citizen/" - pdf-link: "https://covid.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "false" - host-link: "https://covid.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://covid.egovernments.org/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "new-pdf-changes" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "covid-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "ePASS" - maintenance-db-name: "covid_uat_db" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - state-level-tenant-id: "in" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-04e5282a7a45b6552 - - vol-0fb04a528af00ab3d - - vol-04c3215a584535ed9 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - - -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-0f77a064ecdd1efc7 - - vol-08a00c2a610148126 - - vol-0b7873f69ce3b64f9 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - ebs-volumes: - - vol-05437e79db9455ce9 - - vol-062c0528a202929b7 - - vol-0b81669abb087eba8 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -es-data-infra-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - vol-0b9847973586c5838 - - vol-066db76ec9a5744c3 - - vol-053b1abe03c2ccec3 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 2 - shards: "4" - es-replicas: "0" - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - ebs-volumes: - - vol-0a3df5ce1c34619dc - - vol-0b2694e93f0ea529c - - vol-069f79cb62a7b9dbb - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - heap: "-Xms512M -Xmx512M" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - ebs-volumes: - - vol-0e65f4e41ecbc3214 - - vol-09b5030d0bb634f59 - - vol-05006786c5473947a - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - vol-0d9e6979131089b8c - - vol-02cb0152cd4766f0f - - vol-0f8a2dc7348a7546b - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - credentials: v4EozhGfKlWoZRee+hsR7juez5vdYmMmVBQeW3e05iBI6+iT07glHV06EHxhnOYhfNfkdsLmINtj0PZnmrtQWw== - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/epass-micro-prod-secrets.yaml b/deploy-as-code/helm/environments/epass-micro-prod-secrets.yaml deleted file mode 100644 index 3b8b71f901..0000000000 --- a/deploy-as-code/helm/environments/epass-micro-prod-secrets.yaml +++ /dev/null @@ -1,65 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:YFoDrdO9YBqa,iv:hup9hSj5BXQWBN2NQ6Ow2TEj8vQikt05opfEbIvRQww=,tag:hNklzNy2fJhouR0jm9xqqg==,type:str] - password: ENC[AES256_GCM,data:L25WHiy6aTq7GECOiinIFw==,iv:aXzyZWTZUdWYp37k7HW9Zp47Khyv7UBEyX6J8nYrPSc=,tag:SpUV5aka7yxrdsIEmlQQtg==,type:str] - flywayUsername: ENC[AES256_GCM,data:R/9At+TcjalM,iv:9eVb3WT1v0/uDGJaoF8DTx3TLVwJ+bpWfv2oYMnQ+2M=,tag:jax62irg3cMNU/FjLx0snw==,type:str] - flywayPassword: ENC[AES256_GCM,data:1pEH2+EyNCbtjzSh0mJFzg==,iv:X/YUqBXUv2Y118ReJDe8SzjwFjZK8fLy5cWaAmpWpP0=,tag:JVdpBl5axpRG9ea2RMozqQ==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:lEE3cv+d8leqkfxcilPX5mo3h6JRfU7dVSw0NaOIiv6J0r8pBsbjmXU8yxHCY2rzNZIKUP4DdfMvx5SmNrvMkZu4srYJczRBXLl+DOTPg0hRaPv0vZqOzPub1Z+QCaKHoB7iJuK6zEfdgPxBRoVH2JyYouceHayLkwTW4OP3YBEtfj2MsCtMXJpebGO2VfGfM2KdK2WqJDMfpwo5UU599lxc0h6ilPpWrB1hfJ/A1Drjw87meZo2i94gTKIGOVNNCUEX4ibje2sf+92ffp9s655sCbd3DA3ietoGmd5VZ4EgrCHA92hShkfjqpFY+RehwAnG8Gpba/+OnHfcH0Z0bstnuwjuWmRy815CIhT8q+fsKKhK2e9ZPqNkm3i36qvU1qcanMWJF2USjzWS3qfSGsZb9gW8yGzzlPLzys98ZP5iecCzHISK1fooI3LpGBApOtSj98FEtxIsENXzY4PGq4BqdmJQYRLbK56XhFmS+m61N2xbEuoSD+NSQuTf0eXkVLQwdF4ITNyDaWDqeaCsKVB4iyX2biMKdvgiSJJ2NMHjw+3Xx4vuvuXv+2FwB8wO3TgGuFzh65v68RSuH+OHzlmU+tGm25XdPOEREJuFxZHBepMTtpwKlI81zBYWSa+cWa8yA7WIqazvM+wPxKUNbjDWAm94Up+W9GD/8fb8juNLPjYmkoEOmceF8hL0BHag7FpPX4i1J/OA8F4p/3iRdlsL6NSt2LSMBQZicqxwooDHtgkBLhM9sGtvTHDlYBIeTT2fPgVtBWiU3/HwfPwH5uhgIzOK/q4gP2heN/GAmqlUItOW/UcLqQM+44l+V6Rpw3fulAgUkXDMYaMdlnl5fotnWpaU4M/pXlNjM2FSEMK5hxAS4EXTE1n9CXlYXsCA17jO3rLZpqR0ZH4kDD2gGeHVpVUX0c09s+AHPS3IugeCLE5ND3fPe9NQdJDBSx+pQo+TSpR4+YOXnQooU67juStNvY9ZpF8uFQv2ue9Hy12K3kklgsCknLaNpBNm+KDpONUZR2l9ukuqgdsNcdsKgmMXUY5lrXdZU9JgOSg1hpUd51lxczlse2mFw5Z8NMFJcNWc3K/OrJxqT3Bxf5wkVH50tD5cZ2lCt1MHjnFpapRBLbPvwUzJTo1DKvshlUM2roSvOFAd5vYuT0IkRDhhVzx77aIKcScYxScZTqnixYm1aQxqZ1etVdS9WE4VQcmq0g606uyKliwz0p8zVOgSs69qSMDVukNJzgXb1L83mWrwiuuWibhJHJyC1oM/lIEN+uLSvhIKZZjWYnWybczdhWfj9R77gWStW72Jk/T+5M8RQvUnKhZ9Vszings+JyJm6xDnWhTKgs7qySo/YmcGHyqC3EQMmGopZNfga8tt3GJSBwv9S8l5IfqNh0NvuqfWlCm00QBMV78WqB8n6Q/edW9GFF4/OCqjYJCk1sDy2d6GY3IzOxRIvvaHE2SfPZd7uKcdcJIuGbZle6oSYZ0d+GMVzTJxwrbtz5Mp2psecNEJOhrOIbtMWYzU7BQYTN8atw2TdAnG2VP+wUldw2602sDXGtrxuaEefI/H770BtpRYpOJ9LhxWYtmRtUVR9pNsFJFgwf5XgcglS9e5bQSl2woMpmH2qnnvt0RgJIlsVgAA+R0ZMZ/tXsPPjjyynxvWgGvNGmr5CyoZX8Ji1u4x7XWEMKs9RIvkioLsJd4FpWtvXSCgSKsxRHXeT8OB4oKBanOQK4XMq1Je4PN8keR76KCTSp5SxACVucm/Cv8DbbDOq9hWFSZhTSQbdIlMw+SyfnKpjKX/I5uwX7ZJj+Iw89k0W/9UWJH4LhxjFeAgqwHjag/dQ2F9AEtyALPQ7w9rG4lBDkE8KBvDz/zOhDBOINlxR+Cns33wzyjTWaLrRwy6Vk/vXbtu9Mi7IQnGDM+RwiU5t0O4K2P0OV46qPlQQA3Bg/8dekl4A0NE0MYTqXuUY+t3jOLBZR/IJlnvBRZUkFdUg/ARmlAOnGunEXqUAD3R1+yNn6Nr1l54/gsotkervaGdRl9RFbqETNeYbAksTH1oh24h2uuRc6EyTwxDSnstc01K+QBavfsoTQtrV7DSugSbcNLIEqdBdfij1hpn/kPshoyv2d4x+KPtQncrMXEcWuQqYy58Vji0jgA7de1por8mTP6ZOt2pwRpin7kApkd2vlDPNhPPSoOr9igg/tIs/g6V64kQVuRQ3zGKtzkqEiFHTVlXWx+UoFf3UVd3QHVs35pNo++F86sXOyvpRiljztlxprpMyCd52oWM1H/iATXR6Jx4Dn+h2xISx9BM2l4DyOlhZqJLZHyJCIOQPvUacVR8zHqITq2gnLJy1SAPBKFVFS/L8ms3Ke13poD2DOCCOEgaN2a7gMnMBTNHGLKwDll9WpnNz8c2TwvEPQVI9G0EZTiUOiQwDsy3zPWnyZp3GaSbBrcGi/5fmrEUWzBailbys5g6OR0Y7VkJaPNHvTPfQYsRmJgGYsJYKwp83kBVK/IIA3ZKKm1E+tEPrsgxjZXL0I1k7Zbh1cwz4hg/gVh5/bM5oZWBLUvgBZprOEV9QXx9GaEu28qWNZl1iUkLGs9dbnHkX04y2JfiSeCTueZ9nAaDZOA0FykFveUunCjY8omdsOJLnu8fsavjzgG+QFZc6U/skW9sA+KR4lQPP9Xebz+BbNvGErAUkSK50VfAOF6KOmU4raHPX/KPiOw2QGjhsXkQlnbakPU4oobT1ZhxW2BW1rGGGKHrbqQ3a8Y38Nes8G8FwRDOf2R7ifNx8mq3vnA5zPgZhiGrfEo/UeS8OvDBzJbfLJM5ZQnuMC7hQ39CB7KSTPJ+XRlroqvH1rUCg1a9MwzklphsAHyERJAw5MU62hIYOFJzQU7oL4AHLPavx8xjqQCmD2KsxLrvuabIFRwhaf8q8PeanbY0Ud8SZEAKdGRH1mMJcreek2gOUGVQYEq/YI1jBZ4dnfmU0f8JvjtHDNRVdpS5kpRApTVAonl5++enAz1eFEiOHfYT80qeNEVvNxXUo6ehbwc5RZT0MlBbyaiPu/hxi7W5btv+a0/tQU2FGCVRaw21sTduZfvGouUlaDnfQ2rbRywGSGHa0vGjTDhYWsjWS2wsIdpa9wFFtq7kkZcARgr/gGz7qlv60/mdSbK20vuiHry5o7/g3rneXbexCadLasJyaGPlq6colYocR2ZO8XNYfRXTaPYrFTWrdA8RMVgjrqvdqPYnuiBfXqjTSVxjKPyk42awC7TFjmk8tlO/RzSl4yUypKron+nBY0H/NpfoACdJQgieVWmJmsdAcbzRMlRunY6FD6S93kppfCKcufXBoJ1G09VN83WFl4Z/0p+HglGzOcN9uYJZDiGPb2dTDgjNGA9aQcwLUzECLKZOWLXSnZzlktcTJUEGd6aN/n9L94IssIjibABEi3yonWdX4VvnPcgoAWjrcdilJLx9UXefWzRHF5QXs9wl0zDhz4jfiVOU3nEQIb1XvfJL5L5iAulrglj5AleLRaRYqYX3lffeXWHxpps+tibZz8mWnqZWAItSJ2JRnkdS1EvYJcbRIXk9YH2a4UtfAEIxOGYVoHhAUPT+xgEYlPzOXanaGmi8aoVt2FUUTP1cyltjZ4MsyGPMw1h3xWQPt3husx4BQWDtoEXbphtkW7moJR0fWqQB5HrnrUger1HxRQ4mBY5G1lZRMUEgFoS0ceYgO++wYLdia2/gCNNLcyBi1pp0FGb4spC/YVTsl9M4gP+vHkJf9ZNtQ9fpFmiiKanHf5N/D1V2cbUKMONeLNkw0MsgqU7WeOUf0MNsdCCxfiM6uHTGr1DFIzJmF7AQhBSSonvR8E9FAhX1zLOX2jjcYoD21f49lSNQ1Pc4U+b9ZFMeFdKWLeOMHQuO7m55pBWPwHz0MuTqbkuf9iGzqzCxdhwUmlZ2FNvm9gYuj3bZANCr5ZL2sWvHg0xmEbI06jXeu2clgYXCC96gVkh/Zi02EuFCsh/Hn2WyDEtiD+EZXJZmCAUyT3F9iNNZchZuBmr36cCBsLXHRC9lIwvBA87Rfs0DulZmbbrJi0smADZKXbhZoOEvx/ysQAroz1hqfDn+E0avyEKOXWyQmhp77RTKYWMbODEjQ2/1vaKKzyZveR1aRCj5xlBvVGPYjdwhEgjuXkNohb7QmlR4hIGddaEIZOoJU+NZe1Lty7nFB4HA/w8UV0bbhno8bTYsj2j+yz3y60UVHlW7ERG8qdihr6Zz/SvBQbh2FHNGahEHaWFXScJoAapZc5yvcwPDjuuz0o3r1ZfL8rjJlmYpXurb5Vi4Ett1yjRVeEHVR3dScXZMyuRn,iv:2h/pXc64LtZhdoi9+0GlyPkfmM9X8yNMeDQaS2Ef3IE=,tag:9Y4dinTuQVn9QEEk67LDIw==,type:str] - known-hosts: ENC[AES256_GCM,data:uE4SCE54r9SLCBiRQ7Dn6vp5xVLPksrtRyDZp6erjM1TlHbSUko3WYqZvRZTsnuIei6PW17/D1cKoRxYEsgqrHPqhfD7U/LG+u0eYlrm5S08VRmwr/XtNorBbX+iVIZFRGCWuR448fPgh1SXb0EVkaHx5fYzmOzSeNJWgGX0RI80v8lxbzHmM7pqjvcqw8mqolchDkgON4DpKaZIeTxL0tnMuOYKRbOKyM5LR53cy5lPhPMQYI4VSxCJMpWqvUpVtNT1zQtF+zeB/3h06GfsFOGlwF5tug8mcSJEZChBkqsxmUSdv5VXyXyQb0uC1a742EU64u52ypO5K5ObQepoTgmDCFuKgecnilpZVMijeqHU1TwXHB5JWu9ToqPV4l0TjSb/+oe1Iy0xFPoBjyCAIrGBmjrflRbt82yWwGICcXs9Q50hs4+gOFL0HhFGe3bBpOr0mlWGI0RDN2c9STNQyN3BQMA6SYfSbIFNZufP+SEjSiegJOy2fgltVNPYGydlHK8TXm2Euw==,iv:A4pxJ9OumeQyWdlqlVPjCsxE3T/hMW8Re3T7Qb7uuxE=,tag:wArx1OMRir37yK7sWYOPyA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:nP9TSrNF9Dr+Gg==,iv:u2JKQnMLZCdY4DFDyZ3RIzkWo7LoZyICB1xUzAKn1/g=,tag:RqFvEANZ5oHkynCCvGynZg==,type:str] - credentials: ENC[AES256_GCM,data:m+lSYxQ1HSPPioua++edyCpiV3tSCLC+56Yi43D6WrXYSuf/Y9pz6/Ps4AO/Te0T,iv:8M4ZB7EcShDBX4a50+LNU/+8TOTdztQvvaPXeyWG3tU=,tag:1tB+pPR0Js6VGz3HZF2tXw==,type:str] - egov-enc-service: - aws-kms-access-key: ENC[AES256_GCM,data:taXK3ktBIxERpUpkuafNzTvW19k=,iv:nEazvngo2zytolg8I4c6pl/oXl7x2ryVyqcNElox1rM=,tag:o7ymfqakGH664nap2fqBjw==,type:str] - aws-kms-secret-key: ENC[AES256_GCM,data:5FknMEyZipxCx1I0pfNhpin1MaP8G1sH9wNEvYErnPODdvG3K7C9Lw==,iv:y4q/ddcqiLfZb+9sDo91619f6T6BzXl4kvx3IFyWMK4=,tag:5OvSse/tNMb/cp1cD3l9DQ==,type:str] - ispirit-ecurfew: - karix-auth-token: ENC[AES256_GCM,data:9ly4PBPszRp1iYCE5aO/Wty/EqTSw0qk,iv:hgMVwZeMZ3SAPfpdNnfEAYFrUgZXuj4lv7G8qtI6Xzo=,tag:YoWts8zkYj+q4UHee1EZhQ==,type:str] - db-username: ENC[AES256_GCM,data:lCKl6kXH81cm,iv:9D3cz6wBj5O5VCik1QbiVgrTxzLH/YikD6j75i6hBmg=,tag:dtF39qVMGdnAlxr63KHOqQ==,type:str] - db-password: ENC[AES256_GCM,data:OPIWVh5BGlHLvGNTfRBr5Q==,iv:KeoiAhul0GDDsdUKeityVK0vAiQ6tBMi22cgfli3fic=,tag:EIBB0S3P0ox1c4D1XAwL+Q==,type:str] - s3-accesskey: ENC[AES256_GCM,data:8f6QwBAzZclRufarl24TnVMSCp0=,iv:lRGvRPGMkedgxdvRCkY1B1ouNracSp70sA4DtGRPmvg=,tag:JIG1a8JtWITDxH9mm83T4Q==,type:str] - s3-secretaccesskey: ENC[AES256_GCM,data:mDYk18jRBMpVB+l2NLt8LH9DFVnqGLMF4+34YG8mE0kHsLwe0ZxyEw==,iv:D2Ngw9u1ou/nktVmAVCEW3UIOurgtURdD/dlxIid6UQ=,tag:yDignWZ8JzQwBQbcL2xxHw==,type:str] - kms-accesskey: ENC[AES256_GCM,data:yrku7zgh3tlVg7ZZ0iwR34LLctw=,iv:/HSjQepexowGGdD8b6nMgsWGJKGBoXd0szDPIKOfTy8=,tag:gAzQh2kdUn6rIoDWj3JO8g==,type:str] - kms-secretaccesskey: ENC[AES256_GCM,data:rl6rjSPa7f+AOaB/e8rX0vEZF5kG+FbkLssm8My9YOlmWfWWfm0x1Q==,iv:qwYYzFLB1X9QdrMjdBwQu7OuZniMTM1AwYFmSk41mEM=,tag:59nR4S2TYDy5LaS/4qco6g==,type:str] - twilio-account-sid: ENC[AES256_GCM,data:6qOZJXEWBuP4Pdp8wSayYKtVps2u/P3iCUo/KKbvyK99FA==,iv:9tafeNzACR3k2svOdtcdUSkhcbYEQVATnCaDloiiSys=,tag:bIf44ZGmfvtFst15QxEJyA==,type:str] - twilio-auth-token: ENC[AES256_GCM,data:e+3KBNaCBgkyShLDJ1Jrhn7VbQ1FxbPNSLpadprdA6w=,iv:KtWOCcf2uLwUhAwrqZ4TXbfGdBmhuGYU4k/yuDfXF3k=,tag:Y02pDRtd2hhbJVAw0H/eNA==,type:str] - twilio-phone: ENC[AES256_GCM,data:gzrYBrs5Q1EydVnP,iv:GeuyjtYVgO7fTBnN6JfFhhuXjmWYEf4hAjYjzNlrmCs=,tag:UrR+O9QgpeQ+SGBw74Qzfw==,type:str] - sendgrid-api-key: ENC[AES256_GCM,data:3XzWE+z4IqrqnwmgawoCVgxLy5xymnqwkZnu7u9WHbk1joYz/CLuxUcVSdvo9N4SWP651y2tON+Od+u1bpESBRmH5Ffi,iv:q7av1kOp/fbo4E/lNKR29DYIe2SvfbxT9NrO/BbldVA=,tag:XMyQZdw+M6Mnf04tVEj90A==,type:str] - secret: ENC[AES256_GCM,data:GDpx9gTLuZl/Swm4Et01yyPzPN2iPp1vDPUPacCKs5cpwzfat27UtAoYpJTUZDge6cVqJMJfyukAKLYaPp7cNw==,iv:Xb56HiDzatzwrjnEESRiqDTNSc7iNa5TkJWLfOivB5c=,tag:k/BiwYy3KvS+5jkQMN/VYw==,type:str] - auth-token: ENC[AES256_GCM,data:bmfWRZQYR9aSoq9yq/kMy7M1dNx11rXJtQHP5ZX42Z/eJbrG,iv:Oyz/tPeN7aiGb2frZHvifPQU4qXTrXj3fpVkY/Y72ys=,tag:Fqs9Xm2k3jITBPeRCfleZg==,type:str] - jwt-secret: ENC[AES256_GCM,data:BPOW9K+k40H7IOE6ljHXZKVQfSXv5+vB5c9pt1oxoLOp74BEHRybjv5sZOzCfdGDiNsR,iv:N5zqxAvcruhDRCTvXVrD9r3tZB7rTXEu8XG88rIsEaI=,tag:E10tCY2VGv7wkUfiY6FkxA==,type:str] - public-key: ENC[AES256_GCM,data:RUgM2JrQJttUXRZS7LMkGXKLw80UPqzZJdXIU2W1E6hLuaywprFlDhWw68jrBcUfsreCpdEuNI4PGfNxPtxbKc3KGNURlMXgSgqRxOOBBaMLFGjrn+p4sAwWo6TrGX9WrzzjvInQPZMX55wD5aLEcrU9LimDn8QICGuYdkkh59kiMPrThJFz3wQX12dlwObnj23pS8g00mWoBz20P45qfE0Mh0HvsirLS6s16pgGZd8W9+u+JnXByaN4bpw0uP9Ybq5pStCRbxGhmnyfJjC73BpMpHbsPJzZd3lhIrz7d+fSOpQ5gvdBhFlmG3N2Vs9R054rZiOpwlgRTZOrtDtj1quroiHeBp6ojdykNBdd213h3KxJCEC9kuQB6NXcvVGjVNv/GQO62Dsy6ZiM9XXxhF6P9/w0owex7MOB7aLgDQK/8tOVDuXr+ZF28DPPNGbkpLLJieKgzIPxNdF8La2z3prEyasxpYW7WGdaMEGhfDyQF5tzE1qf24kfnIHyMAzA7Vai6WNHOExlW2lMfxNLicR1DJMw+ZQ/qkrHucOPNiy/2JxCiHLEzfFMBEEPlE5iTLj4J41/nMDUWkgXr8IEKaMmkj+Mu5s+RRjxaW1Qs+TWeN1dpnG/b1zI8GdOpuhdwqDsqwS6TgNRhbi0NqglO60rgOKbh1dvl7mrPTaENf7X/OBmqqa5T8vHWeYRTf9m+PffLjK0ObY2pHbPzN4tAdEW3rAcwgJhi0pShogm0FtSUA0i1+0YJzmZXKbmHWgYJliAZjY5XFuBGlPcbkfomfo3S6A3pAPdA0P5mP80z3jAVSnhtnqWA5LkJ7ItQDnfJujD78B+7bdKufwLDEm876PDPr+z7uE0Sbb1J8b6Xerm+uLBCJJGND9kGdlpMelF1U18wwG2V3kZeS1vj/uvkz0zKz7eCfx2Ck8pi3+oSI8icGSdBfeQ5GhqXJt1iDTFnzgyPEvquH+d6aau78CCLHIwhbgyhmLCmKvPa4Y6Uwgf7CiDstyxoWoapy71WBmhdfTubqJhp+YdBF9Pg00QKFIb1Lf5Ygc7QV6GAcQKLSLseWZb5f62icrwXN3aV2aqAcwy5S68JBNPvhTF+zpDsHwzenoXB0mpeTYJEnISpM7a4uub8UnVZpWH12UbQNSID457rudnndKGsrqcHGxIxy5cpRCI9K+isduRkxmtXGDxpyp965YnOoIBc7cz+qEM7C5ObpRySp7WbmmcZv6dwLX5aZrT6cfCBgWpAluxxXLzs4+JnwxVLb3Zi5z/s3rTzovhxLVkvPBYL2O4fIvuG9DWlvLaS1ZLj8AktRH+RUqbbR0XVTMvpliGZ75O2F16Q7FgC1w+VnFiPnzSgutkt2Dh1dpdCQ52E0umMLmutWM2YB4OpsGeCkspSRCkzU4Uil8l2LUoefa6op8vHDl+H+yTiXkKyc34UIDGh0MSIriO9a7MXXW47DZUW4mYsJlTV4udP2IN9k13HdzHpkkcrTeBpWkOWgcWP7JpWimvrOODoAgcpEAgNIbJUXxs7xil8Z/fbKpoHq8zqmWg7Plcc1dQfSvFTeTFAVFl52ALbwek0vZti+ZYs7pP,iv:glF6FBimRX99fghbLNgtC7JUUOZ55yR0X1u5aa0CPa0=,tag:4CBr40vh0+nxN4k7F9vk9g==,type:str] - private-key: ENC[AES256_GCM,data:FjXC9EHkdIw0cV3GLLj0CXxL+a2bnIdqLCZG5NV0jzPVRoJ+2Cl/B/ly5EBLxpG40x0k50Ws/xMd8/0coaJPVkY2YG630HEYK7PTa/JgNYjqoFu4aRP6uYTxHO4+aWHqPeYnBiNt1G9uCI90FprYEDa3IiIIaI7IMnbJZVCTEVwqAkrpaY1Mx+wIC5glX8SGA+L5KPwD/n95pz6wLsYBhEbV/OaZ9tpFMzPaR53W3JCC/DGgpP67gOLhIaOlohIoJ3vDRP7QfDMn+3xC2EKg43+3AJKGe4KU0f/3qHotjo1ptvQBVbKLo2doGzLUgG/f6CNyhU2na6p4h7l8t3hb+PvhZlggCKYnmuXBktBLVMIzIRRI0SlWLVls+Z+hKRsoe/UmtfEoT5+61N3h0MZQfxyiSTJ8pxTadZntYFI+Rd2Rr3SyjJrpLCiUqPdd1bylPZyCfsTd9W47ljXAnHNFrr73vjrwthJoDGTvge6rr0Ai3/dxBOZ6p0AiwhzJu1ZR+ldsY+alcfcDogZIihuH2Nkb6NUJUjxbj2px0mWK1g+3jN7MXvFgt3ditoyh/0i7afocaHGZ9KwTU14AGOhNfBPjpNmIls7HeHe3I7KPXtIiEFFmQfNV/PaEpHInfarvcBDQvqIkldlyt5Tg7lGz9STvAK8lotMYKqlaD+ppnMN3h6Tv82mldbFWrfOr9veKcphTlxfMBTeFozTL9wEriHdoLlihxO5Zj6OgFwAZw/SCgdVrSnNf+YmEix+smPurtBwJPjO6ll5juaqalUw+mej/t4Ln4i3Y67U4gGITcifKCQGEtDL/JeGTUo7jn1bgVeZX0JJYVXqjs+g8j/Rz1ua5jzN98dy2mhIQSxFVt+Fq3BgUffwUG4jcWhchinLuTinAXLaUe8iTptVIgcDf4NW3L//xr5H9UFfcFl89pQxf4iUQR2A10whVAIPf00P5sPs1j1FrNzyCKZm79mew/n4EvKvY23+p4ax7gBbUm15IiTGIJm7/T/8z21GSOA1v/AC5OJdcP1Vamep5ODYWFAeW3atBVg9+iWrriU0JR9ZdlfMn2abCblMazqYaFwZiJM6cpYOy0pA7+MpfRPknKhznCYekT1+HU4TKO6IcKupNSZd8AOHiqxDVZM2MRjLd4SyVpG0gd/MAvhuR6X7Y50vbNwu88ca6qRNJ,iv:2cgBP3kjnH9sdqq+JxIM63TTEshop6njH2ZSh6nwdfs=,tag:Wzq6TFhpHnXQ4wPKzub8jg==,type:str] - telcos-secret: ENC[AES256_GCM,data:IDpHsDx2e9dgUqIEqfAbu+vlO5oIs3F/qG3oHq0VE3ZNkuMcUm8ClLhR7d3rsC+RDp/lYnFVel0p3ArXJSFZrzyYSKFHfEGmZbTHGgE9hbVjuQMD7t55ICGkyLO1QLe9z72X7P3J8HHKtS5iGb44/WxYbEQ7P57/FQsxbKURoao/+MDILxbiKyV1Iay6ZwShW0QOEpU+Ef7WyBJzKeqYcmLw1qL3g3ZcFRyMGcJtFCNIUrDtFenGDiZU4aAy3zNVQhE0YlNWCjNsXodBxGXM++BVnxjNqMAzqtmnfzUzU1Zsjv1Maxbgtw0LdmHbi88mWdZY5oHM6/YxmbwOZFbz9e4z4cgdMGkKUOrc1mZK6FoIV9yJFWD2Hdq8DkUwXOP1QDHbIDpIgqnWgDbSK6bUbplm6ba/duyRErt4Glsh2BJMui1TOIH52icJ2VphMLlp89eIAYnMPkiAHAVIWZ0tsJtR6eumMAyMFoBlhcP9Bd/cQG8hLToQksVJQbT8BK0NmjXMR7CYNBmWD/OPaTRVfICMykCFaGOKHBuc2qgYbZ3GRcv7BjiuO7+F1iH3kmRQhpMECkrOI/vj3EY1r9ZXJ8tcZ66X+kIyHJUFTm9WN/jTt6tqU1BLBnTQqIpJMMLCDtCSKlKlJVjfCHyXkIT87mQikzbWYFV2ItPDfukWyfntAI03TpT7xYv4ZVF4Mga0x4r0UFXyL/QXK2c4qXglC52bUZbbcIgL1xadn6m6iG97EP28tj3kzinfRYpQvQhseBJ4V76uNw7OJOwW6ZSgRypZsTanyt9TSa0bdPmNcOoFG3wKRtt1trDvfdb4J5I0n0xSMvgOqGLDYTdkvLNnWM0CFCl7492mg/6EEEDJ4OSvwcRlWXQpGE4bQNvvKH9e5jJiFOh9pU93OOnHF6hlmABYaE/lXT1J3/wONM1axd6TZxElJDQwWQBaACDy/rFEvtqeJo+ShJ3BCQ3JmcBcOux9L06Jyth5+6zXxrILBrUV4OHIzS34OR4PNFa55bb2pXwvwIOnztnrWb973/mGZoQk/kI+6+78JAdWuMmqBnNBmUI42f8Oa4IkB6IKcqsqZAvpRRoPk3i84MR4TP6s3lzHj0KXwg4jwfpkNac0LCWW6/z3abKkLzEgaxNlqjUWmMdfP//vbvGSSITvAPdHmztEP01BI8rWpdfTlUilp5Ra49A21E83VNHJIBX6jQdRK2JXozsbIWjuH/j7pjzyI/Yd+Aq4/gh72BYIXPk6JQM4U9Z54oOwFXYPlR6XGuXMLJIGLv0j/BGGvYwIvwRkVLRaQu6Jq1dqLl3otXJy7n91iphFOLbIK2EQ8ubSg9m5WCOVw64toS2HFxAreiQobXvUgEWsnp6zvcyYbqW2OhFBl0BktwKbw4MbqZlqWpSW/q4SFSBUgj4NSZPolre5NpcqYrJDBqScKPpMJzssTrAaUzH6IpwZ0nmn75hEFqY/n+hygWNrP79qFKyfzbuO/0yaNbnfT9SEvcUo+JXO8HtQcEvKIIXS6LgJxGaFFn+wphRafruCMaHuN2fqUDONguIpoCASJ5OB6mOaKVScHS2pNe83rhKGOvCx5174JfoNOw6rlhXOsiUQYxiFkVlm51hClUGtnKK7ohdLy1dE1LfgZlrLyqT/vvot+rW6FcdCDnJnb35HpBc3r1kyHUqU2+e1b0Hk28HwSL3sdjf8ROZf/IrjfiZ5pMbpMWtey/ifZnFL+uY7khmk314fDjJx4u8M6ta679AfcdjrDfVhR5K94gNaJsDwQ5ANXQw2ayvO/sgmX0RU5DU8LZn5S3oIcRFiEhovqgmw8+K4HeksnmihGr0HP7YiHfXAUhCLS+Aikg2sBuLt67IT+zMdBaoD/RRUL3IBKNh7g8VaLYbl3Ep7OUNm2rIPywxUMb+f5QmKCbqVXR4Sy3XzBjPL/S29oqVvbjEAKlR7utwWA2MtVy/Y1MY/qHMKNmvKlohVUQKZuGtAS7MLujw3tbaGgDUrs6blDiMNuw0/1STgS6g/c5JGQHlU1C0YZ3n4Upn8ec605KNHmzRCnF47WSPO1h8CwTugwBHZ3MWgCL+U1UIL7ifOernQfggWV6x9r+XAYrDgH35131KLpR8bk6DXAOH6jtcct66TwEvTPv0jjKNgyA1tJFSuMRQe,iv:pUXvo2E7ev8wbA6J4Jl7NAgE6gCcwsG07q/SdIzZqmY=,tag:VpO3aNdF2MDdlGq3uN196A==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0 - created_at: '2020-04-20T15:00:14Z' - enc: AQICAHjXjz4fWXXrCcg19yhtDeV2nkk1xwTTHP9xuxv2y/YYDQEojnnyVIuT9zC5Drp0aRfsAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMHiXodlNyuANfXXbLAgEQgDvkegEfzAwH+PS8JFToXU5utibelAO0ZS6YnIv2a9d4jZ5u4620k1zvPZcVQJQSKA+mI15y87l7ek9ZFw== - aws_profile: "" - gcp_kms: - - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key - created_at: '2020-04-20T15:00:14Z' - enc: CiQA7dyWCgkKCtl8AXAliOT3cnM7uBrnUCEBsQGGxF084gHkwDgSSQD+2/5WCQaVfGedn9VTgXRFycpg9C+8Mtgb8JQD2MZRtzTjo7G4A48fhgtkJZxIfZ35TXFP0/4QpDxGSX4AVBqyAOLRKXEDMcA= - azure_kv: [] - lastmodified: '2020-07-24T10:53:50Z' - mac: ENC[AES256_GCM,data:h8KIcz821gOS8K3GXSOR8BW5M8DrCwicIgo4W7KTs9eVkcnirM1CT+DFwD3+ZfgRqIQ6Nf3f49wMdwkCSiyEuTtENbD8SHriF9UUhLYtWzQ8FYD7qD+vMI7p+HC/nzGM//lM4HrPLSS5n7vzpqRT31LcqlUHb3tPj+6nX8ngmZ4=,iv:cMntiw0bQs3VUjLfoVoaA5i9CX4mdn95kjQajLa575Q=,tag:DVJsC4NVO9BW3OAyjZMRfw==,type:str] - pgp: - - created_at: '2020-04-20T15:00:14Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf8C55WUlmYoUNTEMM+CRLs844hPnJ16f7AdaKG2edOXRbp - qa29E7cnyVTtlVKSBAJcFkXWgS33zaTuNm2/i54pcfSx+1ukFIiEDJUkQY8P9BOj - A5IJSSM7+driNF1Z7+VmV1bwOfjJW9Vx4QZBtv0JZSZZTgmgZn0HKZxIDN9qAKI2 - Jj3nJCJdIouAiMIHCTC/rL8YX0RapAzDJCAe88YyNy8Txo22OpS1QjjCskL++fFD - sByvdpHtFWqtJvX3oJDp3leDlZBuiADAzP+9datP8Rk/aXLwnPUnByPgFMdR0ppv - tjR8q0vFi4EzNHmqu44IjQqqtum2yt/AFX6Dn6bJLNJeAa+DiJBU8Wlu0LB6jw2b - y4Ek1+DOy7XtdtRJzO+9IjXGpq2bSEDvTrvxDWiO1ctK8rjSEFl7Ak45kcKcOWFX - EaqRZazdnAAikDBMgEvKJqXTDcpZ62ee+VOk3GDpdQ== - =+eb6 - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/epass-micro-prod.yaml b/deploy-as-code/helm/environments/epass-micro-prod.yaml deleted file mode 100644 index c90aecf9ea..0000000000 --- a/deploy-as-code/helm/environments/epass-micro-prod.yaml +++ /dev/null @@ -1,485 +0,0 @@ -global: - domain: covidpass.egovernments.org - moca-domain: covidpass.egovernments.org - -cluster-configs: - - rbac: - - role: user - namespaces: [ egov ] - - role: admin - namespaces: [ playground ] - - root-ingress: - cert-issuer: letsencrypt-prod - appRoot: requester-dashboard - serviceName: requester-dashboard - configmaps: - egov-config: - data: - db-host: "epass-micro-prod-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-name: "epass_prod_db" - db-url: "jdbc:postgresql://epass-micro-prod-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/epass_prod_db" - domain: "covidpass.egovernments.org" - egov-services-fqdn-name: "https://covidpass.egovernments.org/" - egov-state-level-tenant-id: "in" - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - s3-assets-bucket: "epass-assets" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/egov-pdf/download/epass,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" - -# <<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>> -ecurfew: - replicas: 3 - db-url: "jdbc:postgresql://epass-micro-prod-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/epass_prod_db" - storage: - aws: - region: ap-south-1 - bucket: ispirit-emergency-pass - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fpb.swaraksha.gov.in/api/v1/users/epass/status - aarogya-setu-check-enabled: false - aarogya-setu-jwt-token-expiry-minutes: 2 - aws-kms-signature-key-id: 1f5669d7-a7ba-42b6-b7a8-3b6d3776d779 - pdf-with-qr-code-enabled: true - aws-ses-sendemail: true - from-email-address: no-reply-epass@egovernments.org - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -ecurfew-cron: - replicas: 0 - db-url: "jdbc:postgresql://epass-micro-prod-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/epass_prod_db" - storage: - aws: - region: ap-south-1 - bucket: ispirit-emergency-pass - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fpb.swaraksha.gov.in/api/v1/users/epass/status - aarogya-setu-check-enabled: true - aarogya-setu-jwt-token-expiry-minutes: 10 - aws-kms-signature-key-id: 1f5669d7-a7ba-42b6-b7a8-3b6d3776d779 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: 1536Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/epass-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/epass-mdms-data" - branch: "prod" - mdms-folder: "epass-mdms-data" - masters-config-url: "file:///work-dir/epass-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-enc-service: - replicas: 1 - state-level-tenant-id: "in" - master-password-provider: awskms - number-of-symmetric-keys-per-tenant: 10000 - aws-kms-region: ap-south-1 - aws-kms-master-password-key-id: 19a5d866-7d81-4879-a326-5487059dd2d1 - -epasszuul: - replicas: 2 - -epass-chatbot: - ingress: - ip-whitelist: "103.250.30.1" - sender-id: EGOVEP - demo-redirect-enabled: true - karix-send-sms-enabled: true - -# <<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>> -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "epass-micro-prod-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "ePASS" - maintenance-db-name: "epass_prod_db" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-025208105ad9b09b8 - - vol-0959387bac37b99fd - - vol-042233d86485351ef - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-0eeabf5d222bea1fb - - vol-0050bb0995eba1795 - - vol-04ceb2dc6d2cfa120 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - ebs-volumes: - - vol-0a3f35dd42a34502c - - vol-0f6d3fa5b96c44afe - - vol-0bbb404b41e715f38 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -es-data-infra-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - vol-0dbb02a33df07a3b8 - - vol-0b4e296b2e61f935d - - vol-0955283c591f993c7 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - shards: "4" - es-replicas: "0" - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - ebs-volumes: - - vol-09bfd4a6bebd338ef - - vol-080e6855cab6befb4 - - vol-041ec587d685a6a03 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - heap: "-Xms512M -Xmx512M" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - ebs-volumes: - - vol-05f3378d9beadd93e - - vol-0e844e0ba56d25809 - - vol-0eaac68b3252786b7 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - vol-0a07c963b2fd7df71 - - vol-04995d15952612f69 - - vol-0125ea182c0ac209c - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" - credentials: v4EozhGfKlWoZRee+hsR7juez5vdYmMmVBQeW3e05iBI6+iT07glHV06EHxhnOYhfNfkdsLmINtj0PZnmrtQWw== - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/epass-uat-secrets.yaml b/deploy-as-code/helm/environments/epass-uat-secrets.yaml deleted file mode 100644 index c165c99469..0000000000 --- a/deploy-as-code/helm/environments/epass-uat-secrets.yaml +++ /dev/null @@ -1,65 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:0xvxbys/EHw=,iv:Tt7i0moHAPHd3J+SVb30XXQ0fHRbJqhWHArS1bucPL8=,tag:aozgMRGickHTWXauDcmNRA==,type:str] - password: ENC[AES256_GCM,data:x5COs+7GLUAZRazvC3Ma7Q==,iv:dx184uKq+y3LAvOMJpk8zCpbU9TKdIuCYl+hrcyQ6wk=,tag:/y/8dIAV5OU38SYoo7CX7A==,type:str] - flywayUsername: ENC[AES256_GCM,data:+rlKwfm5PNo=,iv:aIU9ufmpq+boNuHx/EmdIf3lE23lmBZ4x1KJ3RpKxVQ=,tag:i3z6w44aUAmx96G2MEn0zg==,type:str] - flywayPassword: ENC[AES256_GCM,data:u573JHU19WXaOb3u7uNHtA==,iv:9WVZZWU4Koa/RJO8t4FMkYBsyAUnreKckW/9QrfO0hs=,tag:P73DYoxxDx+DZZcWeXNAyg==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:idC4g+gDUPA8MRxyFOlchAJfZjNiwASZqxZ0B708CfoZ4BILl8+h5jU9nUipnv9O5SV11iXTGvNcFx53MJhVcunKIO7kX6kpXYCO+lLx5eRXnQCpahHgfpcuhQ+pARV3+DtG16HnLqUat8e9fcTLIOFn/29SdJ7r+cURD+JmxVI2fZ8ZJANeHg98U9EHWRvLZx56/YgfqgKAIdg2r6eu2o2Qkn0oXzGtRZyFSvKr+fmWl15w1y2n3zG7piIM0Fxw1Ab7zgqJVHAwYWedAqWAMa5BznD07hwxjFba5M1JESd0qxULyG3eFF5Mxiq91a82+jVEQaX6biePWpLA/2rGbSIq7W3i+SVQ6eAJ8NKXWoq1vTOHgQDqp/GuFiAT3Dd4CKkpd4vYIq9bfM7RxfzX+gKbIJlZivIw/i9YpK57/AbrWlwX4NTL40g1hwkxKy2HPwFFJjx3D4UH6KBgk6vG54DzOmDfVjByt55Uo7LY071e3F0Oj88Ky4XDgZgfm++fSTueMl0msGeeTp/TPwOJ/3oiRe4d0gWW+p1tcIjmbkwuM3xpY5Ee2mVSqTAlqrnB6e5stRYbD6yhV38cdR50eXRw1qI2tQCxnQVTndKwE/Cu2tQ3dp4I1xOKK8lyhn4Ya/sE+Lt5jBi5c2jvAfS4ZWwFZ+v0E4NluBWFV+ne5WXlUsxFlFWB/Qz2yguC2unAIhIwj5TbcQUXT+RaLcNfgtXyJGoze+QJBuAJnds32triJdcTXFMmbWaC9IkuszVYCVolgulM0mr964bpeLaGY0yY4c3sXzNc5uo+IclAU3tMc0vmft88N17ALis4SOd6yVzlwFFGGTJtedX7anzlaEIhc8dt2ANUG5yP1TNm/9DFPf+ZgWeilktT4CBk2s7zmBHWPfDk42bzivoQArtpZhd5ITgjSQK2M2WbSwq9KHve6SdmtQVj1LBiF8mjlek1kxEOhQl2W1tNdkSSxVpQUldf5dgQnIOcHy91dsN+myf+Xgc+EYTljc5fv/xhvAuiU24uwyXdZ6sAYRXTATLT5SmuemcT5X+QNpSg/cXAzIKGbxeAgZuq3qBlNEFvMV29oaZsajSPENtG6RGLoYQFk2UnYEgFDuq32nsVMbJHufW3CNes4ooe6mor0kwSz9oeDKY8d2J7RniAC4Vdzuc4wRoBGtDkgz6lWnA0Z89Ep3dHNrJCIsW2+EjHBoKaJ+yVCcYU4uyUJshAZcvcROZcsb3LLcXrKo+uoCy0FQUYO5EoissiOysXh6SzPB3OmxqSxqvt/SzX1LIgCiAMmKXzxHK+d8pT3zfkr/8UYmlOMcFgXOINWqDwKz5xEJh9o4w/BsYTpngH3PwvFWHZM8t2qHtt6FkXybsD9mvjMeHcU2ZDSb7RDfNTrMsfpepFav9SIH2exyJmzOFoFl+geOBGfdpvVo76ivH/T9JNoguUWiqIdh7wZTe2rmIr6oVquxYVh3nfL+ZHl4jXBiGERcjNaC4FPNHJIWefwgKP+tmYAnRVNDhVx+qSvS1+0yk3W87Kp/qA0M0zsFmBP607P7JFmWml3tcSB/XcjmO97Ef0celOstlPrYS+lG2Y7FSP9pmzzgQr7IgI0fq+XGaIfWsJF8TuUvuuIQui+KUUW1UHq3/lhYShdYg0G4vNP2rS43CGHVPHPVcZVNJwngSlhHhG9x0CHROrZCX+ER4tVCSzeEesO0P0V+nftL6Dfpfin8LcmbeEzrsOjY+n6XtmdeWnRmmwYwdsT5tuGQ8uRwxXxNprA8rtOWQhTobqBKF5iq9aB64hZjqKf1Jo/WR9hP5JQDvFi1jcjjehxKkbR0gW3OFYznqqjdwurQtUlhR7gY9YmxNb0LGzLxufhTNTYdDfqWU0GI5tmVBZCP5vdfL7fugySZHNb6gxdPEU6I6GDV4G7LqQBtz2MIlW+ySv1kyqfuptnwYCkgUasnL26QpW4NhDB6GRivN8Ya5aSDy+ORC3kejF2RiMHTipoLMKZh63SbU331elkl5QyEr6K9HfbW2QPNqbgWI2DTP5QvxTZMPg5YBxXyL7Y5kpK4K9oG7c5Jg/Kv1eE5X6W+kUjSwTHT35naEhvGVz9cg6dUuJFAVcnmuV/iCBaeEtK4iAWAgZswQHxy5QrkAn40tgVtH2vN07Y2VgdbFAm3MO6jHLVV/oXBz13bLz1+Epujt1QYHFZ4uMqSNwwuhMVtBAMCdwMP3KWTs9QD5HVe8+lIFrbANEu4liFggsZtZdA9yR2skJQ6hJ3tXhCa/clvCMw7/RMm0swptP80sbGjzUQJYGbzDkPqlQFeELSaruFlAizwbw5/iLEAQORjuGLAzwSneNgg8weo7EAm8I8yu+jK2/2O6WzOMMVzurT1qYabZjoIygxpcyN2xzofxtAn9arpzVzFq9vyVRMCe9xSqUnclydl+0zHCpxpeJ+XlOmYAL/Z0NCQrDGTnoF495QV+ObRI2QZzeuMbENO4bWzB6+m2Dv6lSB37W0OGTn1hwQwb+hp9KR98cScxand1tbHBG4cD3fwJwSDCEx8gRD/ATiSvbVfX1uYzVPEZPTZFVNmpB1lhO6zxlQPcVKlW4SqSKdTMDis7ftUCr4a4zY9OID0XAhJJsWABad4RdrBEBS2ylQH97TakOBzAO539nbGWqVOnXF699IOtTy7nUzLO3OtwzZV0T0GKDnPjumH0Yksku+czYPGYUw8alwau9wCuL3nGsePohP9NHv1QPEwWD3cOMBxeIF/tHNOpjNK8pHhDyFgdEGhUlaCesQsYn2oTe2WqxZyj9YBYZ5Kivcf6Y5JXlED3wk/BQXo1uB8JDVDkqKGDx/lMuobL/STi7i0Swrq7oeDdME/kEmlsXP/pvJcqJ5rvge4SEbl6bJeUC0YtqcHOQHums0uBYpMQa4l1IpRYofGvAfueUFh0t/m9A/ivdKBLWqNUuOFJNewMqBQEFoSErGYad+8prbv3osCU18+eKmrGz7pt2op89tB3Pk2PodH2/E7qyU7DmMpxpEq3c6+SSs1PHX0tdgWO4EC6ezYc0UnBi0MjnHEBJS6aMbaejx0k7CBRGfpIjPpqoOZhFpk40mixL3oFpAZbQvOyR9RX4zi57P2hBl6Y035reUn8YIlo7qIaB+mNX79/+8Yv3V12ld8ZSJ5bNKTUa8m9ffvaaaCgaDHPmNKme1zQ3xX5qInd0ua9uMBZCPmHL3SJadXUJe6r4wnipVWvsxdvOUeoRsYm3fPCD5sZHlXzgnfeEKsPSu5MTEdJgXOpliIS+bVvKaCWLCUd7FTNy9vXLGsOuS7VudykDcrM4zGe4zhMXfF7J66euMf1XMVRPX/LCUjP1ORrA3DMpb9moqdHIU+UxmUY3SRvqDGI8kIeOcDXDH1G7PpMa0di60sg5BwBw+cuoqKwHMX10tEithV/CnuQSoUTT271Er0ZIdEFChBr+fNETr3ovWRancpW3sEsPO9+f92m/tr5zndjS07saIahx55/dS7ObXiQN+8O34vAb9cxcYmkb6Oiv6Qn8ozfz2LkWUR4M2FB5HAtpk4ip53mSeFTsupKo0yMe7ZS9p8EEzxnGcrxkwaDcIWbLuAjsT5xXwXQ+nV55YV/6+6qxKLxP5QZ+5fDIV7+FUUD46V781GjYvbpVbLSBdD9TSbzKU5PgYS6AnQPw/F6cIHzV7xco3zjPylf6AO8QGt3/7v2ib2S3MvtGIRNHDrRhknd3dTo9gVs6PRmNO2EL1p0uGVW73qXbEFSSxKiEX1j6nUfQCZEPjjX8oh9z0hVhQIfPEOSwpDC2LNAIiqFeyO71JbwhaSpapm49IzBQHOjqBR9YmwlAYmLXjhQwXXuebgk5t3V1mhIbW+QL2TeHvWS+80WW2RszuiM+/km60pehs+t7ygvhR42XuJVp3W54e4KUGp3me1J5q4H89X7vIBO/nhpu3WyOXBEKRvsBLC967oLbU+airYmuJXXQeS6X/Agvc6wKI3cvQLgtB2mU8TkWwiOiL4c6j+UWKELn+kRL5NXBKUND4m7WTNIU5BKjPNGxk7McgWr5rt7OQ3VeUgwGI1RVToL0QV/nMGox3ujElD5yjQKUxgp5wtWx6JhSu1z8GewJTiD5aU8JB/ZTbjCkmp9VQUj6NRIn9aSZQqBgNUVCGoC5JMUKKL8KWgzYOfPvVRweJeK7ITu4Kp3XwNRL/7RTG6q6bX5WFCK+NZcchb0HSpqvD2uD2M6Jqxnfy6GjVAWON1w112y/o8THminUemGHiHYGtv6M2Wq6hyp567crlIiUAxaW5tmyZt3xDs1O3Dhn3yppnfhHegiZyP5w,iv:l8k6YCM+KfJPgI3iQzJtiOLioQOAeIo0eT9eGqIIU2c=,tag:6dV7LrHiNJbTi/J4tN+62g==,type:str] - known-hosts: ENC[AES256_GCM,data:1glQSuxQ85PJRzuyhP/qfI1i1oBusahiy6mDn5URt2pYprL5QcwPQ9VGNdToL302Le15rbUz9QErpulXlFDI5h3AMejfkBD7juCT/WGbESnFCxiPJJ85nZSgbZV/ojgXpSxK5ZGYfM36RFfYhI36C8Q2GAr9IIzOCkYQNWDjnF0EJUc6s3LalrJZIlqZfe2Be1BISQlOzGIPUYblEQd7cPchMJD3atQwm9hlcKIIt+IJqT6RRom+3S92ABf9/3Y+SUBPK1Xg3/ydUYPccrOTnBcy6SoJr2RJFDD/q8XFYZzmYuSNfHSup5wdhNLLex4/3E9LsQlgFuyVK/DanSMgYGl7j+mVyt0qIrv6/jTqImRW++VqKDh/VPWhnatTHbTE9eCRJ36cy01L28EelyCi1IEAflpzawBwmR+j3jw6XknHgRVHLSZ+uXgn545kb2VEyUnkcaGYrphn+4N6QJzzH8KoJBZkzCpDPjVpq2d8jxQKvDXoMX6jbd7ZvTIB3SAPTase+3r1zg==,iv:5BoBbCQ9qftMZ4YGHUAuWS6N02PgDbI+mGSbJxSTFL0=,tag:4x2+DznZNXGCIj0ZuMekyA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:6kudFgtIPs9F+w==,iv:SRUEbVTjP/MGPN2Mg7PcUWd9fAIEiib27WRLK90PKVk=,tag:H2qSZ1mCtsR2J1EPWaTBpQ==,type:str] - credentials: ENC[AES256_GCM,data:cuHiH5tLuRQ+Mf0D9TINHzaSSW8NCh5pRhEsGY57Y702ZDmlaGVY6wj23rVJajUY,iv:J7szS+VrVZVdM1eJN590bSJsvpYnE1VXPaJyQYLLOUg=,tag:IoRduhUUwmfStFb+q3pcqQ==,type:str] - egov-enc-service: - aws-kms-access-key: ENC[AES256_GCM,data:O4f6BzwZCGbkjiou7WAlSvBdoZQ=,iv:DyRXSm3aRcWGSOdt6HRIDfU0PzJ0BOTFQiyA+m600uw=,tag:TvfXCthnnGYZdZX9+dYbAA==,type:str] - aws-kms-secret-key: ENC[AES256_GCM,data:tf9MaWSlzr5HTT8I4e8ON1vjJ77YiGu+x/jdutPdMCgypL2rZ9QD2g==,iv:ohPZtleCwJ7LpdJbeneE75HmBzJt0jpJ2g0z2CnYHpo=,tag:upCZSXAWqffA9SwBmSfwTw==,type:str] - ispirit-ecurfew: - karix-auth-token: ENC[AES256_GCM,data:VYTMDyWXRWUfnunP4PvitVPcZxlqeR6g,iv:ld5ewxktfAsOOv3YuDyyGaAaaavsXMuoJMhEeTSMjaY=,tag:AzjfmAiG9O6r8Ml7VFTpgQ==,type:str] - db-username: ENC[AES256_GCM,data:ELCziLyxmdQ=,iv:RBxoEXh7VtoUKD62ZehZN2AiHCbng2iM8kDEup+D3Vs=,tag:HSfeCRtWGB6C1zXONAYE/g==,type:str] - db-password: ENC[AES256_GCM,data:WXFX7Ht08avd7SoAaHNTLA==,iv:wxgRFQK9d729vTcqNV6AbT1Vl/Va+k3iEhbJnekLKgc=,tag:YygAcUS59EZgYIl22yqkPg==,type:str] - s3-accesskey: ENC[AES256_GCM,data:jNFpn2rr35UrvDAmsrbhlaJBPb4=,iv:a2VF/2a8SWN4lE3yPzBmGRMFIGKggvz/mFdXntnygag=,tag:ccHs3KAJ5Hnl292LQbgbIw==,type:str] - s3-secretaccesskey: ENC[AES256_GCM,data:kSzkb+O8STX1aVDQShJ5SweGfEgBmAYGEF6/U1/xFajFW643v9NvHw==,iv:H4aWe6rqUwXunZQXisO3yGxX2VZIOQuRQDn6iadcGHs=,tag:jaHf7yKOLuEj9o0cQZoA+Q==,type:str] - kms-accesskey: ENC[AES256_GCM,data:t3rBVd3l/ocWy7KhSPSZaNQMenM=,iv:TawF/ede/ok2rZAzXk2XOUcLyzoYH1GxArKFvErANdc=,tag:YXmmChXi7siSRprYwPg7Sw==,type:str] - kms-secretaccesskey: ENC[AES256_GCM,data:XIHPCC7ekfXq9Ts4Wx+N+P1yvyNmrOS9EjdEE49jFvZzdIUhfXAfIQ==,iv:j2biZuii1oJJfyascQML9D9M+UwEenVpe+ntP9+IZgk=,tag:8aKCQEp4ZYfSDY4kgTwZrg==,type:str] - twilio-account-sid: ENC[AES256_GCM,data:fDmDzwgHGSV2kKtez9yqLC6sXtQ4ESRbb0eWUBKG0jNKnw==,iv:IUFu71gOFm3Nktt6UFC+7Vgmi7yU/FcfaKJVS5xIX54=,tag:FBDGs6Lg4ndfBBAST2nVOw==,type:str] - twilio-auth-token: ENC[AES256_GCM,data:XM/F0M+Xa/B30oF2XH9RIhoVGhasqUGnPX6KLkFxq9A=,iv:OEuZz6Tceaz12T9nZAR1bJrPrcYnSlAQlrAE6xN2XMw=,tag:7PPijxWrn/EMot6OCKbUgg==,type:str] - twilio-phone: ENC[AES256_GCM,data:UevFpN0GMiL3gm+f,iv:LdNZNGsnk9KHBrgTvDp8xRI7Tw4hrMKghH8NSh9yQOs=,tag:DTEANVKidiC+LBBynu0gYg==,type:str] - sendgrid-api-key: ENC[AES256_GCM,data:n0A1SIehIuOsP0IMVzvKBywJXX9hTf/og5kFYgfjSubxa4yXJMMQaaXIVMcGgvUBSX/jUtqRb3FI9pwS2TZEUQj01fOr,iv:Xa1XGKeUM5LXGo/aykK3B6sC51PgLg4VtLsbD+LtpIk=,tag:B3TG+vVNvn+fDxcd3ilmOg==,type:str] - secret: ENC[AES256_GCM,data:LNn8EfqYfq0SelnHCYfmGrZ+m8Kcks7j1k1wmqdCdZYuuqUeBNq6houwFyH++wPw4X8SB3AAST62iA1aOxTCaQ==,iv:f8T5zZbu6qnoVI6ertpIoneG9YjzuIFfssHNq/tN7ag=,tag:SMrovS2wZaXn26N/E0FxBg==,type:str] - auth-token: ENC[AES256_GCM,data:oLFVcgrMjogH0nnBhY4t0VdywQ2yreTU/+qgaRanHi1Gt6vD,iv:HgvUd5/UhuTUQ4z/7rdFrgH++3gQlEgUDOX7ZEfZ+xo=,tag:gdln2ocYgwou24KBiy0Yhw==,type:str] - jwt-secret: ENC[AES256_GCM,data:mipsWjsdiKVVW/I9HgHyV4U3PPoNSn9PlnfIbY9quoZxDV4B/TxSKJF7+f0qiBbo279a,iv:qFkYaG1lgjZ5HYfLMZpQzccPlV3KQR1zi8gdcz03T0w=,tag:3l1nLg9B8AOWvO/OFjslQg==,type:str] - public-key: ENC[AES256_GCM,data:4PBzUS8VhKY+WPVRhERxERoRVPNjDqNqMYrO1GLQgUVdjBVwVu6b3QLbHD4TP4HB9qhzCHY2Eyn8WuPnA92NOxm54vh9ACpGvkJLCWUla9ThKyS84Oq3Hr1JEKhlcm9qyAfqM5GUXnSelkb0bfP/8GJ7rZmDk4KPIV9qDPuOmgOvKsJzQdVTbb4HAE5NfGdBEEuWmyV275R/AAPW9HifT5VX8/cJ5+053qAJykUN/r71q2g5fS5uJqvR7ZMxyWosThGMMYPYmlOP9+qRIUEEo3qEgRYkX06JNhGxaOrerIMLD8J4o3fgCEV9Oiakk971Fep5QpsdT5EGKa5two+O7AeQWVy/R/zb3xgtmJQ2mK5wU656qXikGCRitJMhFPbCao9mPIYJEkbdW8XkFd8n0OufHVAI71gyM27okWhR+smsSSyrAzeAwfPKNCLYrOfua67yWlHINNNRRCgqgE4xNjWVhkN4wX1uDQ+uUw4vQbuB58pu6R61jC3gBYh8BQHSMOHuM9l7hMnyetGAkj3+/+plnl+wMREkmKcZIZjJ+6PrN/lZ4an3tshvOUuCpfCKZ6t3woNMbVcjEoebwDNz3WF6vEGCxeY5UrImffpYQLhnrLrlGXHwe6vsPJzlGmzeZRd/1T6RZ7cRl2+nCRzi2zpZ9v4FW6rIN4gLaQf0SXze9oKMP+kO6qvlSnkaY54iipJmueUAV4KYzcvtP9+pSGErazgPLBr9S0b6ysFKyg2PhHCaH+ayKjbX8eFVQlvmFDt2XelzpWnu3mXYT3YXM1qBCEwzg4Xpb+aZOfanmU4u0lg1DWikB1Jf7aAo0KUweUCZQjjf7MBsGOfBA6mMfkBfjuh5vVnWMGS0XnNZ0ip/EYUhV6MGrXXDAHbdl96LoOigvGv4rI42zR5d0tw2TwSh8Z9VbdazKxS8f48ZhLNvJQK6n6mYgdkWWvPUCAgDG2dCS+ggNvwcSEkZFYMxuwhtm1V0uFxIbJsNby9sLGz4a3fldeAPyWK7HJKbxgxk3aPU6dAWrNF1HRZm5yr2ZVPHkdAgCWll21uHSAfifvE8vi+yW1n3TXZ4ksuNIaj6IdLcgx8qY8jFby3LW/7xDaZTKvxxD8A4v8HJLTP8gZYWHN/d8IzwqQH84GEJWQRoLhpy2cZwWDxQRnN7KfIpAfeGLfC5FnMBPNAcIN89wLKZh6mgqN4VbVgJucb8ptxhj+U2DSWl1QScHM6unpAXqUPBirWuAOUbI52/VEzbAwmby7T/+9YZzT/qpWigx1MsGyKSGChJjqJo7sl5K2V6dTJSwFFtwOMcWhEkloA/OIvp0ngi65Nr4CBDezkuH12H+PPcNDrf6zIf23WAYi/SdFYtyEs7KP0aTsHcRgQGlVD0x2hBifeNBcbfE8RdDkglBlBl1AEG5PksQ7i/1t+zHCuh3qQckO0JsGhdpFArqBrlLBZBOsZobl8+zw00IZ7qyqVWCE5pGpCtFTd2S9q3z2koRGTAdMp9CEu+rcwVqp0ghrE3GucroMvd02mwAjKlP8Uy6/BVkU4G2fKbAWsEDN1PgMjg15BzWX/sV13EQvU72x2Qh5v4czFG,iv:XMncwc2zz3XIHpUp/ZjGCtaWEYyJB3OhX6jmqN3ogL0=,tag:NXM5yZ+KNLoAfg7e6mbP4A==,type:str] - private-key: ENC[AES256_GCM,data:yx7k0A14sUy6QcXLuVNMcFatxXfyFeQ5Gj1YBXFbvrEluNRzzeqzp/DXIYhuqi/451qZWDuIJpwU0+N/Mj2jszE9U3mopu0sCAey1nRxgiJ6H6/rQK49kIugnKonZXbl3zsxfApOPAklaXCQjuahjpcohN8o0UgppAk8H7uTGowzYcWIoT58y/8DzSMwzF86y/iKOiMBTqNgbxvody1jGGsfIY7GQ5xQwmUDu0p760Eaj7Ht3jPthzC+6AN3Tz6LCY2Q+QNkVt/ZtPfQdGOxrHnvGVJHO9OGP0dJxJ1A480qzriOQV3qMqCCDl/XwzExzn9qvCsjanNC4ma5hQ3gdbypCB7GYRZyoRLKD50EBFAe2Sr+juG/foaZYS1n3uZfV1prbilJEKkQEzDVMUuQJhr2Ts6N/MSem04wYlyquWKmQo6dHw12Q51ppjQFr6xXwDytZWEzCDQMEg/49/8HVxiJGbeykchSfhUJr7tf5JNHFoyleI3w+jrvoWp7QkO0pWGx58cpoyTXJcpqsyZ9wws/rwEm4kuidqerJs7XtZc0dEH00mM+lgiShbpE2f2/XP+Mgwl+0AZOJrfWxWq+GX+oVg0gsWAvYg0F1nCLN7qZdYJ7SbrGjcWcbMGSbZLS5QAAsfut+ZlCAI2BwVrVkZdWEgxWlIkc1xuk1BlDPo821z+0b+dyvriaeHIJF0KKizh+uGreH5iSOoAeW/nbkZxzLNOdxj5+DUa8r3onq+qDDgcmRYJh0eyGbleQB9AM+RLe4fUW9MhEQ5oodg0OFKE/yKbTDXJIyIfQy5IDJGLumK0wwUgtQt6sej8yS8/GMFd0F15sAUjUw+OkBPwfc1gfIhRECgt1keVPSyEnq3DCyenZks1xIlqN+Y9dq+Y0yPvMSy/Se4OuGLtNLN6A6phejBEFzV9GK5RMsPUKYqxqqN+4fvpA6Pwt/v4lB5q9cr4HWdLIhIF0w+tmevsyG87EiLgJsb22yoDYMRhTy+HPBF8UMDe//W8unc5XMMXdBDkT2nkSfWx1W39a3P9k6aefebJlmz4YAJa/ILln6seNWVVrnwFqv52I10Sf90tZxTLvPKB60B7dVE15R1Gmao9Knj/tUrHITtHj8/bT7DhMpMQnYxjTi7yv0qMQO6RT15UI+uycINfI9XRTVZQwAafL9uXgZeykZ9za,iv:dqxO5hjkK8rE8dOjKvcCymBByCCVg6OxAEpljXNPVjk=,tag:PWdLmJ0k840TiHrl0A+4TA==,type:str] - telcos-secret: ENC[AES256_GCM,data:rRji0X/0qTWXaBMCHA3wtIRidprpP2AWiNeY9iX+zHd1xNgIimhi8DBAJ2RSuK6f0Z9PyLshn4E2MYoMo+cqj8LbMF0aMfnLexfEdHrCDPFlZXZRoNSI+8+B0HrWtfc0PckVqXQQMaHWESaxAS/nYwkxjx10wR24bTptblWr3dbj6FKBy1udXD3I6qMp7ByKeoWqh5CRAWXjSRNAH0Tidi3WvOI/Gg75852o50eL0ntYHHLW3fnSqnH3he9wGkiZW2D7TjWbUz4HJ0FK4GWzeD4hu+5WMkIMRfPUSOa5hgil5nrHcBcKyHbNfnnauS2Cp0P9a7u150AqQ1jfPVYB6qdJRfGP+ebHL9JDdqcmbwsMypUZXdmshZgul1bEZxMEjYG9FDzWPKvbt8FoD/J/+VoBCwGnk/DofxNZpzFumGXiBu/8w2E2AxdqNnmThVwEfk6hV6qJ3oGt+9+QCnjKooYQcjMEhbxt/BdgrXQwREXQK/LxAbBX/RxVqGB9VRBgo/Mf+1/a00yjDoxpCtW+DEOue8uc6Yirytoln0vB1mhYGKedDlyRFZcAsCHnNWxp2qtcuzT4tIVbQrJQ5MR9dpgIj1dLQpkPu121UJcHMazwxacywH573sD7tAXkevNkheaqpQzGgkpcldXTshG4KNSeG1aX9X8JssRYo4eQZMF9kRZQribu/dbINDVaT4uMt0uXOOTLuzvqN3HcMkzqDjuE6P6IXaQBBfVBi853CdirRSlYvm7V2hLeTmExbjgadgdhKT3/BQD4GmvRl+2LVFn4rDLAJyAEkCS3YZrkBz1b/0YluoMXRIpNiMfn+TlJ7x88FQ6U6U6RuHEjw77Zjzw2WPForlaEc489xNoJ+iBh8fu9GIpBAe0Phw14nN59hBfS9iO4/RhAVdFyS7We7dDt21i66cIGDCbLqVrWWj1IOklbz7JC2utMxzscrlF15LkuCR50KF7vJb6QR9maLb0B+CxOyVWEmh3rd3yV5/zgcqck4AdpQhRZkvRk19Yw5DNpA4kj/omKN6b5smuiaySz/Gbu/7B1qwAWRguMsWMOXQUt4+xGP9Z/5H+vzSUmGEVnq5ehnup+WHm0AInp9O4wXamjsctpYDZ5dUDlp8mpFCr9Tw7zhSsxYqhDvf+I+/vP8g/PpYXUl3QNDDKV2hkgmh2TjC2HyG2HUlbxF2d2Pr73X6kvuflaytqwsYdbe4QIjBsItMYaU/B6Cy4D6e8L1OtfzA7wTKQrOkqWKawLmHj/AQsshUjDD+VFQu7CsDRlmHK/lCS3u0fMz6pJ+mES/lMa+im+DGK3XEZP2QxxIprNLyycHy2d3dtcHwRihBXS+36Ti6hN4b3oEslY1ZHGabJ9Xk/u1gk6pmshLfIye1zL+33anwTf5ZIjzVyng088pTgQJqEzZx7S1FTzGN43uM913VOkFoZuVUOJZlojKIS15LBTIPhowNRNLjoB9xrb05w07bnSjh9nPGe58h3QATYx8hkmIHmRatJ/NrwiaEnaopSGIeMfFCZ5+l+vfvbETwhqYTR0dwZ90MEHK7VDO2fMNpcKhHNRS6QsyoHxIY8TREYZiBkrdSff3n3iR1VsjAW5OTMjZTFgAX8z3y1W6tdB7U8zABkkbz13Hwd89WvAAvP5umOcxYdRkEeslaQXUpRsvEk=,iv:vRCYmGuy2xJvJniblascYLHgM3Gr3rHIqs5+BfZp4cw=,tag:hwyihIcb3xBmKPfGNI/2tQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/93761f6b-a115-4ca2-870e-aeb2f66445f0 - created_at: '2020-04-19T15:56:10Z' - enc: AQICAHjXjz4fWXXrCcg19yhtDeV2nkk1xwTTHP9xuxv2y/YYDQF671pFAoms4Q0dUgz0GiHgAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMP9XRRSd5DHYunLcsAgEQgDuZWv2LCNJfQHdP/wYMC7KAeebgQOZ5lwMBODwGsyXVygLtmvkLdyH1/XhbaBtqe1xkz941VqgvEgu8IQ== - aws_profile: "" - gcp_kms: - - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key - created_at: '2020-04-19T15:56:10Z' - enc: CiQA7dyWCvim6Jpuh7zbExcC6Fj7jnTaCyzJeU3HHr4OiHaoh5oSSQD+2/5WM/Q6jLi2Y6KENLS1tmOsIgCNVfYUoY47PGZcWZBIW+zTxn3xcPBsnnJUB3DdY3i+X0ddm7Mg/RhXBhCg305ZnI78ODw= - azure_kv: [] - lastmodified: '2020-07-24T10:51:40Z' - mac: ENC[AES256_GCM,data:E3oYAC/W7Z5g+9VGeOsj8gvja21Y80/kHQ+hQDa3Ee7AkEDbJEa9Jnes3mxb+GhV1T3y3+Trewasa7AmNAJTJ5JMLvp9XoiLT2+/+cB1JHVdE4zPhAlX38rWCeOmCiRI/zYMV07pVvwWw6gy5l68ne26jXi50DUz/u0HqZaAxno=,iv:nau7vyRVpym23xaUZyS0747IB5fzCfHfnWLVXqwhwBg=,tag:+BIsehWs0/3lR58Wq9TLqg==,type:str] - pgp: - - created_at: '2020-04-19T15:56:10Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAl1T7UyLbvODpS/xw0tCq2CAwnjDLsKqL9Fa3xj9ffOW9 - HN4GeiwgufJIsLbiTyRtmCY6/+SynCX2OSnO2JEUAO5PFSIAE2u7A4jaQmXDne4f - /80ZfsTYlqBA0kTbSqtstnKV+5fXNGKVbTYhYECDZGtj77CGfarEoASZ7aXD6sCE - 3uk3D2zRoEFf60lI7iTli9ljKMR0o2gJHzP1bjJfrp4xFt9wYIEUnIESjU5Z+EIU - QLMFuTqmuQhf5j/MpdZx0aUGILIXaO/VA2F5QhLAg4eA+YQJ9iyNjvt5U/e/evRU - uVv9YgMi/LyOT3T3VzxKnhsyRYZZZv1SAqHp5YrfldJcAVUTwdzYqVNytWmAO9n8 - /irEWqyrR/ZBFc3kYj5af6bWv6N0h3dPnXsqFpn76gSUs3lTBn5EMsHdf9JNHBEg - NnPl0ARlUHGeQhuzuEVF5YWgFd3OrOjkPipQKTM= - =zGaI - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/epass-uat.yaml b/deploy-as-code/helm/environments/epass-uat.yaml deleted file mode 100644 index 9e3063b7f1..0000000000 --- a/deploy-as-code/helm/environments/epass-uat.yaml +++ /dev/null @@ -1,471 +0,0 @@ -global: - domain: epassapi.egovernments.org - moca-domain: epassapi.egovernments.org - -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "epass-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-name: "curfewpass" - db-url: "jdbc:postgresql://epass-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/curfewpass" - domain: "epassapi.egovernments.org" - egov-services-fqdn-name: "https://epassapi.egovernments.org/" - egov-state-level-tenant-id: "in" - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - s3-assets-bucket: "epass-assets" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/egov-pdf/download/epass,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -ecurfew: - replicas: 1 - db-url: "jdbc:postgresql://epass-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: uat-epass-filestore - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fppp.cowin20.in/api/v1/users/epass/status - aarogya-setu-check-enabled: false - aarogya-setu-jwt-token-expiry-minutes: 2 - fixed-otp-enabled: true - aws-kms-signature-key-id: 991b3812-b3b8-4c35-b046-9bbec74d2b87 - pdf-with-qr-code-enabled: true - aws-ses-sendemail: true - from-email-address: no-reply-epass-demo@egovernments.org - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -ecurfew-cron: - replicas: 1 - db-url: "jdbc:postgresql://epass-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: uat-epass-filestore - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fppp.cowin20.in/api/v1/users/epass/status - aarogya-setu-check-enabled: true - aarogya-setu-jwt-token-expiry-minutes: 2 - fixed-otp-enabled: true - aws-kms-signature-key-id: 991b3812-b3b8-4c35-b046-9bbec74d2b87 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/epass-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/epass-mdms-data" - branch: "uat" - mdms-folder: "epass-mdms-data" - masters-config-url: "file:///work-dir/epass-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-enc-service: - state-level-tenant-id: "in" - master-password-provider: awskms - number-of-symmetric-keys-per-tenant: 10000 - aws-kms-region: ap-south-1 - aws-kms-master-password-key-id: 7d7652da-a9af-4c19-8cd3-1f1f936b1788 - -epass-chatbot: - sender-id: EGOVEP - karix-send-sms-enabled: true - message-epass-create: "Dear , your COVID e-Pass valid till has been issued. Pass valid with Govt Id in . To verify pls SMS: \"VERIFY \" on 9686454890. This is a sample SMS for demo purpose" - message-verify-response: "COVID e-Pass to is valid till in . Pass valid with Govt Id only. This is a sample SMS for demo purpose" - from-address: secyhome1@gmail.com -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "epass-uat-db.c0yveiebrnbp.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "ePASS" - maintenance-db-name: "curfewpass" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-00c51507887cce5b5 - - vol-00b7bce3d8f5574e2 - - vol-05d0fe523163d4e5c - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-00e6573b3da1c097a - - vol-069bb69a54f311e9a - - vol-0564e03cc594740ee - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - ebs-volumes: - - vol-030ffbffcbb9b4179 - - vol-09eee9b170ec05e11 - - vol-08c48bd993f98b455 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -es-data-infra-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - vol-068701a2be2f34e01 - - vol-027a1e30d131c0d1c - - vol-0d1d29d39b008d1fe - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - shards: "4" - es-replicas: "0" - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - ebs-volumes: - - vol-0c4af319778cb5532 - - vol-065749d98b61ae51b - - vol-03b77084f240c5ae1 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - heap: "-Xms512M -Xmx512M" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - ebs-volumes: - - vol-02bac470a7f3a18f3 - - vol-08658ccc3f8e20784 - - vol-0467517df96168339 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - vol-087bd6ee86857a384 - - vol-0c50ec53a1da75c87 - - vol-0e6fc7528ff167fa5 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1a - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - credentials: v4EozhGfKlWoZRee+hsR7juez5vdYmMmVBQeW3e05iBI6+iT07glHV06EHxhnOYhfNfkdsLmINtj0PZnmrtQWw== - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/nugp-demo-secrets.yaml b/deploy-as-code/helm/environments/nugp-demo-secrets.yaml deleted file mode 100644 index 783abf4f22..0000000000 --- a/deploy-as-code/helm/environments/nugp-demo-secrets.yaml +++ /dev/null @@ -1,123 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:+rfJBbOMFRE=,iv:1aPtMeFLr13nQ1q34mbXdBZhMSmUE8+V/zwW3G4Ax10=,tag:Fqp1LMYn0zPva7wph1rCrQ==,type:str] - password: ENC[AES256_GCM,data:k3vVzGcxBFw6FJ754WgO,iv:DJWdxshMFpo3MYjrHREUwYYhlipb0n6YBoI4AceT4ec=,tag:sqFvLFTU5ob4W3BbADaQQA==,type:str] - flywayUsername: ENC[AES256_GCM,data:rBpBqyZtDPU=,iv:16W+o5R/030MeAM+xt9B4go0Id2abJI1zkR/cHpA9O0=,tag:6ISWY9fhXF/Yz3VjBjb5Lg==,type:str] - flywayPassword: ENC[AES256_GCM,data:cCRaW+9roG5yyyx9gmw7,iv:ivOUuUr0ZZ9yUX5Ci6plXUq5wy9wlBEuaS2GJhbToU0=,tag:+6Rmyn0wutybLLOegkqhog==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:qJ7LYgrLWRoZG50U9MQ2V6Lx2KQ=,iv:iwzRq1ZiG1pnZPOpRkRwzYBqHQjxc/D0pAfTJTJrwiI=,tag:ysNexf7gEHhAxh8n+jtk1Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:6eXGRFduTbONoUWQKTpZCqx8s1JwGcynkd3rQVuhmlW3pN7Ul/KpFA==,iv:F6fPZm/IYmVYEiM4mG4rJs8OoSpdLP176dbm8df8D0U=,tag:TUqxSn1/fqStA2DcBGo8Ow==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:RN3G5VeFS8T3XbzaXr0+nw==,iv:h/bdQApXCQg7y3SUyyINByOKgMOWAJ8LsPvnxq9Bbxo=,tag:ju7zSODwxTlqXyQ5pFJuig==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:DyivoESTToF9YJjox8y36ssmwcvKaOhsoC/fcyY=,iv:+pNwxpneD5tiwX5fjVd4gssQtDjtDPl9LTAfSBdX+cs=,tag:byu2BFHTcM3X6EdNGn2Unw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:NAkt77ffExP8dCKO1meyJeGt,iv:Wu7k+de1S+qMFi2b8s5/Im7mxaNsJwZbIkyR4HfkSa4=,tag:cXgG5oLvaoOKxVZ1PDqdcA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - wordpress: - wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] - mysql: - mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:OtDA/4sdQBCBrnk99eET1k7M4K0=,iv:p9nrTfQ3cPJzOBJn0Y18tuE8/OK4uJkems0AtqISpbk=,tag:tzg2dv0a7cHJhEqLvbD49Q==,type:str] - clientSecret: ENC[AES256_GCM,data:HqJh+CDjmDEDoxtEqZHkwcxMdjuuC3B6TRLebgMcE6GdWX9rJfZ6hg==,iv:Iz6NYhSDvESyVcCn4eEwyVd6i9Z+VFfejjJOKnawf1o=,tag:/8lBB+jMrLVJ1Fp/oRq4fQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:F1d5adRjFFMZOLjsBYKTW6P9vXa5LnxKc+K+BVMJeh7fxXSjUw229pD/nlU=,iv:03hFQHm/J4WWz5G2LdJLnx51H7CDz5fveEGXj/vGwps=,tag:HD3Z9EyQ59YLZZUhaKkKIQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:QbENP3uMZK3o5kcwfuqawtboY18=,iv:xyPA3g7MFvwYgtL4jEY7u2mmGvvNTMFtrHoT/1ePrSQ=,tag:+EZrNu7IvxyQNuBxzHz1RA==,type:str] - secretkey: ENC[AES256_GCM,data:VozClLi2OmEW/WY9AUz8SWKcUvOLtP+v61Cy3/fFTyRYc2RVWp99mmsneew=,iv:AKurEQ1r6YNQrbFhwmcgEPwCh9ZItzqWl4glOkUHfAE=,tag:Ofy0Hp72WJy+XPbAoWxsnw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] - group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: - alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] - group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] - group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] - repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] - templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:dpUIAfOGg/DYKSyDRuvBusIvpbEj5kauwVPKCws2QZzIucHcnzLg/bAD+UG+8lKMk/Wvm6mItKA42nv/5sUYE7O1siU0a2NSPiNc9TMZsfYoeodwCKvNNLQV6oE7rfgFvoCHteFha51eQIvcwg7KVs/LDfgaH6qnXxNQd2iunMqVR8YFRjC8+fNM9xhe5EEaVDvdsGHCHQxawPGompQZCueNa+bvt1Hh4p0avlep9MuIEzBkxtqTspvsGZW/dowiEpehXKj1HjdiovxlMK6ZZziMsS8SJ+ftTLwaX2hVW4hnYNKwimNzC1o+ga+roOUVX7Csf3CelsMhd6BvhZOrf1kXWeRgjGEH1KH7CnxdTSHzGn70MDGfghzbm1TQerPPWKQQB7/GNAgYIdr32xvvaHrVyguR0SUrIfhaW7cYi4RXQuxqNbIDe5LtHE+GU6MPz+3QBuRUPOJlDI8TaGjZPDwBQoimwsBTnaQSGFcxnv8FOF9lIjRjXJNGkHKgk3JsFi/pRYIdbQ==,iv:cK88hnm4Q4llROhS/RwW/18NuZuIoFH+zs83PdaAT5E=,tag:Tb/rFgdvV5ed0sZ8GmXMVA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:48:05Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-15T12:26:16Z' - mac: ENC[AES256_GCM,data:vcjXKeriu44zOztObwSKG3e/6qkWUCDi7RKICUDFbDZ4tvclgmRp5hJr9A4R6p8TrUSRP7VXk2cIjfeYu7LNrHTOf8NkLYqtVDbg4zagcYZ6/J8nrCj5sO5s3udvQ+wYAADfuPu09IjFBOPA7xibInf3CYZNJbtTEKPnZ3aCdZA=,iv:fgKYLufuWI5Lcv+6g6rIxBdh+8sr1obIPxBfgEaIN4E=,tag:mJIl7rBPak5lbivYhK70Eg==,type:str] - pgp: - - created_at: '2020-11-10T06:48:05Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv - lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ - gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ - Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t - PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF - 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS - ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S - q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== - =msen - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/nugp-demo.yaml b/deploy-as-code/helm/environments/nugp-demo.yaml deleted file mode 100644 index fd742cc6ce..0000000000 --- a/deploy-as-code/helm/environments/nugp-demo.yaml +++ /dev/null @@ -1,802 +0,0 @@ -global: - domain: nugp-demo.niua.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: - [ - backbone, - cert-manager, - egov, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov] - - role: admin - namespaces: [playground,egov] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "nugp-demo-db.cmqlydmcmpru.ap-south-1.rds.amazonaws.com" - db-name: "nugp_demo_db" - db-url: "jdbc:postgresql://nugp-demo-db.cmqlydmcmpru.ap-south-1.rds.amazonaws.com:5432/nugp_demo_db" - bpa-db-url: "jdbc:postgresql://nugp-demo-db.cmqlydmcmpru.ap-south-1.rds.amazonaws.com:5432/bpa_demo_db" - erp-db-url: "jdbc:postgresql://nugp-demo-db.cmqlydmcmpru.ap-south-1.rds.amazonaws.com:5432/finance_demo_db" - domain: "nugp-demo.niua.org" - egov-services-fqdn-name: "https://nugp-demo.niua.org/" - egov-state-level-tenant-id: "in" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - logging-level-jdbc: "debug" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pb-egov-assets|egov-playground-assets)" - serializers-timezone-in-ist: "true" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - spring-jpa-show-sql: "true" - egov-indexer-yaml-repo-path: "https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-telemetry-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pgr-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pt-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/billingservices-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/tradelicense-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/collection-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-uploader-indexer.yml" - tracer-errors-provideexceptionindetails: "true" - timezone: "Asia/Kolkata" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - land-services: "http://land-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - minio-url: "https://minio-nugp-demo.digit.org/" - -billing-service: - memory_limits: 512Mi - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: nugp-demo-assets - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf" - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-mdms-service: - mdms-path: "/work-dir/nugp-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-mdms-data" - branch: "master" - mdms-folder: "nugp-mdms-data" - java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/nugp-mdms-data/master-config.json" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - egov-indexer-yaml-repo-path: "file:///work-dir/nugp-configs/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/collection-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/error-queue.yml,file:///work-dir/nugp-configs/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/payment-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/nugp-configs/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/nugp-configs/configs/egov-indexer/water-service.yml,file:///work-dir/nugp-configs/configs/egov-indexer/water-services-meter.yml,file:///work-dir/nugp-configs/configs/egov-indexer/sewerage-service.yml,file:///work-dir/nugp-configs/configs/egov-indexer/property-services.yml,file:///work-dir/nugp-configs/configs/egov-indexer/pgr-services.yml,file:///work-dir/nugp-configs/configs/egov-indexer/pgr-migration-batch-indexer.yml" - - -egov-pg-service: - axis: true - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/nugp-configs/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/apportion-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/billing-services-persist.yml,file:///work-dir/nugp-configs/configs/egov-persister/egf-bill.yml,file:///work-dir/nugp-configs/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/firenoc_persiter.yml,file:///work-dir/nugp-configs/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/pdf-generator.yml,file:///work-dir/nugp-configs/configs/egov-persister/pg-service-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/pgr.v3.yml,file:///work-dir/nugp-configs/configs/egov-persister/property-services.yml,file:///work-dir/nugp-configs/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/pt-drafts.yml,file:///work-dir/nugp-configs/configs/egov-persister/pt-persist.yml,file:///work-dir/nugp-configs/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/uploader-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/property-services-registry.yml,file:///work-dir/nugp-configs/configs/egov-persister/tradelicense.yml,file:///work-dir/nugp-configs/configs/egov-persister/sewerage-persist.yml,file:///work-dir/nugp-configs/configs/egov-persister/water-persist.yml,file:///work-dir/nugp-configs/configs/egov-persister/water-meter.yml,file:///work-dir/nugp-configs/configs/egov-persister/bpa-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/assessment-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/chatbot.yml,file:///work-dir/nugp-configs/configs/egov-persister/land-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/noc-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/nugp-configs/configs/egov-persister/pgr-migration-batch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PG-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - initContainers: - gitSync: - repo: "git@github.com:egovernments/playground-rainmaker-customization" - branch: "master" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - data-config-urls: "file:///work-dir/nugp-configs/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/property-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/data-config/occupancy-certificate.json" - format-config-urls: "file:///work-dir/nugp-configs/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/property-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/nugp-configs/configs/pdf-service/format-config/occupancy-certificate.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/nugp-configs/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/nugp-configs/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/nugp-configs/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/nugp-configs/configs/egov-searcher/bill-genie.yml,file:///work-dir/nugp-configs/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/nugp-configs/configs/egov-searcher/localitySearcher.yml,file:///work-dir/nugp-configs/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-20191106.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/nugp-configs/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/nugp-configs/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nikesh.umredkar@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -egov-custom-consumer: - erp-host: "https://citya.niua.org/" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://nugp-demo-db.cmqlydmcmpru.ap-south-1.rds.amazonaws.com:5432/nugp_demo_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update," -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# hr-2.0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -hr-masters-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=hr_masters_v2_schema" - -hr-employee-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=hr_employee_v2_schema" - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> -collection-masters: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db" - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - citya-erp-host: "https://citya-uat.egovernments.org/" - cityb-erp-host: "https://cityb-uat.egovernments.org/" - cityc-erp-host: "https://cityc-uat.egovernments.org/" - cityd-erp-host: "https://cityd-uat.egovernments.org/" - citye-erp-host: "https://citye-uat.egovernments.org/" - - - -finance-collections-voucher-consumer: - erp-env-name: "" - erp-domain-name: "niua.org" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/nugp-configs" - branch: "master" - report-locationsfile-path: "file:///work-dir/nugp-configs/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "es-client.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-048d8d84fc099a2ca" - zone: ap-south-1b - - volumeId: "vol-09f08571dbb28113d" - zone: ap-south-1b - - volumeId: "vol-00b9499d2dbf75998" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-0dbd7a23e90fc5c19" - zone: ap-south-1b - - volumeId: "vol-0bca87dbb8fb930f2" - zone: ap-south-1b - - volumeId: "vol-0255c727d62207956" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-04b33e85cd9368d7f" - zone: ap-south-1b - - volumeId: "vol-00e9a14e26f54a496" - zone: ap-south-1b - - volumeId: "vol-0ab675dc3fcfa2cd8" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0fc7c6c44edbf99db" - zone: ap-south-1b - - volumeId: "vol-0d7a9d43a3cda1d45" - zone: ap-south-1b - - volumeId: "vol-01a7e4a97bb1bce56" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluentd: - images: - - egovio/fluentd:v0.1.9 - target_env: qa - -delete-old-logs-in-es: - images: - - egovio/elasticsearch-curator-5-0-2:0.0.2 - days: 1 - schedule: "0 12 * * *" - target_env: qa - -logrotate: - images: - - egovio/logrotate:0.1 - logrotate-interval: daily -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_pb_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "in" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -whatsapp-webhook: - replicas: 1 - images: - - rushang7/push-to-kafka:1.0.0-bronze -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "nugp-team,devops" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "staging" - -minio: - mode: distributed - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-042cc3d71b831a544" - zone: ap-south-1b - - volumeId: "vol-0c6dfdbb25153c6aa" - zone: ap-south-1b - - volumeId: "vol-057093a7317c0aea9" - zone: ap-south-1b - - volumeId: "vol-0acd0f8ee63da108f" - zone: ap-south-1b - ingress: - hostName: minio-nugp-demo.digit.org - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=nugp-demo.niua.org - tenant.nugp-demo.niua.org=state - client.id=in - tenant.citya.nugp-demo.niua.org=citya - tenant.cityb.nugp-demo.niua.org=cityb - tenant.cityc.nugp-demo.niua.org=cityc - tenant.cityd.nugp-demo.niua.org=cityd - tenant.citye.nugp-demo.niua.org=citye - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -# eGov-finance Tenants -financeTenants: | - tenant.citya.niua.org=citya - tenant.cityb.niua.org=cityb - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -egov-finance: - dev_mode: true diff --git a/deploy-as-code/helm/environments/pb-prod-secrets.yaml b/deploy-as-code/helm/environments/pb-prod-secrets.yaml deleted file mode 100644 index 389fadf3fc..0000000000 --- a/deploy-as-code/helm/environments/pb-prod-secrets.yaml +++ /dev/null @@ -1,91 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:dofe0mX2fyg=,iv:aqqBm89n4sa7AnopDo8HcJ0g4PC2KJSHxw5Ip40M7dU=,tag:YlazwebB7s52+aPwZcJH7g==,type:str] - password: ENC[AES256_GCM,data:zZdM/R49SDng5sKPn9qkLQ==,iv:QjLvIdKeJNJkWhszHyTB5SvI9C6RHHlf7kTSfEFu6WU=,tag:fubwDUskuKJLrR5zxJI0vg==,type:str] - flywayUsername: ENC[AES256_GCM,data:Edgud6f+RIc=,iv:qv1YnhWLx+oBSTdkT+vaLOu5E4UNBX+8MjiuYOw0XVI=,tag:DzTzg8aSSTSL7z7PS6Nc/Q==,type:str] - flywayPassword: ENC[AES256_GCM,data:3r616ZYc3J3+6/XmKpW2jw==,iv:ne+1Jkjzvm0NzTczJNzcaJP1w0F69yE4uOs4ksr3d0s=,tag:8+gI9lQo74YjtXXZBXDSow==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:Z/KgNl9lM8liSDg=,iv:hWBKDmRmiDA0fnSaIP9TVN8LbyFprZoy1Mj2R7M8ZTo=,tag:mtGCc59TpP1x4CKGFoVchA==,type:str] - password: ENC[AES256_GCM,data:UA+Z7lkJMNRapA==,iv:YJE1npLQ6DLuBVu++u62Z1A05SJiWWvYrHN0lGh3+5c=,tag:U1HxtdsTpCk3Cq/D6I1xXw==,type:str] - secure-key: ENC[AES256_GCM,data:n72ydpmJeEn69uRaTl2pdIocnXrTeFcBrP6joFVKeMXl8ioH,iv:8e61seje4oiiaMbY3HIgVt29GKfJxGrXl47Kvu4SwuU=,tag:4g6HriDc6jkP+kbydQVOaw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:1+mNpVpR0kiqDbYS/xYBZLT/DIU=,iv:ZO6zEikVzCCtmTs4LWtHDYldtoq8rYlKy4a+HtTghSA=,tag:8ozGkFEwpD+U7V/3fpB7Yg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OBiRSAyFHLA2feVqNx787NYHQ8+3X5bj5/UX0qfus7157FkfPG3mYA==,iv:s/nozhFhB1rG1btAs4L5KUhMkqMBULnNA+usdzvfhf8=,tag:NN+dyAxoGcAOjkuisZ4ypA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:8tp78/tAD0zFNvc1n8SOmf7GZ4AklizB/ln4mLFoQZzx7FJ/RvHi,iv:kUeLHk/hhf4mjnH4YOifzDj4VacBa/NvfGhzJg84cxQ=,tag:ukjz3XcAb77sktW7mgjJMA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:Ce5479/SkYAiJA==,iv:gPbLXdupYLBIbSp9PwygQKVQPwaRmlNssmTS7CPXK2s=,tag:gR1v0trqduxmFth3pAnweA==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6qzAj6lWc1PyBRM5FLd9zcwFN+BwQESCbLd6DGc1o/g=,iv:QUhlENhqWvaXrtzzd/bSmJesToWPDuXMjPDWPJ7GE9c=,tag:lbL3FvD10wImV4QGAgEgdg==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:TPNFmzPRxp9OD2d37w==,iv:xirSU2OArl6wzzpf3pZnMFJPuwKirsDiAHC3Rpaxil8=,tag:MYh7X0JusBUYbj+AbDvFxA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Wvp1zupWyBQwaXM=,iv:ChqrX562rkS+Vj44eq5wSkdTXPH0vB7EjvIagfOlT8s=,tag:jl1ZyvEUDWP8qVZtYarGbA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:VQTsTX4bWxQ=,iv:LZvkBh7r0hPxJuG0iJH9sTHnjTqIXnTujy5iHdiLl4A=,tag:KOxKYmMu031PXwb0VIrubQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:He+h9Lrg,iv:APvWm5MUHyTI58a0i+lS+rp8lYQE1J1QU4Vt6ub46NI=,tag:Atvytj5E8BDXIH0hf8wT6w==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:ixROEIUNWy0=,iv:JIuv7D3+UPxHdchHO+REj4q4mqUjpuEHXrqvvXDjFN0=,tag:d23XEZVVKkXQNUNEKmukJQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:870Netstv6y9hpF00xYTtTJQwhKwaDm9jDvJHB1yF0UX,iv:nM3f/qJFrFICSXnTVBSDI2vf/hthSwNHyJmyeJVHirg=,tag:pLiPTqwvqisTzajRx8l+vg==,type:str] - admin-password: ENC[AES256_GCM,data:pW7aBe+GDyK1rNC62Bgk,iv:UDmXJ3Hw7jZ8x6DphoSm2yMv16nCwDkIrUAAsRJdqXw=,tag:d06VlDoXNMtjXk4kpup4Gw==,type:str] - read-email: ENC[AES256_GCM,data:KjwnYE20WMBwj/Kgnex7br/3ibKoO8XQ6U9FZGowgKk=,iv:iVJISzn9nwURMxaFoKVk7LOWPXnFsn7gM6ExGwfmf8U=,tag:0CEgt2CBs+OVw8qd+TJh8Q==,type:str] - read-password: ENC[AES256_GCM,data:j0sPIixHMsdL+w3zgtE=,iv:OCaqhKn4XAtuu9h0Y2VkJ7s43ET0OjZrIFVynZmyH+M=,tag:PxSXx0jezvZfa5M/oxsx+w==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:aaMRPmlTHLGKcA==,iv:nofDLuvlZj0hx1fMC770/7CpBTQ2CNgkq1u6D6+p5BE=,tag:vu1XeenwjQrf9sPt+f6Oog==,type:str] - home-isolation-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:eHxJteMLLkK+VTTgdY78P05jI7QeSN30tgq2FBIH,iv:u0FVS68LXQNOeygC7nUlP5B5aWYc1ABsffXJ12csM1k=,tag:/GP2SKty7BEEh8k63Ir31w==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:t7Xh7JDpXfO5PugzDET0Dw==,iv:xVJmXqae3HyDAdAAyZAQPdRFiAHXnfoqe/DZGdXUfpI=,tag:7iAL45kWfERjYJNXQg6f3Q==,type:str] - #ENC[AES256_GCM,data:ICArm76pgHAxn+VDFq1gAG+o+SfTUduao6n3SMojDtiWFCgTwtck13IrUN+OyC1IBV1cM3ZuQ7SeToQ=,iv:k04rT8psgCOHt2bbYKvAz7lBECuf85/EsfHJCICm/xE=,tag:YahRYrcEeWtm0YvYCciFrg==,type:comment] - egov-enc-service: - master-password: ENC[AES256_GCM,data:SfoMcQgP6OUXN/eYHrvftw==,iv:KVCuifSXVyGVN5rK6Kz28eOFY1cfcZZ8xKssatjnQEM=,tag:qfJVVYNKVJyho9ai59+HXQ==,type:str] - master-salt: ENC[AES256_GCM,data:hJY04VDhe1w=,iv:kPEhbuR3LHQgFNPzkYVdDlQKiyLoJTGKp3tlDCpgG8Y=,tag:S+6B/vZQ+43w3I8UV3cBBQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:s6KxEunPqQeuk55D,iv:UQUoiqOXytNVvpNACV6ohAXIP9gO4GTu7P1abSL2JSk=,tag:LrqzfGKSfK0UvOawMWBKeg==,type:str] - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:6CQreaHp,iv:jM+ckjkBoXCAji6Zr3xlfOLbagH1Hku1JGHqmR+Wr2I=,tag:Fw8sXC2gk/iwNMv5blb5WQ==,type:int] - rainmaker-custom-service: - egov-encryption-key: ENC[AES256_GCM,data:ay6i4tGggnSV+mm2HdPkgDaVxlteOcVuljhvGH04cwU=,iv:4yMOiCiR/Q+n94VIiuWuFSBgQ5jXLhBzlIbEMHzLW2g=,tag:UR+GEJ4v1tAj7HUq+/X38w==,type:str] - egov-encryption-iv: ENC[AES256_GCM,data:R5cDbFwItzKbKVICAgyVOA==,iv:hz2HxWuTkaru5GLdg8/mF80aKYWe/H0tuan4OP1DjVw=,tag:mW1hm0XJiEzB9/AKDKWudA==,type:str] - egov-bnd-encryption-key: ENC[AES256_GCM,data:K/4jicVuZNZgspLaLMHksmB15nHQ6rRQZo+LwcIJUcg=,iv:uoHTVF2sv0NlaTQYyRur/j+VYYF9HpBUQWuVdeTPEio=,tag:PnaxjHPX4fv4oB+Wf12CpA==,type:str] - jwt-key: ENC[AES256_GCM,data:V52UlRDoc4I9PbWAQnKKSaC3pJSvEc8D3edSzUi7eN0K1lsaLWs7uThyStSkabralO3S/oF3gd/oxErttWIp,iv:7LoJ5BLe7+USNIGkV8+8rZAT9RluqxHehrkexUX/7xw=,tag:s4BmqciyDWGD3feO4pTeLA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:vNEADwYOemEvompuNOPZIv9AxbMXmHkfGqT2tNhTR4xfJ+zSf71eTHdffJTpRFm6HhedwljEYW4IsHxY9PJWipjZsPz2L7Q/utDomfyAibUrqyLX/K3WfnhY2BlCCOiOz5eNNAk3P2aDKmo4zOGmwRUZSnkxv7YitzLgwpI9fupfTvKpVLYAj3Eu3Dx/8TNgLxDVF0jF5OzQMOzvqYiViJm8zhcbpAT/2Z3C89wIXPlEdSn67SHJsPvwyd7Gqvg4+s7lnNvBF5Yl2shCv23AGd9QJxRTeM5PcbU3ujLcxRWtlhPiPXTYxg/6uRBO5QHk4e+GfEcSz2cJz6IJVGBQDuuR6mEuOAzlEYq8bLGeF6gp+cRAXlRHz+hvW/tGfMnMR0n4dDuUabqhDT8kP4gAXiuqVQTQh7zBK64mtPUinBGR4aMozXZFDBZapMM+B8flXS/vrWuFELbmzl0ZpnLPPxrx/L4rYhrBwhcuKuhTfH7Zun88t4r9b/1st4vI4d7n/YjGx1MwDRnn2F7uN15WSpQ9Y1zkmGBYQegMXcZSVbKA8RQ8Pb67JFtvA5xcwZYt3ixKSdu6Wg15aeyNSFLMNZ9E+YR1wnnMfIzb3NGTCLZFTk9+U19QzIxDWYIhotkCqAjYNRYqWgfRDMkXIxZCHcIVMm22x0yMVdZcohMWL3VjtoFCmpV2IUIyFdouXP5sh0LEaExswzfW4oyHLgjpUFrBwOjQeSAisCqFbdRmFQKIL3JAKTJY9cU8sae1BZ/rEduiFlUvYrYc6p6TO2cIZ/FPnnYLLxv09+Nge6iFjMxnafJ56yDpnUR9nt1XDj6R4+ZYp7ZmxJqLozaXMJ4yblyuoSnbOMpptaHbiOqsEk6FogYI+7oMFAi/2ZfQj9fo6+TcUWBk2iSagMDGOXU1dTXFmhnJiJA2fB9+cfaY/uqz4D0OmgAEegCP+hB3vKz3MAnp9XIVYys/rDRLEhNzkxTIFlV1SN0Z+MktXV4jvUidKoPnDI9OwH3Q1EdVpAJ5wYURt045v0PcCicAAFxqteGetMOxsgyeHdVutyXNpUTcVgKQ2ISyX2FLySzPdZ/3NbZZ0TuIitWPuNT3eV6UVpA2v6cCeaOE9/HQmsmH+I/izB9cJxHGsnyBU7Vl6yFqwT+8J+FKVyeG4iFwR7IR/e3K8YDkJgNAMncrT1aBK+viRbVHDurCBXZ1c4CFv6OVNOjAlqCwEmNudvu9VVgAt1T6HeorCK8uP/IeMaRsEsD5wwuGIEyIb1TeDEkbk9egdyQbMnPFxeTs1NocA4n3MobJKWKXlM+FG4jnt2nZoger3k7JsH7PhppvhJAIgVV4c3Yr4LDmOmTXdGHabkxWs+6IsuJHQkEExAerPPndsfbcBVhRF2kvVEMf8WrzYFusGXuNlabDV3m/uqbFZ2Sm/O1dnpBIK3Fd3prAGoRSrQamguXUD1swflr02+KH1NeE4co3BQhTaWFEv3ZbVstojLKprwd6NYRefqKGVflM1Bufj6dPN9NcNld6ZIqAduWQLeI5SBvkMEvwlThxR9Vo77nIEIpTwGxZjUaOLjzJ6mAn9cEpAQLgV5NL/nGQcf32YCDJfoSXeMVKkP1TBS/iKJHJyGExDr+8C11kv/5MM5BeXZWaPn53bxMNRv10+ouZoxkct+0DIuOTEzxm+pbTExX4QObta98JdvDPGXhUpTB0Jzjfu+DdX/q7CgTMOUUCIxPndsaAmw62XGt88fcoZ699XR9IkxCEjJbVEiBQW5vVFEYV4SL/u/pBPndRn7cE02bDpYXcQNG/96l5suH/57LcoQHuxBZ3FfsDP0tJZ9ktq8c4CTWl2oR6op3e7WaVdnJWtQy63RZsCB0B9lXkqMxwu1UJ39AjeGCv3yYqMRITtD7nkuNIcwcea5AhyJNYIq3cW4u97pTiyTc1UD42s6zoJvwnM9hhPjo8aMWQO5WxKq6xLqhjgCZL14lTGYD9+c1Kfbm+/8KtDUUEzA/9NUTWO4MbzcOwbdCWisuS41vw6iKuwiMyv+UOt38MrLNitPa4Etr+Rxe0o2YNstyTE50R5lACEy+3Se6mRoLs3b42Al+OJ6Mk1L5tdxS44C9hgLYL8x/51Gmpte96aurs38SW0Z62OTkslA0x4E2PEUxCacwX8XR6dru6xwWoZDiLmhCDA61rI2AN4l1h6e7boFvbYfWtwX/PrOqB+3ieca/LrU/IvXAeqeBG1nvhQIr3rkCiXbx2lAQovPHro0sgQdnU3q8+sdd29rXOly2sRQT9q6JD8a8KGmPNovo2OWu2xzGqY+IvDLIFSIOC4Wfi3cYC7DdHhmISlFaLROOyWGW6e1BD3tvdfE3YHXOxMw0MLIObMi1u1+Wb2ltjFemRgVS8U6m5wdGmcFHZ0BofikXozpqUkSynJX1QwWld/p0ZpW29/loMSoqk+myK19G0RoYUTNtDOiru2fM03Sv0Ydx72ez8WMQw7QfvkKwEZH+E7BqfDNbkW4iuhDY55RfIOxKh8TXWJNwTSK7nuERJhXhu7PS0X7OQOaQ4ZupYaFx2vjH4oEGbJtj3zKzx35VRryjDTEBOxvRuT1OU0qdtml7uhZao+pemhhAPAJAHmMWjnKf9wzcMUwcrYila+EwLRe5UGdQnJTLt0ugJTSKfSHbni/NH9bPMMiWZ2MbVDrH7KqntBgc6CNj7M604TPnfRomj6tq4CSW/qns0OEOVbsqFGgRSDKLt28EV4c9aEMSezVhkXCLjuZbNzhuAcxI0VjXqd0Cb+fg1/wjPPvE7UNBbyEaFmK+BqO5zJFA0D62SEerWNqRsAXuB8D7tvq1OzaxnBhADS9rL3QXKoNtPHQef9A/FYAUrY/ndhWW8ifShayOc4UgUcEG91W3VX3lSZ9Vp3vsu8A/mPaAGdmqojrnng6zZUr6/ZvwDSGVR5FsGzKH8YSWUidvZ+22G27tkU4SAXkEXv+4RjMrxjS/mD6iBYrjzJYtE3NKyY4YZvhkKZUUFsp0Lhl7DnJOZwikzeAGF7RrCZGO8UxhvGqPWxmJHsDaaeiBoliFf2kqfUmixsA9tBLWSQCv1Y5BA/DdpPyN3kMvxoJIKOth85wXfwNAmJmTZDgaKWNPoyBXcYh5MPTp07weIzDZxW5O/MisifPJmzV56E9oAgCkBtN6DHQirIcfBx3FoL8ZZsTLiKmQUglScJdAmQ0chIwALDaoxe8f6sf103OaqlJJUxneltnxPl4q5DlFCeJhJ3qB+F3U0Jg3ZV9KChs+bA91aP7pJgFdRMQUTHX+OqvHPUG0MEI8qNgAypEh0MbQT+Hz2h/BRlmaIeJzBNZAWP5zz9u+bWIoSQW36WUvHWLaPgPqEsrQwxkHtx3d50PzDaxV+oFImjsSBSM1PyRMG8ved6oBI8jj9QWdpNbJTu/V/stIHauOkngoABEYx07eYi4pKn1z2mRvwTwKG17CM46Jzo3c0iOGy0LT3evIcsQ48DqeFyFUzx5q8DCmV6cSBxWcxu6n6Q+vGdtMs+2mqwI+mhppV4pqcWjmJ3q8VTxsYoRThEpUk8l+5TTVl9QtmIsNSAjDkjV0E3IwzqCmYSg/wiWFc85qdq5tdgSITnKy9Sg05yF4CN1/Czp4SgBwZ19N6E/f2Mk76JYtFAOlmftz+4tZNgjB8oudxS3Ou0reVryepaLwSrsYgZsGkE3IpD8TCZDCbXiImkp3ywvqSOgcCrDRrynJBwQmjuwwGU/8euwsIz8wnWNSPkYnx4DmMXKvP+Lzq04cf0+qH6QTJbgu+l0aj5J4hL8ElKjozaEhQ7jp3b5sAemOz5iU9ugAjAs/2Q9z6Z/AmMOkjBjJ4iKqoiSami7t0TDSOABAYHHdLCieuBWLm/ITCmu0xfoPsPTbeZEvc2kk9OaAWh4+XftoEa7DgGSaUiOIUY8WOAHyCD/KtUpToJQBhUCKTjhvTEnvrKHX5PahVm2XbWteGATytuhPxM6CIVMTcrQOZs182vpw1HfAUa7Uisp+uyP/+IJ3KKA9HWGlcncrAVHmCgZMAGbUNpqYpoGHzcVpueomtgOWHarz0ERNySw6eh8jIZTMWdE2qP1V30bGRjKnzI1/ng6RTmIXZJiq24k5GKDA8YtkS+JXsKh/itk231uSJZQkiD0M4FNPKBDXMijRIyO1q3Y6Kfy1aGCgVcQkO6KVW52Cb+f7qlvvIish6FPTvVc20ci3W5esy4fSaEQNNbR/isUflayF+yjzfmvB+YKxAqQIDjzX5wCwlR6bDjhXhpXMuhYW+7JlqSd30bz9KcfwTTsBN81gBKMJVuZcHJXqd,iv:GElPxl7SZLUbC4stcDPQKkSOzb6z7y3UuK+mQfKmE+4=,tag:GVfNo/aSQBS9h5mR3gJTpA==,type:str] - known-hosts: ENC[AES256_GCM,data:A1d1BzR2ET6GLLnlZ5Jnh0TionqtwmbxIh7PUK5kEyoJ1V/EQ3aG02cJ+w4wl+kIJ2uSJDiGjoKGgNVAa7QGQIIzY6pg3NWiyD9FXG5l+HuYJD8k0s55VcK+SCgWR3H/ynC+bckGDrX0b1/VKeOJ2ysjJhkTpznEdQ/nlpuP1CcdbV42YiLbn8J8PQ5ARqnsgUIG+hsbIefJZ54FivoVe0dcp67FvQxdy0O8JdOM39rS7utpzBR+3ZCxmwy4R9arOv+jhn+QVF3jwusWQ5lIW8vHjTHD0836E6s+8iGLtsaQptYZKcb0zpK9UIDTZXrhIyvUQKDLCo77mkk0Jby8rN/oawN+PPBdutIDzBn1UMu7KjFdXft6ZcrX9lr2hpZCR8BQkak4kSipIR+xuRre7ZjfMc09gWFwGjSRc/xcZN1wiDQT6ZAyiDiiNjCJfKmdNJloHyTqETI3EtlpHG8YrludQ4V46+PjsCiDe/PyqGBPqHA57wQruTip03BymhdKgldti0+/kw==,iv:f6MAz5XmP4Unq8QYJi12r6V5xK/58qYcUjAoQoyiCZw=,tag:M9HgaopUTuoOEnJDc5PHww==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:o3lRtuBKwZPcqw==,iv:R1WI0oOfvYPF5UlgwD+TA6NtA9cmXKwO99TpLxTmHB8=,tag:D/4vDRfGZ+/+BjpSQ0+2Pg==,type:str] - credentials: ENC[AES256_GCM,data:nDTEoRQmSQfPi1UuusSv7sDsYlyNjaxWG5UWNr8BLHNjxAsgjqqtNTQDGcgM+ecEqse9eAsRa2NtpOWdjAbO661cct2677QT8y1sl5BdoJ1QI3OtnTgo,iv:otoVQ9p2mSV/8GV1pMZf0wqlacRJcGUA8U7mQNqgxog=,tag:kLnibuUt7MCGhzw4Ojl+eg==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:6L1Gak2RCQzcLPuw/DO/Kg==,iv:Edd8UzygxQPfb9K63tBBwgK++AWB1DU26pAnt5XIUyQ=,tag:3Svl9RayyA63pMmKUTcsCA==,type:str] - credentials: ENC[AES256_GCM,data:Vw2VBGWLGfc2XM8hFEr4hPPtrhxY42eHI4892gwEGfwiy3lG0zabGCmRzg==,iv:J5T7x4hvrrGDH7AXcki6BsqiSPiSGXxE10/oGUWy/5I=,tag:zPze9pXSvVi4ZXIZkdLAow==,type:str] - jaeger-config: - credentials: ENC[AES256_GCM,data:cG9s7Jx//C74xvhbHJIOF3PKT3L6zPR8NqK8v78umdWteABUsp3nncrJtoaFkN6NOA==,iv:E9TEWE1CAXiRVrzC50yej9XtuIva6qsgQzWWRfLRBwA=,tag:SrweBtEzM1Tm4lUqmikJpQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:annebXRDcg==,iv:H5ewCCJN8UjFPRHF/sAZyJ3Bv/Bi7RUhwQhWAJ38Rc8=,tag:EJmrUWRv0w34/Qx95GF28A==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ThrGxXqJL78a6vnW,iv:hRWM+75HjTgbmnhVHrbPkr4gLKRSaOAxA6EF9TGnN6Q=,tag:f/3ispfu8CHpeHZOnrDJag==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q9y6B7Of,iv:b4gPcgnA3VdiMijL8RtwjZO1IzWn3X/NcwwTmZTrHUM=,tag:K4WsF3792HH6tI3iEtuHqA==,type:str] - case-management: - cova-auth-token: ENC[AES256_GCM,data:9SBon3sUPZXYUzLSqPZEDH5tfE5l+diTW0lyLbz9W6BeRVfVIjfo9JjVNe/mwC8MWWHEekFZ7CTca5X+HyoXZnZcdNWeL1mU6bH7hdMJNG2bPCLC+P9OJcn7c8PSOSzhqfVxAwrsGGRiSbAx1GN2B/g+IhS2EJZftDGL7Pa2XPAd2h5RoQdoRikTuA8kwFALSNBxMqm2kZIHxz/DwFIGYeMedKGYiMbj0sNtp6GQn3Evuejub6WUn9yVmBDtHuhjeb66zI80ul8XAqzG/7REEPUNXWkL5i5E0mqRaP6o73RYdT1PHuzmQ8sioDEp4zCdv3HAbIJHsl5O+HZo4f8ZWbQpFiQlM/hHxnYzPA==,iv:6V1HE8Vabi8u8fLBRbz6b4L6o4u/RaNdsOBjPBTPmlQ=,tag:pERI9QCr10vGljDIb18RQw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T07:49:27Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHcvwPUwc743iLedpBfqeKhAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMido4ruuotvQeZGrKAgEQgDuprNqRcDSQlZJFafUQyZXmVhRXbSyEypkk5IxFDKb87dFTM11zRJf9ZDj6UO839lOm3xlpArxXwCLXcQ== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-06-22T14:47:53Z' - mac: ENC[AES256_GCM,data:km8CU8/oppZdcM2FSrapUM+BlRju7hp6KFUNo0EddxtWjGFqmO4wBtbdPG+fjczA4tPhtUwiGV+9JptupBMdOnj1b6xYO2ifip304fbvNhCed73I/X+yaMaF1A1OysynZRgaWp8mY/NjkJpDToyWWiuyc49qi6YS96+4gps1ZME=,iv:rsNvLMYOdfjh2iQSF/8tuaEYoBrGZ2Aojo82CdPwl/M=,tag:8Didi7HAU8ErmJsT+aGl+g==,type:str] - pgp: - - created_at: '2020-11-10T07:49:27Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAlmQqPOv/8otyz8ncSxb/6/FpK/g6s0lulXnGssnW6f2q - L0gJ4VEIMp24++AevLQL4XBCEbkPCAMiMZDWmKv/+s07r78Uy/zKgX8EWBJl+LXd - bXwCd3YCtMR6dDBcdmdSGecEuCA0UKlnJTnm7EV0d/UQfV7/krXahdMshsQA4xK+ - aWoApU5QL7dZ2ucpoByg3r7M1i1YE+ZAdLXSSTOXcOZe2g4Hj4HwOGT6TDIhqS8N - Ld25r3/OXbEJgT0WIZbIyegnU9/EFyu58gK1ZJrdhdK1Kk9J1BG9gCBQxwc+YwSg - shkMpc3MpoX6CnaP75m+HPHDBa4dNRnYz6Xw/jCu2tJeAfXmySjnI4uADQv50GAw - Rha3WroMU/GiUzkRphrc2VF6ustyASwFhiCDwmxg5lQH2q0sqDYnJinBXkFtJu1K - Tqkhe5STs+OS1Or66LMkSjTgGzffR5hAW5QmQgDCYg== - =sZ2o - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/pb-prod-v2-secrets.yaml b/deploy-as-code/helm/environments/pb-prod-v2-secrets.yaml deleted file mode 100644 index 3da3a42a2c..0000000000 --- a/deploy-as-code/helm/environments/pb-prod-v2-secrets.yaml +++ /dev/null @@ -1,125 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:dofe0mX2fyg=,iv:aqqBm89n4sa7AnopDo8HcJ0g4PC2KJSHxw5Ip40M7dU=,tag:YlazwebB7s52+aPwZcJH7g==,type:str] - password: ENC[AES256_GCM,data:zZdM/R49SDng5sKPn9qkLQ==,iv:QjLvIdKeJNJkWhszHyTB5SvI9C6RHHlf7kTSfEFu6WU=,tag:fubwDUskuKJLrR5zxJI0vg==,type:str] - flywayUsername: ENC[AES256_GCM,data:Edgud6f+RIc=,iv:qv1YnhWLx+oBSTdkT+vaLOu5E4UNBX+8MjiuYOw0XVI=,tag:DzTzg8aSSTSL7z7PS6Nc/Q==,type:str] - flywayPassword: ENC[AES256_GCM,data:3r616ZYc3J3+6/XmKpW2jw==,iv:ne+1Jkjzvm0NzTczJNzcaJP1w0F69yE4uOs4ksr3d0s=,tag:8+gI9lQo74YjtXXZBXDSow==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:Z/KgNl9lM8liSDg=,iv:hWBKDmRmiDA0fnSaIP9TVN8LbyFprZoy1Mj2R7M8ZTo=,tag:mtGCc59TpP1x4CKGFoVchA==,type:str] - password: ENC[AES256_GCM,data:UA+Z7lkJMNRapA==,iv:YJE1npLQ6DLuBVu++u62Z1A05SJiWWvYrHN0lGh3+5c=,tag:U1HxtdsTpCk3Cq/D6I1xXw==,type:str] - secure-key: ENC[AES256_GCM,data:n72ydpmJeEn69uRaTl2pdIocnXrTeFcBrP6joFVKeMXl8ioH,iv:8e61seje4oiiaMbY3HIgVt29GKfJxGrXl47Kvu4SwuU=,tag:4g6HriDc6jkP+kbydQVOaw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:1+mNpVpR0kiqDbYS/xYBZLT/DIU=,iv:ZO6zEikVzCCtmTs4LWtHDYldtoq8rYlKy4a+HtTghSA=,tag:8ozGkFEwpD+U7V/3fpB7Yg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OBiRSAyFHLA2feVqNx787NYHQ8+3X5bj5/UX0qfus7157FkfPG3mYA==,iv:s/nozhFhB1rG1btAs4L5KUhMkqMBULnNA+usdzvfhf8=,tag:NN+dyAxoGcAOjkuisZ4ypA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:8tp78/tAD0zFNvc1n8SOmf7GZ4AklizB/ln4mLFoQZzx7FJ/RvHi,iv:kUeLHk/hhf4mjnH4YOifzDj4VacBa/NvfGhzJg84cxQ=,tag:ukjz3XcAb77sktW7mgjJMA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:Ce5479/SkYAiJA==,iv:gPbLXdupYLBIbSp9PwygQKVQPwaRmlNssmTS7CPXK2s=,tag:gR1v0trqduxmFth3pAnweA==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6qzAj6lWc1PyBRM5FLd9zcwFN+BwQESCbLd6DGc1o/g=,iv:QUhlENhqWvaXrtzzd/bSmJesToWPDuXMjPDWPJ7GE9c=,tag:lbL3FvD10wImV4QGAgEgdg==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:TPNFmzPRxp9OD2d37w==,iv:xirSU2OArl6wzzpf3pZnMFJPuwKirsDiAHC3Rpaxil8=,tag:MYh7X0JusBUYbj+AbDvFxA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Wvp1zupWyBQwaXM=,iv:ChqrX562rkS+Vj44eq5wSkdTXPH0vB7EjvIagfOlT8s=,tag:jl1ZyvEUDWP8qVZtYarGbA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:VQTsTX4bWxQ=,iv:LZvkBh7r0hPxJuG0iJH9sTHnjTqIXnTujy5iHdiLl4A=,tag:KOxKYmMu031PXwb0VIrubQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:He+h9Lrg,iv:APvWm5MUHyTI58a0i+lS+rp8lYQE1J1QU4Vt6ub46NI=,tag:Atvytj5E8BDXIH0hf8wT6w==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:ixROEIUNWy0=,iv:JIuv7D3+UPxHdchHO+REj4q4mqUjpuEHXrqvvXDjFN0=,tag:d23XEZVVKkXQNUNEKmukJQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:870Netstv6y9hpF00xYTtTJQwhKwaDm9jDvJHB1yF0UX,iv:nM3f/qJFrFICSXnTVBSDI2vf/hthSwNHyJmyeJVHirg=,tag:pLiPTqwvqisTzajRx8l+vg==,type:str] - admin-password: ENC[AES256_GCM,data:pW7aBe+GDyK1rNC62Bgk,iv:UDmXJ3Hw7jZ8x6DphoSm2yMv16nCwDkIrUAAsRJdqXw=,tag:d06VlDoXNMtjXk4kpup4Gw==,type:str] - read-email: ENC[AES256_GCM,data:KjwnYE20WMBwj/Kgnex7br/3ibKoO8XQ6U9FZGowgKk=,iv:iVJISzn9nwURMxaFoKVk7LOWPXnFsn7gM6ExGwfmf8U=,tag:0CEgt2CBs+OVw8qd+TJh8Q==,type:str] - read-password: ENC[AES256_GCM,data:j0sPIixHMsdL+w3zgtE=,iv:OCaqhKn4XAtuu9h0Y2VkJ7s43ET0OjZrIFVynZmyH+M=,tag:PxSXx0jezvZfa5M/oxsx+w==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:aaMRPmlTHLGKcA==,iv:nofDLuvlZj0hx1fMC770/7CpBTQ2CNgkq1u6D6+p5BE=,tag:vu1XeenwjQrf9sPt+f6Oog==,type:str] - home-isolation-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:eHxJteMLLkK+VTTgdY78P05jI7QeSN30tgq2FBIH,iv:u0FVS68LXQNOeygC7nUlP5B5aWYc1ABsffXJ12csM1k=,tag:/GP2SKty7BEEh8k63Ir31w==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:t7Xh7JDpXfO5PugzDET0Dw==,iv:xVJmXqae3HyDAdAAyZAQPdRFiAHXnfoqe/DZGdXUfpI=,tag:7iAL45kWfERjYJNXQg6f3Q==,type:str] - #ENC[AES256_GCM,data:ICArm76pgHAxn+VDFq1gAG+o+SfTUduao6n3SMojDtiWFCgTwtck13IrUN+OyC1IBV1cM3ZuQ7SeToQ=,iv:k04rT8psgCOHt2bbYKvAz7lBECuf85/EsfHJCICm/xE=,tag:YahRYrcEeWtm0YvYCciFrg==,type:comment] - egov-enc-service: - master-password: ENC[AES256_GCM,data:SfoMcQgP6OUXN/eYHrvftw==,iv:KVCuifSXVyGVN5rK6Kz28eOFY1cfcZZ8xKssatjnQEM=,tag:qfJVVYNKVJyho9ai59+HXQ==,type:str] - master-salt: ENC[AES256_GCM,data:hJY04VDhe1w=,iv:kPEhbuR3LHQgFNPzkYVdDlQKiyLoJTGKp3tlDCpgG8Y=,tag:S+6B/vZQ+43w3I8UV3cBBQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:s6KxEunPqQeuk55D,iv:UQUoiqOXytNVvpNACV6ohAXIP9gO4GTu7P1abSL2JSk=,tag:LrqzfGKSfK0UvOawMWBKeg==,type:str] - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:6CQreaHp,iv:jM+ckjkBoXCAji6Zr3xlfOLbagH1Hku1JGHqmR+Wr2I=,tag:Fw8sXC2gk/iwNMv5blb5WQ==,type:int] - rainmaker-custom-service: - egov-encryption-key: ENC[AES256_GCM,data:ay6i4tGggnSV+mm2HdPkgDaVxlteOcVuljhvGH04cwU=,iv:4yMOiCiR/Q+n94VIiuWuFSBgQ5jXLhBzlIbEMHzLW2g=,tag:UR+GEJ4v1tAj7HUq+/X38w==,type:str] - egov-encryption-iv: ENC[AES256_GCM,data:R5cDbFwItzKbKVICAgyVOA==,iv:hz2HxWuTkaru5GLdg8/mF80aKYWe/H0tuan4OP1DjVw=,tag:mW1hm0XJiEzB9/AKDKWudA==,type:str] - egov-bnd-encryption-key: ENC[AES256_GCM,data:K/4jicVuZNZgspLaLMHksmB15nHQ6rRQZo+LwcIJUcg=,iv:uoHTVF2sv0NlaTQYyRur/j+VYYF9HpBUQWuVdeTPEio=,tag:PnaxjHPX4fv4oB+Wf12CpA==,type:str] - jwt-key: ENC[AES256_GCM,data:V52UlRDoc4I9PbWAQnKKSaC3pJSvEc8D3edSzUi7eN0K1lsaLWs7uThyStSkabralO3S/oF3gd/oxErttWIp,iv:7LoJ5BLe7+USNIGkV8+8rZAT9RluqxHehrkexUX/7xw=,tag:s4BmqciyDWGD3feO4pTeLA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:vNEADwYOemEvompuNOPZIv9AxbMXmHkfGqT2tNhTR4xfJ+zSf71eTHdffJTpRFm6HhedwljEYW4IsHxY9PJWipjZsPz2L7Q/utDomfyAibUrqyLX/K3WfnhY2BlCCOiOz5eNNAk3P2aDKmo4zOGmwRUZSnkxv7YitzLgwpI9fupfTvKpVLYAj3Eu3Dx/8TNgLxDVF0jF5OzQMOzvqYiViJm8zhcbpAT/2Z3C89wIXPlEdSn67SHJsPvwyd7Gqvg4+s7lnNvBF5Yl2shCv23AGd9QJxRTeM5PcbU3ujLcxRWtlhPiPXTYxg/6uRBO5QHk4e+GfEcSz2cJz6IJVGBQDuuR6mEuOAzlEYq8bLGeF6gp+cRAXlRHz+hvW/tGfMnMR0n4dDuUabqhDT8kP4gAXiuqVQTQh7zBK64mtPUinBGR4aMozXZFDBZapMM+B8flXS/vrWuFELbmzl0ZpnLPPxrx/L4rYhrBwhcuKuhTfH7Zun88t4r9b/1st4vI4d7n/YjGx1MwDRnn2F7uN15WSpQ9Y1zkmGBYQegMXcZSVbKA8RQ8Pb67JFtvA5xcwZYt3ixKSdu6Wg15aeyNSFLMNZ9E+YR1wnnMfIzb3NGTCLZFTk9+U19QzIxDWYIhotkCqAjYNRYqWgfRDMkXIxZCHcIVMm22x0yMVdZcohMWL3VjtoFCmpV2IUIyFdouXP5sh0LEaExswzfW4oyHLgjpUFrBwOjQeSAisCqFbdRmFQKIL3JAKTJY9cU8sae1BZ/rEduiFlUvYrYc6p6TO2cIZ/FPnnYLLxv09+Nge6iFjMxnafJ56yDpnUR9nt1XDj6R4+ZYp7ZmxJqLozaXMJ4yblyuoSnbOMpptaHbiOqsEk6FogYI+7oMFAi/2ZfQj9fo6+TcUWBk2iSagMDGOXU1dTXFmhnJiJA2fB9+cfaY/uqz4D0OmgAEegCP+hB3vKz3MAnp9XIVYys/rDRLEhNzkxTIFlV1SN0Z+MktXV4jvUidKoPnDI9OwH3Q1EdVpAJ5wYURt045v0PcCicAAFxqteGetMOxsgyeHdVutyXNpUTcVgKQ2ISyX2FLySzPdZ/3NbZZ0TuIitWPuNT3eV6UVpA2v6cCeaOE9/HQmsmH+I/izB9cJxHGsnyBU7Vl6yFqwT+8J+FKVyeG4iFwR7IR/e3K8YDkJgNAMncrT1aBK+viRbVHDurCBXZ1c4CFv6OVNOjAlqCwEmNudvu9VVgAt1T6HeorCK8uP/IeMaRsEsD5wwuGIEyIb1TeDEkbk9egdyQbMnPFxeTs1NocA4n3MobJKWKXlM+FG4jnt2nZoger3k7JsH7PhppvhJAIgVV4c3Yr4LDmOmTXdGHabkxWs+6IsuJHQkEExAerPPndsfbcBVhRF2kvVEMf8WrzYFusGXuNlabDV3m/uqbFZ2Sm/O1dnpBIK3Fd3prAGoRSrQamguXUD1swflr02+KH1NeE4co3BQhTaWFEv3ZbVstojLKprwd6NYRefqKGVflM1Bufj6dPN9NcNld6ZIqAduWQLeI5SBvkMEvwlThxR9Vo77nIEIpTwGxZjUaOLjzJ6mAn9cEpAQLgV5NL/nGQcf32YCDJfoSXeMVKkP1TBS/iKJHJyGExDr+8C11kv/5MM5BeXZWaPn53bxMNRv10+ouZoxkct+0DIuOTEzxm+pbTExX4QObta98JdvDPGXhUpTB0Jzjfu+DdX/q7CgTMOUUCIxPndsaAmw62XGt88fcoZ699XR9IkxCEjJbVEiBQW5vVFEYV4SL/u/pBPndRn7cE02bDpYXcQNG/96l5suH/57LcoQHuxBZ3FfsDP0tJZ9ktq8c4CTWl2oR6op3e7WaVdnJWtQy63RZsCB0B9lXkqMxwu1UJ39AjeGCv3yYqMRITtD7nkuNIcwcea5AhyJNYIq3cW4u97pTiyTc1UD42s6zoJvwnM9hhPjo8aMWQO5WxKq6xLqhjgCZL14lTGYD9+c1Kfbm+/8KtDUUEzA/9NUTWO4MbzcOwbdCWisuS41vw6iKuwiMyv+UOt38MrLNitPa4Etr+Rxe0o2YNstyTE50R5lACEy+3Se6mRoLs3b42Al+OJ6Mk1L5tdxS44C9hgLYL8x/51Gmpte96aurs38SW0Z62OTkslA0x4E2PEUxCacwX8XR6dru6xwWoZDiLmhCDA61rI2AN4l1h6e7boFvbYfWtwX/PrOqB+3ieca/LrU/IvXAeqeBG1nvhQIr3rkCiXbx2lAQovPHro0sgQdnU3q8+sdd29rXOly2sRQT9q6JD8a8KGmPNovo2OWu2xzGqY+IvDLIFSIOC4Wfi3cYC7DdHhmISlFaLROOyWGW6e1BD3tvdfE3YHXOxMw0MLIObMi1u1+Wb2ltjFemRgVS8U6m5wdGmcFHZ0BofikXozpqUkSynJX1QwWld/p0ZpW29/loMSoqk+myK19G0RoYUTNtDOiru2fM03Sv0Ydx72ez8WMQw7QfvkKwEZH+E7BqfDNbkW4iuhDY55RfIOxKh8TXWJNwTSK7nuERJhXhu7PS0X7OQOaQ4ZupYaFx2vjH4oEGbJtj3zKzx35VRryjDTEBOxvRuT1OU0qdtml7uhZao+pemhhAPAJAHmMWjnKf9wzcMUwcrYila+EwLRe5UGdQnJTLt0ugJTSKfSHbni/NH9bPMMiWZ2MbVDrH7KqntBgc6CNj7M604TPnfRomj6tq4CSW/qns0OEOVbsqFGgRSDKLt28EV4c9aEMSezVhkXCLjuZbNzhuAcxI0VjXqd0Cb+fg1/wjPPvE7UNBbyEaFmK+BqO5zJFA0D62SEerWNqRsAXuB8D7tvq1OzaxnBhADS9rL3QXKoNtPHQef9A/FYAUrY/ndhWW8ifShayOc4UgUcEG91W3VX3lSZ9Vp3vsu8A/mPaAGdmqojrnng6zZUr6/ZvwDSGVR5FsGzKH8YSWUidvZ+22G27tkU4SAXkEXv+4RjMrxjS/mD6iBYrjzJYtE3NKyY4YZvhkKZUUFsp0Lhl7DnJOZwikzeAGF7RrCZGO8UxhvGqPWxmJHsDaaeiBoliFf2kqfUmixsA9tBLWSQCv1Y5BA/DdpPyN3kMvxoJIKOth85wXfwNAmJmTZDgaKWNPoyBXcYh5MPTp07weIzDZxW5O/MisifPJmzV56E9oAgCkBtN6DHQirIcfBx3FoL8ZZsTLiKmQUglScJdAmQ0chIwALDaoxe8f6sf103OaqlJJUxneltnxPl4q5DlFCeJhJ3qB+F3U0Jg3ZV9KChs+bA91aP7pJgFdRMQUTHX+OqvHPUG0MEI8qNgAypEh0MbQT+Hz2h/BRlmaIeJzBNZAWP5zz9u+bWIoSQW36WUvHWLaPgPqEsrQwxkHtx3d50PzDaxV+oFImjsSBSM1PyRMG8ved6oBI8jj9QWdpNbJTu/V/stIHauOkngoABEYx07eYi4pKn1z2mRvwTwKG17CM46Jzo3c0iOGy0LT3evIcsQ48DqeFyFUzx5q8DCmV6cSBxWcxu6n6Q+vGdtMs+2mqwI+mhppV4pqcWjmJ3q8VTxsYoRThEpUk8l+5TTVl9QtmIsNSAjDkjV0E3IwzqCmYSg/wiWFc85qdq5tdgSITnKy9Sg05yF4CN1/Czp4SgBwZ19N6E/f2Mk76JYtFAOlmftz+4tZNgjB8oudxS3Ou0reVryepaLwSrsYgZsGkE3IpD8TCZDCbXiImkp3ywvqSOgcCrDRrynJBwQmjuwwGU/8euwsIz8wnWNSPkYnx4DmMXKvP+Lzq04cf0+qH6QTJbgu+l0aj5J4hL8ElKjozaEhQ7jp3b5sAemOz5iU9ugAjAs/2Q9z6Z/AmMOkjBjJ4iKqoiSami7t0TDSOABAYHHdLCieuBWLm/ITCmu0xfoPsPTbeZEvc2kk9OaAWh4+XftoEa7DgGSaUiOIUY8WOAHyCD/KtUpToJQBhUCKTjhvTEnvrKHX5PahVm2XbWteGATytuhPxM6CIVMTcrQOZs182vpw1HfAUa7Uisp+uyP/+IJ3KKA9HWGlcncrAVHmCgZMAGbUNpqYpoGHzcVpueomtgOWHarz0ERNySw6eh8jIZTMWdE2qP1V30bGRjKnzI1/ng6RTmIXZJiq24k5GKDA8YtkS+JXsKh/itk231uSJZQkiD0M4FNPKBDXMijRIyO1q3Y6Kfy1aGCgVcQkO6KVW52Cb+f7qlvvIish6FPTvVc20ci3W5esy4fSaEQNNbR/isUflayF+yjzfmvB+YKxAqQIDjzX5wCwlR6bDjhXhpXMuhYW+7JlqSd30bz9KcfwTTsBN81gBKMJVuZcHJXqd,iv:GElPxl7SZLUbC4stcDPQKkSOzb6z7y3UuK+mQfKmE+4=,tag:GVfNo/aSQBS9h5mR3gJTpA==,type:str] - known-hosts: ENC[AES256_GCM,data:A1d1BzR2ET6GLLnlZ5Jnh0TionqtwmbxIh7PUK5kEyoJ1V/EQ3aG02cJ+w4wl+kIJ2uSJDiGjoKGgNVAa7QGQIIzY6pg3NWiyD9FXG5l+HuYJD8k0s55VcK+SCgWR3H/ynC+bckGDrX0b1/VKeOJ2ysjJhkTpznEdQ/nlpuP1CcdbV42YiLbn8J8PQ5ARqnsgUIG+hsbIefJZ54FivoVe0dcp67FvQxdy0O8JdOM39rS7utpzBR+3ZCxmwy4R9arOv+jhn+QVF3jwusWQ5lIW8vHjTHD0836E6s+8iGLtsaQptYZKcb0zpK9UIDTZXrhIyvUQKDLCo77mkk0Jby8rN/oawN+PPBdutIDzBn1UMu7KjFdXft6ZcrX9lr2hpZCR8BQkak4kSipIR+xuRre7ZjfMc09gWFwGjSRc/xcZN1wiDQT6ZAyiDiiNjCJfKmdNJloHyTqETI3EtlpHG8YrludQ4V46+PjsCiDe/PyqGBPqHA57wQruTip03BymhdKgldti0+/kw==,iv:f6MAz5XmP4Unq8QYJi12r6V5xK/58qYcUjAoQoyiCZw=,tag:M9HgaopUTuoOEnJDc5PHww==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:o3lRtuBKwZPcqw==,iv:R1WI0oOfvYPF5UlgwD+TA6NtA9cmXKwO99TpLxTmHB8=,tag:D/4vDRfGZ+/+BjpSQ0+2Pg==,type:str] - credentials: ENC[AES256_GCM,data:nDTEoRQmSQfPi1UuusSv7sDsYlyNjaxWG5UWNr8BLHNjxAsgjqqtNTQDGcgM+ecEqse9eAsRa2NtpOWdjAbO661cct2677QT8y1sl5BdoJ1QI3OtnTgo,iv:otoVQ9p2mSV/8GV1pMZf0wqlacRJcGUA8U7mQNqgxog=,tag:kLnibuUt7MCGhzw4Ojl+eg==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:6L1Gak2RCQzcLPuw/DO/Kg==,iv:Edd8UzygxQPfb9K63tBBwgK++AWB1DU26pAnt5XIUyQ=,tag:3Svl9RayyA63pMmKUTcsCA==,type:str] - credentials: ENC[AES256_GCM,data:Vw2VBGWLGfc2XM8hFEr4hPPtrhxY42eHI4892gwEGfwiy3lG0zabGCmRzg==,iv:J5T7x4hvrrGDH7AXcki6BsqiSPiSGXxE10/oGUWy/5I=,tag:zPze9pXSvVi4ZXIZkdLAow==,type:str] - jaeger-config: - credentials: ENC[AES256_GCM,data:cG9s7Jx//C74xvhbHJIOF3PKT3L6zPR8NqK8v78umdWteABUsp3nncrJtoaFkN6NOA==,iv:E9TEWE1CAXiRVrzC50yej9XtuIva6qsgQzWWRfLRBwA=,tag:SrweBtEzM1Tm4lUqmikJpQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:annebXRDcg==,iv:H5ewCCJN8UjFPRHF/sAZyJ3Bv/Bi7RUhwQhWAJ38Rc8=,tag:EJmrUWRv0w34/Qx95GF28A==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ThrGxXqJL78a6vnW,iv:hRWM+75HjTgbmnhVHrbPkr4gLKRSaOAxA6EF9TGnN6Q=,tag:f/3ispfu8CHpeHZOnrDJag==,type:str] - covid-chatbot: - valuefirst-username: ENC[AES256_GCM,data:aoz7NJXg5KLn,iv:fRwwO48P1uyli51jNBHOvG2syfG1g3lHzaT1h693YuY=,tag:TSwYtet2lRtjEZiPhKxq5g==,type:str] - valuefirst-password: ENC[AES256_GCM,data:fXzFIxbp/Z7F,iv:qH1X3Bg4hG+AhfCtkgLf22fDOVO1wQH3QxsMl2ZQmIE=,tag:v9Vjhx+IG0QGjiKqx77CIg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q9y6B7Of,iv:b4gPcgnA3VdiMijL8RtwjZO1IzWn3X/NcwwTmZTrHUM=,tag:K4WsF3792HH6tI3iEtuHqA==,type:str] - case-management: - cova-auth-token: ENC[AES256_GCM,data:9SBon3sUPZXYUzLSqPZEDH5tfE5l+diTW0lyLbz9W6BeRVfVIjfo9JjVNe/mwC8MWWHEekFZ7CTca5X+HyoXZnZcdNWeL1mU6bH7hdMJNG2bPCLC+P9OJcn7c8PSOSzhqfVxAwrsGGRiSbAx1GN2B/g+IhS2EJZftDGL7Pa2XPAd2h5RoQdoRikTuA8kwFALSNBxMqm2kZIHxz/DwFIGYeMedKGYiMbj0sNtp6GQn3Evuejub6WUn9yVmBDtHuhjeb66zI80ul8XAqzG/7REEPUNXWkL5i5E0mqRaP6o73RYdT1PHuzmQ8sioDEp4zCdv3HAbIJHsl5O+HZo4f8ZWbQpFiQlM/hHxnYzPA==,iv:6V1HE8Vabi8u8fLBRbz6b4L6o4u/RaNdsOBjPBTPmlQ=,tag:pERI9QCr10vGljDIb18RQw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:6TT5W7e006zqDY7/JinTsXuB1X0=,iv:fLa704faTkBwBk6h0h2qCZ0ToUI6JYNb7thgYuwM/ZI=,tag:LJbJifv0TvdBGtYibQvqVg==,type:str] - clientSecret: ENC[AES256_GCM,data:GCLrk0+qbQuP/NwcI6zWzbn99MxONSjZ05ZvxTYUTUgfHOvEHig93g==,iv:bz4t+cDHBxAVevQk1gPHf6iiR6YZGdiFVncKZEbCuIo=,tag:H8qTF7zDxYO3U3iDeDm4KQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:wlPNpYwRGaDmiInZpKAqbalU3dcGlE5NFNdx+t7clvsULRa3JpxF10uuSUk=,iv:xOnI3RDyoRGkVxLEpQMN6SeMO1nt9TgaTgB1UsATq84=,tag:KCh8GJEjl+T2Cvk/EtLapw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:kQY=,iv:mUqs0BkxbpLkQ7GF86MgAn6D26K0FJ2WLIqtTN2pub8=,tag:BIPjqrSFjBeCi/vsFUCRFQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:qp/W6BM3j6dp/ZeA/dEo6P7R8A==,iv:g41E1e+xEXZEuFcKoVKbHHzdh81Qs2cKzPUTY2+9RlY=,tag:xIzF8Xo9nRBTM6bCepfHUA==,type:str] - group_by: - - ENC[AES256_GCM,data:xtKOw9MA8lAV,iv:jtdA+sze4dQDv7oG7nZ/ERJ9h9NuQil/mcRZTnmQsb4=,tag:qZrParL9tRs0hWMVbXhE4A==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:ujZrM3WtpTFGvG92184DVPsGWA==,iv:af30u8m7wdNDReFFETTm/8I+dEjwEF3BLDKi3FTLztU=,tag:Re6nP68ntH2I5hIk4UOsBw==,type:str] - match: - alertname: ENC[AES256_GCM,data:eO2LhrI8kao=,iv:a1+XGoSQkaC0helatIfFAIb1zb4MEwlgmyFo7vlFlQc=,tag:v3Rca15lQccSLzT+cVcLWQ==,type:str] - group_wait: ENC[AES256_GCM,data:v2Cw,iv:dC8y2unzdll+00Kc4LjC/3Lg/hfvTpRYOQjK8m8hYVM=,tag:wVJ9YZWRKEFQJLQlIyrWDA==,type:str] - group_interval: ENC[AES256_GCM,data:08g=,iv:3G5+r6gDd1w+0+aole0+rNUwEAfTN1s8W7e/H5pUNuk=,tag:Jgi9H+RLtbRHWPaEAHWI5w==,type:str] - repeat_interval: ENC[AES256_GCM,data:3I4=,iv:+h2dVpBbYyHGv4a9QQRiH9vMio9GIURfeRqEFtKj6Dw=,tag:UrOlcwcRXPsXOFRu9iGvSg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:1dTmHmcui1vjIhxwyJIJpUvLJw==,iv:e53EjjjQXxxC2i9pcbNv6vfVpAxolc0YbvSIVUOaJW8=,tag:ywpRON8Av6/mEqCOJgKk0w==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:IB5oXQ==,iv:DyWD76tPz8Pzz6IjjHtbxbb1/fhS/gRVpw3BK4vYWqU=,tag:ME7+hbTU0qFtsNVsG0eAiA==,type:bool] - api_url: ENC[AES256_GCM,data:yNU2EDy+9e0s8YkoKPZxGEswB4C8PazmlS4g37vJO70KnoGTi0AtDDVhYSBVikODuS/7fjgVG5pYkJLW1u3o3gY4ZO92wAduvpfrd5AMyw==,iv:LGLkUMGU2FOdZeLKOyPdW1mFZqDyAL3tTTUW84YUe6c=,tag:vzRedsuqYtOy38hTI5YIaQ==,type:str] - channel: ENC[AES256_GCM,data:sbPkZhT+8U65qzC2+MDe,iv:Fk0tsQSyZsRvbJeSrSX1N1hgITYeiWPmr465dFUF9i0=,tag:09w/pIVfuljq5MYD/GVeeQ==,type:str] - username: ENC[AES256_GCM,data:80a1qol9quolyPUj,iv:WuqOmU4g7CwXsmwJ4bkyXk38HPpbXwL3Gm7/xjaa4uU=,tag:1dJ7a5e/52TKfULbJ7YZaw==,type:str] - title: ENC[AES256_GCM,data:3LeWMEVIuBDVkvtLjEzJYJGFzDcBh9L02tSVsddFSza+yBhUgtc=,iv:5UiU/4LAZTcliE2PfoyZEWUZ09x6qcdckcRr+gQkxKA=,tag:aDduk7QTFWVz90Afo6ZoAg==,type:str] - text: ENC[AES256_GCM,data:QzvO26G9T2kyWUZB5SA9Ulfoymx7Ad1ispOb3/OTNcc2BUTbVA==,iv:Yll2znFYHXC4n8EX0EkOVtkSABBSflZLjbN5u/+UGr8=,tag:aAaJGWG0zfSexr3/hAYcdA==,type:str] - templates: - - ENC[AES256_GCM,data:FcQXk+5JpDBhmfWXikaXrDUad5uJrv6FVIbicwUc2SlfMbiOBFOoQeowjDYopo04nhHcbD89yI6qfZaKbx5NjD/7vTQPtSU=,iv:C47VgmmTWIjTOp8+CYTeE32bD+O1YA3X5SPCHYkBMxk=,tag:kMHQTge+I0lk5gGnhTeyCw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T07:49:45Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGJn6grXmJjHe6QI8j5JoOVAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMHBnabaKntih23HqvAgEQgDtioNFi4IBg9vJX79AqSKio0XMOBnu+IaYJmyFMlyGc664xODPKe48CpZiua5qmMIVi2tjRvQB2SWRxIg== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - lastmodified: '2021-05-16T14:05:28Z' - mac: ENC[AES256_GCM,data:V0unUoYCK3V0JbS51X6VLxGS3HIM/WgM5aVDpYy+DIKHHVxepYp3qPEAfN+pg5P3XNSY7smvLblL+En+bHHiRD1NOuMZaZNfT1KT4rPE4HJwtqCdp3FP9RWyc23HSEvn+AVfxRh0avTFrBPBFfK+K7HSMCnwbgLY5jWffUND6oE=,iv:Ol9ugYM63+5Lo6VAA8gBhCwxdcOrkjl1irTNCnx4jqo=,tag:tne8Bu8K5Ti0iAhjH/F0kg==,type:str] - pgp: - - created_at: '2020-11-10T07:49:45Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/SuLC5sefGwiMcZhtP9j5aTVjkct9J1F7cOC5FMmklHJe - wbYlM+HYuNhzGJXJ0JV2A0ndKqPKyHsMb7bQyfcWDhI7/XqmHP1b6vTjGQPrphIR - +WBSm6KObpVTQLTFr6IMMHnFwUn0mURuzu2Ure8dpRdphynhJH9gk/4XlwECdJfK - ROrteqz6BGcO7RHTFl/nOk26TclBkBcRgHEcCBEJLpkNvWjtrefG+hk2RXrlf99I - Svh+nA7ep/QnBw3DOAeg2dXE4CzgKmoRX4EL8NkZ2BOhozBQwfj7xzVgB9fBOwjj - shLtV/w08nzx/iu6AepqP+kKbdgdU4nn7CUe2+Jks9JeAdmcs4eEQcvQF2euR2ZV - IjyXQJ90R6jko8RrVpsEAQmYWmnCAZXlAP6FABJmpleC3/JJDTEA50A7KiPJddng - IM0bbnlwABWJumeRxWfBqPvk8iMolNmqxHgF+Zyf+w== - =miFQ - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.6.1 diff --git a/deploy-as-code/helm/environments/pb-prod-v2.yaml b/deploy-as-code/helm/environments/pb-prod-v2.yaml deleted file mode 100644 index 4ffa4bc201..0000000000 --- a/deploy-as-code/helm/environments/pb-prod-v2.yaml +++ /dev/null @@ -1,1343 +0,0 @@ -global: - domain: mseva.lgpunjab.gov.in -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, es-cluster-infra ] - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, es-cluster-infra ] - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-read-url: "jdbc:postgresql://pb-prod-v2-db-new-rr.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - erp-db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/finance_egov_prod_db" - db-host: "pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - server-tomcat-max-threads-medium: "20" - server-tomcat-max-connections-medium: "1500" - server-tomcat-max-threads-high: "350" - server-tomcat-max-connections-high: "2000" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://mseva.lgpunjab.gov.in/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "mseva.lgpunjab.gov.in" - tracer-errors-provideexceptionindetails: "true" - s3-asset-bucket: "pb-egov-assets" - egov-state-level-tenant-id: "pb" - timezone: "Asia/Kolkata" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - pt-integration: "https://stvending.punjab.gov.in/" - zuul: "http://zuul:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - pdf-service: "http://pdf-service.egov:8080/" - property-services: "http://property-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - es-client: http://elasticsearch-data-v1.es-cluster:9200 - es-client-infra: http://elasticsearch-data-infra-v1.es-cluster-infra:9200 - egov-user-chatbot: "http://egov-user-chatbot:8080/" - case-management: "http://case-management.egov:8080/" - home-isolation-chatbot: "http://home-isolation-chatbot.egov:8080/" - egov-user-enc: "http://egov-user-enc.egov:8080/" - - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 3 - memory_limits: 512Mi - resources: | - limits: - cpu: 500m - memory: 600Mi - requests: - cpu: 500m - memory: 600Mi - heap: "-Xmx400m -Xms400m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx376m -Xms376m" - -egov-common-masters: - replicas: 2 - -egov-filestore: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - volume: /opt/eGov/filestore - healthChecks: - enabled: false - livenessProbePath: "/filestore/health" - readinessProbePath: "/filestore/health" - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-filestore-prod # Only got UAT - server-tomcat-max-threads: "30" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-localization: - replicas: 3 - heap: "-Xmx850m -Xms850m" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - resources: | - limits: - memory: 1280Mi - requests: - memory: 1Gi - -egov-location: - replicas: 3 - memory_limits: 512Mi - heap: "-Xmx356m -Xms356m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "1500" - -egov-notification-sms: - sms-provider-url: "https://smsgw.sms.gov.in/failsafe/HttpLink" - sms-sender: "PBGOVT" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - java-args: "-Dspring.profiles.active=production" - sms-enabled: "true" - sms-sender-req-param-name: "signature" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "pin" - sms-destination-mobile-req-param-name: "mnumber" - sms-message-req-param-name: "message" - sms-extra-req-params: "" - -egov-otp: - replicas: 2 - -egov-user: - replicas: 5 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "768696" - citizen-otp-fixed-enabled: "true" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - tracing-enabled: "true" - account-unlock-cool-down-period-minutes: 5 - -tenant: - replicas: 2 - -egov-idgen: - replicas: 2 - heap: "-Xmx376m -Xms376m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2000" - spring-datasource-tomcat-max-active: "30" - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -chatbot: - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918750975975" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918750975975" - valuefirst-notification-assigned-templateid: "195265" - valuefirst-notification-resolved-templateid: "195267" - valuefirst-notification-rejected-templateid: "195269" - valuefirst-notification-reassigned-templateid: "195271" - valuefirst-notification-commented-templateid: "195273" - valuefirst-notification-welcome-templateid: "196937" - valuefirst-notification-root-templateid: "196939" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - # Allow connections from this IP source range only - ingress: - ip-whitelist: "203.212.70.58/32,203.212.68.238/32,203.212.70.15/32,103.229.250.170/32,203.212.70.19/32" - test-data-cleanup-enabled: "true" - -covid-chatbot: - replicas: 2 - db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/covadbprod" - db-host: "pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "covadbprod" - whatsapp-provider: "ValueFirst" - valuefirst-whatsapp-number: "918744060444" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - valuefirst-welcome-message-templateid: "3459715" - cova-bearer-token: "Bearer eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMjMiLCJ0cyI6IjU4IiwiZXhwIjoxNjM1OTI2OTEzLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjYzODg0IiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo2Mzg4NCJ9.ovY-mtV3vU005bvYT5SCZwyVPAx-tgRw8TxDdIucPn0" - cova-auth-token: "f77762bfd1a69c37227d9206c3c40c50c686f485" - # Allow connections from this IP source range only - ingress: - ip-whitelist: "0.0.0.0/0" - -egov-mdms-service: - replicas: 3 - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - mdms-path: "/work-dir/punjab-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-mdms-data" - branch: "PROD_V2" - mdms-folder: "punjab-mdms-data" - masters-config-url: "file:///work-dir/punjab-mdms-data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - server-tomcat-max-threads: "500" - server-tomcat-max-connections: "10000" - -egov-indexer: - replicas: 2 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: "1408Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - egov-indexer-yaml-repo-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/finance-rolloutadoption-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-services-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/sewerage-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/error-queue.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-firenoc-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer-migration.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services-migration-temp.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/covid-chatbot-telemetry.yaml" - -egov-workflow-v2: - replicas: 3 - memory_limits: 756Mi - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - wf-max-limit: "10000" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/apportion-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-registry.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-generator.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egf-bill.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-bill-scheduler.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-bill-scheduler.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -egov-searcher: - replicas: 2 - heap: "-Xmx768m -Xms768m -XX:TieredStopAtLevel=1" - memory_limits: 1024Mi - search-yaml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/localitySearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -egov-data-uploader: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/punjab-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - replicas: 2 - axis: "true" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - payu-url: "secure.payu.in" - payu-url-status: "info.payu.in" - -egov-url-shortening: - replicas: 2 - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -telemetry: - replicas: 2 - images: - - egovio/telemetry - -egov-telemetry-kafka-streams: -replicas: 2 -images: - - egovio/egov-telemetry-kafka-streams - -egov-telemetry-batch-process: - replicas: 2 - date: "" - schedule: "30 19 * * *" #GMT 07:30PM - IST 01:00 AM every day - -egov-custom-consumer: - replicas: 2 - erp-host: "https://mohali-prod.lgpunjab.gov.in/" - -egov-weekly-impact-notifier: - mail-to-address: "egov-impact-emailer@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Punjab Weekly emailer" - cron: - schedule: "00 03 * * 5" #GMT 3AM - IST 08:30 AM every Friday - - -egov-apportion-service: - replicas: 2 - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - -case-management: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - attachment-case-admin-filestoreid: "9e125764-91f3-4324-90fe-f1e524acc69d" - isolation-health-report-collection-time: 7PM - sms-create-case-template: "Dear Citizen,\nPlease click on the below link and start reporting your health status for today over WhatsApp.\nLink: https://wa.me/918750975975?text=mSeva" - cova-fetch-url: https://covaprod.punjab.gov.in/api/cova/citizen/services/v1/fetch-health-record - cova-create-health-record-url: https://covaprod.punjab.gov.in/api/cova/citizen/services/v1/insert-blo-data - -data-upload: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/data-upload/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -mailbot: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/mailbot/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -home-isolation-chatbot: - consumer-group-id-prefix: home-isolation- - topic-name-prefix: home-isolation- - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918750975975" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918750975975" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" - # Allow connections from this IP source range only - ingress: - ip-whitelist: "203.212.70.58/32,203.212.68.238/32" - test-data-cleanup-enabled: "true" - -egov-user-enc: - replicas: 2 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - java-args: "-Dspring.profiles.active=production" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - account-unlock-cool-down-period-minutes: 5 - db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" - -pdf-service: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - data-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json" - format-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# demand >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -demand-services: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 2 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 3 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/PROD_V2/configs/egov-zuul/pre-hook.json" - posthook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/PROD_V2/configs/egov-zuul/post-hook.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - heap: "-Xmx1280m -Xms1280m -XX:TieredStopAtLevel=1" - server-tomcat-max-connections: "2500" - memory_limits: 1536Mi - resources: | - limits: - cpu: 500m - memory: 1536Mi - requests: - cpu: 500m - memory: 1536Mi - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "2500" - zuul-host-connect-timeout-millis: "30000" - zuul-host-socket-timeout-millis: "80000" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/citizen/_create,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/filestore/v1/files/url,/egov-mdms-service/v1/_get,/egov-url-shortening,/whatsapp-webhook/messages,/egov-location/location/v11/boundarys/_search" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/ws-services/wc/_search,/sw-services/swc/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/collection-services/payments/PT/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search" - eventlog-enabled: "true" - EVENTLOG_TOPIC: "zuul-event-log" - eventlog-urls-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - home-isolation-chatbot-router-enabled: true - - # DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -dashboard-ingest: - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -nginx-ingress: - replicas: 2 - images: - - egovio/nginx-ingress-controller:0.26.1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-v2-20201001.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - replicas: 2 - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -employee-mcs: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -rainmaker-custom-service: - replicas: 2 - db-host: "pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - pt-zero-tenants: "pb.zirakpur,pb.kharar,pb.ropar,pb.jalandhar" - pt-integration-tenants: "pb.phagwara,pb.amritsar,pb.jagraon,pb.mohali" - egov-bnd-login-url: "http://13.71.85.9/LoginByPass/TokenGeneration" - egov-bnd-redirect-url: "http://13.71.85.9/LoginBypass/Index?healthID=" - debug-mode: "true" - node-env: "production" - -employee-tradelicence: - SUBFILTER: "YES" - TL_ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/tl-uat-ulb-override.js" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 2 - heap: "-Xmx856m -Xms856m" - tracing-enabled: "true" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "100" - java-args: "-Dspring.profiles.active=production" - spring-datasource-tomcat-max-active: 10 - report-locationsfile-path: "file:///work-dir/punjab-rainmaker-customization/configs/reports/report.config" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -egov-notification-mail: - username: "egov-micro.services@egovernments.org" - - -pt-services-v2: - replicas: 2 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - pt-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - -property-services: - replicas: 4 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "756Mi" - server-tomcat-max-threads: "15" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "15" - egov-idgen-ack-format: "AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-mutation-format: "MT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - egov-idgen-ptid-format: "PT-[CITY.CODE]-[SEQ_EG_PT_PTID]" - -pt-calculator-v2: - replicas: 2 - logging-level: "DEBUG" - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1" - memory_limits: "1Gi" - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - JAVA_ENABLE_DEBUG: "true" - CUSTOM_PB_ZERO_ASSESSMENT: "true" - CUSTOM_PB_ZERO_ASSESSMENTYEAR: "2014-15" - CUSTOM_PB_ZERO_ASSESSMENT_TENANTID: "pb.testing.zero" - unbuiltarea-prorated: "true" - custom-pb-firecess-logic: "true" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - tracing-enabled: "true" - - -tl-services: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - memory_limits: 384Mi - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: "100" - - -tl-calculator: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# Collections >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - replicas: 3 - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - receiptnumber-servicebased: "true" - search-ignore-status: "Cancelled,Rejected" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - server-tomcat-max-threads: "25" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -ws-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -ws-calculator: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - -sw-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -sw-calculator: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -finance-collections-voucher-consumer: - erp-env-name: "prod" - erp-domain-name: "lgpunjab.gov.in" - token-authorization-key: "Basic ZWdvdi11c2VyLWNsaWVudDplZ292LXVzZXItc2VjcmV0" - -egov-finance: - filestore_beanname: microDiskFileStoreService - rollout_dashboard_cron_expression: 0 0 6,14 ? * * - token_authorization_key: "Basic ZWdvdi11c2VyLWNsaWVudDplZ292LXVzZXItc2VjcmV0" - -egf-master: - replicas: 2 - db-url: "jdbc:postgresql://pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -egf-instrument: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: "512Mi" - -egov-hrms: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - employee-applink: "https://mseva.lgpunjab.gov.in/employee/user/login" - tracing-enabled: "true" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 1.0 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 1.0 - } - } - - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:v2 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "pb-prod-v2-db-new.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovprod" - db-read-username: "pbprod_readonly" - port: "5432" - env: "PBPROD_V2" - maintenance-db-name: "egov_prod_db" - -egov-enc-service: - replicas: 3 - state-level-tenant-id: "pb" - resources: | - limits: - cpu: 300m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "100Gi" - persistence: - enabled: true - aws: - - volumeId: "vol-07570b371125d0b99" - zone: ap-south-1a - - volumeId: "vol-04e5445c934f26e47" - zone: ap-south-1a - - volumeId: "vol-0169fffd3d7503adb" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - persistence: - enabled: true - aws: - - volumeId: "vol-0892f7ddd8087abae" - zone: ap-south-1a - - volumeId: "vol-0ac54994097ec02e3" - zone: ap-south-1a - - volumeId: "vol-08ac704a8ef3ea861" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - persistence: - enabled: true - aws: - - volumeId: "vol-076b5d24d1964430b" - zone: ap-south-1a - - volumeId: "vol-0acc966c99019dd27" - zone: ap-south-1a - - volumeId: "vol-0e8c256d596a6b9b0" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0aa49c70c4d3c7eae" - zone: ap-south-1a - - volumeId: "vol-08b91413ec549b355" - zone: ap-south-1a - - volumeId: "vol-065833b2aa938c276" - zone: ap-south-1a - -elasticsearch-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-020156e0370b8188b" - zone: ap-south-1a - - volumeId: "vol-04e5257a9cae368f1" - zone: ap-south-1a - - volumeId: "vol-0822a0681c7cd61b5" - zone: ap-south-1a - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-infra-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-infra-v1: - replicas: 3 - storage-size: 100Gi - images: - - egovio/elasticsearch-v1:6.4.2 - persistence: - enabled: true - aws: - - volumeId: "vol-047d4978f8d258cf6" - zone: ap-south-1a - - volumeId: "vol-01e99dac31a97cc9a" - zone: ap-south-1a - - volumeId: "vol-031ce36226fb9bd62" - zone: ap-south-1a - -elasticsearch-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - -elasticsearch-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-065d6260634eba2eb" - zone: ap-south-1a - - volumeId: "vol-0db78b9428d5f8a62" - zone: ap-south-1a - - volumeId: "vol-06b6a57a9196c3efa" - zone: ap-south-1a - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "pb-prod,pb-uat,devops" - upstreams = [ "file:///dev/null" ] - -prometheus-operator: - prometheus: - prometheusSpec: - resources: - requests: - memory: 3072Mi - cpu: 750m - limits: - memory: 3072Mi - cpu: "1" - - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-prod.lgpunjab.gov.in=mohali - tenant.nayagaon-prod.lgpunjab.gov.in=nayagaon - tenant.zirakpur-prod.lgpunjab.gov.in=zirakpur - tenant.kharar-prod.lgpunjab.gov.in=kharar - tenant.malerkotla-prod.lgpunjab.gov.in=malerkotla - tenant.batala-prod.lgpunjab.gov.in=batala - tenant.moga-prod.lgpunjab.gov.in=moga - tenant.ferozepur-prod.lgpunjab.gov.in=ferozepur - tenant.hoshiarpur-prod.lgpunjab.gov.in=hoshiarpur - tenant.pathankot-prod.lgpunjab.gov.in=pathankot - tenant.amritsar-prod.lgpunjab.gov.in=amritsar - tenant.ludhiana-prod.lgpunjab.gov.in=ludhiana - tenant.jalandhar-prod.lgpunjab.gov.in=jalandhar - tenant.khanna-prod.lgpunjab.gov.in=khanna - tenant.muktsar-prod.lgpunjab.gov.in=muktsar - tenant.patiala-prod.lgpunjab.gov.in=patiala - tenant.bathinda-prod.lgpunjab.gov.in=bathinda - tenant.abohar-prod.lgpunjab.gov.in=abohar - tenant.phagwara-prod.lgpunjab.gov.in=phagwara - tenant.barnala-prod.lgpunjab.gov.in=barnala - tenant.banga-prod.lgpunjab.gov.in=banga - tenant.dasuya-prod.lgpunjab.gov.in=dasuya - tenant.doraha-prod.lgpunjab.gov.in=doraha - tenant.faridkot-prod.lgpunjab.gov.in=faridkot - tenant.fazilka-prod.lgpunjab.gov.in=fazilka - tenant.garhshankar-prod.lgpunjab.gov.in=garhshankar - tenant.gurdaspur-prod.lgpunjab.gov.in=gurdaspur - tenant.jagraon-prod.lgpunjab.gov.in=jagraon - tenant.kapurthala-prod.lgpunjab.gov.in=kapurthala - tenant.kotkapura-prod.lgpunjab.gov.in=kotkapura - tenant.kurali-prod.lgpunjab.gov.in=kurali - tenant.malout-prod.lgpunjab.gov.in=malout - tenant.mandigobindgarh-prod.lgpunjab.gov.in=mandigobindgarh - tenant.mansa-prod.lgpunjab.gov.in=mansa - tenant.morinda-prod.lgpunjab.gov.in=morinda - tenant.derabassi-prod.lgpunjab.gov.in=derabassi - tenant.mullanpur-prod.lgpunjab.gov.in=mullanpur - tenant.mukerian-prod.lgpunjab.gov.in=mukerian - tenant.nabha-prod.lgpunjab.gov.in=nabha - tenant.nakodar-prod.lgpunjab.gov.in=nakodar - tenant.nangal-prod.lgpunjab.gov.in=nangal - tenant.nawanshahr-prod.lgpunjab.gov.in=nawanshahr - tenant.patran-prod.lgpunjab.gov.in=patran - tenant.raikot-prod.lgpunjab.gov.in=raikot - tenant.rajpura-prod.lgpunjab.gov.in=rajpura - tenant.ropar-prod.lgpunjab.gov.in=ropar - tenant.samana-prod.lgpunjab.gov.in=samana - tenant.samrala-prod.lgpunjab.gov.in=samrala - tenant.sangrur-prod.lgpunjab.gov.in=sangrur - tenant.sirhind-prod.lgpunjab.gov.in=sirhind - tenant.urmartanda-prod.lgpunjab.gov.in=urmartanda - tenant.anandpursahib-prod.lgpunjab.gov.in=anandpursahib - tenant.sahnewal-prod.lgpunjab.gov.in=sahnewal - tenant.sunam-prod.lgpunjab.gov.in=sunam - tenant.lalru-prod.lgpunjab.gov.in=lalru - tenant.arniwala-prod.lgpunjab.gov.in=arniwala - tenant.baghapurana-prod.lgpunjab.gov.in=baghapurana - tenant.bareta-prod.lgpunjab.gov.in=bareta - tenant.bhuchomandi-prod.lgpunjab.gov.in=bhuchomandi - tenant.budhlada-prod.lgpunjab.gov.in=budhlada - tenant.dharamkot-prod.lgpunjab.gov.in=dharamkot - tenant.dhariwal-prod.lgpunjab.gov.in=dhariwal - tenant.dinanagar-prod.lgpunjab.gov.in=dinanagar - tenant.gidderbaha-prod.lgpunjab.gov.in=gidderbaha - tenant.goniana-prod.lgpunjab.gov.in=goniana - tenant.guruharsahai-prod.lgpunjab.gov.in=guruharsahai - tenant.jaitu-prod.lgpunjab.gov.in=jaitu - tenant.jalalabad-prod.lgpunjab.gov.in=jalalabad - tenant.jandialaguru-prod.lgpunjab.gov.in=jandialaguru - tenant.kotfatta-prod.lgpunjab.gov.in=kotfatta - tenant.majitha-prod.lgpunjab.gov.in=majitha - tenant.maur-prod.lgpunjab.gov.in=maur - tenant.patti-prod.lgpunjab.gov.in=patti - tenant.raman-prod.lgpunjab.gov.in=raman - tenant.ramdass-prod.lgpunjab.gov.in=ramdass - tenant.rampuraphul-prod.lgpunjab.gov.in=rampuraphul - tenant.sangatmandi-prod.lgpunjab.gov.in=sangatmandi - tenant.sujanpur-prod.lgpunjab.gov.in=sujanpur - tenant.talwandibhai-prod.lgpunjab.gov.in=talwandibhai - tenant.tarntaran-prod.lgpunjab.gov.in=tarntaran - tenant.zira-prod.lgpunjab.gov.in=zira - tenant.adampur-prod.lgpunjab.gov.in=adampur - tenant.alawalpur-prod.lgpunjab.gov.in=alawalpur - tenant.balachaur-prod.lgpunjab.gov.in=balachaur - tenant.bhogpur-prod.lgpunjab.gov.in=bhogpur - tenant.bilga-prod.lgpunjab.gov.in=bilga - tenant.garhdiwala-prod.lgpunjab.gov.in=garhdiwala - tenant.goraya-prod.lgpunjab.gov.in=goraya - tenant.hariana-prod.lgpunjab.gov.in=hariana - tenant.kartarpur-prod.lgpunjab.gov.in=kartarpur - tenant.nurmahal-prod.lgpunjab.gov.in=nurmahal - tenant.phillaur-prod.lgpunjab.gov.in=phillaur - tenant.rahon-prod.lgpunjab.gov.in=rahon - tenant.shamchurasi-prod.lgpunjab.gov.in=shamchurasi - tenant.sultanpurlodhi-prod.lgpunjab.gov.in=sultanpurlodhi - tenant.amloh-prod.lgpunjab.gov.in=amloh - tenant.bassipathana-prod.lgpunjab.gov.in=bassipathana - tenant.payal-prod.lgpunjab.gov.in=payal - tenant.ahmedgarh-prod.lgpunjab.gov.in=ahmedgarh - tenant.amargarh-prod.lgpunjab.gov.in=amargarh - tenant.banur-prod.lgpunjab.gov.in=banur - tenant.bhadaur-prod.lgpunjab.gov.in=bhadaur - tenant.bhadson-prod.lgpunjab.gov.in=bhadson - tenant.bhawanigarh-prod.lgpunjab.gov.in=bhawanigarh - tenant.dhanaula-prod.lgpunjab.gov.in=dhanaula - tenant.dhuri-prod.lgpunjab.gov.in=dhuri - tenant.ghagga-prod.lgpunjab.gov.in=ghagga - tenant.handiaya-prod.lgpunjab.gov.in=handiaya - tenant.lehragaga-prod.lgpunjab.gov.in=lehragaga - tenant.longowal-prod.lgpunjab.gov.in=longowal - tenant.sanaur-prod.lgpunjab.gov.in=sanaur - tenant.tapa-prod.lgpunjab.gov.in=tapa - tenant.machhiwara-prod.lgpunjab.gov.in=machhiwara - tenant.moonak-prod.lgpunjab.gov.in=moonak - tenant.cheema-prod.lgpunjab.gov.in=cheema - tenant.nihalsinghwala-prod.lgpunjab.gov.in=nihalsinghwala - tenant.mudki-prod.lgpunjab.gov.in=mudki - tenant.mamdot-prod.lgpunjab.gov.in=mamdot - tenant.mallanwala-prod.lgpunjab.gov.in=mallanwala - tenant.makhu-prod.lgpunjab.gov.in=makhu - tenant.kotissekhan-prod.lgpunjab.gov.in=kotissekhan - tenant.fatehgarhpanjtoor-prod.lgpunjab.gov.in=fatehgarhpanjtoor - tenant.badhnikalan-prod.lgpunjab.gov.in=badhnikalan - tenant.dirba-prod.lgpunjab.gov.in=dirba - tenant.ajnala-prod.lgpunjab.gov.in=ajnala - tenant.bhikhiwind-prod.lgpunjab.gov.in=bhikhiwind - tenant.derababananak-prod.lgpunjab.gov.in=derababananak - tenant.fatehgarhchurian-prod.lgpunjab.gov.in=fatehgarhchurian - tenant.khemkaran-prod.lgpunjab.gov.in=khemkaran - tenant.narotjaimalsingh-prod.lgpunjab.gov.in=narotjaimalsingh - tenant.quadian-prod.lgpunjab.gov.in=quadian - tenant.rajasansi-prod.lgpunjab.gov.in=rajasansi - tenant.rayya-prod.lgpunjab.gov.in=rayya - tenant.srihargobindpur-prod.lgpunjab.gov.in=srihargobindpur - tenant.balianwali-prod.lgpunjab.gov.in=balianwali - tenant.bariwala-prod.lgpunjab.gov.in=bariwala - tenant.bhagtabhai-prod.lgpunjab.gov.in=bhagtabhai - tenant.bhairoopa-prod.lgpunjab.gov.in=bhairoopa - tenant.bhikhi-prod.lgpunjab.gov.in=bhikhi - tenant.boha-prod.lgpunjab.gov.in=boha - tenant.chaunke-prod.lgpunjab.gov.in=chaunke - tenant.joga-prod.lgpunjab.gov.in=joga - tenant.kotshamir-prod.lgpunjab.gov.in=kotshamir - tenant.kothaguru-prod.lgpunjab.gov.in=kothaguru - tenant.lehramohabbat-prod.lgpunjab.gov.in=lehramohabbat - tenant.maluka-prod.lgpunjab.gov.in=maluka - tenant.mandikalan-prod.lgpunjab.gov.in=mandikalan - tenant.mehraj-prod.lgpunjab.gov.in=mehraj - tenant.nathana-prod.lgpunjab.gov.in=nathana - tenant.rampura-prod.lgpunjab.gov.in=rampura - tenant.sardulgarh-prod.lgpunjab.gov.in=sardulgarh - tenant.talwandisabo-prod.lgpunjab.gov.in=talwandisabo - tenant.begowal-prod.lgpunjab.gov.in=begowal - tenant.bhulath-prod.lgpunjab.gov.in=bhulath - tenant.dhilwan-prod.lgpunjab.gov.in=dhilwan - tenant.lohiankhas-prod.lgpunjab.gov.in=lohiankhas - tenant.mehatpur-prod.lgpunjab.gov.in=mehatpur - tenant.nadala-prod.lgpunjab.gov.in=nadala - tenant.mahilpur-prod.lgpunjab.gov.in=mahilpur - tenant.shahkot-prod.lgpunjab.gov.in=shahkot - tenant.talwara-prod.lgpunjab.gov.in=talwara - tenant.khamano-prod.lgpunjab.gov.in=khamano - tenant.kiratpur-prod.lgpunjab.gov.in=kiratpur - tenant.maloud-prod.lgpunjab.gov.in=maloud - tenant.chamkaursahib-prod.lgpunjab.gov.in=chamkaursahib - tenant.ghanaur-prod.lgpunjab.gov.in=ghanaur - tenant.khanauri-prod.lgpunjab.gov.in=khanauri - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - - #grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - dashboardsFolder: /work-dir/punjab-rainmaker-customization/configs/monitoring-dashboards - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "PROD_V2" diff --git a/deploy-as-code/helm/environments/pb-prod.yaml b/deploy-as-code/helm/environments/pb-prod.yaml deleted file mode 100644 index 4436f1eb76..0000000000 --- a/deploy-as-code/helm/environments/pb-prod.yaml +++ /dev/null @@ -1,1101 +0,0 @@ -global: - domain: mseva.lgpunjab.gov.in -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-read-url: "jdbc:postgresql://pb-micro-prod-db-rr.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - erp-db-url: "jdbc:postgresql://pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/finance_egov_prod_db" - db-host: "pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://mseva.lgpunjab.gov.in/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "mseva.lgpunjab.gov.in" - tracer-errors-provideexceptionindetails: "true" - s3-asset-bucket: "pb-egov-assets" - egov-state-level-tenant-id: "pb" - timezone: "Asia/Kolkata" - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - es-client: "http://es-client:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - pt-integration: "http://13.127.211.3:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - case-management: "http://case-management.egov:8080/" - home-isolation-chatbot: "http://home-isolation-chatbot.egov:8080/" - egov-user-enc: "http://egov-user-enc.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 2 - memory_limits: "512Mi" - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - -egov-common-masters: - replicas: 2 - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-filestore-prod # Only got PROD - -egov-localization: - replicas: 3 - heap: "-Xmx384m -Xms384m" - memory_limits: 640Mi - -egov-location: - replicas: 2 - memory_limits: 512Mi - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - -egov-notification-sms: - sms-provider-url: "https://smsgw.sms.gov.in/failsafe/HttpLink" - sms-sender: "PBGOVT" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - java-args: "-Dspring.profiles.active=production" - sms-enabled: "true" - sms-sender-req-param-name: "signature" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "pin" - sms-destination-mobile-req-param-name: "mnumber" - sms-message-req-param-name: "message" - sms-extra-req-params: "" - -egov-otp: - replicas: 2 - -egov-user: - replicas: 3 - heap: "-Xmx640m -Xms640m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "768696" - citizen-otp-fixed-enabled: "true" - java-args: "-Dspring.profiles.active=production" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - tracing-enabled: "true" - account-unlock-cool-down-period-minutes: 5 - -tenant: - replicas: 2 - -egov-idgen: - replicas: 2 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - idformat-from-mdms: "true" - -chatbot: - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918750975975" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918750975975" - valuefirst-notification-assigned-templateid: "195265" - valuefirst-notification-resolved-templateid: "195267" - valuefirst-notification-rejected-templateid: "195269" - valuefirst-notification-reassigned-templateid: "195271" - valuefirst-notification-commented-templateid: "195273" - valuefirst-notification-welcome-templateid: "196937" - valuefirst-notification-root-templateid: "196939" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - # Allow connections from this IP source range only - ingress: - ip-whitelist: "203.212.70.58/32,203.212.68.238/32,203.212.70.15/32,103.229.250.170/32,203.212.70.19/32" - test-data-cleanup-enabled: "true" - -egov-mdms-service: - replicas: 2 - mdms-path: "/work-dir/punjab-mdms-data/data" - masters-config-url: "file:///work-dir/punjab-mdms-data/mdms-masters-config.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-mdms-data" - branch: "master" - mdms-folder: "punjab-mdms-data" - java-args: "-Dspring.profiles.active=monitoring" - -egov-indexer: - replicas: 2 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: "1408Mi" - egov-indexer-yaml-repo-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/finance-rolloutadoption-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/chatbot-indexer.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-firenoc-indexer.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -egov-workflow-v2: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/apportion-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc-calculator-persister.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -egov-searcher: - search-yaml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -egov-data-uploader: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/punjab-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - axis: "true" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - payu-url: "secure.payu.in" - payu-url-status: "info.payu.in" - -telemetry: - replicas: 2 - images: - - egovio/telemetry - -egov-telemetry-kafka-streams: - replicas: 2 - images: - - egovio/egov-telemetry-kafka-streams - -egov-telemetry-batch-process: - replicas: 2 - date: "" - schedule: "30 19 * * *" #GMT 07:30PM - IST 01:00 AM every day - -egov-weekly-impact-notifier: - mail-to-address: "egov-impact-emailer@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Punjab Weekly emailer" - cron: - schedule: "00 03 * * 5" #GMT 3AM - IST 08:30 AM every Friday - -egov-custom-consumer: - replicas: 2 - erp-host: "https://mohali.lgpunjab.gov.in/" - - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - - -case-management: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - attachment-case-admin-filestoreid: "9e125764-91f3-4324-90fe-f1e524acc69d" - isolation-health-report-collection-time: 7PM - sms-create-case-template: "Dear Citizen,\nPlease click on the below link and start reporting your health status for today over WhatsApp.\nLink: https://wa.me/918750975975?text=mSeva" - cova-fetch-url: https://covaprod.punjab.gov.in/api/cova/citizen/services/v1/fetch-health-record - cova-create-health-record-url: https://covaprod.punjab.gov.in/api/cova/citizen/services/v1/insert-blo-data - -data-upload: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/data-upload/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -mailbot: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/mailbot/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -home-isolation-chatbot: - consumer-group-id-prefix: home-isolation- - topic-name-prefix: home-isolation- - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918750975975" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918750975975" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - db-url: "jdbc:postgresql://pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" - # Allow connections from this IP source range only - ingress: - ip-whitelist: "203.212.70.58/32,203.212.68.238/32" - test-data-cleanup-enabled: "true" - - -egov-user-enc: - replicas: 1 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - java-args: "-Dspring.profiles.active=production" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - account-unlock-cool-down-period-minutes: 5 - db-url: "jdbc:postgresql://pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# demand >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -demand-services: - replicas: 2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 2 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 3 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/master/configs/egov-zuul/pre-hook.json" - posthook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/master/configs/egov-zuul/post-hook.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/citizen/_create,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/filestore/v1/files/url,/egov-mdms-service/v1/_get,/egov-url-shortening,/whatsapp-webhook/messages" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get" - eventlog-enabled: "false" - eventlog-urls-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - home-isolation-chatbot-router-enabled: true - - # DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -dashboard-ingest: - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "collectionsindex-v1-enriched" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -nginx-ingress: - controller: - replicas: 2 - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-20191106.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -employee-mcs: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -rainmaker-custom-service: - db-host: "pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - pt-zero-tenants: "pb.zirakpur,pb.kharar,pb.ropar,pb.jalandhar" - pt-integration-tenants: "pb.jalandhar,pb.phagwara,pb.amritsar" - egov-bnd-login-url: "http://13.71.85.9/LoginByPass/TokenGeneration" - egov-bnd-redirect-url: "http://13.71.85.9/LoginBypass/Index?healthID=" - debug-mode: "true" - node-env: "production" - -employee-tradelicence: - SUBFILTER: "YES" - TL_ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/tl-uat-ulb-override.js" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - spring-datasource-tomcat-max-active: 10 - report-locationsfile-path: "file:///work-dir/punjab-rainmaker-customization/configs/reports/report.config" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "master" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -egov-notification-mail: - username: "egov-micro.services@egovernments.org" - -pt-services-v2: - replicas: 4 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - notification-sms-enabled: "true" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - pt-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - - -pt-calculator-v2: - replicas: 4 - logging-level: "DEBUG" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - JAVA_ENABLE_DEBUG: "true" - CUSTOM_PB_ZERO_ASSESSMENT: "true" - CUSTOM_PB_ZERO_ASSESSMENTYEAR: "2014-15" - CUSTOM_PB_ZERO_ASSESSMENT_TENANTID: "pb.testing.zero" - unbuiltarea-prorated: "true" - custom-pb-firecess-logic: "true" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - - -tl-services: - replicas: 2 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 384Mi - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.receipt-create" - tl-search-default-limit: "100" - - -tl-calculator: - replicas: 2 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# Collections >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - receiptnumber-servicebased: "true" - receipt-create-topic: "egov.collection.receipt-create" - search-ignore-status: "Cancelled,Rejected" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -finance-collections-voucher-consumer: - erp-env-name: "" - erp-domain-name: "lgpunjab.gov.in" - -egf-master: - replicas: 2 - db-url: "jdbc:postgresql://pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -egf-instrument: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: "512Mi" - -egov-hrms: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - employee-applink: "https://mseva.lgpunjab.gov.in/employee/user/login" - tracing-enabled: "true" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:v2 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "pb-micro-prod-db.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovprod" - db-read-username: "pbprod_readonly" - port: "5432" - env: "PBPROD" - maintenance-db-name: "egov_prod_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-0c8019dfec9fbfbc7 - - vol-06f4370047411de31 - - vol-0096b57d9f17d44a5 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-0228ef3598e1b0b17 - - vol-009ae240f661ba0bc - - vol-0d004376fadd74b66 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - ebs-volumes: - - "vol-086224c6b56eabe19" - - "vol-0c931fa4afa0a40c9" - - "vol-0eb64e674bdc75d5b" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - "vol-07339229d1da4f0a0" - - "vol-09c54ef3d3cafb805" - - "vol-0185442cb0869564e" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - "vol-0cf5e66c233e493a7" - - "vol-0ea94284f74900aab" - - "vol-08c42e6526f977c35" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-infra-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-infra-v1: - replicas: 3 - storage-size: 100Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - "vol-06e8ed03c7b69da20" - - "vol-05895e9a3912d07ba" - - "vol-0946c84e555a32dc0" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - "vol-02063bcfe08a595cf" - - "vol-0f32f287f9dabf751" - - "vol-06bbaf1298171b740" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-prod.lgpunjab.gov.in=mohali - tenant.nayagaon-prod.lgpunjab.gov.in=nayagaon - tenant.zirakpur-prod.lgpunjab.gov.in=zirakpur - tenant.kharar-prod.lgpunjab.gov.in=kharar - tenant.malerkotla-prod.lgpunjab.gov.in=malerkotla - tenant.batala-prod.lgpunjab.gov.in=batala - tenant.moga-prod.lgpunjab.gov.in=moga - tenant.ferozepur-prod.lgpunjab.gov.in=ferozepur - tenant.hoshiarpur-prod.lgpunjab.gov.in=hoshiarpur - tenant.pathankot-prod.lgpunjab.gov.in=pathankot - tenant.amritsar-prod.lgpunjab.gov.in=amritsar - tenant.ludhiana-prod.lgpunjab.gov.in=ludhiana - tenant.jalandhar-prod.lgpunjab.gov.in=jalandhar - tenant.khanna-prod.lgpunjab.gov.in=khanna - tenant.muktsar-prod.lgpunjab.gov.in=muktsar - tenant.patiala-prod.lgpunjab.gov.in=patiala - tenant.bathinda-prod.lgpunjab.gov.in=bathinda - tenant.abohar-prod.lgpunjab.gov.in=abohar - tenant.phagwara-prod.lgpunjab.gov.in=phagwara - tenant.barnala-prod.lgpunjab.gov.in=barnala - tenant.banga-prod.lgpunjab.gov.in=banga - tenant.dasuya-prod.lgpunjab.gov.in=dasuya - tenant.doraha-prod.lgpunjab.gov.in=doraha - tenant.faridkot-prod.lgpunjab.gov.in=faridkot - tenant.fazilka-prod.lgpunjab.gov.in=fazilka - tenant.garhshankar-prod.lgpunjab.gov.in=garhshankar - tenant.gurdaspur-prod.lgpunjab.gov.in=gurdaspur - tenant.jagraon-prod.lgpunjab.gov.in=jagraon - tenant.kapurthala-prod.lgpunjab.gov.in=kapurthala - tenant.kotkapura-prod.lgpunjab.gov.in=kotkapura - tenant.kurali-prod.lgpunjab.gov.in=kurali - tenant.malout-prod.lgpunjab.gov.in=malout - tenant.mandigobindgarh-prod.lgpunjab.gov.in=mandigobindgarh - tenant.mansa-prod.lgpunjab.gov.in=mansa - tenant.morinda-prod.lgpunjab.gov.in=morinda - tenant.derabassi-prod.lgpunjab.gov.in=derabassi - tenant.mullanpur-prod.lgpunjab.gov.in=mullanpur - tenant.mukerian-prod.lgpunjab.gov.in=mukerian - tenant.nabha-prod.lgpunjab.gov.in=nabha - tenant.nakodar-prod.lgpunjab.gov.in=nakodar - tenant.nangal-prod.lgpunjab.gov.in=nangal - tenant.nawanshahr-prod.lgpunjab.gov.in=nawanshahr - tenant.patran-prod.lgpunjab.gov.in=patran - tenant.raikot-prod.lgpunjab.gov.in=raikot - tenant.rajpura-prod.lgpunjab.gov.in=rajpura - tenant.ropar-prod.lgpunjab.gov.in=ropar - tenant.samana-prod.lgpunjab.gov.in=samana - tenant.samrala-prod.lgpunjab.gov.in=samrala - tenant.sangrur-prod.lgpunjab.gov.in=sangrur - tenant.sirhind-prod.lgpunjab.gov.in=sirhind - tenant.urmartanda-prod.lgpunjab.gov.in=urmartanda - tenant.anandpursahib-prod.lgpunjab.gov.in=anandpursahib - tenant.sahnewal-prod.lgpunjab.gov.in=sahnewal - tenant.sunam-prod.lgpunjab.gov.in=sunam - tenant.lalru-prod.lgpunjab.gov.in=lalru - tenant.arniwala-prod.lgpunjab.gov.in=arniwala - tenant.baghapurana-prod.lgpunjab.gov.in=baghapurana - tenant.bareta-prod.lgpunjab.gov.in=bareta - tenant.bhuchomandi-prod.lgpunjab.gov.in=bhuchomandi - tenant.budhlada-prod.lgpunjab.gov.in=budhlada - tenant.dharamkot-prod.lgpunjab.gov.in=dharamkot - tenant.dhariwal-prod.lgpunjab.gov.in=dhariwal - tenant.dinanagar-prod.lgpunjab.gov.in=dinanagar - tenant.gidderbaha-prod.lgpunjab.gov.in=gidderbaha - tenant.goniana-prod.lgpunjab.gov.in=goniana - tenant.guruharsahai-prod.lgpunjab.gov.in=guruharsahai - tenant.jaitu-prod.lgpunjab.gov.in=jaitu - tenant.jalalabad-prod.lgpunjab.gov.in=jalalabad - tenant.jandialaguru-prod.lgpunjab.gov.in=jandialaguru - tenant.kotfatta-prod.lgpunjab.gov.in=kotfatta - tenant.majitha-prod.lgpunjab.gov.in=majitha - tenant.maur-prod.lgpunjab.gov.in=maur - tenant.patti-prod.lgpunjab.gov.in=patti - tenant.raman-prod.lgpunjab.gov.in=raman - tenant.ramdass-prod.lgpunjab.gov.in=ramdass - tenant.rampuraphul-prod.lgpunjab.gov.in=rampuraphul - tenant.sangatmandi-prod.lgpunjab.gov.in=sangatmandi - tenant.sujanpur-prod.lgpunjab.gov.in=sujanpur - tenant.talwandibhai-prod.lgpunjab.gov.in=talwandibhai - tenant.tarntaran-prod.lgpunjab.gov.in=tarntaran - tenant.zira-prod.lgpunjab.gov.in=zira - tenant.adampur-prod.lgpunjab.gov.in=adampur - tenant.alawalpur-prod.lgpunjab.gov.in=alawalpur - tenant.balachaur-prod.lgpunjab.gov.in=balachaur - tenant.bhogpur-prod.lgpunjab.gov.in=bhogpur - tenant.bilga-prod.lgpunjab.gov.in=bilga - tenant.garhdiwala-prod.lgpunjab.gov.in=garhdiwala - tenant.goraya-prod.lgpunjab.gov.in=goraya - tenant.hariana-prod.lgpunjab.gov.in=hariana - tenant.kartarpur-prod.lgpunjab.gov.in=kartarpur - tenant.nurmahal-prod.lgpunjab.gov.in=nurmahal - tenant.phillaur-prod.lgpunjab.gov.in=phillaur - tenant.rahon-prod.lgpunjab.gov.in=rahon - tenant.shamchurasi-prod.lgpunjab.gov.in=shamchurasi - tenant.sultanpurlodhi-prod.lgpunjab.gov.in=sultanpurlodhi - tenant.amloh-prod.lgpunjab.gov.in=amloh - tenant.bassipathana-prod.lgpunjab.gov.in=bassipathana - tenant.payal-prod.lgpunjab.gov.in=payal - tenant.ahmedgarh-prod.lgpunjab.gov.in=ahmedgarh - tenant.amargarh-prod.lgpunjab.gov.in=amargarh - tenant.banur-prod.lgpunjab.gov.in=banur - tenant.bhadaur-prod.lgpunjab.gov.in=bhadaur - tenant.bhadson-prod.lgpunjab.gov.in=bhadson - tenant.bhawanigarh-prod.lgpunjab.gov.in=bhawanigarh - tenant.dhanaula-prod.lgpunjab.gov.in=dhanaula - tenant.dhuri-prod.lgpunjab.gov.in=dhuri - tenant.ghagga-prod.lgpunjab.gov.in=ghagga - tenant.handiaya-prod.lgpunjab.gov.in=handiaya - tenant.lehragaga-prod.lgpunjab.gov.in=lehragaga - tenant.longowal-prod.lgpunjab.gov.in=longowal - tenant.sanaur-prod.lgpunjab.gov.in=sanaur - tenant.tapa-prod.lgpunjab.gov.in=tapa - tenant.machhiwara-prod.lgpunjab.gov.in=machhiwara - tenant.moonak-prod.lgpunjab.gov.in=moonak - tenant.cheema-prod.lgpunjab.gov.in=cheema - tenant.nihalsinghwala-prod.lgpunjab.gov.in=nihalsinghwala - tenant.mudki-prod.lgpunjab.gov.in=mudki - tenant.mamdot-prod.lgpunjab.gov.in=mamdot - tenant.mallanwala-prod.lgpunjab.gov.in=mallanwala - tenant.makhu-prod.lgpunjab.gov.in=makhu - tenant.kotissekhan-prod.lgpunjab.gov.in=kotissekhan - tenant.fatehgarhpanjtoor-prod.lgpunjab.gov.in=fatehgarhpanjtoor - tenant.badhnikalan-prod.lgpunjab.gov.in=badhnikalan - tenant.dirba-prod.lgpunjab.gov.in=dirba - tenant.ajnala-prod.lgpunjab.gov.in=ajnala - tenant.bhikhiwind-prod.lgpunjab.gov.in=bhikhiwind - tenant.derababananak-prod.lgpunjab.gov.in=derababananak - tenant.fatehgarhchurian-prod.lgpunjab.gov.in=fatehgarhchurian - tenant.khemkaran-prod.lgpunjab.gov.in=khemkaran - tenant.narotjaimalsingh-prod.lgpunjab.gov.in=narotjaimalsingh - tenant.quadian-prod.lgpunjab.gov.in=quadian - tenant.rajasansi-prod.lgpunjab.gov.in=rajasansi - tenant.rayya-prod.lgpunjab.gov.in=rayya - tenant.srihargobindpur-prod.lgpunjab.gov.in=srihargobindpur - tenant.balianwali-prod.lgpunjab.gov.in=balianwali - tenant.bariwala-prod.lgpunjab.gov.in=bariwala - tenant.bhagtabhai-prod.lgpunjab.gov.in=bhagtabhai - tenant.bhairoopa-prod.lgpunjab.gov.in=bhairoopa - tenant.bhikhi-prod.lgpunjab.gov.in=bhikhi - tenant.boha-prod.lgpunjab.gov.in=boha - tenant.chaunke-prod.lgpunjab.gov.in=chaunke - tenant.joga-prod.lgpunjab.gov.in=joga - tenant.kotshamir-prod.lgpunjab.gov.in=kotshamir - tenant.kothaguru-prod.lgpunjab.gov.in=kothaguru - tenant.lehramohabbat-prod.lgpunjab.gov.in=lehramohabbat - tenant.maluka-prod.lgpunjab.gov.in=maluka - tenant.mandikalan-prod.lgpunjab.gov.in=mandikalan - tenant.mehraj-prod.lgpunjab.gov.in=mehraj - tenant.nathana-prod.lgpunjab.gov.in=nathana - tenant.rampura-prod.lgpunjab.gov.in=rampura - tenant.sardulgarh-prod.lgpunjab.gov.in=sardulgarh - tenant.talwandisabo-prod.lgpunjab.gov.in=talwandisabo - tenant.begowal-prod.lgpunjab.gov.in=begowal - tenant.bhulath-prod.lgpunjab.gov.in=bhulath - tenant.dhilwan-prod.lgpunjab.gov.in=dhilwan - tenant.lohiankhas-prod.lgpunjab.gov.in=lohiankhas - tenant.mehatpur-prod.lgpunjab.gov.in=mehatpur - tenant.nadala-prod.lgpunjab.gov.in=nadala - tenant.mahilpur-prod.lgpunjab.gov.in=mahilpur - tenant.shahkot-prod.lgpunjab.gov.in=shahkot - tenant.talwara-prod.lgpunjab.gov.in=talwara - tenant.khamano-prod.lgpunjab.gov.in=khamano - tenant.kiratpursahib-prod.lgpunjab.gov.in=kiratpursahib - tenant.maloud-prod.lgpunjab.gov.in=maloud - tenant.chamkaursahib-prod.lgpunjab.gov.in=chamkaursahib - tenant.ghanaur-prod.lgpunjab.gov.in=ghanaur - tenant.khanauri-prod.lgpunjab.gov.in=khanauri - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -egov-finance: - collection-version: V1 diff --git a/deploy-as-code/helm/environments/pb-qa-secrets.yaml b/deploy-as-code/helm/environments/pb-qa-secrets.yaml deleted file mode 100644 index 63697b1dcb..0000000000 --- a/deploy-as-code/helm/environments/pb-qa-secrets.yaml +++ /dev/null @@ -1,86 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:h5Z3yEtNPRg=,iv:vJXLWX4/X5XCJpr/fAcat6TR/aGHYSzIsvUhWSE1Ms0=,tag:YG0s0KiTdWajc4UBye3jnw==,type:str] - password: ENC[AES256_GCM,data:QGj3dG188HJzk2Wq9otNmw==,iv:3JGCiOkhYlCkDqOW0yKBlMneix2gkfVP/GGbv7L/FgM=,tag:JGf/DMGzRyXTrbXHhkFtDg==,type:str] - flywayUsername: ENC[AES256_GCM,data:QuyGkTUDPY8=,iv:p6Eu/bsAyUo8XW34zJLgrTnzbyr1fEITmJHyggpa2+0=,tag:D3akGBbjunoxJF3hESiQ0w==,type:str] - flywayPassword: ENC[AES256_GCM,data:n1vorLqjW2t5AX4xnvSaOg==,iv:UFmZNPQ7rt8pC9KAA/kdeLDB8SdHYnlON9JUQXcfB80=,tag:z5BbUs0rezgVqJlJv/SOWA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:dzbtzyH2JDMYdo4=,iv:78ro1LYb15HKlqBVNEGhyFkd1EKHoScrVmJdTxzgXVs=,tag:gNUF/adsPYOSHUW62JGhJA==,type:str] - password: ENC[AES256_GCM,data:AksuIh8T92mKXg==,iv:TeZR50/YCHX6RJRlCeC5RN66ajbBEKJmMLr/gevPaeo=,tag:Vo0fqGxCMQBj964MQRlsAA==,type:str] - secure-key: ENC[AES256_GCM,data:ohNr77ONhvTjUcLz6xXyJhBF/YY2f30M/eVWlQ15ZPbv5jZa,iv:1Rn6F6TowM9IC6PXJPo3Fmd+RnTUchUmV7TcdCmHamE=,tag:z0pMqFmelSsWI+CuMD7KOw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:oBVjRlx+buEl+X9vv7XPq8grX1M=,iv:V86p8sxSI73oSLkIMEhQAspng1l33jdBZV4oSmeuwyw=,tag:vNcQVvMS9Omq9MiPL1Ne4g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:MO8sYii2MQBfYQAQr9wrn7QdyKdOMXPEY5RNSLrQk3e+DEgOF+qIUw==,iv:eHIIgBxBvJwH2VgmqADzChGYL2dNkyzC7/GxdJQYEo4=,tag:+XfcFt/Rp3JxL5BYotPxJg==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:dvjhAsKmXhIH47lFN1Qh4SH+qAM6T7Z53SleqLR1rU4jPcaFwYiC,iv:HoZ2YqTpB32LimfUHudz7D9xfiXME/EIOi4typh+LwU=,tag:20iRBfmSmv30xljeIVqyUQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:So+qPoqtNjNIY1yOpQc/tg==,iv:B5VtqbHTpLPHeZPKRPZNNagHc3bS3vawnrCJ2qSVRuw=,tag:EqSXxNdLlaLlYo1LYSpwgg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:LoC5MISWH8jp25JvznLTe9lgy1FRKAIfzQFh6tmmtdU=,iv:B9iWZSz2SztH6ox+2m/jEcYtAYhaCvdgobAXs5uxKrE=,tag:FCyE45wXeb5/8vwBtKyGiA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:VmKGCKKWtDfTYpRRmu2o,iv:Mf5Qet9OtugedFq4HZ37kLeL09Ff41lbj/vA1u6F9gw=,tag:fzIu513TeWkxOh4hArwMYA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7VtbSwrog7j/Ngs=,iv:H/H+ZtGeQc4Kgk2HiZY+i0QcEdv97Rd2hznXomPD5HQ=,tag:5tlJkbNFZtgz+vo11VfcXw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:xg0XhDKwn5I=,iv:3ptikBJyBamrim6Ym0kJDR9kVdOKsu7wuVKRmPPw4yc=,tag:VNtRAZP+CY+LtLpeWy2scA==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:fwZsF2DB,iv:bQGRGYMFwRta9XdBNsLe+rOfFiGJfjq1Ch5xouy2bos=,tag:hArqdO/sEqaBfrCyxEnZJQ==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:hCz39E9+ic0=,iv:SCxypwwXsjvn8HChvNfJcldyAPqJZ+O1fNpzX395ivw=,tag:cQ6OGqd9b+hkO5B0xPDO0A==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:1qR9sVjNv/6CopINa2aLPn7bCxLAJzapCYWhDw==,iv:+pAYqI+k46Qjq/LvwHIDpG8BtDqKv3Dr5O6owE7Vy2E=,tag:7wKgbBW0/IP41kpsHJFr3Q==,type:str] - admin-password: ENC[AES256_GCM,data:0kN+WBWuErQ2RWmLl4uOcO9D,iv:2PtRMvxAkwcuVGJrVPFiqItJ2oshET0RX/+cgXnQCDc=,tag:rfGuEEWc2fsQrjFCKaKKDg==,type:str] - read-email: ENC[AES256_GCM,data:3zrANKYIbUM3RHu72OipYQdLn+nNIZJTiWC7,iv:bQgEKdeVtdOLLuPpDTQqLqVAx0NL91ItT8t7Op+ZanI=,tag:vg+0cqLIHgxlUrN4j4I2vQ==,type:str] - read-password: ENC[AES256_GCM,data:B4iGge4lGrwWCjaPu90rF9gQ,iv:1dOL8sAweVqydb4qfbuPct29CJuVOuiUGufQU1U30LA=,tag:UNJZYon9SayMWCpyjXg4Mw==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:J2MlC4OLAdnDFg==,iv:J5n+P98vdpJMfYxTuMB85AD15La3Vqjir1Nxv9jK3U4=,tag:pXKzp0U1T1mtykxC7aM3sg==,type:str] - rainmaker-custom-service: - egov-encryption-key: ENC[AES256_GCM,data:ctiJKmjp8r8EjfEHCP/M1PZkQsUJmJ5LDoArZ6tiFpM=,iv:m2og3wj59k+sYS63wCWyVRkBSYGmBAdKpx/VUktNRik=,tag:pQowVevYGwkU1u66ce6J8g==,type:str] - egov-encryption-iv: ENC[AES256_GCM,data:gGMl8nXERBzrct6+Jgnbjg==,iv:vs8jt8956aA28KGd9IQQetI0S1YK1+25PMu7+0Iqjhg=,tag:ENlVvOgYZYhtkfR+oD179Q==,type:str] - egov-bnd-encryption-key: ENC[AES256_GCM,data:8NPCfHwJTIgN/vEIUkaKF7n/WGDjk5UIf8WIocKyAPQ=,iv:S2ud3DEquEh7ipPd9N1kVflsYvenIIZpk8BEBRlig0s=,tag:uzoIo3EJLccaX6tTU6Xa2Q==,type:str] - jwt-key: ENC[AES256_GCM,data:S0HUMQOw+tDE,iv:vbvvuAr6xZ0JwmyjbfS0//PK79FUxS79T5tMU4cyh3c=,tag:wbrM8aid2panXEVd+Ggjew==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:IBJpc+ZtPqxDdGwyG+ZKchgcs5Iw59lPWVsFzVqkOvpXvCDYDJ40WAK6hVObtrbUDs9T7eN86F6tOyzldbKJc/KzJSgj3hRdLyiaWgOI2mQM11LVaOh1iXJMuJk5+NvEJvunV0xuflzseWQB28h2/fXh9k3y38tROjAzBHibwWxY1enkFbJYSNoxXSDGtlr+5ZSrNESCpuH+g1xJ2+OYsMnuMdrhzksv9YiNr4V1a8tp5b4OWCsOCqfiR9Wzmmy3VQlpvyxOnIWyQjhpY9ucUAcDnzZdVq2Pkd/xRfg/PVD2eiTTy4YNDkRSRMwmugQp2wngll7VnWgdVMlC8Ir5R3kGpIxCa/XGUcNQFy9C/NJG0EpLxB2vrBeXvAKjh50YqGjaC4MfkgzLfCEQWYj5x1FV4mQKlYLVesuboA+yblIJULAaLx9KHvw3o1X/CjIt76VoPLV/zlQl5Ty0KMl6ax4iGezfbHVNHrqay4vLOWRmEozr9XearGfoThagZoWycEDswV41b7FSBAiAIYHlh/cTLRb9PW+hMj7cUExhoveX1tLZQFDqEuXp2cdjAlJ+ZnqpLcqYV0Kp2iOGfyVW7wQxPmkr7e13S9zUe016d4Eaz4U5zy8Wg+Jg0dNc6SseUzx8xAzuqB+rPjnpNV0LoIFKM366+h3nBPPLPWvEfwQlo68hrRX64J1h3Ivs2R4p1yCtf/VHYUlExApuM6zXSetgfEtV1412uBdfhWQQ1uMsbOyUYUTg81fbP1SfERodf/I8/5d9qbakWQl3i2X4JMLx1LvflkVSFPGszLquvVVGWAF1IJBWqxlBuFhHFjN/jdA9dul0lKwmZWbEN26k9QYV+lkWLeSQzWJt61SPHtXjV7WgViS3nrcCmISrYU99S5mh9BtYRlzIb0aEwtQS3g96PWaZwWBGC7Qx6MrNQTYtdfHnFY74/YXwz8THRJbwfhs3/RQ0eXDwa5RaDHJb6m9OK2ocjhmgi0gU/loF1sYo6KDdq7Txrz+3Rgx+OfANKCYbsbSDcXK0EOYaFJo7ByvD6uwg5F1ap7cqPflGgTPOWV+lUPt+KUnOC3tsQW285otJz5NlHFZQFcYs7tQ4tavNiYZHUP0u7HghI5cWGdK+GEbXInAaHLPcbW0z6gL9YZEARhnZN4UWdmrMWWkS5JZQYey7hk14NexmPrzub7UVW7XifSv8yWiWhPLUx5xs24JoYAnFwH4RxSRDHGAbXkx8VZlpuWAXS+qyECpCBcPfifcmkbEhRSSw4JAYfH/vhlV7BmWAbcR3Eg2w2FeH0qyA6wcKq36INLbeprkVWo7vRRD//oMcJp9ZjLfecufYj37lD0/zOCKhXQC0Z2S7znYF+q5f3M/lhbSugKC5ARnWBRnw1dzX8Ma/aAQTimxemInZyGHDqwU22Q57SMAInFQWz/w3LFIhA6MIJ/9yJuwMv7Le+GfYGEcjlSuOlISbGQXwxZ55NHd/0N0jpqJoshjXurhlRgEc5OkhPW8VSYm0P1DnwFb6sIzVgLF68BiTQ82NC/X0amiU+iD3zf1I4XUwvCMN2ANno4a/mVusw4KAiGcs0gcrvTvgAQOMtCGMp7H3TCNBwdlt2Idk+CjRf+EUd1+Ptk6X9CkzHuZrgjpjjKkc0m5OoJIQAXYz3onUhrEdbK6PanSthqdMI0P1pr2RzGNpTzat6ry9wl6u2GKm1EeT7x7w+HoLN1zAubRkzja/gcYe48WYPMyiTlqpDU4fwNlkFvtSPv6zE+D+eRvt2SCNNl5zxVoMAdOYBZyygMOocCsoUNJ2dknrXjeJQk/4HP4Gk+2r1rTajgTzC5eG6ETHNCcSTEkb9VlGgu/2w8RvXLk4sdPDBiTo99Q2UWHjPRDxRWVcBGgDUxh35wH+I1RWXZ9qrKMJdEABMIwDgdlooI8GjA572OWBTRX7JJnWshLg1WSA3g+E3hpwxTVSoR2prGF4Ycw3kxTAqT43LK77HsSPXTi4lM0oX5epZnV7ye6yZeHU/GqsM+g0raJlZeAKEd3KM4+rpL4C0N3z24VTjOLKM9XoFTrKdmh0EEQSP0JI90cC2vdOOtNrQiiH2eaMwYEpQtBStRoPCxX9DIq9aqhYQ02wRikG28U0r922k16vTgvUyyu1M36DJSkLyc2wQCrE8MRAsSXxSfJLXyF7+9FPBgQbN+6PggI3MU8j4q4Fn53oFMZ4nRgdlbZWJCFS33t4EAie50pmKwarGxVAGQLNvEPZjPPmcQE1i4lS6F+0/lkDcm0SQILHwwkN0yze8sp/Nhf+22rKwWui9+g8AZp7m9wV0Uqfzgu/Eoakqwupw9/LLHltje4Bgj82cGw3xVmI4KrF/SJm2cZjTumuXITzhyCQcE65/b1c/h5p1K4zZ1DsDxMd3DYHVkD6qurxTkn+z6k6vfMGTKzhnhDFkl78u8Sgk5XYD883IP3SOTwTt5cAInk2o+CzQE21oxRvrQ+cE/OMNrStupD0qfeL0FVklfL8hZGX7SuvmqRwAd0Hv3iHi4K7hYYUxUiSQmVIE6xSkrxg1sg/hpBlynn+SG85LYjDg0u/RPFx91VIA33ZcStjQofoYjdsVrYzGeHMd8YLn7PAvX1qogX76csT9NWa50xfizl5ZPiO9ZyVoyJq5NwAahCix2jctidL9WLM9EF5vM70MxsLaYfXRpJNwOGWen+UbE0yNIRCoAQ69hCc7se2HXZmBICv86BtANZn0GGpAxTeaLDTdPNENqiekr02fPdvN5PtWM6GJbaLT/tj673rxSblx7KhW4Nj5G4NwrzVNbUyfhY29h1tziiLnG38RreYwQxPr7WGHtqfg53kKebVutyFJJUbhRfsQ++T3lwgc++wHoIm22rHn4tfckLN9/JGCCDHVqgEELLsLDiqqVcwzGRVEREE/nNkm/yMV3xIKBqU56+jHXoU0jEBM5KTAiEp55RtgakswXKJOHXf/7M0W3cJxDIM0yBLvNJQ8pOR0Saz/rZ8X7NvHKatknwT9jhWLS8M1RB/E0HoEJFiifOl3dMPKqHu+w3D77XQF3zX9XZ2H0SucZCZEQRiIz33CM7D+x3PQWfr2+7RijRaRY3CwYim/ZSk+JKXwUWgS3gafpivWCmTVFOVaeok0nDn4e1OmtUY1kRKqfklWtpjtD6hMNTd2wjlFNlVcILllqEnbwNf9xbCwYZBzUjmA+BVMgYXG7m46JBrb7Pd71GpAt14JjCM3kjQ/GNfw3TDJWiECzYlbim8Y+knK+kEF6RlaKYJlWsC2cixdAT6ZvFfjFe77JJY91urDvJiVt6NEhJvYO0BeWjNGZl6fYUIVEEa+oG47UoBaJGT7Px8c48OSjpLaUx11kXiYLxqlKTOjDLHgNDYrDkHMaUe8l6s6sHa5lH94EBLjd7E+bFXM7O3Jy3he5LJOG6/J4f2ITwdZGNEw2E2ztQGhOqrSaA1CslJzcydg/3tNZ2QbDK1qSu/3kz4RKk/mKuHcaaIUQZ5JZZsAE+gtAehZ+bclMRf3FQ+czGi5Hp321Kn7X0idyOC1wf7ktxZnxJKcJ0czGNLiDu15cCJi5sRb6bgk7da/alfQvyvL4bF2aBgn68bL5YOtRejYw2BGR4eBJJ6CuzBShJ4PBipulJs/NwHjNZK0niUdk5WrBFguY+NVNcIheLd2DbXkHoR3j1bpGcZceZupRKbtkMu3A91T1lnOvJmcoHjeIxDYraOyyvnteSNDPUrhmUlEgMArMLX6YPBWlxkAgKAjelQUBtgQmnqZuiA37Szwlg1m7ieraz2O3ujVctAbHaH5+Hj14Jvl7ZYpchSUfF0Nz8odaWq4MPTg0PHZq855CQEMVq5tWyuNYWGRFwx+KUiPcdrOoGLejpoRWSqBV3+8hT5TAOGWRGMf8suWWDlXnXVQMticNxLDt5w8zZcMoBUErZ1ztj0EDp1UdFB+Z23a/gMPvp1q/WRlxL2X4Yu6FyJnxRPuFuP28rmtj0NeRwkVeFfL9BrGiXS4t7KqMrn9ilShcF9Bb0Cp9SrYy7ENI0mA99mybJWtGVgyPb3860N5GHYSg1I2TbI2H1BNK848vVTHiTIvZFHMrMmVZxrnu6DUJjDVUbba5KZtukJoKWBnjycBxMaIinAFdb4QD7QSqeZrzegKc8TgUw7tDaJP083HYnGVzD1DpjqY2Zkn6QvP33X9mQF8H4p9g4cPmHzmSiTxJTwuWP3YZZ54Ie04rqQ1oi9IpHJ1gyMtGqkmi2yfb61eZnHWSHqxXcLfrBrYWl8R6k+h/3JEBBIADorHAsbQvIKoJL3bYRFrn2DGGyGfLAG,iv:CRgZafcxHs73PQOvK+sohKq2MU27xEDMhzo8WZRjb7s=,tag:xlaxgnNd0kd1qF9EM6bqJA==,type:str] - known-hosts: ENC[AES256_GCM,data:y2RUqy4ZUDapPw/AcBhmFpVHTsWg7WO3kVPnxvMIYargNZdwOhbN7QgJxTZjmeXF4iLG/LvS2cymIHEW/PeDU4ncwu+1vtWpTEwBbIctX7uBuyz8bciwjbkCPM77UWtLvz8+Mes/mNtAnAivWViuZu42/wfw8JaXNV837ahYduGzEZRCns5RA0pxTWjyMB5HOjOKUbEb9Xa/KX5JuvXZrlb81o0c8MHsz1jEU7sfcp+JMMtVS1eZDAqWNTWMpPDLXNf0jTannlImIC5sLhrF1zAnvVxYAFsav/I4B3Qg9Ck+xGwXQDEz4pDfqa9C/4ilUlFxqwdRMUyZ4l26Knk2sUC6f/X59QUXW0ntwcpFshd9ScOLYHQq/aoOscf02rnF17RhKVHg2erFFieY4vW1FQTTz67AHsG8s3UIRWgmKG3yfWFvd30ohfaC8/cEUslAZ21wxKV2UhhLHc3Fbn+fN770nJEJvUW1N4DmMsxZ+XHarbfCius5e18OPIdv/b3j7Zurx4u5Hg==,iv:3A//D/8PoB6TzBNmNf94Fn75jqUzqh3NF+vyCMAInz4=,tag:jCrs3AcvendRQIHqO8TPMg==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:dvY2yFyYMbysQQ==,iv:+zQFuxzu3z92eSxvm9pUlyqs4NRBYG8z930lOfWzF6w=,tag:6egGXbVnwW+tO/d2V76TcQ==,type:str] - credentials: ENC[AES256_GCM,data:SyZo1oQWQfyLiSwub3aS9RdG1Wp+0pgWfeCTNpCiW0pLgpfMNplylcA9EMuaNC+X3I11+9NR+611qf9kYMcvUhYd75MbHQ4QLrbLa76tk4GYtpMaeLhj,iv:/2egfZRvC2Mxo+2srkvz73D/WG1yeXFxMGj3iCUCMag=,tag:6wI59UAHdWZpXEhWrL1/aA==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:LMQWO1EFlONZ52KdP6Sv3g==,iv:v3HX4G0F5MM3CWHTeYY5S8vwJoNlvHmb2CMdVTr7V2M=,tag:SYAhbJtCEzzd83ajIOD5vQ==,type:str] - credentials: ENC[AES256_GCM,data:ZGw3piG4eRvjHhf3lfw5vBU+MFNPezqDL49EzOYcNJWL9kdzib8+BDqyGg==,iv:IPwobBby0zFo8ztmyM5oc9MmHyte3U4mZsbjoxcP2O8=,tag:p+GE6pjdrxfcevlAJShb3w==,type:str] - jaeger-config: - credentials: ENC[AES256_GCM,data:+GvoB5h9MxTzSY19XXFUhVeg/G+X9AUdHUw7gZBb47YZ3XssoKcYHEaKvBRc2o+fvQ==,iv:6W81la+SK/itO8quodPCpdCdA8FXe/LdiJAc9RIbLJo=,tag:L85/q+b2+j/v3tY6qvWI6A==,type:str] - chatbot: - username: ENC[AES256_GCM,data:sXjwrxljsj5QigygMG3e2j10nq3pDwCHlT1jzbAwPV4mdfYqbDFbkNB/EUkFNFLWwUHdtRelL56qqbQUQXIfVOBQecpiXg7pWpZZTUT0vWNWn/alVzXFgNGfG4pKic1rRHsxC1zkjBDBzMM3SrmngRpl4ZUwZkNSTYRE,iv:g7cb2W66z3i0kHhTdXrl0uDSyBQ2Ib4bJhuOa5Nt26E=,tag:XIzPWO4Y0nnRNk+6p/y3QA==,type:str] - password: ENC[AES256_GCM,data:WxyX8OxAtRudIh3mfWYn+pKYQFZOyXfF5ITikb1csgC+DUFddI7TitZ3JeLjnYVFaA4bvRcI998ggKSbWEPYmnuHqJjWblf2xFk1Y+oTmdObGV2bJNO5y5KdtseDj2fM+578EY6dQT/C8PdP4pFZU2/FaEI2XD8VFgdb,iv:uCrksvcCxRki4ZU5v1nUeTGGh8eVRHSlJTfvSCgvS4Q=,tag:hSBysmc09hQ0PWCddwhjRA==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:GGuKROZvEK6o,iv:6z42kd1Sq9jYhuCnELK03hrbf2rCiwQePnUmSmmZFQA=,tag:ecE1Cg04Ogc7etDgKIo4AA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:M/439SbtJDIprNPrLg==,iv:s9SNcn0+U0UPm6DnzMpCMkZ1nI6D2q5bsjF9OGchSy4=,tag:W2k28GJpFCIWB6nbnu6WCw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:raDMlRR1hP/uXvbx/ycea/E=,iv:fqvZy6rxs95O25P1wnw+1ZSyycVuEdi48vBiEjKOrko=,tag:Hu48JgHoxL7EIYGblcgjTg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:Z65RUWhrFX5ndI2w2l8zKQ==,iv:NtJDOluhP7dKxeg2U5ffzk7CIC0QHLiL/tj5zoG9qh0=,tag:7ldby8GNkws1wesEXHbrNQ==,type:str] - master-salt: ENC[AES256_GCM,data:8+jdfUUcrYM=,iv:PAgmi4R62SN0ICjo0ZMIXR6y1GU6FqBYBzcMOxT5OYw=,tag:jt4xV9uuZSVVf1rVTMO3QQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:6tzZkSQdQ11E0kjt,iv:LFW32MkbKOcWKuk58L7I6C5+OShvokjDTgdLJUlgWzY=,tag:vbI7A5fR0/ARjwUP6lBD+w==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:05:00Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGeHNPRCfH2tYGZGJtWOORXAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2mzQMeV+oHKQx8omAgEQgDuc95gi6qmoKKpf3n1DiDNQJkPzCDpiXhYg5Zvea/gGbZ/2FhYtBMyYpXmxpQ3pFFrWxNFKB14ZRSLuNg== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-22T13:53:06Z' - mac: ENC[AES256_GCM,data:KOAWx3VVyoSGG1zgG4+AdxUy96NdIl/b6eSqO+G0vTJaMbybcEpLqC10viZ1u6qqXl1mdBDxz7hPxlK8PdPclf3FJ0oNzMxiD9LqMiNGW/VvEuips9zML/RZqjVhzJe2BQ+gGuDvQGuE6cCgE1ZjySK3Za9zcPDgIAgZ9O26UmA=,iv:QrHrG+xSGTKPN6aJddaW6ZWTFWKZGEpANKGrSclmFWs=,tag:bcJpK+nhfh6WaxNHlttbSQ==,type:str] - pgp: - - created_at: '2020-11-10T08:05:00Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/SqkzcJH7KTYgkeQAT79Q3+TjOHnSuO2jOWS2GxjZHKaT - Mc7M2bVc8cqrbuzmSpQvnuw/M2b01jQICfXq9YUMmnIyPgjc+yOI7FHikdoIaaCk - 1n4mQPTw4mHMaakagmO9OPJZl41STqQmgkQJN/yqTusnzYHVHcVHZHFeVOQt0f0G - l9qP41LkUiJNr029WjNCX53h7v1y0VKYgYKDcv8phTtm3Kk/SQDWC3rxrZphmA2c - QgsQOskCHSdf/RYmeDHxWJNp5K/HNx7oZt/ANH1IrfClokpT6trKVdf8L3qqr1bO - INVqTOZ3Q9us/bmG15O8avLXnrilOxfHj6K97SaC1NJeAcf6jor9awNV5EuRjqPr - uCzC+PS8SEvJ7xnPKeKjz3RRCbWd/5WZeu8Lpdd9a1sFDY4adoc5csjlrZW24ChT - zyk5uO1sxR4Z5sCFkny3uU0rEFq299PVf5xxtDaYdg== - =e4kb - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/pb-qa.yaml b/deploy-as-code/helm/environments/pb-qa.yaml deleted file mode 100644 index c34c1c3e3e..0000000000 --- a/deploy-as-code/helm/environments/pb-qa.yaml +++ /dev/null @@ -1,1003 +0,0 @@ -global: - domain: mseva-qa.lgpunjab.gov.in -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - erp-db-url: "jdbc:postgresql://pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/finance_qa_db" - db-url: "jdbc:postgresql://pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-read-url: "jdbc:postgresql://pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-host: "pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - server-tomcat-max-threads-medium: "20" - server-tomcat-max-connections-medium: "1500" - server-tomcat-max-threads-high: "350" - server-tomcat-max-connections-high: "2000" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://mseva-qa.lgpunjab.gov.in/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "mseva-qa.lgpunjab.gov.in" - tracer-errors-provideexceptionindetails: "true" - s3-asset-bucket: "pb-egov-assets" - egov-state-level-tenant-id: "pb" - timezone: "Asia/Kolkata" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - es-client: http://elasticsearch-data-v1.es-cluster:9200 - es-client-infra: http://elasticsearch-data-infra-v1.es-cluster-infra:9200 - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - pt-integration: "https://stvending.punjab.gov.in/" - zuul: "http://zuul:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - pdf-service: "http://pdf-service.egov:8080/" - property-services: "http://property-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 3 - memory_limits: 512Mi - resources: | - limits: - cpu: 500m - memory: 600Mi - requests: - cpu: 500m - memory: 600Mi - heap: "-Xmx400m -Xms400m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx376m -Xms376m" - -egov-common-masters: - replicas: 2 - -egov-filestore: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - volume: /opt/eGov/filestore - healthChecks: - enabled: false - livenessProbePath: "/filestore/health" - readinessProbePath: "/filestore/health" - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-filestore-qa # Only got UAT - server-tomcat-max-threads: "30" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-localization: - replicas: 3 - heap: "-Xmx850m -Xms850m" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - resources: | - limits: - memory: 1280Mi - requests: - memory: 1Gi - -egov-location: - replicas: 3 - memory_limits: 512Mi - heap: "-Xmx356m -Xms356m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "1500" - -egov-notification-sms: - sms-provider-url: "https://smsgw.sms.gov.in/failsafe/HttpLink" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-sender: "PBGOVT" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - java-args: "-Dspring.profiles.active=production" - sms-enabled: "true" - sms-sender-req-param-name: "signature" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "pin" - sms-destination-mobile-req-param-name: "mnumber" - sms-message-req-param-name: "message" - sms-extra-req-params: "" - -egov-otp: - replicas: 2 - -egov-user: - replicas: 5 - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - tracing-enabled: "true" - account-unlock-cool-down-period-minutes: 5 - -tenant: - replicas: 2 - -egov-idgen: - replicas: 2 - heap: "-Xmx376m -Xms376m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2000" - spring-datasource-tomcat-max-active: "30" - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-mdms-service: - replicas: 3 - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - mdms-path: "/work-dir/punjab-mdms-data/data" - ingress: - zuul: false - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-mdms-data" - branch: "QA" - mdms-folder: "punjab-mdms-data" - masters-config-url: "file:///work-dir/punjab-mdms-data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - server-tomcat-max-threads: "500" - server-tomcat-max-connections: "10000" - -egov-indexer: - replicas: 2 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: "1408Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - egov-indexer-yaml-repo-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/finance-rolloutadoption-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-services-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/sewerage-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/error-queue.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-firenoc-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer-migration.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services-migration-temp.yml" - -egov-workflow-v2: - replicas: 3 - memory_limits: 756Mi - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - wf-max-limit: "10000" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/collection-migration-count.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/apportion-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-registry.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-generator.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egf-bill.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-bill-scheduler.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-bill-scheduler.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - -egov-searcher: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - search-yaml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/localitySearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-tl.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - -egov-data-uploader: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/punjab-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - replicas: 2 - axis: true - payu-url: "test.payu.in" - payu-url-status: "test.payu.in" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - -egov-url-shortening: - replicas: 2 - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -telemetry: - replicas: 1 - images: - - egovio/telemetry - -egov-telemetry-kafka-streams: - replicas: 1 - images: - - egovio/egov-telemetry-kafka-streams - -egov-telemetry-batch-process: - date: "" - schedule: "30 19 * * *" #GMT 07:30PM - IST 01:00 AM every day - -egov-custom-consumer: - replicas: 2 - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - replicas: 2 - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - -pdf-service: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - data-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json" - format-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# demand >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -demand-services: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 3 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/QA_LATEST/configs/egov-zuul/pre-hook.json" - posthook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/QA_LATEST/configs/egov-zuul/post-hook.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - heap: "-Xmx1280m -Xms1280m -XX:TieredStopAtLevel=1" - memory_limits: 1536Mi - resources: | - limits: - cpu: 500m - memory: 1536Mi - requests: - cpu: 500m - memory: 1536Mi - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "2500" - zuul-host-connect-timeout-millis: "30000" - zuul-host-socket-timeout-millis: "80000" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/citizen/_create,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/filestore/v1/files/url,/egov-mdms-service/v1/_get,/egov-url-shortening,/egov-location/location/v11/boundarys/_search" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search" - eventlog-enabled: "true" - EVENTLOG_TOPIC: "zuul-event-log" - eventlog-urls-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - - # DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - -dashboard-ingest: - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -nginx-ingress: - controller: - replicas: 1 - images: - - egovio/nginx-ingress-controller:0.26.1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-qa-20200716.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - replicas: 2 - dashboard-url: "https://dashboard-pbqa.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -employee-mcs: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -citizen: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -rainmaker-custom-service: - replicas: 2 - db-host: "pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - pt-zero-tenants: "pb.zirakpur,pb.kharar,pb.ropar,pb.jalandhar" - pt-integration-tenants: "pb.phagwara,pb.amritsar,pb.jagraon,pb.mohali" - egov-bnd-login-url: "http://13.71.85.9/LoginByPass/TokenGeneration" - egov-bnd-redirect-url: "http://13.71.85.9/LoginBypass/Index?healthID=" - debug-mode: "true" - node-env: "development" - -employee-tradelicence: - SUBFILTER: "YES" - TL_ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/tl-qa-ulb-override.js" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 2 - heap: "-Xmx712m -Xms712m" - tracing-enabled: "true" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "100" - java-args: "-Dspring.profiles.active=production" - spring-datasource-tomcat-max-active: 10 - report-locationsfile-path: "file:///work-dir/punjab-rainmaker-customization/configs/reports/report.config" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "QA_LATEST" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -egov-notification-mail: - username: "egov-micro.services@egovernments.org" - - -pt-services-v2: - replicas: 2 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - pt-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - - -pt-calculator-v2: - replicas: 2 - memory_limits: 1Gi - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - logging-level: "DEBUG" - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1 " - JAVA_ENABLE_DEBUG: "true" - CUSTOM_PB_ZERO_ASSESSMENT: "true" - CUSTOM_PB_ZERO_ASSESSMENTYEAR: "2014-15" - CUSTOM_PB_ZERO_ASSESSMENT_TENANTID: "pb.testing.zero" - unbuiltarea-prorated: "true" - custom-pb-firecess-logic: "true" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -property-services: - replicas: 4 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "756Mi" - server-tomcat-max-threads: "15" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "15" - egov-idgen-ack-format: "AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-mutation-format: "MT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - egov-idgen-ptid-format: "PT-[CITY.CODE]-[SEQ_EG_PT_PTID]" - -tl-services: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - memory_limits: 384Mi - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: "100" - - - -tl-calculator: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# Collections >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - replicas: 3 - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - receiptnumber-servicebased: "true" - search-ignore-status: "Cancelled,Rejected" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - server-tomcat-max-threads: "25" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -ws-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -ws-calculator: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - -sw-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -sw-calculator: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - - -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - replicas: 1 - db-url: "jdbc:postgresql://pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -egf-instrument: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: "512Mi" - -egov-hrms: - replicas: 1 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - employee-applink: "https://mseva-qa.lgpunjab.gov.in/employee/user/login" - tracing-enabled: "true" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - credentials: "IhGjSPFGSTzEY4LPndR2oD57nUwICemnfwjNnW431uTuy6d6t/lpt9kj3qaGjg20b11aqa97mQkCDmbi4FNuV6VkZzg/FEIqMU8yXvt7ECQ=" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 1.0 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 1.0 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:v2 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "pb-micro-qa-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovqa" - db-read-username: "pbqa_readonly" - port: "5432" - env: "PBQA" - maintenance-db-name: "egov_prod_db" - -egov-enc-service: - replicas: 3 - state-level-tenant-id: "pb" - resources: | - limits: - cpu: 300m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-0a8556a53d567fa99 - - vol-067bd4f2862ede11d - - vol-007a6ecd9dae9ed85 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-08d58fdd8a6acf3dd - - vol-038e314b0147be3ba - - vol-023d05b5be32a5dc3 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - ebs-volumes: - - "vol-0189d92faeb8f3583" - - "vol-0d91f9a31ebcf1957" - - "vol-0b365111ccfc3ae42" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - storage-size: 25Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - "vol-0f2c986e3af53a457" - - "vol-043e0533d690c3b85" - - "vol-0d3ac7434406aec79" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - "vol-04da088c7285936b5" - - "vol-0095c1931ed679638" - - "vol-0b3543d8e3d2b441c" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-infra-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-infra-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0fb6a1c559d290900" - zone: ap-south-1a - - volumeId: "vol-0ee3353118859384c" - zone: ap-south-1b - - volumeId: "vol-00459825b3e740e78" - zone: ap-south-1c - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-08da58bc0206b1603" - zone: ap-south-1a - - volumeId: "vol-0f6b42092ba43dca6" - zone: ap-south-1b - - volumeId: "vol-0456dead2cc29309d" - zone: ap-south-1c - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/pb-uat-secrets.yaml b/deploy-as-code/helm/environments/pb-uat-secrets.yaml deleted file mode 100644 index 23ee66f02f..0000000000 --- a/deploy-as-code/helm/environments/pb-uat-secrets.yaml +++ /dev/null @@ -1,95 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:hcSKl6/gh7k=,iv:L1wmryz/oOaHmDxT5b6vUekKGO1Jt2TT66vwbGw2UKE=,tag:uvM53SEmOPJxlycD7jLf9g==,type:str] - password: ENC[AES256_GCM,data:w5RXbuGDWmVo82x2fSY3HQ==,iv:yMmt4S70BSR55MQLCc2AjrK7l4zYyvBXXWqVJnUysrU=,tag:pRT/4blb0cYv4ScSFN/Owg==,type:str] - flywayUsername: ENC[AES256_GCM,data:ArYkGEkLGuc=,iv:QmTavU/aAGVD+uN+4GplMaxpqs10vv+XawJWatumi74=,tag:0dNmOAgo5mKxHJpEhLLUwA==,type:str] - flywayPassword: ENC[AES256_GCM,data:ez0U4T3Q1zmjANgQSb25Jg==,iv:nluEgHNSMIpx5moT0SXglTJwwlrSKeG8k/rS85b0GuU=,tag:onEc7L7kDPOiO8ZMU4UHZg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:xWiHpUi5Cj5g6Mo=,iv:2OHDkBXygyGCELG8gRcrw70zqgUftsRke9wZXVpuFlA=,tag:YzWa5RJhUUukamIW1Kpf/A==,type:str] - password: ENC[AES256_GCM,data:Tg/d9FDmqdP/ug==,iv:LuhlnQ1Q0tfqDxQjcdT7WzYOv9bWmqX3omrGFVuNNkg=,tag:T0cUgmnmF8KP1+NwgItjRA==,type:str] - secure-key: ENC[AES256_GCM,data:uwvsYBkrBAF3plRbZ8KYH5va9Y5KHXNYLZti4dtgnEz6JKsH,iv:8dR0ea6Yn7kcSlbS7rq86sWkdNMZ3cAnVQgDqALwgHw=,tag:gnK1kujuM5MUP0uoSGKMdg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:thfkUoTPL8NuIX0Y4nadPcQsGWk=,iv:+XmUJOcWF+DOYtUuecmXoOhoAuMImZXK728+/OK0yOQ=,tag:Np+7cQxLIW8Q+5Wrg/PE4A==,type:str] - aws-secret-key: ENC[AES256_GCM,data:B2xS3O+4c1v20lgrIePP4LH0vvkTRNSU5COq72DvZmqBd8eeot4wFA==,iv:SQS3/jZonFrgbnDKsXu8p3LvSWtkDoeCGRWEy0NetHM=,tag:1XvzswfQ1l1q8BgcLRY+UQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:dVuVgE0z5bbyQHK15SO+R9nDGSUl+9oX+9ykZK4NdSOtjBPCgJQq,iv:cZS0laVKXiKtcxnSNgwPu2l9IkmH4SolvaKO7K2b2/Y=,tag:U4S8FvFhXmeDYdRLah027Q==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:PZxwnBuyfcsNywWcfjsGAw==,iv:qP+VoKhzkd8LZ+xHsKVW3eg1encsrr5JZlc6J0gTZI0=,tag:cXGzbuwZMW1Eomhr4/TsFw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:wkoVUaFkRpH5deonuy/p1bnoEVfGt3sB09ZRaJokKj8=,iv:6FbvumF8cXaHe+DeujJpiN0HbZ3PfsplveZp7Vi2C+s=,tag:MbfdWKih6Mgexrs/o/dfzg==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:/H+67XzrhMXaiSIEgNyr,iv:UiIPK15r/MZhQuF/a0B/rYUfxqNIFufI6WkmU9tDTu8=,tag:7ismGOm4dJH5gCHvLGT+bg==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:fH29Myi/LP94nnQ=,iv:y/zCX5sIs2QEinr83kZA8DpEgeiyemi9Th3vkd++Tvk=,tag:2oisV5gm+Q86YCN1lIcXWg==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:KVSfwDbqPGY=,iv:YPwb0+mTigqUwiweANV63vI3VixeBK8y4Ur1JLHVcro=,tag:WM2HFjGH/RJzi9pU2zKrfg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:YLltMnOi,iv:xObFuJyRsKQEJBR2JBYTrlMp5eLoSy/+i81YDVtWcqY=,tag:ALSL1PTQz1agSsYLCvqFtQ==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:qBBaNxGDktA=,iv:ddnszjP6By4QOSmxv+g9f/q3hfGXiXUITmLDEGsr3Uo=,tag:osHzK+t63kgtw8ZYnrR0HA==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:Q4VpBCsRvYTTV68bzp5mha2DWzP0eR7j5jEJEA==,iv:7OZjZnMv5sNmICy5p1FG0PSIQbqWwutpWSfE4NjUES0=,tag:hCijQ6RlFqlIMggLMhuK4A==,type:str] - admin-password: ENC[AES256_GCM,data:SezTfWBWY/yU+Jnwy1CCDluq,iv:ZhOzXnaX5yUTGZXgEdZwEEtheGMAYfUbHNej0qdEy7Q=,tag:i1GUp56XWVaz1qt8fl/d9A==,type:str] - read-email: ENC[AES256_GCM,data:uIkfe1U8KIvbyTOUTtRmvLyeIDUy7npPn0VT,iv:pjcxMSNs8LgjXhgm2u+qLvNLaxbowqLOuTYYNTxjXgA=,tag:qrfVvCiHv5Z0t4dtpqvGdQ==,type:str] - read-password: ENC[AES256_GCM,data:Dzf26T+UbAlhjzPGcjpSga/y,iv:1vW01sxAjbV7aINfbXjU+YdVIviESvl1Ss/ClhkUOSI=,tag:7OOEr7L9bnTTQzvai4Wa1g==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:gajaefjAJoqx/A==,iv:KPzBTRvGFZeDjFx/2zmJynv/NHlVgX1/PNyvZjyZoz8=,tag:VTcmBFXB7nnio4WLJTaGZw==,type:str] - home-isolation-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:kphUm2mSkZzVI9mRi4mAaIJ277CUVmHRILD6YPAN,iv:pl3TG1alimr/ltfXUuaA6yJ4gHe47DgIx1Aur7OIdvU=,tag:3c00qPePjCEy5tnnEheuPg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:srUVq9/xnn4r2q0srPasmQ==,iv:GZfw2nM3Q8X2Q9HLgJeRvjz0xE9wZRwZDeh7y49Z364=,tag:jL4nK0bNH57wywFWZobUdA==,type:str] - #ENC[AES256_GCM,data:4PuhhE7SeLu3buG++H4UNxphp+DXakWv8do+N1jTXqqzCg7q2zOHx1zf4jigf/fMUHse4Rro+0T8XP8=,iv:zV+9x+XmCsjwHJ6GSBDxVm6zwV/NqDoy6qi8bu0Upw0=,tag:dXnDzFwa/IgYCelWbiPTKg==,type:comment] - egov-enc-service: - master-password: ENC[AES256_GCM,data:ZPkf6PUwsGOy+VYN,iv:mFJYlvGOiSH0Cv3NBtvO9Ug4YjhRfysV146WqCNlzxY=,tag:qwEsEh0mV9t9kcGcYBZmpQ==,type:str] - master-salt: ENC[AES256_GCM,data:65RTupna4s0=,iv:iMNvJpZk70A+vm87KJhRr12yBjQ8mzBxIq4H8zu3BDk=,tag:8qzNgaxk7EDrfWOFKVpcCg==,type:str] - master-initialvector: ENC[AES256_GCM,data:/wPSeMnXeoWlqFrA,iv:zBPzJxBhrobs0KfeIRlsDQPpOz+YksySeeYeAOk4RPM=,tag:80LpAlnWbwzK8Q0uMUZv6w==,type:str] - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Ko3onLAh,iv:ZBGEDwMZTFuNSoOzDyIkm5cI8z2YtytiStMZJHcKf1o=,tag:Yltkbv7sgUJvXLYNknyR+Q==,type:int] - rainmaker-custom-service: - egov-encryption-key: ENC[AES256_GCM,data:Jg8gGpp9LWEk1LtoiMLaPCdSodWBMJARSW0wxzIEX3A=,iv:MIoml1fdxzj52FjIOEkLO+GNIky3mr5iOuJRTcRvTLc=,tag:tOt3PtLuw+a/vWzNdlcW1w==,type:str] - egov-encryption-iv: ENC[AES256_GCM,data:wDlYQqrBARWAsRyUJzTbpg==,iv:AslHA20LK/feIAEEBmZBlD+hYTAwmMW/28XCIj5Tu3M=,tag:+MtYHLqEV54lH72pDzPfpw==,type:str] - egov-bnd-encryption-key: ENC[AES256_GCM,data:YL1SmTm4x+7bW0ahzj6SfEIG2D89RBIc26LV+nP7LMA=,iv:wcuaUfjuubnrfwaRMZ1E7k/hqSq72naXJmMDX9B1HiQ=,tag:uzymsiExhD2VYjSngC1o3Q==,type:str] - jwt-key: ENC[AES256_GCM,data:0qjJdXEH27ut,iv:JMM1xt+JZxa1wB5OsEvF10ue79xGNPJ1yKld4IeEaJw=,tag:7W1dELZfoeytoIGK/DklcA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:jFnxsPHKxZaoplWy1ZQdJrzo3EEq43OcrIlNTmkmLPLoyOcUHOn0w/yaKH0hMMIManfENKPYasVayAtXIWcyVt2nXe6J+6WXGpx2gdiNfB3GT0AALEUZP9mMJf0/TKLCE/BwnFfSd3jpFj/mtUslh4aIkIztXNYA0Aj+PCFqnVq9HcfLYfBkXkCDiugZAOcrsVoaAw7BW5Cc28bvGU070fKGUzb64XqR1P4RznKOpAtaKE7lDvfl+lNEAun93qsBAp02Gwifqv6sot0w6/uUcHWdt5/XxlpP0YcM13gBQuBX4TdfZc1g6758C1nriyyFxvAeWoUXzDAiGN+WQa0bYF5XuZpe+r40UwmvgsSySzx4djSnuaWIRJOI7EDlkBFDzoYbOUPrkabcngklrM167hzqpZY5X/EG9EqxPcLkwarcvJYDG8dHfi4LwBZuq2ANXBbx0w1aCXegVLgjrVx+CqSUL3VxAXRV1KnL4LidTcSZGl76UKFx7zLXmxO4p5vLDTCVB2jwYdtG/uVYJa4SVIyrVfj3IzDe+Gr9RcpsYbT7pUQv2PbtdAyaqbKKoJvKSdnBMUT+6+EoKVo61gN2Ut4fkwbU5jtb20q7VD/nXE6InyYY1RxCOaFqr2hQgaV3+PuCkca3MXswgKHVR4v+9ZMeDwUnJ/xLDV19ZIqDYwTNTcRubIcdbt/moJOIIPtUBWa2yiZ4HGKxzflQ4+KkDC5YL33e03Ors3uedyQ9jMU8a6FiVLfeovFDzXm4+k39yrictrOp4Xcsvg3j6RjtfxGClwjT2i/QqRxGBuizZuRCR37u4oSyi2JRtdkJuOXR5GDQgWvpSYtXK2MLkZF61mphDr3VVsZ3gizdbNZ/uvfJY38HcPlqMqMPkteXASXa4nWiDA+8YmJg+k2GfXBMBOjBuvGiheImOphpyYLz60LYwq9xxnDXqPDzLks1q0keFlzcbp3+VkwBRVmeGmUDI6yaeLlQNaG993PMxYEejl+yI20mvflRIP2nlJx2OUBC462sKdyN2fJhZOmFzLLDTiz0qU1FcslmPrYNB8Uti7bB7eUa94FVTVnaj2dtmi4lRu7ehYIYQ8Srq05okUK6yqrfQZIInGlmg+3kregCVNUT0083nt/DdEKDBAY9EM7z6ScjgkupzHKTMh/hM61Ypn7gVxCxX7q6y1ClHsisIjE3rSih9dh6bvT4TZzPMrqGCT1qWmOLF/w4URvTfDwTryf3n083PijvAeerSapiiwqog0gkzRZZssegFkXJuI4dkmnQDj3tsyQsrgPH+2O/bbiyqNr+Zk6HqxCxrhrgpO7mhYzYilC50nO1tXox3zxUKPiKLdTpaW1+ST7sRvtudEhSvgevRJWlZUszb12z9Y/um6p/HqfaoMTamNJzNGfU/tyohTrwpAdiR8HdohG5RMiGYkR5Zx4xzjmJsGjV9Eo+rLgF6viNgg0ilcGBRQrwr8/f7ypYVZtS8EYH06gXzPBYSHWyypnB/oGTDXewnmA84OW703+9cc2CT40wmlj4OjgfXmPUaJvQX52tA/nRgmSZKvstky4apcr04+Njf6MfjApgM+RW8c3opnwOnbVeN5DjbCmAVLMn/AXNom0EC0tUaaWL6BHwIvhG2oVrSo6NSNp1+/Aiqse/MROwK1tiLZ7P9GJ7AfBVpD5PjR7yjI5LfPPJuSjDaZhAp+5RBLSD5jLIHLVVGpU++dZBbrmnAbtoP+6PYk4H+RnOfm4l8+u2sCBZal2QhRiNGn8yNZpDofTa/5i/mdDtHaV5rVtyb4rhfcyax8YlR5hn4IHHF0tZZFKerbR2brJ8HLsbGMAuSW//Iw/zUBnoGAfZVm9Ji4nTJQ4+l8KHgmDG4+vLQIIOwEoRtXfL6Ig8dHzD6g+rRglzi8/ttMly4ZLyV/kwATBxmlfI0F6j6AuYAh97r/v/WQiEVqdCO8WytSkh78RiB9bzTZxmgd6UGIO99kNVkFO9hr6prglRa4uRRDUErB7a300SRkdeXM9JfA7b+hH2GWvns1mc8UzTikYc42nyQI1eUsHoUXFPsXbHWq5la71MuMSow+pjfxv9b1YDlwe0f/VGM89ZbOfUd5S/0fUokayKkw6XCaHjjpzYFzVWhijGWcCIxy48pd/o+yVb8+0icXCNdVdhrFY1gsscOTSHFTjt5VJCGb1ZpMcvJwfvODAvlhnqO0cGNZ5wGihsVY7iU6RrN0+0IUL8t+Dqaqfo0cGs/iEZiO+c7c48VfY8fYCyBAUZ2yEFMqrJFiFJceQTA24+OS3MBlpfW5m8lI8owK5OXczzoqLuhaB7YMYZw8a/eAeQP0G+Fhw01RrecVPAyy95590d139RxKcU52i9EAHZyno78K2WdfGI+BR64QU5aIiLswA4ygCebEJIk2pKU3A0UiXTEPF0ZTzVxs/54V292duf6IpaKxMpepqvochv9Yj5LFvu23co4JN6BuCVNEiyWYh2gupX8Gp0M1dKO5Fqwl+FIlt3x0grNzwHTUckRmpUhxLhuU8dbhVWjIuXKCN+XeJJ+PX4oy1lEclcuVTFQuKnGw/aH/+8ixiykaIZyuD4Tblfz1OiEgqTJbmj3Vh0d1YtIGC5kFWASIwbWGyhSgXCjOVYHaVzT2OqoXJudV41hBRcI1Gf5Ftwo7LibVSwCJKne50oxXw0GjwZyjsBDp8KT9PPA6HgvzU6TkfjmY5NLzrBPCw/WgxFrMZoR+qvgCmVkemVZchnFo+i703wiM20ae9M51TI4n5Qd/bhHC3dOvd78ubo3G4+41XJLyui071Aeol/ufBQi4c/hPX8fkzNcXnQsPNZZu7z7HGHLeCFdcfHXluVAI8g6Lw7maVVH2rXelV37TS+sj3Ij5NWBW2xt6yHJKt6DaOTQF8R/8bZPZpwOVR7NXsV73zX1L8SMa5dsS0JooHnl0aHOO8MpElN1Z5MxF51wOdsecHkOLCbvsxtnkGwVhaBF/VutjiJR5W2mlNwqNmCFd/6zU7898/zKLBKiRsvZlGlE8KNwQocHoZYa0sSXBKmX791d3y52HOpiy1Eb1VWVZtknQj5ecF2ezIa0NS4grH1BuPrvjPnizodF8/gbWIwXJf1QURhZ3miCM10o1bB16YaUYOxqsHLHEcS+qD0JGy2U52YSHl34LmTikfUhisVf/IuXS6l3vU/WzWRVMx34X03GaydIeo+MRoVHt0GJRFpINLbJAf8dP7ObP4n3OmlAY926dblVjU/+JAbk4tpntrwi1OrB+y0d+0QEB20l1VrOGnIOZV4PDo/22h0xNEvTlLAbFlV/eHuARnuIlJUe112gdRcgyg/iiiSuCQjK5XX6N9Uk20cfzqFgSCbMaqF3eY4LtbdAQeTxHpgjoX2olm/pFueoJaWNMTkLy98DPbNwxElxKuKGa5bZE92qCPHm0P9D3wq4Yzj/y5GVC9085z1mlqfgwCqdfFSUDrq3o2ZVjOl3IMROk6IcD+v7Mq9r62YHJYsoWBEl6YhnExLqPTxof2wSTon3y/nekk7yY+rShWIClpeHuPwXsgDGCaN8LxAhhr2W9vUfIdEnddWrH3d3aQXVCYzOUym7DVtYUT9WhfbnXxjgM2/ugNP/gPTvK0wLeOVhbsEhOe6gIGzdF1FEW9vrUr5tiizjZPtLZsF8coVDIhp2HrYAQLkcCLOk+ddOrU9OWjVzm7JR6ZARzK7EyB6YBa7Bp0MQTBqZ9NZNopuPFP269l+j3uQoftX00Ier2NKEBsVc8qaX+HaIVHkUfs+tnzpfW5CMLEftEcFC8TL7Zza9gm2GhB6tD5ADwhPb7T2HTu7utjhyN1V/Fj07+jFvxFaOO8XFQWO2FckwD2CnM+eGxYwcEXsLLV8eyngAHlF/yNDlfWZEcbpBKUQNs1ZcBQFMgrLz5n092ZNPoW2P91QRmKLz/QKZ5e2t6wA0tu26gRFr6CpeuBLRLPAy3GHaV0htFmKaM0182KOVtmZs1NqpfPFIbn4/+gnAP/DJfTsrUzeLs2SJvcy7ab3L1OFP+dyHNsEM0uTWip1xrKAV/te+QrCHC0cN1/gKrN9WdFzVVx12IfDsOb9eyM8WkF1xtM+NxhQ0H8UhTdnZ6b5JvA9wY5Gig0g0+CwIVFz7gn5ChXSWYyRGsao8hmStPhS07SikECieHGG+QyEWerVonbyvOypZzQyBuwR8q/pHJor/uvbZiAmX0F0E+ZGdvj/z2ilwKv0aVaICLTVYXIzhW8gOCKdLEAUBImaNFJveOAiaYL8v4LK7DBBH+pmZ7IuWg7qEabjTQFSn3g3CtvrOV6ObKY35dtV,iv:LETVBWe1vJ5bl0P0JBuaedEPOoUsxSNvifEjrEM3P5A=,tag:Ny3SC0/+7EDlUGikPqDQJw==,type:str] - known-hosts: ENC[AES256_GCM,data:Gwu3wKzqY4elDMNr3sPJXM57FhwAG9H3Yx0etdT7HBXs5vgFkrw2P5JtnQ7T0eRDg+3uNm95vkPvNQshXhSKqF0aStVLvj/S8M0TtIy+1XPkQIJjkJ4NgZHr+mEl8xaN/25162amFv7vZceRynhBvEzzMl+McMLZzGXmHovdocYsLSbX/39UJ5QL7E0Il2Dqaq+TgX8mbCwKwXXHoxfbDQZIexJGlEDd81Ks/OUFC3Jjy8DlzAh9I9Tc8cCjNvqFS8hQt0CFGMD1wzFFnqPNnLIOx3MjCrkhBmRFe1GohxP+Pie9zekDI+JSpnceF8EFZWTyOvdQozBqvDke9/Cq9d8MV537lDSoNFwU5jDayuTXwMtYIO5+8SA3tIbAF2Ii0tjLnrMGTqubt4SNB0u7KbWMj5KYoWpoiowRTBWMFyqIZI5TsGgQ/GTeIaQgHggpL5dNjSVGrj60IFlWck/IfhxlGQpona/ruQ8XZz8znzQNAMKj1w8Gkm+N7Efk46PuE5ZdkkY40A==,iv:UtyI7sQlOVFmHLW8TvC6LyHg2xj4o8fcMaJG8BPxuM0=,tag:+OlZkR9fLA4QKAfj5P2iGQ==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:aBeGRWaNITPVkQ==,iv:WsJ8pNOoCi+e15S1oCAohWCyvtKkeduPosva8xhFMWg=,tag:1BbQhw6LCUclY33vBjW0fA==,type:str] - credentials: ENC[AES256_GCM,data:csFqYayRVqW1g4nMONn175oUoxofGsSvJ0qQVkU21kVH0UePnpsqWFXIxtvGviTDcJOvlo0dYj45w9PvmLm7YTC0AXumAygm7yF5rChjJ8Ys0zRE08nc,iv:CXU++UOnhAKfQJacAajXri5x7PDvEZmiWSxZTU5eNcU=,tag:fe97DOEFPSh0U9gL659a+g==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:h+M94qextbdbWitmjrrsTw==,iv:mEEBms9M0bvPL7quNbxjGzGAY4R1FiQ0kxP/oUPpI4c=,tag:Omu+I8CxhsW72RqdTMyw1A==,type:str] - credentials: ENC[AES256_GCM,data:HURIwRcxqkIzlbRrAJW+fcIk2RXHkTBWA6TDniVWf7+TVQ5P0kOUcwf88A==,iv:S/g94hkVQJH1mR6cpeaAuJnXh7do772od+d5oo1pMqM=,tag:e8gf8Fz+F6Cn6f70LNl8SQ==,type:str] - jaeger-config: - credentials: ENC[AES256_GCM,data:sYsYun+ch+Gxl4gNgytW4xeHe7mjaWEVXOt6ADsRP767CNp25fpO56971BUHQgkPhw==,iv:53lrMeCnJ2HCP5Vi7B2snX8LntzgmuOp/n73cxILuG0=,tag:OQP6fMCi3/nlCfYPJQjfww==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:h/U593lLuYWd,iv:YRerkY+yVWBjHCVHJys56d4OicYCbbe9EoT6hvJR2R0=,tag:xmjFsuZTwUTeOXVkcVtLzg==,type:str] - valuefirst-password: ENC[AES256_GCM,data:i4dDsg6/07u9,iv:sI1T6i59qSo7mPcTrjKemG3vqpPNf+ZR9ODnSklbbvA=,tag:hzBZc6xcqpgHMkLxAnMVEA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:ggajIS+7,iv:y0HUcLhWkvHW4DPGC39lwf7j5IWpZfJWCmfz3rLtzFk=,tag:TYU5+EKQEDRL4OI9NPyNeg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:/NVU1YG0LgjK,iv:15L9ZX5RK0QXtHPcEWbh+WgvTFBui063j6P7oqU+eqA=,tag:dgtBSVllgfSts4gnY3qd0Q==,type:str] - si-microservice-password: ENC[AES256_GCM,data:dBRI46EcE9kwnFJWOg==,iv:k01OITplCbTc70gmypYyyhMw2He/+Qz8KLQprGiM3UM=,tag:A2We4qhWamx4jpdBVPh6NA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QwQhD+Lr2RZkZ9MNSiVpPc0=,iv:VCasZh2qr0GO5KNbEnja/0rg4BixikMdFpIYinEJpiM=,tag:U8OK7hs6+ijQki+/817Njw==,type:str] - case-management: - cova-auth-token: ENC[AES256_GCM,data:VM5FAQSnf1EtxIh7TBV+4uGOQ9gtyjUm2voVZhAp/oiGfXwHNRiGshMXQRdkIRLCjBrFmWaQQIwimwot7o5ntAPHE3JT1iDwGhILmXdQrDK5ijeYTwbOXHy/scl8S/rhBu0l5Cw/eF4Vk17FvgDK8VpdWe2AmZcCdvYcSZNvocbxB225jkynPcrVl4dr60ieOMoRx6sVFB9l31u+YA1ChEqi4g5uo+Zgv5bvY3PQWKnYqZwsMBwu1mUGMIPumenbCqeP8frKyzQYGMiggXAU8wH4Tr+dV9J9zH2WT4IiL/S/jlJHTGrNzzhnC8GUy8bs3a0Ik05zneT9kmkUedghhsyv6ovntTjdECZ/mQ==,iv:SJQz9xL6G+SYNWcGmXRbSngnTh7xnXI7TALNqb0bg6c=,tag:G45JPrjl2Nb+69YXSqYslQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-12-06T11:35:28Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFYuOA9XQRcG9F8pY7ZDFSGAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMv42XtEM2xlvOI6UxAgEQgDsfQb1ZnFO3BAMqbsfCR0FV9sNQCB3aJOnJyKf94CjObDuFHS00qQYCxJu99Y0umMyZbgcuvSxKx1jTiw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-06T11:50:27Z' - mac: ENC[AES256_GCM,data:qI9zq5Ezd9eqSYyBr6LkeEcO+OG6kZR40bSWXepRq2Co+pK7IlW9QE5Egt5DN+ilSvXrcv2STxZA8WgWv7qvhk/B9t5YkUFxva2alWPzXNFvqpavT3d7EO2iytBq7sW/8KaiqSWYXooBi23SP4C5tACtugs6q6VJ5nInVbbAf/Y=,iv:sqBgX2Yk+7ipHi3WpiSvC0cXnPJ1MMzl138oE4bUuIU=,tag:2CMoyFV0r8G0hm+RkptWsA==,type:str] - pgp: - - created_at: '2020-12-06T11:35:28Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAlfqD13DkNF2gaVjaDBYdQQyaXl1rAMuHCVrAoTDlQswp - f4s75dY5dYl6w+NiJwAW4KeRKMI+fsQ64Y03mRWjlH85qtpfF8IeF/fO+s1gSE8X - 9B8n8SsvG6EduYbhZszaAEcV36ddFWRK4VmFQxD0+hFR1TVw/+9TY7B9dfHaOCFo - q3GIJzi5qTA5AkcanQCVD/5R/HbNu67vXGi82qJt6/2DMJzJCCPWyYQdgLnr237M - lBwRl2pPL9WhDnTUNxaop3nhzlbWe1EA1Au8a64XnKufcy6t5/HnvpXuohXCYLnw - 7RoMu8H3B2VWuIIkyfZFBhy+1nEjpaGL41ySMM9g/tJeAfOH7MER4+piY8t3779K - sF1unh3doUkCjTuZA9k6FNFmJELXNU3dqFyQ0flcxbQDyiLb4nbhcLpKDGVEusLZ - xxOHNDgfFk7uVaULNdB6ov5vUPQl8m94Jd1eXmrxgQ== - =A7tt - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/pb-uat-v2-secrets.yaml b/deploy-as-code/helm/environments/pb-uat-v2-secrets.yaml deleted file mode 100644 index b8402dbfa1..0000000000 --- a/deploy-as-code/helm/environments/pb-uat-v2-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:dW6ZXaegNbU=,iv:FnOvTgJVAIue73rGD/jJ21E/5Imj++WDLTs0W5mJ45E=,tag:zN9YYDVXjHiJiSXDi4bbug==,type:str] - password: ENC[AES256_GCM,data:KfNje2WR2rIqCQY4zky2iA==,iv:DpK+vkQbtGZGeugbRgZ6SKdB7+hja0knErNf+k9CuRQ=,tag:wo76s442gV8Ksxg8Qa+OzA==,type:str] - flywayUsername: ENC[AES256_GCM,data:A+bTgyfwk8w=,iv:SDXDCpCXWO41zSViANqXlstfpA2vjFNkFKpir5C0lLI=,tag:6dOJPw+kU4QATW8QWLqRIw==,type:str] - flywayPassword: ENC[AES256_GCM,data:NeXmIkDFqGmUfvqGhp/85Q==,iv:K2T8WRZjHVaGuJbFTqoKoZDultx24iiQ2n/7WKg/x4Q=,tag:BC467vwwB5LCayKGxo4pYw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:dzbtzyH2JDMYdo4=,iv:78ro1LYb15HKlqBVNEGhyFkd1EKHoScrVmJdTxzgXVs=,tag:gNUF/adsPYOSHUW62JGhJA==,type:str] - password: ENC[AES256_GCM,data:AksuIh8T92mKXg==,iv:TeZR50/YCHX6RJRlCeC5RN66ajbBEKJmMLr/gevPaeo=,tag:Vo0fqGxCMQBj964MQRlsAA==,type:str] - secure-key: ENC[AES256_GCM,data:ohNr77ONhvTjUcLz6xXyJhBF/YY2f30M/eVWlQ15ZPbv5jZa,iv:1Rn6F6TowM9IC6PXJPo3Fmd+RnTUchUmV7TcdCmHamE=,tag:z0pMqFmelSsWI+CuMD7KOw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:oBVjRlx+buEl+X9vv7XPq8grX1M=,iv:V86p8sxSI73oSLkIMEhQAspng1l33jdBZV4oSmeuwyw=,tag:vNcQVvMS9Omq9MiPL1Ne4g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:MO8sYii2MQBfYQAQr9wrn7QdyKdOMXPEY5RNSLrQk3e+DEgOF+qIUw==,iv:eHIIgBxBvJwH2VgmqADzChGYL2dNkyzC7/GxdJQYEo4=,tag:+XfcFt/Rp3JxL5BYotPxJg==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:dvjhAsKmXhIH47lFN1Qh4SH+qAM6T7Z53SleqLR1rU4jPcaFwYiC,iv:HoZ2YqTpB32LimfUHudz7D9xfiXME/EIOi4typh+LwU=,tag:20iRBfmSmv30xljeIVqyUQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:So+qPoqtNjNIY1yOpQc/tg==,iv:B5VtqbHTpLPHeZPKRPZNNagHc3bS3vawnrCJ2qSVRuw=,tag:EqSXxNdLlaLlYo1LYSpwgg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:LoC5MISWH8jp25JvznLTe9lgy1FRKAIfzQFh6tmmtdU=,iv:B9iWZSz2SztH6ox+2m/jEcYtAYhaCvdgobAXs5uxKrE=,tag:FCyE45wXeb5/8vwBtKyGiA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:VmKGCKKWtDfTYpRRmu2o,iv:Mf5Qet9OtugedFq4HZ37kLeL09Ff41lbj/vA1u6F9gw=,tag:fzIu513TeWkxOh4hArwMYA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7VtbSwrog7j/Ngs=,iv:H/H+ZtGeQc4Kgk2HiZY+i0QcEdv97Rd2hznXomPD5HQ=,tag:5tlJkbNFZtgz+vo11VfcXw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:xg0XhDKwn5I=,iv:3ptikBJyBamrim6Ym0kJDR9kVdOKsu7wuVKRmPPw4yc=,tag:VNtRAZP+CY+LtLpeWy2scA==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:fwZsF2DB,iv:bQGRGYMFwRta9XdBNsLe+rOfFiGJfjq1Ch5xouy2bos=,tag:hArqdO/sEqaBfrCyxEnZJQ==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:hCz39E9+ic0=,iv:SCxypwwXsjvn8HChvNfJcldyAPqJZ+O1fNpzX395ivw=,tag:cQ6OGqd9b+hkO5B0xPDO0A==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:1qR9sVjNv/6CopINa2aLPn7bCxLAJzapCYWhDw==,iv:+pAYqI+k46Qjq/LvwHIDpG8BtDqKv3Dr5O6owE7Vy2E=,tag:7wKgbBW0/IP41kpsHJFr3Q==,type:str] - admin-password: ENC[AES256_GCM,data:0kN+WBWuErQ2RWmLl4uOcO9D,iv:2PtRMvxAkwcuVGJrVPFiqItJ2oshET0RX/+cgXnQCDc=,tag:rfGuEEWc2fsQrjFCKaKKDg==,type:str] - read-email: ENC[AES256_GCM,data:3zrANKYIbUM3RHu72OipYQdLn+nNIZJTiWC7,iv:bQgEKdeVtdOLLuPpDTQqLqVAx0NL91ItT8t7Op+ZanI=,tag:vg+0cqLIHgxlUrN4j4I2vQ==,type:str] - read-password: ENC[AES256_GCM,data:B4iGge4lGrwWCjaPu90rF9gQ,iv:1dOL8sAweVqydb4qfbuPct29CJuVOuiUGufQU1U30LA=,tag:UNJZYon9SayMWCpyjXg4Mw==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:J2MlC4OLAdnDFg==,iv:J5n+P98vdpJMfYxTuMB85AD15La3Vqjir1Nxv9jK3U4=,tag:pXKzp0U1T1mtykxC7aM3sg==,type:str] - rainmaker-custom-service: - egov-encryption-key: ENC[AES256_GCM,data:ctiJKmjp8r8EjfEHCP/M1PZkQsUJmJ5LDoArZ6tiFpM=,iv:m2og3wj59k+sYS63wCWyVRkBSYGmBAdKpx/VUktNRik=,tag:pQowVevYGwkU1u66ce6J8g==,type:str] - egov-encryption-iv: ENC[AES256_GCM,data:gGMl8nXERBzrct6+Jgnbjg==,iv:vs8jt8956aA28KGd9IQQetI0S1YK1+25PMu7+0Iqjhg=,tag:ENlVvOgYZYhtkfR+oD179Q==,type:str] - egov-bnd-encryption-key: ENC[AES256_GCM,data:8NPCfHwJTIgN/vEIUkaKF7n/WGDjk5UIf8WIocKyAPQ=,iv:S2ud3DEquEh7ipPd9N1kVflsYvenIIZpk8BEBRlig0s=,tag:uzoIo3EJLccaX6tTU6Xa2Q==,type:str] - jwt-key: ENC[AES256_GCM,data:S0HUMQOw+tDE,iv:vbvvuAr6xZ0JwmyjbfS0//PK79FUxS79T5tMU4cyh3c=,tag:wbrM8aid2panXEVd+Ggjew==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:IBJpc+ZtPqxDdGwyG+ZKchgcs5Iw59lPWVsFzVqkOvpXvCDYDJ40WAK6hVObtrbUDs9T7eN86F6tOyzldbKJc/KzJSgj3hRdLyiaWgOI2mQM11LVaOh1iXJMuJk5+NvEJvunV0xuflzseWQB28h2/fXh9k3y38tROjAzBHibwWxY1enkFbJYSNoxXSDGtlr+5ZSrNESCpuH+g1xJ2+OYsMnuMdrhzksv9YiNr4V1a8tp5b4OWCsOCqfiR9Wzmmy3VQlpvyxOnIWyQjhpY9ucUAcDnzZdVq2Pkd/xRfg/PVD2eiTTy4YNDkRSRMwmugQp2wngll7VnWgdVMlC8Ir5R3kGpIxCa/XGUcNQFy9C/NJG0EpLxB2vrBeXvAKjh50YqGjaC4MfkgzLfCEQWYj5x1FV4mQKlYLVesuboA+yblIJULAaLx9KHvw3o1X/CjIt76VoPLV/zlQl5Ty0KMl6ax4iGezfbHVNHrqay4vLOWRmEozr9XearGfoThagZoWycEDswV41b7FSBAiAIYHlh/cTLRb9PW+hMj7cUExhoveX1tLZQFDqEuXp2cdjAlJ+ZnqpLcqYV0Kp2iOGfyVW7wQxPmkr7e13S9zUe016d4Eaz4U5zy8Wg+Jg0dNc6SseUzx8xAzuqB+rPjnpNV0LoIFKM366+h3nBPPLPWvEfwQlo68hrRX64J1h3Ivs2R4p1yCtf/VHYUlExApuM6zXSetgfEtV1412uBdfhWQQ1uMsbOyUYUTg81fbP1SfERodf/I8/5d9qbakWQl3i2X4JMLx1LvflkVSFPGszLquvVVGWAF1IJBWqxlBuFhHFjN/jdA9dul0lKwmZWbEN26k9QYV+lkWLeSQzWJt61SPHtXjV7WgViS3nrcCmISrYU99S5mh9BtYRlzIb0aEwtQS3g96PWaZwWBGC7Qx6MrNQTYtdfHnFY74/YXwz8THRJbwfhs3/RQ0eXDwa5RaDHJb6m9OK2ocjhmgi0gU/loF1sYo6KDdq7Txrz+3Rgx+OfANKCYbsbSDcXK0EOYaFJo7ByvD6uwg5F1ap7cqPflGgTPOWV+lUPt+KUnOC3tsQW285otJz5NlHFZQFcYs7tQ4tavNiYZHUP0u7HghI5cWGdK+GEbXInAaHLPcbW0z6gL9YZEARhnZN4UWdmrMWWkS5JZQYey7hk14NexmPrzub7UVW7XifSv8yWiWhPLUx5xs24JoYAnFwH4RxSRDHGAbXkx8VZlpuWAXS+qyECpCBcPfifcmkbEhRSSw4JAYfH/vhlV7BmWAbcR3Eg2w2FeH0qyA6wcKq36INLbeprkVWo7vRRD//oMcJp9ZjLfecufYj37lD0/zOCKhXQC0Z2S7znYF+q5f3M/lhbSugKC5ARnWBRnw1dzX8Ma/aAQTimxemInZyGHDqwU22Q57SMAInFQWz/w3LFIhA6MIJ/9yJuwMv7Le+GfYGEcjlSuOlISbGQXwxZ55NHd/0N0jpqJoshjXurhlRgEc5OkhPW8VSYm0P1DnwFb6sIzVgLF68BiTQ82NC/X0amiU+iD3zf1I4XUwvCMN2ANno4a/mVusw4KAiGcs0gcrvTvgAQOMtCGMp7H3TCNBwdlt2Idk+CjRf+EUd1+Ptk6X9CkzHuZrgjpjjKkc0m5OoJIQAXYz3onUhrEdbK6PanSthqdMI0P1pr2RzGNpTzat6ry9wl6u2GKm1EeT7x7w+HoLN1zAubRkzja/gcYe48WYPMyiTlqpDU4fwNlkFvtSPv6zE+D+eRvt2SCNNl5zxVoMAdOYBZyygMOocCsoUNJ2dknrXjeJQk/4HP4Gk+2r1rTajgTzC5eG6ETHNCcSTEkb9VlGgu/2w8RvXLk4sdPDBiTo99Q2UWHjPRDxRWVcBGgDUxh35wH+I1RWXZ9qrKMJdEABMIwDgdlooI8GjA572OWBTRX7JJnWshLg1WSA3g+E3hpwxTVSoR2prGF4Ycw3kxTAqT43LK77HsSPXTi4lM0oX5epZnV7ye6yZeHU/GqsM+g0raJlZeAKEd3KM4+rpL4C0N3z24VTjOLKM9XoFTrKdmh0EEQSP0JI90cC2vdOOtNrQiiH2eaMwYEpQtBStRoPCxX9DIq9aqhYQ02wRikG28U0r922k16vTgvUyyu1M36DJSkLyc2wQCrE8MRAsSXxSfJLXyF7+9FPBgQbN+6PggI3MU8j4q4Fn53oFMZ4nRgdlbZWJCFS33t4EAie50pmKwarGxVAGQLNvEPZjPPmcQE1i4lS6F+0/lkDcm0SQILHwwkN0yze8sp/Nhf+22rKwWui9+g8AZp7m9wV0Uqfzgu/Eoakqwupw9/LLHltje4Bgj82cGw3xVmI4KrF/SJm2cZjTumuXITzhyCQcE65/b1c/h5p1K4zZ1DsDxMd3DYHVkD6qurxTkn+z6k6vfMGTKzhnhDFkl78u8Sgk5XYD883IP3SOTwTt5cAInk2o+CzQE21oxRvrQ+cE/OMNrStupD0qfeL0FVklfL8hZGX7SuvmqRwAd0Hv3iHi4K7hYYUxUiSQmVIE6xSkrxg1sg/hpBlynn+SG85LYjDg0u/RPFx91VIA33ZcStjQofoYjdsVrYzGeHMd8YLn7PAvX1qogX76csT9NWa50xfizl5ZPiO9ZyVoyJq5NwAahCix2jctidL9WLM9EF5vM70MxsLaYfXRpJNwOGWen+UbE0yNIRCoAQ69hCc7se2HXZmBICv86BtANZn0GGpAxTeaLDTdPNENqiekr02fPdvN5PtWM6GJbaLT/tj673rxSblx7KhW4Nj5G4NwrzVNbUyfhY29h1tziiLnG38RreYwQxPr7WGHtqfg53kKebVutyFJJUbhRfsQ++T3lwgc++wHoIm22rHn4tfckLN9/JGCCDHVqgEELLsLDiqqVcwzGRVEREE/nNkm/yMV3xIKBqU56+jHXoU0jEBM5KTAiEp55RtgakswXKJOHXf/7M0W3cJxDIM0yBLvNJQ8pOR0Saz/rZ8X7NvHKatknwT9jhWLS8M1RB/E0HoEJFiifOl3dMPKqHu+w3D77XQF3zX9XZ2H0SucZCZEQRiIz33CM7D+x3PQWfr2+7RijRaRY3CwYim/ZSk+JKXwUWgS3gafpivWCmTVFOVaeok0nDn4e1OmtUY1kRKqfklWtpjtD6hMNTd2wjlFNlVcILllqEnbwNf9xbCwYZBzUjmA+BVMgYXG7m46JBrb7Pd71GpAt14JjCM3kjQ/GNfw3TDJWiECzYlbim8Y+knK+kEF6RlaKYJlWsC2cixdAT6ZvFfjFe77JJY91urDvJiVt6NEhJvYO0BeWjNGZl6fYUIVEEa+oG47UoBaJGT7Px8c48OSjpLaUx11kXiYLxqlKTOjDLHgNDYrDkHMaUe8l6s6sHa5lH94EBLjd7E+bFXM7O3Jy3he5LJOG6/J4f2ITwdZGNEw2E2ztQGhOqrSaA1CslJzcydg/3tNZ2QbDK1qSu/3kz4RKk/mKuHcaaIUQZ5JZZsAE+gtAehZ+bclMRf3FQ+czGi5Hp321Kn7X0idyOC1wf7ktxZnxJKcJ0czGNLiDu15cCJi5sRb6bgk7da/alfQvyvL4bF2aBgn68bL5YOtRejYw2BGR4eBJJ6CuzBShJ4PBipulJs/NwHjNZK0niUdk5WrBFguY+NVNcIheLd2DbXkHoR3j1bpGcZceZupRKbtkMu3A91T1lnOvJmcoHjeIxDYraOyyvnteSNDPUrhmUlEgMArMLX6YPBWlxkAgKAjelQUBtgQmnqZuiA37Szwlg1m7ieraz2O3ujVctAbHaH5+Hj14Jvl7ZYpchSUfF0Nz8odaWq4MPTg0PHZq855CQEMVq5tWyuNYWGRFwx+KUiPcdrOoGLejpoRWSqBV3+8hT5TAOGWRGMf8suWWDlXnXVQMticNxLDt5w8zZcMoBUErZ1ztj0EDp1UdFB+Z23a/gMPvp1q/WRlxL2X4Yu6FyJnxRPuFuP28rmtj0NeRwkVeFfL9BrGiXS4t7KqMrn9ilShcF9Bb0Cp9SrYy7ENI0mA99mybJWtGVgyPb3860N5GHYSg1I2TbI2H1BNK848vVTHiTIvZFHMrMmVZxrnu6DUJjDVUbba5KZtukJoKWBnjycBxMaIinAFdb4QD7QSqeZrzegKc8TgUw7tDaJP083HYnGVzD1DpjqY2Zkn6QvP33X9mQF8H4p9g4cPmHzmSiTxJTwuWP3YZZ54Ie04rqQ1oi9IpHJ1gyMtGqkmi2yfb61eZnHWSHqxXcLfrBrYWl8R6k+h/3JEBBIADorHAsbQvIKoJL3bYRFrn2DGGyGfLAG,iv:CRgZafcxHs73PQOvK+sohKq2MU27xEDMhzo8WZRjb7s=,tag:xlaxgnNd0kd1qF9EM6bqJA==,type:str] - known-hosts: ENC[AES256_GCM,data:y2RUqy4ZUDapPw/AcBhmFpVHTsWg7WO3kVPnxvMIYargNZdwOhbN7QgJxTZjmeXF4iLG/LvS2cymIHEW/PeDU4ncwu+1vtWpTEwBbIctX7uBuyz8bciwjbkCPM77UWtLvz8+Mes/mNtAnAivWViuZu42/wfw8JaXNV837ahYduGzEZRCns5RA0pxTWjyMB5HOjOKUbEb9Xa/KX5JuvXZrlb81o0c8MHsz1jEU7sfcp+JMMtVS1eZDAqWNTWMpPDLXNf0jTannlImIC5sLhrF1zAnvVxYAFsav/I4B3Qg9Ck+xGwXQDEz4pDfqa9C/4ilUlFxqwdRMUyZ4l26Knk2sUC6f/X59QUXW0ntwcpFshd9ScOLYHQq/aoOscf02rnF17RhKVHg2erFFieY4vW1FQTTz67AHsG8s3UIRWgmKG3yfWFvd30ohfaC8/cEUslAZ21wxKV2UhhLHc3Fbn+fN770nJEJvUW1N4DmMsxZ+XHarbfCius5e18OPIdv/b3j7Zurx4u5Hg==,iv:3A//D/8PoB6TzBNmNf94Fn75jqUzqh3NF+vyCMAInz4=,tag:jCrs3AcvendRQIHqO8TPMg==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:dvY2yFyYMbysQQ==,iv:+zQFuxzu3z92eSxvm9pUlyqs4NRBYG8z930lOfWzF6w=,tag:6egGXbVnwW+tO/d2V76TcQ==,type:str] - credentials: ENC[AES256_GCM,data:SyZo1oQWQfyLiSwub3aS9RdG1Wp+0pgWfeCTNpCiW0pLgpfMNplylcA9EMuaNC+X3I11+9NR+611qf9kYMcvUhYd75MbHQ4QLrbLa76tk4GYtpMaeLhj,iv:/2egfZRvC2Mxo+2srkvz73D/WG1yeXFxMGj3iCUCMag=,tag:6wI59UAHdWZpXEhWrL1/aA==,type:str] - kibana-infra: - namespace: ENC[AES256_GCM,data:LMQWO1EFlONZ52KdP6Sv3g==,iv:v3HX4G0F5MM3CWHTeYY5S8vwJoNlvHmb2CMdVTr7V2M=,tag:SYAhbJtCEzzd83ajIOD5vQ==,type:str] - credentials: ENC[AES256_GCM,data:ZGw3piG4eRvjHhf3lfw5vBU+MFNPezqDL49EzOYcNJWL9kdzib8+BDqyGg==,iv:IPwobBby0zFo8ztmyM5oc9MmHyte3U4mZsbjoxcP2O8=,tag:p+GE6pjdrxfcevlAJShb3w==,type:str] - jaeger-config: - credentials: ENC[AES256_GCM,data:+GvoB5h9MxTzSY19XXFUhVeg/G+X9AUdHUw7gZBb47YZ3XssoKcYHEaKvBRc2o+fvQ==,iv:6W81la+SK/itO8quodPCpdCdA8FXe/LdiJAc9RIbLJo=,tag:L85/q+b2+j/v3tY6qvWI6A==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:EMmae3jXdw==,iv:VlxwpWyk4tZS95SL9Znmw9sMg+qpIFFapNgIWd9yBi4=,tag:1e5UiGpSK09VlvR8ZnO4Ag==,type:str] - valuefirst-password: ENC[AES256_GCM,data:jYrZQ0pOwKsAp4r2,iv:fXtldeHcZfOkt1MkiXA3LBf0qDBbzVgLS5shtaQjmLs=,tag:hcPFbwhpuE/JEjEGg+0HQQ==,type:str] - covid-chatbot: - valuefirst-username: ENC[AES256_GCM,data:wZefDFfuJK5R,iv:oXk/dcOw0cKMW5JpNe7hlcpPhhf6AcJjdsMAPQnCQ5s=,tag:CILzIfNYZ9vxPYiQKgH0rw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:AZkzGUR4biIh,iv:3wc6UWYGucoX5QJygC7+MOvlswLIYDMr2fa3pB3mglI=,tag:cnOa7z6GsXvY7CS6RuD7pg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:mCRsGhji,iv:hvL5kEBpB/o45+kLBgSO9AdnSlvVVSZsCfxhE1qmDhA=,tag:sJZHWPIn8tmQG3L8qYEQWg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:GGuKROZvEK6o,iv:6z42kd1Sq9jYhuCnELK03hrbf2rCiwQePnUmSmmZFQA=,tag:ecE1Cg04Ogc7etDgKIo4AA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:M/439SbtJDIprNPrLg==,iv:s9SNcn0+U0UPm6DnzMpCMkZ1nI6D2q5bsjF9OGchSy4=,tag:W2k28GJpFCIWB6nbnu6WCw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:raDMlRR1hP/uXvbx/ycea/E=,iv:fqvZy6rxs95O25P1wnw+1ZSyycVuEdi48vBiEjKOrko=,tag:Hu48JgHoxL7EIYGblcgjTg==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:fa9FrK+hfXAXFZRNKcxDXy2PFKo=,iv:/A6XLvPvdiOhC5puxUGMCrJqoewyC/OMgqlC0PuTpWI=,tag:C72HGXRpA6HrmpdGVx1y9g==,type:str] - clientSecret: ENC[AES256_GCM,data:4U6vqFehsgWe3rSmHmmSIg8512oBv2T75z2qDSLg9R9+3QtNrkKKgg==,iv:QmrWRhSLhoISnn5fA4obcPikN5QHyWA9n4JPNklBy8M=,tag:LQ5nIpG+rEvGicUmDX/vUw==,type:str] - cookieSecret: ENC[AES256_GCM,data:OWSo8toRXsOFy0XDj8b0hu7DiRk5bSD2eB2nMp3Hin+lUL4nWHNyzqnpNRs=,iv:KdwyGnb7NfLed+U+nwB0JvT5Kw93sJMDPTYStqXePrU=,tag:kLcHFUbMdYuDScjIpCB7kA==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:bP4PLp8QbARaW/g5qAqJ8g==,iv:j00EimJopqMv8INMoPfl2NTBfj38ljT2S7K7nPG9l/4=,tag:Pvnl790eiEQEp6VGqBwGuA==,type:str] - master-salt: ENC[AES256_GCM,data:bPi7TFJRiYY=,iv:SUXVbg3DRIRuKZ4EaIe6REJCypw5KdXQ+PH09DTROg4=,tag:JMN/S2BLWetZzOz+9AcWTw==,type:str] - master-initialvector: ENC[AES256_GCM,data:9WLJC6N+mJ/W55v6,iv:t41rx99t4lMWbBMQotu23lRfQVP10hdMw90hr6dqyvM=,tag:/c18p6LCQlvMDIP4qsd9kg==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:ok4=,iv:imwRMZGsKBfYU2kUHsr7/VEwE1ohvc6QIBiKtcUaf4w=,tag:8HOFdOm2pc10rqkQ6YysuA==,type:str] - route: - receiver: ENC[AES256_GCM,data:AqxHS3PqTjicR5R581UStImECg==,iv:iB67mVWIUduCVIB13MJOVuaL5RrU45TlQWk5vIF2Qpo=,tag:vPT+naVriHFpGGCKu+AuqQ==,type:str] - group_by: - - ENC[AES256_GCM,data:+nQQr+7vYyTA,iv:VOVQPpp10UunPNCjY406RWAETyzCF3rHVBSWRea0ZOs=,tag:q6GbJvh4jo5ojOWr5g/0XA==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:Qe48u7RjL8ZV5P4Orem7jlW+0A==,iv:pQcaDZ/lo9ODF4hk4G1NF5inTJpE9C4pMivLoPScRb8=,tag:WfeGbrsAjm6P2V+iPoCm9g==,type:str] - match: - alertname: ENC[AES256_GCM,data:lmgteTcMV+A=,iv:KzkQ0P2rHayG0RAdknEpiQXeLP1f03DMISD0E5pER4I=,tag:XzlV8HY0LoPWwXkoV3+RFg==,type:str] - group_wait: ENC[AES256_GCM,data:NgF/,iv:1fFKz9ctb3+nByIqCb6tJbE5xhcm7P+lpSWSOSu1+34=,tag:fU54SACcj22/zH5n4VgW0Q==,type:str] - group_interval: ENC[AES256_GCM,data:lOE=,iv:eN7cqsYGu6eaValR25bbFgiLs4Yi/zBGPTGA8G85/Rs=,tag:1mmraZYJ7n7OWQoSAna3ig==,type:str] - repeat_interval: ENC[AES256_GCM,data:8HM=,iv:Igi8KPcRl5Qlzd/EjoATOxGaevU7muow8ldZU+k3GP0=,tag:ppLDVxYV87DXvPOOXdBDLQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:y6In1VtDNYKP6HQ+E6yJtt8P2w==,iv:Q95xBCcUmsRAbCmFJeOs8RI6RwG438Y3DcPYLXbBquU=,tag:w8b3E5gYy6lN0vVHP/QAIg==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:azueRA==,iv:lNHWR1Hxw/mylBOZi+sOer6rev1tg6lddgS9LHIgMqs=,tag:NXD/Ftn5SksLD8N9lrm1Dg==,type:bool] - api_url: ENC[AES256_GCM,data:kRXxl9fUYpXRaYk/44+GBUwGb7gGW3s1FTXpZl4MmRPI5uYK5uj+93XkGW33yCkkdW/ydWRCErYAX0CYMMQTc2JJU3gAOjHx+h0xh0M4Uw==,iv:cbGd+CJHoO244WGWaIoR0ZNjkZsI9pu5kFuKTZDHHys=,tag:naGymTTrLPT4dXJd9N0NLg==,type:str] - channel: ENC[AES256_GCM,data:ELaSWqgvNzMZFAGMspBG4ynUbw==,iv:mrSmMAuNXfwHY8rT7ZkwEUnfykUyj2N5ulqhBrRh73A=,tag:uHq4KreSy0/NBwlgO5BITA==,type:str] - username: ENC[AES256_GCM,data:rawyu39RGZla5TBS,iv:8MGeMzcjH+LtQiJ9YXD9Ofl3febvaXjPn6IOttDmUnY=,tag:4x12mnvhAPACDSiIN/FgXQ==,type:str] - title: ENC[AES256_GCM,data:SYTnCUgVVeg5Q5UfTikgcdKfhkMtAaTdlsuPJX82pEGvOECSO4s=,iv:2WerNqTFtml1vXOEH5cIZnAK+P8BZEE4j9jER2Wx1IE=,tag:D0Ax/q7Y9nkhgRujFKVgqw==,type:str] - text: ENC[AES256_GCM,data:9wmaSxp74NxX7mVNorRANOz8uTCfmorBgQoQ4I1VFauuNhj9sQ==,iv:wMvBBOWFlRKJ11WZ7SLhV+D9egZ4qDlQZe712c+HkDk=,tag:72didSKSxFqwXjQ8dxbzvQ==,type:str] - templates: - - ENC[AES256_GCM,data:g/oiPaEtkv38HUEQ9ZrEUANbIuzcxruBZyJ2upeNLSzT7uQBtBBSeN6rEfH/G5rIZV0AiRfKBVQa5dN2bKPBmG0faI1vDfg=,iv:V4i6io+f7klm/dk25Gn3nicnbV4EJ47V8/NqWb8C3BQ=,tag:wyKUkBXNkLRPH89x9GOBGA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:02:00Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGhwfwj1KD29+ahr1Ql5UXZAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMtgdW1ca/gZYgHPFZAgEQgDsyThk0FoldMpnbtcO2xaMK4yhaarOSPF3XUnAYnTtdt0tQRQiZ2Q9zgFiTKWfYuKB4VLHVkg6168HmWw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-05-15T16:55:46Z' - mac: ENC[AES256_GCM,data:fuFg19OnQ0gCfnZgbtLMyL9k2dpkNvsVameVTAdiMEYgJfwriJGGEYho+YibZE2kUMphzAS/jth9qzhjsArtOAUPgBXCV8Sci3bqm50b9XuZ8zbyUKd3h5N0QsutDPtMNlK4ZWv2MZRysKoR6HCuiaGXWQrNAwNHpE1w2oj3PVY=,iv:SeKL4VydmtkWQ3jTielwYQ88jS/JscwXL7S07vRgVOU=,tag:qcDgmtfVHdDJzWoJzW+xSQ==,type:str] - pgp: - - created_at: '2020-11-10T08:02:00Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAk+6cJMlSemguq/wjwpbVFkZafLgYWlq6iuwLZ234bcb1 - g7v9Ow/W20nJsUSzpRR2hTObx5v4hphvLlKm1URgKF22CD4vbq0QN8R21gXGKHKv - rLhDQFFUEM6+swcqF9Bux2l7V03HzDPczabyt0RbEPswkc3baXN7zj025GKkdTLd - mHPdKW1z7AFVUaQ3LagE4w6hn2uKfMPX6QK+dbP3NXs2gkZc7iNIeGaoS3ePzYar - NW0VB43aKSO/EqUeJ6nTPPvlENTzuyuihP6v1SvKvtTRT20qzqydvszrlFrP14iz - fpoxtsjuus3Hcza0aWSOk3XF4AIv3Kl2yGL30O2tbtJeAfy4EzjpaM9ljGPZAQMK - m0ipHxI7J4+sk04LGGLf3PzkKu/gT/3ILD2KsJUYiR+Ojna+R1pJ5/FnMtQ5algU - bk+/ndUUNWVkhdIuevvbTCwveqK/Jo145qshQBKkPA== - =5ZwU - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/pb-uat-v2.yaml b/deploy-as-code/helm/environments/pb-uat-v2.yaml deleted file mode 100644 index 4c20562c76..0000000000 --- a/deploy-as-code/helm/environments/pb-uat-v2.yaml +++ /dev/null @@ -1,1087 +0,0 @@ -global: - domain: mseva-uat.lgpunjab.gov.in -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, es-cluster-infra ] - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-read-url: "jdbc:postgresql://pb-uat-v2-db-new2-rr.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - erp-db-url: "jdbc:postgresql://pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/finance_egov_prod_db" - db-host: "pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - server-tomcat-max-threads-medium: "20" - server-tomcat-max-connections-medium: "1500" - server-tomcat-max-threads-high: "350" - server-tomcat-max-connections-high: "2000" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://mseva-uat.lgpunjab.gov.in/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "mseva-uat.lgpunjab.gov.in" - tracer-errors-provideexceptionindetails: "true" - s3-asset-bucket: "pb-egov-assets" - egov-state-level-tenant-id: "pb" - timezone: "Asia/Kolkata" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - pt-integration: "http://192.249.127.12:8081/" - zuul: "http://zuul:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - pdf-service: "http://pdf-service.egov:8080/" - property-services: "http://property-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - es-client: http://elasticsearch-data-v1.es-cluster:9200 - es-client-infra: http://elasticsearch-data-infra-v1.es-cluster-infra:9200 - egov-user-chatbot: "http://egov-user-chatbot:8080/" - - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 3 - memory_limits: 512Mi - resources: | - limits: - cpu: 500m - memory: 600Mi - requests: - cpu: 500m - memory: 600Mi - heap: "-Xmx400m -Xms400m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx376m -Xms376m" - -egov-common-masters: - replicas: 2 - -finance-collections-voucher-consumer: - erp-env-name: "fin-uat" - erp-domain-name: "lgpunjab.gov.in" - token-authorization-key: "Basic ZWdvdi11c2VyLWNsaWVudDplZ292LXVzZXItc2VjcmV0" - -egov-finance: - filestore_beanname: microDiskFileStoreService - token_authorization_key: "Basic ZWdvdi11c2VyLWNsaWVudDplZ292LXVzZXItc2VjcmV0" - -egov-filestore: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - volume: /opt/eGov/filestore - healthChecks: - enabled: false - livenessProbePath: "/filestore/health" - readinessProbePath: "/filestore/health" - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-filestore-uat-v2 # Only got UAT - server-tomcat-max-threads: "30" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-localization: - replicas: 3 - heap: "-Xmx850m -Xms850m" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - resources: | - limits: - memory: 1280Mi - requests: - memory: 1Gi - -egov-location: - replicas: 3 - memory_limits: 512Mi - heap: "-Xmx356m -Xms356m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "1500" - -egov-notification-sms: - sms-provider-url: "https://smsgw.sms.gov.in/failsafe/HttpLink" - sms-sender: "PBGOVT" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - java-args: "-Dspring.profiles.active=production" - sms-enabled: "true" - sms-sender-req-param-name: "signature" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "pin" - sms-destination-mobile-req-param-name: "mnumber" - sms-message-req-param-name: "message" - sms-extra-req-params: "" - -egov-otp: - replicas: 2 - -egov-user: - replicas: 5 - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - tracing-enabled: "true" - account-unlock-cool-down-period-minutes: 5 - -tenant: - replicas: 2 - -egov-idgen: - replicas: 2 - heap: "-Xmx376m -Xms376m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2000" - spring-datasource-tomcat-max-active: "30" - idformat-from-mdms: "true" - autocreate-new-seq: "true" -chatbot: - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - test-data-cleanup-enabled: "true" - -covid-chatbot: - db-url: "jdbc:postgresql://pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/covadbuat" - db-host: "pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "covadbuat" - whatsapp-provider: "ValueFirst" - valuefirst-whatsapp-number: "918744060444" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - valuefirst-welcome-message-templateid: "3459715" - cova-bearer-token: "Bearer eyJhbGciOiJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNobWFjLXNoYTI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMjMiLCJ0cyI6IjU4IiwiZXhwIjoxNjM1OTI2OTEzLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjYzODg0IiwiYXVkIjoiaHR0cDovL2xvY2FsaG9zdDo2Mzg4NCJ9.ovY-mtV3vU005bvYT5SCZwyVPAx-tgRw8TxDdIucPn0" - cova-auth-token: "f77762bfd1a69c37227d9206c3c40c50c686f485" - - -egov-mdms-service: - replicas: 3 - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - mdms-path: "/work-dir/punjab-mdms-data/data" - ingress: - zuul: false - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-mdms-data" - branch: "UAT_V2" - mdms-folder: "punjab-mdms-data" - masters-config-url: "file:///work-dir/punjab-mdms-data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - server-tomcat-max-threads: "500" - server-tomcat-max-connections: "10000" - -egov-indexer: - replicas: 2 - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: "1408Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - egov-indexer-yaml-repo-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/finance-rolloutadoption-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/water-services-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/sewerage-service.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/error-queue.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-firenoc-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/payment-indexer-migration.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/property-services-migration-temp.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/covid-chatbot-telemetry.yaml" - -egov-workflow-v2: - replicas: 3 - memory_limits: 756Mi - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - wf-max-limit: "10000" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/apportion-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-meter.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-persist.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-registry.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/assessment-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-generator.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egf-bill.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/water-bill-scheduler.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/sewerage-bill-scheduler.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - -egov-searcher: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - search-yaml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/localitySearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - -egov-data-uploader: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/punjab-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - replicas: 2 - axis: true - payu-url: "test.payu.in" - payu-url-status: "test.payu.in" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - -egov-url-shortening: - replicas: 2 - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -telemetry: - replicas: 2 - images: - - egovio/telemetry - -egov-telemetry-kafka-streams: -replicas: 2 -images: - - egovio/egov-telemetry-kafka-streams - -egov-telemetry-batch-process: - replicas: 2 - date: "" - schedule: "30 19 * * *" #GMT 07:30PM - IST 01:00 AM every day - -egov-custom-consumer: - replicas: 2 - erp-host: "https://mohali-fin-uat.lgpunjab.gov.in/" - -egov-weekly-impact-notifier: - mail-to-address: "narendra.bandhamaneni@egovernments.org,ramakrishna@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Punjab Weekly emailer" - cron: - schedule: "10 11 * * 2" - -egov-apportion-service: - replicas: 2 - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - -pdf-service: - replicas: 2 - resources: | - limits: - cpu: 600m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - data-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json" - format-config-urls: "file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/property-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/punjab-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# demand >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -demand-services: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 2 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 3 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/UAT_V2/configs/egov-zuul/pre-hook.json" - posthook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/UAT_V2/configs/egov-zuul/post-hook.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - heap: "-Xmx1024m -Xms1024m -XX:TieredStopAtLevel=1" - memory_limits: 1536Mi - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "2500" - zuul-host-connect-timeout-millis: "30000" - zuul-host-socket-timeout-millis: "80000" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/citizen/_create,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/filestore/v1/files/url,/egov-mdms-service/v1/_get,/egov-url-shortening,/egov-location/location/v11/boundarys/_search" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search" - eventlog-enabled: "true" - EVENTLOG_TOPIC: "zuul-event-log" - eventlog-urls-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - - # DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - -dashboard-ingest: - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -nginx-ingress: - controller: - replicas: 2 - images: - - egovio/nginx-ingress-controller:0.26.1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-uat-v2-20201001.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - replicas: 2 - dashboard-url: "https://dashboard-pbqa.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -employee-mcs: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -rainmaker-custom-service: - replicas: 2 - db-host: "pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - pt-zero-tenants: "pb.zirakpur,pb.kharar,pb.ropar,pb.jalandhar" - pt-integration-tenants: "pb.phagwara,pb.amritsar,pb.jagraon,pb.mohali" - egov-bnd-login-url: "http://13.71.85.9/LoginByPass/TokenGeneration" - egov-bnd-redirect-url: "http://13.71.85.9/LoginBypass/Index?healthID=" - debug-mode: "true" - node-env: "development" - -employee-tradelicence: - SUBFILTER: "YES" - TL_ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/tl-qa-ulb-override.js" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 2 - heap: "-Xmx712m -Xms712m" - tracing-enabled: "true" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "100" - java-args: "-Dspring.profiles.active=production" - spring-datasource-tomcat-max-active: 10 - report-locationsfile-path: "file:///work-dir/punjab-rainmaker-customization/configs/reports/report.config" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -egov-notification-mail: - username: "egov-micro.services@egovernments.org" - - -pt-services-v2: - replicas: 2 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - pt-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - -property-services: - replicas: 4 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "756Mi" - server-tomcat-max-threads: "15" - server-tomcat-max-connections: "1000" - spring-datasource-tomcat-max-active: "15" - egov-idgen-ack-format: "AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-mutation-format: "MT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - egov-idgen-ptid-format: "PT-[CITY.CODE]-[SEQ_EG_PT_PTID]" - -pt-calculator-v2: - replicas: 2 - memory_limits: 1Gi - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - logging-level: "DEBUG" - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1 " - JAVA_ENABLE_DEBUG: "true" - CUSTOM_PB_ZERO_ASSESSMENT: "true" - CUSTOM_PB_ZERO_ASSESSMENTYEAR: "2014-15" - CUSTOM_PB_ZERO_ASSESSMENT_TENANTID: "pb.testing.zero" - unbuiltarea-prorated: "true" - custom-pb-firecess-logic: "true" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - - -tl-services: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - memory_limits: 384Mi - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: "100" - - -tl-calculator: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# Collections >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - replicas: 3 - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - receiptnumber-servicebased: "true" - search-ignore-status: "Cancelled,Rejected" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - server-tomcat-max-threads: "25" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -ws-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -ws-calculator: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - -sw-services: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - is-external-workflow-enabled: "true" - -sw-calculator: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx512m -Xms512m" - - -# WnS >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - replicas: 2 - db-url: "jdbc:postgresql://pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -egf-instrument: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: "512Mi" - -egov-hrms: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - employee-applink: "https://mseva-qa.lgpunjab.gov.in/employee/user/login" - tracing-enabled: "true" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 1.0 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 1.0 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 1.0 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:v2 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "pb-uat-v2-db-new2.cq2b7v4okuhm.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovqa" - db-read-username: "pbqa_readonly" - port: "5432" - env: "PBUAT_V2" - maintenance-db-name: "egov_prod_db" - -egov-enc-service: - replicas: 3 - state-level-tenant-id: "pb" - resources: | - limits: - cpu: 300m - memory: 512Mi - requests: - cpu: 300m - memory: 512Mi -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "100Gi" - persistence: - enabled: true - aws: - - volumeId: "vol-04121ebc439daf074" - zone: ap-south-1a - - volumeId: "vol-04dc1bfb86f67ec1a" - zone: ap-south-1a - - volumeId: "vol-05b14be12751588d0" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - persistence: - enabled: true - aws: - - volumeId: "vol-0ee98a95948ae9cd4" - zone: ap-south-1a - - volumeId: "vol-03ac60e6abc6079d2" - zone: ap-south-1a - - volumeId: "vol-0ba733dd158942107" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - persistence: - enabled: true - aws: - - volumeId: "vol-05e3d20da37efe4c3" - zone: ap-south-1a - - volumeId: "vol-0dc25eafd7c0fa5a0" - zone: ap-south-1a - - volumeId: "vol-03eee2b95c16e2cb9" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - replicas: 3 - storage-size: 50Gi - images: - - egovio/elasticsearch-v1:6.4.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0e767fb3fb6b263e0" - zone: ap-south-1a - - volumeId: "vol-0fe53aed3e513a993" - zone: ap-south-1a - - volumeId: "vol-0e272a57bc47ad961" - zone: ap-south-1a - network-host: "_eth0:ipv4_" - -elasticsearch-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-05d4e5f70832c3a95" - zone: ap-south-1a - - volumeId: "vol-0a65ef811901ff79f" - zone: ap-south-1a - - volumeId: "vol-01138bb374fc15d88" - zone: ap-south-1a - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-infra-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-infra-v1: - replicas: 3 - storage-size: 100Gi - images: - - egovio/elasticsearch-v1:6.4.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0360346f7b87a3e62" - zone: ap-south-1a - - volumeId: "vol-08cf71e424a314acf" - zone: ap-south-1a - - volumeId: "vol-015e38cadb757b5c7" - zone: ap-south-1a - network-host: "_eth0:ipv4_" - -elasticsearch-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-0b640dfaa7216fd90" - zone: ap-south-1a - - volumeId: "vol-06b25053da0e97f52" - zone: ap-south-1a - - volumeId: "vol-0511ef17fb5768c95" - zone: ap-south-1a - network-host: "_eth0:ipv4_" - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "pb-uat,devops" - upstreams = [ "file:///dev/null" ] - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-fin-uat.lgpunjab.gov.in=mohali - tenant.nayagaon-fin-uat.lgpunjab.gov.in=nayagaon - tenant.zirakpur-fin-uat.lgpunjab.gov.in=zirakpur - tenant.kharar-fin-uat.lgpunjab.gov.in=kharar - tenant.amritsar-fin-uat.lgpunjab.gov.in=amritsar - tenant.cheema-fin-uat.lgpunjab.gov.in=cheema - tenant.talwandisabo-fin-uat.lgpunjab.gov.in=talwandisabo - tenant.batala-fin-uat.lgpunjab.gov.in=batala - tenant.fazilka-fin-uat.lgpunjab.gov.in=fazilka - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -#grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - dashboardsFolder: /work-dir/punjab-rainmaker-customization/configs/monitoring-dashboards - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT_V2" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/pb-uat.yaml b/deploy-as-code/helm/environments/pb-uat.yaml deleted file mode 100644 index 8a22481ff9..0000000000 --- a/deploy-as-code/helm/environments/pb-uat.yaml +++ /dev/null @@ -1,910 +0,0 @@ -global: - domain: mseva-uat.lgpunjab.gov.in - -cluster-configs: - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - db-read-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - erp-db-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/finance_egov_prod_db" - db-host: "pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://mseva-uat.lgpunjab.gov.in/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "mseva-uat.lgpunjab.gov.in" - tracer-errors-provideexceptionindetails: "true" - s3-asset-bucket: "pb-egov-assets" - egov-state-level-tenant-id: "pb" - timezone: "Asia/Kolkata" - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-enc: "http://egov-user-enc.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - es-client: "http://es-client:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - pt-integration: "http://13.127.211.3:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - case-management: "http://case-management.egov:8080/" - home-isolation-chatbot: "http://home-isolation-chatbot.egov:8080/" - data-upload: "http://data-upload.egov:8080/" - - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 2 - memory_limits: 512Mi - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - -egov-common-masters: - replicas: 2 - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-filestore-uat # Only got UAT - -egov-localization: - replicas: 2 - -egov-location: - replicas: 2 - memory_limits: 512Mi - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - -egov-notification-sms: - sms-provider-url: "https://smsgw.sms.gov.in/failsafe/HttpLink" - sms-sender: "PBGOVT" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - java-args: "-Dspring.profiles.active=production" - sms-enabled: "true" - sms-sender-req-param-name: "signature" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "pin" - sms-destination-mobile-req-param-name: "mnumber" - sms-message-req-param-name: "message" - sms-extra-req-params: "" - -egov-otp: - replicas: 2 - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - java-args: "-Dspring.profiles.active=production" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - tracing-enabled: "true" - account-unlock-cool-down-period-minutes: 5 - -tenant: - replicas: 2 - -egov-idgen: - replicas: 2 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - idformat-from-mdms: "true" -autocreate-new-seq: "true" - -chatbot: - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - test-data-cleanup-enabled: "true" - -egov-mdms-service: - mdms-path: "/work-dir/punjab-mdms-data/data" - masters-config-url: "file:///work-dir/punjab-mdms-data/mdms-masters-config.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-mdms-data" - branch: "UAT" - mdms-folder: "punjab-mdms-data" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - egov-indexer-yaml-repo-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/finance-rolloutadoption-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/chatbot-indexer.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-indexer/rainmaker-firenoc-indexer.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -egov-workflow-v2: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/apportion-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-persister/cms-persister.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -egov-searcher: - search-yaml-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/punjab-rainmaker-customization/configs/egov-searcher/rainmaker-tl.yml" - java-args: "-Dspring.profiles.active=production" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -egov-data-uploader: - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/punjab-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/punjab-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - axis: true - payu-url: "test.payu.in" - payu-url-status: "test.payu.in" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - -egov-telemetry-batch-process: - date: "" - schedule: "30 19 * * *" #GMT 07:30PM - IST 01:00 AM every day - -egov-custom-consumer: - erp-host: "https://mohali-fin-uat.lgpunjab.gov.in/" - -egov-weekly-impact-notifier: - mail-to-address: "narendra.bandhamaneni@egovernments.org,ramakrishna@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Punjab Weekly emailer" - cron: - schedule: "00 16 * * 3" #GMT 3AM - IST 07:30 AM every Friday - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - -case-management: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - sms-create-case-template: "Dear Citizen,\nPlease click on the below link and start reporting your health status for today over WhatsApp.\nLink: https://wa.me/918744960111?text=mSeva" - attachment-case-admin-filestoreid: "b516e5f2-23da-414d-b02c-90fdbd3d1d8b" - isolation-health-report-collection-time: 7PM - cova-fetch-url: http://20.44.43.72/api/cova/citizen/services/v1/fetch-health-record - cova-create-health-record-url: http://20.44.43.72/api/cova/citizen/services/v1/insert-blo-data - -data-upload: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/data-upload/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -mailbot: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - config-paths: "file:///work-dir/punjab-rainmaker-customization/configs/mailbot/case-management.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -home-isolation-chatbot: - consumer-group-id-prefix: home-isolation- - topic-name-prefix: home-isolation- - kafka-topics-partition-count: 5 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - db-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" - -egov-user-enc: - replicas: 1 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - java-args: "-Dspring.profiles.active=production" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - account-unlock-cool-down-period-minutes: 5 - db-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db?currentSchema=case_management" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# demand >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -demand-services: - replicas: 2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 2 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 1 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/UAT/configs/egov-zuul/pre-hook.json" - posthook-config: "https://raw.githubusercontent.com/egovernments/punjab-rainmaker-customization/UAT/configs/egov-zuul/post-hook.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/citizen/_create,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/filestore/v1/files/url,/egov-mdms-service/v1/_get,/egov-url-shortening,/whatsapp-webhook/messages" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/user/users/_createnovalidate,/user/users/_updatenovalidate" - eventlog-enabled: "true" - eventlog-urls-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - home-isolation-chatbot-router-enabled: true - - # DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -dashboard-ingest: - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "collectionsindex-v1-enriched" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/punjab-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -nginx-ingress: - controller: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-20191106.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -employee-mcs: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -rainmaker-custom-service: - db-host: "pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-name: "egov_prod_db" - pt-integration-tenants: "pb.jalandhar,pb.phagwara,pb.amritsar,pb.jagraon" - egov-bnd-login-url: "http://13.71.85.9/LoginByPass/TokenGeneration" - egov-bnd-redirect-url: "http://13.71.85.9/LoginBypass/Index?healthID=" - debug-mode: "true" - node-env: "development" - -employee-tradelicence: - SUBFILTER: "YES" - TL_ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/tl-uat-ulb-override.js" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - java-args: "-Dspring.profiles.active=production" - spring-datasource-tomcat-max-active: 10 - report-locationsfile-path: "file:///work-dir/punjab-rainmaker-customization/configs/reports/report.config" - initContainers: - gitSync: - repo: "git@github.com:egovernments/punjab-rainmaker-customization" - branch: "UAT" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - - -pt-services-v2: - replicas: 2 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - memory_limits: "512Mi" - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - pt-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - - -pt-calculator-v2: - replicas: 2 - logging-level: "DEBUG" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - JAVA_ENABLE_DEBUG: "true" - CUSTOM_PB_ZERO_ASSESSMENT: true - CUSTOM_PB_ZERO_ASSESSMENTYEAR: "2014-15" - CUSTOM_PB_ZERO_ASSESSMENT_TENANTID: "pb.testing.zero" - unbuiltarea-prorated: "true" - custom-pb-firecess-logic: "true" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - - -tl-services: - replicas: 1 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - memory_limits: 384Mi - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.receipt-create" - tl-search-default-limit: "100" - - - -tl-calculator: - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# Collections >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - receiptnumber-servicebased: "true" - receipt-create-topic: "egov.collection.receipt-create" - search-ignore-status: "Cancelled,Rejected" - java-args: "-Dspring.profiles.active=production" - tracing-enabled: "true" - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -finance-collections-voucher-consumer: - erp-env-name: "fin-uat" - erp-domain-name: "lgpunjab.gov.in" - -egf-master: - replicas: 2 - db-url: "jdbc:postgresql://pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com:5432/egov_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -egf-instrument: - replicas: 2 - -egov-hrms: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - employee-applink: "https://mseva-uat.lgpunjab.gov.in/employee/user/login" - tracing-enabled: "true" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - credentials: "IhGjSPFGSTzEY4LPndR2oD57nUwICemnfwjNnW431uTuy6d6t/lpt9kj3qaGjg20b11aqa97mQkCDmbi4FNuV6VkZzg/FEIqMU8yXvt7ECQ=" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:v2 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "pb-micro-uat-db-new.c7gelbottzkp.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovuat" - db-read-username: "pbuat_readonly" - port: "5432" - env: "PBUAT" - maintenance-db-name: "egov_prod_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-0f862d0da3d48b593 - - vol-01866265b5fba962f - - vol-09325cc19210db91c - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>REMOVED-TEMP -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-0a909bcbf1289703e - - vol-06cdba8cb7f185404 - - vol-0fe598b2552bdaa0c - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - ebs-volumes: - - "vol-013aa24bb0aa5cd30" - - "vol-03440e111f89c6cfe" - - "vol-0f53c43abaee01e5b" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - storage-size: 25Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - "vol-071bb5c23667a3b44" - - "vol-0dc5b9ebf3628d6a7" - - "vol-0418e5c24a0dbfbef" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - "vol-0852b01e99fb5462c" - - "vol-0e2f837efc59feb79" - - "vol-019c21cbd509123a5" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - server-basepath: "/kibana" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-infra-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-infra-v1: - replicas: 3 - storage-size: 30Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - "vol-0919cb190c03a05ef" - - "vol-09b51074f0b1657aa" - - "vol-0070eb26e681a8bdc" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - "vol-0785ad1227e942714" - - "vol-080dd06e88e2e7233" - - "vol-043f4913bd037a9b0" - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-fin-uat.lgpunjab.gov.in=mohali - tenant.nayagaon-fin-uat.lgpunjab.gov.in=nayagaon - tenant.zirakpur-fin-uat.lgpunjab.gov.in=zirakpur - tenant.kharar-fin-uat.lgpunjab.gov.in=kharar - tenant.amritsar-fin-uat.lgpunjab.gov.in=amritsar - tenant.cheema-fin-uat.lgpunjab.gov.in=cheema - tenant.talwandisabo-fin-uat.lgpunjab.gov.in=talwandisabo - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-finance: - collection-version: V1 diff --git a/deploy-as-code/helm/environments/ukd-dev-sdc-secrets.yaml b/deploy-as-code/helm/environments/ukd-dev-sdc-secrets.yaml deleted file mode 100644 index e11e922ad6..0000000000 --- a/deploy-as-code/helm/environments/ukd-dev-sdc-secrets.yaml +++ /dev/null @@ -1,73 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:w42MUlei,iv:SoUez1QAjU8EROtJE3+QJt/YKQpHIFjnlbRc4WoYE1s=,tag:prCom/84QhWEph5bLsLK9w==,type:str] - password: ENC[AES256_GCM,data:1Ljas1iz/34RteTpggyAQQ==,iv:XGaYEvDV7rbWgX9uchnOENTwPMK5ruBo/aaP2lCVQ1Y=,tag:USJFUaEiQLy+X/bbaXs4gQ==,type:str] - flywayUsername: ENC[AES256_GCM,data:6muY/PDb,iv:OTAsoV1hBAfqwh5L9h28EKN5K66Vk9AbeshcBY2FdfU=,tag:D4GOEgFwWj52fmqEFzxB6w==,type:str] - flywayPassword: ENC[AES256_GCM,data:8G+0B+szaHP/X7HPQYCELQ==,iv:VbNusk8DNhAoV3rSYOgbVmpKrZfoQv9TkzYpBlu/e5Y=,tag:M3pBjUfUEHCqOrkyHUBb+A==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:wVDNa2/nw90=,iv:njg6pgJJfbT6Hebo1QQR9GUBfB3MZFERIr5ePIcph8M=,tag:6XYYi3tSGuNnwBaHiYGPng==,type:str] - password: ENC[AES256_GCM,data:KcOrCZy6,iv:aN3Js+51JyWeDuj7X+IDUIuCDLhmJzDUEQSePiwioJ4=,tag:OYD/9j+PP9T12BYdITpE1w==,type:str] - secure-key: ENC[AES256_GCM,data:plcjIf0BaZS6kwEY+/lmcPOP98MsAAx9uM7KH9dIPbtubky9,iv:g180xLkd/dwiOgVNpEfxnDBYI9PlqlMMhd4M6L7Q5do=,tag:Ae3RgcocY56VnjNBvfXPEQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:aQxbMZAL2OUUqCJl887QPQCdSYoF2KywyFPp8CduHQ==,iv:XXbjVZ/UedxC1pzZRNaKXHwCIuGZ7bMPRiLplnKIgng=,tag:lCBijEjFZdRwnn2Te4weGg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:Z47j2rmbuZd3,iv:lfAl7v5B6g0GrJYF9V5gg2pKWoFztF2gb/E/yvhOHV0=,tag:wBmojctBbnhmXo7PDqEYgg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:pj4CmXHtNTo/Lxh+81UkGdX6usY=,iv:uPeRaIaFGd5aqTyd0pHVwExDnWRZgIYXNHVJPTTwXWg=,tag:xgvR+Nq2/kYCnC9mI89XPQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:mLr3CDU7QvO+KSHef09JIjUP9jsRTLvakAdtwgAwS5Yk9W9Y/z0bww==,iv:E1PUCvG/at4zap22Rqk6W2Rxc56pVqMKugN5EKaKCBE=,tag:u4Lj8J0WpXG5IXymPXpDJQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:iO/HaldQQ5dcsIslR0j97caLicPRapJQ0LJM7NmsoCOmhV6I16Jl,iv:hftEY5zP/47lqEIxBPuEItJRJhL1Gt3eaE6YVaAvwnw=,tag:mRIZ9BTBm+SVF87qhBHTvA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:/lDxQgyQktU8lp2vigkwJA==,iv:78EQKaNPWi9vXtjCo7draO1OcjgNKw7y17OWiQTF4ZU=,tag:dEHHkHWOexRLCh41hy3/Ug==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:ydJOxJe26C0jxGg/hbvZri/iZ4dCrwT8SqBsVGNtFdE=,iv:NaRG2m/wxylqjrTjI/zS4TDINenzbkRsrWGMeDYqckE=,tag:hZnGOoeesTOGFQFdu2xZTQ==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:weknFROfbgC4ueChcAWk,iv:2yM/Q1QDEb/CSvNoKViFo5lhUYVMN/MmOoHkRXmOKXY=,tag:2niHmoJgFrGqqjyQiZtn4Q==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:xRi6wgtbPuainqE=,iv:/j+ONX7hkSp2dcJCOyVdZcHsEobcvFKFYPc9xrBAqOk=,tag:w0K3qeWSFqBjUWn6Ai5iGw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:nrRqV0T5oYw=,iv:khuEzIgk0L8z6EsdI1m7PRz3M6rFupOrSufRGWgFzB8=,tag:C+xAmzLPewiYivw51mLLKQ==,type:str] - ccavenue-merchant-id: ENC[AES256_GCM,data:9laUhVKf,iv:MjtRe2fLipA4R4GgBjJ7lH11H1heTIAcLQ3Dd+vKdN4=,tag:6QEyfvE5eNgOe5cYX3D87Q==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:y49crToyV+Q0BJQ2uGS9F9HiX4Fq33WLm3qmr5G9MHA=,iv:A8fxIHxMIf8hJCZkQ6Zy7Q6RtGdSDVpgjPGhTSp49po=,tag:UF1a8HqraWn9YlEnI0IDmQ==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:O3jQPi27f8DGggHiXF5ajL4xeajjwYTRJ40BayEHyUQ=,iv:ZMEgaHzzhDm50OLidcrt2itgnTP5sVXvHGTeypv4rNs=,tag:kL72i2GuQM2C5AOgU4kl6w==,type:str] - easypay-merchant-id: ENC[AES256_GCM,data:GiCvaT0n,iv:nTsg5BGK3n6OQkhHxqdnuFOf5VRSDryhd4wZwv2wdHc=,tag:1JLoGMEUuu4GuuTC/30SVQ==,type:str] - easypay-aes-key: ENC[AES256_GCM,data:jVdpqjjmrp9yT4iWGF0Rsg==,iv:Wb4KXpTOJeS1uyoda+5UXP9heGHJjBh5QsnSCJC1j2k=,tag:TDIroEIXYqoYPlcnIO2Xmg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:mw11sg4HCEjPjuq7Bbx7VCCRi0xMlHHiCrE=,iv:ZR3bWa4ZXpGZZCmVWAJzASafj84Hc/y9Ffphk94mkKI=,tag:FPirb5SZkUbX9LIKznybQw==,type:str] - admin-password: ENC[AES256_GCM,data:8B90iJvFl1V8NYMT,iv:yAIVv+1bFS3EXxtvVnXKDd1suzVKC4BGtcVxei3FKU8=,tag:fJado4x9NGoK2wP8EFRzJA==,type:str] - read-email: ENC[AES256_GCM,data:jivXQd74vx4Ux8BkOPSIUKhy87HN7qijbw==,iv:loXEwsmiixx/Ybhjc/VQ6KbvCDDJsRUaXU5BtKYFikM=,tag:PGOCkSYfLMWbAgp/ahQIxQ==,type:str] - read-password: ENC[AES256_GCM,data:je8iVI9G/8puKd6B,iv:v4DtHO4dEIzrovpaRZARDyUvbEl6AUY/JQnAJZmukuE=,tag:KxDSrjfqeswSchAaLlAlaQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KdKAT/cH8mSugUKJIZAQkQ==,iv:C558yRPKWoj/dx1LWlXxP1B4L6AKgqM0bzahyBBcCCc=,tag:9BKspj4dGhaAboyGG+lmgA==,type:str] - master-salt: ENC[AES256_GCM,data:yXFmAa4kyJ4=,iv:8nM0sIniKUyjafTMChyw4aXT+bv1cjCBLWaP2LNa/mc=,tag:vWcRnAtqOXBmpPsEHchU4Q==,type:str] - master-initialvector: ENC[AES256_GCM,data:TrmyTfzTB2WEJjBi,iv:8/+HqjSPifMyV4fvzh/0iUATu3+nujVnsrm7Dk6KE+A=,tag:Ir+nBZhidHB4jowfaBdUNA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:aJQNzeanFEYhogfu2Favg2EYvAiX9F6PW56D7+T/E2WinHM2rfGAMvlUOTpmN9/4y3Etom88UG2JYAjmEZUoSdX8VKQEkSx3XixTWGUYXnluI64TGzJhMQH7kMlH5xSyxwBS1ILWuGP3BoZ+wcn1Ioyah/9JQI/aXRKRCEpq8D67D9YH0AHbz44sEzI5bLzeUhdWDDhKNTgn72x1hsCRqrE+8BZ0qnBdo/zLkAzT76A2ZIiHG6wJh0UmTL7FkNctxNxTogAVA/Cfe6DaEVKjVueccU01vP6yNUXXbyEb47p6u7RtXrBnuNhCB/S860FzLupim7u1Xv0GPrNxG7cK/oir+Fkp46pVb9BhwGyhHyW2z1yXOZVBPMa1gyd8Jm8C1coj9+spiveA/muXAmr3niEbJSyEXeZ+DOdCwrzzWoze5nFh4/aE1+8Yg9s4G1g/YX5XmqhhniRCgw7fluj0ljgXpwMuJ696jPhLBywOOZqITLRh4XW6sSTLBqimN9oPya5rOoMzFm0QRL9V/etRyj+9aTySKdACqZ+L78ic1lgSbIEHiFR61nRSNYiSPpaSz/nQ4ZjO/2HF5E9ELn3O82XmHkDCQhTjaVv0GbZQYTNn697UHSkTjmwn3Zrs7LAdDS2wUPN8J8Zm9rgSyLpjjyb/tX2KYkPzN29oD3JaUIM81Cijx4JdjEPtGssVfpX5E/HNUjwNbS2XanTveJLAU69SGRjhVQAF8UmwfPJ9HqNJf0iQESO12/OczH/x6THswpm4KgQkb/1xqpcr23fCofTnNe5mARby02HMgIC1hX/qsH0P83a7mjgwNbN7OVFE/xSl+t61B0M32bBdnoMdazwVPdBFZUVcpKJszjFZibPV8d2K4jBHCwBzQhuDdS01sOSTHq0vR39RSPVoAUqRiaysjkmV6ec1SuimfObEYlUkkOgG7Dbl8noMkRO7bGDmJvxnws2H5JA3rDiNGpJPQgjUhZM68dJRGW+Vdtp4yCoBltm5Wqg1BItPchd7jSOQnCWkdQ3YIu2yprbDWr2qPkqazTcvXfEmv1DuRzJyCzN2TbgXM/M0M2M4pZXOgo8VBYWFQw8v51jG7YyZ50HrHXIuSnLAtCl6CfKhgUfJCY6vxfM56f3i06FyvAPpakkyAkLE/75dNFY2pcihansSCcb3c+r+9AJjqlGB5gib6bZvFoh91BliV/2BedMjkSkuq/G6GeaFeaxXpwgjslV3Xb2rsGA7xoGcY9JpxVudhCnXSBr0coSOrywNd0OM/vmsz/G7jVwBOCfKbR0ykTtTwbHGoGbzH0OS+ChTL3fhtrYbRxQQvocnMo2vwGh8jPddMimnH4PjBubkW4gSBc/1dCA+X0vcjDkGxKLBDigkSSvmxNmjx2seqNDJsvKMFxUGWrCzibM5s8IHj8v6SHmtfRB/SgbjDwitvZzyZ4WoLYTJDW/b8WCB3TTUDESuYlwQvfYyNN7vNAIsA/1mIy76mAv0xQZPcx94wV3eI16/chb79C8UElrBnUuxbfTEbC+C99wp7pMqj728o4XR+9TJklRKYic0jrjL3ZEA7hi9PF5eLF9urjYHluflsB3Xb+CQ/wI6Il07GGbsSHul4C8r3EnaYemxkYH9uAsWG7Z17SVkxQdfyaGTuiMdviQnTEuoM13D5lRD1ziv/TrMvuwgvkYx13OPgN3kR3JOmscCtrhbsERLD2z4L9cxpQyLTYr6of6jswyQz6lMEnV/RUM06wELBKu2QChi1PDmgkBZgkHh4U3P9CpC6XFx0GGCYPgCRvqnbwNnasMW1kEJmHGR9Z10xLyUtsBxpVYa0ISwIw2pnRWEimgNqaP7ckpq+nwJ1MLfOlw/K6yORQwkkOuExXaDmluNV6k0CBHXNkUN3S0qTigSuTS1L/NvrKiRpeV1Ijla0bzB9DGRuuRMZ3veOyqandb0SP8Dcnmll9losjweApNXT71CTmWDzX4oukem/i1pDbaRtpvlb297ElmIPHH14QY0c/9U4WhxzEvlLbNBEnjfGsyQofZUfD0rp0WcTo9rMVNiKKocfVI5kZqItVic5VWavx1kuWxSB5H1yAvX7Mqwh6Fo3MFKzcm/sctMQHYurdbp6fZaZgZ9vOEUwll7Rc00D+vRCAuQhLSS6qgyjuIuYWa2f0l1JWJxEkWJAiaW/GXgf7SsfLF3oJaGVwTOczMq8XrIJ0kn11xw4F2a16CEtxMhkh3RQLi+9aKXUtpSaxR6b5l3g3/fTfcCjgybHZ+JeXOVcOwMXMtEM7ZTBfU1rNSRl2AoEb9rSxDfs6nsU2l9LVi2uc6G6nLaKIfaJx0rx2q+q464ztV5AaWEAaTdKcf4ulDTT96Qq3mUGo6l/iSNi842+EUO8DQVKLXR4XQ7c6b08e2DdnqHZqv7mSgZMJYcVCrOUTWuq/vVgSi8yuan04Ne8R8cREQLXYWHCvTe7G906uJYEhl1K2Ys4JM4KEsgXeJdA0UAzzy0mK6kiUfVM8G4g52UQXjB3beRl2n3BMMdNFHvcSDysZCBZyJmFpdv3DuCTlMlMRghdEFpZZ1C5ZxgP0Uc3VeY8htadlW4RFa4MYUC+Tjcn7mJKHbEYW5hlYO4pYQVcYI/B2hqDQ8qUdOWRSMFriu9xUDhqpwtJ4GfFlnw1UdpWtuuLdu2zIJJXwfPdcWQy7dEfZATGm4KA12zpYGZeGx5UN6wduh8qRVd7AedNpjyi1/3P+/uqImmICc4Toft5uG0JKtx98eqxYgJjxdHqIcthzaIU52cmRTrPj1M71eYTW6EQv0hQJ+qFj7uuZlMUcDvKX7LcAJUfqLXuqHjXHjYQ0op2eBYDwnd3bNvuFBzSDKb6GWYz2wQ+xwXenBlx0zy34JGDEMzOzNF6VgRQcY8NrTZu6i9YrmBiBDTmQaWxcL4JrZfBerJIyBgiwU9iUlGFmtzcdQUTY44m1e7z/+18loSaTQ2bF2cTYRNOaw8n6BQN4CJkJXhIUsxHFH1qBEiGAGSXlFez9o2Ri+OnSBSlypaTe4AB8qm4bG86wa/P94RNB9LzMggkeq6+wGHHchOQ+OEQDitfuXiNkDRen8SogNBH2WJ+Kl6U0GcWBEg2aOjpxm4WjIj/uE3lZzwvV6yDDMNfFLJukYrlSznYUca6YOEtF/DZFNM/aW8MApHFPH9K8UzctkwbLMywXOBMwJ4Ia0cslBCWkDw1E95rixqD08mhC/oiPuhVa5uQt852ZB8jyj5kUMCIlp8lq/L7VVjTr1tGQZazpGm80ZVAcdUrXnkgt/gMOb8QMrfYyrnjk1dBEuoRzAhK7RU58A0Pfk3jMOHBzdLqEdbG79l+udTWR70+BXS7/SuodGXGEc5erEDAvhVAVSKgbZef0mmSjn3OWS6kitaWt5LpokJai/K/GsjLZfltnKLYldg+N96uQ6gyKSnqAWPJqrA37I7zkHDld8TEao8RjptV7C2wIi7M0rx9wZ5l0aGwOlx971hI1uw076Pc6cslD1pX1n4INXJHGfnXS4auOOvW50G0ZTxljRMyCm3qoiTwYy+/G14buXv4wytRPgnG1dAphwY231l8y+Xn6wLhdpgW8fAoRgVKIM0Cf6iKOmD6uCbRHuyIgUIE3aa1L0+4Lx/+23WGmAOYHqpZvKucsvo5EQ4YLI465RKxVbfWn3KvssnoadC9DreuPGIjNwOxDg0a+bzuwqrFYeP4NwtRD38yoJQ2YJqLSwOqXpFuj7xgM8LjuEADSUewPMiQFzFjgYTOekCWaEHDoKlEnRZh/c3Fy294cqNgbbQAwe+oYbZYGjERUmvPeS1A6XEgvjTDT/sffj6ysHlNJ5w+Xu63PyrNULsqE6T8PL2BowL4NYgRGlP2UE2dG+Vy2C+tManhV6WRD/rBSkLu5OmWFHDt9wjRUhUtPFWERGjEXmJRvlHBrWAOIyYPTB7bLvVqUR7ENb9vV6oclPxv2+oPGX2Q4iEodMso463Eig21lJDRbpnosEjDQJrDw01DmnqUpk4eyXskzmDhTdbIw4l81gBPj0yoP62E6GdJ6PwNZw42N0ob+n30hsWHfLVHwZCJP7zK++YCk0jmssvvzcdrexT84LodTVnPkmnYwA28NTq2ErCmaIK7Vj/Nl9uFW21SiqyUcBcVK4ILl2Qda8pmNY1Xb/jvZvXZIf5St+Blie+wLyxMvLnTzjiQbGfLPvCWVEWWPt/IPXr2uR8UyTcpVrFEGswY0ttWwneShkb+dCFspEtbM6j1HXHtR9UkMEideR7LH6KGxjJLiA7aUDtgXMNwa0oLJwAblgJcMEQvD5qL6aDRbo6,iv:+oi/j8VpMpU0OsEPIlE6FUbsqcQi3pHSu+qTlGa9YQI=,tag:zb4rv6E2tQtaQ4hXmMyK+g==,type:str] - known-hosts: ENC[AES256_GCM,data:d98FQOqLsSq++0pwoNKy+TvnsrxXaTVH35Ib3tszNFC9WH1cqb8V2/Ir5h9TUKQx30ufde4cAepclL+eT7FbAPhD925mhCEJR8neiYry5XUL6+9mY3vD8dC39D456hyym4k2o52atkEaDH+lA7pZ4fBMZnI9FIYFmxti0hxHpFTrhxxyRuew8isNXoXrual89xEaVIGNp/6rkLUzDI6XMEJs8gQ0gE7jlXxjMlffgCoPlaS1Znrz96ym97xIjEYc+ajOdiWUO89EzqVnRM4zA74OfYS//86L9ZqGnyFmpyUTKfN0qqiuwowvN9yW4SRAo3Ekj23AdWVijqXKGEE0XSLGd4E20C3ypAVFpYm0qfXtaw3u8E67WQwBHIR6mLcsnpF4LGjzekpugBFy0XYiRw3rTm30/EXKVMwnoSvZ0RUE8zl+TyfBs2uj+Gl2dsj1tkUs2q195WW6hbXrtICoD2IcT+If2lEiCjLZWIvIWIfgeUT8t0aDCcY8dEoSeupRhyeoz8ZjsA==,iv:XITSDO98bdAuyfUhCb4laTDpBjAtc72EkczeVEPHHD0=,tag:1r9r98GZgxYY0Eiw1oiS6A==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:P+mgOOsdFvTNFQ==,iv:X9hF7HG66OpW+USlFNaGf11fIuNheWdpzumUmkvyZAA=,tag:pbVsSNKt0fXrPdVfcKiLzQ==,type:str] - credentials: ENC[AES256_GCM,data:50u/RMZGMVbqlLXmNgFfky3clKlj9Es2p2MgYoeC9jaYa6VFeMYbwcmuTyMo8duu,iv:+lNhrWFuZZRAF4odj0v1bol8p+CqsU1FiJ/RYgr2or8=,tag:99oBLR2lZh4D24UGrLXEnQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:18:21Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEvqrFbMMSS9OTJgl91CRirAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMUwUu6mm2oMpKQZ33AgEQgDstH7JSBDeesxEgTxhRVesXw44Zg6aeFwRt0/XP//yT58ho1X0vjQW9ENbLCci/cv30+hSkWywPp6dcAA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-11-13T12:50:24Z' - mac: ENC[AES256_GCM,data:oveAlqi8aJK6LcTQ47Y8ubnsMU+iIQ/nIo+bxQhgWDKbR9g9zt9Rh/lcDr5nDEZwMQ/z/lmqoKW22x26tXUZvruGF+GMC5wyaBbQNyd6rPvJ1N71879YtCkHh4xBCCT0YV3s27Ik7I385ANDp8UpabIFB6KayGl05pANsmDDMps=,iv:L6lE79xL93fJcw9sMIzWy5vkVZNy+sK1pZLyT8nAA1A=,tag:7RJyjrOMuaAxodZdio2kcw==,type:str] - pgp: - - created_at: '2020-11-10T08:18:21Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAlj+rRua7RrQ5YmuJFwmhg0iN2pHH+JiFHCFZgseQrE7H - Ax0F+CFpP/DtLePlN1ITlKxEDmPTTdDgBCbq71lHGMctqadtzjdMkMpsMaaI7dI3 - FDHtOuxWXlYK2MCfO7m+52+lyRqER2711lQFOf7SNOlOI+ikkB36ClodnN7e6hOR - kzkyuZOimXChdUSjZRjYcrXIJjTgcK6ZNhiYRcC3DU55aDBiz3hJdkcpCAQ715GX - EIIgwmmlJ0t28jEgk+YfOnEIRCmopJ34WJAPFgQOmtcYiaQC6vkMvNK7uvrWABVu - OctbO6erqmhfeKyaWI4SrJ8cppofR7RN4KzOwSDy/9JeAatSkKXcBGd0bmq4QpT0 - MrSbXkchdcIrg7SUw3k/nzdjuBXS5Qw8zWvi4k/60q3BaVCQG58opfrBHctusqdJ - waZHrKIquAIEsMp57OPOMn8C1opb/Ml81MuD6wVjJQ== - =SlYv - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ukd-dev-sdc.yaml b/deploy-as-code/helm/environments/ukd-dev-sdc.yaml deleted file mode 100644 index a1f07b4476..0000000000 --- a/deploy-as-code/helm/environments/ukd-dev-sdc.yaml +++ /dev/null @@ -1,703 +0,0 @@ -global: - domain: ukd-dev.egovernments.org - -cluster-configs: - namespaces: - create: false - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, es-cluster-infra ] - root-ingress: - appRoot: common - serviceName: common-screen - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "false" - db-url: "jdbc:postgresql://10.67.56.53:5432/ukd_sdc_dev_new" - db-host: "10.67.56.53" - db-name: "ukd_sdc_dev_new" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://ukd-dev.egovernments.org/" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml" - logging-level-jdbc: "null" - domain: "https://ukd-dev.egovernments.org/" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - timezone: "Asia/Kolkata" - - egov-service-host: - data: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://es-client:9200" - location: "http://location:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - memory_limits: 512Mi -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "dss-ukd" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "dss-ukd" - -egov-filestore: - volume: /opt/eGov/filestore - is-nfs-enabled: true - is-s3-enabled: false - fixed-bucketname: "ukd-filestore-prod" - file-storage-mount-path: "/opt/eGov/filestore" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf" - persistence: - enabled: true - accessMode: ReadWriteOnce - dataDirSize: 50Gi - storageClassName: - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt16 - extraVolumeMounts: | - - mountPath: /opt/eGov/filestore - name: sdc-volume - extraVolumes: | - - name: sdc-volume - persistentVolumeClaim: - claimName: filestore-data-egov-filestore - -ukd-custom-service: - enable-sms: "false" - -egov-localization: - memory_limits: 768Mi - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-gateway-to-use: "HOLY_SMS" - sms-provider-url: "http://sms.holymarkindia.abc/API/WebSMS/Http/v1.0a/index.php" - sms-sender: "HOLSMS" - sms-config-map: "{'username':'$username', 'password': '$password', 'sender':'$senderid', 'to':'$mobileno', 'message':'$message', 'format':'text'}" - -egov-otp: - sms-enabled: "false" - -user-otp: - sms-enabled: "false" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 4320 - refresh-token-validity: 4320 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - -egov-mdms-service: - mdms-path: "/work-dir/ukd-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "DEV" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-registry.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/rollover-batch-count-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - -egov-searcher: - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - -egov-pg-service: - axis: "false" - ccavenue: "true" - easypay-sub-merchant-id: 1 - easypay-url: https://eazypayuat.icicibank.com/EazyPG - easypay-url-status: https://eazypayuat.icicibank.com/EazyPGVerify - ccavenue-redirect-access-code: AVUB03HJ47AZ99BUZA - ccavenue-status-access-code: AVTB03HJ47AZ98BTZA - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://ukd-dev.egovernments.org/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://ukd-dev.egovernments.org/pg-service/transaction/v1/_redirect - -egov-url-shortening: - server-context: "/eus" - ingress: - context: "eus" - healthChecks: - livenessProbePath: "/eus/health" - readinessProbePath: "/eus/health" - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://10.67.56.53:5432/ukd_sdc_dev_new" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - controller: - replicas: 1 - default-backend-service: egov/nginx - namespace: egov - cert-issuer: letsencrypt-prod - ssl-protocols: TLSv1.2 TLSv1.3 - ssl-ciphers: EECDH+AESGCM:EDH+AESGCM - ssl-ecdh-curve: secp384r1 - service: - type: NodePort - externalTrafficPolicy: Cluster - nodePorts: - http: 32080 - https: 32443 - proxy-protocol: - lb-ip: 10.67.55.155 - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect,/eus,/egov-location/location/v11/boundarys/_search" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - receiptnumber-servicebased: "false" - sms-enabled: "false" - notification-sms-enabled: "false" - update-notification-sms-enabled: "false" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - heap: "-Xmx512m -Xms512m" - memory_limits: 786Mi - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "false" - update-notification-sms-enabled: "false" - -property-services: - notification-sms-enabled: "false" - update-notification-sms-enabled: "false" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: 50 - notification-sms-enabled-forTL: "false" - notification-sms-enabled-forTLRENEWAL: "false" - notification-sms-enabled: "false" - update-notification-sms-enabled: "false" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-mutation-reciept.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/ptmutationcertificate.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-mutation-reciept.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/ptmutationcertificate.json" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://ukd-dev.egovernments.org/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "sanjeev.p@egovernments.org,satyam.ashish@egovernments.org,pradeep@egovernments.org,k.hemanth@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Uttarakand Weekly emailer" - cron: - schedule: "30 14 * * MON" #GMT 2:30 PM - IST 08:00 PM every Monday -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "10.67.56.53" - db-admin-username: "ukddev" - db-read-username: "readonly" - port: "5432" - env: "DEV" - maintenance-db-name: "ukd_sdc_dev_new" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "uk" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - # DEPLOY VIA HELM - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt13 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt14 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt15 - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka" - - heapOptions: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt17 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt18 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt19 - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - network-host: "_eth0:ipv4_" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt6 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt7 - replicas: 2 - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -elasticsearch-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt0 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt1 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt2 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-master-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt3 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt4 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt5 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-data-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt8 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt9 - replicas: 2 - storage-size: 50Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - - -elasticsearch-client-infra-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt10 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt11 - - iqn.2010-06.com.nutanix:kubernete-development-a1339a3b-04f2-4b92-ba14-0fa5f4957f44-tgt12 - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "ukd-prod,DevOps" - upstreams = [ "file:///dev/null" ] - -#grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - dashboardsFolder: /work-dir/ukd-rainmaker-customization/configs/monitoring-dashboards - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - diff --git a/deploy-as-code/helm/environments/ukd-dev-secrets.yaml b/deploy-as-code/helm/environments/ukd-dev-secrets.yaml deleted file mode 100644 index 5ec66f6e1c..0000000000 --- a/deploy-as-code/helm/environments/ukd-dev-secrets.yaml +++ /dev/null @@ -1,73 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:T3e5R5OQZL1fDCt+JquSy7UEPVng3o7Ed5SB1Q+0E+vUYGJLoIOIm3l5Glsg,iv:xFD/C/tnKfJYoaTAigRBNXkOabfhCj9ld5V3nrRoIKs=,tag:Uy20EbLyWaF+WqHDHDsPCw==,type:str] - password: ENC[AES256_GCM,data:PEBZ/7lZBKo=,iv:wmL8euYHJLsvX+tVVZswJPwwy/6cKe5/a2jMFJAW2kQ=,tag:iVlUJPFWDvfP+JIGUlcoqA==,type:str] - flywayUsername: ENC[AES256_GCM,data:PEcW0nVQt+SUg3Wh50uNvfv4STIthlfjE1GVY7MQtkzmLEaRNwG2+VHB2WrX,iv:wgFsp9fNMqndKpb6tz4lvp8KWsgWUrgeEiiuZ/oJHEA=,tag:8JK4l4W5hV04r3ybjeSQ/g==,type:str] - flywayPassword: ENC[AES256_GCM,data:rdoxgZwO9fw=,iv:ncDKjlrHg65I0SoYY5M5UA4FO7vB8Yt8MK7uPj3wlOo=,tag:hvlTchvcSgnF12/F0M/xNw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:wVDNa2/nw90=,iv:njg6pgJJfbT6Hebo1QQR9GUBfB3MZFERIr5ePIcph8M=,tag:6XYYi3tSGuNnwBaHiYGPng==,type:str] - password: ENC[AES256_GCM,data:KcOrCZy6,iv:aN3Js+51JyWeDuj7X+IDUIuCDLhmJzDUEQSePiwioJ4=,tag:OYD/9j+PP9T12BYdITpE1w==,type:str] - secure-key: ENC[AES256_GCM,data:plcjIf0BaZS6kwEY+/lmcPOP98MsAAx9uM7KH9dIPbtubky9,iv:g180xLkd/dwiOgVNpEfxnDBYI9PlqlMMhd4M6L7Q5do=,tag:Ae3RgcocY56VnjNBvfXPEQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:xRrMDkjuW/vppxhyLm+JErZTIhmyyBWF1joBoYM=,iv:EWch2NpEQ2t55HVHawx+oJj0A9jVU0v8VsZdCUi55zE=,tag:phEyJto8+JHHp+0hVbNH9w==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:Z47j2rmbuZd3,iv:lfAl7v5B6g0GrJYF9V5gg2pKWoFztF2gb/E/yvhOHV0=,tag:wBmojctBbnhmXo7PDqEYgg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:pj4CmXHtNTo/Lxh+81UkGdX6usY=,iv:uPeRaIaFGd5aqTyd0pHVwExDnWRZgIYXNHVJPTTwXWg=,tag:xgvR+Nq2/kYCnC9mI89XPQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:mLr3CDU7QvO+KSHef09JIjUP9jsRTLvakAdtwgAwS5Yk9W9Y/z0bww==,iv:E1PUCvG/at4zap22Rqk6W2Rxc56pVqMKugN5EKaKCBE=,tag:u4Lj8J0WpXG5IXymPXpDJQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:iO/HaldQQ5dcsIslR0j97caLicPRapJQ0LJM7NmsoCOmhV6I16Jl,iv:hftEY5zP/47lqEIxBPuEItJRJhL1Gt3eaE6YVaAvwnw=,tag:mRIZ9BTBm+SVF87qhBHTvA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:/lDxQgyQktU8lp2vigkwJA==,iv:78EQKaNPWi9vXtjCo7draO1OcjgNKw7y17OWiQTF4ZU=,tag:dEHHkHWOexRLCh41hy3/Ug==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:ydJOxJe26C0jxGg/hbvZri/iZ4dCrwT8SqBsVGNtFdE=,iv:NaRG2m/wxylqjrTjI/zS4TDINenzbkRsrWGMeDYqckE=,tag:hZnGOoeesTOGFQFdu2xZTQ==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:weknFROfbgC4ueChcAWk,iv:2yM/Q1QDEb/CSvNoKViFo5lhUYVMN/MmOoHkRXmOKXY=,tag:2niHmoJgFrGqqjyQiZtn4Q==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:xRi6wgtbPuainqE=,iv:/j+ONX7hkSp2dcJCOyVdZcHsEobcvFKFYPc9xrBAqOk=,tag:w0K3qeWSFqBjUWn6Ai5iGw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:nrRqV0T5oYw=,iv:khuEzIgk0L8z6EsdI1m7PRz3M6rFupOrSufRGWgFzB8=,tag:C+xAmzLPewiYivw51mLLKQ==,type:str] - ccavenue-merchant-id: ENC[AES256_GCM,data:9laUhVKf,iv:MjtRe2fLipA4R4GgBjJ7lH11H1heTIAcLQ3Dd+vKdN4=,tag:6QEyfvE5eNgOe5cYX3D87Q==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:Lip/i6i3tDSnB12Z6SH3R5HWz9NnbfLeBRHvk83a+PU=,iv:8qRv7JXK0+FjaLER95DAHYUkDfwJLwEnx8BuP2Hjz7I=,tag:UVvNCMKG0CMFkBDBGsap3w==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:2+XlBvbEA4Ny/bs0lw5qr4QlcF6OPfVYJTNhCXRDwkY=,iv:bXWg5vT1kHbmDW6shYUiyM68ATPyt4tcKdLaygZXKRI=,tag:hY2jcPjIkZqPFb5dDsZoYw==,type:str] - easypay-merchant-id: ENC[AES256_GCM,data:GiCvaT0n,iv:nTsg5BGK3n6OQkhHxqdnuFOf5VRSDryhd4wZwv2wdHc=,tag:1JLoGMEUuu4GuuTC/30SVQ==,type:str] - easypay-aes-key: ENC[AES256_GCM,data:jVdpqjjmrp9yT4iWGF0Rsg==,iv:Wb4KXpTOJeS1uyoda+5UXP9heGHJjBh5QsnSCJC1j2k=,tag:TDIroEIXYqoYPlcnIO2Xmg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:mw11sg4HCEjPjuq7Bbx7VCCRi0xMlHHiCrE=,iv:ZR3bWa4ZXpGZZCmVWAJzASafj84Hc/y9Ffphk94mkKI=,tag:FPirb5SZkUbX9LIKznybQw==,type:str] - admin-password: ENC[AES256_GCM,data:8B90iJvFl1V8NYMT,iv:yAIVv+1bFS3EXxtvVnXKDd1suzVKC4BGtcVxei3FKU8=,tag:fJado4x9NGoK2wP8EFRzJA==,type:str] - read-email: ENC[AES256_GCM,data:jivXQd74vx4Ux8BkOPSIUKhy87HN7qijbw==,iv:loXEwsmiixx/Ybhjc/VQ6KbvCDDJsRUaXU5BtKYFikM=,tag:PGOCkSYfLMWbAgp/ahQIxQ==,type:str] - read-password: ENC[AES256_GCM,data:je8iVI9G/8puKd6B,iv:v4DtHO4dEIzrovpaRZARDyUvbEl6AUY/JQnAJZmukuE=,tag:KxDSrjfqeswSchAaLlAlaQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KdKAT/cH8mSugUKJIZAQkQ==,iv:C558yRPKWoj/dx1LWlXxP1B4L6AKgqM0bzahyBBcCCc=,tag:9BKspj4dGhaAboyGG+lmgA==,type:str] - master-salt: ENC[AES256_GCM,data:yXFmAa4kyJ4=,iv:8nM0sIniKUyjafTMChyw4aXT+bv1cjCBLWaP2LNa/mc=,tag:vWcRnAtqOXBmpPsEHchU4Q==,type:str] - master-initialvector: ENC[AES256_GCM,data:TrmyTfzTB2WEJjBi,iv:8/+HqjSPifMyV4fvzh/0iUATu3+nujVnsrm7Dk6KE+A=,tag:Ir+nBZhidHB4jowfaBdUNA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:aJQNzeanFEYhogfu2Favg2EYvAiX9F6PW56D7+T/E2WinHM2rfGAMvlUOTpmN9/4y3Etom88UG2JYAjmEZUoSdX8VKQEkSx3XixTWGUYXnluI64TGzJhMQH7kMlH5xSyxwBS1ILWuGP3BoZ+wcn1Ioyah/9JQI/aXRKRCEpq8D67D9YH0AHbz44sEzI5bLzeUhdWDDhKNTgn72x1hsCRqrE+8BZ0qnBdo/zLkAzT76A2ZIiHG6wJh0UmTL7FkNctxNxTogAVA/Cfe6DaEVKjVueccU01vP6yNUXXbyEb47p6u7RtXrBnuNhCB/S860FzLupim7u1Xv0GPrNxG7cK/oir+Fkp46pVb9BhwGyhHyW2z1yXOZVBPMa1gyd8Jm8C1coj9+spiveA/muXAmr3niEbJSyEXeZ+DOdCwrzzWoze5nFh4/aE1+8Yg9s4G1g/YX5XmqhhniRCgw7fluj0ljgXpwMuJ696jPhLBywOOZqITLRh4XW6sSTLBqimN9oPya5rOoMzFm0QRL9V/etRyj+9aTySKdACqZ+L78ic1lgSbIEHiFR61nRSNYiSPpaSz/nQ4ZjO/2HF5E9ELn3O82XmHkDCQhTjaVv0GbZQYTNn697UHSkTjmwn3Zrs7LAdDS2wUPN8J8Zm9rgSyLpjjyb/tX2KYkPzN29oD3JaUIM81Cijx4JdjEPtGssVfpX5E/HNUjwNbS2XanTveJLAU69SGRjhVQAF8UmwfPJ9HqNJf0iQESO12/OczH/x6THswpm4KgQkb/1xqpcr23fCofTnNe5mARby02HMgIC1hX/qsH0P83a7mjgwNbN7OVFE/xSl+t61B0M32bBdnoMdazwVPdBFZUVcpKJszjFZibPV8d2K4jBHCwBzQhuDdS01sOSTHq0vR39RSPVoAUqRiaysjkmV6ec1SuimfObEYlUkkOgG7Dbl8noMkRO7bGDmJvxnws2H5JA3rDiNGpJPQgjUhZM68dJRGW+Vdtp4yCoBltm5Wqg1BItPchd7jSOQnCWkdQ3YIu2yprbDWr2qPkqazTcvXfEmv1DuRzJyCzN2TbgXM/M0M2M4pZXOgo8VBYWFQw8v51jG7YyZ50HrHXIuSnLAtCl6CfKhgUfJCY6vxfM56f3i06FyvAPpakkyAkLE/75dNFY2pcihansSCcb3c+r+9AJjqlGB5gib6bZvFoh91BliV/2BedMjkSkuq/G6GeaFeaxXpwgjslV3Xb2rsGA7xoGcY9JpxVudhCnXSBr0coSOrywNd0OM/vmsz/G7jVwBOCfKbR0ykTtTwbHGoGbzH0OS+ChTL3fhtrYbRxQQvocnMo2vwGh8jPddMimnH4PjBubkW4gSBc/1dCA+X0vcjDkGxKLBDigkSSvmxNmjx2seqNDJsvKMFxUGWrCzibM5s8IHj8v6SHmtfRB/SgbjDwitvZzyZ4WoLYTJDW/b8WCB3TTUDESuYlwQvfYyNN7vNAIsA/1mIy76mAv0xQZPcx94wV3eI16/chb79C8UElrBnUuxbfTEbC+C99wp7pMqj728o4XR+9TJklRKYic0jrjL3ZEA7hi9PF5eLF9urjYHluflsB3Xb+CQ/wI6Il07GGbsSHul4C8r3EnaYemxkYH9uAsWG7Z17SVkxQdfyaGTuiMdviQnTEuoM13D5lRD1ziv/TrMvuwgvkYx13OPgN3kR3JOmscCtrhbsERLD2z4L9cxpQyLTYr6of6jswyQz6lMEnV/RUM06wELBKu2QChi1PDmgkBZgkHh4U3P9CpC6XFx0GGCYPgCRvqnbwNnasMW1kEJmHGR9Z10xLyUtsBxpVYa0ISwIw2pnRWEimgNqaP7ckpq+nwJ1MLfOlw/K6yORQwkkOuExXaDmluNV6k0CBHXNkUN3S0qTigSuTS1L/NvrKiRpeV1Ijla0bzB9DGRuuRMZ3veOyqandb0SP8Dcnmll9losjweApNXT71CTmWDzX4oukem/i1pDbaRtpvlb297ElmIPHH14QY0c/9U4WhxzEvlLbNBEnjfGsyQofZUfD0rp0WcTo9rMVNiKKocfVI5kZqItVic5VWavx1kuWxSB5H1yAvX7Mqwh6Fo3MFKzcm/sctMQHYurdbp6fZaZgZ9vOEUwll7Rc00D+vRCAuQhLSS6qgyjuIuYWa2f0l1JWJxEkWJAiaW/GXgf7SsfLF3oJaGVwTOczMq8XrIJ0kn11xw4F2a16CEtxMhkh3RQLi+9aKXUtpSaxR6b5l3g3/fTfcCjgybHZ+JeXOVcOwMXMtEM7ZTBfU1rNSRl2AoEb9rSxDfs6nsU2l9LVi2uc6G6nLaKIfaJx0rx2q+q464ztV5AaWEAaTdKcf4ulDTT96Qq3mUGo6l/iSNi842+EUO8DQVKLXR4XQ7c6b08e2DdnqHZqv7mSgZMJYcVCrOUTWuq/vVgSi8yuan04Ne8R8cREQLXYWHCvTe7G906uJYEhl1K2Ys4JM4KEsgXeJdA0UAzzy0mK6kiUfVM8G4g52UQXjB3beRl2n3BMMdNFHvcSDysZCBZyJmFpdv3DuCTlMlMRghdEFpZZ1C5ZxgP0Uc3VeY8htadlW4RFa4MYUC+Tjcn7mJKHbEYW5hlYO4pYQVcYI/B2hqDQ8qUdOWRSMFriu9xUDhqpwtJ4GfFlnw1UdpWtuuLdu2zIJJXwfPdcWQy7dEfZATGm4KA12zpYGZeGx5UN6wduh8qRVd7AedNpjyi1/3P+/uqImmICc4Toft5uG0JKtx98eqxYgJjxdHqIcthzaIU52cmRTrPj1M71eYTW6EQv0hQJ+qFj7uuZlMUcDvKX7LcAJUfqLXuqHjXHjYQ0op2eBYDwnd3bNvuFBzSDKb6GWYz2wQ+xwXenBlx0zy34JGDEMzOzNF6VgRQcY8NrTZu6i9YrmBiBDTmQaWxcL4JrZfBerJIyBgiwU9iUlGFmtzcdQUTY44m1e7z/+18loSaTQ2bF2cTYRNOaw8n6BQN4CJkJXhIUsxHFH1qBEiGAGSXlFez9o2Ri+OnSBSlypaTe4AB8qm4bG86wa/P94RNB9LzMggkeq6+wGHHchOQ+OEQDitfuXiNkDRen8SogNBH2WJ+Kl6U0GcWBEg2aOjpxm4WjIj/uE3lZzwvV6yDDMNfFLJukYrlSznYUca6YOEtF/DZFNM/aW8MApHFPH9K8UzctkwbLMywXOBMwJ4Ia0cslBCWkDw1E95rixqD08mhC/oiPuhVa5uQt852ZB8jyj5kUMCIlp8lq/L7VVjTr1tGQZazpGm80ZVAcdUrXnkgt/gMOb8QMrfYyrnjk1dBEuoRzAhK7RU58A0Pfk3jMOHBzdLqEdbG79l+udTWR70+BXS7/SuodGXGEc5erEDAvhVAVSKgbZef0mmSjn3OWS6kitaWt5LpokJai/K/GsjLZfltnKLYldg+N96uQ6gyKSnqAWPJqrA37I7zkHDld8TEao8RjptV7C2wIi7M0rx9wZ5l0aGwOlx971hI1uw076Pc6cslD1pX1n4INXJHGfnXS4auOOvW50G0ZTxljRMyCm3qoiTwYy+/G14buXv4wytRPgnG1dAphwY231l8y+Xn6wLhdpgW8fAoRgVKIM0Cf6iKOmD6uCbRHuyIgUIE3aa1L0+4Lx/+23WGmAOYHqpZvKucsvo5EQ4YLI465RKxVbfWn3KvssnoadC9DreuPGIjNwOxDg0a+bzuwqrFYeP4NwtRD38yoJQ2YJqLSwOqXpFuj7xgM8LjuEADSUewPMiQFzFjgYTOekCWaEHDoKlEnRZh/c3Fy294cqNgbbQAwe+oYbZYGjERUmvPeS1A6XEgvjTDT/sffj6ysHlNJ5w+Xu63PyrNULsqE6T8PL2BowL4NYgRGlP2UE2dG+Vy2C+tManhV6WRD/rBSkLu5OmWFHDt9wjRUhUtPFWERGjEXmJRvlHBrWAOIyYPTB7bLvVqUR7ENb9vV6oclPxv2+oPGX2Q4iEodMso463Eig21lJDRbpnosEjDQJrDw01DmnqUpk4eyXskzmDhTdbIw4l81gBPj0yoP62E6GdJ6PwNZw42N0ob+n30hsWHfLVHwZCJP7zK++YCk0jmssvvzcdrexT84LodTVnPkmnYwA28NTq2ErCmaIK7Vj/Nl9uFW21SiqyUcBcVK4ILl2Qda8pmNY1Xb/jvZvXZIf5St+Blie+wLyxMvLnTzjiQbGfLPvCWVEWWPt/IPXr2uR8UyTcpVrFEGswY0ttWwneShkb+dCFspEtbM6j1HXHtR9UkMEideR7LH6KGxjJLiA7aUDtgXMNwa0oLJwAblgJcMEQvD5qL6aDRbo6,iv:+oi/j8VpMpU0OsEPIlE6FUbsqcQi3pHSu+qTlGa9YQI=,tag:zb4rv6E2tQtaQ4hXmMyK+g==,type:str] - known-hosts: ENC[AES256_GCM,data:d98FQOqLsSq++0pwoNKy+TvnsrxXaTVH35Ib3tszNFC9WH1cqb8V2/Ir5h9TUKQx30ufde4cAepclL+eT7FbAPhD925mhCEJR8neiYry5XUL6+9mY3vD8dC39D456hyym4k2o52atkEaDH+lA7pZ4fBMZnI9FIYFmxti0hxHpFTrhxxyRuew8isNXoXrual89xEaVIGNp/6rkLUzDI6XMEJs8gQ0gE7jlXxjMlffgCoPlaS1Znrz96ym97xIjEYc+ajOdiWUO89EzqVnRM4zA74OfYS//86L9ZqGnyFmpyUTKfN0qqiuwowvN9yW4SRAo3Ekj23AdWVijqXKGEE0XSLGd4E20C3ypAVFpYm0qfXtaw3u8E67WQwBHIR6mLcsnpF4LGjzekpugBFy0XYiRw3rTm30/EXKVMwnoSvZ0RUE8zl+TyfBs2uj+Gl2dsj1tkUs2q195WW6hbXrtICoD2IcT+If2lEiCjLZWIvIWIfgeUT8t0aDCcY8dEoSeupRhyeoz8ZjsA==,iv:XITSDO98bdAuyfUhCb4laTDpBjAtc72EkczeVEPHHD0=,tag:1r9r98GZgxYY0Eiw1oiS6A==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:P+mgOOsdFvTNFQ==,iv:X9hF7HG66OpW+USlFNaGf11fIuNheWdpzumUmkvyZAA=,tag:pbVsSNKt0fXrPdVfcKiLzQ==,type:str] - credentials: ENC[AES256_GCM,data:50u/RMZGMVbqlLXmNgFfky3clKlj9Es2p2MgYoeC9jaYa6VFeMYbwcmuTyMo8duu,iv:+lNhrWFuZZRAF4odj0v1bol8p+CqsU1FiJ/RYgr2or8=,tag:99oBLR2lZh4D24UGrLXEnQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:17:45Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEgzIPLBIqV+nzyLGWOpiRUAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMqiKTyLGprsWz9ffZAgEQgDuKpDpMVh2GSNzEZNPwGIocBYGnvqdzDUDOY5tTbHndRr8Wtq7VeLP86ME/bDXQz3U1kRlQT6H9Aqs7Mw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-07-13T14:09:47Z' - mac: ENC[AES256_GCM,data:NjWAAU/5HKSysaxfPnnK1wRTGSH6ckG0WNW7KqVZzu/S6oQ075DvAr09cuCELPs2NJmqNJasBN6AVAU+vDLz1xmqTKJebcJwpWqqD6rbPVBAeucBSSLVSfhfZVfZQjjRmmVbcI5Fjjd7KOkBFV09w/3dVAM9CXQA3ME2QP13egM=,iv:/hFIAcGZVSgcsG8nPs6xMzdtrNVWVLY1v3Nx8Tyc6k0=,tag:nwtpuUNiEzxyV6w+L2ELUA==,type:str] - pgp: - - created_at: '2020-11-10T08:17:45Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/dJaB+iIL/JIdEUu22ltZpjtLvaRshXGxgZ/pI5TeRLJP - 988GgPYaYM6mPcOI9cHwBBJ4PrWDBlki1d88EWwEFRF0uz3mQSYXvsmgqtqSZdjA - GYo7IM7hPPg0QOTDoVY75kqC34q9eklDR4i8CFOe5fqfJgB19FjtLLhbH7I60MKW - sq+jcqDmmVu45z3PYxalUdIy0LJhE3pFpovCstFxkAVJodLEKhWP70/PF7aB6KbO - Tb32g7J171xoLgb6SfK1Kw9/XF1urUYRnZOI68nDw62XF6j5dFYJyc3JjiZV7ssj - Nr2eNSIdpRZvW2ImyPFbFk4o3DxXA/c+FTCTdH3kLtJeASMC95VEmUPbYXuKf8zU - fe43CbQzOYFERsI920zmY0lh9DBDnM1EJxk3XY8LJ4MSrPafw0cDn1/sn3Y21xTg - 0myghOo+zcPyChN0SjoH6BjVoA2ElD6cqmrUOkK1Dw== - =t51X - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ukd-dev.yaml b/deploy-as-code/helm/environments/ukd-dev.yaml deleted file mode 100644 index 3821613d43..0000000000 --- a/deploy-as-code/helm/environments/ukd-dev.yaml +++ /dev/null @@ -1,544 +0,0 @@ -global: - domain: uttarakhand-dev.egovernments.org -cluster-configs: - root-ingress: - appRoot: common - serviceName: common-screen - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://ukd-dev-db.postgres.database.azure.com:5432/ukd_dev_db" - db-host: "ukd-dev-db.postgres.database.azure.com" - db-name: "ukd_dev_db" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://uttarakhand-dev.egovernments.org" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - logging-level-jdbc: "null" - domain: "uttarakhand-dev.egovernments.org" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - timezone: Asia/Kolkata - - egov-service-host: - data: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://es-client:9200" - location: "http://location:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - memory_limits: 512Mi -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-url-shortening: - server-context: "/eus" - ingress: - context: "eus" - healthChecks: - livenessProbePath: "/eus/health" - readinessProbePath: "/eus/health" - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "dss-ukd" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "dss-ukd" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-rainmaker # Only for Dev & QA - -egov-localization: - memory_limits: 384Mi - -egov-location: - memory_limits: 512Mi - gmaps: - api-key: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dyi/Sya9ZDtLZDNzSGtaGykvnF+wcghHpkW9T+oRVqtkTHKLLoCUXJf04VvvIQXtMANiA1syH+LaovWzb+X1eIQ==" - -egov-notification-mail: - -egov-notification-sms: - sms-gateway-to-use: "HOLY_SMS" - sms-provider-url: "http://sms.holymarkindia.in/API/WebSMS/Http/v1.0a/index.php" - sms-sender: "HOLSMS" - sms-config-map: "{'username':'$username', 'password': '$password', 'sender':'$senderid', 'to':'$mobileno', 'message':'$message', 'msgtype':'unicode', 'format':'text'}" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - -egov-mdms-service: - mdms-path: "/work-dir/ukd-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "DEV" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - -egov-searcher: - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - -egov-pg-service: - axis: "false" - ccavenue: "true" - easypay-sub-merchant-id: 1 - easypay-url: https://eazypayuat.icicibank.com/EazyPG - easypay-url-status: https://eazypayuat.icicibank.com/EazyPGVerify - ccavenue-redirect-access-code: AVBL03HG30AH21LBHA - ccavenue-status-access-code: AVVO03HG31BA00OVAB - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://uttarakhand-dev.egovernments.org/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://uttarakhand-dev.egovernments.org/pg-service/transaction/v1/_redirect - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://ukd-dev-db.postgres.database.azure.com:5432/ukd_dev_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx-ingress: - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - - -zuul: - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/ukd-rainmaker-customization/master/configs/egov-zuul/pre-hook.json" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -collection-services: - db_migration_image: egovio/collection-services-db - receiptnumber-servicebased: "false" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "true" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "DEV" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - mail-interval-in-secs: "604800" - images: - - egovio/egov-weekly-impact-notifier - schedule: "30 07 * * *" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - -zuul-config: - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -pgadmin-config: - host: "ukd-dev-db.postgres.database.azure.com" - db-admin-username: "ukddev" - db-read-username: "readonly" - port: "5432" - env: "DEV" - maintenance-db-name: "ukd_dev_db" - admin-email: "ctiVaubmFVD73y2xqm2qEPzr+Qf3wNQgkEU0Y426cCTpx8BBtJCLHHt7f131vo9H" - read-email: "ruPdiydQT6VgiyPMoU90e148l3b3JpBYSuDz4tvgaEDpx8BBtJCLHHt7f131vo9H" - -#Monitoring -es-alerts: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - log-index-name: "qa-logstash-*" - slack-url: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dtrFP1/YcM/dZEYNdxfb7/ry3M/l8EsdD5voj9brwWUNxWAJZfWoMAy6DRV+q0Kad/dXa4joQZAkIDMwrrwzfFIfwDSz2ewWhWNv/42WR4L/8gM86ouhlQIZYr0eg6lYht2A+SFpt0E21gY7n7PfihA== - -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "uk" - - -kafka-v2: - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/kafka-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/kafka-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/kafka-2 - - -fluent-bit: - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - shards: "4" - es-replicas: "0" - storage-size: 40Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-1 - network-host: "_eth0:ipv4_" - -es-client-v1: - network-host: "_eth0:ipv4_" - -es-master-v1: - storage-size: 2Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/es-master-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/es-master-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-dev_ukd-dev_southindia/providers/Microsoft.Compute/disks/es-master-2 - network-host: "_eth0:ipv4_" - -kibana-v1: - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: ClusterIP - server-basepath: "/kibana" - credentials: qkp0ODShiI000hMgQUNEdcop/AK0Cf1S2Anf1oABmJq5ug3AN0pc9AVYR2MXJ4rcJ1Iw6o5CbR8ej+bBqprDQQ== - -es-curator: - schedule: "45 18 * * *" - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - diff --git a/deploy-as-code/helm/environments/ukd-prod-sdc-secrets.yaml b/deploy-as-code/helm/environments/ukd-prod-sdc-secrets.yaml deleted file mode 100644 index 9816680877..0000000000 --- a/deploy-as-code/helm/environments/ukd-prod-sdc-secrets.yaml +++ /dev/null @@ -1,103 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ynEy2Tsy5Q==,iv:zh8zTkrlfv5Ys0kqgTgZJg3Ry0isH2kKqgP6pQ+FogI=,tag:3HxQ6oE18gYm0BB858x3rQ==,type:str] - password: ENC[AES256_GCM,data:rV3fNx/xB3XFhVUNjOh1vw==,iv:9R/Gh0TIimDyocdkUhLNtNOY7hDQqdQ3EbvBFZtAk2M=,tag:pM8D1WoXoSrMMSwaQgMqKg==,type:str] - flywayUsername: ENC[AES256_GCM,data:yEaTFQOx2g==,iv:hfRxboNLX3OFz/7SDK3A29cnG8xttDYBl63B1E8q6Tk=,tag:MIltoncDv+7Wz4xQuiB5TQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:Zit7gs+8royDO7bPQHdXew==,iv:BFQWFT4i5XV9UsGrAFRtLtpBLuT4S4h+g4prDFxeWJk=,tag:R2RWACoFn4wCrGuHJgRMqg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:a5xk7RCiWVo=,iv:/oiikE++aHtJ7gem253OWtuC7pND6KotXR07aIZ7vbw=,tag:4dAGkkqCCNHoX0sPZ+21DQ==,type:str] - password: ENC[AES256_GCM,data:qrbvdv1G,iv:D0znwcw55evajNCz2S1qKM42ugTF2/aZUE5JEtU3IE0=,tag:dBE2pgSiE/eu7uNKQok4+Q==,type:str] - secure-key: ENC[AES256_GCM,data:MNmGYFjgnYwVYcpHYClCk6XhEeMwCPvryUBXZNKuNzECJMI8,iv:muuwFv3232wrvxpkVs2yhV118l4cp5TFlYnJj8gBwIU=,tag:ytjxew83xuIl/uXlEmkB6A==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:2p7fOrAxp2T5klv3u1lSLCcvBrE=,iv:H+ooePNltU6nGHYxeZCfiRIvb5CbacldqC5XEnE10io=,tag:B/dLszXwF0EBNAvw6VHIgA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OI/1cLBd29grkJQavOUV4XISp1vtSVC/ktj4MClaxM7htjrgfXLtMQ==,iv:yQfVYjbZlChIFohvBIO6Nfx3d4lsMj4yKvsOA+wGXKk=,tag:IQ7wcec4hM//758c1smRXA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1GhO972IAK9+Pj1pRJT2Mmc87NXODvhDFfoP7qHhfEqzMY2x+GK5,iv:jJt9wy3TkF/zHO2V5IK5YpaZH4zUw+jA9sem7drOSUs=,tag:fi6znYCayQTglqsNKMoeCg==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:y4Jv0kakOWQKoM0VZuYMgg==,iv:/wecRQ7hXSq+KUyOoA2ppTSYoDpw7AKfYUPV/wUe1OU=,tag:0KGY4hoSCM7/f/Iu/WDqEg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lqau27vIkVulsYVHJmQZ7yoPX+Wrw5BhKK9fYhlB/os=,iv:4EwhHUpgLdvUZTb/SS4Rdx1Fj46oJDbo1aoUkQrpHAQ=,tag:8ZUyEizWWJW+OFXvxxX1zw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:g3nyz5pGW7obyCFOgTKf,iv:dq4/QarQkxd7KHJjiYR9WvQ5IrpW/rh6A88Y+i6qRiM=,tag:mg0UkF8ugzAi324cAnu/bA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Rp3XX2AVhfrikv4=,iv:RnE7vtdrtAc8cyoyWJlx6Pj2b9C4PdCh+HNPcvqm8tk=,tag:VJaqiwSy+FHtObirI/ZM8A==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:c2Huf5wBUwg=,iv:RbtFNNwi83JCGJeFkegM1CAGsaZhN/C57QFzndgWQ/s=,tag:LrHsqMwQiPmrCJ7zFJq4pA==,type:str] - ccavenue-merchant-id: ENC[AES256_GCM,data:WbnS+Gl2,iv:KKWuKAYnmzbDX1dw064+x202Czn21GZHawUNZH/79rI=,tag:tS80wEAYjulPEm6+sKrl/A==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:Z3b+GCJ5Wm7Ji7VqoLqtV9G8svofHyaBNJVQ6mh7aEs=,iv:djK3eK951W5ukfoM2J6YDKQkcH9GEDsbmSOpqnRv7pk=,tag:FZ4G9K5pln4wlKBAgxx+dw==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:RXyOOrWYZME8x3rwY4oMN7quWo8xc8PZ7Hyg5t6OknM=,iv:8hoV+RBQo1X5kyQUxkNwhgHBznPZlhw5lj0L6BRs7nI=,tag:r981cXA7Rsx5tDy/FsKNmw==,type:str] - easypay-merchant-id: ENC[AES256_GCM,data:1kT0Ech7,iv:kTGnRJA71RL4aWBPdNZmW2hBQ4bjWviDd7+0mjczX78=,tag:Wg4vfTpC+vt8a35PQDJokg==,type:str] - easypay-aes-key: ENC[AES256_GCM,data:0CxNj/v+50VPuBjl2wh7pQ==,iv:k9MNp7ARVC+UMIZpSDRxXuR3MSs13jh76NmGEsw971k=,tag:1rqZWjqLqP0sNw0EOopJpw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:4ZiXptjMmbKmTyCJVXksXXLvk0mrw8Nxe34=,iv:XTVzqsz/WrIKULf9lsv5Gmk4Sj1PbLYVHtyvdW1ADTY=,tag:PDGLg+GV9wG99H7W82iyww==,type:str] - admin-password: ENC[AES256_GCM,data:6evVtt2EK0h7PXhZOBY=,iv:gelIW4JdAq0fMUfTt0FuG+t0qbJZo/8Y7pPFrlR2sBo=,tag:2obj68Gjyf2GUHPxi0/zLQ==,type:str] - read-email: ENC[AES256_GCM,data:lcYd+ZIIKIWt+g+kceFarRVGmPBBK19rpMZZjEs=,iv:n+K2klJY74GDACnxg33rqnEmOQSS6aCOgi5mkTqZCJo=,tag:zngfrESzbfDE9MzU+2Bc/Q==,type:str] - read-password: ENC[AES256_GCM,data:U1d24z+eGuc7AkoKlBTgeAQ=,iv:UpQBt+2XWpIJ0Db4Er8X9HBf7uWfbVs76uRVquBmiEQ=,tag:akC8GS6mMCw1Bpw/PFzDsg==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:Avazzi/ZmZUfgq+qybb9kVOMMu9N8A==,iv:Wyo6lXmfBoNmXdX/6XMSCq3ECxnAjo8tLGu8W6JEjJw=,tag:rw0QdLTcpPoaZx6nOpfJ+w==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:0F8gjfZ7SEfqcwhb8A==,iv:I6QIzIlQujp6EwCERTbN2XCFAU5/KjcP4A8nM9I2x68=,tag:r2OEsPmj6zQIudlNfJulbw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:HzM4gcc1bNvCWda1Qj5CuA==,iv:0jHHrVwFB7hSytr5PC+vXYYChx4jEMCHEErS1M26HdI=,tag:kumqoJhP03FS9lhpsrH+Ag==,type:str] - master-salt: ENC[AES256_GCM,data:QwTELZmgmoM=,iv:+gRAAI2LrH8xqYBfJF8uudI5P7ONgu9a7RvYkjfY/pI=,tag:UjjU0z4SqptXLe57niAzUQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:MDOU/mKLyQq1TwOg,iv:kUvYULRkaYz0nJpcfq8EegELxQRJpKbNduQ+WSGWwzA=,tag:2pP0PdLd97B/WP2rVpHNdw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:UU461EcZto4gQ0GHVz9rIHxrSag+U9xx9zy2ZfuKsR6KMmnKZBkP8qIy3n48BLAMh9S5mvMvEsLP+gEkQ17XyxXMuLgbANFpMZGUyB/kY7j8JYPDFGYsjrq1Qw2RKyo8xX59NoBTo+sMNs5g30GPylJlF/r3QO7ZY40ZUmxmt7s+vk5n0AtOUhBfiWG3q7LInIWCnD9QTt6kmEccoyLjvjU2P5tFfCo98PwiMCom3pBd6Djv2LG1ntiCZgScxasWMwSJaihqw39KnbzNrt7675n7whX9Ljwi+aZ447n/FwfCj8v1vIWbjMxerhlbfvmGOl6h8Ie6JtVOSKmVOm5hhA6rytRbkK5oH3YvER3K0wwAz1N8ZJcwL62Tbjm8oa1ZYKsTiZtyH2Kk9Cmkt2RTZ/RiitjYwwCCxvb+437eKbg82FDwIApAZh4FnqtbRv7/GZP8HkOAI7COANnEML8pBEeHUwj2CPxNRmdVaPaBDj7ILYp8DKCc7vQm6ZzdjvJ/TQ1fysh/knp48IDEbxR6iGA7s8Q4iAXN2fwfw1tV/BHEvABff7LvNf1+IXeHqA/+vOW9zUZW4td/0o5JOkRiLPxzBtt2b6N5+Eu3M6gTUkanNFLBsmAn8aiIcGso9o7pQPVE72p8j9BwbKVOE3zFR8/7N1NCnJnSkdlrL8XdrC8W1NuVteGpWQvmWRN+EXGr8eM83coa7RIVjjG9PlMQH4l22j8Rdd0z+c3tYi6sWrgEsS7NO/YoFL7sETb1wxIQ0L/dhVCyo4W+1imOlcFvF8i/Q+cdoFrpXVJx68i6cfnhKeyg+44S6VbDod3HkVPXumq5vpExQPpa/jm7z6s29caASC1Pc9P0DtY7lFnwjx7uLpoIkZJuMTWnIpSXckcmgDJgCzgSe+r1THYlvw1vdLMoR4hQZO2mbxGiqugWoGMTBgaoaTRVWrmHbRT7lnj3q5s1C2Mq0QUjpy/HG7SMtC7+eQNp1KRpf7UDd66tP0KWFomSd+SwUKt2NhjbHLgbl6E80TFfKpWeDUMNbPefI875VN2ymn/+1V4bQv3UkhEztMunGIXj9pK0l4Q452NOryjlzWfeMBzTx2s+9kyB4BL4juvkLip56J9qTMRKl8dC/GK+IQtHrBxRbvN3pb2zHbhxPCi7PFDVYZ1rPK0MZeWwZc6r+j6enboiLd2gWYpNkIBZKbuRM82mPR93CWGcVs3A2MTtqmlaXQNf18ip5kepPGe4jqL9rGEdvKA8xhFM2/wNutFVNTEVEANP+7VLVB86jAilu6/WR8FT0Also9ukxJkY84amGTK59yXF+udCpAL4h6VBHRm1zuqqDtXMNBPJnVg3pmWCvvQVERzwdkdEFfqx6ZqCdLUYC/RuF893jDx0t70WnSuVaSfirSXDbwMX0lCEMS854adBIDTnrysBPw7K6/hfMSbiG7d8NzTgnEQUMQtln8TO9HUksImxRjvKUQ0NBGaVPy5Dc52ptokYW4gz94lsdNPDCHXZZVM4Z6m0XsVsw5L5ZoUrwHPhoU110lVQartGBZitMnNQIdplQUBrvz5fmCSsRVOw2WdvAT1BV1HbFLfXOw9PDPFl5o47R/3Jy7670xuDhDfUMGxyg6Ji3gzM8v0aRlyRC+tgqkxaRT/1HMEc16JSWFwRkYQAjkQu4e7jVDlgULTe2+ecGtWyrKJ7ldzda04XAX68q5nKaOo6KSJgrAeNpsx/OjTVZ9hbY6HkG1dDScbPBiAuR/hdxdIKjg+jUCDmmstMTY8DylMtjok7jSlM0bo3lgbR5eFDWn8UUT0G3VUL7FT+dic2KT60L2g2Xayw9IfeZHhKOVmkxi9WkCNGAEr8wLLrgralLcCu/m85Bqd082PtIuLkNRDRhxsruoLjWyTi1U3JBRMEMZNey/hd6/0lboq+7RIqO1wybrmzGRhbqmj90rC2CMfB0TgiLwQj38XBJy8E05hxPbmaIH067KlYf3Gp237ihWXhDbD6Rg0B7Mqp4h4Bb7Z0DOFAVIAord2N/TGKfmOySUVTM6ICL6JQqYimPMb6MtPg73lffp3z8uc6O6cwkOI+aLonUOpxpQ9Olz2/kDaA4mEI7E6jv4wkCpxe7zPDj7E7S08AsYUIyCaLXaf7f+iT7q+CJhOrMKBSiRkxgbH2BMpuyUdAQ9eO3Il++qyXTjCBY8Rdw1Kduyt+s//ihkizu7qiMTWe7YnQVt9JxDsl8tM9oqsyEG/R+/r7WO4PLOphcaFOih0wd2jA1MvYwyoElmfgGDQmFv5E7Zvo48AuyWrXODRRtgAAwz3+DlKHHVvh+JYPeqM8TuJsRYE6cV65SlBduKT8M/uV3vgYZee7yXN9Fa6b0W2Dlt7+k67Ci4PwkwjbgLdqs/GpM0N5d29loNA1bOLep28zYZpCdgLmFdaPfaF3wX7oI1Z8hlDhMRbi3ZaqnLNf+APHBw+ScluQMSWnrDdIQi4EsbzbdO+vG7bbBmFmaa3UvdLceBPzljICxlyj6/CHZ20laY9gOE75JtqqMh4PiMq63X+A68ZtRorzi5nhnr/1wC2J5EacuEWIhFGtU4bQP6YcjchM8IRbnkOI65qYPx5z/iDzk1Q3JilVnlQg9c9PVHlFlJ1wB2szptRreU59HYZhDTpuDbGesZSxAJQzOpwBRfjqlbdG99o8p0g37u5g6GJmeUDXkDXChnQzVV1U6Z6or4Hla8Ga05Ly8gff9vGujOHHbYKUv1nlpAtoF+AbXuiub8fARZCVn3ume7kuyDKkOtArlCbWvOpoX6v+GomvJtZbfRwXMEK1HthDPh+IO9g6josjE0WFTvAzJGyPetYGqFO8Rhy+H+jn1GdnMOchf5XG8VQUeNgrDfHjG+hOzfbflRCrLmbp2h3Zh0uXVQfeQmzAf60dLmBw0H4LSGl9taO/cjBuQMn4wjyYbqwoxj1NTkH71UmQ5Yxj7xt7mslX1D4JxoFZ3jFgxTADzWqtH2nAKHZn3nzTdzgYBm5IpO7MI3xELrxzMuA2bD7YgX+5nY9W+BDHpqOm1XBCICEWtCtcOselpKI5h+/zGiYWv+ky47rgxK1comPx6peuDaYvwiZHmq5oqtUCpBqHOOmd5suCj620bUrk1z0HwYrfv+7ys2FYb1r6aYBVPOvLx3b3XXEdVCovsGFCDIknDNAOvT5OYefIvyn2EjFHJGBIJVQkRubktAy0Cn3Wu9IenmGEmnAp4bebNiZLETmiDmDNT575J2/v8cqQfm3WL1xlAaaN5n+ube6XJN9B3OFmzy3UsW5DBlfwo6UAxXjCJv6QCKnPrutZtJNank7DyeyIijVB/JCwO24Ei4d/jx4HFmQI4hlQwK1CGXOz68RemCbTkfbRRBmtSp28ZcbBZ+AsJkHbTBTGEh3CQe/wCczDfDW/m+n5uD0NCmXwohISw9ZuIouObtaNK9T+hkECNUda7AmegmhIbya8DIZu12b4Cq/XP6Z+ByvmACfmWajU2HjdrKaPoVKrlvhZ4DmnYMyjI9hjK8xCQWGHfz/5rDcftwKHcIBrPlvdANxJfb+z6yBivry5dqeEDIupjYekoYzncPttR0TtrCOwGKlSZpnpwhjuAVaWo7jR1sljMxiLauEQR1shw5p9UKkc38RTSZa59F2LvgdHvS/Woeylj2cF0g4RyTX28vPHWM1dNKbXWKfyj3c8q+vALgWUsTDseiS5kXBY15qjItjSbXhjExryNWcbMzpEkghc/Zc76eCWtdWVRuPjqsAVruFJUZTCwq4e8wpKryjhSjnk0i7TblImXCWDwSEze0D42dIUT+RDX+iiYjpZPHiMUSgGIwZtNrPeaaUuRJJIEFZ6mbuNimIRusuLQz0AFmsRTtvmi66az5A8AeRpx85+2g8bFF40TyKGrCvGsqBob4DdHYX3Oso7J6N3E6z1HRsFfOLbqQ/pQZ1ZSQNSXb3mr7kVS3vk2Kg4+kzU+MnNSacw4N9GSsjokCKPDIUZJ3vh+ekVmavLbfdwx7wI5tFMD9Ua3BId51E1n9wv7JzrKA8PC/9LyJ89XwBgBZERe5dGY6E01bcLQPY2wlvDcM0WUST+sIimRNL2qJL2Xee3tKTP0L7tfXCV20m3087WruEYcOLADOMazSF4pWvWfr3vrRadhEZsDPLoTwI8bEM+C55Cl/RYsO3wae6nC1EOQ7jEXPGEPzTmT692TU27s20OvHpZKvjjOmyiWp6CQRQlIO4Ii6ckAXbcBoBnxDB3cB5NuJ6nIu7xDrWojfzsKR0qBRai1gw7nw6H4MAlTGacut6tgGy1sJpSMsGZ0a7fBOTjQikc,iv:vh2km9zlqQhgXSWvHT6mD+F9EP2usv0m1M7E9zA9rUo=,tag:Zq2EYa5dZ2b2cIc6VaWwcA==,type:str] - known-hosts: ENC[AES256_GCM,data:kFZMV+njPwreG4SD3Ey7UeQpsGgqSibkeTCOnqW0tGnI5oAR3jCnd8/HNsa/EjeVX9a2cjT92j2vIcwTQacP97qTVtJ1z6Id4fksAj2TPOb3snklqsdM1AKJzHp6TIM3FlyhhJ+GCvHw30YehzZ2QtrOvS1MAyDEVDIJV/DhiWjzgWWNCMWA/MoPL0XErXkvv3B6cyNqQytobIjOvVmYWDkx6cUs7dsGzv/YP52a/G3PD3n9eqVoGMXX1jBkkqWiEHUBJCfdXv/LI0wp/Yn9ldNvcySYv72LGYbRx43/Nq8z6H06gy7DfbwgMA9MsAdMi9AA8xbLF24a4PEeG2i/hmeAy6JpEt5eAyqSgqLJs6TACqYtD0urKasRvgSgoF43EgjhA1M3LVxrmx5Ah6QbAwk7NbZcEpAMde3Mwu7EbIQwYxd6XYT0nzOjoYrT8Dj24tXyXA7KolOotSX78H6xbY6dWVHER4tVb4kwkWK+sVvGvxkT9AAPl6fMJJy84fCu78aHcKJs2A==,iv:fF/aOdCH4HWi8ft/VlzydyYz9gissxjalrP3dwQBJuY=,tag:YJ7U0BtSFCFXC0yQT6mfvQ==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:UCvYr0ySnjB9pw==,iv:9sXfRvhGe5Lyfadjj9/qaqFPTSUKnIPSzQ7ERTMq9b0=,tag:Mqy0mLk95fDomlmOn9LHTA==,type:str] - credentials: ENC[AES256_GCM,data:IRrx6rAOjvER//kT6pCxt0ERDYiUZCmvCmM51aKExxX8frWLr0R5utTiIw==,iv:4MLtIMsmIs+sZpxk/mn4sCGf6smCLtN4Zjq0oIu8uDQ=,tag:GilDZYmg6aftSTw6m9Qxdg==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:agllrW62jrjAGCxz0tbTN9S85wg=,iv:wyozBJDntJJhS/IyUBPpO4F5LE1QBeiXk0x3bwncog4=,tag:YAA1HAbLReitDH1UJ6wRyQ==,type:str] - clientSecret: ENC[AES256_GCM,data:IgsMctl3NqOvBRleAhchYtXCIInBI0n95Ar4v+Z6hMc3etMiKDAG+g==,iv:iljB5YX9hfqLApzNspPpZTuWiKtJ7g5N56nsmw/0smY=,tag:ImHqz41lU8K1hEHbOpyHhA==,type:str] - cookieSecret: ENC[AES256_GCM,data:gNL+ktnR1TeFZvviI6Sn8wDXsZQdGv535GyYAhIHlJyyINItBtqFOLrPOl8=,iv:k10H5knjpzX09BG61vygCxBZsfXjKnqlIrqq19WESM8=,tag:V1I3Ui/qbRSAovKyMOpi4A==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:0pE=,iv:KMy2O8KfkIoPAX7xNR1Clg5omh76vtdk5hsTXWGgupM=,tag:5EeqlCbU7wji9hzp+qrJrw==,type:str] - route: - receiver: ENC[AES256_GCM,data:0E/Q3Hbqph0py9X0yYrsb5EibA==,iv:JNkFloz1R2cEyE7dWqPlE/5sGqZ2SNdXhRR9kZ+KfIM=,tag:XRhlZnhXamg+ZW5DIWCdmg==,type:str] - group_by: - - ENC[AES256_GCM,data:Fi3OOfjN4V2w,iv:Ud1ONx+X0BvBD1vGlEDozJBKaYb/FlBKyZq7zmxDvbU=,tag:bX1QFgg4g9jyqunkrGxREw==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:JjJ0tcBrSqHVNGqBI1MA1rCiTA==,iv:tDTsV+5tv4WXvh9tUzjurmLN3U4MNiqRs/S0KVR9n2c=,tag:gI9qV11k7StTWaZ6Fe5OfA==,type:str] - match: - alertname: ENC[AES256_GCM,data:JziNfdUlG3E=,iv:ShQ+q//jSeEZ329pCNEngzpiKifgahvuLBGqCW8VruA=,tag:dk7GZiAREHv4+S7sg3MNcQ==,type:str] - group_wait: ENC[AES256_GCM,data:m2Eo,iv:5WZ4iUIYfvFJ+ZClV1BwJH9/eBudawe/IC/IB/pWBhA=,tag:nTLhzi9kpMfkE7shFfk49w==,type:str] - group_interval: ENC[AES256_GCM,data:6yA=,iv:Qu7w53LN+sGnaWigZs/gKYWcmt8RQ6z3FpQBXg4L7JY=,tag:f2hQjKNnRo0NwPZq/93CBw==,type:str] - repeat_interval: ENC[AES256_GCM,data:3Y0=,iv:VHRKC357oy6R1CdL19TPOCtNM6minGV9epL/dHrN4AE=,tag:iq6LWVEpg+ZaZmo2V9P3mA==,type:str] - receivers: - - name: ENC[AES256_GCM,data:fgAEWwWzOqkiLRDajU0oCQIDyA==,iv:iH7NM3g5nJyA4ykLqK5Q/kgVklbRMM1ZPjx0LHr51Zk=,tag:azvqxiOTCvyGNwSiJsvpGA==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:5Ochbw==,iv:cOf3vwQRfIukb3tLM0OxMRQQm3RJwxwM4gYrj0FXNMo=,tag:fNc2hV6M0wHDNWxw95hNCA==,type:bool] - api_url: ENC[AES256_GCM,data:4NuEjcVHv/R1pwCxEh5JprmMyocBHH/UeuwuhitydEGv9AcLXXBu5b1vafDdpseFUs/Kh/odztw3iw1qyjPG7SEaAk9RMOzUWRrZu1LbJA==,iv:hQ8IGDcg4gtmwib7HF12wsjpJk7kMbFJaODuomdHM18=,tag:rH+16P507zIpUT9vXiflcw==,type:str] - channel: ENC[AES256_GCM,data:iKM/P5LMoY+U0r7czXzVHA==,iv:o9L+WJ2xnwSRZqbgAmacR3sd0xXnqf9KOYeR53iU3nc=,tag:j5s8TUYCm/ie7i64ASljxQ==,type:str] - username: ENC[AES256_GCM,data:6rnhgmCdg4ZIgvZd,iv:YEgobGoL35dItedNDWE8TX5lT8MjEOWFjj6iAYBYbhE=,tag:H6sv+O3wGxOeGYnPsOK5Cg==,type:str] - title: ENC[AES256_GCM,data:Y6iUZDjKKFfeAsbB3TMUMyW02RaZwo4/b/jtaO8ogoedWTyLtVg=,iv:o8wxGfCsVMWJENh0jqgtOfH/Qcm2aPu+P0xs4JWU34Q=,tag:a6dqbAk549R1JPE8dpPSig==,type:str] - text: ENC[AES256_GCM,data:9FYOcQQxwUmzEmwmlrdnHntYbp1z+rch8adZn0sEZZoszlDt+Q==,iv:LmUjAGPh4uPui1wWlCr/hIs3PtkG9k7pM/qYSjsvNAo=,tag:fd9lVuN0jtKyGpavm0KqQw==,type:str] - templates: - - ENC[AES256_GCM,data:M3npdBOedppDQiXNB8fOUmaYZqDxM+XTIzVQveIZeqEjYCKqH9/20TYko0/juoSA3bC9uSFsiPxG6UmjMlO3zbsU0+qSrH4=,iv:zqbk+PntiPGM6BpLQgxuYxUEKQlrMg7iGRTE5LN9j74=,tag:awGtwxPz1jVZrHeQ03nhsg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:27:24Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFO+L4xplP7vZyNQ9/FvF/mAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM8MUPhCNaW/qrITPQAgEQgDvN9LqeR5gXednlJmFO/E99eRcbMEhhV0xmqhq/laiY4hTjHduYdug/8VPCsFGiCdmQTKSeRK9NdaPmZw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-04-19T14:02:48Z' - mac: ENC[AES256_GCM,data:vzlVWnuvgEimJ15F8OlMPIHRuASZIhyBhdapBGDFhNXyjRkz7/aviP2zCw6z1YKjQJyweSHWRNsxagJGrHMWk+ARC/nJk6/31O8TXs93Cz15S2EemoUhwT0oNAXPMaBWzpOFV2QYQCmZBZsbFk3/N5lTsWjtvmbdPhU2nAMqW94=,iv:5a3KvcEhrUVHq+vZHVwl5dQZ7wEMPj8EkVIwmfejp5w=,tag:ooWcMwHY/3BfyICsRrTnmw==,type:str] - pgp: - - created_at: '2020-11-10T08:27:24Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/TbqPzslN0/2V6y00uU5VY5vpLrnK8vxxBI2Wdhwd8YuX - S5S5G+qn35lpY/kxXksg7puSm1DOgVTPznmfN9Hp8RYHEOjfR3GORCdUe22xmrnz - E0fkFtLJwkigI9kYfVsdo7Z/fzR6e5eLqvRSeG+TY3MrPD6mEEqu7ClW5BmE2UuP - 9P6N+VnHOWCzGGKQLMdIN8D4RTOZXAmQhKMtn9Q3viQKki+Yoi1PMe14rKhaO+jC - alW4XaBw4Zb97s4i+kxtZh/YKwl/+pHfCsI0I4lcBTwVQtTw9q79IZh/w25NVhuz - /d7wZ6/OXfSnX6Wix+w3Gs/QACH5TPDzinRIr6ceptJcAYtSKOjfT4OXx88S5Jz5 - 7OuY+3nFCh8TDXF2VXFXDXb/qx4b9oBDG+rqz7RIQKtS9lUK1u0F3hKbpHHX08mf - jmOxKKN2JIDE0bocapyK9dyQyTT4ENRucEPKRt0= - =IOfe - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ukd-prod-sdc.yaml b/deploy-as-code/helm/environments/ukd-prod-sdc.yaml deleted file mode 100644 index dc72ab83b2..0000000000 --- a/deploy-as-code/helm/environments/ukd-prod-sdc.yaml +++ /dev/null @@ -1,888 +0,0 @@ -global: - domain: nagarsewa.uk.gov.in - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, es-cluster-infra ] - root-ingress: - appRoot: common - serviceName: common-screen - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://10.67.54.110:5432/ukd_prod_sdc" - db-host: "10.67.54.110" - db-name: "ukd_prod_sdc" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - server-tomcat-max-threads-medium: "20" - server-tomcat-max-connections-medium: "1500" - server-tomcat-max-threads-high: "350" - server-tomcat-max-connections-high: "2000" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://nagarsewa.uk.gov.in/" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml" - logging-level-jdbc: "null" - domain: "https://nagarsewa.uk.gov.in/" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - timezone: "Asia/Kolkata" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - location: "http://location:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200/" - es-client-infra: "http://elasticsearch-data-infra-v1.es-cluster-infra:9200/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -egov-filestore: - replicas: 1 - volume: /opt/eGov/filestore - is-nfs-enabled: true - is-s3-enabled: false - fixed-bucketname: "ukd-filestore-prod" - file-storage-mount-path: "/opt/eGov/filestore" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf" - persistence: - enabled: true - accessMode: ReadWriteOnce - dataDirSize: 50Gi - storageClassName: - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt9 - extraVolumeMounts: | - - mountPath: /opt/eGov/filestore - name: sdc-volume - extraVolumes: | - - name: sdc-volume - persistentVolumeClaim: - claimName: filestore-data-egov-filestore - -egov-accesscontrol: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx376m -Xms376m" - - -ukd-custom-service: - replicas: 2 - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - enable-sms: "true" - -egov-localization: - replicas: 2 - heap: "-Xmx850m -Xms850m" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - memory_limits: 768Mi - - -egov-location: - replicas: 2 - memory_limits: 512Mi - heap: "-Xmx356m -Xms356m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "1500" - - -egov-notification-sms: - replicas: 2 - sms-gateway-to-use: "HOLY_SMS" - sms-provider-url: "http://sms.holymarkindia.in/API/WebSMS/Http/v1.0a/index.php" - sms-sender: "UKNGRS" - sms-config-map: "{'username':'$username', 'password': '$password', 'sender':'$senderid', 'to':'$mobileno', 'message':'$message', 'format':'text'}" - java-args: "-Dspring.profiles.active=production" - -egov-notification-mail: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - -egov-otp: - replicas: 3 - -egov-user: - replicas: 2 - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 4320 - refresh-token-validity: 4320 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "003399" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - -egov-workflow: - replicas: 2 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - - -egov-idgen: - replicas: 2 - idformat-from-mdms: "true" - heap: "-Xmx376m -Xms376m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2000" - spring-datasource-tomcat-max-active: "30" - - -egov-mdms-service: - replicas: 2 - mdms-path: "/work-dir/ukd-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "master" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=production - server-tomcat-max-threads: "500" - server-tomcat-max-connections: "10000" - -egov-indexer: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-registry.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/rollover-batch-count-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - java-args: "-Dspring.profiles.active=production" - - -egov-data-uploader: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/ukd-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-searcher: - replicas: 2 - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - replicas: 2 - axis: "false" - ccavenue: "true" - easypay-sub-merchant-id: 1 - easypay-url: https://eazypayuat.icicibank.com/EazyPG - easypay-url-status: https://eazypayuat.icicibank.com/EazyPGVerify - ccavenue-redirect-access-code: AVOD89GL21AM94DOMA - ccavenue-status-access-code: AVVD89GL21AM97DVMA - ccavenue-url: https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://api.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://nagarsewa.uk.gov.in/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://nagarsewa.uk.gov.in/pg-service/transaction/v1/_redirect - -egov-url-shortening: - replicas: 2 - server-context: "/eus" - ingress: - context: "eus" - healthChecks: - livenessProbePath: "/eus/health" - readinessProbePath: "/eus/health" - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - replicas: 2 - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://10.67.54.110:5432/ukd_prod_sdc" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - replicas: 2 - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/ukd-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - -dashboard-ingest: - replicas: 2 - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "paymentsindex-v1-enriched" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/ukd-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - controller: - replicas: 2 - default-backend-service: egov/nginx - namespace: egov - cert-issuer: letsencrypt-prod - ssl-protocols: TLSv1.2 TLSv1.3 - ssl-ciphers: EECDH+AESGCM:EDH+AESGCM - ssl-ecdh-curve: secp384r1 - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - type: NodePort - externalTrafficPolicy: Cluster - nodePorts: - http: 32080 - https: 32443 - proxy-protocol: - lb-ip: 10.67.53.157 - prometheusRule: - enabled: true - -cert-manager: - replicas: 1 - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "2500" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect,/eus" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - replicas: 3 - receiptnumber-servicebased: "false" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "25" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - sms-enabled: "false" - -billing-service: - replicas: 3 - heap: "-Xmx400m -Xms400m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - -egov-user-event: - replicas: 2 - -common-screen: - replicas: 2 - -dss-dashboard: - replicas: 2 - -employee-tradelicence: - replicas: 2 - -hrms-web: - replicas: 2 - -telemetry: - replicas: 2 - -ui-uploader: - replicas: 2 - -user-otp: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - -ukd-assets: - replicas: 2 - -egov-common-masters: - replicas: 2 - -ui-localisation: - replicas: 2 - -employee: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 2 - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1000" - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - replicas: 2 - heap: "-Xmx384m -Xms384m -XX:TieredStopAtLevel=1" - resources: | - limits: - cpu: 500m - memory: 512Mi - requests: - cpu: 500m - memory: 512Mi - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "true" - java-args: "-Dspring.profiles.active=production" - -property-services: - replicas: 3 - heap: "-Xmx704m -Xms704m -XX:TieredStopAtLevel=1" - resources: | - limits: - cpu: 500m - memory: 786Mi - requests: - cpu: 500m - memory: 786Mi - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - update-notification-sms-enabled: "false" - - -pt-calculator-v2: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - - -tl-services: - replicas: 3 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - java-args: -Dspring.profiles.active=production - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: 100 - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - -tl-calculator: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - - -pdf-service: - replicas: 3 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json" - -egov-workflow-v2: - replicas: 3 - memory_limits: 756Mi - java-args: -Dspring.profiles.active=production - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - wf-max-limit: "10000" - -egov-hrms: - replicas: 2 - java-args: -Dspring.profiles.active=production - heap: "-Xmx192m -Xms192m" - employee-applink: "https://nagarsewa.uk.gov.in/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "sanjeev.p@egovernments.org,satyam.ashish@egovernments.org,pradeep@egovernments.org,omkar.ghatpande@egovernments.org,elzan.mathew@egovernments.org,harishikesh.anand@egovernments.org,ritika.singh@egovernments.org,akhila.gd@egovernments.org,rawatcp@gmail.com,enagarsewauk@gmail.com,raju@egovernments.org,nita@egovernments.org,leadership-team@egovernments.org,shaileshbagauli@gmail.com,ashokpandeyadm2@gmail.com,kamleshdcuk@gmail.com,vksumanias@gmail.com,directorudd@gmail.com,sowmya.vallabhaneni@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Uttarakhand Weekly emailer" - cron: - schedule: "30 14 * * THU" #Friday 8PM -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "10.67.54.110" - db-admin-username: "ukdprod" - db-read-username: "readonly" - port: "5432" - env: "PROD" - maintenance-db-name: "ukd_prod_sdc" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=production - state-level-tenant-id: "uk" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - # DEPLOY VIA HELM - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt20 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt21 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt22 - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka" - - heapOptions: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt6 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt7 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt8 - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - network-host: "_eth0:ipv4_" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt14 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt15 - replicas: 2 - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -elasticsearch-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt0 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt1 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt1 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-master-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt11 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt12 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt1 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-data-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt24 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt25 - replicas: 2 - storage-size: 100Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - - -elasticsearch-client-infra-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2-infra: - replicas: 3 - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt18 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt23 - - iqn.2010-06.com.nutanix:kubernete-production-f5f97b7d-e904-4a28-b57a-d88bef648b53-tgt19 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "200Gi" - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - replicas: 1 - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "ukd-prod,DevOps" - upstreams = [ "file:///dev/null" ] -#grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - dashboardsFolder: /work-dir/ukd-rainmaker-customization/configs/monitoring-dashboards - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - diff --git a/deploy-as-code/helm/environments/ukd-prod.yaml b/deploy-as-code/helm/environments/ukd-prod.yaml deleted file mode 100644 index 326769df05..0000000000 --- a/deploy-as-code/helm/environments/ukd-prod.yaml +++ /dev/null @@ -1,899 +0,0 @@ -# billingservices >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -billing-service: - replicas: 1 - images: - - egovio/billing-service - db_migration_image: egovio/billing-service-db - memory_limits: 512Mi -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-accesscontrol: - replicas: 1 - images: - - egovio/egov-accesscontrol - db_migration_image: egovio/egov-accesscontrol-db - -egov-common-masters: - replicas: 1 - images: - - egovio/egov-common-masters - db_migration_image: egovio/egov-common-masters-db - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: ukd-filestore-prod # Only for Prod - heap: "-Xmx192m -Xms192m" - memory_limits: "512Mi" - -egov-localization: - replicas: 1 - images: - - egovio/egov-localization - db_migration_image: egovio/egov-localization-db - memory_limits: 384Mi - -egov-location: - replicas: 1 - images: - - egovio/egov-location - db_migration_image: egovio/egov-location-db - memory_limits: 512Mi - gmaps: - api-key: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dyi/Sya9ZDtLZDNzSGtaGykvnF+wcghHpkW9T+oRVqtkTHKLLoCUXJf04VvvIQXtMANiA1syH+LaovWzb+X1eIQ==" - -egov-notification-mail: - replicas: 1 - images: - - egovio/egov-notification-mail - db_migration_image: egovio/egov-notification-mail-db - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "ULBSMS" - sms-sender-requesttype: "POST" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y&smsservicetype=singlemsg" - sms-sender-req-param-name: "senderid" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "password" - sms-destination-mobile-req-param-name: "mobileno" - sms-message-req-param-name: "content" - -egov-otp: - replicas: 1 - images: - - egovio/egov-otp - db_migration_image: egovio/egov-otp-db - -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "003399" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - -egov-workflow: - replicas: 1 - images: - - egovio/egov-workflow - db_migration_image: egovio/egov-workflow-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - replicas: 1 - images: - - egovio/egov-idgen - db_migration_image: egovio/egov-idgen-db - idformat-from-mdms: "true" - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/ukd-mdms-data/data" - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "master" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml, file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml" - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - -egov-mdms-create: - replicas: 1 - images: - - egovio/egov-mdms-create - egov-github-pass: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D52KEzHorPnuq4Tr1+wvpze93FX6vffkLIxUOhLBdceO2Q== - -egov-data-uploader: - replicas: 1 - images: - - egovio/egov-data-uploader - heap: "-Xmx192m -Xms192m" - -egov-searcher: - replicas: 1 - images: - - egovio/egov-searcher - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml" - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - -egov-pg-service: - replicas: 1 - images: - - egovio/egov-pg-service - db_migration_image: egovio/egov-pg-service-db - axis-merchant-id: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D52nZQ/ao3917NH+A9Nzia4OnF3nKx3paGRwtG5fQdhQSg== - axis-merchant-user: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50E/19jZG7/ZO49ktEP8jZ/tVW0LQABhwpee47YWKTAjQ== - axis-merchant-pwd: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+d0MclER+4D19AYtVyUwNJ5w== - axis-merchant-access-code: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dn2uiVC8xSRX5UV7gwlL0jw== - paytm-merchant-id: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D53NwU43QzeIQZAPoIT8KS8R3B5qUHq68JNJqKYP8Udo3Q== - phonepe-merchant-id: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51oL2EGrGLAgiRVXo3xq2GV97cway+NjWbaqCjVzpKrYA== - easypay-merchant-id: XIq0luHz3FXVpJRouph2qA== - easypay-aes-key: SToEPAiC76lcFkhZ42uo4nxz6zlMCbKq3MWmoJLj1PQ= - easypay-sub-merchant-id: - easypay-url: https://eazypay.icicibank.com/EazyPG - easypay-url-status: https://eazypay.icicibank.com/EazyPGVerify - ccavenue-merchant-id: Jh+HYzyV6lzLt1nG3fuwUg== - ccavenue-redirect-working-key: 3bSPCjCcQl0EfCWjaV0Ae7NtTvheoZxSapAdklzlSA/N4uycsGiu/0+L1dfNAX7J - ccavenue-status-working-key: lodNLWWLdJO7BuzthXmiYLKbGgiN65a+VMxrExJtnItmvHyQ++DUN3Ra+dFk9NYy - ccavenue-redirect-access-code: AVOD89GL21AM94DOMA - ccavenue-status-access-code: AVVD89GL21AM97DVMA - ccavenue-url: https://secure.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://api.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://nagarsewa.uk.gov.in/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://nagarsewa.uk.gov.in/pg-service/transaction/v1/_redirect - -egov-custom-consumer: - replicas: 1 - images: - - egovio/egov-custom-consumer - erp-host: "https://mohali-qa.egovernments.org/" - -egov-index-custom-consumer: - replicas: 1 - images: - - egovio/egov-index-custom-consumer - -egov-apportion-service: - replicas: 1 - images: - - egovio/egov-apportion-service - db_migration_image: egovio/egov-apportion-service-db - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - replicas: 1 - images: - - egovio/egf-masters - db_migration_image: egovio/egf-masters-db - memory_limits: 512Mi - -egf-master: - replicas: 1 - images: - - egovio/egf-master - db_migration_image: egovio/egf-master-db - db-url: "jdbc:postgresql://ukd-micro-prod-db.cmx85g2djayq.ap-south-1.rds.amazonaws.com:5432/ukd_prod_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -egf-instrument: - replicas: 1 - images: - - egovio/egf-instrument - db_migration_image: egovio/egf-instrument-db - -egf-account-details-consumer: - replicas: 1 - images: - - egovio/egf-account-details-consumer - db_migration_image: egovio/egf-account-details-consumer-db - -egf-voucher-indexer: - replicas: 1 - images: - - egovio/egf-voucher-indexer - db_migration_image: egovio/egf-voucher-indexer-db - -egf-bill: - replicas: 1 - images: - - egovio/egf-bill - db_migration_image: egovio/egf-bill-db -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx: - replicas: 1 - images: - - egovio/nginx - - janeczku/go-dnsmasq:release-1.0.5 - service_type: LoadBalancer - asset-bucket-url: "https://s3.ap-south-1.amazonaws.com" - jaeger-credentials: "jaegeradmin:$apr1$LYwa.eHV$zWn6CJySbyd729NMFcUQd0" - nginx-global-configs-injection-enabled: "true" - SUBFILTER: "YES" - nginx-global-configs: | - globalConfigs.js: |- - var globalConfigs = (function() { - var stateTenantId = 'uk' - var getConfig = function(key) { - if(key === 'STATE_LEVEL_TENANT_ID'){ - return stateTenantId; - } - }; - return { - getConfig - }; - }()); - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 2 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -git-sync: - ssh: "yWDnop6OESC1f6u1HUaDdhfpcukYviftE8G1BhK3ihsNXMkWvNK2LInRgr23Z69NZYSC3NfvGe6DOlX16hivEq4fZBDgc1TMNwTBihZSo6SCRY/KiMDbiB8WFo1ajwb1xiUYgmbNDvM38ieTkSCBGiBJlEkrC5bN+LUqjiFpsY8szAgoKkERuourrc9huKPaT9kPyN4yJ8cDrcikw0B6LPUbv+r+z86HWFFBxaYtigQsqnfbdnSGAVSCFSndDm0KT8srOGt8acXgkR7MlOEDrVrsGtCzPWFKETa0dUNfxRGuFJQ+2daJZgG9i9Hg9kmWLNKvh906/iIKCQVPdfaVQnQ1thy0qbVXuipC59RUQY9/b80jdOcR8Wf0yYATWCe/94E0azWDbMk6/IZJ+T/mkk0jWMikjESSmWFpsHN1kX83cJIsy/6e0Zg4f0pKcmc1kIkoWAHyDyPkriVb1E90zO2vCIAvgFxJHxQJfZ6Y32eyEJGTcmtImV52VlYfPXnMfDFHevUxk81ayvoZFD6LAV8rxOyQJ6Zd9QtyJtpV7spt0IDJAGAPFPBI9RTpICpWwwaB1jCcGYm0qcoDK/XzbtVk7ClKFZprszD96nnIOfclwq6hP+jHKlwoil0P0h+aLHF41CHDAQx3hqe+UlJF3DlB9Uz8kEIzRL7vZksiaIUk/WWRYnRlDhsmZRfzGnYRuIgg+beFDL2syxVZzLLnv04z2pHAMafV60kKPeLLSsQ1H4dQVGOwcWEJeoePvCuZfiFUkn2RNCnfWX4uU6flXSLpdLZ5s/b7E+xvIyYgLV2Fk57zvFlEbBjI+M73vxo/9BpY2djvUKlL/XOQMyb94clnOFUXcqtjiL3OhespWRXl3sIGVtiYQ8rcDgCPCn4LFtJoPhGzmkvG3ZHYi1p7u0UNqyBEUX+hbeL8e9Nz5PG/7tDO6ZszAyFuN2iu7Cib42zSsPvWhOdjaUmSZ8zJexK1RFoVm2aRJcRVWQm7Ef5yWXja44GhOmDyQ0eyBp2NjdpEUul4Fj25qVoMzXq495vomm+zXvg8WUMsjgm8J0Bcy6sBi+9EIFyJylqYULD67LQ5Av7BNJ9vcaMxX4t/PpACkJBy/9uGlOkmNiL2BfRkSuCQNyfFicalTVDT9BNMOy9wr+u5yaw9nF3l7ViTRrsN2H2ZNjXwQl64cD1rQKWpOs8p+ltkljZfWEzhuXaslLXFligEBJqC1TAaOsgGcwLLGiFBIKw3jcrqbeP+YzvpAa/jT6ooHeaya+92RNd9Ipa8lpcwPZrV+0+jjk3m5m+v2a3SISfRGJV6Y+DRU9l/lIrAnfXHERVr822Y2rWyJlptE00B+rvCXWR498yMv3UZnxxXpo2C/0Db1K5JBxAmw8IJLgQ9EL8jTwH3sf/UimcEkwZ8OdYjR0O1Ei5OcMtQJS464hUcqU0DaGS6PbukPjvHg3Mxn16ayeRI9JOwj0fGE10NnxZHv5oBc15qu78o+B7h8bAIVPeDNaRJEwVBafeGH2C4cORTunwAerUS+b194naNDEgXB+H8Kt+lFhlQcGOmzkBHo0MXwGY0UWd388dCUYmSeuXu8SFyD1/EqvbELUTcM+IP/s+SKpprbSZxBgC8hYtt8AoDkCNvPvgctUpJ+rdfTplqNhrCD4mkqs1cbuXA8IOclimUHYcu5ZlzPbop+x/f+EB2SL9oe5p+ZrwHoR9UHsxXfmYKCHjxddGbsrtxgAEtH9JKoWR5zESjt0Mhh2rkPYU47OY6AkEsGYODV5NaOGDVNdT0iKUo0AGEgxBho/9g0phbtETkPMiGqXngEBQ5IHzcJgwW1vhvi6FJ5V2Bq6wktNtmq+RwfP9cfiiplp/wdoXSv/vJbOmista8uAcfO50TjLiC3aXWbk9yYlbKLQn5E4cKfOcq88F0ppN0qN9xDvptfvnpoVyfrK1WVP78X/UNd4v5HupL0ID42slEhjcpB4kpLbQ6CMeUJwvUk08GX5i0AzNtKBUjA73I2vnR+s7GGrN/NGeH8RZb0kD6kLlhEm46hsyuCuWUgHasuj5U7FemwpkPqTyxWRn3vZPfxmjVP2ieEReaBaD4BrEUWqH4Mi9aVZV5XK2+ZhmwK+ge6MVpxS/B+2L78W/obzlAXr7aABW78FFch6l8yL5SAhJa6SDu8Bs2hUkzVFTGrHTeSTEE0MCqaYAfwr2XvzgFsrfXRbtJt7wrUCRErGtchvFxpDvmiXBi6g1CRpXZOG9/OENlNqJGpy9UWD90ohrBfPvwd0s9mDSkhVTKbVmwovqcwZ4ExvSp9lSPW+T4APtIIG5EreZ0uQSvWsIdU1gQuPW0kWBHFti003Dsg/J4Tt+M9RzjrzfhsxKX9MuC8IAdnrgH71Ye6Gzkf/SlDMHppUhANY8RCIho30Q8RYJlQkGaOoGxaQ4foIvhZwm0vZukQwJj63s5jDF+I+m2LTTMSsN3Y0PyjmT/4K7veq+hVqN7Mf3PqS8mXpiR23P5FgnriWYDLD1RM7QihOLTFIp37T1oWwj04VTiqD7cTfw2cTDmqIFP53sreAwzstC7ggjk5XC0X9W9zFQX5KmWE+1Po+DAouGm+fDj19p3V4wQ19qH0FQfAfUP0tDROiGpAS8iB1XI4FGJjsYEPh0D2XXP3ssGfKUfAvr/cRsjv7x7+5/nGhKZCWdIxlG2j7s5qo4fT7TIfr8pmhhXDQq8gwDFQpiFpNc2/isOv4bnW9V+oh/300KFmyk+N/1ALyaUla2lcgKarguqxxOmB9TjylceWrPUGSXtgI/w5CAumxzc3uTpkEFC09zu0kc87zUwQCkW0bvy2PXsPVp2dDj/s7XRfzC7EPX0T3beeNuYyedr+WQkhtk+4W+4ub/59VFA2ypuZNmTDnd0vhLckaAO7rJ4Me9Z/09PnkhpRBPHMel1JeiPaf2Toh5ZP6O/ys/2TTqrcTI0YrJIZmFpqs9d/RK55veVSmx/sKCdNrpbFHCsKMlGCTDHCflxaO8i7Zc3glvRus/5pECIllVmZJRFtMa0j67mtLkotdWT73GFAnLriCtSkSqa14Aqm2C79tj+m48HsRPG8P37xvFPenJfCMwOCEGK7sTzMfvufvTSK3kHc3NYcUrlFVut/rQuy5Z8OpcJ9NGKgdQxEhRIJYAPDdaTToVqiyPxFqGcMzlr/yI+AsFh7THQob5BKZMH5KsGVDu6vlgBz7626EeXxmrllqOqTfxLLiBgempp4WyX+cLbGn5Oif6eTLg3sz+GMxtNH/2qg0W+jFCmWDppGDb57wlYmYLiT1D1LAbbs/GuDYlQT18DaVMZkXzcAf+7wYNscxQx9gOtLfuRw+/5lfisuY507i7fv88kd659FAJq0M9hjYfOiJkW+p/kJpS4brD8Z2cJwVYpZMPf4SexjMJGi7ElIO/9D9b1Cq6mk4e1F6XOkl8ZaQQhfK4zpHVe054y2juM4Dm5ANJpxQTSN+nfk2wwwZKF689ul/4DZgN9UhCu7SIQ8gKOKbLbk9pw7JQlqZhn5cwMsVuy/sRUAShWuxE8YExlScNag0OLtFscz5nFQOpQf0Y5ehia/mQTpV3WWvhf3pswpFhssMoFsjiv/tAFDugTYj6H6EpNCF6VM0sxqgCOp7cRaDFdC1ExOT2mRBQSgUJHCI4x66OV4/9jGqnhlXbDdfRD1aas+rmwVLNMBNVosjrZDF2SMPgRnbQtDS1KojeduVJVbsEVgHEB6TWUtAclIpod655WsFHfZ1cTaGT5vsq0CI4SP63UsK7sdla9Z22qWVuzb+NmGljzCKFfaty2t509g4qkCyw1xA8fGte+Vp43NxaNsV5V2w0lr6jE5d/OpTQA+xznCkGOX/DPHyJwnxM+c+YQ9/UQOwbFrk/6akEkFW6/U8O4+Culn8j+um/fdPMRgosD5Gj/GHGTmHuCFbavHS9ALwV71J7swqX00PUO6j1+Zpqn9cjL8IqHGiWYDubKBZ7Zzo57SjyyspBxCaK/XXJ+FkGVsM+8h24WtcgIVCFTFmfMyc0CI+pe1TJhfc1RZLWU2Az8QxEUF00ROAJGNGOTg04bPKdfmvTGZQIm5D9RuQVCSk5XdIrxUQlJyP/LbgQG87xhGm3EUw/HZCRgi604uDpUAPv5hIJKlHqT2Yd61hlM1KxL1y/6qz5yhkbLHAN/l5vDx4/UdOqhk4Kmo7GoyustiUlOe3n+3h/sLntJqoPleE/uhTa/Mg10h+tIUPNe0b9V/OHFoRbCw/ppsWQKz1vqX5nT+haVxw2g9SbRYfNUhccZhZPIupxoe7/46zRbuXoQhfHbDKTqbu2oJt02RYsp+ic6cg5hEJtw4LE2Homwr9nwr0uL46lGZ20fmu4ylmwXTpizBjJvS1KA441MOMqj5rwPx8IQF6HqCiuJdF0kiMxvW7ACeGIIRk5J7HfOSBzvziTAmwgcn6AUicqGmR+AOVkHf+PdTmwxuqY/dCbm5k16Q7IXpE+jWEmAHZXXaMVUXIy9wXpZ93Wc8vjj3cdJMs5yiNdwgzgc4AIaMxRsIbRR6fPHFRstuHNDkWG9pQT/wBCNmvcP5P9rxKhhCdCNhGDTJo4/NjiCMVPqNQyteVSKyP+kYNeyo1SGPcb5X5d8yLC9vJ/ApXo/Ive0bGbKphEVCJ8iZxWlTy4gqndTYdjen8F5NqToIqKJmNniaT/B5mlGFe7RVOznRNBiQPukFhCIYNWSONbIsyWvsRf1vZ/3KSRrP3I7KdufqMSiGp8NJTYhxBJKIBKX3n3XRYgjr5+g/qeP0U0tw7x7ZcNx6KBZRpyudf2OGlxLAWWnqMTe5jVihk73Plex1ZkG8oGEr09wakJL0JBH2JI/iAVbdYj3Jzuy9+yah7X+wzoZoZB+tMWDZScJNuwTf06OZv+zcnK/Xnmwt29n6igZppH3yqjPRW9d6TkcgWNsXU9ByB6iall6YWmkKWqerUFFja6VcUayAS7IN43WZhmNdPOWfQvxetjegXfKCKLaEqG0CzDGyTXVel6e9ZICpeW0qx8Sq2CD2vSSfUiEcmieRsv744dcW+mLynwA21iaF99XjuA2oe0nKblH6YQFAJEHtmTH7u1iD9sAjXsKdlYChOKuJ5a4zknheUJahIQcW7aU1nZcFKP+QdSKqXaciY9s41Y/XHURT6RXWCjRgfF6dOHZLA5/8vkNH5nNZGYIRWi1iq4D4rVfivvwCGLLuzffYZOtBSt11S6UZuEL3A3uX0riJwpLpP5vNafm60GmeABcGGGUxPnPj2PTd0xur7l41nnXT9XW5SL6Ki2v6Xf8if29IT/C0J/3oWIqBgBT/WF1+dbk7huLpdDvBj+e5Mb+D6szCS0QYZa6CViuPFGm2zJGUBrIuzfN96tQ2hpXBUCr9nuinXluxIVdoH+bCWsdUg5QxvrLSQ9TBH+OG536YzC7UVBOOCI7hwPCOzr9c46++U5bq/vQ9PxU91USyyazfdJQ4A43JgXysMEwmDiZrR9eXpPa42+rR3fmjffPt8LTOHvYN8dGtvm3mqunFVSZ2736tQ7mTSL0Bx5fRzto5edpGsnqCVclOAuRUxFOr5TcUm/TxC6yJwVH3pLEu8K4XKkE3fKrZ8Iu2N2vxn3UBKcbQ2xngFt5Qm+0ckRXT7kKwi4w2BsXnifx/H8vHMFZqOe2wgGOSpcnN+RxojS3GvtcgJhcQ+2Be19z3d3ObSorOIwS9ZRXhUB3RpgjEOTA+5fgypUm36BGCA7OqeSZd8KsxjuddBZaZnpla04trg==" - known-hosts: "KLnFDDe5U9chjb87SQYJOs3A7qRVdaWGoG/JoPXcIW0Na5KVgYfe0FSEzfQXvb/Cl+GnX8j7PP5rE7t4qg6sXXdjDuZ3A4o9JLfFYtvA31oSShnADAsB25Ren2wIevF3rUo5P58StjcdzZtb7Z12cAWErCPlfohHsTWPX0/WN4XaHmSSEqhNUFoCUG2pn/+hsifHvGlVsFfj09K/IySE7iLRaniPbVc1zpKkgABeBiLb6I7OA93z8NaMQ6BkbOEQWLu+p7ibHQ54hNPGtonHZ0chmbpXEwpwdb0iOrx+R/6ggBkeAfTnznZFCLJMpjUF1golIEEPf6Ckt2vjtGuTiFHRBhOpsSKyXf1GU9yB4wbfQdAgJNqZVdZtjqvVHriEdGoMPKnPgxYfAPDMKYx/mTR4WX8cSystrC6tSM2UzR3bi5RvhEX7OEaB1ysRakSjwWVBKlTa5jvAdKEXKYDaDRKxPvWNewGtzYncmNV/puOa0ni9L/9NUxFp3HVRf8mKllRnCZH5nyLfvaMew14W2GMqI2Kg1TtPS8NY6MHQH9cRm7cyN98fo/Nbu7WHyp0X5A2OVffu0g3n5W0dEImUfbmDOddNAXed5A7p2oOH29/NcbYUTxs9UY5pO+lurvG5ZVtzbaEe+iRug6l81gQAwBNfKInUToGVNVaQ5Ano6sof6vBBcJaTGCWJdZI47G89" - image: "k8s.gcr.io/git-sync:v3.1.1" - -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/ukd-rainmaker-customization/master/configs/egov-zuul/pre-hook.json" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# user >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -user-otp: - replicas: 1 - images: - - egovio/user-otp - db_migration_image: egovio/user-otp-db -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> -collection-masters: - replicas: 1 - images: - - egovio/collection-masters - db_migration_image: egovio/collection-masters - -collection-services: - replicas: 1 - images: - - egovio/collection-services - db_migration_image: egovio/collection-services-db - receiptnumber-servicebased: "false" - -collection-receipt-voucher-consumer: - replicas: 1 - images: - - egovio/collection-receipt-voucher-consumer - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - replicas: 1 - images: - - egovio/finance-collections-voucher-consumer - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -ui-app: - replicas: 1 - images: - - egovio/ui-app - -ui-uploader: - replicas: 1 - images: - - egovio/ui-uploader - -employee: - replicas: 1 - images: - - egovio/employee - -citizen: - replicas: 1 - images: - - egovio/citizen - -common-screen: - replicas: 1 - images: - - egovio/common-screen - -hrms-web: - replicas: 1 - images: - - egovio/hrms-web - -rainmaker-custom-service: - replicas: 1 - images: - - egovio/rainmaker-custom-service - -employee-tradelicence: - replicas: 1 - images: - - egovio/employee-tradelicence -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 1 - images: - - egovio/report - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 1 - images: - - egovio/rainmaker-pgr - db_migration_image: egovio/rainmaker-pgr-db - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - replicas: 1 - images: - - egovio/pt-services-v2 - db_migration_image: egovio/pt-services-v2-db - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "true" - -pt-calculator-v2: - replicas: 1 - images: - - egovio/pt-calculator-v2 - db_migration_image: egovio/pt-calculator-v2-db - logging-level: "DEBUG" - -tl-services: - replicas: 1 - images: - - egovio/tl-services - db_migration_image: egovio/tl-services-db - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - - -tl-calculator: - replicas: 1 - images: - - egovio/tl-calculator - db_migration_image: egovio/tl-calculator-db - -ukd-custom-service: - replicas: 1 - images: - - egovio/ukd-custom-service - -pdf-service: - replicas: 1 - images: - - egovio/pdf-service - - egovio/pdf-service-db - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json" - - -egov-workflow-v2: - replicas: 1 - images: - - egovio/egov-workflow-v2 - db_migration_image: egovio/egov-workflow-v2-db - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - -egov-hrms: - replicas: 1 - images: - - egovio/egov-hrms - db_migration_image: egovio/egov-hrms - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://nagarsewa.uk.gov.in/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - mail-interval-in-secs: "604800" - images: - - egovio/egov-weekly-impact-notifier - schedule: "30 07 * * *" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-config: - sms-enabled: "true" - db-url: "jdbc:postgresql://ukd-micro-prod-db.cmx85g2djayq.ap-south-1.rds.amazonaws.com:5432/ukd_prod_db" - db-host: "ukd-micro-prod-db.cmx85g2djayq.ap-south-1.rds.amazonaws.com" - db-name: "ukd_prod_db" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://uttarakhand-uat.egovernments.org" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml" - logging-level-jdbc: "null" - domain: "nagarsewa.uk.gov.in" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - -kafka-config: - topics: "egov.pgr.validated:1:3,egov.pgr.locationupdated:1:3,egov.pgr.workflowupdated:1:3,egov.pgr.saved:1:3,egov.pgr.indexing:1:3,egov.core.notification.email:1:3,egov.core.notification.sms:1:3,attendance-save-db:1:3,egov.employee:1:3,save-asset-db:1:3,update-asset-db:1:3,save-assetcategory-db:1:3,agreement-save-db:1:3,agreement-update-db:1:3,lams-workflow-start:1:3,lams-workflow-update:1:3,egov-common-holiday:1:3,egov.leaveopeningbalance-create:1:3,egov.leaveopeningbalance-update:1:3,egov-hr-leavetype:1:3,egov.leaveallotment-create:1:3,egov.leaveallotment-update:1:3,egov.designation-create:1:3,egov.designation-update:1:3,egov.position-create:1:3,egov.position-update:1:3,property-create-validated:1:3,property-create-tax-calculated:1:3,property-create-user-validated:1:3,property-create-workflow-started:1:3,property-create-workflow-updated:1:3,save-bill-db:1:3,update-bill-db:1:3,save-bill:1:3,update-bill:1:3,save-demand:1:3,update-demand:1:3,egov.collection.receipt-create:1:3,save-taxHeadMaster-db:1:3,update-taxHeadMaster:1:3,save-glCodeMaster-db:1:3,save-glCodeMaster:1:3,update-glCodeMaster-db:1:3,update-glCodeMaster:1:3,save-taxperiod-db:1:3,save-taxperiod:1:3,update-taxperiod-db:1:3,update-taxperiod:1:3,save-businessservicedetail-db:1:3,save-businessservicedetail:1:3,update-businessservicedetail-db:1:3,update-businessservicedetail:1:3,create-legacy-tradelicense-validated:1:3,egov.pgr.servicedefinition-create:1:3,demand-bill-update:1:3,egov.pgr.servicedefinition-update:1:3,egov-common-department-create:1:3,egov-common-department-update:1:3,egov.services.tl-services.create.legacy.tradelicense.validated:1:3,save-service-db:1:3,update-service-db:1:3,save-pt-property:1:3,update-pt-property:1:3,save-pt-billingslab:1:3,update-pt-billingslab:1:3,save-pg-txns:1:3,update-pg-txns:1:3,save-pg-txns-dump:1:3,update-pg-txns-dump:1:3,save-pt-drafts:1:3,update-pt-drafts:1:3,egov.collectionmasters.bankaccountservicemapping-create:1:3,bankaccountservicemapping-create:1:3,update-pt-property-index:1:3" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -zuul-config: - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -egov-service-host: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://es-client:9200" - location: "http://location:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v4.1.1 - -pgadmin-config: - host: "ukd-micro-prod-db.cmx85g2djayq.ap-south-1.rds.amazonaws.com" - db-admin-username: "ukdprod_admin" - db-read-username: "ukdprod_readonly" - port: "5432" - env: "PROD" - maintenance-db-name: "ukd_digit_db" - admin-email: "4iggARvOWhjnr0uN86zCfvVVwcZfFuWu7CS/yJTOILlVI8UuAMSCOf7W+xyxsTgw" - read-email: "XekrwLj2geZMkXzz1C9Kul48l3b3JpBYSuDz4tvgaEDpx8BBtJCLHHt7f131vo9H" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#timezone specific configuration >>>>>>>> -time-config: - timezone: "Asia/Kolkata" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - replicas: 1 - images: - - egovio/egov-enc-service - db_migration_image: egovio/egov-enc-service-db - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "uk" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - ebs-volumes: - - vol-09b426e81fdf2a09a - - vol-0ed2f6c683c41aeb8 - - vol-0554bdf82cf616547 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - ebs-volumes: - - vol-04334a5b0c95ebb92 - - vol-04a69b29731b9f3b4 - - vol-02d54c25d4f072f8a - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 3 - storage-size: 25Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - vol-085cbd2f5172ed51c - - vol-00974c01baecfea07 - - vol-0717a26f564566658 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - vol-01da68c7b494ed569 - - vol-037f787cfb28a6f90 - - vol-0f0b013e87a8abf75 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-master-infra-v1: - replicas: 3 - images: - - egovio/elasticsearch-v1:6.4.2 - storage-size: 2Gi - ebs-volumes: - - vol-040979a301c4b4472 - - vol-0984ebe97745c8a6e - - vol-040640f75b2b46d9a - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-data-infra-v1: - replicas: 3 - storage-size: 30Gi - images: - - egovio/elasticsearch-v1:6.4.2 - ebs-volumes: - - vol-07a934b39cd74a5ef - - vol-0fc7efe1b84884400 - - vol-0ebfdc357bba6e129 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - network-host: "_eth0:ipv4_" - -es-client-infra-v1: - replicas: 1 - images: - - egovio/elasticsearch-v1:6.4.2 - network-host: "_eth0:ipv4_" - - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "500Gi" - ebs-volumes: - - vol-05acbb1c6ee856309 - - vol-02abf3408e17affeb - - vol-0c10d993225ac50b0 - zones: - - ap-south-1a - - ap-south-1b - - ap-south-1c - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# TLS Certificates >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -ssl-certs: - cert-pem: "yWDnop6OESC1f6u1HUaDdviZvDrkhjLbO/6XFLI2adx0/tIwVOtCAbyriUvkShBcB1hNF0u+3vk8w7O+wTcxBLnSVF2xdqfkwffJsZuCjwlX2EDcGIKYWEi7gLu8ORk9vzwCePl+Cyw70hly6dJ4H6f/Lmn9Kiml2cLGPvpRzSiWMqdIO4UycQmjCWXy28a+GRpphsM5cMy1QAWdaY4BIaXxVRpMtZOyjJpLNdDT5fb4NkMulTXdxN22IJk3XDmqc4MPkYvT8/zZC4D8LUbwSi/uZSJMlAdyOk0Z1L/luEGY6UCwwLlgbJUgZc/3A+Zxbxnp8Ma/EmqF2wIObv5zdP9b7pmJ2GGqIf2AgI5SYvsi+YTBi9bkX8rPbe6P72m6iHh7OA+OyF47pyLopuJK8020nC+MmXiqCRDpEW0EPAjzsyXLOyhCL2bEsmbHOZH6E+HKHJjZNWyTT2DqXztubC0idl221t4UWs7/AzjD0r57jzYZPlhlt8yqUB4ZdOdjGN2te96aSxGmNdWdnymJ5mRCWGwJxDbpSK1Usd3qiyqwl7W952d7VyQ4M2ibWO+3zhzAIH4Wzl9TbmnIVZeshxsTOJHRWnn2O0urb5Vg0Pa0JsqCmB2t3xrcsY5vyiw3MNSGbpEF2ukpapsuzlhrQWqGvcdcU3Q4jIgyMjg07dghOjv76EJHOQ/LWNXtIzPmbgAS9TR8HE4k1hGDXEZmwMK/qZG0ccoJAWkjdsuUZ2aDVNreyX+zljN/YCRKNPZcjXlWx8leIEy6eIZtnEBJuGfMvXXT3g8f1B1gnMNqikyKfb2+6S9lBRfuFf5r7BwPWsA2h5J9SRruWNtyQxKeZDpR8Q9IRZafEeuVaO8VC9l4OHtPKuaNDxwvzIvb+pikY9FphTeu6zkrHDzvwb9s6LV876XS0AFlpMaPloWqUpkeVRojnn4IVbZ/3ifRf7B3FArZwcFCYCU4qzlUvAbSqq6uL+x9omnd7XZOB8LUtc9Mr8Jnu0vAVKguaba17I84D9/U/vmrRw3E/sv2ugmJIum5R+VrocILQo+ardRnK3XrnLlcravaWjdX6con2oKFZUy6tE2ik2qT5Ep/Ma2yjjjqcKlFvxzNfw79jPKWPYmV2osfIeBlUCMMRahFdY0zNPT1xcZBiUj12kt5L5GasX7x/NvpgrNzCqDVnb6sOpJTD0/aI9q6JuCCYCMvdBoWkJRL5fMkwtsjwsh2omOddM7w5M2QsEbGrcmVhx6XCAij1IWTm2AeoMzfLhk0n/dli3sNTd5X7ebC35k8aNs59FfU9R/4QNo02NarU7sdKLu8+GijNgk3fclXUSfCNDXhZkUO9P/89N9+5qw3ZHOd1PhQOsC5ASdMXn5/kuHlgtOLjNWwyHBpMVPebas1CAKmoDA5s+Hd5u8nmpiWTRtFTjt99eOz4Ecz+WjX0GxP13Lb5ZRyGKyVRpVHhMz5ewgkjT8tobxsvRXLm0ffUaVu8WQB6h/nRi5jGUG9WFQMbAySyFjW22HbWJTZxYwfrxmcxiIXRlFY50jYRWeq0N/jP9BarGtl4jidE30oWj08J5Ab4hP1K0UX8V1wJ4ZjPf0ylQICFisPcfqtAfBYULF8qKddxdNJ/KeTXvm631eeA5WhAjP7rWIcucuaWH/BuUfbLIf0ybyyDChDuol5qVJKcTcIlOij9q0OXyCC0aWEwQTIfgxpAUZTPFabU++YzdIAxRSFI5U0pHC3QzXW4mnTMZMbqTiKp6pyvqtJ1fpfcSttLlCfovBwGR5px2bwQ3yiXaCrMGQ0SISV1ox+GQxXdoa6ikRLmvm5P6aCgJSsyp/MG+5r8RsKz2rbAsCGps/M69cCtbAHEyOyuD1EhwzgvEHfO/So0yFoJKtt8eX+YD7xe8oabsrCoxg2Mc4dQ576zwPMU1wGomwaQ06I1Ue4lDtOMM1H2nSAuv549X3bUKt/EoNEMJdDqBPYsj2WF6UeQ3cxO/8Ouoj0lV1hVFM7bDIdESSow7rDpnv1Qs0cxgYWVqwJaQzm0ni/JJsjjcZHgAVC4RrVQi1b1ZXhmJ1pgTRlCuCL52WQppYRxEHPAkkvFRNGoRoiQzAGAgwRdOduQZB3tRiLMRlqqFl010NcY/OJaRPLKvxhNu3Ri95M4U8Z3iA/U1oHybTF/AXzLePt4HV2g0ZnLhLEtfWx80+CAPCIw1sKPx3BuO7UY2CV1fAga23B/n6ytgSUqRllo40SrWgjyYUEBsJk4dMitD6Min88yivcKyF7SRqwqBTNuPUcs+b+RIyIfvpJarm2WUcD8c1F7bYyS91UPzZ9PKJ/V7Dx+qgQNFEgNartq/qAFRrwwy/qTMM9p/rXxUpM77dnB5xohMCN4JG2NMoCEFjTW54LCPb7tlk9lO8VXt5+j+Oayf0Z1XAQnuQ3A9xQ2dGXLfHNglUwPpezUyGqlKRI5xCPHp5i7slxPKjcRrvgfyf7GiVZOY1bfIAxiU3GNxGf9qww7bdpG5XOpugC6vzxxLG2D0s0BG/0AMplPpWjq0zNgnSRov500OEnQg5gwrmNS3z6bjrevlW7ydJmi7QcFEiRvJCMkC1J3s4lTNJLI7ee+rlEKFAm7B7ggxnIC+M/nVczPX9ZDZJ7qBsWdWRGvzT3CSSQJ+uJDfnaOVeTaGaiBO1cbCNAPUbRU6LJ+MRmaoJyCHV56o6nJFKDVyeomiJU83uC1lRxjw1IUzXs8TyhnqfAcZ8a/fQghG2RhrD+RxwDdpWyeETIjG/XAcSrfQDKw2MiX9GE/Cjoe7VaDLVzTn9sQXuO5LDgxaFXAC9sKNrXdQ27V0VJdEeaHKFyXp2MyyrpfoT0W4Lrg9As4yY0j0rQS2vSCg0PVhAXzsCWc4mY5QpLxzGif9HVkJlgf4tVb7ykBqh8QhyX4QotOafpJpCRe0rGe/ttpUrscQzy75eoWBvim1jKDZooW4sE05Jvi+vWoDhhuTKa54ZSXUMiYe8j5z0jQ7z619/fsMHaGD4b8T9gUYml1T3CneskzOSb/QSfJaVL002iBZISNHb5c22r7kL/EiXIWrSeWDQNa3hkFbDlEbIBvFQb20cikgQi75LggU0c2yLuAc1q9ex9k/2DSdEQfVmh4+75jalW6TeZC3CWN7nWMsqns5yBoHRy2MNfwkjb9SZ6luS8o4bHaerZuJz3bgJ6DLVNenJfZRDi8fDobHdsASey5ZlzWP/eUKzhIMzliYOJ2M5au1xIPHH5v7BqjMJB+HggIFmC3IDvhZStxIQoW9id1rjeTokyFkpJ0Ps9E2QRG85CNwz0M/WJQ+AMGzWFlcWNGX0kPw6d1XQuIsG5Mh65HBh2I+7tM5CitoW7K1UtR+G4M0XhLRgU3ELmQSFEGvSGQUQSCayXOJ7kAaAGvoH6D7lYJniXCGwwLlUa3cfEqnGuGpQuyL4B9Ji7hZ4dq4oVsAQbzrSJqNhUNzhltPSLBD2ypJ96euPZMPGG6u5iVs+jpBA1HA0uRr4ZnYDKSuVQfdgzPRlvXz64Ri4V6Fx1Xm3VbRmyLzYtDPloN6YkDMhwSklK5N/UvInB57AD1RdXlAb2YDASFPgJTVBS454w3yQme94c7QcGEgInUblYpEjtEXntNko9cEMZAdi0iTLCMBtn4i/V6r8YNiVsFdQxFBbDVhkbshF5FbmO8IBMJJP7GZVyu3O0b+1Hh7DobZx6dXMPczYjOgrdTefPqttt25avGBCAono6Y3Qth4nOemGbGeERuGBPHq5u8TTQZ4kMSPWGlCs2lqU6q5JmD/Pe4SQ/F1rXgm1DBjrfiQF+leAozOkrwthQNGLlnul1v3S85UCzVhUb51D2PM5aJb8xepkM3bI9NJLynnsFt88RjLok1nDsZ8ZbYD0M474yx7X7vaQng5R0rnqM4ckQQWJEM7a8Y9GAQLsioFTEXLn6YlCW7/B/DpFTDBYeUb5YB+YdA55jJsIEUK/Ay3UO1IWuVxUBUBzBfgaZXsnXrCYW8bHlSmYUpAX/+Tz1rBGcLolt7D3vpnTUGAWBUqPPjIN+jjnXqSx4L85LtEq6vuJlcbh9qe4DAUGQIw2L6gStxj5Ul1bLLj4w30i2k+uebIUrm8StiA==" - chain-pem: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnclg56KejhEgtX+rtR1Gg3b4mbw65IYy2zv+lxSyNmncdP7SMFTrQgG8q4lL5EoQXJUjV/l93E+O19HiadUg7AGYsmfTY+fySIcOBvNI/+yw3GEihxelRYf2zhhLjxgNBgNrGvUqm6h78lvB7YJcWyn6uzaDIyohxA/iCCcbbe4pwj8K4ef58VKeUx2fKC5J3e9i9p+CFox8T7WHlpsTw/QP5lAK1LIGq/K0U3Cedkw6vxbtkCzLsdiGR+omlMuD5wB4lN5V5csq0y/EDPa22PlY5dJdvZL7IyDcamZMXKvvRVfyYF1E9DrasAjXV7tEZGYDt7FFPgVWnxSrnRzb+R4p7Qo0Kg1cmMMT+udUGQGFKi5+5kEvhDYljqOtQEbWjBc0vbBJ7TTvewvIf5IGa0P2fSOb0OJnGhFUTRDNmYESuylgqsYPo46zgdo4vsc3RqPXcDt1VApJLpEZL7q6yRZGgs1RreHyPAmW//WorclhZarOgso5CWPIL4ACAfvd+LbTnGsJ7ucL/cOJABhZ4dNfumxVNgEddXy5Z032edgh9OCvZsQmEHLZSikK+lnayoWkNutr74IiOwQ/tRHMWgx9N3U3kgnWKQ66UcyG4SVOzhzAIH4Wzl9TbmnIVZeshxn6x2+Gib/fmvsX8RFu+RWz42crd4eH3NiVcuyUjWSj6JDlER+7R2+MkNlo5mX7tNpz1/3bFtF0bIRUc3630oSPt5lcbSFxQo0sS2kbUojTzIZkQQcHOX/kWz6gcUPFoTkkTsu7Ze4MoZaB2NLPYXUEAyVT/E5JyrlxYK1CzVjfNW/a3hf1N7h5t/PELxcqRR8CwVq7prUkFJXRbePieLCuX+6qlbhR60vYhArWNZn8you8zin89iKNG3v6l7OXbjKeoFLDBESucjhAdBfujvKGMwVW3hPXMsGskc2pImCjk81PxstZb3xfWUsRqPL4kiJfT5BV7aIln1wdXGoN29A0GEbZ5/D8uXc5I23hvM8l7PjnLHTrnCRujO3tnBAhtVaNDVsr2Gc4d2x254f/HNNccdyRqWg8fDdhUg0O225vEH63sHLYMoX1zFPP37LeK9RKfci9pwMG+RYtenc/c+a77Wc8srpALtw8vSSNd755SI+zfZxUiZ6gr094FLn7CH9F9ZNDJ65fO83JRXXL0ppAu6S0P3SuQNPHMCsKB1/ouSoXWke7jWCSL9A+cQ2CccfC3IF/r2oi4LIWftAoVJwxsKUZ6kvvg+4CGM9oj20nLj5VALGpWxUQG4mJPZd8EQaev30UzcQFyf4LMSosl2b6IvXuuF0ROkMtnTxzXyQ+llxHueT3/1NeZol5o910VsZHM1RD0nc/Y17aqrjWvGbsAv55ezYKzBbbJKy2ANsrb/lCXd8nQ8ysJV9wuqkJ46zLY/TjFZ9VhkQ9R3NzkKO7q/B2jWhNXIlgudSzoMBlJheWRoiBvOk3s5ELWnMhyKv9Lf5sd1FPGUml8c+mX9SuQzPca3jk+u+Xj2C+lOBrgnloEAPdP13CS729WNFYkk5aveHOnoRJQjcSFPHB1+kDvX5obu3WPE6+r4EcuuTu8jcrMpf1yIGPUe4fdI5Qf3PJiRaCEsiyzQ42/6Xgp2PdjK7IBED/9v48tb1wkdlAd46TQtvHmNd+33yZ0gqY57euoiA38YRzEooo2CypXyH00cHr8yKl/IeJzBOg9g2R2s91WmZ9JyZipCrOEeuWTKqeiu29xgZ+DlAF23q7sE/5U/OU8ODwsNzn/BBeKXDjZYBSXLizaWkp7CZ/A7kU34ErVGMqdioA3aEg9JJwIl32m2NLiY2sL1+i9c/H+pC+k4fqqy14xRUR+bMr+98wwMvk9A+BWiJLqhbxREmcsaePWndp6uY8diYehxFeV7oM/hVgCLLJqITkHMxEJWedXiNc2a8GPHVCQvn5115gHxzmu4JiYpCgZxU9qG9ErJAht9iPN4ogF4ZYVM1tMIAVJwikzi7MsNkD/1IROdOQesj3Rw9OrV58y5kMn1/XjeDGH8jQAgltoLm9UG7jWkLzRdIzDqEs/KKyTOn8i9HV+pNklU51jeqS8rktIr7tZ5eHQEylvWISSkt+SAE8qf/AKoj1iaUWph7i+oycyaLlUV4yeBxEKjA+mxzUhBw8PhF03wIb/wJPZfHBk8TvAXs+SQQ8ZMpIt67n/N09Ja9dHuqawE9DxSPKY0hgKgO85Wrqq1C2YecU2Ieb8bi1dObqY/uiFVWEY7cUl5ggtfoE0qsWN0e/RKNuFAueqy9Yq4DV+mdHE5lAWtgXJZ6BcfmzIQfdnQIRGYW+gKJy1xF8ka7kAMu6niC9n3uclkIidsOxJfioZuKoXcIlutPpaSfHBA3onDpAIoQ7gIMgfwWMe3dw15iAwV7VHlH/pCd7V5nwwRm3/NTnp9bvX4ZZzF+jT3AB5f0D6oLsRJ7DErFcmk9bvk94MqiylkODaeuIFwrz/uEWOuIGqc46QiLFYZvkOZW/xhbtReKQu76fjqs7kgBAEPFuWyMMpa5oGSAeYMfwz4tlAvpie4o8q2ltcq3/Mv0ntuYu/IvPaofimED4JqgER+3HwzwKteP7mnI/CRHiZiCGMWMK+cjhQfKj0pTktx0KztfQ+ycE65HJpEG2zDCmoNY2vjCRWEBIR1J7cgvtysj4KF4t4IUZFIhaQdu5L+e4CheVF7ovJ0Ol6Pm0sGEmjf0yc8EbBDZrqegaHo8VZXCz6hOF2C95tLgTltAE8kRihi7gBreORQ1vlJDKYJZv9pVyiVxYFMJhN788QCbp+A5IY3DqndX0KET6eAd9uuVm3fT5Jkcf+6JH1+klScMlIGpGZcRutqSYqfQaSJQbPenhGyZRWRwJR2+2zQ+gPHUFzKEPhsdnplxUbL6sp45On9w4EiQ1qz1d3KCSolPrUB9uoGVUVkZr0FbGjLIe3Q==" - fullchain-pem: "SOOSdgE7rP6iBDotbGGhQxCizRN3yNjAm9JXE+Ao0207grbZwBLil0xU3NkcOHsiBF8QdEo7btmFA7Wl7j7KIO5NGf4iYsf5ZjLHY9CoQG+uKjEiHh1DAvKuuL3nUjyPfpUGYUo3d9w9oCQ43Z72IRCEVBx7Q7kem2+gsv7XRRUbn3xiSlAmI+v6KeF9CNuDt9xQ9HieoLGBoZSvdtTENFgyk2uKfeBfCMqo4IQIF7p/sI4g2dmRX06LXZzcYPet2BNzOAVEjvHaaZnVrBebd1mDpfkzDSBn6GLtkgDYcV5FS3pFcTgGqABnjL0acI8g7JwMs1BO3AaMJYIxHfjZdaekbaHtDG45a5jWbylTS0BxBuHe9lTznkwAAk+lUSklelHlbDuunaGJot6LQqiSAp1YAI8HRA2yJGX4SX8p7xQqntLuHXr3Nr/Xn5PZ8Sbbmn353/CjHRFGqnAECUnQE4PBID5Bn7ezeAkqFY7rhMSelPJDJAJm0pImgdSJyqzueW5cNMHhqxVDiLW1hWtuZ/sk21GIgmpgfW/mUP9IuNQp52A/NwoxfxAqQX2sfC2Ld9Sa4UXEfbxIZnNI5v8iToJJQ19yMUuEJwpMls2EitQptPXiJc1vJfbN8tCvSjsxPQ5sdXlM84d/Z+cil9nfR4wmIyiOLcwW1zEzkl/C7EMEwheIXr4q5L8xSBiD658S1VP6gxgMMcMG1/qfcgPWAi2r8edx0EcSLdB+ZoJOJ0r6cuUSV7K798ciVBRUL/ErdYgezvwVWap5JG9ewEZ8WS1C1fNQrffXtfWIgZocn0AOvzvO/jgWz8HQzVmOOnshhCn0eFj24kc76/VDyeKnkbtP/cim7RTtOV8d89OZXIqbB77+hbbiokIUBJpy9kE0Qdd0nOi4wFy6JQfZrQ/yyOP7AXm9fto/fWDeDTlhE+UFsisPsl7/zmRZQ4mGRnaNoguLlhNmbxjQGQhoe6J1NbrBBwBb0C5juNq3+VMfFprocqxy8JuivxI2DwFN7rppGD9GWLPApGaeapi68LgJOKXKDXU+JgnKUfM16aKxVYzZIK2fSwUTR7gyUGboFGDkLNtM8p+7a9ljrTegg+AiRCRCVDPhmRqYq+WaKhxdPJiWeOkUMN4HWKcHwvgg/NWlJhMkcV+EMQT3wfhtpPmqVkPfaZxjzzJ14lbIk6K/FfPd/8OYRWdDhRE1tepAooGVxZzIvMtOk5NQtEZwJZgJO1IwOvwR3JIVLRjdCPWPALtpFePJ5++akoK0SelTsALLIe9m0OyH4kZcRG0IxnOtqM+OCYhFw6bgzLsTbO2R7IqQb6APw8oc6lWR+XpIwEA8PRuBgb+uHlhX/paYqDO/zI/xWinBGFxskDvOaoS3Db5a8hMbqXR62eCIGS/MOVm+PoPClTrZp1DrtB295ktLzmYeD2/ptJdzVdPlKN46PE5kEKtRPALNaDoLcwZxBkVfTcLgtD0sULTav5oDQZHfst1bDfSW2+atx9rPjy8UtXfAaYECqROc9dJKWmyEi5f6lseO/54SuQCsUCoCa7Uk9FQfu2f60A9yPCtr5bqaFkh4ZEJ/lmtXfcC6tiFrQugPgZTW8FuMqx7WJyF0j7e/y5Ud3bsvEvy4WM+Jb0XDHgiEC0AAs6+5Xfilj/mBgUI14ZUsNcGBhmNxs1qOaSBhLl1IHHSgpSTG3y8wrJPOR7rWaqUtc90dl3vO9Zr4x7R8qnxuPwU/SVspKrXFESZL40izogIy0aqLL1sn0Yijicrcr027l8yhjslYLERVHlUJmQfZ8jq7PrfqIz50JnBNtseClQS40yXdnkz6GJM2V1FElBI2Dj1FR0KR9dCycRMgBlgsX5v/Km1S7S898Q44Lt0WK1r5uqkJnz/2f2hc8AaeWwQWmn0ZHMb7Xx97p4Rgsf8uPqpci4XTHezXave1VWVLwKGF2c+hDmMoZU0+RSbL68tlijwq9i3gtvUAD92I1iiEOvFHlrrkM2sy6l6Zrkcq/WoAwv136/xV2AhK1lXLhgrR2CqAJV50sPvOnQ6xdRnDLxJhtBkIV555RqNbIPOUEcAerEdwKus2fOTt9k72VF7ENds2s8w5fM8Q7n8g2TnctLEL2DMpRwMdDCZHsq1B37auX9l0Nlgnxcb/WbiTk2ODQlyxUH2JEO3yNtRhh2qGBARzjQM9FcLsdIMglmkgAPl2Mt2dBiopkiuu9WIf8mFSXY69KZMZ4wWWS4eaP0RYhZup4WtBbY1jGegYBKrriInryudH+HhhVFseGNO2sI93t4xByeeH8v/ozqKE59cdhnM+y9iQZMe+WVtx2ehg8fGFWtG97TpMJtycv5TFn9tsbtueRkw10EFcZTbeW6FCGk0aDItfl9euvY+oc5Nj91jOQEiAutBPVd4yqmnZIUDQsfQjJHH/9QrvdOjpNuVxrVmYmbJFQRebiR9eOSDwZTaeNwHUrT6S8wUPQK9Ci7r9KbG7CraoGlspgulywAl8tvZKBAi2WXrM3DV9E4yVuP/i+JlP1ET8Vkx9OJUVet5DtR/R41pOlaR4OSzdAJIPU+qp8GCxv5jGmHJ/bwykPbKW5sab8DSJb2UaiOH3Z+3epCYiwDGr7ih9Q3YeEwHCgpVLTCrB51fRcWs/ygsVYy7gHWt+eDpJ2RkZJh9tqJwzd/TNzWez2L3TNQiuKqy++rDYV0DDNczklN/fNT/wz5owA4zyqDb4PEeSSAw++PRv+pvRc7K8wEHjy/hsQIKLPo2tcgm1dX9OLEpr9cy2xLgmq7DsqabKV/ZNgBHzhziMqwIYfO7lpMFe1Mc1Q9cbSEHgd/0APX+J7iWZ66QobY10ypCv+Y8dAsRhMfsMdwzChrPiyQSYgoVdBg+otve3dkQQ+WY7iiciSRa1higBBk/+5evkBxJQgYmosgftD2wxedZYBG6iTF3Tka9n/KmzDxD5Qnuig8MXlG4LaZZ3D2ixGkM9c1vtEza6YlCrgB9uQgEo64reyPffmpGFyVTGQbiJA/Af8YfVj4uoOR3oqV6HRrlxjgI0BSLf2L1nclr1zw2SQeI50/vzA6bst/pNSnbbFaZQ71E0MjKEyilOk5Nuy/Sr/tnnt2T1vlXMZtct1gybbGi7zGKfwyKlHsK2Rzwo39dfUya+IaDiCnHifwJaKveM5fLZOFl7LNyVMQ/K/Ac3JxCBAohSO1K2IoJYCLQnlKJJubrK17y0YXwbvtWJqe4oc6SQccTDOAw3haq7INKNomBl0tR29Zk/U5ATJ6hWpX6xpL5gUKDI8GRmQvWsF0pl6szAWNLxl6ZcuZJnW1wYkV9kl0kUDTA/HHb8KqwdVadhbutU9SYoj0xXmI1FxTY3wPRCJ1fyclU+PnejQlcpgXFYTGKnSbVJPE4/CaP65HexWl0HKMC/aXMT0fbvJ5vvhRgIPpQXeoMUoa/1+c+dOgFulSGdgoqHb4hI/CScjASQ7RaF5OzlVuTZKLI1PMj492ceWj5ME07wpRGgpZmlXz4QaeMaceCBXuxwHiVpm9bU+BzccHnl+AYU9k4uQy5hkA4hOlTB7z3pECSmCbaN2vY1dzolVOuL5H7JGumErsPIXbxqUkzTEUwrFUra40rxnJLzaLaiSVlUTrbfHWAyeMKY9ruyoR3OD/bocBloMbvSPSKQP/OyIGfbMcIPZRDVVHkZddrjjGCorWVIub2wukmHrNN5v/vg8QxFaRuO6St7A0I4Ct5w25EYhFAEfAs2aBCMP0+nqh49OfYYXkmqWeItR4XOVm4U4Rlu9nzvPOr6ebhn1vtocQ7llhPTjnIZvIh/NDgz5o1E2b/EVBeZ3frylHuAxa85P858DFiyLJvptSfeJTzXD0KjHoCTzyD7gQT4A+x23oL8yJuR9rBguEmQDXhxq0cZ6F2OwFFws7rGb6N4KIcMDAGoVbAoH84tmPP1PKR2gpi13FslovG4ULP5G2Owpl8i/llOuNtM8UqiaIRVKrM79RK8BOT+XDEiaBI+n0rHQQ4wJJhSQEVo3by86hKbxkUeJZdIfGpHT/6eoiV3Co+betQi+U43967P3S68c7RrIFWzTKHm4AJgrkoqwt5TZSbYNqMeBL4wTz9/nZq+5zNYrvFPXCNX2vClYi4tPi5RzRaAo00TAzC616bEvxFFvNHlGktuBmN+m3Oj+HwfECuZctfsLZXBCSFxgGEs3vMQuUQT18rQoX8Xea+DbTU2zw3SdcWOXcHOBUdcP05PnOeiXom3Ij9kFRcAi9ggYlCsZzacI/phxmEFufJ1dhzPQmp3icpL8IiEGHjpfG79SkRGOioHElEk1pDagagTMDBvqC/vFzd3CBnoRQ4dHhDDH2Xk1SnM8vk5mDQ7eP3V+zKw0g/rZvXkFWDnbXXPWNb/WJQTufMgM0aBbAtUNOr3yee6NY3cPecY+AA4Vp3DwLrFvu2s8qUqS2/+Eyc5Mmf/SDM9H18aJ9j2wYD87SGBS1AkVHs3wZdYh2xJ+oDVWBIYowl+HNYhLSID9liW+WhXEpjBBmEN4oRhmdhQwdh3ZDaBoRP9O+vUUKZaspRl6lCdr8iA6JmEyaXWGO7yhxIhIfK7ADnVAZvGmJonVBTR+fwiZR+Cjx3V+vYbCtrBuINjmxid+oFgRuvL9EY08KOVTlfxqpdOqf06MnK6oREbjnKRETMu6dGCsjGsXkhGb4begPmA49OTIHT8oUMZN5oyjHSgvjVcYhPdz3WLf2HjaQRuj+knYmFbuLc/WOFY+Rx3unqAsDxsKw+7ynvB3wN7GjbftgDGYOSqyzcHoGUfdSQ8IdZi4+QGeeyWiUNr1HHMoBRFZTH1kvTG2/k04gSRSkgD4OHrz7/Zja+G7dS9ry6VplIvXJT5g/okn8uC87PrbHw615dKxkZuRCzKojsiyJfkdIgc7xmBFNEEuJiyWRcxD2R8bBBflBxwxeTdiLO8ce2FxDJC8CXl23in9PJHtXBMC00kIofGPAFDx2LdpsB0MyydOaYxGMRzHnon3hwmf4pZTMCTIuVmdk8pSyORgTSvKIdYtFtrBGOao2T+FVMCAaoyz21P7LA0hCg+LhBbQLMX32S+Fh8wDr1cIjYExu5o4N5qBo7tXsqcO0SpVu7N+jOeZsUsX5YK3GorqLihR77oUsEoX1QAVrhwmkbzM88MpjLYW6kJUTt9Tx7638Ub3+Vq4YT3pUbh+LI+HWdw9BO0ucV7cT/sE5VUk7U31XwCHii7SnrPP7RNAa98o8ri2cKViAJwv3Fb43Mg84I+Q+dG8zXz4bXgl0+WGElkLV9uoOb4TqR3QOfZtN7BveXjMx2dHeYJnocshjlU82Jd4RDn/19FyEPzD1SXbgYaJY1g4xt3L8l3mVY8SMW+8Ujr1BnA9mkG+n8h11NsongpvGnx60A6gD0WQY8HKlymEEoTQ8FsLPW3C2yYf21ceLAOs6wFBIsaXGU4IwLEPt9iZACCYMM5x5D2lJunwg0ihUZtFVQWl4+2PYHf80HTeLa6NEHC7CZUmaqMHBuKERzfOqR9HJgQXYy7bn5SPkAvwEB6fKJXsRgKHoYBHEtQM8EMjiJDiJJa8RXeWgJsN/JObFZwGA+lz1gnUlhVasTfhMduCuAdP/6JIVzHXwyJ8FMeuu6pDe6q7Lk1ZHAzsXvBZhrvCb0qN82inqagNPAdsjUzmbC8jAkjNfCnCB7rt3AwMApJ00KvXr0oytMCSTVn2fvZn671m+3kwgULHHY15zEchB7KCrCdDbM6XY6jl+ccKqN7PB/IO5RxTMyKLfLEW9WBS3MStrm/0SW+ohwF7UClIk4gYBLGM7rwz7t+Nrm/l4b85/HcEJYpkojbFj0BFXHYPoYOyb34LyY9G5ZTCfSUfeV8qR0D5wd7dHRKiRA7UwdSuU7QWmgUJokisrM6IZRXpUPfi0vSPsotDCD1RNhUP98gjALSwrDPxF4nyGSfQfSaRkA+X+sw74SFsUG0chmNhN/QkMfMTq+n0he5KPRamiPy5ebNT/SNz8TJ6joUYVewp31Rlp/FHz93W36HdYg/nCZ8Z1sBKSOzNpn+T1Rnrs//IrWyhgBcxJL/AQSSJQZZfdryGYMtgwG2rT3W84FE4LNBQI8aHkgDaHNbvA6NmJlLmOwGITVVrwE4ElkgVn6coOUhXTEcFm1jyhekpijyI1p2LNK5Cnw3afYqDMQzRyq0mX63b4tUJv0cQaYmjXbWv5jrK3hmyN8zyxKjcMUHGETw4wqPFJelGVJ1ey8p6jo9ep5oDkYMmF57dQ9bZvIiSbRo6EFW+Y8z0QB75l98uNjSoQQ2ROuud9y7/NZAxJxzu6PJmKn/rlDJFtWHgqIy80WEgNLRYctM6QSJTxGElWkWpE433ifkV483i8W3oqa18L5G6JGaf6K4eSKXhqAtG3dn+YObiyIk57LrVNOqVIge11XuCbWJpQe2DNBkzddmigx6pFkNVuE3NZqpZH1qZEV4T65pm8hLrw3QViBoZIKt1jRZzOVIFcSDOBZIbFWwLZz4zrNHzGnrrrRV6QO4hfNk+naWqdA9KcbLomCgJRhZGx2dhdnDsR691ZcmCCm16I7BioxiVCmQL0XxJNw/MeYPqZPKelWV6SjOB6TmAs5lqoLiOAgYINqinOzJr3+TtxBnAjT4en+8sbxGrcDlj951mpQBHJGdiQMHzvalgLmHxFV0Qy+pE1x9TvjKeWQIDgpNcxwdb0h7mN3Vu5jmEhq0t9rn1x/4IEWSmBFfaZhyCbu5T3xaKsQP2kD4rCaLaqhkJLNO+MqN+nKNKKPUicpPov34MIzpKEkwFi/yl4yurtB1f1SlYZxylGJT8sMIYuOOO5heBJd1kRr2UkFKpxsh4ZncCdDWCbeeGOHbdEbJkEwAwA1OYQ3zNxwEjEJu/yQERxZlcjKzfMjqLIxXyUP5wClUjAdK9qd9CHh6V4FH0/vo1kKUV9zPz8szPXbnpvthI3kySwcICxKdSReL2OlnYoJwKmKjgquSFJXD4oh/kNtexvpOcAXKuQkFv8ckCEHnWknJ5mc8Cyks" - privkey-pem: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+ddvKsXYgOSKBKK19dqTuPFfEp0bUSYHePwRvAOQP0pccnI1R9/p5aUk9RWkxFWoqRLagP2GsJoCn/ynAPB/KhJ5C/2yMaoSzHZtiYDcPTDcgqC2udnKHVFM4sZIo2z9mSs1i3BFEmGgUQoQWJrtnwcZEduMW7+72xsB7U+NxtXzOrH/GW+zLukYk3NdRoINi148nEP6uTD1zD8MYoLxbAVewB+ZxR8VP+UVoxM8RPQ6DYohjNTIAPkqGSIDM8tCKPUZm7sl7CQPT5t1Ea95PscEmuSqUirCrPv1349CstEuiI4upbErgOHjppFA4B7MIuAuWbwwdkrX4DAG2U61ReTrSYv6EegB7grfe9Pjo03mP4RA87aTQdBKm2/s00jdsXMZzhFB0x5n5lMx/csSI1lnC22HPMWfqv/qvqUvujF+iACv0WjulNZcLr6LsSBoUPPwrwd83D0kdSHsl4QpyH2smA+wPKVuRhp5ZY/8TRCEbNQotzReZPrvjjGxWNJ0bFFg4N6S8IeF/N6cNe2eDhWpiUwnzLQ3DXygJK5gkNoRnFIfM/NjYGKe8B2P0f7FohTUJ3XBt6jbSmKYDSn70ERadur4ZwgeJqwZ/TL0swaYVZt/NsXy2T7zI8TXo5phRw+rEEyAUMNkL3eTVPmLzVleoN7de1aJxf8bQMkBiX5Y5EIiDoDWJyVwgW6fMk3rLsSBlGeneVMrToTan1UrfLIn9rvjzhK+lEhOVqsNLAr7jkKtShhwrWQolAbxzlcEGUdM9eM9Nr92ndLKcrVhBsNKkaa72R7kl3wqlLAThZ31zW2/AiYbrATc6rq135CApkUmvvQN17xfJnR+1HAPOooAt0is0LMCRUE2z51clonAmfG8U7mwmEVVYlFxp4wSARy6PIOMqP9UFvj/tmtZSn3DcXd3kFbRWf81vq3tuCsoREYnypNkaVb7rzNGgr6GFTApv4U/d+ibXeUtvFBukwI3WyuSK4nwBe4tM2BQp/7V90Esjd1MtJuAPYqISk23oUhXrAemxRU/HNRQgbIRdPnXzPTmXvFzlfTrgrl292YZisstrcnbIXXQLExJ0ikh9zQTbW9K+aq4fhqFS7k6l0yMC8ywbZwjONYdoNmWfWUWsCURu1Yrn3jouysM7C8ZKloXvBkaikLx0J1i7vQg72jmunoJ6tV4wqnlQnOa7nMIhGs9lUlypQmJhSDCtBDCqgv1p+R079jXqNEOSHlvcBm8Gqy27iEYuLRlRsxvk1RKTtrv7B4xIzmSIJAcGsteqwKICL9LNZl0D+Zm1fOc501XndBY/hp6QaHKvUVsA8zgi/k5Tpu44iE4m+u95isRo3GXCBCiT3Z9iarbWlMoiVT3ipHS4h0lYb+ElzJ4QhIEIMaT+SIEA03y4zxbWnkhoX2jp5e/BfH9N6vNxj0RtucLp66YMrGYj1bBD1Wn6eeVLkE8FSVpaLyV2MRsHMbmSAqWD8tHGs2OXPHyel8rbHOurLKxaAeXq2qsRbUpt64F/D4mYcX/Dr7zmIdguMgSISMgZxdlMsEj3PW8vOV6dw7tyKh1dvi+VNRaPZAgiqQ7wMLdIvUr89IPZHwe2Z93GeZiUOKWA/ZDkWaLMwcxifpV/hNyGIjlPB6RpTixi6N0GqZCCzQmTm5w0p1XVGxy5oRVMYeyDvKG5OprHkoM9qus8tX1DKc0BluxV9bM25P7+MzWmu2IrdX1DRDETIGAjtBWWphvGFNHrQ2td2SmoIIacy+bMPu136D1j0WEaejadVoquDWzS9qEcIHM27+s/oPNDFb9jBF9x4CMgWPO6vEJ6MIz7+Kdp3yPoNhgxLAg6cFUVNbFLmN2/MLzLuiMUlfGYG2yCkj/oFqAAFbW2lcFPhD5lqkdxf9QlrQGs9/qaIvoJYCQdaxJlrWIAAJbVMgnLXNlHBkcVwbS94ZW8E/JtpIiXPmmM6CgK3bvYzWgwHPA5s+w8pCWUVPwcyvv5XE3QLygz6+5jXAJ0c1MuLAQ5mOwFIq4mprLy2UIlwT6H3IYCVwlllpFbetI1j6JUBwA47BdUYTtdvTkxMG3Lyoz7+Pu2EgvlyW3+iViMyatZqm7ULvbv9zpZwEaws0rvKXsbzIA2tCTV3ZUHsuhLaEMUl2EWwxTbIQIw9bBwX0sNGvl8P7VFuspj1qemGAVaUJ34ixDIGqxgAfTTfF7CqcRt9hqj4LbOE8OVTqbmfOicEhNgv80MJbuemPWOQwFFkFQ8WjCgig+LKn7DW80pJX2y+EYf+kB2hwmF5iDIT9N0dom/4WWgibVaHKRdjOVsuarAPREOw+Oeq0TmQDMJhOpP2xZaUVGk7JLJH2BsJbcR3hlgh5y3XJ2pmucevfFzYBKFYHGkoY0nLBuc5vi3s0QJiStRAachIQRKAD/1t+15+P8sIPcRh/yiN4GCaVRhhzaJswsjynnuN2MfvbE7ZoKJ2wcoRaMgedtbA0qvsfEkhgevI+LQ6J33ZdwyEUxz4TF1Sw58IhcLYwBAaTJgWNKPLhZwgk2xU8GztSx45awdDhJg3FJTOwHD6Uw2KTQhy7jqzjfbIjXAdyz236/9rtkWRJsHKXtvAHJZ/LkhvPx1oZRWf7EOaX38pv23uyxtIgi8aIA+SHFiMZxeHwQOs2NWSVoT8bYInCGk+iJ+040fignUiJmGvS0uAKuXXeqA5gvnEHye+gDJuCRatypxcI0VCMi9meRdbaX+sk9nKIm5pPQQ6i/rWmEpe8yW66jRZCh7xtEfGn3BApISbqwOctNhP9+NvWUPVFfPQXXYBUqDPxqbDKx9SvYz6vEmojWT7Qlbkef1ffalwwDkdbHWMP9rWD/sijW4W+ZISRy0vL46q+UIRPI1vPc3wWjZ/KyrjcnD5eLyH9VVTOibzDGp9FHnYAyOqP9bIwTNdbcw1mQXXqFFQz1fuTaDcUFMpPMDPr2lJ/mCN1mKRTm5Ff2/3LS2Q8ACXhSQ4ESTIzlJAwikvsJrlr092dcTaCfrQh13bA+L7U8KCmGbJrm2MA4yc/aPfeBG6BMpmPdRM8wfZjAGQz+QKdSxV+clg1ulTThpUCapE7kxqmjb5rS/xo7K4Fvk8grJ7SwJNNPE7Hhya3xE+kbrNZ11sinriWz5zRtC3/t8hF2EjfFZnQPz0+MgVayPOb/+pPyy66zdrwKdpjEUjG/Z0bcDImPqVBD94lxKjTre1htt38fcwNwNlq+fDExU3IUq36avXInedbQ1Kyp92XEai5AHK5C77GXzIHUUThq0olDnRzgcoMMD8eM9SV659Jsj2pT8tMkT8gyJzr86uagyVCHlW6jgy0zm6KbIsE/i4q+fxUzsvdyQlLZ34sNyZv4MYtNqM8T9W9Jz1bLpij5g6kIPqQUxlvPmdw9PadoyWy5O6dPTTyMKjRmef9H3H52MI2xozgwGXv6/zxl4ITzRtkcgEtjP1FoLzi48X1FZCpb9YfMauCBjJ0fgYvGEUFljjdIz/TmwsDxqPuwSiQY8BZHLD1pAzBQ2nvVVhzyUGTdp+2E5nz3jNPvwjaxAowTUQq28YdLN6EeeK5j3JtysKaqqCvZren0z9fNQ+GwmtvcrtkRB+iNc6BHuozCXt6NLwEyaqYX/OiTvYj/AsnfO7H2hs1w7/Z0SpSnzx1R1iDXtu8L0qgyesG21Z46VlTQzNyKs+kIRoC033PiO1nEV0RqjO/niQa4Ku7ZtFVLARnRbhPmTAa3nCWak4SoiUhHs98++W1h90uEVY0ISMIXq6fEExuHvsI4H5kJsT5J71uzzx1OEa0fD72g1jcZFlE6eQTbdBpr+wKWOqAqAull+lSRivXeFPhTS9u9IG+TOi5mid+iyBtIj+SiY3+8VpXlSuie7SCxdLZi3PsqLYyKVWw/6LMWVg6cThFEehvhasrpVX4LV5sQTX/AnfJpTlANWtyUDGGXS6ieTswzinQeBFryJUtrf/S2p/jxBrxnHFHQVNZgWB0APy4LoOFBsdcltJlJKdruG+zQPJLXfCGtVNQCFFKC1V+We0MrctURHCryxg4gR/jJ6ql5XTy3D6LpvIb6ZAsN52z2KGYEaGXb2QGJbvhozQPQib4PFxqDmtRgz5ryPPATJMZ+EwpkRVu5mRlaXI9twJl6FvH/zzZZpNyEu9x9X0fevSM1HdxekceDaYyqqmD/3aKXvWeLzTqg42Lq87ZfD5LtrXjNWHuD1HkBbBGTpBm/vaiOIqQlB54GCQ/z42c5M27BamkuL8IVUTqOt/IiexI+8v2IKmlUGngpB9gXoJ2UqB7+dKZJ4diyoV1MaTkVgnCEVUwak+fVMWlv2wcPFKv9lAUyN/WJw57FCpJqu7DCoqnWeO3yQLXtTpTpm5J4wsxSf/yx9/6O+aSFSa3yRUkSub6BUCrGKE9WfL+xfdlz/FSMZYpqmP+gzYRx0V9eEFFs6FnPlMKIahgCCdBB276S8Yss/CdmOS3VloV9nSMPj1odpV+jYEp28HveoSXtQHxi45rGz1yVkws8IRK7O9aLEPF4rihUOzePBXxCXzIurArkUeXsONyKqipwdXTsFwBlg+EJ/FfPOWRMBGgWk0EUhtEWkiA9TR6gu1uqHUWiR1KLGCJNdZ1NjevYbqseqDZVU0rGdGo0DiJc8kzQ2Pb7pPh3xRdpQyZxLhvm4yTFiryxiLZT6U+R5VpOLNJhUoIRVAmIsm2CpkSNe7X0xWdK4wjcirihz0Ig+HkYtH4ETERjSl6R8cnwvE3JL0PTnIDgBMLQjsFH8QKsasLxbEcdSR3eQDZpgeMEqNCsYof43zUQ4OsQ19ERjjh6lQWgHDUlqD0JDqAa1f56KqEWZcky+biPwcKn9StRmW58n26mnPxvG2EoLL3tjam46HJUBtuVtem2GfOWgNJr6QBpBx/fYFlstNNV0jhZ4UPIbHDd/KoWgzO8IEFEEwqJ8ssKfICwSpLKrFxkixVImZhzh3wltohQ502tEKsYaX8AhHqOBGbX3SL4MvxVwpBQLtaHM7wHSMM3uZSG6Bx813t/OjwHaKj1OT+TeNLC/+LfD77BkfFflr1Jqqtx2iKvtMr0YvaS0/7UUeaXJWiE9Mno9F/lDJt7jKfHMZ1Rhq7HxBRn/IAWwPThnjrELtZE8KPIJUbJTcjUQCfrVnt8z2Wgx6DEPX5+oIylC1BTQ+84qYV83XncT8/fL7vJi9/1yYUVWlNypL+LzCTkWb7UDcPkwrHJs5ktvLBU/hmrL5nxEa/hUA9EyFwRDGUK/Kx4jX82KITd94jgXXwBJDmlXu1reje59g05aOu+fHnp95pS8YSTLKv8EQOiChudz+ipSZN/YD8sLalnLIYUikyVFqrh+yqpcyJjMfsYvTAJ3/R4g2gBJ0vm7nrO5nxzLZg6no7Ps2GqfnU+m6DW+ku9uqOnGUAuA6zdY5I2jCRTToso9WNcx+kRwF0Jdy+jAgF7j1KSEEiJR989K8OfAjDKOxQ5niTlur9P3GsTfV4Ppc99rukIuVXlcMtTvGrRSxK/03g5iBORLXVTtq3SkzJSNNAZPCt78pArn7RjeMZKygXqaUPh49Qzi3iC/2zjxyCxjYHzGzX+WzLUxTsjJxXe8VQ1LliLPowQo32JWlMAuUrfVSZjxboY9poiSR6Vszr/vLpYmudnIsr4vyP/0o2LiL32UKsKhTdhvw2M+yCXmYlieagpXdXviAZMmkhXkcxOIAk0zyfMkfmetrhzUaouclf/XVf5JMbaYWyNkHN3ptLK3BXDod+GquzKTLShUDRyr8nV6r1/W61nxMl/c445byE/YWAgm38dk0HcYhpUNGyfQjEunR/SFo" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/ukd-sdc-uat-secrets.yaml b/deploy-as-code/helm/environments/ukd-sdc-uat-secrets.yaml deleted file mode 100644 index 6c55371388..0000000000 --- a/deploy-as-code/helm/environments/ukd-sdc-uat-secrets.yaml +++ /dev/null @@ -1,108 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:J02rLo2HIh3f,iv:QEr4z9tmRUVMUi+vSV9ZX60sgiHPaQnJUB1r77WGpdA=,tag:gchnj4JY0XgL18/umOtgGQ==,type:str] - password: ENC[AES256_GCM,data:rV3fNx/xB3XFhVUNjOh1vw==,iv:9R/Gh0TIimDyocdkUhLNtNOY7hDQqdQ3EbvBFZtAk2M=,tag:pM8D1WoXoSrMMSwaQgMqKg==,type:str] - flywayUsername: ENC[AES256_GCM,data:Y+DH8tQ7bLb3,iv:W8/fHBq6l6e7wgnO0BA2grst129lp5pzZ+QiDeCFUWw=,tag:EbhEa7m5e4vzJSRDTh40aQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:Zit7gs+8royDO7bPQHdXew==,iv:BFQWFT4i5XV9UsGrAFRtLtpBLuT4S4h+g4prDFxeWJk=,tag:R2RWACoFn4wCrGuHJgRMqg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:+QKplT6YAxM=,iv:4Fr4ZncPb6wcS8qDMEeZxAjuPvweyAN2SC1Qk30+lQQ=,tag:nmK2W9Ws8HQc4OCNNOBvcQ==,type:str] - password: ENC[AES256_GCM,data:mQXuCRrO,iv:D53xGLCahfpi7PtTemtg3oPnLrZ+yY5paBtWlvIeXaI=,tag:gBmqaLKlFSmXQzsfEPjjgg==,type:str] - secure-key: ENC[AES256_GCM,data:MNmGYFjgnYwVYcpHYClCk6XhEeMwCPvryUBXZNKuNzECJMI8,iv:muuwFv3232wrvxpkVs2yhV118l4cp5TFlYnJj8gBwIU=,tag:ytjxew83xuIl/uXlEmkB6A==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:7dauGwfUJpv8Pr/HXXLybggbotI=,iv:AHr+PLYLrsumZlbCfecuyt9h90sdJyoMh/+5FFHFPlw=,tag:36SO1o/XM+EnvigoYUpd5w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:yiZ1fZQcj0hOHG/5OZ1XGmCx8jSKV77coHnVhzMIc1lg/t4hgfDQQA==,iv:2VWgNVyUVdKog9RsEpLEEcMjYMwhcfOqmFZV8Brakyc=,tag:PiWD12Y4Q4c9g/tiA/BaPg==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1GhO972IAK9+Pj1pRJT2Mmc87NXODvhDFfoP7qHhfEqzMY2x+GK5,iv:jJt9wy3TkF/zHO2V5IK5YpaZH4zUw+jA9sem7drOSUs=,tag:fi6znYCayQTglqsNKMoeCg==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:y4Jv0kakOWQKoM0VZuYMgg==,iv:/wecRQ7hXSq+KUyOoA2ppTSYoDpw7AKfYUPV/wUe1OU=,tag:0KGY4hoSCM7/f/Iu/WDqEg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lqau27vIkVulsYVHJmQZ7yoPX+Wrw5BhKK9fYhlB/os=,iv:4EwhHUpgLdvUZTb/SS4Rdx1Fj46oJDbo1aoUkQrpHAQ=,tag:8ZUyEizWWJW+OFXvxxX1zw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:g3nyz5pGW7obyCFOgTKf,iv:dq4/QarQkxd7KHJjiYR9WvQ5IrpW/rh6A88Y+i6qRiM=,tag:mg0UkF8ugzAi324cAnu/bA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Rp3XX2AVhfrikv4=,iv:RnE7vtdrtAc8cyoyWJlx6Pj2b9C4PdCh+HNPcvqm8tk=,tag:VJaqiwSy+FHtObirI/ZM8A==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:c2Huf5wBUwg=,iv:RbtFNNwi83JCGJeFkegM1CAGsaZhN/C57QFzndgWQ/s=,tag:LrHsqMwQiPmrCJ7zFJq4pA==,type:str] - ccavenue-merchant-id: ENC[AES256_GCM,data:WbnS+Gl2,iv:KKWuKAYnmzbDX1dw064+x202Czn21GZHawUNZH/79rI=,tag:tS80wEAYjulPEm6+sKrl/A==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:Hf88ViNuzG82rQ5Dsjlbk5SbA9BUL2p9tIbP3IcFz1g=,iv:TmnGypjwwMnfCftBwcwCEFc34f+IqDKhS6FaU4ZE0ho=,tag:DjmgAtjFpQE9WhDTmWP15g==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:AF9xWR/9gjMd/bFZcBkpnhWsDWNfYVOaGYWE48sYopU=,iv:Hq8RTA4zPCylRJKQJRYCyR03nkZUwwI7uVH73pAVkIo=,tag:jp6DVc5n539dNXdNCy10jA==,type:str] - easypay-merchant-id: ENC[AES256_GCM,data:1kT0Ech7,iv:kTGnRJA71RL4aWBPdNZmW2hBQ4bjWviDd7+0mjczX78=,tag:Wg4vfTpC+vt8a35PQDJokg==,type:str] - easypay-aes-key: ENC[AES256_GCM,data:0CxNj/v+50VPuBjl2wh7pQ==,iv:k9MNp7ARVC+UMIZpSDRxXuR3MSs13jh76NmGEsw971k=,tag:1rqZWjqLqP0sNw0EOopJpw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:4ZiXptjMmbKmTyCJVXksXXLvk0mrw8Nxe34=,iv:XTVzqsz/WrIKULf9lsv5Gmk4Sj1PbLYVHtyvdW1ADTY=,tag:PDGLg+GV9wG99H7W82iyww==,type:str] - admin-password: ENC[AES256_GCM,data:6evVtt2EK0h7PXhZOBY=,iv:gelIW4JdAq0fMUfTt0FuG+t0qbJZo/8Y7pPFrlR2sBo=,tag:2obj68Gjyf2GUHPxi0/zLQ==,type:str] - read-email: ENC[AES256_GCM,data:lcYd+ZIIKIWt+g+kceFarRVGmPBBK19rpMZZjEs=,iv:n+K2klJY74GDACnxg33rqnEmOQSS6aCOgi5mkTqZCJo=,tag:zngfrESzbfDE9MzU+2Bc/Q==,type:str] - read-password: ENC[AES256_GCM,data:U1d24z+eGuc7AkoKlBTgeAQ=,iv:UpQBt+2XWpIJ0Db4Er8X9HBf7uWfbVs76uRVquBmiEQ=,tag:akC8GS6mMCw1Bpw/PFzDsg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:HzM4gcc1bNvCWda1Qj5CuA==,iv:0jHHrVwFB7hSytr5PC+vXYYChx4jEMCHEErS1M26HdI=,tag:kumqoJhP03FS9lhpsrH+Ag==,type:str] - master-salt: ENC[AES256_GCM,data:QwTELZmgmoM=,iv:+gRAAI2LrH8xqYBfJF8uudI5P7ONgu9a7RvYkjfY/pI=,tag:UjjU0z4SqptXLe57niAzUQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:MDOU/mKLyQq1TwOg,iv:kUvYULRkaYz0nJpcfq8EegELxQRJpKbNduQ+WSGWwzA=,tag:2pP0PdLd97B/WP2rVpHNdw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:oY6lHPzqgQJPid4TVZbkzQQa8/QuEf4mixrvQCs/rw==,iv:rdHKq0qc0WOr2NBklgIO+a7VHifwU21JylehyEypcsg=,tag:J2Ih/+Dg0FjE+Ihn8MmR1Q==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:t4ByRWw6kDH9,iv:kM8pDbGtKb1VCMOzY5Ecm56WfsnjedE0gUjKiNltGSo=,tag:O5FFCI+YdBmu5zV4MQvS8Q==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:UU461EcZto4gQ0GHVz9rIHxrSag+U9xx9zy2ZfuKsR6KMmnKZBkP8qIy3n48BLAMh9S5mvMvEsLP+gEkQ17XyxXMuLgbANFpMZGUyB/kY7j8JYPDFGYsjrq1Qw2RKyo8xX59NoBTo+sMNs5g30GPylJlF/r3QO7ZY40ZUmxmt7s+vk5n0AtOUhBfiWG3q7LInIWCnD9QTt6kmEccoyLjvjU2P5tFfCo98PwiMCom3pBd6Djv2LG1ntiCZgScxasWMwSJaihqw39KnbzNrt7675n7whX9Ljwi+aZ447n/FwfCj8v1vIWbjMxerhlbfvmGOl6h8Ie6JtVOSKmVOm5hhA6rytRbkK5oH3YvER3K0wwAz1N8ZJcwL62Tbjm8oa1ZYKsTiZtyH2Kk9Cmkt2RTZ/RiitjYwwCCxvb+437eKbg82FDwIApAZh4FnqtbRv7/GZP8HkOAI7COANnEML8pBEeHUwj2CPxNRmdVaPaBDj7ILYp8DKCc7vQm6ZzdjvJ/TQ1fysh/knp48IDEbxR6iGA7s8Q4iAXN2fwfw1tV/BHEvABff7LvNf1+IXeHqA/+vOW9zUZW4td/0o5JOkRiLPxzBtt2b6N5+Eu3M6gTUkanNFLBsmAn8aiIcGso9o7pQPVE72p8j9BwbKVOE3zFR8/7N1NCnJnSkdlrL8XdrC8W1NuVteGpWQvmWRN+EXGr8eM83coa7RIVjjG9PlMQH4l22j8Rdd0z+c3tYi6sWrgEsS7NO/YoFL7sETb1wxIQ0L/dhVCyo4W+1imOlcFvF8i/Q+cdoFrpXVJx68i6cfnhKeyg+44S6VbDod3HkVPXumq5vpExQPpa/jm7z6s29caASC1Pc9P0DtY7lFnwjx7uLpoIkZJuMTWnIpSXckcmgDJgCzgSe+r1THYlvw1vdLMoR4hQZO2mbxGiqugWoGMTBgaoaTRVWrmHbRT7lnj3q5s1C2Mq0QUjpy/HG7SMtC7+eQNp1KRpf7UDd66tP0KWFomSd+SwUKt2NhjbHLgbl6E80TFfKpWeDUMNbPefI875VN2ymn/+1V4bQv3UkhEztMunGIXj9pK0l4Q452NOryjlzWfeMBzTx2s+9kyB4BL4juvkLip56J9qTMRKl8dC/GK+IQtHrBxRbvN3pb2zHbhxPCi7PFDVYZ1rPK0MZeWwZc6r+j6enboiLd2gWYpNkIBZKbuRM82mPR93CWGcVs3A2MTtqmlaXQNf18ip5kepPGe4jqL9rGEdvKA8xhFM2/wNutFVNTEVEANP+7VLVB86jAilu6/WR8FT0Also9ukxJkY84amGTK59yXF+udCpAL4h6VBHRm1zuqqDtXMNBPJnVg3pmWCvvQVERzwdkdEFfqx6ZqCdLUYC/RuF893jDx0t70WnSuVaSfirSXDbwMX0lCEMS854adBIDTnrysBPw7K6/hfMSbiG7d8NzTgnEQUMQtln8TO9HUksImxRjvKUQ0NBGaVPy5Dc52ptokYW4gz94lsdNPDCHXZZVM4Z6m0XsVsw5L5ZoUrwHPhoU110lVQartGBZitMnNQIdplQUBrvz5fmCSsRVOw2WdvAT1BV1HbFLfXOw9PDPFl5o47R/3Jy7670xuDhDfUMGxyg6Ji3gzM8v0aRlyRC+tgqkxaRT/1HMEc16JSWFwRkYQAjkQu4e7jVDlgULTe2+ecGtWyrKJ7ldzda04XAX68q5nKaOo6KSJgrAeNpsx/OjTVZ9hbY6HkG1dDScbPBiAuR/hdxdIKjg+jUCDmmstMTY8DylMtjok7jSlM0bo3lgbR5eFDWn8UUT0G3VUL7FT+dic2KT60L2g2Xayw9IfeZHhKOVmkxi9WkCNGAEr8wLLrgralLcCu/m85Bqd082PtIuLkNRDRhxsruoLjWyTi1U3JBRMEMZNey/hd6/0lboq+7RIqO1wybrmzGRhbqmj90rC2CMfB0TgiLwQj38XBJy8E05hxPbmaIH067KlYf3Gp237ihWXhDbD6Rg0B7Mqp4h4Bb7Z0DOFAVIAord2N/TGKfmOySUVTM6ICL6JQqYimPMb6MtPg73lffp3z8uc6O6cwkOI+aLonUOpxpQ9Olz2/kDaA4mEI7E6jv4wkCpxe7zPDj7E7S08AsYUIyCaLXaf7f+iT7q+CJhOrMKBSiRkxgbH2BMpuyUdAQ9eO3Il++qyXTjCBY8Rdw1Kduyt+s//ihkizu7qiMTWe7YnQVt9JxDsl8tM9oqsyEG/R+/r7WO4PLOphcaFOih0wd2jA1MvYwyoElmfgGDQmFv5E7Zvo48AuyWrXODRRtgAAwz3+DlKHHVvh+JYPeqM8TuJsRYE6cV65SlBduKT8M/uV3vgYZee7yXN9Fa6b0W2Dlt7+k67Ci4PwkwjbgLdqs/GpM0N5d29loNA1bOLep28zYZpCdgLmFdaPfaF3wX7oI1Z8hlDhMRbi3ZaqnLNf+APHBw+ScluQMSWnrDdIQi4EsbzbdO+vG7bbBmFmaa3UvdLceBPzljICxlyj6/CHZ20laY9gOE75JtqqMh4PiMq63X+A68ZtRorzi5nhnr/1wC2J5EacuEWIhFGtU4bQP6YcjchM8IRbnkOI65qYPx5z/iDzk1Q3JilVnlQg9c9PVHlFlJ1wB2szptRreU59HYZhDTpuDbGesZSxAJQzOpwBRfjqlbdG99o8p0g37u5g6GJmeUDXkDXChnQzVV1U6Z6or4Hla8Ga05Ly8gff9vGujOHHbYKUv1nlpAtoF+AbXuiub8fARZCVn3ume7kuyDKkOtArlCbWvOpoX6v+GomvJtZbfRwXMEK1HthDPh+IO9g6josjE0WFTvAzJGyPetYGqFO8Rhy+H+jn1GdnMOchf5XG8VQUeNgrDfHjG+hOzfbflRCrLmbp2h3Zh0uXVQfeQmzAf60dLmBw0H4LSGl9taO/cjBuQMn4wjyYbqwoxj1NTkH71UmQ5Yxj7xt7mslX1D4JxoFZ3jFgxTADzWqtH2nAKHZn3nzTdzgYBm5IpO7MI3xELrxzMuA2bD7YgX+5nY9W+BDHpqOm1XBCICEWtCtcOselpKI5h+/zGiYWv+ky47rgxK1comPx6peuDaYvwiZHmq5oqtUCpBqHOOmd5suCj620bUrk1z0HwYrfv+7ys2FYb1r6aYBVPOvLx3b3XXEdVCovsGFCDIknDNAOvT5OYefIvyn2EjFHJGBIJVQkRubktAy0Cn3Wu9IenmGEmnAp4bebNiZLETmiDmDNT575J2/v8cqQfm3WL1xlAaaN5n+ube6XJN9B3OFmzy3UsW5DBlfwo6UAxXjCJv6QCKnPrutZtJNank7DyeyIijVB/JCwO24Ei4d/jx4HFmQI4hlQwK1CGXOz68RemCbTkfbRRBmtSp28ZcbBZ+AsJkHbTBTGEh3CQe/wCczDfDW/m+n5uD0NCmXwohISw9ZuIouObtaNK9T+hkECNUda7AmegmhIbya8DIZu12b4Cq/XP6Z+ByvmACfmWajU2HjdrKaPoVKrlvhZ4DmnYMyjI9hjK8xCQWGHfz/5rDcftwKHcIBrPlvdANxJfb+z6yBivry5dqeEDIupjYekoYzncPttR0TtrCOwGKlSZpnpwhjuAVaWo7jR1sljMxiLauEQR1shw5p9UKkc38RTSZa59F2LvgdHvS/Woeylj2cF0g4RyTX28vPHWM1dNKbXWKfyj3c8q+vALgWUsTDseiS5kXBY15qjItjSbXhjExryNWcbMzpEkghc/Zc76eCWtdWVRuPjqsAVruFJUZTCwq4e8wpKryjhSjnk0i7TblImXCWDwSEze0D42dIUT+RDX+iiYjpZPHiMUSgGIwZtNrPeaaUuRJJIEFZ6mbuNimIRusuLQz0AFmsRTtvmi66az5A8AeRpx85+2g8bFF40TyKGrCvGsqBob4DdHYX3Oso7J6N3E6z1HRsFfOLbqQ/pQZ1ZSQNSXb3mr7kVS3vk2Kg4+kzU+MnNSacw4N9GSsjokCKPDIUZJ3vh+ekVmavLbfdwx7wI5tFMD9Ua3BId51E1n9wv7JzrKA8PC/9LyJ89XwBgBZERe5dGY6E01bcLQPY2wlvDcM0WUST+sIimRNL2qJL2Xee3tKTP0L7tfXCV20m3087WruEYcOLADOMazSF4pWvWfr3vrRadhEZsDPLoTwI8bEM+C55Cl/RYsO3wae6nC1EOQ7jEXPGEPzTmT692TU27s20OvHpZKvjjOmyiWp6CQRQlIO4Ii6ckAXbcBoBnxDB3cB5NuJ6nIu7xDrWojfzsKR0qBRai1gw7nw6H4MAlTGacut6tgGy1sJpSMsGZ0a7fBOTjQikc,iv:vh2km9zlqQhgXSWvHT6mD+F9EP2usv0m1M7E9zA9rUo=,tag:Zq2EYa5dZ2b2cIc6VaWwcA==,type:str] - known-hosts: ENC[AES256_GCM,data:kFZMV+njPwreG4SD3Ey7UeQpsGgqSibkeTCOnqW0tGnI5oAR3jCnd8/HNsa/EjeVX9a2cjT92j2vIcwTQacP97qTVtJ1z6Id4fksAj2TPOb3snklqsdM1AKJzHp6TIM3FlyhhJ+GCvHw30YehzZ2QtrOvS1MAyDEVDIJV/DhiWjzgWWNCMWA/MoPL0XErXkvv3B6cyNqQytobIjOvVmYWDkx6cUs7dsGzv/YP52a/G3PD3n9eqVoGMXX1jBkkqWiEHUBJCfdXv/LI0wp/Yn9ldNvcySYv72LGYbRx43/Nq8z6H06gy7DfbwgMA9MsAdMi9AA8xbLF24a4PEeG2i/hmeAy6JpEt5eAyqSgqLJs6TACqYtD0urKasRvgSgoF43EgjhA1M3LVxrmx5Ah6QbAwk7NbZcEpAMde3Mwu7EbIQwYxd6XYT0nzOjoYrT8Dj24tXyXA7KolOotSX78H6xbY6dWVHER4tVb4kwkWK+sVvGvxkT9AAPl6fMJJy84fCu78aHcKJs2A==,iv:fF/aOdCH4HWi8ft/VlzydyYz9gissxjalrP3dwQBJuY=,tag:YJ7U0BtSFCFXC0yQT6mfvQ==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:UCvYr0ySnjB9pw==,iv:9sXfRvhGe5Lyfadjj9/qaqFPTSUKnIPSzQ7ERTMq9b0=,tag:Mqy0mLk95fDomlmOn9LHTA==,type:str] - credentials: ENC[AES256_GCM,data:IRrx6rAOjvER//kT6pCxt0ERDYiUZCmvCmM51aKExxX8frWLr0R5utTiIw==,iv:4MLtIMsmIs+sZpxk/mn4sCGf6smCLtN4Zjq0oIu8uDQ=,tag:GilDZYmg6aftSTw6m9Qxdg==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:x4c=,iv:6gOUBVFVyzZECkdtRYfffjYSHKnEMikSnydmq82uj8k=,tag:2PeRHGFR6aiE/2bqxuymqA==,type:str] - route: - receiver: ENC[AES256_GCM,data:ggCWylQrEgNUw804f/oFZ1fYKA==,iv:68YmGxXILjz24W5nx/08gC1GPwcy1bRQFDRoDPTI5yU=,tag:wz7hC4/ZJ56z+/SaRn04Yw==,type:str] - group_by: - - ENC[AES256_GCM,data:nZyucCX+L3J3,iv:HHds8DRiLvtOCnz8MaO/TssSXlYMir7gcLxdDRic3CU=,tag:Lm46Ikpd5NAqEcdeQyN5ww==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:5ouwMu1OfIISwdv+gmKARlgx0g==,iv:vDq5ji9mbSLcoK0qyd9jothbWIGzFhdFkKbsLUBhGVU=,tag:WKfvzwEQ74780Jm1+aUBsw==,type:str] - match: - alertname: ENC[AES256_GCM,data:gPO8NOzZjUo=,iv:d0Vb65cOikatFqefcrBYg2zlaoDcMh6rBKjGA/lCW1Q=,tag:a7CDeDbb/xpYVJPHqYcUzQ==,type:str] - group_wait: ENC[AES256_GCM,data:acfi,iv:Pj3y1Li24HWf1azcHpEVnngVejd0DkKKExG4ODKhAcE=,tag:YcrD9nMD92x1SxW37pe1qw==,type:str] - group_interval: ENC[AES256_GCM,data:qQA=,iv:xbndDp0trCgtI2lZiobG5OpiBYp5m9EfiEfZC6s6I4I=,tag:QccZHxWgtInX965zJjUsYQ==,type:str] - repeat_interval: ENC[AES256_GCM,data:ZuE=,iv:NqB6BMGk94xGUOGWDilWLt1P00k9BfBJZivLUaRntbE=,tag:cVRgjryL2e+UpzJgnwWPmg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dUW5RdKY7sy5oefAww+5wNaNNA==,iv:nZX3OdYjokXFDn6nefQJwvLquaTv8KO1fZwHRh3DSCc=,tag:hRx19X9Yjdz1Mt2GpKs64w==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:zAp8Eg==,iv:ItVB1Wg6x3MUrgmFq6qn96Xf6C9LmjxHkxIoJ783c90=,tag:mdsrw+FsH6sYw//MdIftFw==,type:bool] - api_url: ENC[AES256_GCM,data:wleI467fUwquKrzxDipdT2tfGFibssMCVupaE3AjaIfXN2UntALkfZRiv65zWWGHY9e8MLCcDHNwAqHK7d+ofeOgaSz1E+D3dZTXajIjNQ==,iv:Dx56uKCl126DsX9wXZratO8IVE9nSJ8stSlrt8tUghQ=,tag:kQPJrtL2wb7vPRP4xgjFpw==,type:str] - channel: ENC[AES256_GCM,data:1W0BSO5L3EPQHGFYqUETmuP2/8M=,iv:f0K8hjUC6Ru0pwTxb6OS356m4J3UYa966mGu8nDaWEA=,tag:4dxD6V9TS8Ovb5BSPu/x5A==,type:str] - username: ENC[AES256_GCM,data:gq3IRDJCL4CFXRPP,iv:LukSrrHPYzBV74N9NlVrd6YBQimsKnwCmeU4alCTkGE=,tag:S0j7PnXuuViGjB8YlQ7bUw==,type:str] - title: ENC[AES256_GCM,data:XvVAiTnQc/2SYHOJ7THHAqDmtINiDSmfBw2+pXltB3SrUMrzYEk=,iv:X4l3fFUos00ID2gsHvcAKsUGvZA1wwV8LKG27NsG0ow=,tag:5moY8GNp+eGRkw/diUiwqw==,type:str] - text: ENC[AES256_GCM,data:WGU+l2jhIemjPF5gLM11CGlNUVjXEQotWBHrhH9esbjp0VZq7g==,iv:h1FU+7J72ag0WdwWA4j7jEakHcKffxYmprfPQzA4k7M=,tag:kLsTIwHgUcIFdLFlfsy/3w==,type:str] - templates: - - ENC[AES256_GCM,data:fBRjh+g8UBrFKls6lEnIed8AhHT1RzXlNKXtHAuDw+ye5tnSa6LX97YqUU4On8CeasIHJZPAkvFMRaNbpLvNNulyvfEw7Fo=,iv:RK5PuSHJPPjXS0BsObRVav1dkWXQ1Nhs663jHUTzjaA=,tag:+3X9FNzCxFfRBBNhXfbQnw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:F6/RXsK0NHDfGA4GULZAOZf+L0U=,iv:fnkRpNYdmcnOyHnQK9lfTBQXg9auNnfOzve6fUQoL+8=,tag:6xyHhtahb01eFiwD64/03g==,type:str] - clientSecret: ENC[AES256_GCM,data:5C8zLTqiW26QRsGGZjlQFhTYTpR/8eMidBO9QRkfRextkMmfooM3+w==,iv:sROMhvZ6hXV0NQ2DxEaeMYiyFedERQd/5MPnL+/55LY=,tag:irRYi6nQEaENT0iUteSLJw==,type:str] - cookieSecret: ENC[AES256_GCM,data:RiNPt+DCNAIB1Ck3PQyqmJGj7Pn0onUXaS4tsmV+TAYufIkLYHdcmUYTO00=,iv:HnyoUB+1qPtyH25c+6VIJdwU6npZT4uK+2sSgFCmJo0=,tag:Za9vU5RZkRdBkEDUE8qZlw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:33:51Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHnQjqeyjLQAfyLfmqYP604AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMfE+KtvsIEnUFIiAQAgEQgDvfofPDYRk1V9WP6mqvkp1h8tOPOnrOz24x1xYVnGDCgUCneYm7L1cejhqqqPvGvUiZ93Fli8E80OrO2w== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-11-23T15:41:48Z' - mac: ENC[AES256_GCM,data:mu/jRRFJJjsxZvVxeWzfXFwxjXUVQyKd2lXrbcfrb8qi+Jb1cTVAf1dUu7cNVAE/sxahCIpL7p1SEyeWo2ot/FF1r6KcSM/ABkgNrCPfqTFJo2eWOIcmDnFUNt8rqhlZwUh1UjRpX4qENMlwhY+ivI10nDYXtfjvysNSWKUNYyM=,iv:4fR4thzi4wCmU7nqpSg/JRxioXD3wa0vFjI3twMHekU=,tag:3xx5DPA+5xBtnxCxWQU60g==,type:str] - pgp: - - created_at: '2020-11-10T08:33:51Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQIMA9mgzp+QW7TEAQ/+LWPvB1v7HyyqTDy8fEsiawsbB6CuEIl05QYdESWxHuWm - er8pBk6omdLAjOWG3IP8Y6j5I4BmeYM30mkAdx9LsUTPcZIaYav7g+i6RI4Jp+mM - 1l7p/f8XRvlqhpaq/Xyb8EGxDgw7JwOUVBb6+AKQx3Mij2kLQwLbNtWNxZl0KNHR - DCKU6QadsHgNqjjnI7bZGCuui1VZabW5hrbxXZqMa/ikUN9TRU9lxhxD6shBqqJL - zguc9gifRGecWVeyhbuyuM4Ji1uB3Fo+9+OdxFvpb02umz1G2XOgJuaQgKtdq/Gh - x86WRxxCJpuH38IbQxIGe+CDz6Uu6372kEG49FjvhZnWi1slzx3LdO4v1+vqFTb1 - /3LC37byDD6pI1Tn2C3/SgkUz7Vc4ecJWmMv6A/fZEdDp3V13lHvh2fPDD2Qyg5O - 46qbqs6b2DD5fGdb+1KcBUkEY/cpMhh95unjuItJENoe7i5W7Y7A2JxYBN4/acsc - YlpINddlFYt2yFKFwl10jAlWDmTgy1KoOVGOUJlJoNfHzLp4Z2/9bSiZqPldR+Kg - QwgGwirBJwINKD/bp8Lecl9mB9jz3S6b2qgI3sRTEMIoyXQ9xmsqDENu7Xe2dLn3 - Uc1v7gANTSjWOtfZH9dD8uVLS/2Iow5kWoIGHU20ij7klOGub+khV3mwwjsnqYvS - XAFIbxmDhjgcIpdEUwuSpdAZWLAyqor4v4i/n3zN4R46QyLEtQaI1f0PeOgr2zwA - eseKPQ7zEMZtXoY+DtsfXJWgduDTqn+BhOYE1qlg5v8KFcdsI48szD9cC1R3 - =joCU - -----END PGP MESSAGE----- - fp: AAD898A8752588AAA792BEA9A4E8C1B8BCC1E58D - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ukd-sdc-uat.yaml b/deploy-as-code/helm/environments/ukd-sdc-uat.yaml deleted file mode 100644 index 3f15a871b5..0000000000 --- a/deploy-as-code/helm/environments/ukd-sdc-uat.yaml +++ /dev/null @@ -1,887 +0,0 @@ -global: - domain: nagarsewa-uat.uk.gov.in - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, es-cluster-infra ] - root-ingress: - appRoot: common - serviceName: common-screen - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov ] - data: - sms-enabled: false - db-url: "jdbc:postgresql://10.67.54.101:5432/ukd_sdc_uat_prod" - db-host: "10.67.54.101" - db-name: "ukd_sdc_uat_prod" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - server-tomcat-max-threads-medium: "20" - server-tomcat-max-connections-medium: "1500" - server-tomcat-max-threads-high: "350" - server-tomcat-max-connections-high: "2000" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - es-host: "elasticsearch-data-v1.es-cluster" - egov-services-fqdn-name: "https://nagarsewa-uat.uk.gov.in/" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml" - logging-level-jdbc: "null" - domain: "nagarsewa-uat.uk.gov.in" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - timezone: "Asia/Kolkata" - - egov-service-host: - namespace: [ egov ] - data: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - location: "http://location:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200/" - es-client-infra: "http://elasticsearch-data-infra-v1.es-cluster-infra:9200/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - property-services: "http://property-services:8080/" - -egov-filestore: - replicas: 1 - volume: /opt/eGov/filestore - is-nfs-enabled: true - is-s3-enabled: false - file-storage-mount-path: "/opt/eGov/filestore" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf" - persistence: - enabled: true - accessMode: ReadWriteOnce - dataDirSize: 50Gi - storageClassName: - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 - extraVolumeMounts: | - - mountPath: /opt/eGov/filestore - name: sdc-volume - extraVolumes: | - - name: sdc-volume - persistentVolumeClaim: - claimName: filestore-data-egov-filestore - -egov-accesscontrol: - replicas: 3 - java-args: "-Dspring.profiles.active=production" - heap: "-Xmx376m -Xms376m" - -ukd-custom-service: - replicas: 2 - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - enable-sms: "false" - -egov-localization: - replicas: 2 - heap: "-Xmx850m -Xms850m" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - memory_limits: 768Mi - - -egov-location: - replicas: 2 - memory_limits: 512Mi - heap: "-Xmx356m -Xms356m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "1500" - -egov-notification-sms: - replicas: 2 - sms-gateway-to-use: "HOLY_SMS" - sms-enabled: "false" - sms-provider-url: "http://sms.holymarkindia.abc/API/WebSMS/Http/v1.0a/index.php" - sms-sender: "HOLSMS" - sms-config-map: "{'username':'$username', 'password': '$password', 'sender':'$senderid', 'to':'$mobileno', 'message':'$message', 'format':'text'}" - java-args: "-Dspring.profiles.active=production" - - - -egov-url-shortening: - replicas: 2 - server-context: "/eus" - ingress: - context: "eus" - healthChecks: - livenessProbePath: "/eus/health" - readinessProbePath: "/eus/health" - -egov-user: - replicas: 2 - heap: "-Xmx756m -Xms756m -XX:TieredStopAtLevel=1" - memory_limits: 1Gi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 30 - refresh-token-validity: 30 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - -egov-workflow: - replicas: 2 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - -egov-idgen: - replicas: 2 - idformat-from-mdms: "true" - heap: "-Xmx376m -Xms376m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "50" - server-tomcat-max-connections: "2000" - spring-datasource-tomcat-max-active: "30" - - -egov-mdms-service: - replicas: 2 - mdms-path: "/work-dir/ukd-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "SDC" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=production - server-tomcat-max-threads: "500" - server-tomcat-max-connections: "10000" - -egov-indexer: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - replicas: 2 - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-registry.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - java-args: "-Dspring.profiles.active=production" - -egov-data-uploader: - replicas: 2 - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - upload-assessment: "YES" - upload-json-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/property-upload.json,file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/localization-upload.json,file:///work-dir/ukd-rainmaker-customization/configs/egov-uploader/CollectionReceiptWorkflow.json" - template-download-prefix: "file:///work-dir/ukd-rainmaker-customization/configs/upload-templates" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - internal-file-folder-path: "/tmp" - java-args: "-Dspring.profiles.active=production" - -egov-searcher: - replicas: 2 - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - java-args: "-Dspring.profiles.active=production" - -egov-pg-service: - replicas: 2 - axis: "false" - ccavenue: "true" - easypay-sub-merchant-id: 1 - easypay-url: https://eazypayuat.icicibank.com/EazyPG - easypay-url-status: https://eazypayuat.icicibank.com/EazyPGVerify - ccavenue-redirect-access-code: AVBL03HG30AH20LBHA - ccavenue-status-access-code: AVBL03HG30AH20LBHA - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://nagarsewa-uat.uk.gov.in/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://nagarsewa-uat.uk.gov.in/pg-service/transaction/v1/_redirect - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - replicas: 2 - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://10.67.54.101:5432/ukd_sdc_uat_prod" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - replicas: 2 - heap: "-Xmx704m -Xms512m" - config-schema-paths: "file:///work-dir/ukd-rainmaker-customization/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - -dashboard-ingest: - replicas: 2 - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - topic-incoming-collection: "paymentsindex-v1-enriched" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/ukd-rainmaker-customization/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - controller: - replicas: 2 - default-backend-service: egov/nginx - namespace: egov - cert-issuer: letsencrypt-prod - ssl-protocols: TLSv1.2 TLSv1.3 - ssl-ciphers: EECDH+AESGCM:EDH+AESGCM - ssl-ecdh-curve: secp384r1 - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - type: NodePort - externalTrafficPolicy: Cluster - nodePorts: - http: 32080 - https: 32443 - proxy-protocol: - lb-ip: 10.67.53.155 - prometheusRule: - enabled: true - -cert-manager: - replicas: 1 - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - custom-filter-property: "true" - prehook-config: "https://raw.githubusercontent.com/egovernments/ukd-rainmaker-customization/master/configs/egov-zuul/pre-hook.json" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "2500" - java-args: "-Dspring.profiles.active=production" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect,/egov-url-shortening,/eus,/egov-location/location/v11/boundarys/_search" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - replicas: 3 - receiptnumber-servicebased: "false" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "25" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - sms-enabled: "false" - -billing-service: - replicas: 3 - heap: "-Xmx400m -Xms400m -XX:TieredStopAtLevel=1" - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - -egov-user-event: - replicas: 2 - -common-screen: - replicas: 2 - -dss-dashboard: - replicas: 2 - -employee-tradelicence: - replicas: 2 - -hrms-web: - replicas: 2 - -telemetry: - replicas: 2 - -ui-uploader: - replicas: 2 - -egov-otp: - replicas: 3 - sms-enabled: "false" - -user-otp: - sms-enabled: "false" - replicas: 2 - java-args: "-Dspring.profiles.active=production" - -ukd-assets: - replicas: 2 - -egov-common-masters: - replicas: 2 - -ui-localisation: - replicas: 2 - -employee: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -citizen: - replicas: 2 - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - replicas: 2 - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - server-tomcat-max-threads: "30" - server-tomcat-max-connections: "1000" - java-args: "-Dspring.profiles.active=production" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - replicas: 2 - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - replicas: 2 - heap: "-Xmx512m -Xmx512m -XX:TieredStopAtLevel=1" - resources: | - limits: - cpu: 500m - memory: 786Mi - requests: - cpu: 500m - memory: 786Mi - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - update-notification-sms-enabled: "false" - -property-services: - replicas: 2 - heap: "-Xmx512m -Xmx512m -XX:TieredStopAtLevel=1" - resources: | - limits: - cpu: 500m - memory: 786Mi - requests: - cpu: 500m - memory: 786Mi - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "false" - java-args: "-Dspring.profiles.active=production" - update-notification-sms-enabled: "false" - -pt-calculator-v2: - replicas: 2 - java-args: "-Dspring.profiles.active=production" - server-tomcat-max-threads: "20" - server-tomcat-max-connections: "1500" - -tl-services: - replicas: 3 - heap: "-Xmx256m -Xms256m -XX:TieredStopAtLevel=1" - memory_limits: 512Mi - java-args: -Dspring.profiles.active=production - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: 100 - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - notification-sms-enabled-forTL: "false" - notification-sms-enabled-forTLRENEWAL: "false" - -tl-calculator: - replicas: 3 - heap: "-Xmx192m -Xms192m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "1500" - spring-datasource-tomcat-max-active: "10" - java-args: "-Dspring.profiles.active=production" - -pdf-service: - replicas: 3 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-mutation-reciept.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-mutation-reciept.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json" - -egov-workflow-v2: - replicas: 3 - memory_limits: 756Mi - java-args: -Dspring.profiles.active=production - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - server-tomcat-max-threads: "35" - server-tomcat-max-connections: "2500" - spring-datasource-tomcat-max-active: "25" - wf-max-limit: "10000" - - -egov-hrms: - replicas: 2 - java-args: -Dspring.profiles.active=production - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "sanjeev.p@egovernments.org,satyam.ashish@egovernments.org" - mail-interval-in-secs: "604800" - impact-emailer-email-subject: "Uttarakand Weekly emailer" - cron: - schedule: "00 0/1 * * *" #GMT 3AM - IST 07:30 AM every Friday -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "10.67.54.101" - db-admin-username: "ukduat" - db-read-username: "readonly" - port: "5432" - env: "UAT" - maintenance-db-name: "ukd_sdc_uat_prod" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=production - state-level-tenant-id: "uk" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - # DEPLOY VIA HELM - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt9 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt10 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt11 - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka" - - heapOptions: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt6 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt7 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt8 - replicas: 3 - storage-size: 5Gi - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - network-host: "_eth0:ipv4_" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt12 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt13 - replicas: 2 - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -elasticsearch-master-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-master-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 5Gi - network-host: "_eth0:ipv4_" - -elasticsearch-data-infra-v1: - persistence: - enabled: true - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 - replicas: 2 - storage-size: 25Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-client-infra-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -# kafka-v2-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2-infra: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "75Gi" - iscsi: - targetPortal: 10.67.49.8:3260 - iqn: - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 - - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt18 - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.6.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "ukd-prod,DevOps" - upstreams = [ "file:///dev/null" ] - -#grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - dashboardsFolder: /work-dir/ukd-rainmaker-customization/configs/monitoring-dashboards - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/ukd-rainmaker-customization/configs" - branch: "UAT" diff --git a/deploy-as-code/helm/environments/ukd-uat-secrets.yaml b/deploy-as-code/helm/environments/ukd-uat-secrets.yaml deleted file mode 100644 index 6722624011..0000000000 --- a/deploy-as-code/helm/environments/ukd-uat-secrets.yaml +++ /dev/null @@ -1,72 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:DVdudu6GYOm8DZv40/GiUg9UJCiDrqykMwbK0uTK8DMZIPHidcN5tP08cUN/,iv:hMmTqTrXtlf03K8vNdJd2nGiRyK9XcrIYITX16/vY50=,tag:P8M7h+/8wQK7y9w+5MHCnA==,type:str] - password: ENC[AES256_GCM,data:ux0LafGhTnE04k6JzcviNg==,iv:udJgpK78Gyd+2RuPUt/kltsyl+97V2xVN7OIYo3rtWw=,tag:hjjYKJctfz6dkn/6husISA==,type:str] - flywayUsername: ENC[AES256_GCM,data:k//nwlazbo+VfXQlC68ZWblC3X+hXWn5LtDfpazPXclZZB1BYuVBu07ope4L,iv:mlT2cKha3p22gP1Zyy+6kgF09Fu0J9cxktNDsAXzByA=,tag:sxSeG22ZZSNQrOCNrePsPg==,type:str] - flywayPassword: ENC[AES256_GCM,data:456qPY2VY3/U6lnZJBkDQg==,iv:uL2KT1fx51XgPBfnvfvYCiuCjAys+rJwt4qRXx23NIk=,tag:QFcOU6p13vN+a6kx490XOg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:zaTSyBrzWCwCURY=,iv:Jja6M8P3vap/ZdC0RUSWEiNvmJw1IU3iXZTUZQTQS1w=,tag:T0EOr4L44R4JpnB+mmvBjQ==,type:str] - password: ENC[AES256_GCM,data:kaVfowKwnFv/,iv:lYC57Lh9mKhL+9XIzEnAGhxuPZ+Wb6RuEVWvXBRhnGs=,tag:swwzgacvxTcg4p/tYKlcIw==,type:str] - secure-key: ENC[AES256_GCM,data:ml5wynFTQxtkqUgF9I12e8MuOS6VNSMyozkE4XzFFmZOCuT1,iv:g4HZ+K6/erDFrBMoX6ATpZvqACsB+ZJ9QSDKjPl5Qd0=,tag:fA0rvC05GEx/azKiFlZqPg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:cydza4bVUh7OqCBlDW5rJp7TX48=,iv:Oe/q3KXCePZNpwcucRbJjNzyM4mHkj5rYYM1VPNcdJg=,tag:95tFIJT8Y7gDg0g8R4LOtw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:8Qynnq8W9aocsFGcIQor/d6AkQgz96/V+wazF4hTcczNbRhbbCi0fA==,iv:1Sxg03UWeOPP4VXfp4oPpT44vlMQL4xXdUFvKrSDcro=,tag:cCWMGSDqGjsGkTrCo+W64g==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:9maPafP7Q4dThSXgUv8m55MlL6pKRjghZYZ6u73atwWHqWOoBbbh,iv:WfGA7PQyDy/RUyMLi3CCWhvfO6Piq+T1M0TZi/x2kZU=,tag:VvZIUBwxRl0ngW3Z25RgEw==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:gC45ZgrNcZ6PSbYKYvRbNQ==,iv:zvuhdQo2C72zzm3gA317goA7B1kj1o1CDuR4aVA8uZ0=,tag:snnTVunTGteo+fza7amucA==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:kNfYq+t77E+/Yfw7nZ6wzgqbBk/KHOQ7v/bJ48tx5UM=,iv:5T4DNaML/DNU5qH4Cn5t7Be6Czn+RRbTO7Q+Fo5SzeU=,tag:/5Wzb5XkwPPcp3meYaTMPA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:ISlw2G8pA4krELHjC9D3,iv:1WfPPDnwQ4VS156DzoZGSz98bymcC2BJ1X65mp8KF7k=,tag:oWD5a2QID+Q9M0qqmP8R9Q==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:MPxysJp7q90hF+0=,iv:64Q1gzEI6tRQLGT3IqsBt9kQzjboPhkTAAoFGtLldm8=,tag:eZ82+jS2zeU4VnRwZ0Bb6g==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:LBbiiD8cb1k=,iv:MpIRKfempuZrFi0pRMOqCW18ICdhx5cNToFNO+zFLas=,tag:ZbhKaUipwrintTpcqQC/JQ==,type:str] - ccavenue-merchant-id: ENC[AES256_GCM,data:DVNP5Ef4,iv:2XbjZarmJqwyNpD8pfbwzn6F6tGYk1bnw2b099Y3Kpw=,tag:+WlExKcxewanwQRoOefVFw==,type:str] - ccavenue-redirect-working-key: ENC[AES256_GCM,data:uINyQY1eBBWhNgzu9fiJR62B82naoCUBkTJIsEMSSqY=,iv:+qhup2d2Zc+xr2GfD7RTtY8GTSaefSF5TkK7iPegnu4=,tag:DzCH5iololLcE44WYLBu7w==,type:str] - ccavenue-status-working-key: ENC[AES256_GCM,data:MWO8VOsFJuC5/a/qt259VThyugEBQ3rF4QfuflYlvnA=,iv:aTXujkTmFDaOjBzEWICJhZ8FhxTdkRC7rtuVFcTT6k0=,tag:15YDRqB4Yguj+phdjGYWuA==,type:str] - easypay-merchant-id: ENC[AES256_GCM,data:Z32FqobU,iv:PJq1GO6GOGzNf0sV9XiM24FrFWTggpJn1KAa/jWSLYI=,tag:Hd3I6mbT/MB3Ix2RvcyIeQ==,type:str] - easypay-aes-key: ENC[AES256_GCM,data:5Gqa09MyRM03jTtmaxCyFA==,iv:JtoIsEPvKeqVelvmQIY6ITLzm1qXY6fwY1XG7VUFj/s=,tag:8RlB0YpRs8PDe6yQCraXXQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:MoU+qQRKGE70ZEztX5ORBUmhwt9Fb4L1alw=,iv:z3zx+APf4NuOaC8FXfjkAJGNSca7+LJ2pXQnx1XDAQ0=,tag:1dHxr2wu37NaZybLdJCk5Q==,type:str] - admin-password: ENC[AES256_GCM,data:oDYFyGq1uUy/wiNNFnA=,iv:ak4iEsuurVObyaVYPWs0GVkPI2tAU1y8myQgdyyGTF0=,tag:V7GXeVsAsiilUdnPJKbnxw==,type:str] - read-email: ENC[AES256_GCM,data:2zo9efuiR7qQFBTiElUWR8jRMUiOrzyevbI0w7k=,iv:NWTO0Rbm0ILEsNcPTnY2+mxxozeS6RARdtdVEhwbhik=,tag:AvVj4/yJhUDgUXsIgb9C7Q==,type:str] - read-password: ENC[AES256_GCM,data:SFEuV7lgeCr+mP7F5diFALw=,iv:jJd+ScaNYlR+V/5nCdsy7POrtIo20eKB7aiXK8pdzGw=,tag:bQagZK37sN3HvmSStSkfGw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:+esY5PorRM0Nx8uyeWgMjw==,iv:wrvZCrC0Fg0xwd6jHROfqJFH5EjG0b3hKYbZUg0Z6TI=,tag:UgZ+lD7No3TxE0nzVMONuw==,type:str] - master-salt: ENC[AES256_GCM,data:Na5K8IRpFu4=,iv:+pKG4eE7HnzN8Bim4+4rdxvje87W1tRaAoXMLy4jOOQ=,tag:P3mxlKRV++QfZDpNZnvOJw==,type:str] - master-initialvector: ENC[AES256_GCM,data:mXJyOsWcf2i8BQXH,iv:E+82aj9sYMpykBkXW4px5yRapWY3k/dDj2Kd5KmvPuo=,tag:iKNOvJVYUQMJnBwcLoX8Vg==,type:str] - egov-notification-mail: - mailsenderpassword: ENC[AES256_GCM,data:n3ongMNBB68L9g==,iv:RrqdYZlia8fAI8azOrHqBECTsoH5aefW47hvHk0XGF8=,tag:+CjELM0nXDSVCBTAShoCAw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:+zlSQhi+jvO6PZQee8JXC0Vldy/HgP8XS0oZP82WAmMNQ2N1trMdLXsH94LRmfIxeIMf0uoNHRRD1iOuuTP3RO8+zlasBTUFra03VmEvHIbdSPb83XUFAe8fkzjmq/tzq2KYCazYmY+PrB1jrX71ZJNzdAdWwv5dy7mmFIJr22ipxQCaOEGE2SVR9vYK2eMnHoN1T2D15ImYVXMvUXLPbmboofH35vYswQtlPUA8Q10m8J0av6ZypsIvvYeq+x6bjVQW5BvqTPPKrBrLuYBPLA4lcNacO9S/PRwKWQXYkAPn5JZ62AnakftGTDEMy0PxNdZfXlpsJFtKE2OGXekcCInKVmti82JKJFglCmye+z9mf6pcQONA5ixJApAbGJHuPhMET6MmyA6mLo3Zy9YBzxCoKT1EpUYN/q53LeMvi4x7/HDImkr7zR8fSYdGAsAWzMj8Yx2u8fPrUZZrJoA+2R78tOEWTj7ggs9wL5XwzZbGCvUceI/YxP74s64iTa4nmC3zReNsQzKDHrEQ5yFDyBF591PItBj+nVrBRq0JpcWQi7LtwvsWTDdoF/VJUvtAJEwiPCJQGLW7U6OQItGENYnTWc72c1befHBxS2r0R7CvMQqMQ3prnetAEctPYH9oPGcjAbFEfByWGWddt5Avjhc8sb0zv7xL6q5jorq/y+wBSL+ESctMqsMfnjy9pBbqpYg9NJoEvdbHvBOfYtongNXDciseLpeX02XnrmuxuixRuBxhHwO78LPTTjMfMHwYY8uwFK0aMLLNnxYVEv0fxK0krg+B2y6m5qHjyOLUkr3a8fTkAfKR1Alb9cqbepbO979hPpkur485CJyJAzCnskabYQRF8LPfX/iPMtSzupzxo+I/e/aIVH6rOAHbs0Vj2UPbsU2IxbObvoQiBub207EeBRnLKYAWpgRCNtQoKJA4fFS1PjqsamUzPJ89kuc8hQUnTEjBtQgdSoe3hCtYA4bv96084w+vKgVD+cRdqomBGaQoLpPjIrE/RqyW+kflyk0qIx96wo/uv5jnJSx2DYC72dNaufESDksqqi+smAGg3N64mtLqcK08qkLmV4KablZdfNdqp/3J0aGurDmgGjzJ+xPlOval0JA1WSwfXgWy7R/nDvpN6TpxnCQHvlBBipH2GCY8Wu+PzZs2Jtis6hcZ4Lx5387fJ0/ZDakYuLyvT/gf1T+CNhGvxnkN3ZXserYLedy7m/XA3nWmv4C5YC2TdWMAJf1wcmwaHcV+QKQ8rrBubB0ATV/qXnymF7eDlK21MVXmOhKMBfCGGyrB7N8FfeHVVumFq49RqY65XjK8cUpXk1hDSs0D5ETuwaTk17sOFUk+Jt5okfY8XtcZ0AvucHj46UIVKEDosPELf6Y0ZbO8ACFGPQJnZPodIUUWJP9CE0BYGvwMcDmYRvr988Q+IMjOfMVMT/sVBx4YulS3USm3d1YAyXsDpjw6KawBh/vULEK8HF0tqAH9qSjZBiyTlmixbTTsDN+UZvROCR6Q7MA4KkeDxSyXt6uKE88DHoKYTXhi7zBoHmlG3gq6xvPIJkxMiUoiGgBDULSbmnfuzyXjZKkpv/D3B+9uMqT9MQ/XxvGI6m046MIKc47GrEOLju4wllg6eg/813G6oSDwz44hvcP2XUe29G2CKOHH43jYBI9+bNElsF6rfTXV2XiqpJWCegDBix+NEfM5//o8TDz/+drUwKlb7owNAWQcMpd+WcL4GacRYYDnxyTujS0hbfSavh4oMH/79drJWkKNekmNAPHN7vL58yy24e4nqKhyoFGl8keag3ye5Jl6pgqT/n8+iXNVTTbG1sDwJZMrn4aGEN9y+IPZiv9pubEEaRj1dBSmGIsyIldpXTti07Ehaa7nG0XulxzdkKYipWIvj7moTO6DGHptFGX96XkQcDVxpp+NPLvn/emW3ywkiRuyCE13jf8+hlT2pmT8G3CTEeTg6uHMIH2RoQ40X67IrrrlO3olTA0Y1DScB0FCCyiUnEaeDdK+E5lcJLN7zOb4WhFV/FvWtoY04DjjkrIGHim/OhhwCf83VDWmGKD8s1vfP5ZZF4/K+sC34Bp/IdhbUtthB63MkYrrTPTrkeJddFTEP9pyWm1Qdbjz4Mm48AadA7Q3i0s9/YLjWO/wOJzpj1Z1+I/454AeswhKaMUUwoqDLzC+kh1/R0dBzXxro7fs3dJ2sCBpnQvNLgYpnCBaLJ0qGyFFQSdfHD+vBe1Ja1UGXZW6XMDZ/AJ0LPIHroNS3mRy9Xl6FOqQVjNqW7JJ/lP6x8cAdZpqmOmAiL5oilX9Wmsmj2HN0VV8w/IdSCv96a6WCAzv13EHkR4StBWQYeqSNTi84K/lVg1VJLaJ8mBrZPObu6iDM9w4vxv+WhOmtJRp2caGDDHTnwD0BFxmXNi1gWqKfn734H1bB3ekkDQykgKrLna0PKwxAyixKfU5s2CE6NzNieQbF2GTqvWejpBVGcoH2QFjRBk/DkCJ83FnQtzXpVu6xU9yokFu3OBuqKBbVjflYnoVa51+Y33X+L6KfW69yy+V3OF6eyDn9LLGNCMYlRv3feZuqVjZwCJsXk22IFh627hIhVCt1p89VqFltR5620kAS5Una/RlTiVTb91KfSBHr/dJNEiS2o5wLJDz32rqk+aZ2cAOkd9sUrJKmFl4wPEIzGB+GpelRb3p8k3QH5wCyK2Je2UJhZrJlkRMCrZRg1FUX1aYdxFp36tK72vGQ8yeITeDexUMYog/+93GAaqYpmXaQz/8QMgoIdNlBQhFEvWPc2XVMRKkf5/rgxZ2pujnkW1pUXqoc83bI5uzyNx7qycAnI/yl0pEJzf3pCTIkV3p32GqB0c0P2fFRLiE+PEQt5wXUrk5H/v57oy2LFioEoq/nw7VIbB0wbi78HX4X3rx8e25ldnadAMZSjgEdgcaOtlQrgeLbAIJm5AnROrZvnBWq+ShKNtMBqzwnKuJ+J/PsciMDKLpwbvAyr3HbkBAIA896D/5uPf7rxXeqw+m92hJVmTUAubdXxzLOjx4RUj0zXRaRUthjTT81hYPOo7KJTK+nO2I/5ifxE3Hiwh/5P2oWQiwR0mEx9IVHmoRYGZUHo/A1CCmtURtrHAjUZW+fPMZ8g0pgZTCdusuzT2WVlgQkKqy+Kxlrtr2gIcjQVMVgcxCU+UDzBWsQLo9rKwHOhehJKWlFDUoYiS6GL10p0o25cC3ly1z4YbDK/wsANxC//mcc07I5YwxXUcDMb4hvSIaXZOsPe7G0LNP3aO7b1dzfWcRHHVrhtzIQNr2jGkqSv2FehY8d0CdGvrwzNQGsIEqqcglFbd3z3cuKh1QON/4zJ/EtGq5aA2dCYyC2DlWq7KeUnpXdkbAjq1NMtu5yRonOMqBP9laIDeLE05B1J4932KUhbe8efTFRNYXpxk1i8GQ9ZxbUIhL7wTcsAUN6+q5LffG7v03/D2R6Oh6wNUenCbbO5jzRm6rFIetUt1wPGJW0Y/oJUYRj7fvMJW28WrptOdal/b/ofVhvUJg6tWNDCULweA1ueUkPMrN83YZZQsJkq9w/+U6InYkizevIRVfcRGlvigEPcPHyY9j/kuivziQ0U+pJGpDR36jbBrTs5/wBRMWlccv1YZE0mrIBa52mdNkYDxnB2QutPbZPzMiDWzAqOrEmr9vk/DvmxNVnAM8h8sjJ2QjuTtd3Onq7ZzhwmS/lnBMBBl2s9O8KwvhL5nsvmdmaldUHJxIAP8cFxAwfLq/GmK29nbuaOuvxlaZ+Z6KBeIPZTmvVfoVCQz9txxuQAa7s28iDEILOjfDniqg8ii+W7jEL4oO8sMl+ufTyZFecID94kPYGBOl1IDTQUX+PLcqycbU/90H7jLbi1lsInJjJihYWQGt9VNy4aOVK5gYB4yPJa3a2qq299EOu2zRD2OdlP5DP/9EyWR/Jf4eAdcXGMNBgkfQV1BysPiT+SlVSYD2vZAanKvJ06oVfkWMfCJgPpBJCc7kc9hyvj2duQhlRG6T31sWQRuL/3C46zcPjnBeEccgckiEDHYlKP4TkZmH4VQWJmSO/TwwzWHJq3cUxchZ2xpThmYIW+3EjFGnWL/Ifs8tMbIu36HFSqdkrofLzqYxws8q3Es2mx5S2pvTG5kmL3fo/RXOJy/4YT5X9GxKo7UJVVNILXUb9miqC4iC0fKgLOq/EhDOEAnt+z66uqYDc5npwE5anxQMt9EQviWS8bJBQ7+DomoCDmEVg5T2CJE/PUa7A+en8r8zRAISnwRrqrl0jrmDG+cYcM/jUfd972C4+1BG+xlFtsG6nCNV1gXvtb8jtW9O,iv:9jfZPCokxPdKhxnX8jsAL7Hvs82B/c6tFy4ThnFjVAI=,tag:vbSq79Ljgg4b7G1qam+LxA==,type:str] - known-hosts: ENC[AES256_GCM,data:bH29g2mAiOPKW7ly7k41K08UB7fi45X+O0ACjcDoJuZ5a3YLd8ydaDyPmnH0FntYEKHhljWWPzF157z9bvuvD2Ub6w+VZjAErExDUHTW8OdMVHy48dDMWxum7CTkybQNlmfJdj2uA/3OA/a2HRB9pkGKXeiarZ11PsdKsSaAvvWzFVVlnzLFJqwZXvSXay3XIjQD9mfmR5GP5v9EQf6VP46jnzoJoy2ovnOOflR//omPBehuEPmgAg9m5ErW1vVKPS9sw+1gIkT+zYd3bQ83tRSkGIiWwByljdOrpPPzBfUvwjAVzlQZlPvoj3Rw/B1zjHbHznL43y246YUvSqjggqktu3ObtOeldwjDd3NV8FGpgYl0MUWmgWRUzMjxxq4BScBy+DzKQ35OeJIcyL/fNFxeCAmI/0RjAHlVwBpml1/kMUdOkwxnl0WQYw3BJvWTsc1KwIAuJQeQxcIt7Dn1L9cVTXPRsEtoVgmFTQ8XkjYG0ABF91dQbu3L0jEhO6hLZJeyCW6S8w==,iv:pqsWqSLiONHuGHvkbPstlOCcYQqDky/VmS25ofDp0zs=,tag:X3D6lvJrw6CalcFrkiGDeA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:2eYMlxsFsVnyKQ==,iv:8YGKtbz5a6tXT2yHf3UWFzvhcxam0CM/oBPQ9cqNIGI=,tag:KjgsRNJHarO/xP1vJRw3Bw==,type:str] - credentials: ENC[AES256_GCM,data:eRMQ8eK4bblG76BHU3hSmJIWjLqpVSh//Zi86pTngEyAh8TMHyaHM9scYw==,iv:WHPLpoUC1QHtngoZSMyknGiAePb/Sn9ZL2H5bXbho64=,tag:rQNHLCjj7ihbwUQtm8F8Pw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:18:36Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEeX+vZJw7OPNgmJd6qJLJ5AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMux/wb3gocQErLeWMAgEQgDvmqwswpAboRnZFn/5+dsPClaR29mqBZIFsDA2O7YGxZHC5OpdHftBHOZ04EyT3T6UpA4T4xEdFDdFlrA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-03-09T13:19:52Z' - mac: ENC[AES256_GCM,data:MG+smahZ5ORXI8sgJGG/Ofpcz3U4d/uPpFuZhEkuttMJCQtkP01qU6MqzXpGGD+yXr9IT9Dm0T9oZjJEUB3eA2M9LZ+esfWC44G7cs8QZuNWpOyc+t4PEH6dqzZjGYFZttrDiA8XlovL92UoIrqoRps7hZfSNLRoJ4GGOj7x0KM=,iv:SCYlnUvzMRZxfcDx/dffB8NivlFqoCZj3e6gjDXYngY=,tag:pwMS5OPQQdVzSdZ+PBWRcw==,type:str] - pgp: - - created_at: '2020-11-10T08:18:36Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf+P5Z22IBXx3SJjNnwD134/Y+qvM44l/p9uZNvGwyqweQt - IL5zkp+zyfUjIz4sR9wJiNwyJK1PendZlU4qtGSEANHAg3XUQqV3L5R6BA1ThSDQ - 40OfYaI9H2+cJaD9KOdR47Qfezt+c9gu6R9yNcR1EiE3Jbcygz0nCsOUDRYfPCir - 3bT9HGI6+Mh/HBCM+/4AIHwVzwrO2XOqyV2r2WBm9UwQOGhUU9VJ7zUId1dIuIWJ - KyXlkR55yT8DLb2TtHMbB/Ik94cuZt1LXpcQKODC6vUHkOstB8Opb2S9rfquh0UN - sNPaQ12XCDSyc8IiaUdPQEt2P/KvdZLqfGahidgfENJeAQH0QaHj+JP9iC5lBFT+ - 7rG+wwQ3NC4EXl/gHQClnjcZOuiLHjjikw5sQUbEAwc4i5XSHgGMuDidEnLnfnfG - jfZ3wy3yDMlmmZqIGTLDACgJFEiL2jrvskNgFpx6HQ== - =kO89 - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ukd-uat.yaml b/deploy-as-code/helm/environments/ukd-uat.yaml deleted file mode 100644 index b343e5d1e3..0000000000 --- a/deploy-as-code/helm/environments/ukd-uat.yaml +++ /dev/null @@ -1,543 +0,0 @@ -global: - domain: uttarakhand-uat.egovernments.org - -cluster-configs: - root-ingress: - appRoot: common - serviceName: common-screen - configmaps: - egov-config: - data: - sms-enabled: "true" - db-url: "jdbc:postgresql://ukd-uat-db.postgres.database.azure.com:5432/ukd_uat_db" - db-host: "ukd-uat-db.postgres.database.azure.com" - db-name: "ukd_uat_db" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - es-host: "elasticsearch-client-v1.es-cluster" - egov-services-fqdn-name: "https://uttarakhand-uat.egovernments.org" - flyway-locations: "filesystem:/flyway/sql" - spring-jpa-show-sql: "true" - serializers-timezone-in-ist: "true" - mobile-validation-workaround: "true" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml" - logging-level-jdbc: "null" - domain: "uttarakhand-uat.egovernments.org" - tracer-errors-provideexceptionindetails: "true" - egov-state-level-tenant-id: "uk" - s3-assets-bucket: "ukd-egov-assets" - timezone: "Asia/Kolkata" - - egov-service-host: - data: - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-enc-service: "http://egov-enc-service:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://es-client:9200" - location: "http://location:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - fixed-bucketname: egov-rainmaker # Only for Dev & QA - -egov-localization: - memory_limits: 384Mi - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "ULBSMS" - sms-sender-requesttype: "POST" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y&smsservicetype=singlemsg" - sms-sender-req-param-name: "senderid" - sms-sender-username-req-param-name: "username" - sms-sender-password-req-param-name: "password" - sms-destination-mobile-req-param-name: "mobileno" - sms-message-req-param-name: "content" - secure-key: "true" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 90 - refresh-token-validity: 90 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "uk" - decryption-abac-enabled: "false" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - -egov-mdms-service: - mdms-path: "/work-dir/ukd-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-mdms-data" - branch: "UAT" - masters-config-url: "file:///work-dir/ukd-mdms-data/data/mdms-masters-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - egov-indexer-yaml-repo-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/collection-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-indexer/payment-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pg-service-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pgr-v3-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/property-services-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/pt-drafts-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tradelicense-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/indexer-job-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/uploader-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-persister/egov-user-event-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - -egov-searcher: - search-yaml-path: "file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pgr-v2-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-customsearch-punjab.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/rainmaker-pt-gissearch.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/tradelicense-searcher.yml,file:///work-dir/ukd-rainmaker-customization/configs/egov-searcher/bill-genie.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - -egov-pg-service: - axis: true - easypay-sub-merchant-id: 1 - easypay-url: https://eazypayuat.icicibank.com/EazyPG - easypay-url-status: https://eazypayuat.icicibank.com/EazyPGVerify - ccavenue-redirect-access-code: AVCE02GL99AM66ECMA - ccavenue-status-access-code: AVCE02GL99AM66ECMA - ccavenue-url: https://test.ccavenue.com/transaction/transaction.do?command=initiateTransaction - ccavenue-url-status: https://apitest.ccavenue.com/apis/servlet/DoWebTrans?enc_request={enc_request}&access_code={access_code}&command=orderStatusTracker&request_type=JSON&response_type=JSON&version=1.1 - ccavenue-url-redirect: https://uttarakhand-uat.egovernments.org/pg-service/transaction/v1/_redirect - ccavenue-url-cancel: https://uttarakhand-uat.egovernments.org/pg-service/transaction/v1/_redirect - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://ukd-uat-db.postgres.database.azure.com:5432/ukd_uat_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - controller: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/data-uploader/v1/jobs/_create,/data-uploader/v1/jobs/_search,/data-uploader/v1/upload-definitions/_search,/data-uploader/v1/upload-definitions/_test,/filestore/v1/files/url,/egov-searcher/tl-searcher/opensearch/_get,/pg-service/transaction/v1/_redirect,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/user/users/_createnovalidate,/user/users/{id}/_update,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -collection-services: - receiptnumber-servicebased: "false" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -ui-localisation: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - report-locationsfile-path: "file:///work-dir/ukd-rainmaker-customization/configs/reports/report.config" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - employee-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - citizen-allowed-search-params: accountId,ids,propertyDetailids,mobileNumber,oldpropertyids,doorNo,locality - notification-sms-enabled: "true" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "UK-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: 50 - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "UAT" - data-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/data-config/consolidatedbill.json" - format-config-urls: "file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt-hide.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/ukd-rainmaker-customization/configs/pdf-service/format-config/consolidatedbill.json" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - mail-interval-in-secs: "604800" - images: - - egovio/egov-weekly-impact-notifier - schedule: "30 07 * * *" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster:9200" - es-port: "9200" - -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "ukd-uat-db.postgres.database.azure.com" - db-admin-username: "ukduat" - db-read-username: "readonly" - port: "5432" - env: "UAT" - maintenance-db-name: "ukd_uat_db" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "uk" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.0.1 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/kafka-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/kafka-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/kafka-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.0.1 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/zookeeper-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/zookeeper-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/zookeeper-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - nithindv/cp-kafka-connect - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 2 - shards: "4" - es-replicas: "0" - storage-size: 40Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/es-data-v1-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/es-data-v1-1 - network-host: "_eth0:ipv4_" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: - replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/es-master-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/es-master-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_ukd-uat-group_ukd-uat-cluster_centralindia/providers/Microsoft.Compute/disks/es-master-2 - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: ClusterIP - server-basepath: "/kibana" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/up-dev-secrets.yaml b/deploy-as-code/helm/environments/up-dev-secrets.yaml deleted file mode 100644 index 469410b0ed..0000000000 --- a/deploy-as-code/helm/environments/up-dev-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:uat5eFc=,iv:BazVhRZdp/BZDORpaONswGruJISn1RCg5M3E5XjYbOk=,tag:7DIVX6I2yPzLtMJH0w961w==,type:str] - password: ENC[AES256_GCM,data:Xar10zfa9J4jsy5Crp+9,iv:D8sjaBW8lQMPa06C+VpvqRlcagEGYZUuqrjfKAx3Aog=,tag:SKrz9njRTL7h+0rrWtKt2g==,type:str] - flywayUsername: ENC[AES256_GCM,data:S6qCcEw=,iv:I+GpQ79fYH5t8GYWoLyDURf152RJM9w/WiPQrakm5ek=,tag:UWden96SVr2aALnNeRsttQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:P9O+QR6PAb6RLb6/V+kk,iv:7WSSffyQ6ZMybDeM4R48z+psxy466Bw2CZDQcNKXMVs=,tag:sNPxdQv4HHKgFq7egm6tbQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:3CQwu2fKlg==,iv:f/5LTMGHhBu0xatJK30n+Iv6ql8++TJGSYjkgSmE1yM=,tag:oEMF+ln2NL1FA6E7GFXE9Q==,type:str] - password: ENC[AES256_GCM,data:GXEtfaMB0Q==,iv:Xuvbn07cr9dEWqNYfRJPT6GaTTK3lqSPx1UXfR6tyfE=,tag:xHeNWMsIXHUmeAj5Jw8rAQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:a1sRqaUM+GyBk+VUDJA7obmzxD8=,iv:LUxiCJ5yjJgexDS/hquIQKSuwUMQXPrgO5X7is325xg=,tag:0gLD7vkkP2+vbeCdCu3o/Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:tczOufFg+sfS9VaSg8e1/+nkDRbVyHJWUAoTcoapjNoe0A5uomyIrg==,iv:XAevtTbICWsRZTfnzv2+RXtBOlrwX+jPhgOgbvM31NQ=,tag:BVZvZz8w3Skgmplu7zOUTA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7yuCYF5PxgQuMlx9oslJkKgkPuUCe3rzMotHeiAXXN4EbFTE1vHq,iv:mcV+JSqu5j6Zk7aF2gqWpXHMn1f9xl5BGpFg/W5czTQ=,tag:mZCEIwrt2/1rksI+p/23GA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:E8owN9JQSDOHn2TMMD5HjQ==,iv:qMsRgsvBuemsIT5X1l2snjiRbjBOKNvClq3CmCOJhDQ=,tag:Fy8180fLdcI4WGQ6BDlwQg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:cVmnXc4aYQ4E5LZFHUT6EYnz29ns8FqujDMsVSAFc78=,iv:1O6PwQ7Wo83Vb5FSlzW4Mg77QZ2O8H3BH83Pb13ciT8=,tag:/j0Hm8dgvIFVIGyDCifwng==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:fa1+occ4XdomHcajkTOi,iv:w1peH2mg6YAVJJuHi62O9elYzB/e8SIc3zeavqFgiRM=,tag:AJhSHu6+sG3xKcmgpljSdw==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:MktNCALK8KeSEoU=,iv:zvxHZwDaK85VJgwAVchUvzqBsAOeiwRyaZQQOY0MC0Q=,tag:L1Q0lcIKdrAj+Jjk1/9ZJw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:Qp/nL0rSJvc=,iv:B9FMV+jh3USPdfPmkfKACVHPwOVn1L4768PPb9ysCbY=,tag:tIa2dMx09NfTP4Ii+Mks4Q==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:lxI50aot,iv:7PkiEtLLTadkopZoOn83FQypImK8bgfVc4UZ4BUSuIs=,tag:dNcQUpNNdC24QX9hYB9Hqw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:NgYxb4lEiAQ=,iv:eQvQDfabS9fJgDts/b4JY6xobeHdr2lnZ8CZ1qhhqHY=,tag:O4Dtj9MaTRnvzhbGNQMdXQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:KjRLmD4LWO16UxwUyb+D0fnYIhOsoUy6mqI=,iv:/lT4452JPA+gTGGaoVNZ8IGUzLWutHWJgC0f01IxPBA=,tag:wGiqR0JatwgO/Dha7DCnDw==,type:str] - admin-password: ENC[AES256_GCM,data:zlA6XoSB9R4nFtUi,iv:sfhMAn+F8gWn8UTWZqn4FFFqzJ5zrQ7rDw6qB21v3l8=,tag:iZ/wjAFWSDNz8Ko0HGyrVQ==,type:str] - read-email: ENC[AES256_GCM,data:0DLWzSJA3sDTRF4TJZOJMFIB4JRwk+/gsg==,iv:Hx/ow3OVuMqbWrSxQU6BvuHv/nzCyb9fuou2oTTS1GU=,tag:Ka2tMDo9J8L3J1pammF99Q==,type:str] - read-password: ENC[AES256_GCM,data:oWM8rwcxsvJJ9dV3,iv:BwbNLUD8wmQBUL2gqCLvowL0XA92PLfMjNZfbZ3xrXk=,tag:cj8AfTy3ODUr2KpwXJn5xg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:tCOpbd+++ioqMOHdr4e1ww==,iv:0S745VsQDfNimPoPsQ6DXw+1gldDGrP2HCY1H7gb/2E=,tag:N0AdY5AmtrHDk2YiqYo91Q==,type:str] - master-salt: ENC[AES256_GCM,data:IMrzAt3j31o=,iv:i+DApG+iDLjsaFnGpt59toR3KybwVE7nbwMwjqJueW8=,tag:WEelHlAGaYBE6Uqqpcv2Ig==,type:str] - master-initialvector: ENC[AES256_GCM,data:Q2lvUoEe0D3bh2zH,iv:uw3lhfWnD5JsppqwWhFjayyZvefD9m84uR2xKO/dvr8=,tag:hsmq9Wn8YDucFgnahpUm4A==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:Nc+qU2fC589YyOfs/+pO+/vhxotIQ0PqVdt/6Vg=,iv:X35zhpw+rfTzKbEGX9qRH/M1qvKlgdN2KIwYlopqcwQ=,tag:p8jeWikhg7IcG23OveisiA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:m5jmuIRomkPr0HB7h8/AtAma,iv:MHZ8nVHtCdfkzFp3Jsnlz2DnHPlocShfaNIsK0TWOXg=,tag:chU1WelwIQ+OCbNz6OkrwA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:ikfXHhuYnEU7LdD+7h/1ZJHTAXGng4ZC6lLH61YzDn5zujI3udfOutsK5Oleqc80CUtVI6q7IZvgynJby8rMqr7EfjACOKrJMdlr78Woycyjnbfjymd423crgvHBnVL312+4PDBZ95V7acgJQ7sZRr2PbOjz1mhUfvb/2A11/Wee0V6EusJNTXFxXoBcPWIFiYj4BoiT64rUUWwH8YaGD2ZpypC+Lqx6FQPJQ3JnwFU+x9P0qH9oiv0kvKTyQ+tnkiVr64e86v2SMmvXe8YvUGHKG3lnUMmT5vZju+6Wbt9sjl/uT+L4jnC6qA4eJvAVL6mYniiDVbigKxin8N8Wm8FzOB8/3hFecyhC/6PiHK7SuAto0nPyEDudSsHcRJrq0TkMT5hXhIaD/YmYEuvkK+3Bo5wFeX4R771Bx0CCSCU+GH0ziC9zoDocKA1zx+K9kbWpj6ghR1KSIB/HKxncU4j7P04At+RK8hChGZotxi9NMbbVWoJftlTwiBdgO1tiKpxMlBMUMwTi+PPA9yXqhgVLX7dP7p5gmoqa7M3aBxFDfHljNvkdDh39K7or9oxNqyy5Ya2WZNRiLY5BEb14NSUbxFBi6hyaDCqa1YXzCaSr4EsUWYU/saU0subFmK28zFCrgK+BtpV2vB0YniVw29uwxyykMPxIT8A6aoq1M8pjE7F7RI7/dPMnes/54ovUf/EIdhTpGEnFUtqrZqoYnt62UQ7000i5THHb3upcSXgnw/hDYwB7gHhrswrY45/mY3Fza+4DU2+5aqbJg2aoRTnBqWFiD19jTqithlzoxlSXStEr8D6WwU5U3Ny2Qk4ALyNJog04qqWA320o54VpGJl35d5wK5jIuIKNgZfgvv2KMpHmfcEVDxPpNh3jTeMpMArQLwmqDmMVvVk+Nb7fM7AVaY5+5mQqG16HVz2GvztA1aEZ3cVX52soVB6mS2X9IO78dCfryzNUaXmW3i20mv8CBITkVJuQO+JuIwvgY7NgE8B57cc1WzPKR1mToOwJAkcpLnPxvrbpYfYwg3wiFUqoVNBwvzYHA8/2OjpZHgpoFgRKjzycdGQuxBlGQmlyMcNNxkfZ4KxfPxsFPkMWCmGe92ljC6F8/AGMul1nNmL9Jz/UITIGgwJXOjm9N/U7Gsllg4TMWW75+aQWrx825eINaKB4E1Is/tVoPuqxW/5KFbIyvf4y7pYX2AlWhJaB9SQuVezGQh0Q8foDQEtKUnKhJIIF+4y2c8AhSoHP4KZoiCrWY+uyMwbjrlhBYaK4dcNdAXSPAKRlwjycGiLAbJETmfMaFzB0A3hbrg9C4h6MQ5czmgu+mE5rrcIyU/Pk5LkMbVB4yq0W3wQxSdJGB/EbA/XWbFMnGjOwjwEiLTnNWjGvqrG1q/A9effw06cQaJXFKE7ZQDQwA4k+tMUNxpCa5RetXonlUjJ+9MPakyhhEbsIYK5QH9EkBPeiQzcpwg/ctTfvbO3ZgRwmQGf2BBmToAbI4f7934t1fVUCFWNcKRh7lCi9Bhl9PDGx8yOiWc1hRvXUY2E9iiDE2ULyp0nrqkDksORxJzclf6p5z9kprXcCHCRyu4hixSkqfIjOIINXehnwC6KRWEWGA4MSqx5TZu4rG1u4MalFweRT1t7Ae76fPh2fVkOU3sWorBe62TwB25uFwTxu9N/oAkDXmtZXhbpATVBkCKAW2DXdwhGDoxXfWQnQStPRzSqAQ9B6WxpMfqzi1siECzjFIx4DGKSRdVEeqLpkV2UiAiBMR+vPVPcepV5yWEZPqWrfRXtU/VNCWtgN/J1JQl5KW9w7AZc2mxYaUiHRJzgEA1Zg70S6+HTS8F5xEJUkzMz811sHEzEolGO55D2wAcMh3/FR6WX5V/FpuGXDjm+mEvYB2txCuQw9zv1jq0i7P/b2FFHYII25TtoEqj9KlTy3Q/SI1nXm/s2tusC5mJh2NrePYvaRUKL8KFyfWSlo7D4LT8EgPgZHVpDnKZtTO4IrGTl3btRCZ3MtmEKl6PPBXlEMCGhEYE9/Ra3U27Nbn0Q4KjTADdrzdlwM9SSi1EGuMsTbrXMn9f3Ey3cNe/gOrefLYKt2AbpqUacsAzgxwgOqSFZo3zLxlJQTEwthKZvlQs+AHNa0oV688w0mG8vU82UtGhvkMsBlO7IwWHYtamGjRR8pH5sZAjwEbKcNq8sZMJ0uGUn/FNAM9vLCSWGEZ7PM8C4JMmzhtvZeJnGMRDmWWe4bUtsg2ZDZh3mQ5DlKQWCFgF/Nx85H7S+UjRpfuv/xlht/N9sV09iIVWihX+RJYk8YROyLIUjg9ns2QKoZWY+dcuYsbDNJdktVMaMtXOAhKahUvL0XBDg/5/+8dPWQmCF6nbyXWb4yKkFyHvGNtu4VgLoSY7II2sTVPAxyRsAo9hcXnFbHvTPO2glv7lZ8NpJ4IZdBOLK9fCMHVL2cgPK5J5hLEQgNIkLXnOoHg6hS0UaS22PJVfpx9EbQdCNT0VzDWdEc6JrJl5J97lGXCBQ6hX/O05Yy5HXY/mLt5yfK9iuplSU8IY4grpxU4st3LPCBiqLaNuJJiJLec0vZ3FCZDxbgpWLJ5eop3ZYKzYXRrfQz9DdZGqwvhzYOrIPkhYRQU3TCEIK24XneHWPJSMR2ybWmeMfSq3MyUOwxhr6XEq6skLTqkMb5T96jE/r7FopT0hEIqhJkHKfjm3wSqdnZpYqf97pIg6JqixgYSk+YiAJr/V58YOZ/YrfhOYig+Q0DZPl2qu7lvieAzqdtGYkzu/oNPLKcBxhpitZPKvaqHb8jf5/xibLpRhpc2iDjXfB9UR0hwv8M5sZ1oxBnuAVW1vs5s2vGfl2d1qAAwx2uD6oQgCRBpulJ5lrbpm4LgbNntOAOMpUtEDmz2pHn+ZIct/0KIURJ2CTLFAGSQ6KttbfF+rSI2GdmeFuQi2VhpGhy4HVvzXkBkPoEQsilbK3Oi+Y0IAEvLnhu5uz1aF00kyf9X0iP0SgZxXX1w33Isc5hfYvpyMr0kCrqUh1YAyXVBHphX/t/qXo1tcaWRrPXMx9fttDnQP6OjPnmyDESXQGj6ebNPmITTm1sogoYX62m/JqCVU8eALygpS7Ac7VB0Ijx+D94190kb/OGoweq40VheehSh550LaEjJBLXFgLf4kXuIE3znhTcDjBFybcj4p63Pnq/QfZoZviO8YD+QT4mGD7ouYvgkYw8nwXuqI9gSEwI6arQy/gB+vj83oaKKVbF3lLuTq23/9sWHcHxOOTKnLBHH3xdJ2zDdxQ5RnpT6oLCXScXEIPBPQxscNMr2s/bITowo8Xe+Jj2mgBFda92DFdkB2v7akdwAkHco1zIT05o4al2VydUYqsOnyoO/farWQryGf0kSAmRgO01B88YJgSdmMC8OGA1ET42UesiSNqEloveq4NTiGgF6M1OxWuf+ZTZlaSEh1iF+66ZPh97WvifTJU969K69Z5eaqwxu2P4xEoOoYpBxASyHfcLbfcFgxl+d6wqg3FacquaZWsqp7EUs9nhf9l79WLyolB63XK9wTmTGdM6e4qtX+2sU4h7VfVdSsrC965Fb/J7A/t5l6yQ74vc9ar8xJng8ojRFT1w19DdU3QlGOeZPMHZ/2Oi2V6H7up0oKn5pgkj3wabt1aL66WCyA6Rx15gAr4bGSD0GRjmtEoitT4ms0yyWUUq8gteBS3OH77ScD+4bSqd0u3GeokMszl/wBymRwalkXp2lR68Kwc+QRNnqVbXnzNU6OCjkZGZX9b+ZO1Hkix3HVcTaiVKPQRTPZp35lIx78W9XUmO3PKqAVd7JXis8n/hzMla1639/jc5LWHQfdQz2pFnLcV0rn4sN0Uu015nHMekk6liyRZceIRu+OnOvlcV3U7cXjJ6CsK3c2CU5et5wg/csTORAFD5szgA8uigPUkUc2LVys6hGp+SN+kegTKIcko+2XRL081MFP3/38P9x4Y5ZRKOnDY+qDMcdMaVm6nWDiBmboledXK2wOqseh/3c6jZzbmiBkRRAr+nYhq7Q5AUWe2wxfUtNRFqp8oK7mHNTfPwCaK1no33ndvzr0lBrmmzqAHDL1Vh8JKkwj+jjnw4Y8skGrC0UFwHuPj4OxA1NBmFl2sLL1HJ5TZEpj9bLWtmM4hO+1xlTfZXEKlCQUfH54SDOG4k6aLX6kgZgBvZVoTq7t7oUfEGYarXk7h/h7IUTqKamM2AedaiJ6bA8ubdY+x+fL4oMWT0/dDAn5ZWTB65DtPvY8ghmt5X2E3gYy/3/GMS1J0BQgoB5qghYTSbibvUnhkPfWWNHSDeGfnj8nhE16y7W9Rb,iv:WtaanPJOKnpB99Rkq5H+lI3n4OClKi+gV4ZWKyLnzl8=,tag:7D+iyI7Lv1IuMn5TV3LYRA==,type:str] - known-hosts: ENC[AES256_GCM,data:iF9eNViKTHfIIRoixisnTkHOJ0RNv3/GYPscvsdyqiZXnz/bF+mEJk1gtChHLAVfMpmXIJNFjrTqnNxf0iZebcHeNSwoHevmTwPcmdTNbibiaE3MiceKE5VBSyDRVPzo2GeN3lyu5OAHpQ9GP4exv/0iEOUjfoZIxm7n+AJBnEbYGVfwnrndTML6TdQ6kFhFI3xZ5DURlEgPLSskqTpHO5rGXdgVm4VjNzevsgT3UkbJN4v1vLWE/Uhlgqy2JOKdU8/ZKKbWdWyKeCUU5QXsEJzkJQHxH7/6zBYhXYpNhqlTU7TsL2ZxXS+SST7fgGfQS9LALWL+nyWcRG56K7QyTMCkrkiR4dk/Tij2SPQmfPD5ulhQNbCW/dO1xjgT8rR6yuSBwR1HLdErCVGniRt8CHhckG7M3sM+w3lV0QlLjzcfDRtHzatSVMe3i8e0ejeqmvlvMxC9ONOCk4Bus9cO2xHgCICQrRsn9yQEPw84mUlMFziHe8fd34OX3G6maOD0By4VgpxN1A==,iv:alnMdpLN2eLVSnVM9CB6Qh/l84rU9tkkYbvri266u+I=,tag:tCUg0nEqAgkERon/I6T4jA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:WR9L4mDvEa9f1g==,iv:XCv7od6tDh117LCLdpdQoWYd4a4wtbbTKVzDXjH6d8E=,tag:+0C0+OH1SpT0JRL5Nc8e6g==,type:str] - credentials: ENC[AES256_GCM,data:1ebyTUVWzory6o9/RjVlg7bh9hvhuoGT9U37h//FPPSXW50I2U1TQ1RQPzsj1tl8,iv:IFhNlXQLoyLK3YM8F1KPVCg2PJq++Omqbj15BhtSz1s=,tag:F76QBXWTOBBpjaAv1gHOlg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:6vyT3ERq5mud,iv:EO5fxqQ/OHaPjOoopH2Wlj5h9lvZCzsBvXOWJF2eF38=,tag:TKqPvp3lr2B0f83JB5gnUA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:yBwvnita6FiARU2HGw==,iv:i9p0XYLqLMwns6zyPUF8il3up5jljq7EraP788VPNI4=,tag:COCT7Xk1aARWMoZpoAT/Rg==,type:str] - mail-sender-password: ENC[AES256_GCM,data:/QvjVubqspmmpTYqDrOn2OQ=,iv:R6aop+QmWN0IugqnDdLrH7TM0U0vSi8fC4nYgBNfZ38=,tag:UvotghGajRu9XvTy44ILHA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:yRmvC7AwgBju4BlVWGvYE3UUjfX5LIpHCwCNWw==,iv:iSIu72gGoAGTrEHuoNFyVwdQufrGOOUN2TRCGH4Elxc=,tag:DyYQGJAmqkLZDlWeeAJAKA==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:w0NIFmMiv+t277pcN/5DDQ==,iv:eY790whfplCmrfFMNqGIYBbaXyWpqZyFR7Q97btWP8g=,tag:Ic+bUz9w8fHAK/GctYmIOQ==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:d2lQBblwoA==,iv:TWVqofuPPph0xy/0cqINey/8xaDQDgYVmtS20jIc0ec=,tag:+gp5IK/LED+0H8E3VSBl9A==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:cnF+0tei2w==,iv:w8sdD/PAkX9tFtfFMl7+DFGTcjm7MPBqZd4X5bY/lk8=,tag:/+6z4W1HXkEXrjYrTw2S/w==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:lWUk9orrt6YoF9WvLWzl,iv:+Egom7aAKyw57JbMxSQ7pjN2Bo/4IADoBm2t6QgWz+Q=,tag:af0MuxNlzjpxvUOpC0tkaQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:noJww5IdHPYORReBxUd10huApahd/acbjenuKji38ss=,iv:ec3fieABIWeX374qn/0U1ehaTlvmr2/xvd/V9RYo7vA=,tag:bfNcqO/fDGgoB2O53gRoDA==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:hjI1j/8m,iv:8oQlDwyjr7cwQlBErZULTD+wY+Jl5M1BGCcCtMdAIQ8=,tag:bcImxFUcmTT4QfvHuSUD2Q==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:He64bg2M8cE=,iv:Y7+o9xCDsxhiBlm8S/YTLLugrG8XCSBj0F39hPvKrl4=,tag:0JWs/tAXIj8AXgINGF+bsQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:16C/A+0sllYY+hE=,iv:X4JwcZO/Q7psJTtfLSACqA6aV0Z9ApvWQ4GAFtn4ZBI=,tag:5CIvw/Tco3I6smZ55YD58w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:GZi4+KqbKlDj,iv:IwLFHzPDJLUspIKJs/ranwkccq8YahXmnPvRbTciESA=,tag:B2BaHIl/dM4U35/qSvyr/w==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:vNFnKrxW,iv:bOZRWetxWZ5f0pIf/FQiU/jmZHTAQJ672MCXi23yIIo=,tag:qN7CDb6ieCij4ox8aPYK2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:ThKpIf4f/vLfSEUqQlMrASr6ExQ=,iv:bmvgx7zvWefvlzDSXvDI+nxlSvj8wPWIVP4l5/iHZMc=,tag:xwfhH4Q0ezKfpzXYzEWawQ==,type:str] - clientSecret: ENC[AES256_GCM,data:UjTwDHezvfF9QxHTQvy3kdv8O3IGzVhTujeYYCq4tYtbAZ27Z7dDxw==,iv:zhC4DNiiBM7X/3hx/hcBZspd0NO4qtspqvm9pECN198=,tag:yDmdFql+NxMUE/1/sQbSPw==,type:str] - cookieSecret: ENC[AES256_GCM,data:4DA85xVrN72HhPU/Sp5o4lbswtMaplcm,iv:kJ8k1kRNgCo51T4vuVc6QPu1rhTtlWR3RTdtgydr9c4=,tag:EWKkxgeHfouO3wyN9+YmJQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:IBqj5kcUZldNk0tNipgIIbd+Ct8=,iv:ww3wyNdF9jceZ0BTE00RZ9MAQAdVCX+DTNWQvbgxUzo=,tag:pvYlyCKzfTWCsrRtcReX0w==,type:str] - secretkey: ENC[AES256_GCM,data:0lv+Q47eYD0VstjxcnYdnvSVybs16S9KcUkWQ/RCINAMtnQc/KvQew==,iv:SRqO/l+z1C/37yW67ZtnbXrkvNemuqYV9vQsVysjCRo=,tag:8tVhvEpkfHdpmhQ1aOx9uA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:JUU=,iv:BbFbDeBfV4kV8VxrqvHG7YMHaHJmeTjA56EPJzAmnpI=,tag:+AJdJhGuFxTEF0tgNoPrEw==,type:str] - route: - receiver: ENC[AES256_GCM,data:UxI/LhetNhdpGJi+LcSNH37kMQ==,iv:MobDaa/Z0Zm6vyijz173sZdCEZ6ecrPewbN9bfkoTG0=,tag:U964+DMYa6cPUtWWjVTGlw==,type:str] - group_by: - - ENC[AES256_GCM,data:R3AkQchWYUaz,iv:mbQeXKZKyFtl4qHz7UJWq2vvDeBIUr2AkE59/slvv3I=,tag:KEb7VgRRGs3gCfWU0PlalA==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:BoxCCB2rVj0SqGtb4pDiIMRkMg==,iv:NcF945tWgCCZua5XB2oD/FRGK5SzgTJj7fdVLp713Oc=,tag:zE2MpxQJK1alwweTuxbzeg==,type:str] - match: - alertname: ENC[AES256_GCM,data:GqpilmCu5+s=,iv:Z6mGY3RC+jt9iwBRbiCazdnTDE35bZjBfWPLmre1Jng=,tag:3qBjS3A0yQ4gX0uY0zdQXg==,type:str] - group_wait: ENC[AES256_GCM,data:jVtL,iv:tuP/+Gkz7UIn7TyOubi4K1FNcVY1DUI4j0EPgoM0kVY=,tag:F4SWBKcYNbh1fPeTRibIZw==,type:str] - group_interval: ENC[AES256_GCM,data:wMU=,iv:ZT/ktcUmKkTQum0ROhHJj1vk1twFcRMKD09WrJquWqg=,tag:TEo4uTP4jMiS2qwVyslnIw==,type:str] - repeat_interval: ENC[AES256_GCM,data:gCXj,iv:MWZ+a0NO4PyU01HYcuirXkiRcxM/9g1L0BGNXgYaM9E=,tag:Yvjwo4yMP0R6+F8ODV+EDQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:FOabaZfAG9ft6zPia++ohkA8tg==,iv:GyQj7QZa+84JCDSabyQNeIF6Ml6FIvECBH1Kb0eeVIM=,tag:ckEKlVcUHtGB72+HNGiexQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:e8gbWw==,iv:8rAqd4fCUXhdHPG+VCgO41SaacBYwG0H1+SWYOe9q8k=,tag:dF+4meveQdgi30m0fws/1w==,type:bool] - api_url: ENC[AES256_GCM,data:p926IIzciYgMPrssOv+e9U397NilqjSon2nQKxTsKgf2ep264AucdLujp5DcxncCZN3u31UW1V7RE90sRPsTPYFPAWFr8hzPcbnpLCLKbA==,iv:Jsc2C8o6AFPevXuMsUyWQ7ytA4kZ1S0jr80doKUMJk4=,tag:yEKgLcG/Pf6RvpFPVlkqAw==,type:str] - channel: ENC[AES256_GCM,data:xiJGWhZYcHcbjCGDfVdrYcmXWyMLGQ==,iv:ByuCVf4BxKfH5Kkd/ZA8elGEnKt0gUZ13xDVZRKf4ro=,tag:xQTBTIp6SR8+io4006Cj5w==,type:str] - username: ENC[AES256_GCM,data:a68536lKBJZzof9v,iv:kAjAUFTASg/pdTg3O2//wsdQmJjnfqPlm+TPUOjlvxo=,tag:Mru3VoCBlRq8jr+HAJWldw==,type:str] - title: ENC[AES256_GCM,data:HtTnyBSDgoyv7JyTfq1mMkFE3J7EAjC/VeS0kV9sXI1mCr9avqE=,iv:2njgDRwboTxokA09MEaCGjwoh4P7aXqs1tqWhYWbBlw=,tag:IPxv+HJAYZTgDB/L8K0oEw==,type:str] - text: ENC[AES256_GCM,data:fYRwKym+cn131Ydg/5pkhx54FnnDZvPpxDtDsdSHCzzLo4NE1g==,iv:rHsL3MlNFZk1dVxyOa5oV3J5A28kMX2GafwgJheqb2A=,tag:fqjFS50tm5ukJiWB19o5RQ==,type:str] - templates: - - ENC[AES256_GCM,data:+7mnMDj6AOyyd5qbEOdqyM97199oWL4RpOEN0ufqHyKdUrCwMl4VcgyFJ9QmhHN7JOcXtQLTeyeaHmkCydC1woGhusoRQZU=,iv:Rf1kxTJVFATrMmwI9fFfESh9Qn0B9w+MipRA2ZbLlys=,tag:KfIpzb9g6Hm59R4n9zZc4w==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-12-09T07:54:40Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHP2zThqh4hYUH8ta2FzGNbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMXn4pgkdSpfmYcrTQAgEQgDvJVRsHBMliD5iQAnsxH2rH1NK1AqXRb4efFNYofSJ/GYyouCXSFlKOiDB8XsO9PUlmhfm7N74GlLzHFA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-01-13T14:39:10Z' - mac: ENC[AES256_GCM,data:sDKNHmY/rlmd18L8XI2toETeihfVf752MOHZdgdixYPkgVw/T7G7ut38rJLxL6ri+/z4aECqD3gExbnHCrQAdqBihbxx6qivO9s5GLkrB15to10+rIIWLrv3ACiF4vUvE2Ripy+F8UUg/+vCDraPjOSeds7hk+mRGtaX74i3PKk=,iv:YYhFpSwjAN+jX4Vxb7Xu0VQa/vdLR/4oJhaZ5P4xfE0=,tag:dAzblV/6EPzy0zB5/C/Wsg==,type:str] - pgp: - - created_at: '2020-12-09T07:54:40Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/V/MIe8FgBocevO+gPrFAYmbF9KOo9bXojOfvpBNfkTuR - I/aicOEyFHzdKmemp2uUNnUMztn0bbL8rtPLCLfMC/9QoGYcsp831vpNVEiXx/Aj - 56wTgJQeaDjvpHjlOlIArz+si3xR2jy7virLKIoxkpqXZIGtyY47y4q2aGmscZW0 - nzjyMMzVTm3MCArRToHGvF14xs9X6mBMP4t+d825C/AP5jCP0eOZ66e1Sab6kXgj - 3oXEf2B4zg2warj3mauATa7GiCwSzYBzFJBLVNpNH35Y5k8vciWUoahAXVJCPA8K - xLSI+mc0NWcQGz14vJK5+eK4R0Mbi3J0MXzL8AH8S9JeAWamo/xFPxd+eOoeVN4O - b7DmZFV44G9MsrKq/iz5YR8LEbWevC6ygl5dwuE/gMlwamuBwkeND2Ygo/9zstls - PnIks0opBB4KjTa3S6HOavCRYEZA6PgxW8E04FLtMQ== - =wijO - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/up-dev.yaml b/deploy-as-code/helm/environments/up-dev.yaml deleted file mode 100644 index a98e0f5d52..0000000000 --- a/deploy-as-code/helm/environments/up-dev.yaml +++ /dev/null @@ -1,681 +0,0 @@ -global: - domain: mseva-dev.dlbup.finance - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - rbac: - - role: user - namespaces: [ egov ] - - role: admin - namespaces: [ playground,egov,kafka-cluster] - - root-ingress: - cert-issuer: "letsencrypt-prod" - configmaps: - egov-config: - namespace: [ egov ] - data: - db-host: up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com - db-name: egov_dev_ms - erp-db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/finance_dev_db - db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/egov_dev_ms - bpa-db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/bpa_dev_ms - egov-services-fqdn-name: https://mseva-dev.dlbup.finance/ - egov-state-level-tenant-id: up - es-host: elasticsearch-data-v1.es-cluster - es-indexer-host: http://elasticsearch-data-v1.es-cluster:9200/ - flyway-locations: filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2.kafka-cluster:9092 - logging-level-jdbc: debug - mobile-validation-workaround: "true" - s3-assets-bucket: (up-dev-assets|egov-dev-assets) - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - namespace: [ egov ] - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-up-dev.digit.org/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - is-nfs-enabled: "false" - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - minio-enabled: "false" - minio.url : "http://minio.backbone:9000/" - fixed-bucketname: up-dev-rainmaker - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "egov" - sms-sender-requesttype: "POST" - sms-extra-req-params: "smsservicetype=unicodemsg" - sms-custom-config: "true" - sms.provider.url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms.provider.class: "Console" - sms.verify.response: false - -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa,filesystem:/flyway/test" - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - tracing-enabled: "true" - egov-state-level-tenant-id: "up" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/up-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/up-mdms-data" - branch: "master" - mdms-folder: "up-mdms-data" - masters-config-url: "file:///work-dir/up-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - db_migration_image: egovio/egov-indexer-db - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml" - -egov-pg-service: - axis: true - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -egov-custom-consumer: - erp-host: "https://ayodhya-fin-dev.dlbup.finance/" - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/egov_dev_ms?currentSchema=egov_master" - -finance-collections-voucher-consumer: - erp-env-name: "dev" - erp-domain-name: "dlbup.finance" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - es-index-name: "dss-payment_v2" - topic-incoming-collection: "dss-collection-update" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "false" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening/shortener,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -billing-service: - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - receiptnumber-servicebased: "false" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - spring-datasource-tomcat-max-active: 5 - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "604800000" - -property-services: - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -tl-services: - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - -egov-hrms: - employee-applink: "https://mseva-dev.dlbup.finance/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json" - -egov-weekly-impact-notifier: - mail-to-address: "subhash.bose@egov.org.in" - mail-interval-in-secs: "604800" - schedule: "45 18 * * *" - -bpa-services: - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov-dev-docker-logs:1:1,egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,works-remarks-createandupdate:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,res-custom-filter:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.2 - } - } - - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovdev" - db-read-username: "egov_ro_user" - port: "5432" - env: "DEV" - maintenance-db-name: "egov_dev_ms" - admin-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaf86/kH98DUIJBFNGONunAk6cfAQbSQixx7e39d9b6PRw==" - admin-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dsCFao4tSMuUn1IsCV3xF/w==" - read-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaenUsd0exiBLoxMfV0VcQlHVSPFLgDEgjn+1vscsbE4MA==" - read-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dQNH16AY233NAiT0yGMnyZg==" - -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "up" - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-008139b5dc50f7fe3" - zone: ap-south-1b - - volumeId: "vol-0b0e8faadccd53a4a" - zone: ap-south-1b - - volumeId: "vol-0b7cc7ab003076c68" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "2" - -kafka-connect: - image: - tag: "5.4.1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-01a557e346d97d8b4" - zone: ap-south-1b - - volumeId: "vol-0020208debdedfa93" - zone: ap-south-1b - - volumeId: "vol-0a53b4fe4d1e55c36" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00681c214e7299d0c" - zone: ap-south-1b - - volumeId: "vol-059ed92462d0992f5" - zone: ap-south-1b - - volumeId: "vol-06af849e38ab43443" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-08ad9a10f2f58573a" - zone: ap-south-1b - - volumeId: "vol-00dad351f025ff041" - zone: ap-south-1b - - volumeId: "vol-042680ac8c0a45f3a" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" -######################################## -kibana-v1: - ingress: - additionalAnnotations: | - nginx.ingress.kubernetes.io/auth-realm: Authentication Required - Kibana - nginx.ingress.kubernetes.io/auth-secret: kibana-creds - nginx.ingress.kubernetes.io/auth-type: basic - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:UP-digit/configs" - branch: "DEV" - -minio: - mode: distributed - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0918a330ee0a52886" - zone: ap-south-1b - - volumeId: "vol-0f4deba6cbe49f83b" - zone: ap-south-1b - - volumeId: "vol-04b9f22ca6f7b2702" - zone: ap-south-1b - - volumeId: "vol-0636e1e6836d625ea" - zone: ap-south-1b - ingress: - hostName: minio-up-dev.digit.org -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "up-team,devops" - upstreams = [ "file:///dev/null" ] - -egov-finance: - dev_mode: false - -financeTenants: | - tenant.ayodhya-fin-dev.dlbup.finance=ayodhya - tenant.mathura-fin-dev.dlbup.finance=mathura - tenant.mau-fin-dev.dlbup.finance=mau - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl diff --git a/deploy-as-code/helm/environments/up-prod-secrets.yaml b/deploy-as-code/helm/environments/up-prod-secrets.yaml deleted file mode 100644 index fc23ca78a4..0000000000 --- a/deploy-as-code/helm/environments/up-prod-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:fDc00Z7X,iv:MJQWuKZ4o9DD1Eluw4cewOyEP/qAbwLRZ2thn51+JC4=,tag:RF0Pe3GAY65o7ppBjfYxgQ==,type:str] - password: ENC[AES256_GCM,data:thFwLI/lANS2oKObA1jB,iv:CLcjTE4QmIlT3XgNRtBT3gbNvvo/IpXZzA3SX9VlOnE=,tag:tZlVaBQJKgGg5B55/xkusA==,type:str] - flywayUsername: ENC[AES256_GCM,data:u3BDiOgR,iv:HShMgcsTtjtLo55duYEKLXm2mSaeYgfvKZRIQEGFHs0=,tag:Ltg1iMws03ZG+PmiP5Nukw==,type:str] - flywayPassword: ENC[AES256_GCM,data:kYpNTtyRn4l+Mbl1o8nk,iv:ukfu0UR/Ln/c0Us95mUhgqgcZQiWHnhDeazXvJlG3HY=,tag:KmP7kfmjzs2bdFshhg75lA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:3CQwu2fKlg==,iv:f/5LTMGHhBu0xatJK30n+Iv6ql8++TJGSYjkgSmE1yM=,tag:oEMF+ln2NL1FA6E7GFXE9Q==,type:str] - password: ENC[AES256_GCM,data:GXEtfaMB0Q==,iv:Xuvbn07cr9dEWqNYfRJPT6GaTTK3lqSPx1UXfR6tyfE=,tag:xHeNWMsIXHUmeAj5Jw8rAQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:a1sRqaUM+GyBk+VUDJA7obmzxD8=,iv:LUxiCJ5yjJgexDS/hquIQKSuwUMQXPrgO5X7is325xg=,tag:0gLD7vkkP2+vbeCdCu3o/Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:tczOufFg+sfS9VaSg8e1/+nkDRbVyHJWUAoTcoapjNoe0A5uomyIrg==,iv:XAevtTbICWsRZTfnzv2+RXtBOlrwX+jPhgOgbvM31NQ=,tag:BVZvZz8w3Skgmplu7zOUTA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7yuCYF5PxgQuMlx9oslJkKgkPuUCe3rzMotHeiAXXN4EbFTE1vHq,iv:mcV+JSqu5j6Zk7aF2gqWpXHMn1f9xl5BGpFg/W5czTQ=,tag:mZCEIwrt2/1rksI+p/23GA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:E8owN9JQSDOHn2TMMD5HjQ==,iv:qMsRgsvBuemsIT5X1l2snjiRbjBOKNvClq3CmCOJhDQ=,tag:Fy8180fLdcI4WGQ6BDlwQg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:cVmnXc4aYQ4E5LZFHUT6EYnz29ns8FqujDMsVSAFc78=,iv:1O6PwQ7Wo83Vb5FSlzW4Mg77QZ2O8H3BH83Pb13ciT8=,tag:/j0Hm8dgvIFVIGyDCifwng==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:fa1+occ4XdomHcajkTOi,iv:w1peH2mg6YAVJJuHi62O9elYzB/e8SIc3zeavqFgiRM=,tag:AJhSHu6+sG3xKcmgpljSdw==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:MktNCALK8KeSEoU=,iv:zvxHZwDaK85VJgwAVchUvzqBsAOeiwRyaZQQOY0MC0Q=,tag:L1Q0lcIKdrAj+Jjk1/9ZJw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:Qp/nL0rSJvc=,iv:B9FMV+jh3USPdfPmkfKACVHPwOVn1L4768PPb9ysCbY=,tag:tIa2dMx09NfTP4Ii+Mks4Q==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:lxI50aot,iv:7PkiEtLLTadkopZoOn83FQypImK8bgfVc4UZ4BUSuIs=,tag:dNcQUpNNdC24QX9hYB9Hqw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:NgYxb4lEiAQ=,iv:eQvQDfabS9fJgDts/b4JY6xobeHdr2lnZ8CZ1qhhqHY=,tag:O4Dtj9MaTRnvzhbGNQMdXQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:KjRLmD4LWO16UxwUyb+D0fnYIhOsoUy6mqI=,iv:/lT4452JPA+gTGGaoVNZ8IGUzLWutHWJgC0f01IxPBA=,tag:wGiqR0JatwgO/Dha7DCnDw==,type:str] - admin-password: ENC[AES256_GCM,data:zlA6XoSB9R4nFtUi,iv:sfhMAn+F8gWn8UTWZqn4FFFqzJ5zrQ7rDw6qB21v3l8=,tag:iZ/wjAFWSDNz8Ko0HGyrVQ==,type:str] - read-email: ENC[AES256_GCM,data:0DLWzSJA3sDTRF4TJZOJMFIB4JRwk+/gsg==,iv:Hx/ow3OVuMqbWrSxQU6BvuHv/nzCyb9fuou2oTTS1GU=,tag:Ka2tMDo9J8L3J1pammF99Q==,type:str] - read-password: ENC[AES256_GCM,data:oWM8rwcxsvJJ9dV3,iv:BwbNLUD8wmQBUL2gqCLvowL0XA92PLfMjNZfbZ3xrXk=,tag:cj8AfTy3ODUr2KpwXJn5xg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:tCOpbd+++ioqMOHdr4e1ww==,iv:0S745VsQDfNimPoPsQ6DXw+1gldDGrP2HCY1H7gb/2E=,tag:N0AdY5AmtrHDk2YiqYo91Q==,type:str] - master-salt: ENC[AES256_GCM,data:IMrzAt3j31o=,iv:i+DApG+iDLjsaFnGpt59toR3KybwVE7nbwMwjqJueW8=,tag:WEelHlAGaYBE6Uqqpcv2Ig==,type:str] - master-initialvector: ENC[AES256_GCM,data:Q2lvUoEe0D3bh2zH,iv:uw3lhfWnD5JsppqwWhFjayyZvefD9m84uR2xKO/dvr8=,tag:hsmq9Wn8YDucFgnahpUm4A==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:Nc+qU2fC589YyOfs/+pO+/vhxotIQ0PqVdt/6Vg=,iv:X35zhpw+rfTzKbEGX9qRH/M1qvKlgdN2KIwYlopqcwQ=,tag:p8jeWikhg7IcG23OveisiA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:m5jmuIRomkPr0HB7h8/AtAma,iv:MHZ8nVHtCdfkzFp3Jsnlz2DnHPlocShfaNIsK0TWOXg=,tag:chU1WelwIQ+OCbNz6OkrwA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:ikfXHhuYnEU7LdD+7h/1ZJHTAXGng4ZC6lLH61YzDn5zujI3udfOutsK5Oleqc80CUtVI6q7IZvgynJby8rMqr7EfjACOKrJMdlr78Woycyjnbfjymd423crgvHBnVL312+4PDBZ95V7acgJQ7sZRr2PbOjz1mhUfvb/2A11/Wee0V6EusJNTXFxXoBcPWIFiYj4BoiT64rUUWwH8YaGD2ZpypC+Lqx6FQPJQ3JnwFU+x9P0qH9oiv0kvKTyQ+tnkiVr64e86v2SMmvXe8YvUGHKG3lnUMmT5vZju+6Wbt9sjl/uT+L4jnC6qA4eJvAVL6mYniiDVbigKxin8N8Wm8FzOB8/3hFecyhC/6PiHK7SuAto0nPyEDudSsHcRJrq0TkMT5hXhIaD/YmYEuvkK+3Bo5wFeX4R771Bx0CCSCU+GH0ziC9zoDocKA1zx+K9kbWpj6ghR1KSIB/HKxncU4j7P04At+RK8hChGZotxi9NMbbVWoJftlTwiBdgO1tiKpxMlBMUMwTi+PPA9yXqhgVLX7dP7p5gmoqa7M3aBxFDfHljNvkdDh39K7or9oxNqyy5Ya2WZNRiLY5BEb14NSUbxFBi6hyaDCqa1YXzCaSr4EsUWYU/saU0subFmK28zFCrgK+BtpV2vB0YniVw29uwxyykMPxIT8A6aoq1M8pjE7F7RI7/dPMnes/54ovUf/EIdhTpGEnFUtqrZqoYnt62UQ7000i5THHb3upcSXgnw/hDYwB7gHhrswrY45/mY3Fza+4DU2+5aqbJg2aoRTnBqWFiD19jTqithlzoxlSXStEr8D6WwU5U3Ny2Qk4ALyNJog04qqWA320o54VpGJl35d5wK5jIuIKNgZfgvv2KMpHmfcEVDxPpNh3jTeMpMArQLwmqDmMVvVk+Nb7fM7AVaY5+5mQqG16HVz2GvztA1aEZ3cVX52soVB6mS2X9IO78dCfryzNUaXmW3i20mv8CBITkVJuQO+JuIwvgY7NgE8B57cc1WzPKR1mToOwJAkcpLnPxvrbpYfYwg3wiFUqoVNBwvzYHA8/2OjpZHgpoFgRKjzycdGQuxBlGQmlyMcNNxkfZ4KxfPxsFPkMWCmGe92ljC6F8/AGMul1nNmL9Jz/UITIGgwJXOjm9N/U7Gsllg4TMWW75+aQWrx825eINaKB4E1Is/tVoPuqxW/5KFbIyvf4y7pYX2AlWhJaB9SQuVezGQh0Q8foDQEtKUnKhJIIF+4y2c8AhSoHP4KZoiCrWY+uyMwbjrlhBYaK4dcNdAXSPAKRlwjycGiLAbJETmfMaFzB0A3hbrg9C4h6MQ5czmgu+mE5rrcIyU/Pk5LkMbVB4yq0W3wQxSdJGB/EbA/XWbFMnGjOwjwEiLTnNWjGvqrG1q/A9effw06cQaJXFKE7ZQDQwA4k+tMUNxpCa5RetXonlUjJ+9MPakyhhEbsIYK5QH9EkBPeiQzcpwg/ctTfvbO3ZgRwmQGf2BBmToAbI4f7934t1fVUCFWNcKRh7lCi9Bhl9PDGx8yOiWc1hRvXUY2E9iiDE2ULyp0nrqkDksORxJzclf6p5z9kprXcCHCRyu4hixSkqfIjOIINXehnwC6KRWEWGA4MSqx5TZu4rG1u4MalFweRT1t7Ae76fPh2fVkOU3sWorBe62TwB25uFwTxu9N/oAkDXmtZXhbpATVBkCKAW2DXdwhGDoxXfWQnQStPRzSqAQ9B6WxpMfqzi1siECzjFIx4DGKSRdVEeqLpkV2UiAiBMR+vPVPcepV5yWEZPqWrfRXtU/VNCWtgN/J1JQl5KW9w7AZc2mxYaUiHRJzgEA1Zg70S6+HTS8F5xEJUkzMz811sHEzEolGO55D2wAcMh3/FR6WX5V/FpuGXDjm+mEvYB2txCuQw9zv1jq0i7P/b2FFHYII25TtoEqj9KlTy3Q/SI1nXm/s2tusC5mJh2NrePYvaRUKL8KFyfWSlo7D4LT8EgPgZHVpDnKZtTO4IrGTl3btRCZ3MtmEKl6PPBXlEMCGhEYE9/Ra3U27Nbn0Q4KjTADdrzdlwM9SSi1EGuMsTbrXMn9f3Ey3cNe/gOrefLYKt2AbpqUacsAzgxwgOqSFZo3zLxlJQTEwthKZvlQs+AHNa0oV688w0mG8vU82UtGhvkMsBlO7IwWHYtamGjRR8pH5sZAjwEbKcNq8sZMJ0uGUn/FNAM9vLCSWGEZ7PM8C4JMmzhtvZeJnGMRDmWWe4bUtsg2ZDZh3mQ5DlKQWCFgF/Nx85H7S+UjRpfuv/xlht/N9sV09iIVWihX+RJYk8YROyLIUjg9ns2QKoZWY+dcuYsbDNJdktVMaMtXOAhKahUvL0XBDg/5/+8dPWQmCF6nbyXWb4yKkFyHvGNtu4VgLoSY7II2sTVPAxyRsAo9hcXnFbHvTPO2glv7lZ8NpJ4IZdBOLK9fCMHVL2cgPK5J5hLEQgNIkLXnOoHg6hS0UaS22PJVfpx9EbQdCNT0VzDWdEc6JrJl5J97lGXCBQ6hX/O05Yy5HXY/mLt5yfK9iuplSU8IY4grpxU4st3LPCBiqLaNuJJiJLec0vZ3FCZDxbgpWLJ5eop3ZYKzYXRrfQz9DdZGqwvhzYOrIPkhYRQU3TCEIK24XneHWPJSMR2ybWmeMfSq3MyUOwxhr6XEq6skLTqkMb5T96jE/r7FopT0hEIqhJkHKfjm3wSqdnZpYqf97pIg6JqixgYSk+YiAJr/V58YOZ/YrfhOYig+Q0DZPl2qu7lvieAzqdtGYkzu/oNPLKcBxhpitZPKvaqHb8jf5/xibLpRhpc2iDjXfB9UR0hwv8M5sZ1oxBnuAVW1vs5s2vGfl2d1qAAwx2uD6oQgCRBpulJ5lrbpm4LgbNntOAOMpUtEDmz2pHn+ZIct/0KIURJ2CTLFAGSQ6KttbfF+rSI2GdmeFuQi2VhpGhy4HVvzXkBkPoEQsilbK3Oi+Y0IAEvLnhu5uz1aF00kyf9X0iP0SgZxXX1w33Isc5hfYvpyMr0kCrqUh1YAyXVBHphX/t/qXo1tcaWRrPXMx9fttDnQP6OjPnmyDESXQGj6ebNPmITTm1sogoYX62m/JqCVU8eALygpS7Ac7VB0Ijx+D94190kb/OGoweq40VheehSh550LaEjJBLXFgLf4kXuIE3znhTcDjBFybcj4p63Pnq/QfZoZviO8YD+QT4mGD7ouYvgkYw8nwXuqI9gSEwI6arQy/gB+vj83oaKKVbF3lLuTq23/9sWHcHxOOTKnLBHH3xdJ2zDdxQ5RnpT6oLCXScXEIPBPQxscNMr2s/bITowo8Xe+Jj2mgBFda92DFdkB2v7akdwAkHco1zIT05o4al2VydUYqsOnyoO/farWQryGf0kSAmRgO01B88YJgSdmMC8OGA1ET42UesiSNqEloveq4NTiGgF6M1OxWuf+ZTZlaSEh1iF+66ZPh97WvifTJU969K69Z5eaqwxu2P4xEoOoYpBxASyHfcLbfcFgxl+d6wqg3FacquaZWsqp7EUs9nhf9l79WLyolB63XK9wTmTGdM6e4qtX+2sU4h7VfVdSsrC965Fb/J7A/t5l6yQ74vc9ar8xJng8ojRFT1w19DdU3QlGOeZPMHZ/2Oi2V6H7up0oKn5pgkj3wabt1aL66WCyA6Rx15gAr4bGSD0GRjmtEoitT4ms0yyWUUq8gteBS3OH77ScD+4bSqd0u3GeokMszl/wBymRwalkXp2lR68Kwc+QRNnqVbXnzNU6OCjkZGZX9b+ZO1Hkix3HVcTaiVKPQRTPZp35lIx78W9XUmO3PKqAVd7JXis8n/hzMla1639/jc5LWHQfdQz2pFnLcV0rn4sN0Uu015nHMekk6liyRZceIRu+OnOvlcV3U7cXjJ6CsK3c2CU5et5wg/csTORAFD5szgA8uigPUkUc2LVys6hGp+SN+kegTKIcko+2XRL081MFP3/38P9x4Y5ZRKOnDY+qDMcdMaVm6nWDiBmboledXK2wOqseh/3c6jZzbmiBkRRAr+nYhq7Q5AUWe2wxfUtNRFqp8oK7mHNTfPwCaK1no33ndvzr0lBrmmzqAHDL1Vh8JKkwj+jjnw4Y8skGrC0UFwHuPj4OxA1NBmFl2sLL1HJ5TZEpj9bLWtmM4hO+1xlTfZXEKlCQUfH54SDOG4k6aLX6kgZgBvZVoTq7t7oUfEGYarXk7h/h7IUTqKamM2AedaiJ6bA8ubdY+x+fL4oMWT0/dDAn5ZWTB65DtPvY8ghmt5X2E3gYy/3/GMS1J0BQgoB5qghYTSbibvUnhkPfWWNHSDeGfnj8nhE16y7W9Rb,iv:WtaanPJOKnpB99Rkq5H+lI3n4OClKi+gV4ZWKyLnzl8=,tag:7D+iyI7Lv1IuMn5TV3LYRA==,type:str] - known-hosts: ENC[AES256_GCM,data:iF9eNViKTHfIIRoixisnTkHOJ0RNv3/GYPscvsdyqiZXnz/bF+mEJk1gtChHLAVfMpmXIJNFjrTqnNxf0iZebcHeNSwoHevmTwPcmdTNbibiaE3MiceKE5VBSyDRVPzo2GeN3lyu5OAHpQ9GP4exv/0iEOUjfoZIxm7n+AJBnEbYGVfwnrndTML6TdQ6kFhFI3xZ5DURlEgPLSskqTpHO5rGXdgVm4VjNzevsgT3UkbJN4v1vLWE/Uhlgqy2JOKdU8/ZKKbWdWyKeCUU5QXsEJzkJQHxH7/6zBYhXYpNhqlTU7TsL2ZxXS+SST7fgGfQS9LALWL+nyWcRG56K7QyTMCkrkiR4dk/Tij2SPQmfPD5ulhQNbCW/dO1xjgT8rR6yuSBwR1HLdErCVGniRt8CHhckG7M3sM+w3lV0QlLjzcfDRtHzatSVMe3i8e0ejeqmvlvMxC9ONOCk4Bus9cO2xHgCICQrRsn9yQEPw84mUlMFziHe8fd34OX3G6maOD0By4VgpxN1A==,iv:alnMdpLN2eLVSnVM9CB6Qh/l84rU9tkkYbvri266u+I=,tag:tCUg0nEqAgkERon/I6T4jA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:WR9L4mDvEa9f1g==,iv:XCv7od6tDh117LCLdpdQoWYd4a4wtbbTKVzDXjH6d8E=,tag:+0C0+OH1SpT0JRL5Nc8e6g==,type:str] - credentials: ENC[AES256_GCM,data:e463AXZoEG4NIkgjjCjvF6NteFrzs0VtfDDGO6At+UmVRRRWEfkiGkbsAOzsjsz2,iv:aVVeM/bSHhKyjWyvGoeWy8FD0x7QzmBV5+e/gYTZ6VI=,tag:171Cqen0xfIru9KK1jxrVQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:6vyT3ERq5mud,iv:EO5fxqQ/OHaPjOoopH2Wlj5h9lvZCzsBvXOWJF2eF38=,tag:TKqPvp3lr2B0f83JB5gnUA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:yBwvnita6FiARU2HGw==,iv:i9p0XYLqLMwns6zyPUF8il3up5jljq7EraP788VPNI4=,tag:COCT7Xk1aARWMoZpoAT/Rg==,type:str] - mail-sender-password: ENC[AES256_GCM,data:/QvjVubqspmmpTYqDrOn2OQ=,iv:R6aop+QmWN0IugqnDdLrH7TM0U0vSi8fC4nYgBNfZ38=,tag:UvotghGajRu9XvTy44ILHA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:yRmvC7AwgBju4BlVWGvYE3UUjfX5LIpHCwCNWw==,iv:iSIu72gGoAGTrEHuoNFyVwdQufrGOOUN2TRCGH4Elxc=,tag:DyYQGJAmqkLZDlWeeAJAKA==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:w0NIFmMiv+t277pcN/5DDQ==,iv:eY790whfplCmrfFMNqGIYBbaXyWpqZyFR7Q97btWP8g=,tag:Ic+bUz9w8fHAK/GctYmIOQ==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:d2lQBblwoA==,iv:TWVqofuPPph0xy/0cqINey/8xaDQDgYVmtS20jIc0ec=,tag:+gp5IK/LED+0H8E3VSBl9A==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:cnF+0tei2w==,iv:w8sdD/PAkX9tFtfFMl7+DFGTcjm7MPBqZd4X5bY/lk8=,tag:/+6z4W1HXkEXrjYrTw2S/w==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:lWUk9orrt6YoF9WvLWzl,iv:+Egom7aAKyw57JbMxSQ7pjN2Bo/4IADoBm2t6QgWz+Q=,tag:af0MuxNlzjpxvUOpC0tkaQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:noJww5IdHPYORReBxUd10huApahd/acbjenuKji38ss=,iv:ec3fieABIWeX374qn/0U1ehaTlvmr2/xvd/V9RYo7vA=,tag:bfNcqO/fDGgoB2O53gRoDA==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:hjI1j/8m,iv:8oQlDwyjr7cwQlBErZULTD+wY+Jl5M1BGCcCtMdAIQ8=,tag:bcImxFUcmTT4QfvHuSUD2Q==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:He64bg2M8cE=,iv:Y7+o9xCDsxhiBlm8S/YTLLugrG8XCSBj0F39hPvKrl4=,tag:0JWs/tAXIj8AXgINGF+bsQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:16C/A+0sllYY+hE=,iv:X4JwcZO/Q7psJTtfLSACqA6aV0Z9ApvWQ4GAFtn4ZBI=,tag:5CIvw/Tco3I6smZ55YD58w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:GZi4+KqbKlDj,iv:IwLFHzPDJLUspIKJs/ranwkccq8YahXmnPvRbTciESA=,tag:B2BaHIl/dM4U35/qSvyr/w==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:vNFnKrxW,iv:bOZRWetxWZ5f0pIf/FQiU/jmZHTAQJ672MCXi23yIIo=,tag:qN7CDb6ieCij4ox8aPYK2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:4v+gqAn8B6cQyvBk6LuuCwlWslU=,iv:Ps3nTUj93Wqi5ek+QUCiWSI5Y3ojHY/olJW8zp2nn+c=,tag:kaimxUPDz3sKTSYu4D0U+A==,type:str] - clientSecret: ENC[AES256_GCM,data:F3ezQkU5sPRERIGtULMx7ea5EQ7HaLHOpXTOd2a/cNtvUPtfCKn1yA==,iv:k7hDLvsxdlPMsEzfav5rN6CN8OjQKAbfXdA2ZbdvwTQ=,tag:ycCxvhV1nayw6e+Syobliw==,type:str] - cookieSecret: ENC[AES256_GCM,data:4DA85xVrN72HhPU/Sp5o4lbswtMaplcm,iv:kJ8k1kRNgCo51T4vuVc6QPu1rhTtlWR3RTdtgydr9c4=,tag:EWKkxgeHfouO3wyN9+YmJQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:IBqj5kcUZldNk0tNipgIIbd+Ct8=,iv:ww3wyNdF9jceZ0BTE00RZ9MAQAdVCX+DTNWQvbgxUzo=,tag:pvYlyCKzfTWCsrRtcReX0w==,type:str] - secretkey: ENC[AES256_GCM,data:0lv+Q47eYD0VstjxcnYdnvSVybs16S9KcUkWQ/RCINAMtnQc/KvQew==,iv:SRqO/l+z1C/37yW67ZtnbXrkvNemuqYV9vQsVysjCRo=,tag:8tVhvEpkfHdpmhQ1aOx9uA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:JUU=,iv:BbFbDeBfV4kV8VxrqvHG7YMHaHJmeTjA56EPJzAmnpI=,tag:+AJdJhGuFxTEF0tgNoPrEw==,type:str] - route: - receiver: ENC[AES256_GCM,data:UxI/LhetNhdpGJi+LcSNH37kMQ==,iv:MobDaa/Z0Zm6vyijz173sZdCEZ6ecrPewbN9bfkoTG0=,tag:U964+DMYa6cPUtWWjVTGlw==,type:str] - group_by: - - ENC[AES256_GCM,data:R3AkQchWYUaz,iv:mbQeXKZKyFtl4qHz7UJWq2vvDeBIUr2AkE59/slvv3I=,tag:KEb7VgRRGs3gCfWU0PlalA==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:BoxCCB2rVj0SqGtb4pDiIMRkMg==,iv:NcF945tWgCCZua5XB2oD/FRGK5SzgTJj7fdVLp713Oc=,tag:zE2MpxQJK1alwweTuxbzeg==,type:str] - match: - alertname: ENC[AES256_GCM,data:GqpilmCu5+s=,iv:Z6mGY3RC+jt9iwBRbiCazdnTDE35bZjBfWPLmre1Jng=,tag:3qBjS3A0yQ4gX0uY0zdQXg==,type:str] - group_wait: ENC[AES256_GCM,data:jVtL,iv:tuP/+Gkz7UIn7TyOubi4K1FNcVY1DUI4j0EPgoM0kVY=,tag:F4SWBKcYNbh1fPeTRibIZw==,type:str] - group_interval: ENC[AES256_GCM,data:wMU=,iv:ZT/ktcUmKkTQum0ROhHJj1vk1twFcRMKD09WrJquWqg=,tag:TEo4uTP4jMiS2qwVyslnIw==,type:str] - repeat_interval: ENC[AES256_GCM,data:gCXj,iv:MWZ+a0NO4PyU01HYcuirXkiRcxM/9g1L0BGNXgYaM9E=,tag:Yvjwo4yMP0R6+F8ODV+EDQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:FOabaZfAG9ft6zPia++ohkA8tg==,iv:GyQj7QZa+84JCDSabyQNeIF6Ml6FIvECBH1Kb0eeVIM=,tag:ckEKlVcUHtGB72+HNGiexQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:e8gbWw==,iv:8rAqd4fCUXhdHPG+VCgO41SaacBYwG0H1+SWYOe9q8k=,tag:dF+4meveQdgi30m0fws/1w==,type:bool] - api_url: ENC[AES256_GCM,data:p926IIzciYgMPrssOv+e9U397NilqjSon2nQKxTsKgf2ep264AucdLujp5DcxncCZN3u31UW1V7RE90sRPsTPYFPAWFr8hzPcbnpLCLKbA==,iv:Jsc2C8o6AFPevXuMsUyWQ7ytA4kZ1S0jr80doKUMJk4=,tag:yEKgLcG/Pf6RvpFPVlkqAw==,type:str] - channel: ENC[AES256_GCM,data:xiJGWhZYcHcbjCGDfVdrYcmXWyMLGQ==,iv:ByuCVf4BxKfH5Kkd/ZA8elGEnKt0gUZ13xDVZRKf4ro=,tag:xQTBTIp6SR8+io4006Cj5w==,type:str] - username: ENC[AES256_GCM,data:a68536lKBJZzof9v,iv:kAjAUFTASg/pdTg3O2//wsdQmJjnfqPlm+TPUOjlvxo=,tag:Mru3VoCBlRq8jr+HAJWldw==,type:str] - title: ENC[AES256_GCM,data:HtTnyBSDgoyv7JyTfq1mMkFE3J7EAjC/VeS0kV9sXI1mCr9avqE=,iv:2njgDRwboTxokA09MEaCGjwoh4P7aXqs1tqWhYWbBlw=,tag:IPxv+HJAYZTgDB/L8K0oEw==,type:str] - text: ENC[AES256_GCM,data:fYRwKym+cn131Ydg/5pkhx54FnnDZvPpxDtDsdSHCzzLo4NE1g==,iv:rHsL3MlNFZk1dVxyOa5oV3J5A28kMX2GafwgJheqb2A=,tag:fqjFS50tm5ukJiWB19o5RQ==,type:str] - templates: - - ENC[AES256_GCM,data:+7mnMDj6AOyyd5qbEOdqyM97199oWL4RpOEN0ufqHyKdUrCwMl4VcgyFJ9QmhHN7JOcXtQLTeyeaHmkCydC1woGhusoRQZU=,iv:Rf1kxTJVFATrMmwI9fFfESh9Qn0B9w+MipRA2ZbLlys=,tag:KfIpzb9g6Hm59R4n9zZc4w==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-12-09T07:54:40Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHP2zThqh4hYUH8ta2FzGNbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMXn4pgkdSpfmYcrTQAgEQgDvJVRsHBMliD5iQAnsxH2rH1NK1AqXRb4efFNYofSJ/GYyouCXSFlKOiDB8XsO9PUlmhfm7N74GlLzHFA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-01-13T14:40:04Z' - mac: ENC[AES256_GCM,data:XWgXX8QmfzhVkDqndi2G/RlGPWUdqfH31ryTjoPIjck3LDfCN7Ba/11tOSgsNzJNBv/7rBdAwAWCbFws7xHmCmsRgpu2k2mKYJw5Zub+R9Il3CnaagP6LUlcv6J37UkWw452IkWx1WzzhTAtCrbhil6+RLoN8SuROCjsfteeB9A=,iv:KySgHckg5elD434Y12aN15PTJkoHttu1CTjfPXv4UiE=,tag:G0YoKP2bXj8WyU94c0v6Pg==,type:str] - pgp: - - created_at: '2020-12-09T07:54:40Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/V/MIe8FgBocevO+gPrFAYmbF9KOo9bXojOfvpBNfkTuR - I/aicOEyFHzdKmemp2uUNnUMztn0bbL8rtPLCLfMC/9QoGYcsp831vpNVEiXx/Aj - 56wTgJQeaDjvpHjlOlIArz+si3xR2jy7virLKIoxkpqXZIGtyY47y4q2aGmscZW0 - nzjyMMzVTm3MCArRToHGvF14xs9X6mBMP4t+d825C/AP5jCP0eOZ66e1Sab6kXgj - 3oXEf2B4zg2warj3mauATa7GiCwSzYBzFJBLVNpNH35Y5k8vciWUoahAXVJCPA8K - xLSI+mc0NWcQGz14vJK5+eK4R0Mbi3J0MXzL8AH8S9JeAWamo/xFPxd+eOoeVN4O - b7DmZFV44G9MsrKq/iz5YR8LEbWevC6ygl5dwuE/gMlwamuBwkeND2Ygo/9zstls - PnIks0opBB4KjTa3S6HOavCRYEZA6PgxW8E04FLtMQ== - =wijO - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/up-prod.yaml b/deploy-as-code/helm/environments/up-prod.yaml deleted file mode 100644 index 316e56b8e9..0000000000 --- a/deploy-as-code/helm/environments/up-prod.yaml +++ /dev/null @@ -1,755 +0,0 @@ -global: - domain: mseva.dlbup.finance - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster , es-cluster-infra ] - - rbac: - - role: user - namespaces: [ egov ] - - role: admin - namespaces: [ playground ] - - root-ingress: - cert-issuer: "letsencrypt-prod" - configmaps: - egov-config: - namespace: [ egov ] - data: - db-host: up-prod-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com - db-name: up_prod_ms - erp-db-url: jdbc:postgresql://up-prod-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/finance_prod_db - db-url: jdbc:postgresql://up-prod-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/up_prod_ms - bpa-db-url: jdbc:postgresql://up-prod-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/bpa_prod_ms - egov-services-fqdn-name: https://mseva.dlbup.finance/ - egov-state-level-tenant-id: up - es-host: elasticsearch-data-v1.es-cluster - es-indexer-host: http://elasticsearch-data-v1.es-cluster:9200/ - flyway-locations: filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2-infra-headless.kafka-cluster:9092 - logging-level-jdbc: debug - mobile-validation-workaround: "true" - s3-assets-bucket: (up-dev-assets|egov-dev-assets) - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - es-infra-host: elasticsearch-data-infra-v1.es-cluster - - egov-service-host: - namespace: [ egov ] - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client-infra: http://elasticsearch-data-infra-v1.es-cluster-infra:9200 - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - is-nfs-enabled: "false" - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - minio-enabled: false - minio.url : "http://minio.backbone:9000/" - fixed-bucketname: up-prod-rainmaker - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "egov" - sms-sender-requesttype: "POST" - sms-extra-req-params: "smsservicetype=unicodemsg" - sms-custom-config: "true" - sms.provider.url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms.provider.class: "Console" - sms.verify.response: false - -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa,filesystem:/flyway/test" - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - tracing-enabled: "true" - egov-state-level-tenant-id: "up" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/up-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/up-mdms-data" - branch: "master" - mdms-folder: "up-mdms-data" - masters-config-url: "file:///work-dir/up-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - db_migration_image: egovio/egov-indexer-db - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml" - -egov-pg-service: - axis: true - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -egov-custom-consumer: - erp-host: "https://ayodhya-fin-prod.dlbup.finance/" - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://up-prod-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/up_prod_ms?currentSchema=egov_master" - -finance-collections-voucher-consumer: - erp-env-name: "prod" - erp-domain-name: "dlbup.finance" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - es-index-name: "dss-payment_v2" - topic-incoming-collection: "dss-collection-update" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "egov-systems@egovernments.org " - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "false" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening/shortener,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -billing-service: - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - receiptnumber-servicebased: "false" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - spring-datasource-tomcat-max-active: 5 - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "604800000" - -property-services: - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -tl-services: - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - -egov-hrms: - employee-applink: "https://mseva.dlbup.finance/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json" - -egov-weekly-impact-notifier: - mail-to-address: "subhash.bose@egov.org.in" - mail-interval-in-secs: "604800" - schedule: "45 18 * * *" - -bpa-services: - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov-dev-docker-logs:1:1,egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,works-remarks-createandupdate:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,res-custom-filter:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2-headless.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" - zookeeper-ensemble: "zookeeper-v2-headless.zookeeper-cluster:2181" - -logging-config: - es-host: "elasticsearch-client-infra-v1.es-cluster-infra" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.2 - } - } - - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovdev" - db-read-username: "egov_ro_user" - port: "5432" - env: "DEV" - maintenance-db-name: "egov_dev_ms" - admin-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaf86/kH98DUIJBFNGONunAk6cfAQbSQixx7e39d9b6PRw==" - admin-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dsCFao4tSMuUn1IsCV3xF/w==" - read-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaenUsd0exiBLoxMfV0VcQlHVSPFLgDEgjn+1vscsbE4MA==" - read-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dQNH16AY233NAiT0yGMnyZg==" - -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "up" - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - replicas: 3 - image: - tag: "5.4.1" - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - persistence: - enabled: true - dataDirSize: 100Gi - aws: - - volumeId: "vol-0851950a6c36a68d0" - zone: ap-south-1a - - volumeId: "vol-01d2365db292751d3" - zone: ap-south-1a - - volumeId: "vol-0c8e0e3d48b756d6f" - zone: ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-connect: - image: - tag: "5.4.1" - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -#kafka-v2-infra<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-v2-infra: - replicas: 3 - images: - tag: "5.4.1" - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-infra" - heap: "-Xms704M -Xmx704M -XX:TieredStopAtLevel=1" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - persistence: - enabled: true - dataDirSize: 500Gi - aws: - - volumeId: "vol-0c0a9b506fec18b5d" - zone: ap-south-1a - - volumeId: "vol-07d90f7132f873354" - zone: ap-south-1a - - volumeId: "vol-0b9f32eb12fe004e7" - zone: ap-south-1a - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect-infra: - replicas: 1 - images: - tag: "5.4.1" - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - dataDirSize: 5Gi - aws: - - volumeId: "vol-09674d706a072f1e0" - zone: ap-south-1a - - volumeId: "vol-0fc3cb6c935f19e9b" - zone: ap-south-1a - - volumeId: "vol-04c0a4171728df74a" - zone: ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-07a953c343793f519" - zone: ap-south-1a - - volumeId: "vol-0069f91c2dc43dae8" - zone: ap-south-1a - - volumeId: "vol-038dd33d22e49ee2e" - zone: ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -elasticsearch-data-infra-v1: - replicas: 3 - images: - tag: 6.6.2 - persistence: - enabled: true - dataDirSize: 50Gi - aws: - - volumeId: "vol-0bdf697defc5b982a" - zone: ap-south-1a - - volumeId: "vol-08e1b5180dce94c01" - zone: ap-south-1a - - volumeId: "vol-026d8b8749f573163" - zone: ap-south-1a -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0acf96c2764915b28" - zone: ap-south-1a - - volumeId: "vol-0f6b84228b07fc8c0" - zone: ap-south-1a - - volumeId: "vol-0fd88e0a109ce92c5" - zone: ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<< - -elasticsearch-master-infra-v1: - replicas: 3 - images: - tag: 6.6.2 - storage-size: 2Gi - persistence: - enabled: true - aws: - - volumeId: "vol-06dfdd7f635c2fc71" - zone: ap-south-1a - - volumeId: "vol-0d1f681fb8f5f90ab" - zone: ap-south-1a - - volumeId: "vol-0323acfe4fd42f421" - zone: ap-south-1a -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:UP-digit/configs" - branch: "PROD" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kibana-infra-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-infra-v1:9200" - external_port: 5601 - server-basepath: "/kibana-infra" -################################### - -kibana-v1: - ingress: - additionalAnnotations: | - nginx.ingress.kubernetes.io/auth-realm: Authentication Required - Kibana - nginx.ingress.kubernetes.io/auth-secret: kibana-creds - nginx.ingress.kubernetes.io/auth-type: basic -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -es-curator-infra: - namespace: es-cluster-infra - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "up-team,devops" - upstreams = [ "file:///dev/null" ] - -egov-finance: - dev_mode: false - -financeTenants: | - tenant.ayodhya-fin-prod.dlbup.finance=ayodhya - tenant.mathura-fin-prod.dlbup.finance=mathura - tenant.mau-fin.dlbup-prod.finance=mau - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl diff --git a/deploy-as-code/helm/environments/up-uat-secrets.yaml b/deploy-as-code/helm/environments/up-uat-secrets.yaml deleted file mode 100644 index b2ae9676d5..0000000000 --- a/deploy-as-code/helm/environments/up-uat-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:K1D8FSA=,iv:SovDqCkvfne635js5TKAj9alz1J5NcBXJx+D68gGEYg=,tag:Kv0XRvjOZO/Xh9epMO/E5g==,type:str] - password: ENC[AES256_GCM,data:ulRIsVpqvV2S0nvXzx6b,iv:iUY3OiryY893mc24paLqCGdwZQ0ygN6u9fKqza7E1ZQ=,tag:GY3UHKbHUcRFiIdIOokSRA==,type:str] - flywayUsername: ENC[AES256_GCM,data:Y7t5OPc=,iv:PiMg/V6u5tmmQWcOjxKs8Mb4UUlWkpCiVZdWOR+/xBw=,tag:eDo919cQbehvStFfM2uuyg==,type:str] - flywayPassword: ENC[AES256_GCM,data:bNRmEUEJ5IC69idMWxZ8,iv:iYF9/5qY2+55RhQXiZ3vZCdaJR/skkv9wGNpDXUHFaE=,tag:5P6ZuWdRCJfLWLV6tUP4Zw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:3CQwu2fKlg==,iv:f/5LTMGHhBu0xatJK30n+Iv6ql8++TJGSYjkgSmE1yM=,tag:oEMF+ln2NL1FA6E7GFXE9Q==,type:str] - password: ENC[AES256_GCM,data:GXEtfaMB0Q==,iv:Xuvbn07cr9dEWqNYfRJPT6GaTTK3lqSPx1UXfR6tyfE=,tag:xHeNWMsIXHUmeAj5Jw8rAQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:a1sRqaUM+GyBk+VUDJA7obmzxD8=,iv:LUxiCJ5yjJgexDS/hquIQKSuwUMQXPrgO5X7is325xg=,tag:0gLD7vkkP2+vbeCdCu3o/Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:tczOufFg+sfS9VaSg8e1/+nkDRbVyHJWUAoTcoapjNoe0A5uomyIrg==,iv:XAevtTbICWsRZTfnzv2+RXtBOlrwX+jPhgOgbvM31NQ=,tag:BVZvZz8w3Skgmplu7zOUTA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7yuCYF5PxgQuMlx9oslJkKgkPuUCe3rzMotHeiAXXN4EbFTE1vHq,iv:mcV+JSqu5j6Zk7aF2gqWpXHMn1f9xl5BGpFg/W5czTQ=,tag:mZCEIwrt2/1rksI+p/23GA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:E8owN9JQSDOHn2TMMD5HjQ==,iv:qMsRgsvBuemsIT5X1l2snjiRbjBOKNvClq3CmCOJhDQ=,tag:Fy8180fLdcI4WGQ6BDlwQg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:cVmnXc4aYQ4E5LZFHUT6EYnz29ns8FqujDMsVSAFc78=,iv:1O6PwQ7Wo83Vb5FSlzW4Mg77QZ2O8H3BH83Pb13ciT8=,tag:/j0Hm8dgvIFVIGyDCifwng==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:fa1+occ4XdomHcajkTOi,iv:w1peH2mg6YAVJJuHi62O9elYzB/e8SIc3zeavqFgiRM=,tag:AJhSHu6+sG3xKcmgpljSdw==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:MktNCALK8KeSEoU=,iv:zvxHZwDaK85VJgwAVchUvzqBsAOeiwRyaZQQOY0MC0Q=,tag:L1Q0lcIKdrAj+Jjk1/9ZJw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:Qp/nL0rSJvc=,iv:B9FMV+jh3USPdfPmkfKACVHPwOVn1L4768PPb9ysCbY=,tag:tIa2dMx09NfTP4Ii+Mks4Q==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:lxI50aot,iv:7PkiEtLLTadkopZoOn83FQypImK8bgfVc4UZ4BUSuIs=,tag:dNcQUpNNdC24QX9hYB9Hqw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:NgYxb4lEiAQ=,iv:eQvQDfabS9fJgDts/b4JY6xobeHdr2lnZ8CZ1qhhqHY=,tag:O4Dtj9MaTRnvzhbGNQMdXQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:KjRLmD4LWO16UxwUyb+D0fnYIhOsoUy6mqI=,iv:/lT4452JPA+gTGGaoVNZ8IGUzLWutHWJgC0f01IxPBA=,tag:wGiqR0JatwgO/Dha7DCnDw==,type:str] - admin-password: ENC[AES256_GCM,data:zlA6XoSB9R4nFtUi,iv:sfhMAn+F8gWn8UTWZqn4FFFqzJ5zrQ7rDw6qB21v3l8=,tag:iZ/wjAFWSDNz8Ko0HGyrVQ==,type:str] - read-email: ENC[AES256_GCM,data:0DLWzSJA3sDTRF4TJZOJMFIB4JRwk+/gsg==,iv:Hx/ow3OVuMqbWrSxQU6BvuHv/nzCyb9fuou2oTTS1GU=,tag:Ka2tMDo9J8L3J1pammF99Q==,type:str] - read-password: ENC[AES256_GCM,data:oWM8rwcxsvJJ9dV3,iv:BwbNLUD8wmQBUL2gqCLvowL0XA92PLfMjNZfbZ3xrXk=,tag:cj8AfTy3ODUr2KpwXJn5xg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:tCOpbd+++ioqMOHdr4e1ww==,iv:0S745VsQDfNimPoPsQ6DXw+1gldDGrP2HCY1H7gb/2E=,tag:N0AdY5AmtrHDk2YiqYo91Q==,type:str] - master-salt: ENC[AES256_GCM,data:IMrzAt3j31o=,iv:i+DApG+iDLjsaFnGpt59toR3KybwVE7nbwMwjqJueW8=,tag:WEelHlAGaYBE6Uqqpcv2Ig==,type:str] - master-initialvector: ENC[AES256_GCM,data:Q2lvUoEe0D3bh2zH,iv:uw3lhfWnD5JsppqwWhFjayyZvefD9m84uR2xKO/dvr8=,tag:hsmq9Wn8YDucFgnahpUm4A==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:Nc+qU2fC589YyOfs/+pO+/vhxotIQ0PqVdt/6Vg=,iv:X35zhpw+rfTzKbEGX9qRH/M1qvKlgdN2KIwYlopqcwQ=,tag:p8jeWikhg7IcG23OveisiA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:m5jmuIRomkPr0HB7h8/AtAma,iv:MHZ8nVHtCdfkzFp3Jsnlz2DnHPlocShfaNIsK0TWOXg=,tag:chU1WelwIQ+OCbNz6OkrwA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:ikfXHhuYnEU7LdD+7h/1ZJHTAXGng4ZC6lLH61YzDn5zujI3udfOutsK5Oleqc80CUtVI6q7IZvgynJby8rMqr7EfjACOKrJMdlr78Woycyjnbfjymd423crgvHBnVL312+4PDBZ95V7acgJQ7sZRr2PbOjz1mhUfvb/2A11/Wee0V6EusJNTXFxXoBcPWIFiYj4BoiT64rUUWwH8YaGD2ZpypC+Lqx6FQPJQ3JnwFU+x9P0qH9oiv0kvKTyQ+tnkiVr64e86v2SMmvXe8YvUGHKG3lnUMmT5vZju+6Wbt9sjl/uT+L4jnC6qA4eJvAVL6mYniiDVbigKxin8N8Wm8FzOB8/3hFecyhC/6PiHK7SuAto0nPyEDudSsHcRJrq0TkMT5hXhIaD/YmYEuvkK+3Bo5wFeX4R771Bx0CCSCU+GH0ziC9zoDocKA1zx+K9kbWpj6ghR1KSIB/HKxncU4j7P04At+RK8hChGZotxi9NMbbVWoJftlTwiBdgO1tiKpxMlBMUMwTi+PPA9yXqhgVLX7dP7p5gmoqa7M3aBxFDfHljNvkdDh39K7or9oxNqyy5Ya2WZNRiLY5BEb14NSUbxFBi6hyaDCqa1YXzCaSr4EsUWYU/saU0subFmK28zFCrgK+BtpV2vB0YniVw29uwxyykMPxIT8A6aoq1M8pjE7F7RI7/dPMnes/54ovUf/EIdhTpGEnFUtqrZqoYnt62UQ7000i5THHb3upcSXgnw/hDYwB7gHhrswrY45/mY3Fza+4DU2+5aqbJg2aoRTnBqWFiD19jTqithlzoxlSXStEr8D6WwU5U3Ny2Qk4ALyNJog04qqWA320o54VpGJl35d5wK5jIuIKNgZfgvv2KMpHmfcEVDxPpNh3jTeMpMArQLwmqDmMVvVk+Nb7fM7AVaY5+5mQqG16HVz2GvztA1aEZ3cVX52soVB6mS2X9IO78dCfryzNUaXmW3i20mv8CBITkVJuQO+JuIwvgY7NgE8B57cc1WzPKR1mToOwJAkcpLnPxvrbpYfYwg3wiFUqoVNBwvzYHA8/2OjpZHgpoFgRKjzycdGQuxBlGQmlyMcNNxkfZ4KxfPxsFPkMWCmGe92ljC6F8/AGMul1nNmL9Jz/UITIGgwJXOjm9N/U7Gsllg4TMWW75+aQWrx825eINaKB4E1Is/tVoPuqxW/5KFbIyvf4y7pYX2AlWhJaB9SQuVezGQh0Q8foDQEtKUnKhJIIF+4y2c8AhSoHP4KZoiCrWY+uyMwbjrlhBYaK4dcNdAXSPAKRlwjycGiLAbJETmfMaFzB0A3hbrg9C4h6MQ5czmgu+mE5rrcIyU/Pk5LkMbVB4yq0W3wQxSdJGB/EbA/XWbFMnGjOwjwEiLTnNWjGvqrG1q/A9effw06cQaJXFKE7ZQDQwA4k+tMUNxpCa5RetXonlUjJ+9MPakyhhEbsIYK5QH9EkBPeiQzcpwg/ctTfvbO3ZgRwmQGf2BBmToAbI4f7934t1fVUCFWNcKRh7lCi9Bhl9PDGx8yOiWc1hRvXUY2E9iiDE2ULyp0nrqkDksORxJzclf6p5z9kprXcCHCRyu4hixSkqfIjOIINXehnwC6KRWEWGA4MSqx5TZu4rG1u4MalFweRT1t7Ae76fPh2fVkOU3sWorBe62TwB25uFwTxu9N/oAkDXmtZXhbpATVBkCKAW2DXdwhGDoxXfWQnQStPRzSqAQ9B6WxpMfqzi1siECzjFIx4DGKSRdVEeqLpkV2UiAiBMR+vPVPcepV5yWEZPqWrfRXtU/VNCWtgN/J1JQl5KW9w7AZc2mxYaUiHRJzgEA1Zg70S6+HTS8F5xEJUkzMz811sHEzEolGO55D2wAcMh3/FR6WX5V/FpuGXDjm+mEvYB2txCuQw9zv1jq0i7P/b2FFHYII25TtoEqj9KlTy3Q/SI1nXm/s2tusC5mJh2NrePYvaRUKL8KFyfWSlo7D4LT8EgPgZHVpDnKZtTO4IrGTl3btRCZ3MtmEKl6PPBXlEMCGhEYE9/Ra3U27Nbn0Q4KjTADdrzdlwM9SSi1EGuMsTbrXMn9f3Ey3cNe/gOrefLYKt2AbpqUacsAzgxwgOqSFZo3zLxlJQTEwthKZvlQs+AHNa0oV688w0mG8vU82UtGhvkMsBlO7IwWHYtamGjRR8pH5sZAjwEbKcNq8sZMJ0uGUn/FNAM9vLCSWGEZ7PM8C4JMmzhtvZeJnGMRDmWWe4bUtsg2ZDZh3mQ5DlKQWCFgF/Nx85H7S+UjRpfuv/xlht/N9sV09iIVWihX+RJYk8YROyLIUjg9ns2QKoZWY+dcuYsbDNJdktVMaMtXOAhKahUvL0XBDg/5/+8dPWQmCF6nbyXWb4yKkFyHvGNtu4VgLoSY7II2sTVPAxyRsAo9hcXnFbHvTPO2glv7lZ8NpJ4IZdBOLK9fCMHVL2cgPK5J5hLEQgNIkLXnOoHg6hS0UaS22PJVfpx9EbQdCNT0VzDWdEc6JrJl5J97lGXCBQ6hX/O05Yy5HXY/mLt5yfK9iuplSU8IY4grpxU4st3LPCBiqLaNuJJiJLec0vZ3FCZDxbgpWLJ5eop3ZYKzYXRrfQz9DdZGqwvhzYOrIPkhYRQU3TCEIK24XneHWPJSMR2ybWmeMfSq3MyUOwxhr6XEq6skLTqkMb5T96jE/r7FopT0hEIqhJkHKfjm3wSqdnZpYqf97pIg6JqixgYSk+YiAJr/V58YOZ/YrfhOYig+Q0DZPl2qu7lvieAzqdtGYkzu/oNPLKcBxhpitZPKvaqHb8jf5/xibLpRhpc2iDjXfB9UR0hwv8M5sZ1oxBnuAVW1vs5s2vGfl2d1qAAwx2uD6oQgCRBpulJ5lrbpm4LgbNntOAOMpUtEDmz2pHn+ZIct/0KIURJ2CTLFAGSQ6KttbfF+rSI2GdmeFuQi2VhpGhy4HVvzXkBkPoEQsilbK3Oi+Y0IAEvLnhu5uz1aF00kyf9X0iP0SgZxXX1w33Isc5hfYvpyMr0kCrqUh1YAyXVBHphX/t/qXo1tcaWRrPXMx9fttDnQP6OjPnmyDESXQGj6ebNPmITTm1sogoYX62m/JqCVU8eALygpS7Ac7VB0Ijx+D94190kb/OGoweq40VheehSh550LaEjJBLXFgLf4kXuIE3znhTcDjBFybcj4p63Pnq/QfZoZviO8YD+QT4mGD7ouYvgkYw8nwXuqI9gSEwI6arQy/gB+vj83oaKKVbF3lLuTq23/9sWHcHxOOTKnLBHH3xdJ2zDdxQ5RnpT6oLCXScXEIPBPQxscNMr2s/bITowo8Xe+Jj2mgBFda92DFdkB2v7akdwAkHco1zIT05o4al2VydUYqsOnyoO/farWQryGf0kSAmRgO01B88YJgSdmMC8OGA1ET42UesiSNqEloveq4NTiGgF6M1OxWuf+ZTZlaSEh1iF+66ZPh97WvifTJU969K69Z5eaqwxu2P4xEoOoYpBxASyHfcLbfcFgxl+d6wqg3FacquaZWsqp7EUs9nhf9l79WLyolB63XK9wTmTGdM6e4qtX+2sU4h7VfVdSsrC965Fb/J7A/t5l6yQ74vc9ar8xJng8ojRFT1w19DdU3QlGOeZPMHZ/2Oi2V6H7up0oKn5pgkj3wabt1aL66WCyA6Rx15gAr4bGSD0GRjmtEoitT4ms0yyWUUq8gteBS3OH77ScD+4bSqd0u3GeokMszl/wBymRwalkXp2lR68Kwc+QRNnqVbXnzNU6OCjkZGZX9b+ZO1Hkix3HVcTaiVKPQRTPZp35lIx78W9XUmO3PKqAVd7JXis8n/hzMla1639/jc5LWHQfdQz2pFnLcV0rn4sN0Uu015nHMekk6liyRZceIRu+OnOvlcV3U7cXjJ6CsK3c2CU5et5wg/csTORAFD5szgA8uigPUkUc2LVys6hGp+SN+kegTKIcko+2XRL081MFP3/38P9x4Y5ZRKOnDY+qDMcdMaVm6nWDiBmboledXK2wOqseh/3c6jZzbmiBkRRAr+nYhq7Q5AUWe2wxfUtNRFqp8oK7mHNTfPwCaK1no33ndvzr0lBrmmzqAHDL1Vh8JKkwj+jjnw4Y8skGrC0UFwHuPj4OxA1NBmFl2sLL1HJ5TZEpj9bLWtmM4hO+1xlTfZXEKlCQUfH54SDOG4k6aLX6kgZgBvZVoTq7t7oUfEGYarXk7h/h7IUTqKamM2AedaiJ6bA8ubdY+x+fL4oMWT0/dDAn5ZWTB65DtPvY8ghmt5X2E3gYy/3/GMS1J0BQgoB5qghYTSbibvUnhkPfWWNHSDeGfnj8nhE16y7W9Rb,iv:WtaanPJOKnpB99Rkq5H+lI3n4OClKi+gV4ZWKyLnzl8=,tag:7D+iyI7Lv1IuMn5TV3LYRA==,type:str] - known-hosts: ENC[AES256_GCM,data:iF9eNViKTHfIIRoixisnTkHOJ0RNv3/GYPscvsdyqiZXnz/bF+mEJk1gtChHLAVfMpmXIJNFjrTqnNxf0iZebcHeNSwoHevmTwPcmdTNbibiaE3MiceKE5VBSyDRVPzo2GeN3lyu5OAHpQ9GP4exv/0iEOUjfoZIxm7n+AJBnEbYGVfwnrndTML6TdQ6kFhFI3xZ5DURlEgPLSskqTpHO5rGXdgVm4VjNzevsgT3UkbJN4v1vLWE/Uhlgqy2JOKdU8/ZKKbWdWyKeCUU5QXsEJzkJQHxH7/6zBYhXYpNhqlTU7TsL2ZxXS+SST7fgGfQS9LALWL+nyWcRG56K7QyTMCkrkiR4dk/Tij2SPQmfPD5ulhQNbCW/dO1xjgT8rR6yuSBwR1HLdErCVGniRt8CHhckG7M3sM+w3lV0QlLjzcfDRtHzatSVMe3i8e0ejeqmvlvMxC9ONOCk4Bus9cO2xHgCICQrRsn9yQEPw84mUlMFziHe8fd34OX3G6maOD0By4VgpxN1A==,iv:alnMdpLN2eLVSnVM9CB6Qh/l84rU9tkkYbvri266u+I=,tag:tCUg0nEqAgkERon/I6T4jA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:WR9L4mDvEa9f1g==,iv:XCv7od6tDh117LCLdpdQoWYd4a4wtbbTKVzDXjH6d8E=,tag:+0C0+OH1SpT0JRL5Nc8e6g==,type:str] - credentials: ENC[AES256_GCM,data:TWTOzCTUBGK2K/V55bWstAAc4M0v1KO6VJ3mh2dCzx4kI8V1zEyGJV8ig1CB6wWt,iv:yXC8tRPCA7qPkgEOiZNiVXDWfadU2nVsL4QpBCURK6k=,tag:KDMXxKXeSskcIthQh33ytg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:6vyT3ERq5mud,iv:EO5fxqQ/OHaPjOoopH2Wlj5h9lvZCzsBvXOWJF2eF38=,tag:TKqPvp3lr2B0f83JB5gnUA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:yBwvnita6FiARU2HGw==,iv:i9p0XYLqLMwns6zyPUF8il3up5jljq7EraP788VPNI4=,tag:COCT7Xk1aARWMoZpoAT/Rg==,type:str] - mail-sender-password: ENC[AES256_GCM,data:/QvjVubqspmmpTYqDrOn2OQ=,iv:R6aop+QmWN0IugqnDdLrH7TM0U0vSi8fC4nYgBNfZ38=,tag:UvotghGajRu9XvTy44ILHA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:yRmvC7AwgBju4BlVWGvYE3UUjfX5LIpHCwCNWw==,iv:iSIu72gGoAGTrEHuoNFyVwdQufrGOOUN2TRCGH4Elxc=,tag:DyYQGJAmqkLZDlWeeAJAKA==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:w0NIFmMiv+t277pcN/5DDQ==,iv:eY790whfplCmrfFMNqGIYBbaXyWpqZyFR7Q97btWP8g=,tag:Ic+bUz9w8fHAK/GctYmIOQ==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:d2lQBblwoA==,iv:TWVqofuPPph0xy/0cqINey/8xaDQDgYVmtS20jIc0ec=,tag:+gp5IK/LED+0H8E3VSBl9A==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:cnF+0tei2w==,iv:w8sdD/PAkX9tFtfFMl7+DFGTcjm7MPBqZd4X5bY/lk8=,tag:/+6z4W1HXkEXrjYrTw2S/w==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:lWUk9orrt6YoF9WvLWzl,iv:+Egom7aAKyw57JbMxSQ7pjN2Bo/4IADoBm2t6QgWz+Q=,tag:af0MuxNlzjpxvUOpC0tkaQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:noJww5IdHPYORReBxUd10huApahd/acbjenuKji38ss=,iv:ec3fieABIWeX374qn/0U1ehaTlvmr2/xvd/V9RYo7vA=,tag:bfNcqO/fDGgoB2O53gRoDA==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:hjI1j/8m,iv:8oQlDwyjr7cwQlBErZULTD+wY+Jl5M1BGCcCtMdAIQ8=,tag:bcImxFUcmTT4QfvHuSUD2Q==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:He64bg2M8cE=,iv:Y7+o9xCDsxhiBlm8S/YTLLugrG8XCSBj0F39hPvKrl4=,tag:0JWs/tAXIj8AXgINGF+bsQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:16C/A+0sllYY+hE=,iv:X4JwcZO/Q7psJTtfLSACqA6aV0Z9ApvWQ4GAFtn4ZBI=,tag:5CIvw/Tco3I6smZ55YD58w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:GZi4+KqbKlDj,iv:IwLFHzPDJLUspIKJs/ranwkccq8YahXmnPvRbTciESA=,tag:B2BaHIl/dM4U35/qSvyr/w==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:vNFnKrxW,iv:bOZRWetxWZ5f0pIf/FQiU/jmZHTAQJ672MCXi23yIIo=,tag:qN7CDb6ieCij4ox8aPYK2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:/2/uOaWROAiTjyPJUHfMtUyORxE=,iv:Eq92I6Mgc6bUFXYfGbs9DSp9zy+nJNRFgVq9NFc/GPw=,tag:bIxFkp+D6DgpbmjqKH6zYQ==,type:str] - clientSecret: ENC[AES256_GCM,data:iih+DHupQnU/eouikwbQEq8IkBmw1Sm+PVSb+qtcvn2vlxEAR98QxQ==,iv:eiYvUn0Gi2e9T9N4ZkU3q1ODxtq0naLx0LPqZDZW2sM=,tag:i0gRLgWkT7/GQvFF2MVEaQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:4DA85xVrN72HhPU/Sp5o4lbswtMaplcm,iv:kJ8k1kRNgCo51T4vuVc6QPu1rhTtlWR3RTdtgydr9c4=,tag:EWKkxgeHfouO3wyN9+YmJQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:IBqj5kcUZldNk0tNipgIIbd+Ct8=,iv:ww3wyNdF9jceZ0BTE00RZ9MAQAdVCX+DTNWQvbgxUzo=,tag:pvYlyCKzfTWCsrRtcReX0w==,type:str] - secretkey: ENC[AES256_GCM,data:0lv+Q47eYD0VstjxcnYdnvSVybs16S9KcUkWQ/RCINAMtnQc/KvQew==,iv:SRqO/l+z1C/37yW67ZtnbXrkvNemuqYV9vQsVysjCRo=,tag:8tVhvEpkfHdpmhQ1aOx9uA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:JUU=,iv:BbFbDeBfV4kV8VxrqvHG7YMHaHJmeTjA56EPJzAmnpI=,tag:+AJdJhGuFxTEF0tgNoPrEw==,type:str] - route: - receiver: ENC[AES256_GCM,data:UxI/LhetNhdpGJi+LcSNH37kMQ==,iv:MobDaa/Z0Zm6vyijz173sZdCEZ6ecrPewbN9bfkoTG0=,tag:U964+DMYa6cPUtWWjVTGlw==,type:str] - group_by: - - ENC[AES256_GCM,data:R3AkQchWYUaz,iv:mbQeXKZKyFtl4qHz7UJWq2vvDeBIUr2AkE59/slvv3I=,tag:KEb7VgRRGs3gCfWU0PlalA==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:BoxCCB2rVj0SqGtb4pDiIMRkMg==,iv:NcF945tWgCCZua5XB2oD/FRGK5SzgTJj7fdVLp713Oc=,tag:zE2MpxQJK1alwweTuxbzeg==,type:str] - match: - alertname: ENC[AES256_GCM,data:GqpilmCu5+s=,iv:Z6mGY3RC+jt9iwBRbiCazdnTDE35bZjBfWPLmre1Jng=,tag:3qBjS3A0yQ4gX0uY0zdQXg==,type:str] - group_wait: ENC[AES256_GCM,data:jVtL,iv:tuP/+Gkz7UIn7TyOubi4K1FNcVY1DUI4j0EPgoM0kVY=,tag:F4SWBKcYNbh1fPeTRibIZw==,type:str] - group_interval: ENC[AES256_GCM,data:wMU=,iv:ZT/ktcUmKkTQum0ROhHJj1vk1twFcRMKD09WrJquWqg=,tag:TEo4uTP4jMiS2qwVyslnIw==,type:str] - repeat_interval: ENC[AES256_GCM,data:gCXj,iv:MWZ+a0NO4PyU01HYcuirXkiRcxM/9g1L0BGNXgYaM9E=,tag:Yvjwo4yMP0R6+F8ODV+EDQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:FOabaZfAG9ft6zPia++ohkA8tg==,iv:GyQj7QZa+84JCDSabyQNeIF6Ml6FIvECBH1Kb0eeVIM=,tag:ckEKlVcUHtGB72+HNGiexQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:e8gbWw==,iv:8rAqd4fCUXhdHPG+VCgO41SaacBYwG0H1+SWYOe9q8k=,tag:dF+4meveQdgi30m0fws/1w==,type:bool] - api_url: ENC[AES256_GCM,data:p926IIzciYgMPrssOv+e9U397NilqjSon2nQKxTsKgf2ep264AucdLujp5DcxncCZN3u31UW1V7RE90sRPsTPYFPAWFr8hzPcbnpLCLKbA==,iv:Jsc2C8o6AFPevXuMsUyWQ7ytA4kZ1S0jr80doKUMJk4=,tag:yEKgLcG/Pf6RvpFPVlkqAw==,type:str] - channel: ENC[AES256_GCM,data:xiJGWhZYcHcbjCGDfVdrYcmXWyMLGQ==,iv:ByuCVf4BxKfH5Kkd/ZA8elGEnKt0gUZ13xDVZRKf4ro=,tag:xQTBTIp6SR8+io4006Cj5w==,type:str] - username: ENC[AES256_GCM,data:a68536lKBJZzof9v,iv:kAjAUFTASg/pdTg3O2//wsdQmJjnfqPlm+TPUOjlvxo=,tag:Mru3VoCBlRq8jr+HAJWldw==,type:str] - title: ENC[AES256_GCM,data:HtTnyBSDgoyv7JyTfq1mMkFE3J7EAjC/VeS0kV9sXI1mCr9avqE=,iv:2njgDRwboTxokA09MEaCGjwoh4P7aXqs1tqWhYWbBlw=,tag:IPxv+HJAYZTgDB/L8K0oEw==,type:str] - text: ENC[AES256_GCM,data:fYRwKym+cn131Ydg/5pkhx54FnnDZvPpxDtDsdSHCzzLo4NE1g==,iv:rHsL3MlNFZk1dVxyOa5oV3J5A28kMX2GafwgJheqb2A=,tag:fqjFS50tm5ukJiWB19o5RQ==,type:str] - templates: - - ENC[AES256_GCM,data:+7mnMDj6AOyyd5qbEOdqyM97199oWL4RpOEN0ufqHyKdUrCwMl4VcgyFJ9QmhHN7JOcXtQLTeyeaHmkCydC1woGhusoRQZU=,iv:Rf1kxTJVFATrMmwI9fFfESh9Qn0B9w+MipRA2ZbLlys=,tag:KfIpzb9g6Hm59R4n9zZc4w==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-12-09T07:54:40Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHP2zThqh4hYUH8ta2FzGNbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMXn4pgkdSpfmYcrTQAgEQgDvJVRsHBMliD5iQAnsxH2rH1NK1AqXRb4efFNYofSJ/GYyouCXSFlKOiDB8XsO9PUlmhfm7N74GlLzHFA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-01-13T14:39:40Z' - mac: ENC[AES256_GCM,data:uovHLp2pEE7LKHpBaiLDPVziEuJ5cL/r2jgeGQ/C899lHBGvapn+R19lRA3ErN08vFcOaWkkmVvSGiT2t99iCBFGhRy+2KlJoUygkoIwisTkM3kzSSioOeN6O0G5YlOSUpeWKM6+f8SPzZA46MNvsViC3eJLA/mSDHvBKLCQZys=,iv:OAzSYUkb9M2OXK1NRiH7ZgMegWsvyCzVoZpZEKkvwR0=,tag:cfbJcJtPoFBeCHpnsjZUjw==,type:str] - pgp: - - created_at: '2020-12-09T07:54:40Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/V/MIe8FgBocevO+gPrFAYmbF9KOo9bXojOfvpBNfkTuR - I/aicOEyFHzdKmemp2uUNnUMztn0bbL8rtPLCLfMC/9QoGYcsp831vpNVEiXx/Aj - 56wTgJQeaDjvpHjlOlIArz+si3xR2jy7virLKIoxkpqXZIGtyY47y4q2aGmscZW0 - nzjyMMzVTm3MCArRToHGvF14xs9X6mBMP4t+d825C/AP5jCP0eOZ66e1Sab6kXgj - 3oXEf2B4zg2warj3mauATa7GiCwSzYBzFJBLVNpNH35Y5k8vciWUoahAXVJCPA8K - xLSI+mc0NWcQGz14vJK5+eK4R0Mbi3J0MXzL8AH8S9JeAWamo/xFPxd+eOoeVN4O - b7DmZFV44G9MsrKq/iz5YR8LEbWevC6ygl5dwuE/gMlwamuBwkeND2Ygo/9zstls - PnIks0opBB4KjTa3S6HOavCRYEZA6PgxW8E04FLtMQ== - =wijO - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/up-uat.yaml b/deploy-as-code/helm/environments/up-uat.yaml deleted file mode 100644 index 47e32d2456..0000000000 --- a/deploy-as-code/helm/environments/up-uat.yaml +++ /dev/null @@ -1,665 +0,0 @@ -global: - domain: mseva-uat.dlbup.finance - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - rbac: - - role: user - namespaces: [ egov ] - - role: admin - namespaces: [ playground ] - - root-ingress: - cert-issuer: "letsencrypt-prod" - configmaps: - egov-config: - namespace: [ egov ] - data: - db-host: up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com - db-name: up_uat_ms - erp-db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/finance_uat_db - db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/up_uat_ms - bpa-db-url: jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/bpa_uat_ms - egov-services-fqdn-name: https://mseva-uat.dlbup.finance/ - egov-state-level-tenant-id: up - es-host: elasticsearch-data-v1.es-cluster - es-indexer-host: http://elasticsearch-data-v1.es-cluster:9200/ - flyway-locations: filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2.kafka-cluster:9092 - logging-level-jdbc: debug - mobile-validation-workaround: "true" - s3-assets-bucket: (up-dev-assets|egov-dev-assets) - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - namespace: [ egov ] - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-up-dev.digit.org/" - egov-url-shortening: "http://egov-url-shortening:8080/" - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - is-nfs-enabled: "false" - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - minio-enabled: false - minio.url : "http://minio.backbone:9000/" - fixed-bucketname: up-uat-rainmaker - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice'}}" - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "egov" - sms-sender-requesttype: "POST" - sms-extra-req-params: "smsservicetype=unicodemsg" - sms-custom-config: "true" - sms.provider.url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms.provider.class: "Console" - sms.verify.response: false - -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa,filesystem:/flyway/test" - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - tracing-enabled: "true" - egov-state-level-tenant-id: "up" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/up-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/up-mdms-data" - branch: "UAT" - mdms-folder: "up-mdms-data" - masters-config-url: "file:///work-dir/up-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - db_migration_image: egovio/egov-indexer-db - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml" - -egov-pg-service: - axis: true - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - -egov-custom-consumer: - erp-host: "https://ayodhya-fin-uat.dlbup.finance/" - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://up-dev-db.crj6g6pvsnnr.ap-south-1.rds.amazonaws.com:5432/up_uat_ms?currentSchema=egov_master" - -finance-collections-voucher-consumer: - erp-env-name: "uat" - erp-domain-name: "dlbup.finance" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - es-index-name: "dss-payment_v2" - topic-incoming-collection: "dss-collection-update" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nikesh.umredkar@egov.org.in" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "false" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening/shortener,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -billing-service: - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - receiptnumber-servicebased: "false" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - spring-datasource-tomcat-max-active: 5 - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "604800000" - -property-services: - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -tl-services: - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - -egov-hrms: - employee-applink: "https://mseva-uat.dlbup.finance/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json" - -egov-weekly-impact-notifier: - mail-to-address: "subhash.bose@egov.org.in" - mail-interval-in-secs: "604800" - schedule: "45 18 * * *" - -bpa-services: - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov-dev-docker-logs:1:1,egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,works-remarks-createandupdate:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,res-custom-filter:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.2 - } - } - - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovdev" - db-read-username: "egov_ro_user" - port: "5432" - env: "DEV" - maintenance-db-name: "egov_dev_ms" - admin-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaf86/kH98DUIJBFNGONunAk6cfAQbSQixx7e39d9b6PRw==" - admin-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dsCFao4tSMuUn1IsCV3xF/w==" - read-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaenUsd0exiBLoxMfV0VcQlHVSPFLgDEgjn+1vscsbE4MA==" - read-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dQNH16AY233NAiT0yGMnyZg==" - -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "up" - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0a35e9024d47d64a2" - zone: ap-south-1b - - volumeId: "vol-09066299c7cb454f4" - zone: ap-south-1b - - volumeId: "vol-03a5c356a5d5f9f11" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "2" - -kafka-connect: - image: - tag: "5.4.1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e025ad5eccd22a6c" - zone: ap-south-1b - - volumeId: "vol-09eb8bf068161e697" - zone: ap-south-1b - - volumeId: "vol-0da561e57012edb83" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0219754b834427f9c" - zone: ap-south-1b - - volumeId: "vol-03b099c805dbac3e1" - zone: ap-south-1b - - volumeId: "vol-0f29d1f1a73dedb37" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0ce442e21eb50c28c" - zone: ap-south-1b - - volumeId: "vol-00fade9696e09a1e2" - zone: ap-south-1b - - volumeId: "vol-09b062a7c3cabb779" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" -############################# -kibana-v1: - ingress: - additionalAnnotations: | - nginx.ingress.kubernetes.io/auth-realm: Authentication Required - Kibana - nginx.ingress.kubernetes.io/auth-secret: kibana-creds - nginx.ingress.kubernetes.io/auth-type: basic -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:UP-digit/configs" - branch: "UAT" - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "up-team,devops" - upstreams = [ "file:///dev/null" ] - -egov-finance: - dev_mode: false - -financeTenants: | - tenant.ayodhya-fin-uat.dlbup.finance=ayodhya - tenant.mathura-fin-uat.dlbup.finance=mathura - tenant.mau-fin-uat.dlbup.finance=mau - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl From b5fe1e5860c9e2919a6ced8de40116404f4a4464 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 14 Jun 2021 19:36:30 +0530 Subject: [PATCH 002/742] egov demo sample --- deploy-as-code/helm/.sops.yaml | 14 - .../helm/environments/dev-secrets.yaml | 121 --- deploy-as-code/helm/environments/dev.yaml | 740 --------------- .../egov-demo-sample-secrets.yaml | 92 ++ .../helm/environments/egov-demo-sample.yaml | 380 ++++++++ .../helm/environments/qa-secrets.yaml | 121 --- deploy-as-code/helm/environments/qa.yaml | 811 ---------------- .../helm/environments/staging-secrets.yaml | 120 --- deploy-as-code/helm/environments/staging.yaml | 820 ---------------- .../helm/environments/uat-secrets.yaml | 116 --- deploy-as-code/helm/environments/uat.yaml | 892 ------------------ 11 files changed, 472 insertions(+), 3755 deletions(-) delete mode 100644 deploy-as-code/helm/environments/dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/dev.yaml create mode 100644 deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml create mode 100644 deploy-as-code/helm/environments/egov-demo-sample.yaml delete mode 100644 deploy-as-code/helm/environments/qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/qa.yaml delete mode 100644 deploy-as-code/helm/environments/staging-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/staging.yaml delete mode 100644 deploy-as-code/helm/environments/uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/uat.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index d3842b47ec..2c38161ca3 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -3,25 +3,11 @@ creation_rules: # upon creation of a file that matches the pattern *dev.yaml, # KMS set A is used # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - path_regex: environments/egov-demo\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/staging\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' # DEFAULT ------------------------------------------------------------------------------------------------------------- # diff --git a/deploy-as-code/helm/environments/dev-secrets.yaml b/deploy-as-code/helm/environments/dev-secrets.yaml deleted file mode 100644 index 43221a267c..0000000000 --- a/deploy-as-code/helm/environments/dev-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:me2QuDHWwg==,iv:elJXqX+6x5qRWg5MnJnPk4pyZUlGTCPQ9JiWC2wugtk=,tag:27GBsmDo7kPEcMYNycGj5Q==,type:str] - password: ENC[AES256_GCM,data:vcQMAB6oP0lVgexvq0LIew==,iv:gzRi2x1tkRux2ZG9OOL27eCFcDEzCr9A6g4prUd1o9U=,tag:HpMn3oClWSf++nPn5M3big==,type:str] - flywayUsername: ENC[AES256_GCM,data:omR9KvjGmA==,iv:lMIruhHfx46dOQTxW/J3AQXtxuBuo+7J5fEfHWKM17g=,tag:gFOcTaQi1eA2ScT/27bqwA==,type:str] - flywayPassword: ENC[AES256_GCM,data:4MggP27wwubAOZHPhx/+jw==,iv:ukoV3GVeUbVQptxXf/YOOwpaR80ZZSubOk65CWJPc1M=,tag:DoY4etFUqG5nvi2UK1mBRw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:3CQwu2fKlg==,iv:f/5LTMGHhBu0xatJK30n+Iv6ql8++TJGSYjkgSmE1yM=,tag:oEMF+ln2NL1FA6E7GFXE9Q==,type:str] - password: ENC[AES256_GCM,data:f3vVktphvVU=,iv:6HobeZ2MzSM7oSThYfeGxZaV7LveJvJjkWXuYqOAdEU=,tag:RkNGExrXl1eHeYuaOT8tYg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:NQqiF0rSIM4wDf6iygDyhSZ2/o8=,iv:CNwyFPiDjP/P0zX9LY4L54nvN+dlp4PkFJQD4ZXwjCQ=,tag:GHjTDWCNgb4wkf8v+yw0jw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:VN+eKTIfgN6a7RDAkKNHGSVb14jH30/brZRZ2LlBOBJRrja9JF3NFQ==,iv:VEDc+Kt1aI8mslIKAG5voNz41HfRq6lKZ7J/TwCSukQ=,tag:Ekx4Iat6FlFu1o3YcRPy5A==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7yuCYF5PxgQuMlx9oslJkKgkPuUCe3rzMotHeiAXXN4EbFTE1vHq,iv:mcV+JSqu5j6Zk7aF2gqWpXHMn1f9xl5BGpFg/W5czTQ=,tag:mZCEIwrt2/1rksI+p/23GA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:E8owN9JQSDOHn2TMMD5HjQ==,iv:qMsRgsvBuemsIT5X1l2snjiRbjBOKNvClq3CmCOJhDQ=,tag:Fy8180fLdcI4WGQ6BDlwQg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:cVmnXc4aYQ4E5LZFHUT6EYnz29ns8FqujDMsVSAFc78=,iv:1O6PwQ7Wo83Vb5FSlzW4Mg77QZ2O8H3BH83Pb13ciT8=,tag:/j0Hm8dgvIFVIGyDCifwng==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:fa1+occ4XdomHcajkTOi,iv:w1peH2mg6YAVJJuHi62O9elYzB/e8SIc3zeavqFgiRM=,tag:AJhSHu6+sG3xKcmgpljSdw==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:MktNCALK8KeSEoU=,iv:zvxHZwDaK85VJgwAVchUvzqBsAOeiwRyaZQQOY0MC0Q=,tag:L1Q0lcIKdrAj+Jjk1/9ZJw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:Qp/nL0rSJvc=,iv:B9FMV+jh3USPdfPmkfKACVHPwOVn1L4768PPb9ysCbY=,tag:tIa2dMx09NfTP4Ii+Mks4Q==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:lxI50aot,iv:7PkiEtLLTadkopZoOn83FQypImK8bgfVc4UZ4BUSuIs=,tag:dNcQUpNNdC24QX9hYB9Hqw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:NgYxb4lEiAQ=,iv:eQvQDfabS9fJgDts/b4JY6xobeHdr2lnZ8CZ1qhhqHY=,tag:O4Dtj9MaTRnvzhbGNQMdXQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:KjRLmD4LWO16UxwUyb+D0fnYIhOsoUy6mqI=,iv:/lT4452JPA+gTGGaoVNZ8IGUzLWutHWJgC0f01IxPBA=,tag:wGiqR0JatwgO/Dha7DCnDw==,type:str] - admin-password: ENC[AES256_GCM,data:zlA6XoSB9R4nFtUi,iv:sfhMAn+F8gWn8UTWZqn4FFFqzJ5zrQ7rDw6qB21v3l8=,tag:iZ/wjAFWSDNz8Ko0HGyrVQ==,type:str] - read-email: ENC[AES256_GCM,data:0DLWzSJA3sDTRF4TJZOJMFIB4JRwk+/gsg==,iv:Hx/ow3OVuMqbWrSxQU6BvuHv/nzCyb9fuou2oTTS1GU=,tag:Ka2tMDo9J8L3J1pammF99Q==,type:str] - read-password: ENC[AES256_GCM,data:oWM8rwcxsvJJ9dV3,iv:BwbNLUD8wmQBUL2gqCLvowL0XA92PLfMjNZfbZ3xrXk=,tag:cj8AfTy3ODUr2KpwXJn5xg==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:tCOpbd+++ioqMOHdr4e1ww==,iv:0S745VsQDfNimPoPsQ6DXw+1gldDGrP2HCY1H7gb/2E=,tag:N0AdY5AmtrHDk2YiqYo91Q==,type:str] - master-salt: ENC[AES256_GCM,data:IMrzAt3j31o=,iv:i+DApG+iDLjsaFnGpt59toR3KybwVE7nbwMwjqJueW8=,tag:WEelHlAGaYBE6Uqqpcv2Ig==,type:str] - master-initialvector: ENC[AES256_GCM,data:Q2lvUoEe0D3bh2zH,iv:uw3lhfWnD5JsppqwWhFjayyZvefD9m84uR2xKO/dvr8=,tag:hsmq9Wn8YDucFgnahpUm4A==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:Nc+qU2fC589YyOfs/+pO+/vhxotIQ0PqVdt/6Vg=,iv:X35zhpw+rfTzKbEGX9qRH/M1qvKlgdN2KIwYlopqcwQ=,tag:p8jeWikhg7IcG23OveisiA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:m5jmuIRomkPr0HB7h8/AtAma,iv:MHZ8nVHtCdfkzFp3Jsnlz2DnHPlocShfaNIsK0TWOXg=,tag:chU1WelwIQ+OCbNz6OkrwA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:sRhkF/n9laxAtMUGc834QTP88ts1A1eDPPq3I4pOajAB8D/Fzlo9pzDiMuP+Xkb5vC24oXynGQWV5s5WJ98D75gWRKXvP19QqaNQLFIG2KUDzsKaACdv1KVQ0sZIUSKNfdAKuO1KEeOS/EhqvL0/M1w7bxvdvjZpQvMIbDYR8iuFcRGui9fuof2enAbFYM3J1rHh77M0JYDK97FLVs8TZHHgm4ITb8h0oGsWIpt8VPFpGYvBLle1D+MIgL+F2wfVgvW78RvKeMFpTq09ATJNliJI+XmbIFEASKaaTmCqJeDmzfwl6QJCbF20UEdNTY+ASZ1UN4pGwcql10j4aDL5X2+fTOLFMuUmZDsJgnigzYzmBh9xUaa8NC7lhrewYpapV363haahSJXQ9ivQgVCQAb3ANVmU8ZbzVrBa8IgDkxW0qrIflDREUfwWXoweCsixk3qG2+Lk6ZBVwtk0+AKyiOjheAayALFxEVlbgft7IM/N5xULflZ2DcjLOvon1F1PJYkMt9DM9xeNUn04/hJrp9htbWlHtQWc7QMo5fjNPq3XGilZXQgrmu6RUWL2POoIKQrFt0m4OroJ/UED3eSsm4UCGDnqur4B9VtYZz+FROyVBv5//LQb8skjmZBN2SaaAkyRumYtzd23YbwkzxoR8At0V1PqbyGGnOuzRqWoM+FGw1ACA6d2ULn1/Xo6E05OgJbT+q7/gyDXwt7ujWYQo2va4ovqEqMPLh2VhKeToDL+RXwNyUYKeNvKKL7K2Dhrb83OwsmavhwWwDx+IYMYRqBtfbRDu1L6hJdq0A0+gU6b/w7e0LB6wLECFbibN372No2D8pDXp5W8luKtBOd0Fx08k5WU8P/MLgjwJIpIjXOgejiCOniGKm9VdYGkWOcMC+yVKJSkWYh5/5+J12S3QTpie/J8yH6VIist4uNW9WmOs5o8PdCEQpQzxDC8FC6zImY/1Ty08AI1GX6rsdMRhnyvXk0s+k1J4Ido+pp0RPYu1X3ZJBZcysVAWjR0wXYfpUzClLIr4ynQ9A+3S2yuqIAiGkfuKB4vJdAtyWHj7MqTUO1TRfPF1kIT3fNkcZ3rjjYJukFW8WeagyTS9WaRUEEDgat9Tr26D5jpWI2ELxU2iY7n2bdY6Stl9DpHMFlaSsEQ/WzYgsmkP+lvgmJ3IdSzU4owGYqXAY0GbELhctLNY0Usih0wozFlbXY3Aj+lB+01GUqp8trrMtHaVKiUsNLzNRiP/YVYORuJ+jpAP6nKreAxnCAVYGqK7ytGHOuImF12TX0xhZ1pcD9VTw7DKNIYxZsnZ4sgaw6lMkCrLtNRyb4bP9EX1FXvxKRBOw0BDI4M3fOwheXNZAq1E/+s60DKC0VxAEU+LEe5lXR6jCwYPSlv0pEnTLp2aNFbE6amwtvXqFBUesuQHInOazSW9ieFRitB6teooKpLtAKgcyzShXRACtQ968D+KfnzYjs9jhqAEQtwJNA9Qu5PF804qvvsUE+vSfGeIkgjuBdmbot+Lumrbg9a74HbTHqxCG1lOd5ZGUm0LCZsXb+8gSBmDJL2PY67HU5BxUd7RUtbQC/cv+arQwW6DcPgQkk7pHzUMORmL3umhOlv+2YGEvcYifcd8qSBX55+F+FooDsKOuuCvxJYgy5hHrL87qbOHkchLPhWYJiRKIZfH/mmK0wUb83fEvKG2BzhDVEl8WpJrQVgns7v65aQ0K3OVkoD+3RhbiAGvmJZZWUtACfKI4PTZJ5TymEhvWWuzfCtJJs4t/ztW4klQJvKya6YtYAsu7T+Ml5VEgc3R0yt/MqHA/+GCkRyPpuTMrL+wY0+fVPdS8tgsFaa5UYzuq49SpHTj08tRiBjGCc9Fdg2uH9Djqc+6XozpQ/wmUTc8nczDB+iG3s7L4T0OYDVWAwajlzyLPuO70DXC4b4Taahn+ajNVr+8ti/oQLso5uwhWqwbMuB6gremaYsmv+Rbvmn7DoEotEGuSVNIR2saLpEYR/2vNjiKaJtx8rAzmFsO6T6N6Pa6oYOLDW30IEd+F83CCxQANTRXBFV7NOUHq1+0NWSDUJT8BCdvF59vThrdspE3JrFlcjh4riTU9dx73GagbORWwTujyfnkfIyQdPo6VDsaG050Crz2FFh4s+fQSJLH+rqpDY1u+jQjgOPjw8KFfjzXIE/B3J7s6PrzRJZpYgjXIUsTwLqyOt5HKguErjJSj3/A+Spw7tOo2BfbcdgKrnWMBSm2vxIWuzCB4R/T/yJBmuCe/4MzMtAir3RxdODOKwY6Dbs91R48NOGds7OgCy08h0R6ovhPw8pVuI4v4NBSnHU53jGNecGSh5zbQPB6rsjJO7HRMnYnoRHmoYSVeZDLhKoRBrBj9zCt0Pq8dOsSZ99CPx9zCb4SXhEE71m9005vSWwgXZ/AUtRl+aaZvF3efc66fieaeLlE4gpwu/en6qGaafZ7uPm++5OZKwjdl39uR0oZ6bkqNzUvNR8Qyacv5FG/vY11w+SpsYO+AO7m3adVjTjLz9exopGXvH7olS54ksRGvVujVnq7TmVkoFv6kGCgY4Gg1uWG+wcgkr95EgLEGlhcTkZprjzE8lty9RGG3eSuiMj5ViukjF8spAdb2nZvbPvBJ+hBlNwSpQrSrWFKJXmThGFqAqCI9Pm7XTOFbxY+Ha5mir7UVsyPVr7E6J74FvInW+MRZADpP/pDGGwyL4YM148sOvojZQDfvSdRL+44EcSTyrp0CaxSvcq1h7O/estJjMbs4IcCA8rABU7rk3h2jwMkkD0hoaGEzii+Yg1UTVwaO2xXoncloethZeqlaCBgT9NfHSyOzjNgs6wURDeXQQkeGbx06aEpnACRrtXzKih/D/YPhYe/iYg6LBO4Pt8AwIIG+I4N+iPOmkCwdVFLaZKDxzuBp3RZ8g+3zLyF3X1zbd7QtpBSWf2Dv2ouxpMzCazqqwjILw1ZAEmJkBlJo2i86VWD+LQ/EWX3YnEemxMqZBnm2D0KrCrvZWv+E/SNYXiy5iwmew+O66TEEr+mnJyEZ0C0uYRe5rOUw+kRue840yki2J7sHj9C5xbvhMl5Vw7xAoEfIkVJZXqwFjx0j9MzNRHHfWwLCedij1sqR9oBFFnNmz6K6/+ov13z9m+2Kbt/wzUJY9GMjuCttSL0qMA6HPDXtt9biFueTk5lQCyacwky3fe7Ttinb/JmQLjQLPI/8haDU8XLVNXAgPNw+VMyCwbGLQGaLXIo32rwgEc0C3tKYRiI9JTrx4+W7N8XC1fY7Cp3yu6decRfgTe9R8NidQaob4wBABlU8lpKvPce2YK71l/L7XmDgyhfSvJnFKzYHIuM62WQwi9UsmuTwaINBD2rnMlSwh+IlT0S9TkZbcAfqz7e0bM7cP0ETOLx6KSEHDwGNyniCxVZN1+Se/C0WXT2GJZDcKa7wQGDUY7g1Re7WJjirTca5K5kkrv5eMU9qF1lrhIVL/61pZl1UnO6Gfvn1hIYZgv7ETjYAFnZKhfV3IAJgUpWdkLMXlmhPxghdlWkHvwPMa7yZwYhUiWhA/ptbRB6U0tjEKBhUVFrP0R3lfpT8TDSlJiB5mOw7Jgkv3ZzcutnSMEAnKbZYpIEpaZ4aRZB8OxIPYMAAiGVUhl4fgkIgn9jzt/S/AQWYfp1exwuKB2V2mXUM21fAM0WbSi1GM/FD+Ifq8qFIYEkc5ZuwqUDAFrsU8NbRGitTYavBYqBzGvCDe6WiKAR6YQnYvi/pgFvxuFOZYdJN/agUCcZqflkncQKQMaraGU64XCCWm/qgV7K67eFx5sSIBuoMw60ndjb3dmNsyoNYEk9qFEmkOvu7M2u7hkOtvRkUAyrR83lXe1PsAQahGHe4djIUZYT9hJTkhAMlgBTHn6bBtf9GG86u7ISOytiQ/m6gNqBc2S2d6qdVMyGPBCT9julm4NF3ifmkpToLLSqSVE5KyDHt0+6DGIWxS96WubdJ3lXe84sCtdyu0YRb62c13oKg579WKO/oam7BUgfqgkuCzl6BDY2t0UP9ZahUlKV4RXPSbK3p21vr6/AFXcXLjdpXFxK/wyLo38dyfsGsirhEYNEKMKvLjV8ARs7km+XTgkuXOLMNMdvEYTk0JMvFK7uD+yb4Z4EBv78x3o0MTiLCtGrZvb6NG0yeLkEAar9wWei3nHN4lFwSbEJ0WthLFYE6ucff9wqAXAa8TZLz6BdmkaKvuDeSW//qtlwAXiILaiYTgIkJ8+N45NzagOtpPhJ45JgSVtZh32AbpX4db0xVT7MsiwFIFT8r+WrVXBrQfM03S/0t3kL1v2xHBg32g/wtawbqOX,iv:MU9LWhVl2etKg+pHjx3fLy1bxCEfUJwNucmS35YENNo=,tag:AIOdcG7LAmVz0bJA/U7yXw==,type:str] - known-hosts: ENC[AES256_GCM,data:iF9eNViKTHfIIRoixisnTkHOJ0RNv3/GYPscvsdyqiZXnz/bF+mEJk1gtChHLAVfMpmXIJNFjrTqnNxf0iZebcHeNSwoHevmTwPcmdTNbibiaE3MiceKE5VBSyDRVPzo2GeN3lyu5OAHpQ9GP4exv/0iEOUjfoZIxm7n+AJBnEbYGVfwnrndTML6TdQ6kFhFI3xZ5DURlEgPLSskqTpHO5rGXdgVm4VjNzevsgT3UkbJN4v1vLWE/Uhlgqy2JOKdU8/ZKKbWdWyKeCUU5QXsEJzkJQHxH7/6zBYhXYpNhqlTU7TsL2ZxXS+SST7fgGfQS9LALWL+nyWcRG56K7QyTMCkrkiR4dk/Tij2SPQmfPD5ulhQNbCW/dO1xjgT8rR6yuSBwR1HLdErCVGniRt8CHhckG7M3sM+w3lV0QlLjzcfDRtHzatSVMe3i8e0ejeqmvlvMxC9ONOCk4Bus9cO2xHgCICQrRsn9yQEPw84mUlMFziHe8fd34OX3G6maOD0By4VgpxN1A==,iv:alnMdpLN2eLVSnVM9CB6Qh/l84rU9tkkYbvri266u+I=,tag:tCUg0nEqAgkERon/I6T4jA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:WR9L4mDvEa9f1g==,iv:XCv7od6tDh117LCLdpdQoWYd4a4wtbbTKVzDXjH6d8E=,tag:+0C0+OH1SpT0JRL5Nc8e6g==,type:str] - credentials: ENC[AES256_GCM,data:267+XAXr2mF5eKbuJkjz1IuO2hVnHR8IzFKwnVPf6ZjFWFpi1Arndfe+EIvmV2jQ,iv:DuVjs5nPW5DqzUVvGvX3SeUtL4T75qhBaiCWRvzx9FM=,tag:ctAgu6bkLX2t2dyXdk5dqA==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:6vyT3ERq5mud,iv:EO5fxqQ/OHaPjOoopH2Wlj5h9lvZCzsBvXOWJF2eF38=,tag:TKqPvp3lr2B0f83JB5gnUA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:yBwvnita6FiARU2HGw==,iv:i9p0XYLqLMwns6zyPUF8il3up5jljq7EraP788VPNI4=,tag:COCT7Xk1aARWMoZpoAT/Rg==,type:str] - mail-sender-password: ENC[AES256_GCM,data:/QvjVubqspmmpTYqDrOn2OQ=,iv:R6aop+QmWN0IugqnDdLrH7TM0U0vSi8fC4nYgBNfZ38=,tag:UvotghGajRu9XvTy44ILHA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:yRmvC7AwgBju4BlVWGvYE3UUjfX5LIpHCwCNWw==,iv:iSIu72gGoAGTrEHuoNFyVwdQufrGOOUN2TRCGH4Elxc=,tag:DyYQGJAmqkLZDlWeeAJAKA==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:w0NIFmMiv+t277pcN/5DDQ==,iv:eY790whfplCmrfFMNqGIYBbaXyWpqZyFR7Q97btWP8g=,tag:Ic+bUz9w8fHAK/GctYmIOQ==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:d2lQBblwoA==,iv:TWVqofuPPph0xy/0cqINey/8xaDQDgYVmtS20jIc0ec=,tag:+gp5IK/LED+0H8E3VSBl9A==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:cnF+0tei2w==,iv:w8sdD/PAkX9tFtfFMl7+DFGTcjm7MPBqZd4X5bY/lk8=,tag:/+6z4W1HXkEXrjYrTw2S/w==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:lWUk9orrt6YoF9WvLWzl,iv:+Egom7aAKyw57JbMxSQ7pjN2Bo/4IADoBm2t6QgWz+Q=,tag:af0MuxNlzjpxvUOpC0tkaQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:noJww5IdHPYORReBxUd10huApahd/acbjenuKji38ss=,iv:ec3fieABIWeX374qn/0U1ehaTlvmr2/xvd/V9RYo7vA=,tag:bfNcqO/fDGgoB2O53gRoDA==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:hjI1j/8m,iv:8oQlDwyjr7cwQlBErZULTD+wY+Jl5M1BGCcCtMdAIQ8=,tag:bcImxFUcmTT4QfvHuSUD2Q==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:He64bg2M8cE=,iv:Y7+o9xCDsxhiBlm8S/YTLLugrG8XCSBj0F39hPvKrl4=,tag:0JWs/tAXIj8AXgINGF+bsQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:16C/A+0sllYY+hE=,iv:X4JwcZO/Q7psJTtfLSACqA6aV0Z9ApvWQ4GAFtn4ZBI=,tag:5CIvw/Tco3I6smZ55YD58w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:GZi4+KqbKlDj,iv:IwLFHzPDJLUspIKJs/ranwkccq8YahXmnPvRbTciESA=,tag:B2BaHIl/dM4U35/qSvyr/w==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:vNFnKrxW,iv:bOZRWetxWZ5f0pIf/FQiU/jmZHTAQJ672MCXi23yIIo=,tag:qN7CDb6ieCij4ox8aPYK2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:43J6/0G0wlmsBbrCkYMWeQvhv6A=,iv:BKqTJ7/L5bBd1dZOnJyTf/LxLFJ8KLNnD21MhA9HmNo=,tag:ndeyA7ccJKJl9eihFoPn5g==,type:str] - clientSecret: ENC[AES256_GCM,data:AF5NZahq2a4q9XTWpajDUGhhdbJJjIg3SGz+F+3wFQCnPZltTkcdZA==,iv:AalKEpQWdGdlt+6KcdmG1rrM1HaeZXZL4dIB9jnGv38=,tag:S8MEWr1UAYQlOmaP53v09Q==,type:str] - cookieSecret: ENC[AES256_GCM,data:4DA85xVrN72HhPU/Sp5o4lbswtMaplcm,iv:kJ8k1kRNgCo51T4vuVc6QPu1rhTtlWR3RTdtgydr9c4=,tag:EWKkxgeHfouO3wyN9+YmJQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:IBqj5kcUZldNk0tNipgIIbd+Ct8=,iv:ww3wyNdF9jceZ0BTE00RZ9MAQAdVCX+DTNWQvbgxUzo=,tag:pvYlyCKzfTWCsrRtcReX0w==,type:str] - secretkey: ENC[AES256_GCM,data:0lv+Q47eYD0VstjxcnYdnvSVybs16S9KcUkWQ/RCINAMtnQc/KvQew==,iv:SRqO/l+z1C/37yW67ZtnbXrkvNemuqYV9vQsVysjCRo=,tag:8tVhvEpkfHdpmhQ1aOx9uA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:JUU=,iv:BbFbDeBfV4kV8VxrqvHG7YMHaHJmeTjA56EPJzAmnpI=,tag:+AJdJhGuFxTEF0tgNoPrEw==,type:str] - route: - receiver: ENC[AES256_GCM,data:UxI/LhetNhdpGJi+LcSNH37kMQ==,iv:MobDaa/Z0Zm6vyijz173sZdCEZ6ecrPewbN9bfkoTG0=,tag:U964+DMYa6cPUtWWjVTGlw==,type:str] - group_by: - - ENC[AES256_GCM,data:R3AkQchWYUaz,iv:mbQeXKZKyFtl4qHz7UJWq2vvDeBIUr2AkE59/slvv3I=,tag:KEb7VgRRGs3gCfWU0PlalA==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:BoxCCB2rVj0SqGtb4pDiIMRkMg==,iv:NcF945tWgCCZua5XB2oD/FRGK5SzgTJj7fdVLp713Oc=,tag:zE2MpxQJK1alwweTuxbzeg==,type:str] - match: - alertname: ENC[AES256_GCM,data:GqpilmCu5+s=,iv:Z6mGY3RC+jt9iwBRbiCazdnTDE35bZjBfWPLmre1Jng=,tag:3qBjS3A0yQ4gX0uY0zdQXg==,type:str] - group_wait: ENC[AES256_GCM,data:jVtL,iv:tuP/+Gkz7UIn7TyOubi4K1FNcVY1DUI4j0EPgoM0kVY=,tag:F4SWBKcYNbh1fPeTRibIZw==,type:str] - group_interval: ENC[AES256_GCM,data:wMU=,iv:ZT/ktcUmKkTQum0ROhHJj1vk1twFcRMKD09WrJquWqg=,tag:TEo4uTP4jMiS2qwVyslnIw==,type:str] - repeat_interval: ENC[AES256_GCM,data:gCXj,iv:MWZ+a0NO4PyU01HYcuirXkiRcxM/9g1L0BGNXgYaM9E=,tag:Yvjwo4yMP0R6+F8ODV+EDQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:FOabaZfAG9ft6zPia++ohkA8tg==,iv:GyQj7QZa+84JCDSabyQNeIF6Ml6FIvECBH1Kb0eeVIM=,tag:ckEKlVcUHtGB72+HNGiexQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:e8gbWw==,iv:8rAqd4fCUXhdHPG+VCgO41SaacBYwG0H1+SWYOe9q8k=,tag:dF+4meveQdgi30m0fws/1w==,type:bool] - api_url: ENC[AES256_GCM,data:p926IIzciYgMPrssOv+e9U397NilqjSon2nQKxTsKgf2ep264AucdLujp5DcxncCZN3u31UW1V7RE90sRPsTPYFPAWFr8hzPcbnpLCLKbA==,iv:Jsc2C8o6AFPevXuMsUyWQ7ytA4kZ1S0jr80doKUMJk4=,tag:yEKgLcG/Pf6RvpFPVlkqAw==,type:str] - channel: ENC[AES256_GCM,data:xiJGWhZYcHcbjCGDfVdrYcmXWyMLGQ==,iv:ByuCVf4BxKfH5Kkd/ZA8elGEnKt0gUZ13xDVZRKf4ro=,tag:xQTBTIp6SR8+io4006Cj5w==,type:str] - username: ENC[AES256_GCM,data:a68536lKBJZzof9v,iv:kAjAUFTASg/pdTg3O2//wsdQmJjnfqPlm+TPUOjlvxo=,tag:Mru3VoCBlRq8jr+HAJWldw==,type:str] - title: ENC[AES256_GCM,data:HtTnyBSDgoyv7JyTfq1mMkFE3J7EAjC/VeS0kV9sXI1mCr9avqE=,iv:2njgDRwboTxokA09MEaCGjwoh4P7aXqs1tqWhYWbBlw=,tag:IPxv+HJAYZTgDB/L8K0oEw==,type:str] - text: ENC[AES256_GCM,data:fYRwKym+cn131Ydg/5pkhx54FnnDZvPpxDtDsdSHCzzLo4NE1g==,iv:rHsL3MlNFZk1dVxyOa5oV3J5A28kMX2GafwgJheqb2A=,tag:fqjFS50tm5ukJiWB19o5RQ==,type:str] - templates: - - ENC[AES256_GCM,data:+7mnMDj6AOyyd5qbEOdqyM97199oWL4RpOEN0ufqHyKdUrCwMl4VcgyFJ9QmhHN7JOcXtQLTeyeaHmkCydC1woGhusoRQZU=,iv:Rf1kxTJVFATrMmwI9fFfESh9Qn0B9w+MipRA2ZbLlys=,tag:KfIpzb9g6Hm59R4n9zZc4w==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:46:00Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgE1cSAhT8QtlljwLzeHC2TdAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMskYBR8UGVz91v2zaAgEQgDvL83eTv5rEsSOSTe9ptcx4YPT1YNazBD82206yOXh9/HiRUsuVs8/6zgepyVShYHdcal04riqglK9LZw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-04T06:35:20Z' - mac: ENC[AES256_GCM,data:3G4SxoFXu8yd9KPIC0r42DllfnMC21wcM/VOqidGTu49ly40W/bsEX0QX6BCib4qXCNhrd05si9i+VkDn4eorZajlbM1/D1gn8h0TexkMR+iA94Chnq7gRKmAiuljvChXxMsZARKqkJAZ67We3ZH+dKscW4N3tdlRw0DI060j3g=,iv:ord0mTl4CjnsAfV0kUaBkM7HKdBgc+tKZaOK19Pqb5Y=,tag:d/VCVRPMvf02D/xW0XtTEQ==,type:str] - pgp: - - created_at: '2020-11-10T06:46:00Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf+IQJtEjl6y03j8Y8evfNoaAG9p8tkuupWnvxvwXYWWJyu - HkZoD7GWZm/kaf4r9+2SR8iUbhrQ9BptO/A7MT4mADBaAtL38c2A+NbfR2ompDSH - VwpFtHdZ2vHETb5uSBYs43trD6KEnXHvOqzFWgvdODodwmhpWfwr7+iHn3+R6Bph - 9LU+jr/mOKg0NpbEG7oneyb7Wpe8IeLqKtTDOrLpO3zm1m9cXmhWtXHRL/9TgKI9 - qFHHfBsfoTLyjN3c/fDpK1Q7jDhxSkTOqyHcEVUjkt028675HXXz2xL7D8D4nFcR - ib6dQvx3WKae5o1av12/zQ33Hu11wjuH7K+jOV4b4NJeAZMTaRgIgj6eFaKublmM - G2A0i1TSExwrrn+bc6hloJIKueZsP5TSiA3thQ8SIw5uh8nKWpHML3Snqe1FaHoB - 6VqwKHRalS4G1mPxtNbfjDsjCBjC7KAUZtuTRvj9jA== - =u3Gw - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/dev.yaml b/deploy-as-code/helm/environments/dev.yaml deleted file mode 100644 index d2b8899cb7..0000000000 --- a/deploy-as-code/helm/environments/dev.yaml +++ /dev/null @@ -1,740 +0,0 @@ -global: - domain: dev.digit.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - rbac: - - role: user - namespaces: [ egov ] - - role: admin - namespaces: [ playground,egov,kafka-cluster] - - root-ingress: - cert-issuer: "letsencrypt-prod" - configmaps: - egov-config: - namespace: [ egov ] - data: - db-host: egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com - db-name: egov_dev_ms - erp-db-url: jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/punjab_impl_app - db-url: jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_dev_ms - bpa-db-url: jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/bpa_dev_ms - egov-services-fqdn-name: https://dev.digit.org/ - egov-state-level-tenant-id: pb - es-host: elasticsearch-data-v1.es-cluster - es-indexer-host: http://elasticsearch-data-v1.es-cluster:9200/ - flyway-locations: filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa - kafka-brokers: kafka-v2.kafka-cluster:9092 - kafka-infra-brokers: kafka-v2.kafka-cluster:9092 - logging-level-jdbc: debug - mobile-validation-workaround: "true" - s3-assets-bucket: (pb-egov-assets|egov-dev-assets) - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-egov-micro-dev.digit.org/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - inbox: "http://inbox.egov:8080/" - -egov-filestore: - replicas: 1 - images: - - egovio/egov-filestore - db_migration_image: egovio/egov-filestore-db - is-nfs-enabled: "false" - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - is-s3-enabled: "true" - minio-enabled: "true" - minio.url : "http://minio.backbone:9000/" - fixed-bucketname: egov-rainmaker # Only for Dev & QA - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - replicas: 1 - images: - - egovio/egov-notification-sms - db_migration_image: egovio/egov-notification-sms-db - sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms-sender: "egov" - sms-sender-requesttype: "POST" - sms-extra-req-params: "smsservicetype=unicodemsg" - sms-custom-config: "true" - sms.provider.url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" - sms.provider.class: "Console" - sms.verify.response: false - -egov-user: - replicas: 2 - images: - - egovio/egov-user - db_migration_image: egovio/egov-user-db - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa,filesystem:/flyway/test" - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - tracing-enabled: "true" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -xstate-chatbot: - whatsapp-provider: "ValueFirst" - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - bill-supported-modules: "WS, PT, TL, FIRENOC, BPA" - pgr-version: "v2" - pgr-update-topic: "update-pgr-request" - information-image-filestoreid: "67498340-95d6-4a79-909c-9c669e3c9f76" - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "DEV" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - replicas: 1 - images: - - egovio/egov-indexer - db_migration_image: egovio/egov-indexer-db - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml" - -egov-pg-service: - axis: true - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-migration-batch.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/echallan.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/configs/egov-searcher/wateropensearch.yml,file:///work-dir/configs/egov-searcher/sewerageopensearch.yml,file:///work-dir/configs/egov-searcher/chatbotBillSearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - -egov-custom-consumer: - erp-host: "https://jalandhar-dev.digit.org/" - -inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"propertyIds","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"}}' - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_dev_ms?currentSchema=egov_master" - -finance-collections-voucher-consumer: - erp-env-name: "dev" - erp-domain-name: "digit.org" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# DSS Dashboards >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - es-index-name: "dss-payment_v2" - topic-incoming-collection: "dss-collection-update" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - replicas: 2 - images: - - egovio/zuul - custom-filter-property: "false" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening/shortener,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/message,/edcr/rest/dcr/downloadfile,/egov-pdf/download/PAYMENT/consolidatedreceipt" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/turn-io-adapter/_transform,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison" - -git-sync: - ssh: "yWDnop6OESC1f6u1HUaDdhfpcukYviftE8G1BhK3ihsNXMkWvNK2LInRgr23Z69NZYSC3NfvGe6DOlX16hivEq4fZBDgc1TMNwTBihZSo6SCRY/KiMDbiB8WFo1ajwb1xiUYgmbNDvM38ieTkSCBGiBJlEkrC5bN+LUqjiFpsY8szAgoKkERuourrc9huKPaT9kPyN4yJ8cDrcikw0B6LPUbv+r+z86HWFFBxaYtigQsqnfbdnSGAVSCFSndDm0KT8srOGt8acXgkR7MlOEDrVrsGtCzPWFKETa0dUNfxRGuFJQ+2daJZgG9i9Hg9kmWLNKvh906/iIKCQVPdfaVQnQ1thy0qbVXuipC59RUQY9/b80jdOcR8Wf0yYATWCe/94E0azWDbMk6/IZJ+T/mkk0jWMikjESSmWFpsHN1kX83cJIsy/6e0Zg4f0pKcmc1kIkoWAHyDyPkriVb1E90zO2vCIAvgFxJHxQJfZ6Y32eyEJGTcmtImV52VlYfPXnMfDFHevUxk81ayvoZFD6LAV8rxOyQJ6Zd9QtyJtpV7spt0IDJAGAPFPBI9RTpICpWwwaB1jCcGYm0qcoDK/XzbtVk7ClKFZprszD96nnIOfclwq6hP+jHKlwoil0P0h+aLHF41CHDAQx3hqe+UlJF3DlB9Uz8kEIzRL7vZksiaIUk/WWRYnRlDhsmZRfzGnYRuIgg+beFDL2syxVZzLLnv04z2pHAMafV60kKPeLLSsQ1H4dQVGOwcWEJeoePvCuZfiFUkn2RNCnfWX4uU6flXSLpdLZ5s/b7E+xvIyYgLV2Fk57zvFlEbBjI+M73vxo/9BpY2djvUKlL/XOQMyb94clnOFUXcqtjiL3OhespWRXl3sIGVtiYQ8rcDgCPCn4LFtJoPhGzmkvG3ZHYi1p7u0UNqyBEUX+hbeL8e9Nz5PG/7tDO6ZszAyFuN2iu7Cib42zSsPvWhOdjaUmSZ8zJexK1RFoVm2aRJcRVWQm7Ef5yWXja44GhOmDyQ0eyBp2NjdpEUul4Fj25qVoMzXq495vomm+zXvg8WUMsjgm8J0Bcy6sBi+9EIFyJylqYULD67LQ5Av7BNJ9vcaMxX4t/PpACkJBy/9uGlOkmNiL2BfRkSuCQNyfFicalTVDT9BNMOy9wr+u5yaw9nF3l7ViTRrsN2H2ZNjXwQl64cD1rQKWpOs8p+ltkljZfWEzhuXaslLXFligEBJqC1TAaOsgGcwLLGiFBIKw3jcrqbeP+YzvpAa/jT6ooHeaya+92RNd9Ipa8lpcwPZrV+0+jjk3m5m+v2a3SISfRGJV6Y+DRU9l/lIrAnfXHERVr822Y2rWyJlptE00B+rvCXWR498yMv3UZnxxXpo2C/0Db1K5JBxAmw8IJLgQ9EL8jTwH3sf/UimcEkwZ8OdYjR0O1Ei5OcMtQJS464hUcqU0DaGS6PbukPjvHg3Mxn16ayeRI9JOwj0fGE10NnxZHv5oBc15qu78o+B7h8bAIVPeDNaRJEwVBafeGH2C4cORTunwAerUS+b194naNDEgXB+H8Kt+lFhlQcGOmzkBHo0MXwGY0UWd388dCUYmSeuXu8SFyD1/EqvbELUTcM+IP/s+SKpprbSZxBgC8hYtt8AoDkCNvPvgctUpJ+rdfTplqNhrCD4mkqs1cbuXA8IOclimUHYcu5ZlzPbop+x/f+EB2SL9oe5p+ZrwHoR9UHsxXfmYKCHjxddGbsrtxgAEtH9JKoWR5zESjt0Mhh2rkPYU47OY6AkEsGYODV5NaOGDVNdT0iKUo0AGEgxBho/9g0phbtETkPMiGqXngEBQ5IHzcJgwW1vhvi6FJ5V2Bq6wktNtmq+RwfP9cfiiplp/wdoXSv/vJbOmista8uAcfO50TjLiC3aXWbk9yYlbKLQn5E4cKfOcq88F0ppN0qN9xDvptfvnpoVyfrK1WVP78X/UNd4v5HupL0ID42slEhjcpB4kpLbQ6CMeUJwvUk08GX5i0AzNtKBUjA73I2vnR+s7GGrN/NGeH8RZb0kD6kLlhEm46hsyuCuWUgHasuj5U7FemwpkPqTyxWRn3vZPfxmjVP2ieEReaBaD4BrEUWqH4Mi9aVZV5XK2+ZhmwK+ge6MVpxS/B+2L78W/obzlAXr7aABW78FFch6l8yL5SAhJa6SDu8Bs2hUkzVFTGrHTeSTEE0MCqaYAfwr2XvzgFsrfXRbtJt7wrUCRErGtchvFxpDvmiXBi6g1CRpXZOG9/OENlNqJGpy9UWD90ohrBfPvwd0s9mDSkhVTKbVmwovqcwZ4ExvSp9lSPW+T4APtIIG5EreZ0uQSvWsIdU1gQuPW0kWBHFti003Dsg/J4Tt+M9RzjrzfhsxKX9MuC8IAdnrgH71Ye6Gzkf/SlDMHppUhANY8RCIho30Q8RYJlQkGaOoGxaQ4foIvhZwm0vZukQwJj63s5jDF+I+m2LTTMSsN3Y0PyjmT/4K7veq+hVqN7Mf3PqS8mXpiR23P5FgnriWYDLD1RM7QihOLTFIp37T1oWwj04VTiqD7cTfw2cTDmqIFP53sreAwzstC7ggjk5XC0X9W9zFQX5KmWE+1Po+DAouGm+fDj19p3V4wQ19qH0FQfAfUP0tDROiGpAS8iB1XI4FGJjsYEPh0D2XXP3ssGfKUfAvr/cRsjv7x7+5/nGhKZCWdIxlG2j7s5qo4fT7TIfr8pmhhXDQq8gwDFQpiFpNc2/isOv4bnW9V+oh/300KFmyk+N/1ALyaUla2lcgKarguqxxOmB9TjylceWrPUGSXtgI/w5CAumxzc3uTpkEFC09zu0kc87zUwQCkW0bvy2PXsPVp2dDj/s7XRfzC7EPX0T3beeNuYyedr+WQkhtk+4W+4ub/59VFA2ypuZNmTDnd0vhLckaAO7rJ4Me9Z/09PnkhpRBPHMel1JeiPaf2Toh5ZP6O/ys/2TTqrcTI0YrJIZmFpqs9d/RK55veVSmx/sKCdNrpbFHCsKMlGCTDHCflxaO8i7Zc3glvRus/5pECIllVmZJRFtMa0j67mtLkotdWT73GFAnLriCtSkSqa14Aqm2C79tj+m48HsRPG8P37xvFPenJfCMwOCEGK7sTzMfvufvTSK3kHc3NYcUrlFVut/rQuy5Z8OpcJ9NGKgdQxEhRIJYAPDdaTToVqiyPxFqGcMzlr/yI+AsFh7THQob5BKZMH5KsGVDu6vlgBz7626EeXxmrllqOqTfxLLiBgempp4WyX+cLbGn5Oif6eTLg3sz+GMxtNH/2qg0W+jFCmWDppGDb57wlYmYLiT1D1LAbbs/GuDYlQT18DaVMZkXzcAf+7wYNscxQx9gOtLfuRw+/5lfisuY507i7fv88kd659FAJq0M9hjYfOiJkW+p/kJpS4brD8Z2cJwVYpZMPf4SexjMJGi7ElIO/9D9b1Cq6mk4e1F6XOkl8ZaQQhfK4zpHVe054y2juM4Dm5ANJpxQTSN+nfk2wwwZKF689ul/4DZgN9UhCu7SIQ8gKOKbLbk9pw7JQlqZhn5cwMsVuy/sRUAShWuxE8YExlScNag0OLtFscz5nFQOpQf0Y5ehia/mQTpV3WWvhf3pswpFhssMoFsjiv/tAFDugTYj6H6EpNCF6VM0sxqgCOp7cRaDFdC1ExOT2mRBQSgUJHCI4x66OV4/9jGqnhlXbDdfRD1aas+rmwVLNMBNVosjrZDF2SMPgRnbQtDS1KojeduVJVbsEVgHEB6TWUtAclIpod655WsFHfZ1cTaGT5vsq0CI4SP63UsK7sdla9Z22qWVuzb+NmGljzCKFfaty2t509g4qkCyw1xA8fGte+Vp43NxaNsV5V2w0lr6jE5d/OpTQA+xznCkGOX/DPHyJwnxM+c+YQ9/UQOwbFrk/6akEkFW6/U8O4+Culn8j+um/fdPMRgosD5Gj/GHGTmHuCFbavHS9ALwV71J7swqX00PUO6j1+Zpqn9cjL8IqHGiWYDubKBZ7Zzo57SjyyspBxCaK/XXJ+FkGVsM+8h24WtcgIVCFTFmfMyc0CI+pe1TJhfc1RZLWU2Az8QxEUF00ROAJGNGOTg04bPKdfmvTGZQIm5D9RuQVCSk5XdIrxUQlJyP/LbgQG87xhGm3EUw/HZCRgi604uDpUAPv5hIJKlHqT2Yd61hlM1KxL1y/6qz5yhkbLHAN/l5vDx4/UdOqhk4Kmo7GoyustiUlOe3n+3h/sLntJqoPleE/uhTa/Mg10h+tIUPNe0b9V/OHFoRbCw/ppsWQKz1vqX5nT+haVxw2g9SbRYfNUhccZhZPIupxoe7/46zRbuXoQhfHbDKTqbu2oJt02RYsp+ic6cg5hEJtw4LE2Homwr9nwr0uL46lGZ20fmu4ylmwXTpizBjJvS1KA441MOMqj5rwPx8IQF6HqCiuJdF0kiMxvW7ACeGIIRk5J7HfOSBzvziTAmwgcn6AUicqGmR+AOVkHf+PdTmwxuqY/dCbm5k16Q7IXpE+jWEmAHZXXaMVUXIy9wXpZ93Wc8vjj3cdJMs5yiNdwgzgc4AIaMxRsIbRR6fPHFRstuHNDkWG9pQT/wBCNmvcP5P9rxKhhCdCNhGDTJo4/NjiCMVPqNQyteVSKyP+kYNeyo1SGPcb5X5d8yLC9vJ/ApXo/Ive0bGbKphEVCJ8iZxWlTy4gqndTYdjen8F5NqToIqKJmNniaT/B5mlGFe7RVOznRNBiQPukFhCIYNWSONbIsyWvsRf1vZ/3KSRrP3I7KdufqMSiGp8NJTYhxBJKIBKX3n3XRYgjr5+g/qeP0U0tw7x7ZcNx6KBZRpyudf2OGlxLAWWnqMTe5jVihk73Plex1ZkG8oGEr09wakJL0JBH2JI/iAVbdYj3Jzuy9+yah7X+wzoZoZB+tMWDZScJNuwTf06OZv+zcnK/Xnmwt29n6igZppH3yqjPRW9d6TkcgWNsXU9ByB6iall6YWmkKWqerUFFja6VcUayAS7IN43WZhmNdPOWfQvxetjegXfKCKLaEqG0CzDGyTXVel6e9ZICpeW0qx8Sq2CD2vSSfUiEcmieRsv744dcW+mLynwA21iaF99XjuA2oe0nKblH6YQFAJEHtmTH7u1iD9sAjXsKdlYChOKuJ5a4zknheUJahIQcW7aU1nZcFKP+QdSKqXaciY9s41Y/XHURT6RXWCjRgfF6dOHZLA5/8vkNH5nNZGYIRWi1iq4D4rVfivvwCGLLuzffYZOtBSt11S6UZuEL3A3uX0riJwpLpP5vNafm60GmeABcGGGUxPnPj2PTd0xur7l41nnXT9XW5SL6Ki2v6Xf8if29IT/C0J/3oWIqBgBT/WF1+dbk7huLpdDvBj+e5Mb+D6szCS0QYZa6CViuPFGm2zJGUBrIuzfN96tQ2hpXBUCr9nuinXluxIVdoH+bCWsdUg5QxvrLSQ9TBH+OG536YzC7UVBOOCI7hwPCOzr9c46++U5bq/vQ9PxU91USyyazfdJQ4A43JgXysMEwmDiZrR9eXpPa42+rR3fmjffPt8LTOHvYN8dGtvm3mqunFVSZ2736tQ7mTSL0Bx5fRzto5edpGsnqCVclOAuRUxFOr5TcUm/TxC6yJwVH3pLEu8K4XKkE3fKrZ8Iu2N2vxn3UBKcbQ2xngFt5Qm+0ckRXT7kKwi4w2BsXnifx/H8vHMFZqOe2wgGOSpcnN+RxojS3GvtcgJhcQ+2Be19z3d3ObSorOIwS9ZRXhUB3RpgjEOTA+5fgypUm36BGCA7OqeSZd8KsxjuddBZaZnpla04trg==" - known-hosts: "KLnFDDe5U9chjb87SQYJOs3A7qRVdaWGoG/JoPXcIW0Na5KVgYfe0FSEzfQXvb/Cl+GnX8j7PP5rE7t4qg6sXXdjDuZ3A4o9JLfFYtvA31oSShnADAsB25Ren2wIevF3rUo5P58StjcdzZtb7Z12cAWErCPlfohHsTWPX0/WN4XaHmSSEqhNUFoCUG2pn/+hsifHvGlVsFfj09K/IySE7iLRaniPbVc1zpKkgABeBiLb6I7OA93z8NaMQ6BkbOEQWLu+p7ibHQ54hNPGtonHZ0chmbpXEwpwdb0iOrx+R/6ggBkeAfTnznZFCLJMpjUF1golIEEPf6Ckt2vjtGuTiFHRBhOpsSKyXf1GU9yB4wbfQdAgJNqZVdZtjqvVHriEdGoMPKnPgxYfAPDMKYx/mTR4WX8cSystrC6tSM2UzR3bi5RvhEX7OEaB1ysRakSjwWVBKlTa5jvAdKEXKYDaDRKxPvWNewGtzYncmNV/puOa0ni9L/9NUxFp3HVRf8mKllRnCZH5nyLfvaMew14W2GMqI2Kg1TtPS8NY6MHQH9cRm7cyN98fo/Nbu7WHyp0X5A2OVffu0g3n5W0dEImUfbmDOddNAXed5A7p2oOH29/NcbYUTxs9UY5pO+lurvG5ZVtzbaEe+iRug6l81gQAwBNfKInUToGVNVaQ5Ano6sof6vBBcJaTGCWJdZI47G89" - image: "k8s.gcr.io/git-sync:v3.1.1" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> - -billing-service: - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - receiptnumber-servicebased: "false" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-dev.egovernments.org/" - mohali-erp-host: "https://mohali-dev.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-dev.egovernments.org/" - amritsar-erp-host: "https://amritsar-dev.egovernments.org/" - kharar-erp-host: "https://kharar-dev.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-dev.egovernments.org/" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - spring-datasource-tomcat-max-active: 5 - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "604800000" - -property-services: - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -tl-services: - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - -echallan-services: - egov-idgen-challanNum-format: "PB-CH-[cy:yyyy-MM-dd]-[SEQ_EG_CH_APL]" - -egov-hrms: - employee-applink: "https://dev.digit.org/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "DEV" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json" - -egov-weekly-impact-notifier: - mail-to-address: "vishal.mahuli@egovernments.org" - mail-interval-in-secs: "604800" - schedule: "45 18 * * *" - -bpa-services: - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov-dev-docker-logs:1:1,egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,works-remarks-createandupdate:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,res-custom-filter:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.2 - } - } - - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egovdev" - db-read-username: "egov_ro_user" - port: "5432" - env: "DEV" - maintenance-db-name: "egov_dev_ms" - admin-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaf86/kH98DUIJBFNGONunAk6cfAQbSQixx7e39d9b6PRw==" - admin-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dsCFao4tSMuUn1IsCV3xF/w==" - read-email: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnfL06lDV09Ch/mJaI5tnsaenUsd0exiBLoxMfV0VcQlHVSPFLgDEgjn+1vscsbE4MA==" - read-password: "SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dQNH16AY233NAiT0yGMnyZg==" - -egov-enc-service: - state-level-tenant-id: "pb" - master-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50ItO0ZkW/RktsYKkmU+aBcK0oZd7uE4o6/isU6csVXZQ== - master-salt: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dvOEZ5IC+CmU6hDTR6/f3bA== - master-initialvector: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dy0CkNn9G4cm+Gf9dXD+pyA== - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-044f507404d8db05d" - zone: ap-south-1b - - volumeId: "vol-0796cb7e37f7031c5" - zone: ap-south-1b - - volumeId: "vol-029a62d841ca22dfb" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "2" - -kafka-connect: - image: - tag: "5.4.1" - -ws-services: - is-external-workflow-enabled: "true" - -sw-services: - is-external-workflow-enabled: "true" - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0f72c349722e0d09f" - zone: ap-south-1b - - volumeId: "vol-0dd0b882cfbf1c57b" - zone: ap-south-1b - - volumeId: "vol-03858c4fc9486719a" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-02bf593e989cfa744" - zone: ap-south-1b - - volumeId: "vol-0c12dae9ee7529c39" - zone: ap-south-1b - - volumeId: "vol-0eb857058075878b4" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0c8da0e27533c8d70" - zone: ap-south-1b - - volumeId: "vol-0483380d9c577ecb9" - zone: ap-south-1b - - volumeId: "vol-03e7840a6539c893b" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -minio: - mode: distributed - persistence: - enabled: true - aws: - - volumeId: "vol-0395294cc58d84877" - zone: ap-south-1b - - volumeId: "vol-0d275aae592607664" - zone: ap-south-1b - - volumeId: "vol-04564acf4ee5ed5f2" - zone: ap-south-1b - - volumeId: "vol-0cbe4a855612fa863" - zone: ap-south-1b - ingress: - hostName: minio-egov-micro-dev.digit.org -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-dev,DevOps" - upstreams = [ "file:///dev/null" ] - -# eGov-Finance Tenants -financeTenants: | - tenant.jalandhar-dev.digit.org=jalandhar - tenant.amritsar-dev.digit.org=amritsar - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -egov-finance: - dev_mode: true - filestore_beanname: microDiskFileStoreService - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=dev.digit.org - tenant.dev.digit.org=state - client.id=punjab - tenant.amritsar-dev.digit.org=amritsar - tenant.jalandhar-dev.digit.org=jalandhar - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - -egov-edcr: - ingress: - enabled: true - zuul: true - waf: - enabled: false - additionalAnnotations: | - nginx.ingress.kubernetes.io/proxy-body-size: 8m - context: "edcr" diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml new file mode 100644 index 0000000000..04e596b8e7 --- /dev/null +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -0,0 +1,92 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:En2+f1v59YFVscpJynJ8rqsSgnb1EXDuLTY8lQbIZe6IQiCcSBZebQ2mYgwHYg==,iv:qvfpmVK9dL4kEzgMv30UQ56wgyxg52vej/XDDmzeCGc=,tag:KehVVfs5qHynQwZfHay3IQ==,type:str] + password: ENC[AES256_GCM,data:G8SIT4KfwmxpznGcY73ucw==,iv:OFcC8C7zLNg1yfsMZXQPxtRSRkB0ftht2s/GjlMJnvE=,tag:0z1hPoL7taxpl31TiG6QCw==,type:str] + flywayUsername: ENC[AES256_GCM,data:KHuqf2j/BZOi86UGH3m/fXZOywAI9f3rSZVErVA5V1dhQ/VpnrA1Y1VHR2x46g==,iv:B06frZWbBDUJ55TxgXqSwrK1JpnvoUbo+a4LACIRBv0=,tag:IxyMs75Ucz4Nn6TKWs1k5Q==,type:str] + flywayPassword: ENC[AES256_GCM,data:SBFWdd5aFoQCYyTmXxM8dA==,iv:m/dTxbTY+zDx1Pto+4y5nP3XiE0KqDYz9Vah8rD0pu8=,tag:DuZzC0ZYF0sODTMPHYnNQQ==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:n1AHfdyu2Q==,iv:cN+njVywo7deBbVo6h52D4M1WihvVrkN0cgdSlvLd0o=,tag:g0UmSy8YP2CCvX6REuLzfQ==,type:str] + password: ENC[AES256_GCM,data:CmC0q7kkvw==,iv:EeYIo8ui6DcsOsYonhYEJwhSzIfSw0VDnJx8yoAeyFU=,tag:GreosUtOl3L1MVynuI1iPA==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:ASp2uTdmoyzg3WGqW1FlBQISq4A=,iv:Z2fbmnWjtzyGlKzvn3Ah6N9sPZxQfooBUr2rq5Qu4O0=,tag:aBPocAM6DUOo3v8Uy0JJFw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:8+S/AKOM7ZqXw7jqUFHpIh/G2ryukIeTQPaCecz/V3Vur8o2yX5sCg==,iv:zi/eijnKSia/x3PT35r4I6ge7R+PFf0wK9hoeAtkdDo=,tag:OBCqqzlPOji+SvdHRcP+nw==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:WIk/vMy3Z8qRxm4XxhmgYIy7syzW5GCTH1CFJHm1ZtTEBEMHDXbt,iv:yBLVOJetLORtz7nFf19SZMSrr97nx7VrfIvACPo4asE=,tag:Mtg6HFr+Z1ccktZ7j9xnnQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:mXuKJlYBOZLKVdnOp9FfRg==,iv:vX1ARV5FR/l+2TgT8v8rodTyQTpV0JsYIhVxr8e/+ZM=,tag:yvnDKgUi/zCqq549TDST2g==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:4RnEMSiHE5rbJ3WRt3xO8NjJltwXlMTTZSGYbqbfb3o=,iv:N7V0rjUW+yiz8+c2+yX17UcDmvaKikduet75nQ87btI=,tag:EmzT+Loc3jK0AzywLRCJaw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:nDU9KseKxh23IKLN3o2m,iv:nmakscSzf4VWa+whJ7IqA5owUy2mozrYTEI9SV3DRbU=,tag:JtuPJSoih7dcBinLRlriGg==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:Sp1g7l0O57hIsEE=,iv:59RvZYRgkrsgcNPbu1yZc5qXc+w8HKQt4qPy1IgXyv0=,tag:OQsCaOJpydL84E09Ebf2VA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:EKEgpSR18RQ=,iv:TiNfMhGdvweM5wZwOgNURBkjtU+m1JJM9wBVVf2OaKk=,tag:TDF5z8ca9YaQQO+4lVrGVw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:f0kQa1nU,iv:2d2ikCBWaVv/aG86iUi2Q0ozZsT4JUHwbx19SJ9coSM=,tag:i64d7eujEiZubRqGZbEzEA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:YKAoALKjB0I=,iv:ToE4EOyum1Z3FgFNCAWmii2eO1ZqgDbERzO6z0/Fn+k=,tag:NzJmK6bRJ1yyU1GhIVkb4w==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:fUb2ze17kETWLcaUxhpTg7rz6ilTOIOTAA==,iv:qHNeNWJ1gv77D3RgHke5ss2O3D1vkgkVWMTemzHEylE=,tag:3sShr0oQuRPMAAuvJQvUZQ==,type:str] + admin-password: ENC[AES256_GCM,data:DAvfmucbH/ZlnhYYgFA=,iv:yLvWMv6WFmaNvP8YYdWSViKQRC/J2ov+UXBdQ+Rc/Uk=,tag:yFvssmpE4+0c/bafLM8hbg==,type:str] + read-email: ENC[AES256_GCM,data:VMzdHiL+3q61Sw2WuxPwDLjU6+KuQ39u,iv:jDODYHkfW0k/ze1TJQrnw1CzWDD5+m3ynND/JiUtHdM=,tag:88q0tcr2L9kJvIlQTAcahQ==,type:str] + read-password: ENC[AES256_GCM,data:TTg3AO1HDiqXh1r9fHoy5Vw=,iv:YF5hqEKtslSuTndUze0ocBr8qcYVfGNVFnfwiF4CYOI=,tag:mLJ+FYXqL8OTp8ARLq8/AA==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:N2tyVWLXhE8KGoJyBQK40Q==,iv:v7HXVTebjDsax2v2Qdf6OJh49h5SUI79U9xm36zEcX0=,tag:I6ik8auwlPUlY79ndBoyzw==,type:str] + master-salt: ENC[AES256_GCM,data:So15EzBe8w4=,iv:EJHTFkUWs+NU89YBDc9K4RB18a2DuRZe98Z7qddb5/Y=,tag:G+Fyix0BWXSI59kS8e1fig==,type:str] + master-initialvector: ENC[AES256_GCM,data:/MXqrk8Gwy908X4o,iv:3VeCbgpg91BKC6T+D1uU/P8c+knW6OOx3vA6y1Bai/o=,tag:1TPvhvV0RAaaZRuy/wKoFQ==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:46SVi1svvzO3PCslqEsB7UDlmpSznGzUOURFJKQ=,iv:MiBSosshP7oXu685PIXHaB5n8rFhs2SuSKJ4H3F3VpM=,tag:FBFa9QSdX9+xJJb06ggh1g==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:aj9GtQh3t6WHLOC2qKwjCsfu,iv:o+1QsKOV4F6fJDMmaTi8OsmEtdsnqUvZYnl1Ib5YCSg=,tag:TsPGoVJYC7Jb2BSbB6SdZQ==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:EAOQ5E1wVxVgMos=,iv:zm/VoF3WOaC1NgMXkHBeBsesgbtjvAEMa9OsoNNAI9A=,tag:/vVnwQJ5fRHehvoH5qwSxg==,type:str] + valuefirst-password: ENC[AES256_GCM,data:/mSnh8iwAhhl,iv:JX+38t5TrnEUUImyI+rOYUPig6yLLKGXWzf2r1ZcFDM=,tag:HHwdhWffcI6nIsFqYCeHPQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:J14KeRHF,iv:YQ+uozqH12OlBLUEreSz0XgwjDOENPf/0VKP3S5zxy0=,tag:jh/c+FZ9NfRaKZ2EZsGtNg==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:aHSARuLB6Is31jrItxxlKpQ7MLleSFgnjqTAmr0Jl0y6tuQlplkXwN7ygj+L7G6ZZojbtRsIpwtbe21qojL5RZhCm0FQNGZX4ATF0GV8FqrGf5ONREjlhxbxsDs/khysiJe0NDG73nmETRudwClzRmfpPg+OiLGzuOJgFT8M7A6RNZsLi7g7N/CCsOB42XMl8UciwWQgs7ctofSF0o+bH3AZqA8VrIyLMMrSVADmLxsL2CXvANY04Xd5tTHenQ4yvNk/1LJrZh7wlZrJLlQ7a+p3H+Cl0XIl0ApaLkVn2rqkBmhZ9JFNhWyrEzz/KPZ7hjD0qTdYoAXVJpXqcKrV2LsEarvVXQF5cxHR6qZbEQsYbKWf0K8FVem7dxbAe+GnyplSTzQOVQqDe8Mt5AUFMezZvNvv52LzoDfstsfJ575pLowiYoJ4dm731uZEgvCATRMYVEpmYhdbY/Bt8u1E0TLCnzYDot9HwYaz+gNzMvxprTEA7Pp0d7mvgmvjcoZRLJ8R/gJ9Xl1x7EmTkDozg7t7sQAimIHvMdMlXD2wZ/E93Cffm9N1qXC0a+EELgdgGJzJY74WWTYM6y9urVbGFBumFuvpG4blEshCnQZ7l2zGXKQfouVm0LlDiME8Q55oqJtI3ucvVHBmj5kpV5/P4mUd9SaWFavYnNioz0Ohw6/WaPJ8fyI+w1Igh58L5iorO4v3O4z5wn5JB32AOdIT4ePgfiEpSsRAnupZytMduPiWHl1jdVE7rJC6TAxYfFkUpL6gkVUNM6tAmIq7ITYfTVge8FuoGH6fDgFk9jAbyN2pswV+z+DDzfqyfS0gzl51E3ggvInFX5i8lReOx7DG5dGCwdC/U4CUpqHPBeC1rJ821IFKJ2GgXy3waNxepVDpx4R41SyMlgjLs7sHW8S/cOcX1UBVL+aMRG4FnZU7EZlS4txHND1iKXl65t7ucQICXKZOAcrkUKuoPfNZnnl0gFyGBVJPvtJA938MNiORjCb9NPK6Rqk3q+Bo2C1bDQfx097D22RoV5itWeTbUPGElRdt7vZmKDPfp6VEkmT87JN5nJAEp4OD0e1ZYsnTE7EIMgJBznX17qZGJgk2x/4ZU1VKGMOKEPFhXaIhZfFk1vqN59aOGTPbWbzdISzGrds0MT0fvQuIaKmx7gp9zP94NZVefl3v+7tXkNSsatMa6/CG2W2XAWVy/IQRO2xmSTK37tn25LTGyM6Nl4fNuvBqkZVb0lrA77dnOIpf9ZfFZ6mxkkIBpgIJi/EYwrscWrGkrFPEgbS4IxrCblve4QvpjB8Us8FbVLzxLzT0iotn5gp926E+H0nlUKJxluvuZFq8MSs8qMCyYXDHcMKK6ESw2KiN6F46i44k5Zw18Ie9CD/y9e8uOSi0WpjNaLSq+N+kLawpCwDB58aFzmJ8eGNlaG6jh6DxGhX1YWLOX56ZWh+O3XV3OLgHj9leMBFcgurz8mtQS+lRfDhWbVGPzQg9KjN4Tk/yLdMEmMpahAtfrtHxGtc9FwX00iV0BC+KPyX+MyeaellVIx+KZilHt75B9vbfpMKTesS5L9NaIuLH9np7m839v/FSZlnFWnDAO5AjtjhXtlY2oEwYDhhf9wMVtbh4geVvw70t7S3tIq/VHgcE5Ibqcxd0vrv/zjd/BKZPsyrz6Hr5AXOlTOlp7a4PRhsUpXzhzUeoxgMj4jWEzZyNWuu+cL8t3QfSrijjukMv/HsTtEEYUxDMJE1q8Dc7i7v8ITGX08q7UPS+OaRLp2/nJkGrtL1RlxdlxF2cTUq24RmUBbjVo9ofdqsRaXlfobMRvbulM4EYhUg4EfVQFjBuf23d6ld5ZsA60TykS8Azhi8AgRli+X0htyvW9ikGs8OqCN+BBZ6tXXmNOuRz6uoBSYKZv+JVt/HCa71CKN92e9qLsxU1+PiN1zVyW+q5re8mFoujcEaUICJ/0Xnk5MwrO7q4tU2zDG5hqPAtA5ie7szIRu1dflv+/voY/8D9GQi+BOPOOgnjfvRNycNjpEGlk/Wpp8gbIg+xNiw70cQ2QEi1Hm3hUfpmLo084+I3Uw6o1KNbiM5mPDL8RZUqOqXhLWAp2gFPI+k+c2HTBfXh/Q5qUwKSPkLvIdOYy0vIMeWAggleZ0pp8GZuTuQV3RFvj9ZCmPMS/KsUaGF4IxVNJFTOeJZ7j9wJfRojyu9zxsWUcnhn1CjOasz3+sgbHbFJojzel3lbT70L8o4XhyLxN94UvTa9auEz+kEbxOfp9H3h67zJPjb3xsE1K977sks6hZ1SvbLf4B1gIB/cfw973oshrQ4lQwQibiGZPjRFGt8m5CmZ1wGT2zM+Tcvzb82F1klMjEpFCoyzOS32RtrvgCRehACg0VUaPvq4GB9axXzxFEmpkoAQ5TAiTKoz5VX1P970qwqp6vwX2eyzam+mgM1Ul1bzPMA3lCJmi+L4Hi3GgW6yz1UmsgnPSUa7AVUdr1ZQmynuFW4rgcUdqZfMDFX4SBta6PHY8sJjfOUSjP2ii0e+ifYACpAic7WG0UcYzOmkWbS7saWRuO8h/htbiiQeysZyRjEKJWtNLLFT7zRv3gi7SmAsMz8C1GWAJHejPpFAC3lQI0jyaMIIJYsbjxGdMVtKUWvaERCzuGvA8cqRZ0z/HaMfMNVs6KpBUBzkU3nAQJPcw99S/FbyrmKQloKtBq2VIOLu4w3P+EGRcvmlcqUK4caG5v6zWvqecktqPklhlBsRQtMjWHmQzATA7Y2KbP3OdXhZ4inBWu5esf8kzoOUbfh8HUIXiSNx7Y7jThfMMF44jZ1BxUkHIc+jxKSmxSuFoVAAmVZANlsvjlROyXYJ106kEZ2Cjab8QRWCfXm9zk8Hbp0mJ7BXWA5U4+solo5uhxGY7m+In8h7vL4q1WNROOFhGGMiMVOkXiLRGgCmLUfJmOboN86zkpxZ/rrNXFeSdnez2+HOI9DEcCZZ9AEmnLWzhWimJbNVtlwrbRyluZjiNupAoWxolFZazEyCYHwi2ST+RP+Mit0nvGJ2/NfNNxso5inuy6uHIp35B2FuTtsLJ5PW75BVwHhXfJ0nTo8EWoNMDC36Eh8Y6B64gHieA8RKOJg5h6fEWiU2YLI91SMXPKOZLbKBNAAknzlq2HlcB3wrhN4JcdMafxcNaaHTZoWvAfB1eQYnfyanCO6NTq7MuseYJ7ycYPQlFX5dbmm5/B0jh7alsM1BkKQwK1z93FA5eNHsipZfqIEh+CnCalu8mdhB5goAsO5u6JLTzLv5RZQJeaL6lUhvweMzrPbMj5HXItSj4k7IwtriKR07Z32s2lEtMNeFeyC1wLTT3jzwSBCr7wf1D7nCaUaWLNE+v6p9OxbIk30NUemnqWS3fDZnIe52xFL9U3n6nkSwFqyIkD69lb4gxIOcFJrgxYMyLlawK+I+Q1URb1aTBG7W0uzWFdxkLXWV1FdRlRuf8s0xdBTQ6FLPYyMLaPowY4kwNQcRyD/mHGc4dEtuk8VCKjaVuJvfQ898Fws04oCQy45I7vcjK3DpiAmtcElo5OoTk4zCoPihA8ubAiI4cnh3rLKIgGohPRsHQAN5qqgsPJ8eU1EIeQXi+1bSP5iwHBuaqTQkbrND16iVpCU4/103qkkccC0d7yz4iWr0vd1T1jmjP/P0rmOenkWiFi2ezW1lo4qYJeaGQ6zq/KRHbTqtyfCiJY9mJX75g0YmN1aHNRfHZaUtznOzRyUiRbKdSYRcmBXCAJLLmZ/SAXQGdwUyRXwpswyb3s3y1P0RzYOZaSRty5zpaA7XY87XCmfu578DJfT7SHWHDTWdgKQzyd32AEfaCsPNW+R0t1PZsMGIjRdazuNpaQgCRdrCssgcX3aPkDOaXNbo6lOWQqE9divzJpaEG9Nho45dzmjmvijq7LLkjdp/p085YjKzPSgAGo5QZE5JSguvRC0Ng2qkgOhTdTdAMfWc72qfIiuwhZrbkzvqe79DAZM41D27mOUe7cTobKwWTZlMwZemxJConFPm9Zc0XvFCrTRTdWoIiPeXUoqY8VZcvo1sso8nho507WpyZ8oEd9weIZYO9M1nrRjI7DhdBjN8soboYFYanom1Mf6bXd0oczJcvLLvasFnibqsPAJuSex683BQ2FMi9rfhZTdb9m1AHJPCavep21adsDs8GMvRmQp6pZtyCTq8lVTyl4+ZwaQX+geFvEBq+sa8lwgkaIkhKg5TRZopqAmwMOSLInAPEWHbBgbNyhRP9AKuGcXP3lDlfRGoD2zufyDCLM2N7lYXWRsOxIfdHOHPSx1oenBFPuNkxqIpX/Z2m21B9RrtuWFa,iv:RzqntbJb+bSZg53A3M1NKAqBE59imTFJzeXKr2G1p+Q=,tag:xfDyv+j78gsEVxQDTzYsTA==,type:str] + known-hosts: ENC[AES256_GCM,data:bD4kZ3KSegM2HD+pi0B4O1cA37As9D+AulqsFvDIEP9KN1oIP3ydO4L4ZbpP9e9ROrTxKcYswULITCPcI4kSRrZenfvQsK8t/TvItlU7cYTiXY4HWWejJRtuI+OesAc4azyJJav6SUzCI75aB2MKXSTystVr2lJXkRkSQMfnl5p9p1ckDCLpQU5gmKag7FTXRS7AKhSisU+CFKEHiEyrHgqQa68Ngt2lY51Llf7XILlgbKC35QxVHegx6cXJ8lI5fFXEyTM2Vb3wP6/Ch4uVtIAS10a2G8wnvp7VxE5Re1QXOapoAE2FS11ZKGFP5HJl36sNhgbECTRkBkYijmJQrplc+Asal6t/BJDTwoFLjw1Zw3981qBkIstu1FPrqIJat/WIZ1gzdJB257aDLWR+LI4eSXjdVaThyzHA3vZ98Jj/Ny4ivh+OQ84szg+RJ1Qa2uiG151NVQsBeX3ZHFsqi8pfJg/Hb/r02sUe5Jl7cqrdDrJ0c7mqf7ZfEYFd3GoZsGG8oCpyIQ==,iv:0nflX4QAV3VQ0pab/qAHV2FnePwKxxcoEDgfOMko9TQ=,tag:3ATzMI7n37xUT+64NhNr1g==,type:str] + kibana: + namespace: ENC[AES256_GCM,data:/nF25GUYZXUZQA==,iv:UyXZhjpEA5Wg1dSWH8pHOlVDjuoo1pevKyISgKKAVLI=,tag:gn53GFYHA6fmaaLrHuA+1w==,type:str] + credentials: ENC[AES256_GCM,data:aeiT6NgUgS685DslXeTF83n8yfYJ5Zt/LZrFhM9fhb+JNP7KIn+G8xz5Dq6fvfgr,iv:13ANY3xedLn5+Gh+h+Q5VpVFrXx4mgJ/MrO1jizTwFw=,tag:DTa9v+NJL9whFwjn2yVFXQ==,type:str] + ispirit-ecurfew: + karix-auth-token: ENC[AES256_GCM,data:FP+oZhm3NOnlEYyZZ7+E5YOG7VKtiqLJ,iv:YX0HH/rzkH3beNffE0V+YBEFUVnsZO8YBFtTDuczowQ=,tag:d6f9zVtTX0ynOVkEw2MtPQ==,type:str] + db-username: ENC[AES256_GCM,data:u/9a/9a3yEPQv8e7Je5LlHiCV++qmhliudok6Cwi0knpFCL1job3HnJPSPfj9mRZvQ==,iv:2Z/5bseffw547SLG/wjY1hBQcZubw6QNwNx83O7QFeE=,tag:A7gniCo7hNZ/kj0XcX8Yfw==,type:str] + db-password: ENC[AES256_GCM,data:UXf4/8Ui1pHyKz0Lsb48PA==,iv:S7jcdsQd/UhHqe2MLbbAms/8okAOSbaDfx4ZHcOm6HE=,tag:L/JqyX1UPsqFI1TqXzXpsw==,type:str] + s3-accesskey: ENC[AES256_GCM,data:NHbAH71LsfyUSX6zXFOFRTe+tuw=,iv:TOM6ROWqkzSs6TdvLmlKvFJZedoI/x/kocry2cAt6yE=,tag:YtnezjD7GaGILOE5T0CSSA==,type:str] + s3-secretaccesskey: ENC[AES256_GCM,data:SMlGZ8cvhujHLJY/nXzorLoWmJYSSkpqS4CQvQVX4agS3TweqTrwww==,iv:0yPU1AKAFJV1tikKnoadgsGCuUvwTC/V6W94fySt8Tc=,tag:WSzFyNLt2ZC940dTn7xAgg==,type:str] + twilio-account-sid: ENC[AES256_GCM,data:gv1yyEJxYE5WFk6IdDpfb/kPxFqpGN0K2JOn7QvBWMs5xA==,iv:DnKtvXce+EE3TGdOh3wW9jKQ02adC0T8JRAV6lNZ2KE=,tag:/glF6HkS9EaYNEK12CYkPA==,type:str] + twilio-auth-token: ENC[AES256_GCM,data:TkDUhT/4dzOgyFmlTF4DJshR9AFe48XFCp/WSs05of4=,iv:vs4n6fUaEmP9wwUbIFbOOs0MxXh2xHqiugjKd0eUsSo=,tag:E3SRZbULDYeE9xBrzXrHnw==,type:str] + twilio-phone: ENC[AES256_GCM,data:LHy6qGocuWyJl1Hp,iv:Aa+VeOhv1GEispCD5Q7lvhjJj7AVvtoIPWoFHFKqByY=,tag:eeE4wHmaFLorDDTym1EJCg==,type:str] + sendgrid-api-key: ENC[AES256_GCM,data:He/kqhQI14goYL8LdDNJTG1ckeX5x5ve+jZU03Twj1bZflChzmJKdZigCXukdMA7vYDjjWyiAeMTiNWtKzX5weI9I22E,iv:N91xG3eKS6BFDpzPReWPkx0ZLTol/6dK33RiEWpeEfc=,tag:Ylut55+Zq81dwjs1cqBp6w==,type:str] + secret: ENC[AES256_GCM,data:0AlGlnCznlxQR8pE/M4it2ywRW13PfYxDugwqftxo+7VC8hStXO5FPk//ErNgsSCu8NT3w36x3uv/bT2KnIbpg==,iv:XpUtR7o6zUPd6mLnDFiCjk9O/XOemndO8TjcaelI0Es=,tag:79PQZLH9P8dNDRCvHCU93g==,type:str] + auth-token: ENC[AES256_GCM,data:Xj/muZyiK/NrdNDBeKfB4ZeX2dI7sIec1dGTHhu6YxGN7Qrk,iv:OFsxpAo5xP0rt+B8d7Fl1PZ9oO5Bg2e13LNeegaYqf8=,tag:+b46PZsSLV51ECsmle0tSg==,type:str] + jwt-secret: ENC[AES256_GCM,data:VRC1OedOg9hn+5zByjRDaQebiXz2slfopejjcF7U22MqQS22e6QsX9AP4oOlwnBy8lQL,iv:IRgBB9RxVsf26NoGaW6v83Ft0LKrBu1NHr2dXzXDM5o=,tag:kD+G6ulzBGqYpNNpRA8Vdw==,type:str] + public-key: ENC[AES256_GCM,data:NaDYzcbm1YRfYWg9CbylQXPiZv2vBpUZTrz5dxQfpMEkrY5VSAW3ldcROMuY348jYoWcx7IXLWDNfV0J0wE7PHgczxC/+r+D/o2Dhvk0wgorDVWqwJCggugXss8tyOJp9Q6HtjwK3uvKC5jYaq7r3q4e54rchF7mvNTz55djR8SovMG7k6GGTg76m9lPayHRpLiIT7E/9QVS5wDzqEelVrGMjqqLuznX6iKfo2rA3lceGZJONDEn9QAQr6D61SzAftjwOXynzMfnKHT2HvGvjmISA68luP5An3PULu8eb8xfbiZ6kkQXrxsG2jJgza0yaCx+apeUvX6ga/neY5jEhYTNvhefNd39l9aXynBfJrJnAqu0mRa52+r90eduAKGvjNIsLa10V7DhTp2WCXn5fDu4qUjzE2BSMnuo+Uz9mEEi1tRIXSOUJi+UWHGJsKvwKxmypEs1EXOMjI7QGbXdTgoTdajR4PDoRngYgZR66VehirNI/83XFtsrGMiPkg4GAjN9t38KNJzBncI2g5vtpn1yP9GI8ZeYqIhqbxR/sZbdwV/kz8cd7klcHd/YYd6gqZqE2QsbKWjTt3nedri0iA/MC7vKMr2kcflEeZ9yfPo02DrupPvatgtq/dL7b9h8IpBl7hG8Fxhr4GD8xDh13QbdC94D2e7GrDaO2R8QByPVwULTlH9zOCzxacWVA6bJmxBmB/gFlCggHPLNeqxOAwYzeA24EzjHbjjqwBE+Xvi1BOz2FdqLTe/+jq41XfSx8c8tlrPlgfTSNbRpSftBsyUJQq6GXHXI5WIbT0QYLeXggoURosxASLLboLfzpl7AmUisDAxS7QJJnHrZylmO2RuZlUt4LSOUeosodlkJr+3Fx6Ch8YBnW6bjE1soIxAMMcAInHP/tyLwMaCQH0+wW4VG9ZMgOsn+PtPquhqnGRPjJxcvCXjDTkwo01WTsTAyXLGsXmkztox/v0GxHGr4486eaDGlhV/gyW60lJcCVpydi7DJavs0NQgL3O+SPa2zL0qNXRQlM5xwBbKDCY7ef1NQwFcJVXaxM9cVul/EcQMam5bjzH3HT4pGvJXi2XxHzHJfGgO5pHmalIKTDzRTz/DIvXmLQTzbmtK03oIkbR76mDr0dOHhm9JoyXRvaK5nyhWrqMMmj+Hm94CVWQFgfwiiDuU/fvz59fXZraDkaR77vakuOZzV5N185R2JdofoKaLkjnF6136xdWywClvimYCWn4I2ZvLDwpcSK9cT8ZfyfPJsjgKpTgzf31tma/KhLv62z/i+pMB2vZXs9VzeBj8nLYwlIF87W76zUm28eA8W6i5ad6L1VOGnlsMHgAi55JzgkxwhYj2wop5ZO0rSsL/786I9YSddrIqLERHlY9YaPCdWaC4IA2ch6bjmsjr8y3XtW+gWJCUSUhSLQImT8doKSHdTTziby0l0lEz3C6aD1z+P1IKc8Ef+M2VCLg9UPGWs4OeHQqgmW4yuMxySjT33LvGdQ8mKxbq07fgFcsOkDB4bAilhk2ZlRICPAwUyK5PNiijdqX91Vd7c3SW5j5ZcbO4IFVtaElTPCxZlh8Bbl3R0MvEKZ1dl,iv:M9V28TbZaLGFHa1rpgD84sUMrKcp1w9BrIbu47/vGHM=,tag:HKIEryHi77RWLCRPft4bsA==,type:str] + private-key: ENC[AES256_GCM,data:n9uEARVPj/4+ad/rjxEFSEWHPP11dj9WDyeJeY4kA9CTylPNNwiVCuXGjCTFdnvEGmLeSAtJjzxj1MmsWTnHW/dnUW8SXlnp1rUVJJ9SMjTMpTZweiZW73ZSrc7srGtBxTzgNJnsPUQbxYS2wn3zECKA7aRFRPPN19vMQincZCOLq8LDw+TKFMqqmeVGE8Wfaz8c3/UsyEcIA0mpSsCBwFjSynLKshrTFsD9v350YLV/GPkq6wcV4PIL28z87h7RJFz0bMnyfxu+qf7hqRPnYzunwTinQ10w7A2g4tJ1C/JQHCdQMG4oOwrJjscRGRkW9DosXn0E724zdhee3RkxJhvt8gY5B+utsR9Ti/p/+wHOu9wnw1ScGsVULMeZT8hIwBY5wcLqDsgskNn3lL5zOhuuEKXxgSvwxgbNp7DslM8gmJQ52kmykWpQ8ChEfF6yPQNbg9Boc2GvvCKwYEJmtwcB7d07iVnBufFCSUm2WKUiEegonHLjKGxeJO44FeavskOCF6rPxhYZ3z/5Z44vKbaXItNpYglRaBfK0Dk0vJeupdkZ8kcTCB1YaGdUhi2514kF/VZlz6COlvy3VZtzEvHdqXTjkg3lya/AbEMaRqlzRe9lJg4WXR/u2WKxQLioBbpJKQvzHbzCGO8qdzc5hG/w6TFfTuemIbpiynm33YKyD+FjkKZxT8JTYY2zb7bhVC/8DOMdAZnHZ+E3bgPhm15z2QIauV91JDSeW8usEgyuOyQvDpHxRs5J7JsHg3loKKKp1WhJFuHaQ4X6X1vbYj4VZWwdprSQMeal9AWjbQBzsohlvYwfYpT1khyUkhkukH/hHDpiC/Qyw94f+rrGM2VMPdJdDIdHf/cDjLNYgbFxSIJVlrBEoKByGranQrP3+3icyaMpJghTJ/KIF46vGwREnMiRfZoYHJfZgxkBt8cXF2B78iSdKNGeYagFlyeFFRldt2hxdWPQwCuWOCgEfomekNsjCoc84zHzAKtZiP7MdWH6UuBlibKNjwA8ou4xbnWE9Jx3KpUYLqtLf4j5djwIa6hayIDWVSjWp9vZpU7B46tIQ7v8TfcRZOXdVYNsjoa3VG0z52EM3ypbE6qTF3L+m/n7M68vzPxC5U0BAxnbaGhT6/YB5ZU0I+Rn4RLi7VVny79O8IbT2QAJylJD04Pqmgv6Az3niqZ+,iv:zyvzRphBZ6bQSHSXx8nPA5lVQrGlXQy7lh52xiq8opY=,tag:8rfQoLr24e98+fc7ncsLLw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:880678429748:key/b792c6d0-9cc9-415b-bd7f-628f55f1bfdd + created_at: '2020-03-25T06:14:04Z' + enc: AQICAHgUs9A8TLHKRtAfsjeKI9XtaqZmxQdyfMJP0RLxw9s4hQFQrIu5VVu6xfb7FDNud5LbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMgMC3B2N+bFI9H0ayAgEQgDsjGbkLvfY+hEzhm4gOE5RCV/cNuwsU9EMiqM5P7eB3bKEcpg2kF3hQMx6c52TJQhXUi9tOn+fiFsWcKg== + aws_profile: "" + gcp_kms: + - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key + created_at: '2020-03-25T06:14:04Z' + enc: CiQA7dyWCt/ikCKkRctuCRI9R1V7Y5b8h2clAZSkgfwqRtfwSqwSSQD+2/5WZSJ6TAEWcUiECp1gGaGfr84iyVHzncUR7UgOJygjYyTHxNTjqVVFrR8+rk5nwEr29bsFYhKBw8WcJOiQfI60sP2Wscs= + azure_kv: [] + lastmodified: '2020-04-18T05:28:40Z' + mac: ENC[AES256_GCM,data:vXzkOHEaAosh+jnIiM+fpeOTqD3C1DPdqblQPrvklTibWjVhNdlWn5ij8GC3zQbniMQaygIfJ8VWnUZboEPHggCp4A9UHjWHMY8wWJdBs4A+13qpfYjltUI0qlo5LCu7kzimwf+3eRO9HUIoAAZg9uf4j8XDqfPGAiUtSk5Tzj0=,iv:PcMtiqYs0luKX92qfBkqfeiPzvDLN2i2gKvUoRGlEZo=,tag:J80MCUqQiOd3LXbr7TXs0w==,type:str] + pgp: + - created_at: '2020-03-25T06:14:04Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQgAlJCguMS9sddFcWmK6SRiQsS7woCZkrtYrqgpzcicA/Ib + za9lbrLta+DHbfNC+fKMXNA/T+GkKreJolDtfyXREJrNDAzqUcbCpvb6/kXPaeoF + 1cBHo31eAHxQQge0VEdGxpcIs7L6WZ8nPlwMOGz5Qhv4Iz+IHBzU5ulAiqeZZFeA + 3YcPl509kDOolPQgoRIsZZt/9SSzmb13/6FLRtWbiGAM+I4Eb0f59LStpXdQ2BeG + TiWl9RdCLrxBK/JhebauPhe6kgeaSer94Ik+/PmD94qhBYH87h9k4+hR5u7UQKcG + kKLpCuG93onzWXHYTt37HFn75a/kcLTK9eoTjEoyStJeAc/JJtaYhLYrXKBHLYml + i+l3XQsfISxJLomjS7GbIs45xARBMNeybfPjUxvO31GRTdaQIyUEJ7COD9TK+eGG + 17hDQlPFVQw4dSKPVFHt4WChR9KOlNf/esUiXGXxpA== + =uuWf + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + encrypted_regex: ^(secrets)$ + version: 3.5.0 diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml new file mode 100644 index 0000000000..cbb54f3571 --- /dev/null +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -0,0 +1,380 @@ +global: + domain: Domain Name ## Add your Domain Name + +cluster-configs: + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + data: + db-host: "db-host name" ## Add db-host name + db-name: "db-name" ## Add db-name + db-url: "Add db-url" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "your Domain Name" ## Add your Domain Name + egov-services-fqdn-name: "https:///" ## Add your Domain Name + egov-state-level-tenant-id: "Add tenant id" ##example: pb + es-host: "elasticsearch-client-v1.es-cluster" + es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + + egov-service-host: + data: + billing-service: http://billing-service.egov:8080/ + collection-services: http://collection-services.egov:8080/ + collection-search-indexer: http://collection-search-indexer.egov:8080/ + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + egov-common-masters: http://egov-common-masters.egov:8080/ + egov-apportion-service: http://egov-apportion-service.egov:8080/ + egf-master: http://egf-master.egov:8080/ + egf-instrument: http://egf-instrument.egov:8080/ + egov-accesscontrol: http://egov-accesscontrol.egov:8080/ + egov-user: http://egov-user.egov:8080/ + egov-location: http://egov-location.egov:8080/ + egov-filestore: http://egov-filestore.egov:8080/ + egov-localization: http://egov-localization.egov:8080/ + egov-idgen: http://egov-idgen.egov:8080/ + egov-otp: http://egov-otp.egov:8080/ + egov-mdms-service: http://egov-mdms-service.egov:8080/ + egov-mdms-create: http://egov-mdms-create.egov:8080/ + egov-enc-service: http://egov-enc-service.egov:8080/ + egov-workflow-v2: http://egov-workflow-v2.egov:8080/ + egov-searcher: http://egov-searcher.egov:8080/ + egov-data-uploader: http://egov-data-uploader.egov:8080/ + egov-indexer: http://egov-indexer.egov:8080/ + egov-hrms: http://egov-hrms.egov:8080/ + es-client: http://elasticsearch-client-v1.es-cluster:9200 + location: http://location.egov:8080/ + property-services: http://property-services.egov:8080/ + pt-calculator-v2: http://pt-calculator-v2.egov:8080/ + pt-services-v2: http://pt-services-v2.egov:8080/ + pdf-service: http://pdf-service.egov:8080/ + report: http://report.egov:8080/ + tl-services: http://tl-services.egov:8080/ + tl-workflow: http://tl-workflow.egov:8080/ + tl-calculator: http://tl-calculator.egov:8080/ + user-otp: http://user-otp.egov:8080/ + ws-calculator: http://ws-calculator.egov:8080/ + ws-services: http://ws-services.egov:8080/ + firenoc-services: http://firenoc-services.egov:8080/ + firenoc-calculator: http://firenoc-calculator.egov:8080/ + egov-user-event: http://egov-user-event.egov:8080/ + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + is-s3-enabled: "true" + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "CURFEW_E_PASS_DEMO" + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + db-url: "db-url" ## Add db-url + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "email id" ## Add email id + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + +employee: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "new-pdf-changes" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + + +# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + persistence: + enabled: true + aws: + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b ## add respective zone + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + persistence: + enabled: true + aws: + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + - volumeId: "volume-id" ## add volume id + zone: ap-south-1b + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/qa-secrets.yaml b/deploy-as-code/helm/environments/qa-secrets.yaml deleted file mode 100644 index 259ade0d8e..0000000000 --- a/deploy-as-code/helm/environments/qa-secrets.yaml +++ /dev/null @@ -1,121 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:4WkxlodL,iv:vlzC8FPe6/75mmhmB9B9dsIZ/mknJXt0fTd28E25vBA=,tag:eQq3cRdsiVzUDjOr3bA81A==,type:str] - password: ENC[AES256_GCM,data:smjLqxly5jPqOOzZjigpTg==,iv:W7rX9vZH8A0qwXExb8VkYmdDuGUcNT58PCFcxJvOh/E=,tag:BQJ2eWlCrulnpnScMLAMoQ==,type:str] - flywayUsername: ENC[AES256_GCM,data:NODQzeRF,iv:9R3fklMJNUitFCjvwG7vsokSkmDlg+VdEv+nNtipYYQ=,tag:vEwxJssRWLPQYkgO9eDT+A==,type:str] - flywayPassword: ENC[AES256_GCM,data:DAKGaZE5b93s+tJ/i26cCA==,iv:X6c8UEMov+kTFGeQblng5HNqM31ldRyA+ZHdjg22d0k=,tag:h/LjfVIwGrGOToczi2S+Qw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:aJK4BsN7BA==,iv:7UGxCiTwUtpNrtSp9HqWZeKnb8U3nzJqo95G1go6hPo=,tag:4dNubiC7gP8yM4WFXNHFCQ==,type:str] - password: ENC[AES256_GCM,data:yk/QSt+PbSo=,iv:vuyVVevIu8mEc6k8ZNO4eGMlny/Zd47lBs6X53SIf9U=,tag:GRpEYutdofwsC9tl9/RvcQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:8i13PL5I//6zjQqfuZug2yutMTo=,iv:NRF/lwT1ogK1cus2zJBIScDzcftUgpTSzdpPKNXC9qw=,tag:061STd5tJsTLFubeQhGfrw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:aHQqTbMIGM5rK7RknChPHpCzjrDj3KyLjCm3i3OVFjDky3awMtRdlg==,iv:8B8bMNq7IHCATzRpQM/9LJKTAPJ8RqqPUdl+A6RQwhQ=,tag:XBRFZP55mtKgEnLpG8ImVw==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:dB8mrmBjDFFIHLw6DnvLbP3ZwoX/y6JPZ5lmdZIzbkEu6/gB290e,iv:WLtMG9Mo40ACKWEQb6wEBST5wbAxUStPvS1uPw+KJbY=,tag:mDiDbqLt7TvQMdRUU5wHEg==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:EcqRnaFwRnVe2cqJc4C3Nw==,iv:sxUhse7idfRV45tiKaPIZIYs14Tb46KzCHe4U4K5CU0=,tag:p4bl8sMj1CRcT+PaBZdBCQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:VweF/7cGyd3GbXFlm+3o6wrXtaP79EDTuiHRdv7tEPk=,iv:DVBnKWKb+aHsFtAs+exJ4rQRKpyZlJAd27kMn72T4Gc=,tag:xnwnSWEBxGp+PZJwo6+7aA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:mHSZpTFspmGzffjKRsuV,iv:lWePsrUtKqvS/QyUxoAi4kzaBLWeBstBRkI2YI+3ff4=,tag:e1I/7Q1sz6liMYLnGuhIRQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:uBfR16J1GNnD5q0=,iv:v6CceMQa30VNAo7bL7EXq7VU3WYXxQ5rjGR8E7vQ6bE=,tag:Vns+omwP7c/r2HkmrozVbA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:JRwUJTBO6R8=,iv:4RwYYjjzg8wR7a1clvS57fxKiuY6oIcdlho6BMb+O/E=,tag:M7aTtuSRN/P0RiGcaPi3ig==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:dUJi/AJg,iv:VXGBqbwP5c1QICYBTSgOd7kx6ACGXAQBfNLB21O0mug=,tag:AXZZm5xvsFIdg6yFcsIYgw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:89PSNyiG2B4=,iv:NoxfubHvLTQPmxm15F8Vu4G7CnO8QEKlztDH8uurksA=,tag:H3l2z4GQ03ELaxTxgwSC0g==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:GWjEsrQfWK+3DdX3k3Ygw8wiN0cppGESKA==,iv:2IxkSAw58OOQhFxFk0p9fpcCkDNcCYmkEqzlgXtmfH8=,tag:xl2f6UfCPAxlTnrgcjnUQA==,type:str] - admin-password: ENC[AES256_GCM,data:MmUJZngsbuN3dRPn00k=,iv:2PuFRGC8LchtirkEnAvMsNQWT48lPLzTR0rbOLoGkKY=,tag:NHgGsKgBdcRsFx9MRDbdfg==,type:str] - read-email: ENC[AES256_GCM,data:B77kXCLhqsFBDevYy1YinRUMdW1N4YRo,iv:YKXMMwGBfE6RrxqU8dEDSos1AyMfpHKtBfMIqWCBQ44=,tag:aBEgVPXrPd2aqTmWZeFBWQ==,type:str] - read-password: ENC[AES256_GCM,data:91iyEma4a4OyYTR0Yw+roAE=,iv:B8WiK3p4Fr48d7zdbrLHdXtXsQK/DrQE8OUQYLuxJ6A=,tag:LvKjN++ZkzqXtA/X642LjQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:z50AO2bD4UMCdMHGQzOLaA==,iv:2qNLLj1w10i9LmD2d5QvukjsaZEdZnamgHPY5l/rpTQ=,tag:zDs5Ciy0d3HH4qswa7xyjg==,type:str] - master-salt: ENC[AES256_GCM,data:wiDIl5dhFf4=,iv:K+m0EbgZR+n+ITjYzfbzrObQ8sS+wI4nhqnbCv6bB9s=,tag:gLwOre6NbJPC/aPivDAysA==,type:str] - master-initialvector: ENC[AES256_GCM,data:uzPkjpwiOx797YGT,iv:24OyiwzwzFUg4dYPVobqAGhQVkFrZAzCcbtc3Y8ok6g=,tag:cel1jEE9TzDclEPlQioNHw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:MPQ/TfVmQ9ZeGcPvanoM9+mB5/asZv/9UW5b9KM=,iv:nx2iPTYxOPWdCNm1W8TS9mGBrxmRp5B8CvZ4pCdtKAE=,tag:grXfgdu5rq42HDZD2oQYkA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:Pppurl2VeV/VcKKUGFVt8/47,iv:9+BhxqI4mCQ3DEOYwC/ZW4UWFgEBeNT7LBOG1K51GZo=,tag:i6VK6ixmXpZOYxGWZTuQgg==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:uHdsERIMNEkB4GAt+Q==,iv:8YRJN3pGDkduae2bKeJrC7K/gMfMDWL+I6sOqinv5YU=,tag:gK7klrylR1G4n+pKDA9sLg==,type:str] - valuefirst-password: ENC[AES256_GCM,data:+t1YLS+HAEbjpg==,iv:hvPcJ24+xpQoJ8Fg992YxulsX5SLp5RNQ3gho44qoSo=,tag:Q/HT1GBGEVx4+kIjQ7yxtA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:KDjBT1qX,iv:mpQh9uBM/4QddRbTQDi9v0KJzzU/6OforKEGHR19TrY=,tag:X9xuE3FTofZq0krOGfCz1w==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:Hn5+MBbO9rDpqubaBp5QVlAKvhIz+r6LT9Q6ulPDZiq/6QyueV72QI19YyZzqERIq0+klVUO7wcbfdL8XoseyvQndPoaaZOYU+fVdy/Lks799g6iwdf3IrKxH1dBh9j7hVpcF7x1wTtuKdYNdu8o5DCXwBHczZ5d6nfsgxFXt5zHdcvWVndYN30rS7dkzzEM0xLXmOHiwLm3EjdBY7frUvyKufIonot1uGDbZt2numC0IvBBVebwpYTkcJ9k65AHWXxyuYLRTZ87l/n23HwkL1sofS7PvspPxjU7fHX+h5CMYG4HqOGbo8zaX74OGtKGxZJEbrh7eMr09UPVjXDAa4/EFkhynAOjhk1Q79XNxtrjZkQ6kgKda/dWHWHF3/ws+7hQ1rfMooHqfYSqoZIdQ/SwX6976jI9ClkzeENvNUmr8ZLF6q2C/+p+mIGpeLTBvij/uzlnu+YgqKHoNsBdTw2mkbdjekjUkKqy7XLZHP81SBFh9vRa3l7phWDFWOHA3EKEO9mLMzTqMgFjkW8vknKt7K4L8c1C9yvU6YExkJczVGsA2T0masJAAVWP23RgGA9/qT8elFj5BKjE7XEo3BqPc2HZ0rGNNBPsgamKuvC/RdUfLBRTiJ1pv3LLgIhHHSUAB0uYnY6sWCIm2+ZBh43z2hqXzJEgZ42NYgBi6Do3aRfXSi0Vh49iuZobUulVIv0yvKK3wp5SIhQvrjM4F8rqo8K3mNEeaQIlcVtVgxzkgRFkhrzwC1YLSwAL88c4IywNLwFQEYNNPSbSEHSND4KiHgFlN+o0dTGcU4OTCvO9D63UPcdJCSnImQgv73F2rUzePUPBIKuxIqH/edFGkgsAQIGh0DrGPITjvb9mypQmmcsoL2fcxbxMhR8jSzpAyqCWWCmpLrRrdo/ACFa/fRylqfAJWNox8s9xPFPDt6CkulFVyQYh9dlMbDGseRboTpT6MzAXGgH4YW+Rtcmu6yQZKlw2zKXwAdjmIbyPZiNTqi3JMOTzqUKARbTgGIbMeoEZDq407H524vGFoKdIyeLhCHyYDfhHuIzO+VVsWoXf7xKTi2xb5SmS7Ves0kUoaKScK1AzplAwtuNeniGFO1lLZNloume/tpmAO0RZQ+uWn4Gs0+OHtR6KhhVzCoCDFqzAyoWhGn7eCIhdcGo1TfyxvojD96OKEZyzXwCplDtcuhbNAor6Z/HdKCoXKf831cLxp5p48JodrYK0QiC/NCQfkS2WkBdJlKBZUI3HBfVbwIRm+vMZZoCJKhtTqxZUszfnoBkRWgJTl32A5AUOKoaxmP873ViN81WWtHN5L0lr5ntm69KNz40Oc0BSsBqhfHEEI+lSQla7bseqTlKpa6ME6tM0R0FDqqBELUXU3bfsX9ni0qRx4yAIG4U5/jTt/cnRt3fB8hrApDqf/+INjQJmzEbLxOJTavjFTKjvdjZjwdkFWMOxQd5n3eVs7tIv6x7yLCK2Q3HmQHagFFbpd8XIs9e+XmQAHVyBMRQqVXvki9qXaioFzht5bPJyfrdxxZy3LxQBepRwm2HNT1SqFCjL+h2d2tD1IS423sD6ltSUgbbm/RQXyyMNuWrUUte/AjwgswYg2aFripB1rwQKWek7CS2Ra+M0CrNnChpQ52fHo6crshb5KVRFso/rnoxI2N6GadjbNgHn7XCGygqd4FBeNLM5Y6mvNCh+xorGmPAeqk043q+SrRDUYMZwd+Sjmj5Xg5VMHoKfI9a9a6r0u7qjxmbb0DvPtHzsb+thyVX0BSHtri1CHd0uoNSNIKFVIT0sIFtEEoPbbEDNipog6iu21Tj27tSQS1XlXvB1h5zKCYwaW7ZygpnPaGmy2+OzRxmzmXTpgRWUN+1NhlvZgN8edO+CItBSSadxk+06CQsbWUOSnuhstdj4Oc+WJgcTCqgfVGoC7MvQsnMKTzbMxWxKphz0Gt0gf4gSj313XkSoRyvcvKqm6f0AzYOy0FEqnxxuHPA1zbWotXApIKRAFCM5obLvtmiyu4rqne03gAijF3kZEQ+Nw5aWSSEVttx71Z29JjfI/lE65EK10wAaPvaSf+JbxZ23kUhAp/e1oCqGyUF2GhkHbTzCRdy5gUhYq7rdYjqgVcFEewIVJtQ+S62Hz9ZFiEgK90uEG3xWBRa2+ORZ+jIJcL0peGedNeKCr7EGnj6gO2L2tl1DDDavMFMt6Q9hHxBo2P+ZPGraWMN5HXRkYhkuwA+j1ogcWI44kKXmcQPj0bkKRomuzzTpc1vTSmUKjnTFeSV1p4R+p4X4JBs1WsdHmN6xIlvLt1JsaVXdfAiAGvGOeDv5nsBBG7NTibNAGcB2ucHmsoA6ZUr//49peZqBQRxDO3y125ePTEX1ZmlP/YHqtvciHB/xjynyRumOvjFa6yQR02JXflRRk9hahSFxe8QVkLqHPbnhMIRdYrtsKPLu8NPLL6v+e/qt7dESnFsfpzw2EYSXJLKYB+eAVh26hnotTp5LswfSOdK37QtCIKeG1o2m+X/oRDkGP0/hldl2XyaAteAvo3hWOhbVOxaLhGoKosvmnOczqsqHwnu/RBtSYunbqbw/Ps3H+Zd4YIicR29FCDax9i4a1rdOCSoGOyW76s4gL7ACYTXVKRKCt5bnj1avxBBr/fDHHP4vjZMpVnfRUnaDyeBpo7zgyfGQzorpkqh8okFBYgdT8vIZca2n0KA0cJUU/+rzGlJzMCAPB4EdPuD5TPaI7/7xOzRPyN5UDfsPAoGrWESnTjsb9rDwqK9f06E+drQl760I1fn+OezzAeuPn9MDykVFO2tXX21qkdG5lugmvYuo6kflfZ6AzyWY6uxn0lcy4rBLxzzAIHAi/Vp4Ugj846dw06IDgBGjBELMXjuz439MPmb/b+NL2tX2jFXHma5HUxgUKkxOkNU5VrETXVBAXkWv9VHRpsBFypiMGE0+RlX4IEoOGip1wZNMTeLv0xt7JaWroOTXv9Ok3box/ZEsrXwCZMtQqGteTEfc0/FXKi2dAY6XItZybE8XqGmm+IXXS9NMaJ3jbKwJuuHGjab62vCabGVcNggDQVRLbOMBh5my/yd0guy/GwzMPCkO06Kumo0+ZnabIqROJSLBFQVIiEy3AgPRuksT0claiZD1lUQBb9/zs78nOXdYZ3bwTgWLofkvGeZwCy0vyRmHereSImjzkNSN8c+A9uOMKP3zfLj8r/nB9r/QWt30F8NQH8OvHvftXkrhg11RsS5Zjkm72RaY0/jiJtjh7QrBHf8gDEe4Zy2eMK7qw4PZmzKgPn3O6MWC769vDfAPHWPJKwWm9qkkQYILJcdfd+ikrmb8RGipOC8VWAGF6VCPNUZVS85TOx6XQR+lfJjdlcstoEpZYx0PTCva1jVT0yZbVQTy864yT/JZ1ixsE4YHGmyP61UL66WNB0eBrC6hBhLoRQ4HbVAX1nZMmbYhFsVZziQAczfEsnyUqmax8W1egOQMhjzzgX3QGtrO8P+Rc8Yi8tDD8ACX7c9aIsGFqAGC2mgLCMmkkonVAYR2wOuXh32lc1ZA6chQ+garKe0guXVP0Ulneipa9sIXqxCmEm7HfezQK1Y3dKukSsE0LD/3/xpaoIRc4troL3f1Krh26U8KQe5fCHa4lu12nAGL8kf2bRM5YXeS1t5GglS71vsGYjuanA6s6ebOdBeIc0LglDcB3/DNZsmmXQ0hmwXL16FrLAUL0KByADNC4hBR7Ql9Vtbtt0m38briuJAEG+Jo4dXVZl+15Z9t7f+9FYU4MdkXro9gIT+N9zQSqXgXZWcPHQ0EHUCWxkDuTsXcwZyauh73e6TmG0gOnUknGte2tXjraEC/CHZrfxJ9QuRJu2hLXCOU0StxKWGQu/e5AEU4f1Q9oenz88XqyjSTF1zGBVTelRfuAEtxuHv74cb5rzUUX29o6FxAMNTAFXzw92MN+DECXwxlOIFybx3VFGHX5nZpbm+l8DNxoaH0BiC0gsBFwmv/XjnG2KBlm6PsMRg8JmMKyaFAXPUEZ03TDf5PMfsPISNzOlpM+PNr1kSG2mKO3nwuV9tR53PX7sJCCLotZRWYudaCfX9INpCIMywZ1GKMWNgZpvD7PJib3nhTMm9PMDIgFFtMaoa+Rv9Edn9Npq5kcEiQuLWyzkBstgshs/ByoiWg0wApiFM5HCfPjGgbYD0Vl36QbaxpQReIF69X1NifNhtPtF8o2U9nsF0mV/5xeMZCqP7kR0Frlda7WKPxUKIDaB3FVGcU2gei7G/VLGdnGuN8pH0n0HxLU0N0aoqUYjZvwBsCkyZES+Te5uM65FNWkEYr5tU4KUtseuuF,iv:XZh2S1oKxQMzpuS7PbyFe6htOHloZczHso1kDNgBL7s=,tag:3yJZjInxqBebIY6N2Dlw6g==,type:str] - known-hosts: ENC[AES256_GCM,data:J2l/pDy6gbJdoLEyNZDHzBsflhmEVvCXKhAREVvKBkCuyg041kdPEiB+oXBPU6KiK3ThCimqXt8hxffMsdYvwicPBXQrSAU9MlUdSUxxdLoillT7wyEBeRReD895Pm+NOLunR3xdyV6squWEUuqKb+i8ZbLLEK48ddwRVHuxeCR2QAuVyk+TdMsdcs9SBhkmykqS1fywG4MbmyflAQxKAMhS+hUb7x6nKwv4Uhwi0nHsOm0gtEFU78a3pJqtTfWFRd+0maCNH0CUhSscTh/CwcM4A0a2cAz1HGmDoTwMlAQt35bxtox2pW6HbBEUuz2vfElNqf2R4yx7/9qQPgTw63+G3yBQ3u0LsXHl4RQG3siA89TZrTc39ks8i9SbgshRrKQuUbFr4SxxyWAb7ApJckCIdWi3z+Ek8c9t83sFEw6RzpKWuNSC5pqoOfQcidynw1tt/NXHDxr86Hp93WS1wIMxdIabHY/kxk6wwsBedzXgF5/JBVEa38qPt+wddlVqV1+3IBMTww==,iv:Yb2N7US9bQRadUxBAQH5hxUUFttjmN1lX6iWfCZYqJU=,tag:uufUuzF7ZoimtilW3aQsIA==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:Ouj2PrexvferHQ==,iv:NmrxIGF3Q2D5vn/Nj+bKiZB+ifUVm0z19L7r9D9QOXw=,tag:PT1fUkhlvxHCKcODvNZXsw==,type:str] - credentials: ENC[AES256_GCM,data:fKmcrkE6ADKpXpde8FuGNu4/7jagh7uxzKDODbCI1wzFUT/9huKvbegTreEHPsbP,iv:TNRdnOgTa7mfw8KlLlP7sruqNzBMEMDswPB6cbPLtA0=,tag:DUoSdrRzlIFmLn1D+34BIw==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:KvuHmSnEBK83Xsxbxh+40Q5EXb/omhZdeogJtg==,iv:2XyhrlA9nE7YxdytNG4jsqt54DsU3AanI9YWzWXzuuA=,tag:E49YZGsd8M2vZctsQUZHJg==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4hEJgzUIYceA5v3BhFDRPQ==,iv:RomD0diHCMmpBu3sZcRqCXiebB7e9rHg3Utz1Tugxr0=,tag:cFgZgMWx45uUfJ2ccbszog==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:8ZzXBPCTjA==,iv:WxlTb7T7NaNu/fyDHV0Nmkbq/RVQo2gzxc6xgsJaDkw=,tag:OStTMGTaLYeAYyksg41qSg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:RZuUmK3wSg==,iv:96zuQUblw8SF8SM1kzSfDQMOZkyJC6fmvo9cu7ZDLRA=,tag:tZGpCvljljSMaTgskpitww==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:WSs4ukNqa3VOPn1iYc7V,iv:sVuAhHrnOxYDKtLMbpziuTlPyGKiKUp55KmiO+RkfXA=,tag:U0AFPDXxgKBXgNsdvbp9RQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:KpZRD3ZeCkGSygg+u2Kmc3uoQMLGPvKSk0a4nSX18OI=,iv:rzfyhtv1SDt+LXMHr9muY31rfhVh9hFjmriUazPCKhs=,tag:ODkE8FxdFpqTn4lrBiukUQ==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:E056Atmi,iv:4S3Cs5fuPNJsEAxCgTyYAEUIBU5Q4sV/LgGfsZISTZQ=,tag:MqKt5LQreJSqtgyd/qFi+Q==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:S0I6lVyVML8=,iv:+sUyrfNMB2gHt0CkIERtzfvyHB5VZQFAB1SupYHdc0Q=,tag:JGfHlH6hU87sYty0IxUY+g==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:rVQU1s4+Hu9Z,iv:RtH1h2i81vkeVCAE6zZFbWo5SSNObkSL9LEbQ3mpFOM=,tag:q9azQsNr5Fi4ZgQEPvGlbw==,type:str] - si-microservice-password: ENC[AES256_GCM,data:g8U5Z2zQJMbmZV1dTQ==,iv:MDdkN1HlncKzBCifMtx+GxGIgUlEFYArGroOC4f2Tjo=,tag:4RudOZDDSp9Hom7fWMGhaA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:qbzt2oUTfBC5KDjrYdtoxWg=,iv:SWto+oBNIbhNvxyv+B0dTJvD9dvyJ7KCTgzsuiu5k0s=,tag:IGwSbZsHsUhu4gMhpLBuhw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:QIekehKXbe/N4NTz0zSBKpjswEk=,iv:cW8g2hZCXBwNEr5Q0/Nw2UdcDcROr8gEBqV8QSYcgUk=,tag:KObBQxjbB4ehBzFql0n0HQ==,type:str] - clientSecret: ENC[AES256_GCM,data:bocCRH1PzXinsAWyka10JZGdRSBjP3bG5LABKhqCANzCGLMHGYel3A==,iv:QSGfYo6dY6RAWZb1QaHj7SJpcUuWs5fBIaoGvYUW4xk=,tag:WBQXBRuK8Y5VEIcC7nZGpQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:e8Mme2eVpzn65PNmnksUI4XT4fsGK/Ectsk7dG0lM33jTMC1evan0HWvKSo=,iv:wK3P8JZz6iI4DePeXJt9qgkUOskZPjxkYLn53pBmQBA=,tag:RDdfgbHYCAypadwkH3e3Sw==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:ai7eVw49NuB3jcvz5P490xDkPgA=,iv:jawerDxGYVF7F1E5Gv69/L8txvcSEj4vQofcFSuGu/U=,tag:SMAZJq00h8A29SfMFifF4A==,type:str] - secretkey: ENC[AES256_GCM,data:StS25e0lKoE+SDJvPbSpkmlXskaVwRWuAFNKprE9CDG21LHJm0nzKA==,iv:J7hXJ2YgV9yhZSs8F/Sd0G1jAyYBd125H+jhN38oNuQ=,tag:MLslxNb9PlIGWrtWvVCMAA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:3+Q=,iv:o2lO7QHNxRVrZZZeHJ69dQnGXBkePdBk+pX70ie7aAs=,tag:sfHlc1r18cqiitGX3SVlAw==,type:str] - route: - receiver: ENC[AES256_GCM,data:MnqXwcTn9lORZY6pd26Pm7Tvtw==,iv:vvGOv8j4n1Ec9cFaa40tFI4VT4svqb+MttxpRusujUk=,tag:YWnE+AjP0k4KPshtKTR34w==,type:str] - group_by: - - ENC[AES256_GCM,data:TZECBOa+XdIG,iv:S+20Q+xjZ5aC/FAL+PHBH6YKw/qh8xyPtzpDbQI+zgE=,tag:B7u3xrM23Io7FH4Dr02a3A==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:yIAWr2hKaj6Mm+3MVkLlFggbng==,iv:U3xtypx+s3b3ZEE5ufo+NiLzr8P86YOPREjU/5Jk7x4=,tag:yMw6wFgAl8fYkSDh9Npa5g==,type:str] - match: - alertname: ENC[AES256_GCM,data:g/xzDVUNCv8=,iv:jqQKcNvjxQGs30EIqqeUX5s8g6P2arp+WqZBMZZg+gc=,tag:1HlCvVt7j53X3XVTTtrK/A==,type:str] - group_wait: ENC[AES256_GCM,data:C8pd,iv:1I9/7YIW0w7J1t3r1lGG/hQu3grefuIHFnCMsKBrXd4=,tag:s2wGoTPneDUqXhDUfeff8g==,type:str] - group_interval: ENC[AES256_GCM,data:sxc=,iv:0pBM99ZC247Z9owWf12k/jjV31m2WswOjQiAIIbcWbk=,tag:Efcg8dkBWqxMLQuWOvmxZg==,type:str] - repeat_interval: ENC[AES256_GCM,data:J55k,iv:2iF9rPBontIPgg1qhHR0vZdHOSe3gz0DhmNgeMV5pNE=,tag:An5aq15C1tdAirT/fy3sTg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:JWb4w/YFqkluD0DaRyb4unxmfg==,iv:BROTJ3+jNhdAul8SXW1W9IhZ4DbezN2EHG86IuDCGIA=,tag:Qeao9N9+FvD1ONoXCKjc3g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:8uyAUA==,iv:/stP+sYtGugTAhBtnPadsYg7n0uDSXEJXlMK5adbxrU=,tag:xPq2wlITaIcWLred55dmdA==,type:bool] - api_url: ENC[AES256_GCM,data:t9sazehnkpwEarUQ2MOmKto84L6vx/FnyB8uAy5GbmHfudSKi726I1+0XKVZwCxWs60AkI4Br5RiBMZ+evKSzyUXLgaZkHTQ4pNkfhkEiw==,iv:8bFzt1QxEfeCrNMycar8tieLYrblweU7pAwpNXSKniI=,tag:hH80OdDSaikzJTO8lBduzg==,type:str] - channel: ENC[AES256_GCM,data:TipJ83ApjX8hj/Oz0mH5XfLitu4QYQ==,iv:myL5NPm+FzkHM+AWSmuYjg1/Yg0IJBclg4L4OlGDxQc=,tag:F6ECZ5/hrF/RaINl0/TwNg==,type:str] - username: ENC[AES256_GCM,data:EfuJ65cEVF/jEays,iv:g1dY5wmRJmYuh+J9THtlheCMH26to2/I7qclyl4G2Tk=,tag:wpHaQqwaa0mltfCHkM76pg==,type:str] - title: ENC[AES256_GCM,data:Kx6JxshhS1i9eabGF3nMxXKyveJVo8JqTOF2TmlHtNdvUKnWxFU=,iv:LCcYvBh83X51mArwh+jJO8J/RP/jvHfcALca2X1KZDQ=,tag:cBQz7nE5njDX2FFLv/a+uA==,type:str] - text: ENC[AES256_GCM,data:/A/BWdqp9Zvfcjo5DNQwpXs4NNsrqN1tz94dEox9VRMQTmre9g==,iv:Nb/QUHQaDAxXF08MWstTFPmdPmCeC3qhguKdms7zr6k=,tag:rmr9aby8HhZ4uFxWDPIz/w==,type:str] - templates: - - ENC[AES256_GCM,data:Sc4iTE8UC8+pPvUFO8/8Fksuw8IkklUKeky48GUHfP46AQg/nie6oW0qY+YRp+QoQloWxi8DgvttrgngqBhMlbdZsvfUF7s=,iv:n1rv7qsi6MfRSTBZ3lzuNs60Db5/yEWO3epX/wMy5ZM=,tag:hDazbgAj8NFYnaaiot6YAg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:47:02Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgHRiqAvNtsxaDfq9hBSI99YAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMdxj8wzukqtwroaK5AgEQgDvbpMg/C8orUa5P5lRks8a7QNGanXLa+UVBPEz3tfZIAikpIVxO5GX6T0jf9CZB4MU3mduU+e8Ks4ue8Q== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-06-11T11:32:37Z' - mac: ENC[AES256_GCM,data:B1Kx2VozQYDED4fYBm3hzkpAELuNYKUtZQ6p+JQaJ7xa6mUy23DXKHeF352CWQRk/tY4C87Qq6IKkQwNNM2Q0WzuK1gBEmRScfIhDuxoSvE8HiKfm+ZBofseRmAX8RRmMD8uMyvx20fkda9HiJM9AblHtG0FGXdY/95Xt1OMSWo=,iv:8ahy5Zbz7IN3eOktKVpsZJG2cOJ/8ku/R2p02qi2BWg=,tag:/lTlAGvP9sBqC8pAi+kodQ==,type:str] - pgp: - - created_at: '2020-11-10T06:47:02Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/VnJ/WLWL8TKUTQsTE9+XaGF5a00JSdDJTVDw0XcL+Qxh - FPe9AhKtJWX+BQHSInTJOOXNiXb8Sr7c1uEYZl588UTq+VXHTHRWsmaVk09S4jlY - H6kn7OQuNB/qiVlYPCUL682vMrM982l7QLV8jQCVTn04r7zb8dj5WmsVw7TjXTpt - UbGUOM0Y/NK3StkDo0tz4jN1meU29KYP0xP22EPeiL9igoyLNE0U7EFFsUgK/Ezk - IYRioaYKHB82RiMtoGU+GfhL2Fbbqgxd08qtD00HAHcQ9+UgRK5vPvfOF4otIAJ8 - s2HF7cwbVG1abvuxqFnQolUDoCujpR8zmzbm1lwBddJeAX68c3h8OwOgLPDds+mh - Dodd0+9K+o81dK+k5pX4LPE+Eof7IP9FUuRIiQcF/CExG6Ao1Tvc8VP2LRlXOLp8 - ysUdNXN/x/+5zj1HGwfdORv7iSomukX8grAl3J+h/Q== - =M0QY - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/qa.yaml b/deploy-as-code/helm/environments/qa.yaml deleted file mode 100644 index db848db89e..0000000000 --- a/deploy-as-code/helm/environments/qa.yaml +++ /dev/null @@ -1,811 +0,0 @@ -global: - domain: qa.digit.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: - [ - backbone, - cert-manager, - egov, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov] - - role: admin - namespaces: [playground,kafka-cluster] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-name: "egov_qa_db" - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_qa_db" - bpa-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/bpa_qa_db" - erp-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/finance_qa_db" - domain: "qa.digit.org" - egov-services-fqdn-name: "https://qa.digit.org/" - egov-state-level-tenant-id: "pb" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pb-egov-assets|egov-dev-assets)" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - es-infra-host: elasticsearch-data-v1.es-cluster - - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-egov-micro-qa.digit.org/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - inbox: "http://inbox.egov:8080/" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - is-s3-enabled: "true" - minio-enabled: "true" - fixed-bucketname: egov-rainmaker-1 # Only for Dev & QA - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -xstate-chatbot: - whatsapp-provider: "ValueFirst" - contact-card-whatsapp-number: "+918448098732" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918448098732" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - bill-supported-modules: "WS, PT, TL, FIRENOC, BPA" - pgr-version: "v2" - pgr-update-topic: "update-pgr-request" - information-image-filestoreid: "643bfd34-5b28-4ef6-ba80-af7f529fe69b" - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "QA" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - - - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - - - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/pgr-migration-batch-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml" - -egov-pg-service: - axis: true - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/echallan.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - -egov-custom-consumer: - erp-host: "https://mohali-qa.digit.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"}}' - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_qa_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/xstate-chatbot/message,/dashboard-ingest/ingest/upload,/edcr/rest/dcr/downloadfile" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/turn-io-adapter/_transform,/egov-pdf/download/PAYMENT/consolidatedreceipt" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -billing-service: - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - apportion-endpoint: /apportion-service/v2/bill/_apportion - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "digit.org" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -dashboard-analytics: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId&businessService=$businessService" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: "50" - -property-services: - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://qa.digit.org/employee/user/login" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "qa" - - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json,file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json" - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -echallan-services: - egov-idgen-challanNum-format: "PB-CH-[cy:yyyy-MM-dd]-[SEQ_EG_CH_APL]" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_db" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - state-level-tenant-id: "pb" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-035c8d16ff1e608df" - zone: ap-south-1a - - volumeId: "vol-0b2346d4e878b81dc" - zone: ap-south-1a - - volumeId: "vol-065c7bad214581f2b" - zone: ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -kafka-connect: - image: - tag: "5.4.1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-05bcee18ca03f721a" - zone: ap-south-1a - - volumeId: "vol-052420660092a4aff" - zone: ap-south-1a - - volumeId: "vol-0d9082e3386bd9520" - zone: ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f426b930b4d76c61" - zone: ap-south-1a - - volumeId: "vol-0e5e6064b5cd964a3" - zone: ap-south-1a - - volumeId: "vol-011833ca32406fddc" - zone: ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0005013cb96e40469" - zone: ap-south-1a - - volumeId: "vol-0b18b26f723c3d731" - zone: ap-south-1a - - volumeId: "vol-0e1bc8e5ba4281666" - zone: ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-qa,devops" - upstreams = [ "file:///dev/null" ] -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-finance: - replicas: 1 - dev_mode: true - filestore_beanname: microDiskFileStoreService - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=qa.digit.org - tenant.qa.digit.org=state - client.id=punjab - tenant.amritsar-qa.digit.org=amritsar - tenant.jalandhar-qa.digit.org=jalandhar - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - -egov-edcr: - ingress: - enabled: true - zuul: true - context: "edcr" - -ws-services: - is-external-workflow-enabled: "true" - -sw-services: - is-external-workflow-enabled: "true" - - -egf-instrument: - persistence-through-kafka: no - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-qa.digit.org=mohali - tenant.nayagaon-qa.digit.org=nayagaon - tenant.amritsar-qa.digit.org=amritsar - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -# grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "qa" -# minio >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -minio: - mode: distributed - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0085073c65f7568a3" - zone: ap-south-1a - - volumeId: "vol-031fa52f18391ddab" - zone: ap-south-1a - - volumeId: "vol-054c367d60f236577" - zone: ap-south-1a - - volumeId: "vol-015c0f14cb3927c68" - zone: ap-south-1a - ingress: - hostName: minio-egov-micro-qa.digit.org - -# nlp-engine >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nlp-engine: - isSentenceRecognitionEnabled : "false" diff --git a/deploy-as-code/helm/environments/staging-secrets.yaml b/deploy-as-code/helm/environments/staging-secrets.yaml deleted file mode 100644 index 0f04be97e5..0000000000 --- a/deploy-as-code/helm/environments/staging-secrets.yaml +++ /dev/null @@ -1,120 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:rlwx74Vo,iv:ryT721LOpXOxLoPb5cLMnPOKeBMKdYw5iTr9oKnBQvw=,tag:jcQ7bHeCpQRRD695TqnbwA==,type:str] - password: ENC[AES256_GCM,data:vPC6D29TkTcwtw66g/FSaw==,iv:CcTl/3Ez01EbaiQZitlb4hwhVmqmjP8nNH0jWnF163k=,tag:OV/czZSWCauZmWQ38Ip50A==,type:str] - flywayUsername: ENC[AES256_GCM,data:i7BiRT7z,iv:oar3tezcuh0hLw7moc8eMxTW9v41dkb5AJxxybYd50o=,tag:BG9DbFV4UTxP+f4uG4yXhw==,type:str] - flywayPassword: ENC[AES256_GCM,data:W2OxvhXREj4EYp+bl7wb/A==,iv:cSU57AgKr9kaW8/zw0FH7y+DCbn9FFkthy0WLLosp68=,tag:hoNO09iWmdrPwszc4iPdig==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:M3qMixMjGu5OBENIG1NHUpHUX6Q=,iv:nYp30K71FiIODnGZeqCtWxxPSKNhzj/eHxQ3wMmOjpQ=,tag:Zf4mVIG0dPfaZ7HFcru3+w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:s/C8CZ0b8lry8DnWAYKsST835mgzwnd6xqi54CMH4Pjk4TcfZyV/9w==,iv:2WOzXHSlUWPOR9t9NzMs0LFwdVBoSLbkglVDph5mdIA=,tag:6mKNXA4OGvzp8dFnTsos/g==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:RN3G5VeFS8T3XbzaXr0+nw==,iv:h/bdQApXCQg7y3SUyyINByOKgMOWAJ8LsPvnxq9Bbxo=,tag:ju7zSODwxTlqXyQ5pFJuig==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:DyivoESTToF9YJjox8y36ssmwcvKaOhsoC/fcyY=,iv:+pNwxpneD5tiwX5fjVd4gssQtDjtDPl9LTAfSBdX+cs=,tag:byu2BFHTcM3X6EdNGn2Unw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:NAkt77ffExP8dCKO1meyJeGt,iv:Wu7k+de1S+qMFi2b8s5/Im7mxaNsJwZbIkyR4HfkSa4=,tag:cXgG5oLvaoOKxVZ1PDqdcA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - wordpress: - wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] - mysql: - mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:HRTC4mIwTW/b1MpB0gQST+C2l0Q=,iv:L32678svF0yRQXt2f1UwYsl7D2U3c1FNxtbul3cRoeA=,tag:mpYQo/EKGCdZqBdSd8Jn7Q==,type:str] - clientSecret: ENC[AES256_GCM,data:zyXCsvf2a3PSBMWod0DrZ4MnLTFEnmiQetb0W18CgKPa05Lux1H85A==,iv:2HmVL3toEnpaXNoV7JceVtlm3EslNNRwC6r9nQZVPTQ=,tag:jD+8oSih8DTLI7b0hxkySA==,type:str] - cookieSecret: ENC[AES256_GCM,data:F1d5adRjFFMZOLjsBYKTW6P9vXa5LnxKc+K+BVMJeh7fxXSjUw229pD/nlU=,iv:03hFQHm/J4WWz5G2LdJLnx51H7CDz5fveEGXj/vGwps=,tag:HD3Z9EyQ59YLZZUhaKkKIQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] - group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: - alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] - group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] - group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] - repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] - templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:dpUIAfOGg/DYKSyDRuvBusIvpbEj5kauwVPKCws2QZzIucHcnzLg/bAD+UG+8lKMk/Wvm6mItKA42nv/5sUYE7O1siU0a2NSPiNc9TMZsfYoeodwCKvNNLQV6oE7rfgFvoCHteFha51eQIvcwg7KVs/LDfgaH6qnXxNQd2iunMqVR8YFRjC8+fNM9xhe5EEaVDvdsGHCHQxawPGompQZCueNa+bvt1Hh4p0avlep9MuIEzBkxtqTspvsGZW/dowiEpehXKj1HjdiovxlMK6ZZziMsS8SJ+ftTLwaX2hVW4hnYNKwimNzC1o+ga+roOUVX7Csf3CelsMhd6BvhZOrf1kXWeRgjGEH1KH7CnxdTSHzGn70MDGfghzbm1TQerPPWKQQB7/GNAgYIdr32xvvaHrVyguR0SUrIfhaW7cYi4RXQuxqNbIDe5LtHE+GU6MPz+3QBuRUPOJlDI8TaGjZPDwBQoimwsBTnaQSGFcxnv8FOF9lIjRjXJNGkHKgk3JsFi/pRYIdbQ==,iv:cK88hnm4Q4llROhS/RwW/18NuZuIoFH+zs83PdaAT5E=,tag:Tb/rFgdvV5ed0sZ8GmXMVA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:48:05Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-04T06:35:55Z' - mac: ENC[AES256_GCM,data:7/g4dqVzj+mSJ93bIaHJsNv/+FTMHO30E1bx7BCkfT+q2NFXwpFLWAP7SJvo1mdWhdXoOxsCLu2ZbXXDXrHtkJT1R37AZ4g+CfLOA7FFW1jLPMTQS+sALwTi5OrMjv4v9L6TFiPQuNIG2CIjoadoDdNSj1zJk7bDmY7WOqhwVdM=,iv:gJFi3s/B4joVp43tAtzEJPXjYCfY2ZXf+V5rjY7R4ZQ=,tag:xm4dMfnQ/B82vpbg4j4Y8A==,type:str] - pgp: - - created_at: '2020-11-10T06:48:05Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv - lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ - gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ - Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t - PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF - 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS - ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S - q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== - =msen - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/staging.yaml b/deploy-as-code/helm/environments/staging.yaml deleted file mode 100644 index cac0541a1f..0000000000 --- a/deploy-as-code/helm/environments/staging.yaml +++ /dev/null @@ -1,820 +0,0 @@ -global: - domain: staging.digit.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: - [ - backbone, - cert-manager, - egov, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov] - - role: admin - namespaces: [playground] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-name: "egov_staging_db" - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db" - bpa-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/bpa_staging_db" - erp-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/finance_staging_db" - domain: "staging.digit.org" - egov-services-fqdn-name: "https://staging.digit.org/" - egov-state-level-tenant-id: "pg" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - logging-level-jdbc: "debug" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pb-egov-assets|egov-playground-assets)" - serializers-timezone-in-ist: "true" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - sms-enabled: "false" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - spring-jpa-show-sql: "true" - egov-indexer-yaml-repo-path: "https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-telemetry-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pgr-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pt-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/billingservices-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/tradelicense-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/collection-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-uploader-indexer.yml" - tracer-errors-provideexceptionindetails: "true" - timezone: "Asia/Kolkata" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - land-services: "http://land-services.egov:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - minio-url: "https://minio-staging.digit.org/" - -billing-service: - memory_limits: 512Mi - -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - is-s3-enabled: "true" - minio-enabled: false - fixed-bucketname: egov-rainmaker # Only for Dev & QA - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "pg" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-mdms-service: - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "staging" - mdms-folder: "egov-mdms-data" - java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml" - - -egov-pg-service: - axis: true - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PG-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - initContainers: - gitSync: - repo: "git@github.com:egovernments/playground-rainmaker-customization" - branch: "master" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-20191106.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -egov-custom-consumer: - erp-host: "https://citya.digit.org/" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update," -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# hr-2.0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -hr-masters-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=hr_masters_v2_schema" - -hr-employee-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=hr_employee_v2_schema" - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> -collection-masters: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db" - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - citya-erp-host: "https://citya-uat.egovernments.org/" - cityb-erp-host: "https://cityb-uat.egovernments.org/" - cityc-erp-host: "https://cityc-uat.egovernments.org/" - cityd-erp-host: "https://cityd-uat.egovernments.org/" - citye-erp-host: "https://citye-uat.egovernments.org/" - - - -finance-collections-voucher-consumer: - erp-env-name: "" - erp-domain-name: "digit.org" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-micro-qa.egovernments.org/employee/user/login" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "es-client.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-0acaa5b654eb81db4" - zone: ap-south-1b - - volumeId: "vol-0dcfb5cafb662fef9" - zone: ap-south-1b - - volumeId: "vol-0e62b5e2a156cfcb8" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-0d0217a7152e0306f" - zone: ap-south-1b - - volumeId: "vol-0332238a1717be59d" - zone: ap-south-1b - - volumeId: "vol-03f04526d46143983" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-029b6b8cf084e24ee" - zone: ap-south-1b - - volumeId: "vol-068f76847e14fa12f" - zone: ap-south-1b - - volumeId: "vol-06f3335d6b85b444f" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-09e9ca3accf052ae6" - zone: ap-south-1b - - volumeId: "vol-015f2c403a0184e2d" - zone: ap-south-1b - - volumeId: "vol-074edeffd25dc4b29" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluentd: - images: - - egovio/fluentd:v0.1.9 - target_env: qa - -delete-old-logs-in-es: - images: - - egovio/elasticsearch-curator-5-0-2:0.0.2 - days: 1 - schedule: "0 12 * * *" - target_env: qa - -logrotate: - images: - - egovio/logrotate:0.1 - logrotate-interval: daily -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_pb_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "pg" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -whatsapp-webhook: - replicas: 1 - images: - - rushang7/push-to-kafka:1.0.0-bronze -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-uat,devops" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "staging" - - minio: - mode: distributed - disableWebUI: false - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0085073c65f7568a3" - zone: ap-south-1a - - volumeId: "vol-031fa52f18391ddab" - zone: ap-south-1a - - volumeId: "vol-054c367d60f236577" - zone: ap-south-1a - - volumeId: "vol-015c0f14cb3927c68" - zone: ap-south-1a - ingress: - hostName: minio-staging.digit.org - - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=staging.digit.org - tenant.staging.digit.org=state - client.id=staging - tenant.citya.staging.digit.org=citya - tenant.cityb.staging.digit.org=cityb - tenant.cityc.staging.digit.org=cityc - tenant.cityd.staging.digit.org=cityd - tenant.citye.staging.digit.org=citye - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -# eGov-finance Tenants -financeTenants: | - tenant.citya.digit.org=citya - tenant.cityb.digit.org=cityb - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -egov-finance: - dev_mode: true - filestore_beanname: microDiskFileStoreService - -wordpress: - persistence: - enabled: true - aws: - volumeId: "vol-0d127a43397d47352" - - ingress: - hostName: portal.egovernments.org - -mysql: - persistence: - enabled: true - aws: - volumeId: "vol-057d51bc1e449a434" diff --git a/deploy-as-code/helm/environments/uat-secrets.yaml b/deploy-as-code/helm/environments/uat-secrets.yaml deleted file mode 100644 index c661215d12..0000000000 --- a/deploy-as-code/helm/environments/uat-secrets.yaml +++ /dev/null @@ -1,116 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:3f/w8rOU9g==,iv:l6YC8x6CZRgVI6MlT0FJhsGLYuZY+uvdy54jm6nRNfU=,tag:yHTWej+XDB2br+c8p79fnA==,type:str] - password: ENC[AES256_GCM,data:JfTZV1c3hLadnMh7T8Y7vdX5LwE=,iv:DMCau96gueCazEsXk2wH1psnoDUOCKoiV3/G38xUrI4=,tag:0eIjp5tfaXYWBo5y/Q6bTA==,type:str] - flywayUsername: ENC[AES256_GCM,data:EZQg7nvEhA==,iv:JYblje1PBJOz9oxcdOk5so6R/fcp3BDMC5l1vVFuQtU=,tag:WbdL0jpmgVMMh3oI138Kxw==,type:str] - flywayPassword: ENC[AES256_GCM,data:WUA8DSxkpQxw/ou8jnUiXHAqaTA=,iv:9THLdxqdDBwgcc0dG9SmBuSxZHhdW9+vgQn5Wtun580=,tag:3FrMrJF+qoJHcRKX8Tc6iQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:6XKDSQBE3o4=,iv:lRjFZCAHER4FatyLD3Irt8sywi4x3+Rb0zsS0vUwvPI=,tag:shMpyoGwkl79KG0fbSORlw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:M3qMixMjGu5OBENIG1NHUpHUX6Q=,iv:nYp30K71FiIODnGZeqCtWxxPSKNhzj/eHxQ3wMmOjpQ=,tag:Zf4mVIG0dPfaZ7HFcru3+w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:s/C8CZ0b8lry8DnWAYKsST835mgzwnd6xqi54CMH4Pjk4TcfZyV/9w==,iv:2WOzXHSlUWPOR9t9NzMs0LFwdVBoSLbkglVDph5mdIA=,tag:6mKNXA4OGvzp8dFnTsos/g==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:RN3G5VeFS8T3XbzaXr0+nw==,iv:h/bdQApXCQg7y3SUyyINByOKgMOWAJ8LsPvnxq9Bbxo=,tag:ju7zSODwxTlqXyQ5pFJuig==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:DyivoESTToF9YJjox8y36ssmwcvKaOhsoC/fcyY=,iv:+pNwxpneD5tiwX5fjVd4gssQtDjtDPl9LTAfSBdX+cs=,tag:byu2BFHTcM3X6EdNGn2Unw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:NAkt77ffExP8dCKO1meyJeGt,iv:Wu7k+de1S+qMFi2b8s5/Im7mxaNsJwZbIkyR4HfkSa4=,tag:cXgG5oLvaoOKxVZ1PDqdcA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:YaKHztXzc6du4r8=,iv:euz3KT8NO/6W7eEEa+FVwfppCFGx3tUXdsdfxDFLZBU=,tag:1sQpYok31KwI06e5n+ZyVw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Dk/9AbjYH8kE,iv:3HtFJjFOD3azGeCK8bdkCyWx2f73chDqGH9aLB2Bnhg=,tag:Ez6LAJff5ZWsvCv3C+khXw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:RuZTMeol,iv:K2K4/k1lxlYaFfRDuvkOpkEg4uwaD20BHrqO6K68qhI=,tag:pc/qNeeOoSZnA+F3iQANmQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:Zc5129eGy3EVvQPMEvK4dB5HQig=,iv:n3eLqIDlFyZR99Jzmq/GwXpzOEV+CCaq25Z2ti9usVs=,tag:tk18367EChBsN35hucBxjQ==,type:str] - clientSecret: ENC[AES256_GCM,data:kPGM/CdWtrlPRyMjl7Az6ZKJAizgI0rlQmtOoRwxuc7+zmJANFnVOQ==,iv:qUCaGl7OobgMLJMlFjICbMWLeiwj3I2ZeIPEpx1l8cA=,tag:hi9GYABVLyzueWLZvk9nrQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:m2q7jHsZKeEcr0GwZBY11jMXfAvchGYjbqWRTzVXl91OK9cG,iv:AjYA0sOdo/r+rpsqBx0Q4GYtBm7vO1uG/F7qWCgV/XU=,tag:8GodHvfl6vvD33DEu80rqA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:s/Y=,iv:IaXwi3pn+YMdgHnWPN0h2g0B9VZ/JKjc7GtBhr3chL4=,tag:TvZjmZac1s/xIAfzcfuHpg==,type:str] - route: - receiver: ENC[AES256_GCM,data:yggN1X5Pf3WN8mY98/4wnctfUA==,iv:kWUEsWCgviifbw3Un47ibWiZBJFL1XmZik6+2Ovz61M=,tag:kX8M0xg8gjGxMAmPRBRJ4Q==,type:str] - group_by: - - ENC[AES256_GCM,data:SazP3pSTVebc,iv:ZHaPLIM2Tdf/NMIJPkgLhyIy6dPsfm2HWPi+yYgyUmY=,tag:QUv69KkskBxlQss7um7rUw==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:x4Bn5JlypBsdnd5/xQZORUswSQ==,iv:p1nbidvGYI7nEpywlrvH+qxtwn411JhgOmJjE5oCgNM=,tag:ak1x421wuHkvREql7aNVyA==,type:str] - match: - alertname: ENC[AES256_GCM,data:m7Ocs48JrXE=,iv:MLpTVCutfraO02epwWAK+lkxX9IDKK8ciMOjSJ6d3JY=,tag:8Hpitk1sCKbrjckVjQ8Duw==,type:str] - group_wait: ENC[AES256_GCM,data:KQ9M,iv:uKG952L+YMfhkESMx5vGRGeO2cad7+FXr0A3DJjchH8=,tag:QcUfs9L/xgmmJvZXLJXVHQ==,type:str] - group_interval: ENC[AES256_GCM,data:t24=,iv:CFD93MzLGJ46OzHX9yw/hG31ixnr4OOKHCOv/6Ap8+Q=,tag:k3nDbNSMJsQ6wXskAnLabQ==,type:str] - repeat_interval: ENC[AES256_GCM,data:T9H+,iv:9F2lg80+InUq/FjRUkltqqHLzHyzR0mPJCmdJ8X1Kyc=,tag:cxouK8GJCRbLfwHnnTXTmA==,type:str] - receivers: - - name: ENC[AES256_GCM,data:r0LAiyycrYIy0YJ0fep0peTjXw==,iv:XQhqNZ0mhLG/ZxlshvFv32oH6JJNzb5sSxmPGX2mWFw=,tag:KgEXjnEog4FFsXT8/g3FFA==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:M9K5FA==,iv:M6iqfcnTFaXQMMxdU+dGF8pG1YyMbl6LIbwj4WAfp7w=,tag:etmGVQl9AmU091tOooAxPQ==,type:bool] - api_url: ENC[AES256_GCM,data:xeIU5xgYeHtJ0sjdFDyVKuypWqxBoJtb8JRGA95RyPoG2+4x58dr6ZN43flJxMNoomAax3yNRt12/nwDap/3MWAbWA1rncju/5YtA03mKA==,iv:Qd3diKewnFOs0+IZxP2MjqDoExaJbvw8TXGyr1y/JZg=,tag:dHByzVUYf6tMdCwtHIPL7g==,type:str] - channel: ENC[AES256_GCM,data:7C2XAQLcKpPrN5C1GV4CfZri2tpKnQ==,iv:S6EGlOpjzJ8NFunjwGt80lRR7dFZdJak1PQXJ81W+jc=,tag:s8q+QT1zC/ORyCUkuaKZkw==,type:str] - username: ENC[AES256_GCM,data:+oeV3fQ8JJtxXDR9,iv:OhcuaQjqLyHpkVxLYTglsTKQTDuIWorbV7bDFTjQrVE=,tag:EGPOSTpikIUQmVVKQ99gYg==,type:str] - title: ENC[AES256_GCM,data:zz/G/DKNpYabqF1aRPrvgoMHqR60fAjACMen5tG05V4/TkddK2U=,iv:xTvpPnHMknoX8bCcaZp/bXC5ReNiQLgNTfZJduMe6xs=,tag:3X4y+9dEy+dASVLoAHJZ0w==,type:str] - text: ENC[AES256_GCM,data:j9D/y0awNYPPDx4sVxkAbB58lMgZuTm6ssYhFI22b8eZqxSnLQ==,iv:aF40Oaco9I2EaZlMotM2zfXGi5ih0syUc+5G6pcuk8U=,tag:jlnCwEYrpY+upEvP55VIUg==,type:str] - templates: - - ENC[AES256_GCM,data:wUteqLfnIcDVPN4avxYe8mqr+3Z3LqGynkFAqXRQSeYbu0+R4Oav9o8ZMR/1hrl32HMW9jLX0foenGTihBdpwvsQfqgKL38=,iv:Xd46zFIz4RWO7RqvhJUT7KuI3tGNx4TDe+WF+8J4cvU=,tag:R241Kj77zQOLELavoRUxOw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:dpUIAfOGg/DYKSyDRuvBusIvpbEj5kauwVPKCws2QZzIucHcnzLg/bAD+UG+8lKMk/Wvm6mItKA42nv/5sUYE7O1siU0a2NSPiNc9TMZsfYoeodwCKvNNLQV6oE7rfgFvoCHteFha51eQIvcwg7KVs/LDfgaH6qnXxNQd2iunMqVR8YFRjC8+fNM9xhe5EEaVDvdsGHCHQxawPGompQZCueNa+bvt1Hh4p0avlep9MuIEzBkxtqTspvsGZW/dowiEpehXKj1HjdiovxlMK6ZZziMsS8SJ+ftTLwaX2hVW4hnYNKwimNzC1o+ga+roOUVX7Csf3CelsMhd6BvhZOrf1kXWeRgjGEH1KH7CnxdTSHzGn70MDGfghzbm1TQerPPWKQQB7/GNAgYIdr32xvvaHrVyguR0SUrIfhaW7cYi4RXQuxqNbIDe5LtHE+GU6MPz+3QBuRUPOJlDI8TaGjZPDwBQoimwsBTnaQSGFcxnv8FOF9lIjRjXJNGkHKgk3JsFi/pRYIdbQ==,iv:cK88hnm4Q4llROhS/RwW/18NuZuIoFH+zs83PdaAT5E=,tag:Tb/rFgdvV5ed0sZ8GmXMVA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:30:37Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEKpUbHDalFEjlD8d3fR4q9AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMVx3MC+eezKTpmgXVAgEQgDs+wPQLWS7lCdr2AOw/3mnDnFggmNA6XSNDOj02Js6PC+wB+uDEjCJI73+I7WWItZSllOI2OblL09mVvw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2020-12-04T06:35:39Z' - mac: ENC[AES256_GCM,data:7xzxsm1jPE5Xg0dFhrfoTAtmdAJt/y0XPfPmMK6BaMbIMfvjn2sGXGa0nyx7m5EtLSJxHthztvq+wSyWENtJOlNT0LG6YTEFD8SDoEGI7YG+GlKKOvPdgVCffxYUkSLPRk44d7yXRMPYzE73sVUmPaGKDJ2L5AlkMvMPOlKh9OY=,iv:4hQ/FouK3J3XYtIJhKfo+qAQajR4OBBJFqoC3d+pbVo=,tag:hrwvx0GpG0OQszT+qPBdKA==,type:str] - pgp: - - created_at: '2020-11-10T08:30:37Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/WK9wtulEp0xnpmN3qP3ppNCgFHH6clItn+LyvxQWLjYQ - wACAgwk8Vp94DPfKzh2Jyqo2M6/AdH0r5INEHhQkJorDK8ZYKyUu9dT6lhBqGlvZ - BUHdmpCBuH+4nRU5nLssU4ACsSDCYdq80hE7QOm/7dE1NjipH3bnsXg8UnVOVbkv - TkIORITZD1lVHAR+vC69+HFNB2bvzfTy0hkDMcIFomjQj7MRQRW9aaBhg/Mp+dGV - 2rwN9miX/O+8XS/4wgk/mFgEA8njmQ6PEPtKH6OWgfbIyCehah9gBC7qN9IRQnoP - Y5F82Yam4TfK+/owNBR+gvsFFDkXIb4xXz4UsoDI2tJeAUu+XOUt8QfX1AZBVBgV - owioW4WUyc46yu82Y6QohFad8I3WvzAVR05YEjCB4wkNt5M/3t93FXl+CF6dE5Wn - TOFKVWi1+Kb3LVHB+ZcDmalImT/cnBLSFQoiqPO/Jg== - =gJic - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 diff --git a/deploy-as-code/helm/environments/uat.yaml b/deploy-as-code/helm/environments/uat.yaml deleted file mode 100644 index 9ff42e7583..0000000000 --- a/deploy-as-code/helm/environments/uat.yaml +++ /dev/null @@ -1,892 +0,0 @@ -global: - domain: uat.digit.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: false - values: - [ - backbone, - cert-manager, - egov, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov] - - role: admin - namespaces: [playground] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-name: "egov_uat_db" - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db" - bpa-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/bpa_uat_db" - erp-db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/finance_uat_db" - domain: "uat.digit.org" - egov-services-fqdn-name: "https://uat.digit.org/" - egov-state-level-tenant-id: "pg" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - logging-level-jdbc: "debug" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pb-egov-assets|egov-playground-assets)" - serializers-timezone-in-ist: "true" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "5" - spring-jpa-show-sql: "true" - egov-indexer-yaml-repo-path: "https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-telemetry-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pgr-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/rainmaker-pt-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/billingservices-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/tradelicense-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/collection-indexer.yml,https://raw.githubusercontent.com/egovernments/playground-rainmaker-customization/master/configs/egov-indexer/egov-uploader-indexer.yml" - tracer-errors-provideexceptionindetails: "true" - timezone: "Asia/Kolkata" - es-infra-host: elasticsearch-data-v1.es-cluster - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - - -billing-service: - memory_limits: 512Mi - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db?currentSchema=egov_common_workflows" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - is-s3-enabled: "true" - minio-enabled: false - fixed-bucketname: egov-rainmaker # Only for Dev & QA - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - -egov-location: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 60 - refresh-token-validity: 60 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "pg" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -xstate-chatbot: - whatsapp-provider: "ValueFirst" - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - bill-supported-modules: "WS, PT, TL, FIRENOC, BPA" - pgr-version: "v2" - pgr-update-topic: "update-pgr-request" - information-image-filestoreid: "4cea5e6f-cffd-493a-a13a-83c528be959f" - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "UAT" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/pgr-migration-batch-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml, file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" - -egov-pg-service: - axis: true - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml, file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml, file:///work-dir/configs/egov-persister/fsm-persister.yaml, file:///work-dir/configs/egov-persister/echallan.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -bpa-services: - replicas: 1 - images: - - egovio/bpa-services - db_migration_image: egovio/bpa-services-db - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PG-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - replicas: 1 - images: - - egovio/bpa-calculator - heap: "-Xmx192m -Xms192m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -egov-data-uploader: - heap: "-Xmx192m -Xms192m" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json,file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -react-pgr-web: - ULB_JS_URL: "https://s3.ap-south-1.amazonaws.com/pb-egov-assets/ulb-overrides-prod-20191106.js" - TELEMETRY_JS_URL: "https://s3.ap-south-1.amazonaws.com/egov-telemetry-data/egov-telemetry-1557467338.js" - - -egov-user-chatbot: - egov-state-level-tenant-id: "pg" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "false" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - prometheusRule: - enabled: true - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -egov-custom-consumer: - erp-host: "https://citya-uat.digit.org/" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> -egf-masters: - memory_limits: 512Mi - -egf-master: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# hr-2.0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -hr-masters-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db?currentSchema=hr_masters_v2_schema" - -hr-employee-v2: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db?currentSchema=hr_employee_v2_schema" - -# collections >>>>>>>>>>>>>>>>>>>>>>>>>>> -collection-masters: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_uat_db" - -collection-services: - receiptnumber-servicebased: "true" - apportion-endpoint: /apportion-service/v2/bill/_apportion - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - - -collection-receipt-voucher-consumer: - citya-erp-host: "https://citya-uat.egovernments.org/" - cityb-erp-host: "https://cityb-uat.egovernments.org/" - cityc-erp-host: "https://cityc-uat.egovernments.org/" - cityd-erp-host: "https://cityd-uat.egovernments.org/" - citye-erp-host: "https://citye-uat.egovernments.org/" - - - -finance-collections-voucher-consumer: - erp-env-name: "uat" - erp-domain-name: "digit.org" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "PG-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-payment-topic-name: "egov.collection.payment-create" - -property-services: - egov-idgen-ack-format: "PG-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PG-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PG-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PG-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://uat.digit.org/employee/user/login" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -echallan-services: - egov-idgen-challanNum-format: "PG-CH-[cy:yyyy-MM-dd]-[SEQ_EG_CH_APL]" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-063c2b6018128cc2c" - zone: ap-south-1b - - volumeId: "vol-0aab7d2fae45eb433" - zone: ap-south-1b - - volumeId: "vol-00bb5b8d6975fda50" - zone: ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-089ad8c6eee501011" - zone: ap-south-1b - - volumeId: "vol-0f7277f3d6c5d7ddc" - zone: ap-south-1b - - volumeId: "vol-0523260b1151715b3" - zone: ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00abd7050d1e780eb" - zone: ap-south-1b - - volumeId: "vol-069d92fc639cda771" - zone: ap-south-1b - - volumeId: "vol-05a7704425a21e00e" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-011e8be5832094586" - zone: ap-south-1b - - volumeId: "vol-0b92656a79d416840" - zone: ap-south-1b - - volumeId: "vol-021a14733e611c0d8" - zone: ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluentd: - images: - - egovio/fluentd:v0.1.9 - target_env: qa - -delete-old-logs-in-es: - images: - - egovio/elasticsearch-curator-5-0-2:0.0.2 - days: 1 - schedule: "0 12 * * *" - target_env: qa - -logrotate: - images: - - egovio/logrotate:0.1 - logrotate-interval: daily -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_pb_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - java-args: -Dspring.profiles.active=monitoring - state-level-tenant-id: "pg" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -whatsapp-webhook: - replicas: 1 - images: - - rushang7/push-to-kafka:1.0.0-bronze -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "UAT" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -minio: - mode: distributed - disableWebUI: false - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0085073c65f7568a3" - zone: ap-south-1a - - volumeId: "vol-031fa52f18391ddab" - zone: ap-south-1a - - volumeId: "vol-054c367d60f236577" - zone: ap-south-1a - - volumeId: "vol-015c0f14cb3927c68" - zone: ap-south-1a - ingress: - hostName: minio-uat.digit.org - - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-uat,devops" - upstreams = [ "file:///dev/null" ] - -ws-services: - is-external-workflow-enabled: "true" - -sw-services: - is-external-workflow-enabled: "true" - -egov-edcr: - ingress: - enabled: true - zuul: true - context: "edcr" - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=uat.digit.org - tenant.uat.digit.org=state - client.id=staging - tenant.citya.uat.digit.org=citya - tenant.cityb.uat.digit.org=cityb - tenant.cityc.uat.digit.org=cityc - tenant.cityd.uat.digit.org=cityd - tenant.citye.uat.digit.org=citye - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -# eGov-finance Tenants -financeTenants: | - tenant.citya-uat.digit.org=citya - tenant.cityb-uat.digit.org=cityb - tenant.cityc-uat.digit.org=cityc - tenant.cityd-uat.digit.org=cityd - tenant.citye-uat.digit.org=citye - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -egov-finance: - dev_mode: true - filestore_beanname: microDiskFileStoreService From ee280141aed140626f12eb76f6266e8e87ff2add Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 14 Jun 2021 19:59:48 +0530 Subject: [PATCH 003/742] Added samplw tf --- .../egov-deployer/cmd/digit_setup.go | 153 ------ deploy-as-code/egov-deployer/digit_setup.go | 1 + deploy-as-code/egov-deployer/go.mod | 1 - deploy-as-code/egov-deployer/main.go | 4 +- infra-as-code/terraform/demo/main.tf | 92 ---- infra-as-code/terraform/demo/variables.tf | 19 - infra-as-code/terraform/dev/outputs.tf | 15 - infra-as-code/terraform/dev/terraform.tfstate | 516 ------------------ infra-as-code/terraform/qa/main.tf | 160 ------ infra-as-code/terraform/qa/outputs.tf | 62 --- infra-as-code/terraform/qa/providers.tf | 20 - .../terraform/qa/remote-state/main.tf | 27 - infra-as-code/terraform/qa/variables.tf | 43 -- .../terraform/{dev-eks => sample-aws}/main.tf | 0 .../{dev-eks => sample-aws}/outputs.tf | 0 .../{dev-eks => sample-aws}/providers.tf | 0 .../remote-state/main.tf | 0 .../remote-state/terraform.tfstate.backup | 0 .../{dev-eks => sample-aws}/variables.tf | 13 +- .../terraform/{dev => sample-azure}/main.tf | 0 .../{demo => sample-azure}/outputs.tf | 0 .../{dev => sample-azure}/variables.tf | 0 22 files changed, 12 insertions(+), 1114 deletions(-) delete mode 100644 deploy-as-code/egov-deployer/cmd/digit_setup.go delete mode 100644 infra-as-code/terraform/demo/main.tf delete mode 100644 infra-as-code/terraform/demo/variables.tf delete mode 100644 infra-as-code/terraform/dev/outputs.tf delete mode 100644 infra-as-code/terraform/dev/terraform.tfstate delete mode 100644 infra-as-code/terraform/qa/main.tf delete mode 100644 infra-as-code/terraform/qa/outputs.tf delete mode 100644 infra-as-code/terraform/qa/providers.tf delete mode 100644 infra-as-code/terraform/qa/remote-state/main.tf delete mode 100644 infra-as-code/terraform/qa/variables.tf rename infra-as-code/terraform/{dev-eks => sample-aws}/main.tf (100%) rename infra-as-code/terraform/{dev-eks => sample-aws}/outputs.tf (100%) rename infra-as-code/terraform/{dev-eks => sample-aws}/providers.tf (100%) rename infra-as-code/terraform/{dev-eks => sample-aws}/remote-state/main.tf (100%) rename infra-as-code/terraform/{dev-eks => sample-aws}/remote-state/terraform.tfstate.backup (100%) rename infra-as-code/terraform/{dev-eks => sample-aws}/variables.tf (80%) rename infra-as-code/terraform/{dev => sample-azure}/main.tf (100%) rename infra-as-code/terraform/{demo => sample-azure}/outputs.tf (100%) rename infra-as-code/terraform/{dev => sample-azure}/variables.tf (100%) diff --git a/deploy-as-code/egov-deployer/cmd/digit_setup.go b/deploy-as-code/egov-deployer/cmd/digit_setup.go deleted file mode 100644 index 9a07dc4f39..0000000000 --- a/deploy-as-code/egov-deployer/cmd/digit_setup.go +++ /dev/null @@ -1,153 +0,0 @@ -package main - -import ( - "bytes" - "container/list" - "flag" - "fmt" - "io/ioutil" - "os/exec" - "strings" - - "gopkg.in/yaml.v2" -) - -//Defining a struct to parse the yaml file - -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - //Input the yaml file and the required service using flag - var argFile string - var env string - svclist := list.New() - fmt.Print("INFO: 1. Validating if chart file exists....") - flag.StringVar(&argFile, "f", "", "YAML file to parse.") - service := flag.String("s", "", "a string") - flag.StringVar(&env, "e", "", "a string var") - flag.Parse() - - if argFile == "" { - fmt.Println("\n\tWARNING: Please provide yaml file by using -f option") - return - } else { - fmt.Print("Success\n") - } - - // Decode the yaml file and assigning the values to a map - fmt.Print("INFO: 2. Reading chart file to install DIGIT Services....") - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } else { - fmt.Print("Success\n") - } - - // Parse the yaml values - fmt.Print("INFO: 3. Parsing chart file details....") - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return - } else { - fmt.Print("Success\n") - } - - // Mapping the images to servicename - fmt.Print("INFO: 4. Reading all services undier the service category....") - var m = make(map[string][]string) - set := NewSet() - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - } - fmt.Print("Success\n") - - //Checking dependencies of service on core or buisness services etc. - fmt.Println("INFO: 5. Mapping dependancies to the service category....") - var argStr string = "" - - getService(fullChart, *service, *set, svclist) - - for element := svclist.Front(); element != nil; element = element.Next() { - for _, service := range m[element.Value.(string)] { - argStr = argStr + service - if element.Next() != nil { - argStr = argStr + "," - } - - } - } - - goDeployCmd := fmt.Sprintf("go run deploy-as-code/egov-deployer/main.go deploy -e %s '%s' -p", env, argStr) - - parts := strings.Fields(goDeployCmd) - - fmt.Println("Printing full command part", parts) - - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - - // Format the command - cmd := exec.Command(head, args...) - /*for _, arg := range cmd.Args { - fmt.Printf("Result: %v\n", arg) - }*/ - - //capture stdout and stderr: - var out bytes.Buffer - var stderr bytes.Buffer - cmd.Stdout = &out - cmd.Stderr = &stderr - - // Run the command - err = cmd.Run() - - if err != nil { - fmt.Printf("Error phrase: %q\n", err) - } - - fmt.Printf("Result: %v / %v", out.String(), stderr.String()) - -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} diff --git a/deploy-as-code/egov-deployer/digit_setup.go b/deploy-as-code/egov-deployer/digit_setup.go index 631df0415c..7632aae3f0 100644 --- a/deploy-as-code/egov-deployer/digit_setup.go +++ b/deploy-as-code/egov-deployer/digit_setup.go @@ -155,3 +155,4 @@ func execCommand(command string) { log.Fatalf("cmd.Run() failed with %s\n", err) } } + diff --git a/deploy-as-code/egov-deployer/go.mod b/deploy-as-code/egov-deployer/go.mod index d19de537a4..d9bb0cb409 100644 --- a/deploy-as-code/egov-deployer/go.mod +++ b/deploy-as-code/egov-deployer/go.mod @@ -11,5 +11,4 @@ require ( github.com/stretchr/testify v1.4.0 // indirect golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 // indirect golang.org/x/text v0.3.2 // indirect - gopkg.in/yaml.v2 v2.2.4 ) diff --git a/deploy-as-code/egov-deployer/main.go b/deploy-as-code/egov-deployer/main.go index efc303e90c..a7c851ee20 100644 --- a/deploy-as-code/egov-deployer/main.go +++ b/deploy-as-code/egov-deployer/main.go @@ -15,8 +15,8 @@ limitations under the License. */ package main -import "github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer/cmd" +import "github.com/egovernments/eGov-infraOps/egov-deployer/cmd" func main() { - cmd.Execute() + cmd.Execute() } diff --git a/infra-as-code/terraform/demo/main.tf b/infra-as-code/terraform/demo/main.tf deleted file mode 100644 index fa84098b1b..0000000000 --- a/infra-as-code/terraform/demo/main.tf +++ /dev/null @@ -1,92 +0,0 @@ -provider "azurerm" { - # whilst the `version` attribute is optional, we recommend pinning to a given version of the Provider - version = "~>2.0" - features {} - subscription_id = "b4e1aa53-c521-44e6-8a4d-5ae107916b5b" - tenant_id = "593ce202-d1a9-4760-ba26-ae35417c00cb" - client_id = "${var.client_id}" - client_secret = "${var.client_secret}" -} - -resource "azurerm_resource_group" "resource_group" { - name = "${var.resource_group}" - location = "${var.location}" - tags = { - environment = "${var.environment}" - } -} - -module "kubernetes" { - source = "../modules/kubernetes/azure" - environment = "${var.environment}" - name = "${var.environment}" - ssh_public_key = "~/.ssh/id_rsa.pub" - location = "${azurerm_resource_group.resource_group.location}" - resource_group = "${azurerm_resource_group.resource_group.name}" - client_id = "${var.client_id}" - client_secret = "${var.client_secret}" - nodes = "4" -} - -module "zookeeper" { - source = "../modules/storage/azure" - environment = "${var.environment}" - itemCount = "3" - disk_prefix = "zookeeper" - location = "${azurerm_resource_group.resource_group.location}" - resource_group = "${module.kubernetes.node_resource_group}" - storage_sku = "Premium_LRS" - disk_size_gb = "5" - -} - -module "kafka" { - source = "../modules/storage/azure" - environment = "${var.environment}" - itemCount = "3" - disk_prefix = "kafka" - location = "${azurerm_resource_group.resource_group.location}" - resource_group = "${module.kubernetes.node_resource_group}" - storage_sku = "Standard_LRS" - disk_size_gb = "50" - -} -module "es-master" { - source = "../modules/storage/azure" - environment = "${var.environment}" - itemCount = "3" - disk_prefix = "es-master" - location = "${azurerm_resource_group.resource_group.location}" - resource_group = "${module.kubernetes.node_resource_group}" - storage_sku = "Premium_LRS" - disk_size_gb = "2" - -} -module "es-data-v1" { - source = "../modules/storage/azure" - environment = "${var.environment}" - itemCount = "2" - disk_prefix = "es-data-v1" - location = "${azurerm_resource_group.resource_group.location}" - resource_group = "${module.kubernetes.node_resource_group}" - storage_sku = "Premium_LRS" - disk_size_gb = "50" - -} - -module "postgres-db" { - source = "../modules/db/azure" - server_name = "${var.environment}" - resource_group = "${module.kubernetes.node_resource_group}" - sku_cores = "2" - location = "${azurerm_resource_group.resource_group.location}" - sku_tier = "Basic" - storage_mb = "51200" - backup_retention_days = "7" - administrator_login = "egovdemo" - administrator_login_password = "${var.db_password}" - ssl_enforce = "Disabled" - db_name = "egov_demo" - environment= "${var.environment}" - -} diff --git a/infra-as-code/terraform/demo/variables.tf b/infra-as-code/terraform/demo/variables.tf deleted file mode 100644 index 100aa223d9..0000000000 --- a/infra-as-code/terraform/demo/variables.tf +++ /dev/null @@ -1,19 +0,0 @@ -variable "environment" { - default = "egov-demo" -} -variable "resource_group" { - default = "egov-demo" -} - -variable "location" { - default = "SouthIndia" -} - -variable "db_password" { -} - -variable "client_id" { -} - -variable "client_secret" { -} diff --git a/infra-as-code/terraform/dev/outputs.tf b/infra-as-code/terraform/dev/outputs.tf deleted file mode 100644 index 1349d140de..0000000000 --- a/infra-as-code/terraform/dev/outputs.tf +++ /dev/null @@ -1,15 +0,0 @@ -output "zookeeper_storage_ids" { - value = "${module.zookeeper.storage_ids}" -} - -output "kafka_storage_ids" { - value = "${module.kafka.storage_ids}" -} - -output "es_master_storage_ids" { - value = "${module.es-master.storage_ids}" -} - -output "es_data_v1_storage_ids" { - value = "${module.es-data-v1.storage_ids}" -} \ No newline at end of file diff --git a/infra-as-code/terraform/dev/terraform.tfstate b/infra-as-code/terraform/dev/terraform.tfstate deleted file mode 100644 index 8d4a529fda..0000000000 --- a/infra-as-code/terraform/dev/terraform.tfstate +++ /dev/null @@ -1,516 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.12.1", - "serial": 16, - "lineage": "3cbff014-7877-b823-5d42-089f3cb49858", - "outputs": { - "es_data_v1_storage_ids": { - "value": [ - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-0", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-1" - ], - "type": [ - "tuple", - [ - "string", - "string" - ] - ] - }, - "es_master_storage_ids": { - "value": [ - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-0", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-1", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-2" - ], - "type": [ - "tuple", - [ - "string", - "string", - "string" - ] - ] - }, - "kafka_storage_ids": { - "value": [ - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-0", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-1", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-2" - ], - "type": [ - "tuple", - [ - "string", - "string", - "string" - ] - ] - }, - "zookeeper_storage_ids": { - "value": [ - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-0", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-1", - "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-2" - ], - "type": [ - "tuple", - [ - "string", - "string", - "string" - ] - ] - } - }, - "resources": [ - { - "module": "module.kubernetes", - "mode": "managed", - "type": "azurerm_kubernetes_cluster", - "name": "aks", - "provider": "provider.azurerm", - "instances": [ - { - "schema_version": 0, - "attributes": { - "addon_profile": [ - { - "aci_connector_linux": [], - "http_application_routing": [], - "oms_agent": [] - } - ], - "agent_pool_profile": [ - { - "count": 4, - "dns_prefix": "", - "fqdn": "egov-micro-dev-04c671a0.hcp.southindia.azmk8s.io", - "max_pods": 110, - "name": "default", - "os_disk_size_gb": 32, - "os_type": "Linux", - "type": "AvailabilitySet", - "vm_size": "Standard_B4ms", - "vnet_subnet_id": "" - } - ], - "api_server_authorized_ip_ranges": null, - "dns_prefix": "egov-micro-dev", - "fqdn": "egov-micro-dev-04c671a0.hcp.southindia.azmk8s.io", - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourcegroups/egov-micro-dev/providers/Microsoft.ContainerService/managedClusters/egov-micro-dev", - "kube_admin_config": [], - "kube_admin_config_raw": "", - "kube_config": [ - { - "client_certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUvRENDQXVTZ0F3SUJBZ0lRYzliZHI5WURIOEpLRi9KakZSOGFBekFOQmdrcWhraUc5dzBCQVFzRkFEQU4KTVFzd0NRWURWUVFERXdKallUQWVGdzB4T1RBM01Ea3dOVFV3TVRsYUZ3MHlNVEEzTURnd05qQXdNVGxhTURBeApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1SVXdFd1lEVlFRREV3eHRZWE4wWlhKamJHbGxiblF3CmdnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJS0FvSUNBUURHb2o3NWEva0VaTGlhWURGdDBpVDAKeHJMMW5ueVoxbHhLL3pGZzlhMkdjUlJnRmJ5dzEwcTBMdVJWbVlUakhGYjh2TUs5RkJ0YkozL3hPc0hDelFKVQpjT2VLM0xsNXJGSXNiM1BoL2JYbDhiOFpqS2o1ZnhwcnZUOU82aVhwUVpNdndaRmYrMlJ0dG53TzA0MDRwSHMwCmpEaUN4WDZUeVREVXdqVGVRZlpmTW0rS2V2b0ZLUmxCSkdtZjdkd3BZa3lSanJDTkl1cDN3SGRGSjBBWGRHZGoKcXhTTnFYZk05SytqTjlVdXhVM0hQMWFOcU5GRGJ4cmVtK1lOQWJiWmg0MjBtbHMwelcvckl1eFcrejNtOGFsZgpZSlp5TVhRS2tDeGpLdTZtaUNsbTFyQ21nRnhwVE9MTzlhdkdQRmkxRFZrWU5jeUllR3dxcWN1UDd1OEVZazgwCmZTbE9mRWxvN01tL1lCcndqVmdlRjYwNFp5WW1YY0hSdXphcnErdkFNNW1FNmpLSkxrTlp3aXVDOTRnQzN0NzYKT2tmOEMzbmRhdi9wNDF1NmprTlZzMmtaNjlEd1M5cDBPQ0VWNkxEZGtMc2ZtSGRqOTBBUWRodk9FNDVzQWM0cAp2dnNiY2xhSnBLNktYRWYyazNYKzZHandRTzRVQ0d3VFliWk81dTRZY3ZFYlcrVkwwd2tTUlFWTk4yRytmZ05LCjJBSWF3RGdwcDVMQy8wYndFS24vNUpxVUJpN2hGajNTTmpjTjQwVWdRWmZxNUNFKzZhK1lRS3VCV1dJQTdLU20KSitscVBBenIwRlVUbDVmblo3MFdFSFl6dDZzZ0Jkd1NmRlljQlFGaVlzbXg3Q3M4TDh3TzFnV0pGbkkxL2V0YQpRV0w0YXlBZUwwcVpGQ20rNW9yMlRRSURBUUFCb3pVd016QU9CZ05WSFE4QkFmOEVCQU1DQmFBd0V3WURWUjBsCkJBd3dDZ1lJS3dZQkJRVUhBd0l3REFZRFZSMFRBUUgvQkFJd0FEQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUEKT2FjL1lrcTArS25seVBzelU3S0dEd2twSlYwTGR6YkpNZk5XV1p5UVNYeituWkVQWENGTkNpSzVOQWV1Q3hBaApSUUpIMTFNSnM4Yko1eTE0L1Q1Wm9La1NGaVUwQkVkYjIyVU9aK282NTBEK1JOTFJTOFNCaVBwVzJhSVQzMzk2CnNWTU9BN1JsMytnQ0VDVkI0bW1BdHd6NG1KeTg4OGJ4S1JhSklhcEVPd1p3b2tENitaOWJVandtdjBOQ1N1eTAKdkxuSjRTUE5JckRIQUMzWVNxMnlpUlUwbjdwa243YWVQVm1XK1V5d3FHYmE0WGFIZlZhbXJPV3Y1WW5BTUFkYwpmYXFCVmF4U0l5OUthd2xKWkx2UW9ObmlDRUNpOS9FdEhUSm42VmxORXBEU3UrT3JDYTRRWmdJK0Q4alVmNG03CmJzbVVDWXN1b0x2bkZoNzRyMHk3bGRkT1AreGFsQWZCV2xkcThBM1o3MEIweWpLRC9Cd0RrTmV3NUJDc2dXaisKRStYblltb3dBSE5qYW0ySmVwRHV0bkdoajhVL0Q4NkFQY0FrY0NJLzJ0OCt1TkJzRzNJdXRDQjFWbVE2eSs4OQpsZE9BcGZFZmJMb1ZPcU1jOW5ZVURyN0xob29rUkltMUZXd2dFMnJXdTFxZE5UZ1VxTk9JaHVUNEpmSExiVUtGCkpuS05XdkoyNzE5OUcySUtQUEYxMWN6RzZKUWFPYjhhY0lBTUVwRnlWcjlEM21oUDVJWGJ4bzBDOG8zYmk3ZEoKcHBHVThSNjJMVzUxcTcrYURzTkxKVWgvN3FGdnczU3loejllYnRTSzIxTEQ4d2xCSzlUdXBzQnBKUXprWjRpeAp0MmxhdWpNYkV4b1pFOE5vS2d3RW8yVERuV1M1dXpvOFM0R293M1NJZUFFPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==", - "client_key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS1FJQkFBS0NBZ0VBeHFJKytXdjVCR1M0bW1BeGJkSWs5TWF5OVo1OG1kWmNTdjh4WVBXdGhuRVVZQlc4CnNOZEt0QzdrVlptRTR4eFcvTHpDdlJRYld5ZC84VHJCd3MwQ1ZIRG5pdHk1ZWF4U0xHOXo0ZjIxNWZHL0dZeW8KK1g4YWE3MC9UdW9sNlVHVEw4R1JYL3RrYmJaOER0T05PS1I3Tkl3NGdzVitrOGt3MU1JMDNrSDJYekp2aW5yNgpCU2taUVNScG4rM2NLV0pNa1k2d2pTTHFkOEIzUlNkQUYzUm5ZNnNVamFsM3pQU3ZvemZWTHNWTnh6OVdqYWpSClEyOGEzcHZtRFFHMjJZZU50SnBiTk0xdjZ5THNWdnM5NXZHcFgyQ1djakYwQ3BBc1l5cnVwb2dwWnRhd3BvQmMKYVV6aXp2V3J4anhZdFExWkdEWE1pSGhzS3FuTGorN3ZCR0pQTkgwcFRueEphT3pKdjJBYThJMVlIaGV0T0djbQpKbDNCMGJzMnE2dnJ3RE9aaE9veWlTNURXY0lyZ3ZlSUF0N2UranBIL0F0NTNXci82ZU5idW81RFZiTnBHZXZRCjhFdmFkRGdoRmVpdzNaQzdINWgzWS9kQUVIWWJ6aE9PYkFIT0tiNzdHM0pXaWFTdWlseEg5cE4xL3VobzhFRHUKRkFoc0UyRzJUdWJ1R0hMeEcxdmxTOU1KRWtVRlRUZGh2bjREU3RnQ0dzQTRLYWVTd3Y5RzhCQ3AvK1NhbEFZdQo0Ulk5MGpZM0RlTkZJRUdYNnVRaFB1bXZtRUNyZ1ZsaUFPeWtwaWZwYWp3TTY5QlZFNWVYNTJlOUZoQjJNN2VyCklBWGNFbnhXSEFVQlltTEpzZXdyUEMvTUR0WUZpUlp5TmYzcldrRmkrR3NnSGk5S21SUXB2dWFLOWswQ0F3RUEKQVFLQ0FnRUF1NmZ1YkwrWUM1R0lZYmc5R202dElWOVRGUDg4NGkyRkZnbFB3alY0VVlvbFlMMUlmWjEzNHhCbQpBWVMrNmIwTlpVcURoQlFwNEExS0wwRithcVk1N0VLYVRUTklPdTRVMkF3WFk4cklmVXZOYWJyY3JKRnJDWnhKCjRpa04xZmR3c1c1akJGWEJSSEZoZExSaU44QVU4Y2tEWG5Cc3Evd29HT2k4LzdrN3BDWkhBSUk4RUlJS2JPT1UKc2xZS2FFS0k2Zjd2UnZkVW9mdi84aUlweDc3ZUttZ25TOHB0OXdDM3FqQ0dRK0I5SVo3eUMzVVE5bTlSNkR0Swp0TUVJMlN2YU1XU2VoQjBOL2d3SlVnZWNMTUhrYk1vWWVCdkdjSEJTcndHUlkxMUNGL2o5L045Sjd1V0haVlR0CmlxUGFmbm4wMFEyS2hPZVg4UnBteVQxSExGSWdWbUNVK0JQUkRNcFBUVlNXRDVqL3U2dlRFM3hzcFhHWVJldkMKT2NKbW5ZNGtuZEM3dEY3L0k0cHVpUnZ6UDB3Q0d5MWp4UnlJd1Z2VU0xamFGbUpCd0M0YXNvMGN5K2xoa2d4RApWK3cyWXFUSWN5eUh5SEI5amIvY3J4YzRIbTRLUzZWcXFlTlNLQWNDSWxUdjMyZ0lONDJQR0NGV2tyWlVKa3VuCnhvY2tyUXYwdStMWjRPRS94UWhweENnNFZlK0dhQmM5b0U2NnZJUHFGVnJXUFFNWXZpQ1Z5cG1yYVFJNFh0WGwKUmlmVUNyZE5BSXpiTWwyMWVTUnFleDF5N3RXQjNrUWRtRzM1cTA2Z3NLejc3TXJLWFRldWN6QlNBUWFzUFZ2RQppRWVwVlh3ZzZMekQyMm5HaWV1UktpRE5sOXBCcldFVEpyM2pYYlVQOFBsL2lMMzVFc0VDZ2dFQkFPOFd6S3E2CjdFWUJKR0cwSWF5SzJBdDA2bDBqRFlKa3lsTWVtZnYrN2M4Q1BXc1dwZHdzdERGQXBTT1AxcVFiTm9jVVRxNlYKUEFYMHFESWZsaWI5SkxTb3FlbFdYMWdPRi9lc3YzajZLbXJpSzZ6RS8zZS8ySExrZ29qT1dkemtwVHRVZEE2YQpVVWllVzNGNHBUd3dwU1dZeHpTQ0VCRmxYMnpVL1RJWTlGN0o4cVZpajVzWS83SlVXZDlTeEswYy85Q0VrV2RrCllaRVJqQnVHc1E3dG12WExxUHcySmtCMGdCNVIzdFFUZ1cxbVpmY2Jja3lxcjdTNVgyYXQ1YW1kMGNUeUlyN0UKeDV3RXozU1lkM1NUV2l0c0p4cHVPMm55THZSd29nbGhZUDNIOGhBek1zdTVQZGtWRTBvNjg2bmRiMEI3SWtvVgpsRDd3akROTlRvOUxPWjBDZ2dFQkFOU3U2NHhET28xOHRNdDAwZUpCZ250N1RXQWYvYTJ5WVNJMWJXM3pRNDU2Cmw4aGVtdVlDYU1lTWh1WG1jQ0gzbk9LeGVUQ2dwZXlGL1ljRm9BemJJa2ZEUkdDQksxTWxpU3J2azJWbmt4cHMKUTV6dFJWVnNDbHdQaHhrL2E4MzAyQWhERUcrVXVtcDhBS0VEU2gwa2gvVjhQM1R4dTBQUkFNV1hYb2xrZjUwLwpob1hTU0twZCtNTnh2YlJlSjV2QUwyVDE2WFBXenFPREdVWHJNSk5HTmhDTlNZa2ZNMDRtYmdXclJlTDQ3bkg4CnVFQWdobW93RldOUTBLZnZnQk9Qd1Z6bW9YVkcwQ0hiTXZtVCtTVUFod3BsekgrVU1BQ2tZVlZOL1RldTRyaXYKK2wvNGpIUkU4bHpueFRBd245T3kyMW0vOTE0bHdEOFQ4a0RTUGQzT0tIRUNnZ0VBTVNRQWdQN1dYVFVTNHpvQQp5ZFBudjhNU0FINlo0amtSRkxCdmVjblYydnhjMzB2U1gwU1k3SjZhMG9wWDFYYjZhQjBXWnUrcFhKZ0NrZnJJCkE4OTM0ZUhndW1MVVNlYnJxaTVKVkhZbWpiMWF1TEhzeUJJWVROVUd0MU9pU0xKOSs0bktLTTR5OHJnSmwzTHkKazBKMFR4dnRwYTh0MmtWNXJZYkJXN0NoV1hJc2V5MmMwb1g2MkE1YVFucGlqaW90c2cvdFN0RG85TVlrZyt2VgpMSHBOcFVOc3dobm5Gc3hiSU9BMjZtUHY4Q3BodnI1WGFjYVRRcFB2TmMxOExMYVJUT2R2bU1JZFBNWUlWYkNZCnJNODBjMFJSYlM5RzZ1bXFHUGVsZGtRYmlVMjFSUHNnNzVwdFNkYjVGZ0t6M2kvekU4KzdKbnIwODFMQm5qRy8KZWRnK1NRS0NBUUI1ek9NZ3BLKzNyNTlxbFRCTnZ1NlhBUHBDL284dEZtY0NURTZyRlJHdld3M3B0aVJIYlVITQpaZklyWDFrQVd1b0IrVmxLTy9aS0NrSXpQVWwzazFlQ2VaV0RIdlpNMjhZK1RJM0JHUnZwbWU3dXhBTmM5RTdLCmdpb0FqNDJSbVpMT3lIbDFMVnZFOTliMFh3bm12ckVPS1dXOTkySWphR0preGxkaG42aGx5YWVrbzlUeG5IZUcKbG5EcUJySHdSSlBmNGVVY2JmeFJNQmNkTDUvVjkvT21id09aLzhCR0ZVUVZBdzAyK3hDelB1UFY5Y3FFclp6UwpEOG92SXIzYWRnMXF3cm5jaS8xT0psWi9EL3N5OGFaa2tnQVhZQ3BOYzlZNklEdlAwOXdMb054bWNkVWVFUTRyCm5xQVRCUVhER3o3N216QnpQbk5tckdta0xjTTRiNFJCQW9JQkFRRG5rbEI4L2RWQVBEMmcrNmQwaUdFRWQwaFUKOXJxUStRZUdPWWFGSUUwM29IWmRrbnA5aW5yaFNXQnlXYkNXdU9QN00rUE5BWnR6RUJnQzByTThuVHcrVkFjWgpuWTBaNjMxb1htQ3l4TW9FNnVrVnpYVXpXTmZJTjU4UlAxbmhRZHd5T1Z2M3dnTXk0RllaYldORVdvNzhidkY5CmtIS0s4ZWkzOVNMN3A1NTFGY3BvQ3czNkUxcVNuRGE1RElKSkY2WHExVEhFYzREaitxNHFWcUVqcmxDM3hHYXAKeEcrODlZN3JkUGE4OFh5bmh3Mll4dHJLeTgzckk1TzR1ZjNZQmZDVktRSGVCMmhDaXZTSUlxMW1MRTdmMUVvOAphTFF4a2JQVi8xRVhDaXlvWTRPa2diR29GcWc3L3d2ajk0U2tTYnFDV1NpZzBlYkwxcHVVb1NYR1lQaFUKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K", - "cluster_ca_certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV5RENDQXJDZ0F3SUJBZ0lSQUlob1JsdnF0M3Nad3J4b1A4cUJhMEF3RFFZSktvWklodmNOQVFFTEJRQXcKRFRFTE1Ba0dBMVVFQXhNQ1kyRXdIaGNOTVRrd056QTVNRFUxTURFNVdoY05ORGt3TnpBeE1EWXdNREU1V2pBTgpNUXN3Q1FZRFZRUURFd0pqWVRDQ0FpSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBTFBhCk1KOGx2V2NaRkVKQ3lwelNnaVNnaEIyOXFDalBhT1M3eTI1blVtcGRKNVJod1hwNG0wYmVJQW4razE1V0l1b2gKNnJUT016RThqeEN2SERoVVY1d1IxUUs5aGRkVjRCRGxaOHd5OXlnL0xoVWc2TE04U0VBTlE3RzhTNjN4eXo1Swo1bkRwa04vc1FRRXBML2tCZkZPam92aEVqSGtVSXltQmpCM2lNbGJVa3N1TkE4TFhiRWZUVVh0MHNvazAyV1BWCkltbkZVY3MvK2dzQlNMOCtrODArUkhWdEtDWUxQeXIzR2RlR09PUHVnL2hneVAzZTZyc3M4ak5OelNRUFVNZ0UKOGJiM05qYTVCZzJJRzM5clU1UTVwN3ZNSDdWQ3JxWlR0a2ZHc2IxUDBiYWJtWmVaUGVBSEl5QnJSSGRBRU5Ubgp0aG53cGhjdy96RmhiTEx1RWN5YU9kd3RVNmxjSmsrbUlMUG5UUjdURnljc051cEZnNUpoQVViZGdRUFFrNUdlCmhRY3A0K0NEOVRCNWo4Y2puTDRHVDQ3bmJNWlNTQWRTRzE0NmhwYXZvc1kwbklkdXBqMGNkRERhREtaanVyT0UKZlZGSEthYnozTEp3a0tjRHFoeWw2N3FzbGovNmRVdFRkRDc4ZzBKZWZKQjVYdFl4cjhpV210OTZpa2hHbXRabgpjVllZcmRuNzdENEtKTFI3a0VVYldkQlBZOWhmYlIxbkdqMUZ6dmhlSldiZFk4MmUwdjZ2M0Eya1kyNm1qeXQrCmt5eWZiUlFodG1OWWQ0anNVTXlacFEzc05nbjN5bjF2QjIxaVhlRm5DMnhwWHlJV0RGWFpoTVdDdVEva0l4UTcKRU5ML1g0aElabS9YT2VWL3RIMi81U2tocFhzYlZrbjZvTSttYk1yUEFnTUJBQUdqSXpBaE1BNEdBMVVkRHdFQgovd1FFQXdJQ3BEQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQ1REdUovCi9FTE5DUGNvOFdPSnBUdGl0VVlocE5yMzNERlpQVHhXZlp5Z3B0bTY1MlZ1QlVPYUFCdHRBMFZVTXlWbWxhWUYKczdrVUNyNUEzVHhkbWF3bUhQVFRQYkF3cVEzeFFOMFVucWV1dEdkWUwxNEM4eWcyY0hLcU1BOERTemVkMElQTQo1V1I3TjNVclFxYk9TNFduRHBmL2lLRDZtbEt4TlVKWHFSZjFERmU4TllmODZwSVVDM0ZZRTNMSUJVcGVoSnErCnFJMGw0dk11SGd3TFpkQ0JTeVVza3VkeEhJakQ3UUJBQ1dGRFBHOGVLT3lXY2kreG9PUU8wRThtcEIyS0p3TXAKRUlkSVR2eE9mWFlsejYwajkzMlVuTHNGNDh0VjZTWWFRT2g5TS9qZjZkZGhlU3NYaWcybUZzMTgvRDQyUCtvSwpaUVdpdzYzUVNaRFR2Uk5MbUh5L0VRLzN3V1ozTTJycUFQV1VOKzZDTWVtYWk1NkxZSVlvS3R0RkVsYWxSTFZ5CmdyQ2lMZUd5N3d5L2V5RnNlVEpKbkxMVnpQZW55ZVVrSmk2M2g2Wk9XbkZuSGprdUpwcE0wYjJGYXR4WnIzYXMKTVdQVnBSY3JQQjVrTTNBYXc4NjZ1TmhaTEZFMDhMTXBEVFlxMEJFeWtLWEorVlY5QzdPaFZ3K3lDc3VrZmRIcgpnQWhldFR2R012azRXbHpwV1JLV1pOYm5ULzMzYitEZXhIUHNNQXRITFRnQ0dsditJdkxLRGZZUUEvMzlGVjlwCjNSYTFtRk1LUExGQlUreVFCMkpaSjFIVVNwTXMwM3BYc29qb05Ha0dTQjJGc0cycVF3MkFCTmZ6ZFBYMjM5QkkKQWdpL1lmZTh3NWZYZnBXcXErd04zcjJHa3QrbWFBc3Y3NFNwSkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==", - "host": "https://egov-micro-dev-04c671a0.hcp.southindia.azmk8s.io:443", - "password": "77303a6adf4c2f94a5fbb8cdfba52682", - "username": "clusterUser_egov-micro-dev_egov-micro-dev" - } - ], - "kube_config_raw": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUV5RENDQXJDZ0F3SUJBZ0lSQUlob1JsdnF0M3Nad3J4b1A4cUJhMEF3RFFZSktvWklodmNOQVFFTEJRQXcKRFRFTE1Ba0dBMVVFQXhNQ1kyRXdIaGNOTVRrd056QTVNRFUxTURFNVdoY05ORGt3TnpBeE1EWXdNREU1V2pBTgpNUXN3Q1FZRFZRUURFd0pqWVRDQ0FpSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBTFBhCk1KOGx2V2NaRkVKQ3lwelNnaVNnaEIyOXFDalBhT1M3eTI1blVtcGRKNVJod1hwNG0wYmVJQW4razE1V0l1b2gKNnJUT016RThqeEN2SERoVVY1d1IxUUs5aGRkVjRCRGxaOHd5OXlnL0xoVWc2TE04U0VBTlE3RzhTNjN4eXo1Swo1bkRwa04vc1FRRXBML2tCZkZPam92aEVqSGtVSXltQmpCM2lNbGJVa3N1TkE4TFhiRWZUVVh0MHNvazAyV1BWCkltbkZVY3MvK2dzQlNMOCtrODArUkhWdEtDWUxQeXIzR2RlR09PUHVnL2hneVAzZTZyc3M4ak5OelNRUFVNZ0UKOGJiM05qYTVCZzJJRzM5clU1UTVwN3ZNSDdWQ3JxWlR0a2ZHc2IxUDBiYWJtWmVaUGVBSEl5QnJSSGRBRU5Ubgp0aG53cGhjdy96RmhiTEx1RWN5YU9kd3RVNmxjSmsrbUlMUG5UUjdURnljc051cEZnNUpoQVViZGdRUFFrNUdlCmhRY3A0K0NEOVRCNWo4Y2puTDRHVDQ3bmJNWlNTQWRTRzE0NmhwYXZvc1kwbklkdXBqMGNkRERhREtaanVyT0UKZlZGSEthYnozTEp3a0tjRHFoeWw2N3FzbGovNmRVdFRkRDc4ZzBKZWZKQjVYdFl4cjhpV210OTZpa2hHbXRabgpjVllZcmRuNzdENEtKTFI3a0VVYldkQlBZOWhmYlIxbkdqMUZ6dmhlSldiZFk4MmUwdjZ2M0Eya1kyNm1qeXQrCmt5eWZiUlFodG1OWWQ0anNVTXlacFEzc05nbjN5bjF2QjIxaVhlRm5DMnhwWHlJV0RGWFpoTVdDdVEva0l4UTcKRU5ML1g0aElabS9YT2VWL3RIMi81U2tocFhzYlZrbjZvTSttYk1yUEFnTUJBQUdqSXpBaE1BNEdBMVVkRHdFQgovd1FFQXdJQ3BEQVBCZ05WSFJNQkFmOEVCVEFEQVFIL01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQ1REdUovCi9FTE5DUGNvOFdPSnBUdGl0VVlocE5yMzNERlpQVHhXZlp5Z3B0bTY1MlZ1QlVPYUFCdHRBMFZVTXlWbWxhWUYKczdrVUNyNUEzVHhkbWF3bUhQVFRQYkF3cVEzeFFOMFVucWV1dEdkWUwxNEM4eWcyY0hLcU1BOERTemVkMElQTQo1V1I3TjNVclFxYk9TNFduRHBmL2lLRDZtbEt4TlVKWHFSZjFERmU4TllmODZwSVVDM0ZZRTNMSUJVcGVoSnErCnFJMGw0dk11SGd3TFpkQ0JTeVVza3VkeEhJakQ3UUJBQ1dGRFBHOGVLT3lXY2kreG9PUU8wRThtcEIyS0p3TXAKRUlkSVR2eE9mWFlsejYwajkzMlVuTHNGNDh0VjZTWWFRT2g5TS9qZjZkZGhlU3NYaWcybUZzMTgvRDQyUCtvSwpaUVdpdzYzUVNaRFR2Uk5MbUh5L0VRLzN3V1ozTTJycUFQV1VOKzZDTWVtYWk1NkxZSVlvS3R0RkVsYWxSTFZ5CmdyQ2lMZUd5N3d5L2V5RnNlVEpKbkxMVnpQZW55ZVVrSmk2M2g2Wk9XbkZuSGprdUpwcE0wYjJGYXR4WnIzYXMKTVdQVnBSY3JQQjVrTTNBYXc4NjZ1TmhaTEZFMDhMTXBEVFlxMEJFeWtLWEorVlY5QzdPaFZ3K3lDc3VrZmRIcgpnQWhldFR2R012azRXbHpwV1JLV1pOYm5ULzMzYitEZXhIUHNNQXRITFRnQ0dsditJdkxLRGZZUUEvMzlGVjlwCjNSYTFtRk1LUExGQlUreVFCMkpaSjFIVVNwTXMwM3BYc29qb05Ha0dTQjJGc0cycVF3MkFCTmZ6ZFBYMjM5QkkKQWdpL1lmZTh3NWZYZnBXcXErd04zcjJHa3QrbWFBc3Y3NFNwSkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==\n server: https://egov-micro-dev-04c671a0.hcp.southindia.azmk8s.io:443\n name: egov-micro-dev\ncontexts:\n- context:\n cluster: egov-micro-dev\n user: clusterUser_egov-micro-dev_egov-micro-dev\n name: egov-micro-dev\ncurrent-context: egov-micro-dev\nkind: Config\npreferences: {}\nusers:\n- name: clusterUser_egov-micro-dev_egov-micro-dev\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUvRENDQXVTZ0F3SUJBZ0lRYzliZHI5WURIOEpLRi9KakZSOGFBekFOQmdrcWhraUc5dzBCQVFzRkFEQU4KTVFzd0NRWURWUVFERXdKallUQWVGdzB4T1RBM01Ea3dOVFV3TVRsYUZ3MHlNVEEzTURnd05qQXdNVGxhTURBeApGekFWQmdOVkJBb1REbk41YzNSbGJUcHRZWE4wWlhKek1SVXdFd1lEVlFRREV3eHRZWE4wWlhKamJHbGxiblF3CmdnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJS0FvSUNBUURHb2o3NWEva0VaTGlhWURGdDBpVDAKeHJMMW5ueVoxbHhLL3pGZzlhMkdjUlJnRmJ5dzEwcTBMdVJWbVlUakhGYjh2TUs5RkJ0YkozL3hPc0hDelFKVQpjT2VLM0xsNXJGSXNiM1BoL2JYbDhiOFpqS2o1ZnhwcnZUOU82aVhwUVpNdndaRmYrMlJ0dG53TzA0MDRwSHMwCmpEaUN4WDZUeVREVXdqVGVRZlpmTW0rS2V2b0ZLUmxCSkdtZjdkd3BZa3lSanJDTkl1cDN3SGRGSjBBWGRHZGoKcXhTTnFYZk05SytqTjlVdXhVM0hQMWFOcU5GRGJ4cmVtK1lOQWJiWmg0MjBtbHMwelcvckl1eFcrejNtOGFsZgpZSlp5TVhRS2tDeGpLdTZtaUNsbTFyQ21nRnhwVE9MTzlhdkdQRmkxRFZrWU5jeUllR3dxcWN1UDd1OEVZazgwCmZTbE9mRWxvN01tL1lCcndqVmdlRjYwNFp5WW1YY0hSdXphcnErdkFNNW1FNmpLSkxrTlp3aXVDOTRnQzN0NzYKT2tmOEMzbmRhdi9wNDF1NmprTlZzMmtaNjlEd1M5cDBPQ0VWNkxEZGtMc2ZtSGRqOTBBUWRodk9FNDVzQWM0cAp2dnNiY2xhSnBLNktYRWYyazNYKzZHandRTzRVQ0d3VFliWk81dTRZY3ZFYlcrVkwwd2tTUlFWTk4yRytmZ05LCjJBSWF3RGdwcDVMQy8wYndFS24vNUpxVUJpN2hGajNTTmpjTjQwVWdRWmZxNUNFKzZhK1lRS3VCV1dJQTdLU20KSitscVBBenIwRlVUbDVmblo3MFdFSFl6dDZzZ0Jkd1NmRlljQlFGaVlzbXg3Q3M4TDh3TzFnV0pGbkkxL2V0YQpRV0w0YXlBZUwwcVpGQ20rNW9yMlRRSURBUUFCb3pVd016QU9CZ05WSFE4QkFmOEVCQU1DQmFBd0V3WURWUjBsCkJBd3dDZ1lJS3dZQkJRVUhBd0l3REFZRFZSMFRBUUgvQkFJd0FEQU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FnRUEKT2FjL1lrcTArS25seVBzelU3S0dEd2twSlYwTGR6YkpNZk5XV1p5UVNYeituWkVQWENGTkNpSzVOQWV1Q3hBaApSUUpIMTFNSnM4Yko1eTE0L1Q1Wm9La1NGaVUwQkVkYjIyVU9aK282NTBEK1JOTFJTOFNCaVBwVzJhSVQzMzk2CnNWTU9BN1JsMytnQ0VDVkI0bW1BdHd6NG1KeTg4OGJ4S1JhSklhcEVPd1p3b2tENitaOWJVandtdjBOQ1N1eTAKdkxuSjRTUE5JckRIQUMzWVNxMnlpUlUwbjdwa243YWVQVm1XK1V5d3FHYmE0WGFIZlZhbXJPV3Y1WW5BTUFkYwpmYXFCVmF4U0l5OUthd2xKWkx2UW9ObmlDRUNpOS9FdEhUSm42VmxORXBEU3UrT3JDYTRRWmdJK0Q4alVmNG03CmJzbVVDWXN1b0x2bkZoNzRyMHk3bGRkT1AreGFsQWZCV2xkcThBM1o3MEIweWpLRC9Cd0RrTmV3NUJDc2dXaisKRStYblltb3dBSE5qYW0ySmVwRHV0bkdoajhVL0Q4NkFQY0FrY0NJLzJ0OCt1TkJzRzNJdXRDQjFWbVE2eSs4OQpsZE9BcGZFZmJMb1ZPcU1jOW5ZVURyN0xob29rUkltMUZXd2dFMnJXdTFxZE5UZ1VxTk9JaHVUNEpmSExiVUtGCkpuS05XdkoyNzE5OUcySUtQUEYxMWN6RzZKUWFPYjhhY0lBTUVwRnlWcjlEM21oUDVJWGJ4bzBDOG8zYmk3ZEoKcHBHVThSNjJMVzUxcTcrYURzTkxKVWgvN3FGdnczU3loejllYnRTSzIxTEQ4d2xCSzlUdXBzQnBKUXprWjRpeAp0MmxhdWpNYkV4b1pFOE5vS2d3RW8yVERuV1M1dXpvOFM0R293M1NJZUFFPQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==\n client-key-data: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS1FJQkFBS0NBZ0VBeHFJKytXdjVCR1M0bW1BeGJkSWs5TWF5OVo1OG1kWmNTdjh4WVBXdGhuRVVZQlc4CnNOZEt0QzdrVlptRTR4eFcvTHpDdlJRYld5ZC84VHJCd3MwQ1ZIRG5pdHk1ZWF4U0xHOXo0ZjIxNWZHL0dZeW8KK1g4YWE3MC9UdW9sNlVHVEw4R1JYL3RrYmJaOER0T05PS1I3Tkl3NGdzVitrOGt3MU1JMDNrSDJYekp2aW5yNgpCU2taUVNScG4rM2NLV0pNa1k2d2pTTHFkOEIzUlNkQUYzUm5ZNnNVamFsM3pQU3ZvemZWTHNWTnh6OVdqYWpSClEyOGEzcHZtRFFHMjJZZU50SnBiTk0xdjZ5THNWdnM5NXZHcFgyQ1djakYwQ3BBc1l5cnVwb2dwWnRhd3BvQmMKYVV6aXp2V3J4anhZdFExWkdEWE1pSGhzS3FuTGorN3ZCR0pQTkgwcFRueEphT3pKdjJBYThJMVlIaGV0T0djbQpKbDNCMGJzMnE2dnJ3RE9aaE9veWlTNURXY0lyZ3ZlSUF0N2UranBIL0F0NTNXci82ZU5idW81RFZiTnBHZXZRCjhFdmFkRGdoRmVpdzNaQzdINWgzWS9kQUVIWWJ6aE9PYkFIT0tiNzdHM0pXaWFTdWlseEg5cE4xL3VobzhFRHUKRkFoc0UyRzJUdWJ1R0hMeEcxdmxTOU1KRWtVRlRUZGh2bjREU3RnQ0dzQTRLYWVTd3Y5RzhCQ3AvK1NhbEFZdQo0Ulk5MGpZM0RlTkZJRUdYNnVRaFB1bXZtRUNyZ1ZsaUFPeWtwaWZwYWp3TTY5QlZFNWVYNTJlOUZoQjJNN2VyCklBWGNFbnhXSEFVQlltTEpzZXdyUEMvTUR0WUZpUlp5TmYzcldrRmkrR3NnSGk5S21SUXB2dWFLOWswQ0F3RUEKQVFLQ0FnRUF1NmZ1YkwrWUM1R0lZYmc5R202dElWOVRGUDg4NGkyRkZnbFB3alY0VVlvbFlMMUlmWjEzNHhCbQpBWVMrNmIwTlpVcURoQlFwNEExS0wwRithcVk1N0VLYVRUTklPdTRVMkF3WFk4cklmVXZOYWJyY3JKRnJDWnhKCjRpa04xZmR3c1c1akJGWEJSSEZoZExSaU44QVU4Y2tEWG5Cc3Evd29HT2k4LzdrN3BDWkhBSUk4RUlJS2JPT1UKc2xZS2FFS0k2Zjd2UnZkVW9mdi84aUlweDc3ZUttZ25TOHB0OXdDM3FqQ0dRK0I5SVo3eUMzVVE5bTlSNkR0Swp0TUVJMlN2YU1XU2VoQjBOL2d3SlVnZWNMTUhrYk1vWWVCdkdjSEJTcndHUlkxMUNGL2o5L045Sjd1V0haVlR0CmlxUGFmbm4wMFEyS2hPZVg4UnBteVQxSExGSWdWbUNVK0JQUkRNcFBUVlNXRDVqL3U2dlRFM3hzcFhHWVJldkMKT2NKbW5ZNGtuZEM3dEY3L0k0cHVpUnZ6UDB3Q0d5MWp4UnlJd1Z2VU0xamFGbUpCd0M0YXNvMGN5K2xoa2d4RApWK3cyWXFUSWN5eUh5SEI5amIvY3J4YzRIbTRLUzZWcXFlTlNLQWNDSWxUdjMyZ0lONDJQR0NGV2tyWlVKa3VuCnhvY2tyUXYwdStMWjRPRS94UWhweENnNFZlK0dhQmM5b0U2NnZJUHFGVnJXUFFNWXZpQ1Z5cG1yYVFJNFh0WGwKUmlmVUNyZE5BSXpiTWwyMWVTUnFleDF5N3RXQjNrUWRtRzM1cTA2Z3NLejc3TXJLWFRldWN6QlNBUWFzUFZ2RQppRWVwVlh3ZzZMekQyMm5HaWV1UktpRE5sOXBCcldFVEpyM2pYYlVQOFBsL2lMMzVFc0VDZ2dFQkFPOFd6S3E2CjdFWUJKR0cwSWF5SzJBdDA2bDBqRFlKa3lsTWVtZnYrN2M4Q1BXc1dwZHdzdERGQXBTT1AxcVFiTm9jVVRxNlYKUEFYMHFESWZsaWI5SkxTb3FlbFdYMWdPRi9lc3YzajZLbXJpSzZ6RS8zZS8ySExrZ29qT1dkemtwVHRVZEE2YQpVVWllVzNGNHBUd3dwU1dZeHpTQ0VCRmxYMnpVL1RJWTlGN0o4cVZpajVzWS83SlVXZDlTeEswYy85Q0VrV2RrCllaRVJqQnVHc1E3dG12WExxUHcySmtCMGdCNVIzdFFUZ1cxbVpmY2Jja3lxcjdTNVgyYXQ1YW1kMGNUeUlyN0UKeDV3RXozU1lkM1NUV2l0c0p4cHVPMm55THZSd29nbGhZUDNIOGhBek1zdTVQZGtWRTBvNjg2bmRiMEI3SWtvVgpsRDd3akROTlRvOUxPWjBDZ2dFQkFOU3U2NHhET28xOHRNdDAwZUpCZ250N1RXQWYvYTJ5WVNJMWJXM3pRNDU2Cmw4aGVtdVlDYU1lTWh1WG1jQ0gzbk9LeGVUQ2dwZXlGL1ljRm9BemJJa2ZEUkdDQksxTWxpU3J2azJWbmt4cHMKUTV6dFJWVnNDbHdQaHhrL2E4MzAyQWhERUcrVXVtcDhBS0VEU2gwa2gvVjhQM1R4dTBQUkFNV1hYb2xrZjUwLwpob1hTU0twZCtNTnh2YlJlSjV2QUwyVDE2WFBXenFPREdVWHJNSk5HTmhDTlNZa2ZNMDRtYmdXclJlTDQ3bkg4CnVFQWdobW93RldOUTBLZnZnQk9Qd1Z6bW9YVkcwQ0hiTXZtVCtTVUFod3BsekgrVU1BQ2tZVlZOL1RldTRyaXYKK2wvNGpIUkU4bHpueFRBd245T3kyMW0vOTE0bHdEOFQ4a0RTUGQzT0tIRUNnZ0VBTVNRQWdQN1dYVFVTNHpvQQp5ZFBudjhNU0FINlo0amtSRkxCdmVjblYydnhjMzB2U1gwU1k3SjZhMG9wWDFYYjZhQjBXWnUrcFhKZ0NrZnJJCkE4OTM0ZUhndW1MVVNlYnJxaTVKVkhZbWpiMWF1TEhzeUJJWVROVUd0MU9pU0xKOSs0bktLTTR5OHJnSmwzTHkKazBKMFR4dnRwYTh0MmtWNXJZYkJXN0NoV1hJc2V5MmMwb1g2MkE1YVFucGlqaW90c2cvdFN0RG85TVlrZyt2VgpMSHBOcFVOc3dobm5Gc3hiSU9BMjZtUHY4Q3BodnI1WGFjYVRRcFB2TmMxOExMYVJUT2R2bU1JZFBNWUlWYkNZCnJNODBjMFJSYlM5RzZ1bXFHUGVsZGtRYmlVMjFSUHNnNzVwdFNkYjVGZ0t6M2kvekU4KzdKbnIwODFMQm5qRy8KZWRnK1NRS0NBUUI1ek9NZ3BLKzNyNTlxbFRCTnZ1NlhBUHBDL284dEZtY0NURTZyRlJHdld3M3B0aVJIYlVITQpaZklyWDFrQVd1b0IrVmxLTy9aS0NrSXpQVWwzazFlQ2VaV0RIdlpNMjhZK1RJM0JHUnZwbWU3dXhBTmM5RTdLCmdpb0FqNDJSbVpMT3lIbDFMVnZFOTliMFh3bm12ckVPS1dXOTkySWphR0preGxkaG42aGx5YWVrbzlUeG5IZUcKbG5EcUJySHdSSlBmNGVVY2JmeFJNQmNkTDUvVjkvT21id09aLzhCR0ZVUVZBdzAyK3hDelB1UFY5Y3FFclp6UwpEOG92SXIzYWRnMXF3cm5jaS8xT0psWi9EL3N5OGFaa2tnQVhZQ3BOYzlZNklEdlAwOXdMb054bWNkVWVFUTRyCm5xQVRCUVhER3o3N216QnpQbk5tckdta0xjTTRiNFJCQW9JQkFRRG5rbEI4L2RWQVBEMmcrNmQwaUdFRWQwaFUKOXJxUStRZUdPWWFGSUUwM29IWmRrbnA5aW5yaFNXQnlXYkNXdU9QN00rUE5BWnR6RUJnQzByTThuVHcrVkFjWgpuWTBaNjMxb1htQ3l4TW9FNnVrVnpYVXpXTmZJTjU4UlAxbmhRZHd5T1Z2M3dnTXk0RllaYldORVdvNzhidkY5CmtIS0s4ZWkzOVNMN3A1NTFGY3BvQ3czNkUxcVNuRGE1RElKSkY2WHExVEhFYzREaitxNHFWcUVqcmxDM3hHYXAKeEcrODlZN3JkUGE4OFh5bmh3Mll4dHJLeTgzckk1TzR1ZjNZQmZDVktRSGVCMmhDaXZTSUlxMW1MRTdmMUVvOAphTFF4a2JQVi8xRVhDaXlvWTRPa2diR29GcWc3L3d2ajk0U2tTYnFDV1NpZzBlYkwxcHVVb1NYR1lQaFUKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K\n token: 77303a6adf4c2f94a5fbb8cdfba52682\n", - "kubernetes_version": "1.12.8", - "linux_profile": [], - "location": "southindia", - "name": "egov-micro-dev", - "network_profile": [ - { - "dns_service_ip": "10.0.0.10", - "docker_bridge_cidr": "172.17.0.1/16", - "network_plugin": "kubenet", - "network_policy": "", - "pod_cidr": "10.244.0.0/16", - "service_cidr": "10.0.0.0/16" - } - ], - "node_resource_group": "MC_egov-micro-dev_egov-micro-dev_southindia", - "resource_group_name": "egov-micro-dev", - "role_based_access_control": [ - { - "azure_active_directory": [], - "enabled": true - } - ], - "service_principal": [ - { - "client_id": "124dee0f-ef87-46f4-8c5f-42d58b74a2c9", - "client_secret": "5b4f6382-7386-423f-8154-7d4ec7759756" - } - ], - "tags": { - "Environment": "egov-micro-dev" - } - } - } - ] - }, - { - "module": "module.es-master", - "mode": "managed", - "type": "azurerm_managed_disk", - "name": "storage", - "each": "list", - "provider": "provider.azurerm", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 2, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-0", - "image_reference_id": null, - "location": "southindia", - "name": "es-master-0", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 2, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-1", - "image_reference_id": null, - "location": "southindia", - "name": "es-master-1", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 2, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-master-2", - "image_reference_id": null, - "location": "southindia", - "name": "es-master-2", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - } - ] - }, - { - "module": "module.zookeeper", - "mode": "managed", - "type": "azurerm_managed_disk", - "name": "storage", - "each": "list", - "provider": "provider.azurerm", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 5, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-0", - "image_reference_id": null, - "location": "southindia", - "name": "zookeeper-0", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 5, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-1", - "image_reference_id": null, - "location": "southindia", - "name": "zookeeper-1", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 5, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/zookeeper-2", - "image_reference_id": null, - "location": "southindia", - "name": "zookeeper-2", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - } - ] - }, - { - "module": "module.es-data-v1", - "mode": "managed", - "type": "azurerm_managed_disk", - "name": "storage", - "each": "list", - "provider": "provider.azurerm", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 50, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-0", - "image_reference_id": null, - "location": "southindia", - "name": "es-data-v1-0", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 50, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/es-data-v1-1", - "image_reference_id": null, - "location": "southindia", - "name": "es-data-v1-1", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Premium_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - } - ] - }, - { - "module": "module.kafka", - "mode": "managed", - "type": "azurerm_managed_disk", - "name": "storage", - "each": "list", - "provider": "provider.azurerm", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 50, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-0", - "image_reference_id": null, - "location": "southindia", - "name": "kafka-0", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Standard_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 50, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-1", - "image_reference_id": null, - "location": "southindia", - "name": "kafka-1", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Standard_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "create_option": "Empty", - "disk_size_gb": 50, - "encryption_settings": [], - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.Compute/disks/kafka-2", - "image_reference_id": null, - "location": "southindia", - "name": "kafka-2", - "os_type": null, - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "source_resource_id": null, - "source_uri": null, - "storage_account_type": "Standard_LRS", - "tags": { - "environment": "egov-micro-dev" - }, - "zones": null - } - } - ] - }, - { - "module": "module.postgres-db", - "mode": "managed", - "type": "azurerm_postgresql_database", - "name": "db", - "provider": "provider.azurerm", - "instances": [ - { - "schema_version": 0, - "attributes": { - "charset": "UTF8", - "collation": "English_United States.1252", - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.DBforPostgreSQL/servers/egov-micro-dev/databases/egov_dev_ms", - "name": "egov_dev_ms", - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "server_name": "egov-micro-dev" - }, - "depends_on": [ - "azurerm_postgresql_server.postgresql_server" - ] - } - ] - }, - { - "module": "module.postgres-db", - "mode": "managed", - "type": "azurerm_postgresql_server", - "name": "postgresql_server", - "provider": "provider.azurerm", - "instances": [ - { - "schema_version": 0, - "attributes": { - "administrator_login": "egovdev", - "administrator_login_password": "BQYnV7htEC8qvJxY", - "fqdn": "egov-micro-dev.postgres.database.azure.com", - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-micro-dev_egov-micro-dev_southindia/providers/Microsoft.DBforPostgreSQL/servers/egov-micro-dev", - "location": "southindia", - "name": "egov-micro-dev", - "resource_group_name": "MC_egov-micro-dev_egov-micro-dev_southindia", - "sku": [ - { - "capacity": 2, - "family": "Gen5", - "name": "B_Gen5_2", - "tier": "Basic" - } - ], - "ssl_enforcement": "Disabled", - "storage_profile": [ - { - "backup_retention_days": 7, - "geo_redundant_backup": "Disabled", - "storage_mb": 51200 - } - ], - "tags": { - "environment": "egov-micro-dev" - }, - "version": "10" - } - } - ] - }, - { - "mode": "managed", - "type": "azurerm_resource_group", - "name": "resource_group", - "provider": "provider.azurerm", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "/subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/egov-micro-dev", - "location": "southindia", - "name": "egov-micro-dev", - "tags": { - "environment": "egov-micro-dev" - } - } - } - ] - } - ] -} diff --git a/infra-as-code/terraform/qa/main.tf b/infra-as-code/terraform/qa/main.tf deleted file mode 100644 index 79e064e9be..0000000000 --- a/infra-as-code/terraform/qa/main.tf +++ /dev/null @@ -1,160 +0,0 @@ -terraform { - backend "s3" { - bucket = "egov-qa-terraform-state-store" - key = "terraform" - region = "ap-south-1" - } -} - -module "network" { - source = "../modules/kubernetes/aws/network" - vpc_cidr_block = "${var.vpc_cidr_block}" - cluster_name = "${var.cluster_name}" - availability_zones = "${var.network_availability_zones}" -} - -module "iam_user_deployer" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-deployer" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_admin" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-admin" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_user" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-user" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "test" has uploaded his public key here - https://keybase.io/test/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -data "aws_eks_cluster" "cluster" { - name = "${module.eks.cluster_id}" -} - -data "aws_eks_cluster_auth" "cluster" { - name = "${module.eks.cluster_id}" -} -provider "kubernetes" { - host = "${data.aws_eks_cluster.cluster.endpoint}" - cluster_ca_certificate = "${base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)}" - token = "${data.aws_eks_cluster_auth.cluster.token}" - load_config_file = false - version = "~> 1.11" -} - -module "eks" { - source = "terraform-aws-modules/eks/aws" - cluster_name = "${var.cluster_name}" - cluster_version = "${var.kubernetes_version}" - subnets = "${concat(module.network.private_subnets, module.network.public_subnets)}" - - tags = "${ - map( - "kubernetes.io/cluster/${var.cluster_name}", "owned", - "KubernetesCluster", "${var.cluster_name}" - ) - }" - - vpc_id = "${module.network.vpc_id}" - - worker_groups_launch_template = [ - { - name = "spot" - subnets = "${slice(module.network.private_subnets, 0, length(var.availability_zones))}" - override_instance_types = "${var.override_instance_types}" - asg_max_size = 4 - asg_desired_capacity = 4 - kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" - additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] - spot_allocation_strategy= "capacity-optimized" - spot_instance_pools = null - }, - ] - - map_users = [ - { - userarn = "${module.iam_user_deployer.this_iam_user_arn}" - username = "${module.iam_user_deployer.this_iam_user_name}" - groups = ["system:masters"] - }, - { - userarn = "${module.iam_user_admin.this_iam_user_arn}" - username = "${module.iam_user_admin.this_iam_user_name}" - groups = ["system:masters"] - }, - { - userarn = "${module.iam_user_user.this_iam_user_arn}" - username = "${module.iam_user_user.this_iam_user_name}" - groups = ["global-readonly", "digit-user"] - }, - ] -} - -module "es-master" { - - source = "../modules/storage/aws" - storage_count = 3 - environment = "${var.cluster_name}" - disk_prefix = "es-master" - availability_zones = "${var.availability_zones}" - storage_sku = "gp2" - disk_size_gb = "2" - -} -module "es-data-v1" { - - source = "../modules/storage/aws" - storage_count = 3 - environment = "${var.cluster_name}" - disk_prefix = "es-data-v1" - availability_zones = "${var.availability_zones}" - storage_sku = "gp2" - disk_size_gb = "25" - -} - -module "zookeeper" { - - source = "../modules/storage/aws" - storage_count = 3 - environment = "${var.cluster_name}" - disk_prefix = "zookeeper" - availability_zones = "${var.availability_zones}" - storage_sku = "gp2" - disk_size_gb = "2" - -} - -module "kafka" { - - source = "../modules/storage/aws" - storage_count = 3 - environment = "${var.cluster_name}" - disk_prefix = "kafka" - availability_zones = "${var.availability_zones}" - storage_sku = "gp2" - disk_size_gb = "50" - -} \ No newline at end of file diff --git a/infra-as-code/terraform/qa/outputs.tf b/infra-as-code/terraform/qa/outputs.tf deleted file mode 100644 index e4e8fddd5c..0000000000 --- a/infra-as-code/terraform/qa/outputs.tf +++ /dev/null @@ -1,62 +0,0 @@ -output "vpc_id" { - value = module.network.vpc_id -} - -output "private_subnets" { - value = module.network.private_subnets -} - -output "public_subnets" { - value = module.network.public_subnets -} - -output "master_nodes_sg_id" { - value = module.network.master_nodes_sg_id -} - -output "worker_nodes_sg_id" { - value = module.network.worker_nodes_sg_id -} - -output "cluster_endpoint" { - description = "Endpoint for EKS control plane." - value = module.eks.cluster_endpoint -} - -output "kubectl_config" { - description = "kubectl config as generated by the module." - value = module.eks.kubeconfig -} - -output "config_map_aws_auth" { - description = "A kubernetes configuration to authenticate to this EKS cluster." - value = module.eks.config_map_aws_auth -} - -output "es_master_volume_ids" { - value = "${module.es-master.volume_ids}" -} - -output "es_data_volume_ids" { - value = "${module.es-data-v1.volume_ids}" -} - -output "zookeeper_volume_ids" { - value = "${module.zookeeper.volume_ids}" -} - -output "kafka_vol_ids" { - value = "${module.kafka.volume_ids}" -} - -output "deployer_secret_key_cmd" { - value = "${map(module.iam_user_deployer.this_iam_access_key_id, module.iam_user_deployer.keybase_secret_key_decrypt_command)}" -} - -output "admin_secret_key_cmd" { - value = "${map(module.iam_user_admin.this_iam_access_key_id, module.iam_user_admin.keybase_secret_key_decrypt_command)}" -} - -output "user_secret_key_cmd" { - value = "${map(module.iam_user_user.this_iam_access_key_id, module.iam_user_user.keybase_secret_key_decrypt_command)}" -} \ No newline at end of file diff --git a/infra-as-code/terraform/qa/providers.tf b/infra-as-code/terraform/qa/providers.tf deleted file mode 100644 index 88fecb61a1..0000000000 --- a/infra-as-code/terraform/qa/providers.tf +++ /dev/null @@ -1,20 +0,0 @@ -# -# Provider Configuration -# - -provider "aws" { - region = "ap-south-1" - -} - -# Using these data sources allows the configuration to be -# generic for any region. -data "aws_region" "current" {} - -data "aws_availability_zones" "available" {} - -# Not required: currently used in conjuction with using -# icanhazip.com to determine local workstation external IP -# to open EC2 Security Group access to the Kubernetes cluster. -# See workstation-external-ip.tf for additional information. -provider "http" {} diff --git a/infra-as-code/terraform/qa/remote-state/main.tf b/infra-as-code/terraform/qa/remote-state/main.tf deleted file mode 100644 index 843af53c8b..0000000000 --- a/infra-as-code/terraform/qa/remote-state/main.tf +++ /dev/null @@ -1,27 +0,0 @@ -provider "aws" { - region = "ap-south-1" -} - -resource "aws_s3_bucket" "terraform_state" { - bucket = "egov-qa-terraform-state-store" - - versioning { - enabled = true - } - - lifecycle { - prevent_destroy = true - } -} - -resource "aws_dynamodb_table" "terraform_state_lock" { - name = "egov-qa-terraform-state-store" - read_capacity = 1 - write_capacity = 1 - hash_key = "LockID" - - attribute { - name = "LockID" - type = "S" - } -} \ No newline at end of file diff --git a/infra-as-code/terraform/qa/variables.tf b/infra-as-code/terraform/qa/variables.tf deleted file mode 100644 index 74e89e95da..0000000000 --- a/infra-as-code/terraform/qa/variables.tf +++ /dev/null @@ -1,43 +0,0 @@ -# -# Variables Configuration -# - -variable "cluster_name" { - default = "egov-qa" -} - -variable "vpc_cidr_block" { - default = "10.0.0.0/16" -} - -variable "network_availability_zones" { - default = ["ap-south-1a", "ap-south-1b"] -} - -variable "availability_zones" { - default = ["ap-south-1a"] -} - -variable "kubernetes_version" { - default = "1.15" -} - -variable "instance_type" { - default = "r5a.large" -} - -variable "override_instance_types" { - default = ["r5a.large", "r5ad.large", "r5d.large", "t3a.xlarge"] - -} - -variable "number_of_worker_nodes" { - default = "4" -} - -variable "ssh_key_name" { -default = "egov-dev" -} -variable "iam_keybase_user" { - default = "keybase:egovterraform" -} diff --git a/infra-as-code/terraform/dev-eks/main.tf b/infra-as-code/terraform/sample-aws/main.tf similarity index 100% rename from infra-as-code/terraform/dev-eks/main.tf rename to infra-as-code/terraform/sample-aws/main.tf diff --git a/infra-as-code/terraform/dev-eks/outputs.tf b/infra-as-code/terraform/sample-aws/outputs.tf similarity index 100% rename from infra-as-code/terraform/dev-eks/outputs.tf rename to infra-as-code/terraform/sample-aws/outputs.tf diff --git a/infra-as-code/terraform/dev-eks/providers.tf b/infra-as-code/terraform/sample-aws/providers.tf similarity index 100% rename from infra-as-code/terraform/dev-eks/providers.tf rename to infra-as-code/terraform/sample-aws/providers.tf diff --git a/infra-as-code/terraform/dev-eks/remote-state/main.tf b/infra-as-code/terraform/sample-aws/remote-state/main.tf similarity index 100% rename from infra-as-code/terraform/dev-eks/remote-state/main.tf rename to infra-as-code/terraform/sample-aws/remote-state/main.tf diff --git a/infra-as-code/terraform/dev-eks/remote-state/terraform.tfstate.backup b/infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup similarity index 100% rename from infra-as-code/terraform/dev-eks/remote-state/terraform.tfstate.backup rename to infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup diff --git a/infra-as-code/terraform/dev-eks/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf similarity index 80% rename from infra-as-code/terraform/dev-eks/variables.tf rename to infra-as-code/terraform/sample-aws/variables.tf index 978523ac4f..2cfaace2b6 100644 --- a/infra-as-code/terraform/dev-eks/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -2,12 +2,14 @@ # Variables Configuration # +## Add Cluster Name variable "cluster_name" { - default = "egov-dev" + default = "Cluster name" } +## Add vpc_cidr_block variable "vpc_cidr_block" { - default = "192.168.0.0/16" + default = "CIDR" } variable "network_availability_zones" { @@ -19,7 +21,7 @@ variable "availability_zones" { } variable "kubernetes_version" { - default = "1.15" + default = "1.18" } variable "instance_type" { @@ -35,9 +37,12 @@ variable "number_of_worker_nodes" { default = "3" } +##Add ssh key variable "ssh_key_name" { - default = "egov-dev" + default = "ssh key name" } + + variable "iam_keybase_user" { default = "keybase:egovterraform" } diff --git a/infra-as-code/terraform/dev/main.tf b/infra-as-code/terraform/sample-azure/main.tf similarity index 100% rename from infra-as-code/terraform/dev/main.tf rename to infra-as-code/terraform/sample-azure/main.tf diff --git a/infra-as-code/terraform/demo/outputs.tf b/infra-as-code/terraform/sample-azure/outputs.tf similarity index 100% rename from infra-as-code/terraform/demo/outputs.tf rename to infra-as-code/terraform/sample-azure/outputs.tf diff --git a/infra-as-code/terraform/dev/variables.tf b/infra-as-code/terraform/sample-azure/variables.tf similarity index 100% rename from infra-as-code/terraform/dev/variables.tf rename to infra-as-code/terraform/sample-azure/variables.tf From fbc7420a34fb22c489b4b35831877aba64c41fff Mon Sep 17 00:00:00 2001 From: Gajendran <40357140+gajendran-egov@users.noreply.github.com> Date: Mon, 21 Jun 2021 12:35:47 +0530 Subject: [PATCH 004/742] Update egov-demo-sample.yaml --- .../helm/environments/egov-demo-sample.yaml | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index cbb54f3571..50d795b4a2 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -1,5 +1,5 @@ global: - domain: Domain Name ## Add your Domain Name + domain: ## Add your Domain Name Eg: site.mydomain.com cluster-configs: root-ingress: @@ -7,12 +7,17 @@ cluster-configs: configmaps: egov-config: data: - db-host: "db-host name" ## Add db-host name + db-host: "db-host name" ## Add db-host name eg: egov-demo.database.azure.com db-name: "db-name" ## Add db-name db-url: "Add db-url" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: "your Domain Name" ## Add your Domain Name + + egov-services-fqdn-name: "https:///" ## Add your Domain Name egov-state-level-tenant-id: "Add tenant id" ##example: pb + s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name + + ## Do not Change es-host: "elasticsearch-client-v1.es-cluster" es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" @@ -20,7 +25,6 @@ cluster-configs: kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" - s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name serializers-timezone-in-ist: "true" server-tomcat-max-connections: "500" server-tomcat-max-threads: "10" @@ -31,7 +35,7 @@ cluster-configs: timezone: Asia/Kolkata tracer-errors-provideexceptionindetails: "true" - egov-service-host: + egov-service-host: ## Change only if you know the impact data: billing-service: http://billing-service.egov:8080/ collection-services: http://collection-services.egov:8080/ @@ -114,7 +118,7 @@ chatbot: kafka-consumer-poll-ms: 10 kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-number: "+918744960111" contact-card-whatsapp-name: "mSeva Punjab" valuefirst-whatsapp-number: "918744960111" valuefirst-notification-assigned-templateid: "194781" @@ -135,9 +139,9 @@ egov-mdms-service: mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "CURFEW_E_PASS_DEMO" - mdms-folder: "egov-mdms-data" + repo: "git@github.com:egovernments/egov-mdms-data" ### Change this to Your MDMS Repo + branch: "CURFEW_E_PASS_DEMO" ### Branch need to be changed as per your env + mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -146,7 +150,7 @@ egov-indexer: memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" + repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo branch: "master" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" @@ -157,13 +161,13 @@ egov-persister: persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" + repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo branch: "master" egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" + repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo branch: "master" egov-searcher: From 9f308eac83ef5941f2a189a2b642c42bd74fe99a Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Tue, 22 Jun 2021 11:04:52 +0530 Subject: [PATCH 005/742] Update sample env --- .../egov-demo-sample-secrets.yaml | 160 ++++++++------- .../helm/environments/egov-demo-sample.yaml | 186 +++++++++++++++++- 2 files changed, 269 insertions(+), 77 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml index 04e596b8e7..2a9d1b6d87 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -1,92 +1,116 @@ cluster-configs: secrets: db: - username: ENC[AES256_GCM,data:En2+f1v59YFVscpJynJ8rqsSgnb1EXDuLTY8lQbIZe6IQiCcSBZebQ2mYgwHYg==,iv:qvfpmVK9dL4kEzgMv30UQ56wgyxg52vej/XDDmzeCGc=,tag:KehVVfs5qHynQwZfHay3IQ==,type:str] - password: ENC[AES256_GCM,data:G8SIT4KfwmxpznGcY73ucw==,iv:OFcC8C7zLNg1yfsMZXQPxtRSRkB0ftht2s/GjlMJnvE=,tag:0z1hPoL7taxpl31TiG6QCw==,type:str] - flywayUsername: ENC[AES256_GCM,data:KHuqf2j/BZOi86UGH3m/fXZOywAI9f3rSZVErVA5V1dhQ/VpnrA1Y1VHR2x46g==,iv:B06frZWbBDUJ55TxgXqSwrK1JpnvoUbo+a4LACIRBv0=,tag:IxyMs75Ucz4Nn6TKWs1k5Q==,type:str] - flywayPassword: ENC[AES256_GCM,data:SBFWdd5aFoQCYyTmXxM8dA==,iv:m/dTxbTY+zDx1Pto+4y5nP3XiE0KqDYz9Vah8rD0pu8=,tag:DuZzC0ZYF0sODTMPHYnNQQ==,type:str] + username: ENC[AES256_GCM,data:zAyM8wmGEKxrUA==,iv:suauKtSoZdcCN1gIRsDkqJUeolqUJU0IwQ4BJLQgYRM=,tag:RfXMpQWsaePsq2519ul5Zg==,type:str] + password: ENC[AES256_GCM,data:OYXm2FVYSdOzQPdyhg==,iv:rL76NXC4tawK4ITYBOCEFfS9T/7iJzAH08jWk61IRKk=,tag:EAf5rWMwoMQLoACB07z1GA==,type:str] + flywayUsername: ENC[AES256_GCM,data:veZ54lQZ8iq2Pw==,iv:KaeZthsqZ/1YV3tPK7oFwmCapmbeaJE46Q1gYMG63iU=,tag:IyOMLoiIuFW86MUmJJmueA==,type:str] + flywayPassword: ENC[AES256_GCM,data:FWlp1FIRyYgVfyreyw==,iv:gNtwX8Rc4jHQYgbvFLgv2/2Pu5a2/WUuEGYRks12H8A=,tag:qNQVpvsWLhPGFgkfbzRXyg==,type:str] egov-notification-sms: - username: ENC[AES256_GCM,data:n1AHfdyu2Q==,iv:cN+njVywo7deBbVo6h52D4M1WihvVrkN0cgdSlvLd0o=,tag:g0UmSy8YP2CCvX6REuLzfQ==,type:str] - password: ENC[AES256_GCM,data:CmC0q7kkvw==,iv:EeYIo8ui6DcsOsYonhYEJwhSzIfSw0VDnJx8yoAeyFU=,tag:GreosUtOl3L1MVynuI1iPA==,type:str] + username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] + password: ENC[AES256_GCM,data:6XKDSQBE3o4=,iv:lRjFZCAHER4FatyLD3Irt8sywi4x3+Rb0zsS0vUwvPI=,tag:shMpyoGwkl79KG0fbSORlw==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:ASp2uTdmoyzg3WGqW1FlBQISq4A=,iv:Z2fbmnWjtzyGlKzvn3Ah6N9sPZxQfooBUr2rq5Qu4O0=,tag:aBPocAM6DUOo3v8Uy0JJFw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:8+S/AKOM7ZqXw7jqUFHpIh/G2ryukIeTQPaCecz/V3Vur8o2yX5sCg==,iv:zi/eijnKSia/x3PT35r4I6ge7R+PFf0wK9hoeAtkdDo=,tag:OBCqqzlPOji+SvdHRcP+nw==,type:str] + aws-key: ENC[AES256_GCM,data:M3qMixMjGu5OBENIG1NHUpHUX6Q=,iv:nYp30K71FiIODnGZeqCtWxxPSKNhzj/eHxQ3wMmOjpQ=,tag:Zf4mVIG0dPfaZ7HFcru3+w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:s/C8CZ0b8lry8DnWAYKsST835mgzwnd6xqi54CMH4Pjk4TcfZyV/9w==,iv:2WOzXHSlUWPOR9t9NzMs0LFwdVBoSLbkglVDph5mdIA=,tag:6mKNXA4OGvzp8dFnTsos/g==,type:str] egov-location: - gmapskey: ENC[AES256_GCM,data:WIk/vMy3Z8qRxm4XxhmgYIy7syzW5GCTH1CFJHm1ZtTEBEMHDXbt,iv:yBLVOJetLORtz7nFf19SZMSrr97nx7VrfIvACPo4asE=,tag:Mtg6HFr+Z1ccktZ7j9xnnQ==,type:str] + gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:mXuKJlYBOZLKVdnOp9FfRg==,iv:vX1ARV5FR/l+2TgT8v8rodTyQTpV0JsYIhVxr8e/+ZM=,tag:yvnDKgUi/zCqq549TDST2g==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:4RnEMSiHE5rbJ3WRt3xO8NjJltwXlMTTZSGYbqbfb3o=,iv:N7V0rjUW+yiz8+c2+yX17UcDmvaKikduet75nQ87btI=,tag:EmzT+Loc3jK0AzywLRCJaw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:nDU9KseKxh23IKLN3o2m,iv:nmakscSzf4VWa+whJ7IqA5owUy2mozrYTEI9SV3DRbU=,tag:JtuPJSoih7dcBinLRlriGg==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Sp1g7l0O57hIsEE=,iv:59RvZYRgkrsgcNPbu1yZc5qXc+w8HKQt4qPy1IgXyv0=,tag:OQsCaOJpydL84E09Ebf2VA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:EKEgpSR18RQ=,iv:TiNfMhGdvweM5wZwOgNURBkjtU+m1JJM9wBVVf2OaKk=,tag:TDF5z8ca9YaQQO+4lVrGVw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:f0kQa1nU,iv:2d2ikCBWaVv/aG86iUi2Q0ozZsT4JUHwbx19SJ9coSM=,tag:i64d7eujEiZubRqGZbEzEA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:YKAoALKjB0I=,iv:ToE4EOyum1Z3FgFNCAWmii2eO1ZqgDbERzO6z0/Fn+k=,tag:NzJmK6bRJ1yyU1GhIVkb4w==,type:str] + axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] pgadmin: - admin-email: ENC[AES256_GCM,data:fUb2ze17kETWLcaUxhpTg7rz6ilTOIOTAA==,iv:qHNeNWJ1gv77D3RgHke5ss2O3D1vkgkVWMTemzHEylE=,tag:3sShr0oQuRPMAAuvJQvUZQ==,type:str] - admin-password: ENC[AES256_GCM,data:DAvfmucbH/ZlnhYYgFA=,iv:yLvWMv6WFmaNvP8YYdWSViKQRC/J2ov+UXBdQ+Rc/Uk=,tag:yFvssmpE4+0c/bafLM8hbg==,type:str] - read-email: ENC[AES256_GCM,data:VMzdHiL+3q61Sw2WuxPwDLjU6+KuQ39u,iv:jDODYHkfW0k/ze1TJQrnw1CzWDD5+m3ynND/JiUtHdM=,tag:88q0tcr2L9kJvIlQTAcahQ==,type:str] - read-password: ENC[AES256_GCM,data:TTg3AO1HDiqXh1r9fHoy5Vw=,iv:YF5hqEKtslSuTndUze0ocBr8qcYVfGNVFnfwiF4CYOI=,tag:mLJ+FYXqL8OTp8ARLq8/AA==,type:str] + admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] + admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] + read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] + read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] egov-enc-service: - master-password: ENC[AES256_GCM,data:N2tyVWLXhE8KGoJyBQK40Q==,iv:v7HXVTebjDsax2v2Qdf6OJh49h5SUI79U9xm36zEcX0=,tag:I6ik8auwlPUlY79ndBoyzw==,type:str] - master-salt: ENC[AES256_GCM,data:So15EzBe8w4=,iv:EJHTFkUWs+NU89YBDc9K4RB18a2DuRZe98Z7qddb5/Y=,tag:G+Fyix0BWXSI59kS8e1fig==,type:str] - master-initialvector: ENC[AES256_GCM,data:/MXqrk8Gwy908X4o,iv:3VeCbgpg91BKC6T+D1uU/P8c+knW6OOx3vA6y1Bai/o=,tag:1TPvhvV0RAaaZRuy/wKoFQ==,type:str] + master-password: ENC[AES256_GCM,data:RN3G5VeFS8T3XbzaXr0+nw==,iv:h/bdQApXCQg7y3SUyyINByOKgMOWAJ8LsPvnxq9Bbxo=,tag:ju7zSODwxTlqXyQ5pFJuig==,type:str] + master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] + master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] + egov-wordpress-portal: + db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] + db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:46SVi1svvzO3PCslqEsB7UDlmpSznGzUOURFJKQ=,iv:MiBSosshP7oXu685PIXHaB5n8rFhs2SuSKJ4H3F3VpM=,tag:FBFa9QSdX9+xJJb06ggh1g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:aj9GtQh3t6WHLOC2qKwjCsfu,iv:o+1QsKOV4F6fJDMmaTi8OsmEtdsnqUvZYnl1Ib5YCSg=,tag:TsPGoVJYC7Jb2BSbB6SdZQ==,type:str] + mailsenderusername: ENC[AES256_GCM,data:DyivoESTToF9YJjox8y36ssmwcvKaOhsoC/fcyY=,iv:+pNwxpneD5tiwX5fjVd4gssQtDjtDPl9LTAfSBdX+cs=,tag:byu2BFHTcM3X6EdNGn2Unw==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:NAkt77ffExP8dCKO1meyJeGt,iv:Wu7k+de1S+qMFi2b8s5/Im7mxaNsJwZbIkyR4HfkSa4=,tag:cXgG5oLvaoOKxVZ1PDqdcA==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] chatbot: - valuefirst-username: ENC[AES256_GCM,data:EAOQ5E1wVxVgMos=,iv:zm/VoF3WOaC1NgMXkHBeBsesgbtjvAEMa9OsoNNAI9A=,tag:/vVnwQJ5fRHehvoH5qwSxg==,type:str] - valuefirst-password: ENC[AES256_GCM,data:/mSnh8iwAhhl,iv:JX+38t5TrnEUUImyI+rOYUPig6yLLKGXWzf2r1ZcFDM=,tag:HHwdhWffcI6nIsFqYCeHPQ==,type:str] + valuefirst-username: ENC[AES256_GCM,data:YaKHztXzc6du4r8=,iv:euz3KT8NO/6W7eEEa+FVwfppCFGx3tUXdsdfxDFLZBU=,tag:1sQpYok31KwI06e5n+ZyVw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:Dk/9AbjYH8kE,iv:3HtFJjFOD3azGeCK8bdkCyWx2f73chDqGH9aLB2Bnhg=,tag:Ez6LAJff5ZWsvCv3C+khXw==,type:str] egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:J14KeRHF,iv:YQ+uozqH12OlBLUEreSz0XgwjDOENPf/0VKP3S5zxy0=,tag:jh/c+FZ9NfRaKZ2EZsGtNg==,type:str] + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:RuZTMeol,iv:K2K4/k1lxlYaFfRDuvkOpkEg4uwaD20BHrqO6K68qhI=,tag:pc/qNeeOoSZnA+F3iQANmQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:Zc5129eGy3EVvQPMEvK4dB5HQig=,iv:n3eLqIDlFyZR99Jzmq/GwXpzOEV+CCaq25Z2ti9usVs=,tag:tk18367EChBsN35hucBxjQ==,type:str] + clientSecret: ENC[AES256_GCM,data:kPGM/CdWtrlPRyMjl7Az6ZKJAizgI0rlQmtOoRwxuc7+zmJANFnVOQ==,iv:qUCaGl7OobgMLJMlFjICbMWLeiwj3I2ZeIPEpx1l8cA=,tag:hi9GYABVLyzueWLZvk9nrQ==,type:str] + cookieSecret: ENC[AES256_GCM,data:m2q7jHsZKeEcr0GwZBY11jMXfAvchGYjbqWRTzVXl91OK9cG,iv:AjYA0sOdo/r+rpsqBx0Q4GYtBm7vO1uG/F7qWCgV/XU=,tag:8GodHvfl6vvD33DEu80rqA==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:s/Y=,iv:IaXwi3pn+YMdgHnWPN0h2g0B9VZ/JKjc7GtBhr3chL4=,tag:TvZjmZac1s/xIAfzcfuHpg==,type:str] + route: + receiver: ENC[AES256_GCM,data:yggN1X5Pf3WN8mY98/4wnctfUA==,iv:kWUEsWCgviifbw3Un47ibWiZBJFL1XmZik6+2Ovz61M=,tag:kX8M0xg8gjGxMAmPRBRJ4Q==,type:str] + group_by: + - ENC[AES256_GCM,data:SazP3pSTVebc,iv:ZHaPLIM2Tdf/NMIJPkgLhyIy6dPsfm2HWPi+yYgyUmY=,tag:QUv69KkskBxlQss7um7rUw==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:x4Bn5JlypBsdnd5/xQZORUswSQ==,iv:p1nbidvGYI7nEpywlrvH+qxtwn411JhgOmJjE5oCgNM=,tag:ak1x421wuHkvREql7aNVyA==,type:str] + match: + alertname: ENC[AES256_GCM,data:m7Ocs48JrXE=,iv:MLpTVCutfraO02epwWAK+lkxX9IDKK8ciMOjSJ6d3JY=,tag:8Hpitk1sCKbrjckVjQ8Duw==,type:str] + group_wait: ENC[AES256_GCM,data:KQ9M,iv:uKG952L+YMfhkESMx5vGRGeO2cad7+FXr0A3DJjchH8=,tag:QcUfs9L/xgmmJvZXLJXVHQ==,type:str] + group_interval: ENC[AES256_GCM,data:t24=,iv:CFD93MzLGJ46OzHX9yw/hG31ixnr4OOKHCOv/6Ap8+Q=,tag:k3nDbNSMJsQ6wXskAnLabQ==,type:str] + repeat_interval: ENC[AES256_GCM,data:T9H+,iv:9F2lg80+InUq/FjRUkltqqHLzHyzR0mPJCmdJ8X1Kyc=,tag:cxouK8GJCRbLfwHnnTXTmA==,type:str] + receivers: + - name: ENC[AES256_GCM,data:r0LAiyycrYIy0YJ0fep0peTjXw==,iv:XQhqNZ0mhLG/ZxlshvFv32oH6JJNzb5sSxmPGX2mWFw=,tag:KgEXjnEog4FFsXT8/g3FFA==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:M9K5FA==,iv:M6iqfcnTFaXQMMxdU+dGF8pG1YyMbl6LIbwj4WAfp7w=,tag:etmGVQl9AmU091tOooAxPQ==,type:bool] + api_url: ENC[AES256_GCM,data:xeIU5xgYeHtJ0sjdFDyVKuypWqxBoJtb8JRGA95RyPoG2+4x58dr6ZN43flJxMNoomAax3yNRt12/nwDap/3MWAbWA1rncju/5YtA03mKA==,iv:Qd3diKewnFOs0+IZxP2MjqDoExaJbvw8TXGyr1y/JZg=,tag:dHByzVUYf6tMdCwtHIPL7g==,type:str] + channel: ENC[AES256_GCM,data:7C2XAQLcKpPrN5C1GV4CfZri2tpKnQ==,iv:S6EGlOpjzJ8NFunjwGt80lRR7dFZdJak1PQXJ81W+jc=,tag:s8q+QT1zC/ORyCUkuaKZkw==,type:str] + username: ENC[AES256_GCM,data:+oeV3fQ8JJtxXDR9,iv:OhcuaQjqLyHpkVxLYTglsTKQTDuIWorbV7bDFTjQrVE=,tag:EGPOSTpikIUQmVVKQ99gYg==,type:str] + title: ENC[AES256_GCM,data:zz/G/DKNpYabqF1aRPrvgoMHqR60fAjACMen5tG05V4/TkddK2U=,iv:xTvpPnHMknoX8bCcaZp/bXC5ReNiQLgNTfZJduMe6xs=,tag:3X4y+9dEy+dASVLoAHJZ0w==,type:str] + text: ENC[AES256_GCM,data:j9D/y0awNYPPDx4sVxkAbB58lMgZuTm6ssYhFI22b8eZqxSnLQ==,iv:aF40Oaco9I2EaZlMotM2zfXGi5ih0syUc+5G6pcuk8U=,tag:jlnCwEYrpY+upEvP55VIUg==,type:str] + templates: + - ENC[AES256_GCM,data:wUteqLfnIcDVPN4avxYe8mqr+3Z3LqGynkFAqXRQSeYbu0+R4Oav9o8ZMR/1hrl32HMW9jLX0foenGTihBdpwvsQfqgKL38=,iv:Xd46zFIz4RWO7RqvhJUT7KuI3tGNx4TDe+WF+8J4cvU=,tag:R241Kj77zQOLELavoRUxOw==,type:str] git-sync: - ssh: ENC[AES256_GCM,data:aHSARuLB6Is31jrItxxlKpQ7MLleSFgnjqTAmr0Jl0y6tuQlplkXwN7ygj+L7G6ZZojbtRsIpwtbe21qojL5RZhCm0FQNGZX4ATF0GV8FqrGf5ONREjlhxbxsDs/khysiJe0NDG73nmETRudwClzRmfpPg+OiLGzuOJgFT8M7A6RNZsLi7g7N/CCsOB42XMl8UciwWQgs7ctofSF0o+bH3AZqA8VrIyLMMrSVADmLxsL2CXvANY04Xd5tTHenQ4yvNk/1LJrZh7wlZrJLlQ7a+p3H+Cl0XIl0ApaLkVn2rqkBmhZ9JFNhWyrEzz/KPZ7hjD0qTdYoAXVJpXqcKrV2LsEarvVXQF5cxHR6qZbEQsYbKWf0K8FVem7dxbAe+GnyplSTzQOVQqDe8Mt5AUFMezZvNvv52LzoDfstsfJ575pLowiYoJ4dm731uZEgvCATRMYVEpmYhdbY/Bt8u1E0TLCnzYDot9HwYaz+gNzMvxprTEA7Pp0d7mvgmvjcoZRLJ8R/gJ9Xl1x7EmTkDozg7t7sQAimIHvMdMlXD2wZ/E93Cffm9N1qXC0a+EELgdgGJzJY74WWTYM6y9urVbGFBumFuvpG4blEshCnQZ7l2zGXKQfouVm0LlDiME8Q55oqJtI3ucvVHBmj5kpV5/P4mUd9SaWFavYnNioz0Ohw6/WaPJ8fyI+w1Igh58L5iorO4v3O4z5wn5JB32AOdIT4ePgfiEpSsRAnupZytMduPiWHl1jdVE7rJC6TAxYfFkUpL6gkVUNM6tAmIq7ITYfTVge8FuoGH6fDgFk9jAbyN2pswV+z+DDzfqyfS0gzl51E3ggvInFX5i8lReOx7DG5dGCwdC/U4CUpqHPBeC1rJ821IFKJ2GgXy3waNxepVDpx4R41SyMlgjLs7sHW8S/cOcX1UBVL+aMRG4FnZU7EZlS4txHND1iKXl65t7ucQICXKZOAcrkUKuoPfNZnnl0gFyGBVJPvtJA938MNiORjCb9NPK6Rqk3q+Bo2C1bDQfx097D22RoV5itWeTbUPGElRdt7vZmKDPfp6VEkmT87JN5nJAEp4OD0e1ZYsnTE7EIMgJBznX17qZGJgk2x/4ZU1VKGMOKEPFhXaIhZfFk1vqN59aOGTPbWbzdISzGrds0MT0fvQuIaKmx7gp9zP94NZVefl3v+7tXkNSsatMa6/CG2W2XAWVy/IQRO2xmSTK37tn25LTGyM6Nl4fNuvBqkZVb0lrA77dnOIpf9ZfFZ6mxkkIBpgIJi/EYwrscWrGkrFPEgbS4IxrCblve4QvpjB8Us8FbVLzxLzT0iotn5gp926E+H0nlUKJxluvuZFq8MSs8qMCyYXDHcMKK6ESw2KiN6F46i44k5Zw18Ie9CD/y9e8uOSi0WpjNaLSq+N+kLawpCwDB58aFzmJ8eGNlaG6jh6DxGhX1YWLOX56ZWh+O3XV3OLgHj9leMBFcgurz8mtQS+lRfDhWbVGPzQg9KjN4Tk/yLdMEmMpahAtfrtHxGtc9FwX00iV0BC+KPyX+MyeaellVIx+KZilHt75B9vbfpMKTesS5L9NaIuLH9np7m839v/FSZlnFWnDAO5AjtjhXtlY2oEwYDhhf9wMVtbh4geVvw70t7S3tIq/VHgcE5Ibqcxd0vrv/zjd/BKZPsyrz6Hr5AXOlTOlp7a4PRhsUpXzhzUeoxgMj4jWEzZyNWuu+cL8t3QfSrijjukMv/HsTtEEYUxDMJE1q8Dc7i7v8ITGX08q7UPS+OaRLp2/nJkGrtL1RlxdlxF2cTUq24RmUBbjVo9ofdqsRaXlfobMRvbulM4EYhUg4EfVQFjBuf23d6ld5ZsA60TykS8Azhi8AgRli+X0htyvW9ikGs8OqCN+BBZ6tXXmNOuRz6uoBSYKZv+JVt/HCa71CKN92e9qLsxU1+PiN1zVyW+q5re8mFoujcEaUICJ/0Xnk5MwrO7q4tU2zDG5hqPAtA5ie7szIRu1dflv+/voY/8D9GQi+BOPOOgnjfvRNycNjpEGlk/Wpp8gbIg+xNiw70cQ2QEi1Hm3hUfpmLo084+I3Uw6o1KNbiM5mPDL8RZUqOqXhLWAp2gFPI+k+c2HTBfXh/Q5qUwKSPkLvIdOYy0vIMeWAggleZ0pp8GZuTuQV3RFvj9ZCmPMS/KsUaGF4IxVNJFTOeJZ7j9wJfRojyu9zxsWUcnhn1CjOasz3+sgbHbFJojzel3lbT70L8o4XhyLxN94UvTa9auEz+kEbxOfp9H3h67zJPjb3xsE1K977sks6hZ1SvbLf4B1gIB/cfw973oshrQ4lQwQibiGZPjRFGt8m5CmZ1wGT2zM+Tcvzb82F1klMjEpFCoyzOS32RtrvgCRehACg0VUaPvq4GB9axXzxFEmpkoAQ5TAiTKoz5VX1P970qwqp6vwX2eyzam+mgM1Ul1bzPMA3lCJmi+L4Hi3GgW6yz1UmsgnPSUa7AVUdr1ZQmynuFW4rgcUdqZfMDFX4SBta6PHY8sJjfOUSjP2ii0e+ifYACpAic7WG0UcYzOmkWbS7saWRuO8h/htbiiQeysZyRjEKJWtNLLFT7zRv3gi7SmAsMz8C1GWAJHejPpFAC3lQI0jyaMIIJYsbjxGdMVtKUWvaERCzuGvA8cqRZ0z/HaMfMNVs6KpBUBzkU3nAQJPcw99S/FbyrmKQloKtBq2VIOLu4w3P+EGRcvmlcqUK4caG5v6zWvqecktqPklhlBsRQtMjWHmQzATA7Y2KbP3OdXhZ4inBWu5esf8kzoOUbfh8HUIXiSNx7Y7jThfMMF44jZ1BxUkHIc+jxKSmxSuFoVAAmVZANlsvjlROyXYJ106kEZ2Cjab8QRWCfXm9zk8Hbp0mJ7BXWA5U4+solo5uhxGY7m+In8h7vL4q1WNROOFhGGMiMVOkXiLRGgCmLUfJmOboN86zkpxZ/rrNXFeSdnez2+HOI9DEcCZZ9AEmnLWzhWimJbNVtlwrbRyluZjiNupAoWxolFZazEyCYHwi2ST+RP+Mit0nvGJ2/NfNNxso5inuy6uHIp35B2FuTtsLJ5PW75BVwHhXfJ0nTo8EWoNMDC36Eh8Y6B64gHieA8RKOJg5h6fEWiU2YLI91SMXPKOZLbKBNAAknzlq2HlcB3wrhN4JcdMafxcNaaHTZoWvAfB1eQYnfyanCO6NTq7MuseYJ7ycYPQlFX5dbmm5/B0jh7alsM1BkKQwK1z93FA5eNHsipZfqIEh+CnCalu8mdhB5goAsO5u6JLTzLv5RZQJeaL6lUhvweMzrPbMj5HXItSj4k7IwtriKR07Z32s2lEtMNeFeyC1wLTT3jzwSBCr7wf1D7nCaUaWLNE+v6p9OxbIk30NUemnqWS3fDZnIe52xFL9U3n6nkSwFqyIkD69lb4gxIOcFJrgxYMyLlawK+I+Q1URb1aTBG7W0uzWFdxkLXWV1FdRlRuf8s0xdBTQ6FLPYyMLaPowY4kwNQcRyD/mHGc4dEtuk8VCKjaVuJvfQ898Fws04oCQy45I7vcjK3DpiAmtcElo5OoTk4zCoPihA8ubAiI4cnh3rLKIgGohPRsHQAN5qqgsPJ8eU1EIeQXi+1bSP5iwHBuaqTQkbrND16iVpCU4/103qkkccC0d7yz4iWr0vd1T1jmjP/P0rmOenkWiFi2ezW1lo4qYJeaGQ6zq/KRHbTqtyfCiJY9mJX75g0YmN1aHNRfHZaUtznOzRyUiRbKdSYRcmBXCAJLLmZ/SAXQGdwUyRXwpswyb3s3y1P0RzYOZaSRty5zpaA7XY87XCmfu578DJfT7SHWHDTWdgKQzyd32AEfaCsPNW+R0t1PZsMGIjRdazuNpaQgCRdrCssgcX3aPkDOaXNbo6lOWQqE9divzJpaEG9Nho45dzmjmvijq7LLkjdp/p085YjKzPSgAGo5QZE5JSguvRC0Ng2qkgOhTdTdAMfWc72qfIiuwhZrbkzvqe79DAZM41D27mOUe7cTobKwWTZlMwZemxJConFPm9Zc0XvFCrTRTdWoIiPeXUoqY8VZcvo1sso8nho507WpyZ8oEd9weIZYO9M1nrRjI7DhdBjN8soboYFYanom1Mf6bXd0oczJcvLLvasFnibqsPAJuSex683BQ2FMi9rfhZTdb9m1AHJPCavep21adsDs8GMvRmQp6pZtyCTq8lVTyl4+ZwaQX+geFvEBq+sa8lwgkaIkhKg5TRZopqAmwMOSLInAPEWHbBgbNyhRP9AKuGcXP3lDlfRGoD2zufyDCLM2N7lYXWRsOxIfdHOHPSx1oenBFPuNkxqIpX/Z2m21B9RrtuWFa,iv:RzqntbJb+bSZg53A3M1NKAqBE59imTFJzeXKr2G1p+Q=,tag:xfDyv+j78gsEVxQDTzYsTA==,type:str] - known-hosts: ENC[AES256_GCM,data:bD4kZ3KSegM2HD+pi0B4O1cA37As9D+AulqsFvDIEP9KN1oIP3ydO4L4ZbpP9e9ROrTxKcYswULITCPcI4kSRrZenfvQsK8t/TvItlU7cYTiXY4HWWejJRtuI+OesAc4azyJJav6SUzCI75aB2MKXSTystVr2lJXkRkSQMfnl5p9p1ckDCLpQU5gmKag7FTXRS7AKhSisU+CFKEHiEyrHgqQa68Ngt2lY51Llf7XILlgbKC35QxVHegx6cXJ8lI5fFXEyTM2Vb3wP6/Ch4uVtIAS10a2G8wnvp7VxE5Re1QXOapoAE2FS11ZKGFP5HJl36sNhgbECTRkBkYijmJQrplc+Asal6t/BJDTwoFLjw1Zw3981qBkIstu1FPrqIJat/WIZ1gzdJB257aDLWR+LI4eSXjdVaThyzHA3vZ98Jj/Ny4ivh+OQ84szg+RJ1Qa2uiG151NVQsBeX3ZHFsqi8pfJg/Hb/r02sUe5Jl7cqrdDrJ0c7mqf7ZfEYFd3GoZsGG8oCpyIQ==,iv:0nflX4QAV3VQ0pab/qAHV2FnePwKxxcoEDgfOMko9TQ=,tag:3ATzMI7n37xUT+64NhNr1g==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:/nF25GUYZXUZQA==,iv:UyXZhjpEA5Wg1dSWH8pHOlVDjuoo1pevKyISgKKAVLI=,tag:gn53GFYHA6fmaaLrHuA+1w==,type:str] - credentials: ENC[AES256_GCM,data:aeiT6NgUgS685DslXeTF83n8yfYJ5Zt/LZrFhM9fhb+JNP7KIn+G8xz5Dq6fvfgr,iv:13ANY3xedLn5+Gh+h+Q5VpVFrXx4mgJ/MrO1jizTwFw=,tag:DTa9v+NJL9whFwjn2yVFXQ==,type:str] - ispirit-ecurfew: - karix-auth-token: ENC[AES256_GCM,data:FP+oZhm3NOnlEYyZZ7+E5YOG7VKtiqLJ,iv:YX0HH/rzkH3beNffE0V+YBEFUVnsZO8YBFtTDuczowQ=,tag:d6f9zVtTX0ynOVkEw2MtPQ==,type:str] - db-username: ENC[AES256_GCM,data:u/9a/9a3yEPQv8e7Je5LlHiCV++qmhliudok6Cwi0knpFCL1job3HnJPSPfj9mRZvQ==,iv:2Z/5bseffw547SLG/wjY1hBQcZubw6QNwNx83O7QFeE=,tag:A7gniCo7hNZ/kj0XcX8Yfw==,type:str] - db-password: ENC[AES256_GCM,data:UXf4/8Ui1pHyKz0Lsb48PA==,iv:S7jcdsQd/UhHqe2MLbbAms/8okAOSbaDfx4ZHcOm6HE=,tag:L/JqyX1UPsqFI1TqXzXpsw==,type:str] - s3-accesskey: ENC[AES256_GCM,data:NHbAH71LsfyUSX6zXFOFRTe+tuw=,iv:TOM6ROWqkzSs6TdvLmlKvFJZedoI/x/kocry2cAt6yE=,tag:YtnezjD7GaGILOE5T0CSSA==,type:str] - s3-secretaccesskey: ENC[AES256_GCM,data:SMlGZ8cvhujHLJY/nXzorLoWmJYSSkpqS4CQvQVX4agS3TweqTrwww==,iv:0yPU1AKAFJV1tikKnoadgsGCuUvwTC/V6W94fySt8Tc=,tag:WSzFyNLt2ZC940dTn7xAgg==,type:str] - twilio-account-sid: ENC[AES256_GCM,data:gv1yyEJxYE5WFk6IdDpfb/kPxFqpGN0K2JOn7QvBWMs5xA==,iv:DnKtvXce+EE3TGdOh3wW9jKQ02adC0T8JRAV6lNZ2KE=,tag:/glF6HkS9EaYNEK12CYkPA==,type:str] - twilio-auth-token: ENC[AES256_GCM,data:TkDUhT/4dzOgyFmlTF4DJshR9AFe48XFCp/WSs05of4=,iv:vs4n6fUaEmP9wwUbIFbOOs0MxXh2xHqiugjKd0eUsSo=,tag:E3SRZbULDYeE9xBrzXrHnw==,type:str] - twilio-phone: ENC[AES256_GCM,data:LHy6qGocuWyJl1Hp,iv:Aa+VeOhv1GEispCD5Q7lvhjJj7AVvtoIPWoFHFKqByY=,tag:eeE4wHmaFLorDDTym1EJCg==,type:str] - sendgrid-api-key: ENC[AES256_GCM,data:He/kqhQI14goYL8LdDNJTG1ckeX5x5ve+jZU03Twj1bZflChzmJKdZigCXukdMA7vYDjjWyiAeMTiNWtKzX5weI9I22E,iv:N91xG3eKS6BFDpzPReWPkx0ZLTol/6dK33RiEWpeEfc=,tag:Ylut55+Zq81dwjs1cqBp6w==,type:str] - secret: ENC[AES256_GCM,data:0AlGlnCznlxQR8pE/M4it2ywRW13PfYxDugwqftxo+7VC8hStXO5FPk//ErNgsSCu8NT3w36x3uv/bT2KnIbpg==,iv:XpUtR7o6zUPd6mLnDFiCjk9O/XOemndO8TjcaelI0Es=,tag:79PQZLH9P8dNDRCvHCU93g==,type:str] - auth-token: ENC[AES256_GCM,data:Xj/muZyiK/NrdNDBeKfB4ZeX2dI7sIec1dGTHhu6YxGN7Qrk,iv:OFsxpAo5xP0rt+B8d7Fl1PZ9oO5Bg2e13LNeegaYqf8=,tag:+b46PZsSLV51ECsmle0tSg==,type:str] - jwt-secret: ENC[AES256_GCM,data:VRC1OedOg9hn+5zByjRDaQebiXz2slfopejjcF7U22MqQS22e6QsX9AP4oOlwnBy8lQL,iv:IRgBB9RxVsf26NoGaW6v83Ft0LKrBu1NHr2dXzXDM5o=,tag:kD+G6ulzBGqYpNNpRA8Vdw==,type:str] - public-key: ENC[AES256_GCM,data:NaDYzcbm1YRfYWg9CbylQXPiZv2vBpUZTrz5dxQfpMEkrY5VSAW3ldcROMuY348jYoWcx7IXLWDNfV0J0wE7PHgczxC/+r+D/o2Dhvk0wgorDVWqwJCggugXss8tyOJp9Q6HtjwK3uvKC5jYaq7r3q4e54rchF7mvNTz55djR8SovMG7k6GGTg76m9lPayHRpLiIT7E/9QVS5wDzqEelVrGMjqqLuznX6iKfo2rA3lceGZJONDEn9QAQr6D61SzAftjwOXynzMfnKHT2HvGvjmISA68luP5An3PULu8eb8xfbiZ6kkQXrxsG2jJgza0yaCx+apeUvX6ga/neY5jEhYTNvhefNd39l9aXynBfJrJnAqu0mRa52+r90eduAKGvjNIsLa10V7DhTp2WCXn5fDu4qUjzE2BSMnuo+Uz9mEEi1tRIXSOUJi+UWHGJsKvwKxmypEs1EXOMjI7QGbXdTgoTdajR4PDoRngYgZR66VehirNI/83XFtsrGMiPkg4GAjN9t38KNJzBncI2g5vtpn1yP9GI8ZeYqIhqbxR/sZbdwV/kz8cd7klcHd/YYd6gqZqE2QsbKWjTt3nedri0iA/MC7vKMr2kcflEeZ9yfPo02DrupPvatgtq/dL7b9h8IpBl7hG8Fxhr4GD8xDh13QbdC94D2e7GrDaO2R8QByPVwULTlH9zOCzxacWVA6bJmxBmB/gFlCggHPLNeqxOAwYzeA24EzjHbjjqwBE+Xvi1BOz2FdqLTe/+jq41XfSx8c8tlrPlgfTSNbRpSftBsyUJQq6GXHXI5WIbT0QYLeXggoURosxASLLboLfzpl7AmUisDAxS7QJJnHrZylmO2RuZlUt4LSOUeosodlkJr+3Fx6Ch8YBnW6bjE1soIxAMMcAInHP/tyLwMaCQH0+wW4VG9ZMgOsn+PtPquhqnGRPjJxcvCXjDTkwo01WTsTAyXLGsXmkztox/v0GxHGr4486eaDGlhV/gyW60lJcCVpydi7DJavs0NQgL3O+SPa2zL0qNXRQlM5xwBbKDCY7ef1NQwFcJVXaxM9cVul/EcQMam5bjzH3HT4pGvJXi2XxHzHJfGgO5pHmalIKTDzRTz/DIvXmLQTzbmtK03oIkbR76mDr0dOHhm9JoyXRvaK5nyhWrqMMmj+Hm94CVWQFgfwiiDuU/fvz59fXZraDkaR77vakuOZzV5N185R2JdofoKaLkjnF6136xdWywClvimYCWn4I2ZvLDwpcSK9cT8ZfyfPJsjgKpTgzf31tma/KhLv62z/i+pMB2vZXs9VzeBj8nLYwlIF87W76zUm28eA8W6i5ad6L1VOGnlsMHgAi55JzgkxwhYj2wop5ZO0rSsL/786I9YSddrIqLERHlY9YaPCdWaC4IA2ch6bjmsjr8y3XtW+gWJCUSUhSLQImT8doKSHdTTziby0l0lEz3C6aD1z+P1IKc8Ef+M2VCLg9UPGWs4OeHQqgmW4yuMxySjT33LvGdQ8mKxbq07fgFcsOkDB4bAilhk2ZlRICPAwUyK5PNiijdqX91Vd7c3SW5j5ZcbO4IFVtaElTPCxZlh8Bbl3R0MvEKZ1dl,iv:M9V28TbZaLGFHa1rpgD84sUMrKcp1w9BrIbu47/vGHM=,tag:HKIEryHi77RWLCRPft4bsA==,type:str] - private-key: ENC[AES256_GCM,data:n9uEARVPj/4+ad/rjxEFSEWHPP11dj9WDyeJeY4kA9CTylPNNwiVCuXGjCTFdnvEGmLeSAtJjzxj1MmsWTnHW/dnUW8SXlnp1rUVJJ9SMjTMpTZweiZW73ZSrc7srGtBxTzgNJnsPUQbxYS2wn3zECKA7aRFRPPN19vMQincZCOLq8LDw+TKFMqqmeVGE8Wfaz8c3/UsyEcIA0mpSsCBwFjSynLKshrTFsD9v350YLV/GPkq6wcV4PIL28z87h7RJFz0bMnyfxu+qf7hqRPnYzunwTinQ10w7A2g4tJ1C/JQHCdQMG4oOwrJjscRGRkW9DosXn0E724zdhee3RkxJhvt8gY5B+utsR9Ti/p/+wHOu9wnw1ScGsVULMeZT8hIwBY5wcLqDsgskNn3lL5zOhuuEKXxgSvwxgbNp7DslM8gmJQ52kmykWpQ8ChEfF6yPQNbg9Boc2GvvCKwYEJmtwcB7d07iVnBufFCSUm2WKUiEegonHLjKGxeJO44FeavskOCF6rPxhYZ3z/5Z44vKbaXItNpYglRaBfK0Dk0vJeupdkZ8kcTCB1YaGdUhi2514kF/VZlz6COlvy3VZtzEvHdqXTjkg3lya/AbEMaRqlzRe9lJg4WXR/u2WKxQLioBbpJKQvzHbzCGO8qdzc5hG/w6TFfTuemIbpiynm33YKyD+FjkKZxT8JTYY2zb7bhVC/8DOMdAZnHZ+E3bgPhm15z2QIauV91JDSeW8usEgyuOyQvDpHxRs5J7JsHg3loKKKp1WhJFuHaQ4X6X1vbYj4VZWwdprSQMeal9AWjbQBzsohlvYwfYpT1khyUkhkukH/hHDpiC/Qyw94f+rrGM2VMPdJdDIdHf/cDjLNYgbFxSIJVlrBEoKByGranQrP3+3icyaMpJghTJ/KIF46vGwREnMiRfZoYHJfZgxkBt8cXF2B78iSdKNGeYagFlyeFFRldt2hxdWPQwCuWOCgEfomekNsjCoc84zHzAKtZiP7MdWH6UuBlibKNjwA8ou4xbnWE9Jx3KpUYLqtLf4j5djwIa6hayIDWVSjWp9vZpU7B46tIQ7v8TfcRZOXdVYNsjoa3VG0z52EM3ypbE6qTF3L+m/n7M68vzPxC5U0BAxnbaGhT6/YB5ZU0I+Rn4RLi7VVny79O8IbT2QAJylJD04Pqmgv6Az3niqZ+,iv:zyvzRphBZ6bQSHSXx8nPA5lVQrGlXQy7lh52xiq8opY=,tag:8rfQoLr24e98+fc7ncsLLw==,type:str] + ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] + known-hosts: ENC[AES256_GCM,data:dpUIAfOGg/DYKSyDRuvBusIvpbEj5kauwVPKCws2QZzIucHcnzLg/bAD+UG+8lKMk/Wvm6mItKA42nv/5sUYE7O1siU0a2NSPiNc9TMZsfYoeodwCKvNNLQV6oE7rfgFvoCHteFha51eQIvcwg7KVs/LDfgaH6qnXxNQd2iunMqVR8YFRjC8+fNM9xhe5EEaVDvdsGHCHQxawPGompQZCueNa+bvt1Hh4p0avlep9MuIEzBkxtqTspvsGZW/dowiEpehXKj1HjdiovxlMK6ZZziMsS8SJ+ftTLwaX2hVW4hnYNKwimNzC1o+ga+roOUVX7Csf3CelsMhd6BvhZOrf1kXWeRgjGEH1KH7CnxdTSHzGn70MDGfghzbm1TQerPPWKQQB7/GNAgYIdr32xvvaHrVyguR0SUrIfhaW7cYi4RXQuxqNbIDe5LtHE+GU6MPz+3QBuRUPOJlDI8TaGjZPDwBQoimwsBTnaQSGFcxnv8FOF9lIjRjXJNGkHKgk3JsFi/pRYIdbQ==,iv:cK88hnm4Q4llROhS/RwW/18NuZuIoFH+zs83PdaAT5E=,tag:Tb/rFgdvV5ed0sZ8GmXMVA==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:880678429748:key/b792c6d0-9cc9-415b-bd7f-628f55f1bfdd - created_at: '2020-03-25T06:14:04Z' - enc: AQICAHgUs9A8TLHKRtAfsjeKI9XtaqZmxQdyfMJP0RLxw9s4hQFQrIu5VVu6xfb7FDNud5LbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMgMC3B2N+bFI9H0ayAgEQgDsjGbkLvfY+hEzhm4gOE5RCV/cNuwsU9EMiqM5P7eB3bKEcpg2kF3hQMx6c52TJQhXUi9tOn+fiFsWcKg== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2020-11-10T08:30:37Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEKpUbHDalFEjlD8d3fR4q9AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMVx3MC+eezKTpmgXVAgEQgDs+wPQLWS7lCdr2AOw/3mnDnFggmNA6XSNDOj02Js6PC+wB+uDEjCJI73+I7WWItZSllOI2OblL09mVvw== aws_profile: "" - gcp_kms: - - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key - created_at: '2020-03-25T06:14:04Z' - enc: CiQA7dyWCt/ikCKkRctuCRI9R1V7Y5b8h2clAZSkgfwqRtfwSqwSSQD+2/5WZSJ6TAEWcUiECp1gGaGfr84iyVHzncUR7UgOJygjYyTHxNTjqVVFrR8+rk5nwEr29bsFYhKBw8WcJOiQfI60sP2Wscs= + gcp_kms: [] azure_kv: [] - lastmodified: '2020-04-18T05:28:40Z' - mac: ENC[AES256_GCM,data:vXzkOHEaAosh+jnIiM+fpeOTqD3C1DPdqblQPrvklTibWjVhNdlWn5ij8GC3zQbniMQaygIfJ8VWnUZboEPHggCp4A9UHjWHMY8wWJdBs4A+13qpfYjltUI0qlo5LCu7kzimwf+3eRO9HUIoAAZg9uf4j8XDqfPGAiUtSk5Tzj0=,iv:PcMtiqYs0luKX92qfBkqfeiPzvDLN2i2gKvUoRGlEZo=,tag:J80MCUqQiOd3LXbr7TXs0w==,type:str] + lastmodified: '2021-06-21T12:51:29Z' + mac: ENC[AES256_GCM,data:vXULUiFrIl4ytOAjIoeFQDHiBaBkAneug/tmZS3G47AkLyjsQReJiNmAGUt3SU6hMbBFHWgECfI2LxqjCha/ko261mU21pRVb/mptGofSm/iQNLCUu4/qmnQibNL99y9pzeKR95BUNZFEYqFLGjwKKB/C8X0GW6MpYW0WgA1+8Q=,iv:QWbYR411u4c51YX0FLcQaFuLKMxR3HxH1+QpcAhAY1o=,tag:I53/lbsFJ9pZoesEY2wcXQ==,type:str] pgp: - - created_at: '2020-03-25T06:14:04Z' + - created_at: '2020-11-10T08:30:37Z' enc: | -----BEGIN PGP MESSAGE----- - hQEMA+gtFIQvidpKAQgAlJCguMS9sddFcWmK6SRiQsS7woCZkrtYrqgpzcicA/Ib - za9lbrLta+DHbfNC+fKMXNA/T+GkKreJolDtfyXREJrNDAzqUcbCpvb6/kXPaeoF - 1cBHo31eAHxQQge0VEdGxpcIs7L6WZ8nPlwMOGz5Qhv4Iz+IHBzU5ulAiqeZZFeA - 3YcPl509kDOolPQgoRIsZZt/9SSzmb13/6FLRtWbiGAM+I4Eb0f59LStpXdQ2BeG - TiWl9RdCLrxBK/JhebauPhe6kgeaSer94Ik+/PmD94qhBYH87h9k4+hR5u7UQKcG - kKLpCuG93onzWXHYTt37HFn75a/kcLTK9eoTjEoyStJeAc/JJtaYhLYrXKBHLYml - i+l3XQsfISxJLomjS7GbIs45xARBMNeybfPjUxvO31GRTdaQIyUEJ7COD9TK+eGG - 17hDQlPFVQw4dSKPVFHt4WChR9KOlNf/esUiXGXxpA== - =uuWf + hQEMA+gtFIQvidpKAQf/WK9wtulEp0xnpmN3qP3ppNCgFHH6clItn+LyvxQWLjYQ + wACAgwk8Vp94DPfKzh2Jyqo2M6/AdH0r5INEHhQkJorDK8ZYKyUu9dT6lhBqGlvZ + BUHdmpCBuH+4nRU5nLssU4ACsSDCYdq80hE7QOm/7dE1NjipH3bnsXg8UnVOVbkv + TkIORITZD1lVHAR+vC69+HFNB2bvzfTy0hkDMcIFomjQj7MRQRW9aaBhg/Mp+dGV + 2rwN9miX/O+8XS/4wgk/mFgEA8njmQ6PEPtKH6OWgfbIyCehah9gBC7qN9IRQnoP + Y5F82Yam4TfK+/owNBR+gvsFFDkXIb4xXz4UsoDI2tJeAUu+XOUt8QfX1AZBVBgV + owioW4WUyc46yu82Y6QohFad8I3WvzAVR05YEjCB4wkNt5M/3t93FXl+CF6dE5Wn + TOFKVWi1+Kb3LVHB+ZcDmalImT/cnBLSFQoiqPO/Jg== + =gJic -----END PGP MESSAGE----- fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ + unencrypted_suffix: _unencrypted version: 3.5.0 diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index 50d795b4a2..7d6e4ea59d 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -10,9 +10,7 @@ cluster-configs: db-host: "db-host name" ## Add db-host name eg: egov-demo.database.azure.com db-name: "db-name" ## Add db-name db-url: "Add db-url" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "your Domain Name" ## Add your Domain Name - - + domain: "your Domain Name" ## Add your Domain Name egov-services-fqdn-name: "https:///" ## Add your Domain Name egov-state-level-tenant-id: "Add tenant id" ##example: pb s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name @@ -285,7 +283,7 @@ pdf-service: format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: persistence: enabled: true @@ -306,9 +304,49 @@ kafka-v2: minInsyncReplicas: "1" offsetsReplicationFactor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +#kafka-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +#kafka-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" +# storage-size: "75Gi +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: persistence: enabled: true @@ -329,9 +367,53 @@ zookeeper-v2: requests: cpu: 300m memory: 384Mi -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +# zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#zookeeper-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + + ## Zookeeper JVM Heap Option +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< +#zookeeper-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. + +# storage-size: 5Gi +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> elasticsearch-data-v1: image: tag: 6.6.2 @@ -351,6 +433,49 @@ elasticsearch-data-v1: memory: "896Mi" limits: memory: "896Mi" +## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# +# esJavaOpts: "-Xmx1g -Xms1g" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-data-v1 SDC<<<<<<<<<<<<<<< +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. +# storage-size: 25Gi +# esJavaOpts: "-Xmx1g -Xms1g" +# storage-size: 25Gi +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> elasticsearch-master-v1: replicas: 3 @@ -373,6 +498,49 @@ elasticsearch-master-v1: limits: memory: "896Mi" +## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# storage-size: 5Gi +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + es-curator: schedule: "45 18 * * *" images: From 7fd906cad39426ed9c3fb10117738a013d466a8a Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Tue, 6 Jul 2021 21:03:44 +0530 Subject: [PATCH 006/742] sample aws --- infra-as-code/terraform/sample-aws/main.tf | 34 ++++-------- infra-as-code/terraform/sample-aws/outputs.tf | 10 ++-- .../terraform/sample-aws/remote-state/main.tf | 6 +-- .../remote-state/terraform.tfstate.backup | 52 ------------------- .../terraform/sample-aws/variables.tf | 23 ++++---- 5 files changed, 24 insertions(+), 101 deletions(-) delete mode 100644 infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index cbd82cc339..07b7bc00c0 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,6 +1,6 @@ terraform { backend "s3" { - bucket = "egov-dev-terraform-state-store" + bucket = "try-workshop" key = "terraform" region = "ap-south-1" } @@ -13,21 +13,6 @@ module "network" { availability_zones = "${var.network_availability_zones}" } -module "db" { - source = "../modules/db/aws" - subnet_ids = "${module.network.private_subnets}" - vpc_security_group_ids = ["${module.network.rds_db_sg_id}"] - availability_zone = "${element(var.availability_zones, 0)}" - instance_class = "db.t3.medium" - engine_version = "11.5" - storage_type = "gp2" - storage_gb = "100" - backup_retention_days = "7" - administrator_login = "egovdev" - administrator_login_password = "${var.db_password}" - db_name = "${var.cluster_name}-db" - environment = "${var.cluster_name}" -} module "iam_user_deployer" { source = "terraform-aws-modules/iam/aws//modules/iam-user" @@ -100,10 +85,9 @@ module "eks" { name = "spot" subnets = "${concat(slice(module.network.private_subnets, 0, length(var.availability_zones)), slice(module.network.public_subnets, 0, length(var.availability_zones)))}" override_instance_types = "${var.override_instance_types}" - asg_max_size = 4 - asg_desired_capacity = 4 + asg_max_size = 3 + asg_desired_capacity = 3 kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" - additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] spot_allocation_strategy= "capacity-optimized" spot_instance_pools = null }, @@ -111,18 +95,18 @@ module "eks" { map_users = [ { - userarn = "${module.iam_user_deployer.this_iam_user_arn}" - username = "${module.iam_user_deployer.this_iam_user_name}" + userarn = "${module.iam_user_deployer.iam_user_arn}" + username = "${module.iam_user_deployer.iam_user_name}" groups = ["system:masters"] }, { - userarn = "${module.iam_user_admin.this_iam_user_arn}" - username = "${module.iam_user_admin.this_iam_user_name}" + userarn = "${module.iam_user_admin.iam_user_arn}" + username = "${module.iam_user_admin.iam_user_name}" groups = ["global-readonly", "digit-user"] }, { - userarn = "${module.iam_user_user.this_iam_user_arn}" - username = "${module.iam_user_user.this_iam_user_name}" + userarn = "${module.iam_user_user.iam_user_arn}" + username = "${module.iam_user_user.iam_user_name}" groups = ["global-readonly"] }, ] diff --git a/infra-as-code/terraform/sample-aws/outputs.tf b/infra-as-code/terraform/sample-aws/outputs.tf index 572ba7f943..4977165a37 100644 --- a/infra-as-code/terraform/sample-aws/outputs.tf +++ b/infra-as-code/terraform/sample-aws/outputs.tf @@ -49,18 +49,14 @@ output "kafka_vol_ids" { value = "${module.kafka.volume_ids}" } -output "db_rds_postgres_address" { - value = "${module.db.rds_postgres_address}" -} - output "deployer_secret_key_cmd" { - value = "${map(module.iam_user_deployer.this_iam_access_key_id, module.iam_user_deployer.keybase_secret_key_decrypt_command)}" + value = "${map(module.iam_user_deployer.iam_access_key_id, module.iam_user_deployer.keybase_secret_key_decrypt_command)}" } output "admin_secret_key_cmd" { - value = "${map(module.iam_user_admin.this_iam_access_key_id, module.iam_user_admin.keybase_secret_key_decrypt_command)}" + value = "${map(module.iam_user_admin.iam_access_key_id, module.iam_user_admin.keybase_secret_key_decrypt_command)}" } output "user_secret_key_cmd" { - value = "${map(module.iam_user_user.this_iam_access_key_id, module.iam_user_user.keybase_secret_key_decrypt_command)}" + value = "${map(module.iam_user_user.iam_access_key_id, module.iam_user_user.keybase_secret_key_decrypt_command)}" } \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/remote-state/main.tf b/infra-as-code/terraform/sample-aws/remote-state/main.tf index 95149e2824..23613a1153 100644 --- a/infra-as-code/terraform/sample-aws/remote-state/main.tf +++ b/infra-as-code/terraform/sample-aws/remote-state/main.tf @@ -3,7 +3,7 @@ provider "aws" { } resource "aws_s3_bucket" "terraform_state" { - bucket = "egov-dev-terraform-state-store" + bucket = "try-workshop" versioning { enabled = true @@ -15,7 +15,7 @@ resource "aws_s3_bucket" "terraform_state" { } resource "aws_dynamodb_table" "terraform_state_lock" { - name = "egov-dev-terraform-state-store" + name = "try-workshop" read_capacity = 1 write_capacity = 1 hash_key = "LockID" @@ -24,4 +24,4 @@ resource "aws_dynamodb_table" "terraform_state_lock" { name = "LockID" type = "S" } -} \ No newline at end of file +} diff --git a/infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup b/infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup deleted file mode 100644 index d52ebf5407..0000000000 --- a/infra-as-code/terraform/sample-aws/remote-state/terraform.tfstate.backup +++ /dev/null @@ -1,52 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.12.24", - "serial": 6, - "lineage": "6eb594e3-e01d-f71d-b28e-314e187a4fcb", - "outputs": {}, - "resources": [ - { - "mode": "managed", - "type": "aws_s3_bucket", - "name": "terraform_state", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "acceleration_status": "", - "acl": "private", - "arn": "arn:aws:s3:::egov-dev-terraform-state-store", - "bucket": "egov-dev-terraform-state-store", - "bucket_domain_name": "egov-dev-terraform-state-store.s3.amazonaws.com", - "bucket_prefix": null, - "bucket_regional_domain_name": "egov-dev-terraform-state-store.s3.ap-south-1.amazonaws.com", - "cors_rule": [], - "force_destroy": false, - "grant": [], - "hosted_zone_id": "Z11RGJOFQNVJUP", - "id": "egov-dev-terraform-state-store", - "lifecycle_rule": [], - "logging": [], - "object_lock_configuration": [], - "policy": null, - "region": "ap-south-1", - "replication_configuration": [], - "request_payer": "BucketOwner", - "server_side_encryption_configuration": [], - "tags": {}, - "versioning": [ - { - "enabled": true, - "mfa_delete": false - } - ], - "website": [], - "website_domain": null, - "website_endpoint": null - } - } - ] - } - ] -} diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 2cfaace2b6..f8d4db0b7a 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -2,22 +2,20 @@ # Variables Configuration # -## Add Cluster Name variable "cluster_name" { - default = "Cluster name" + default = "my-first-eks" } -## Add vpc_cidr_block variable "vpc_cidr_block" { - default = "CIDR" + default = "192.172.0.0/16" } variable "network_availability_zones" { - default = ["ap-south-1b", "ap-south-1a"] + default = ["ap-south-1a", "ap-south-1b"] } variable "availability_zones" { - default = ["ap-south-1b"] + default = ["ap-south-1a"] } variable "kubernetes_version" { @@ -25,11 +23,11 @@ variable "kubernetes_version" { } variable "instance_type" { - default = "r5a.large" + default = "m4.xlarge" } variable "override_instance_types" { - default = ["r5a.large", "r5ad.large", "r5d.large", "t3a.xlarge"] + default = ["r5a.large", "r5ad.large", "r5d.large", "m4.xlarge"] } @@ -37,15 +35,12 @@ variable "number_of_worker_nodes" { default = "3" } -##Add ssh key variable "ssh_key_name" { - default = "ssh key name" + default = "my-first-eks" } - - variable "iam_keybase_user" { - default = "keybase:egovterraform" + default = "keybase:mytf-key" } -variable "db_password" {} +variable "db_password" {} \ No newline at end of file From 8158cf62a0a78b56a1dbbbe54b5490108ce1c112 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Wed, 7 Jul 2021 15:25:32 +0530 Subject: [PATCH 007/742] db module --- infra-as-code/terraform/sample-aws/main.tf | 16 ++++++++++++++++ infra-as-code/terraform/sample-aws/variables.tf | 1 - 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 07b7bc00c0..bec0107082 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -14,6 +14,22 @@ module "network" { } +module "db" { + source = "../modules/db/aws" + subnet_ids = "${module.network.private_subnets}" + vpc_security_group_ids = ["${module.network.rds_db_sg_id}"] + availability_zone = "${element(var.availability_zones, 0)}" + instance_class = "db.t3.medium" + engine_version = "11.5" + storage_type = "gp2" + storage_gb = "100" + backup_retention_days = "7" + administrator_login = "egovdev" + administrator_login_password = "${var.db_password}" + db_name = "${var.cluster_name}-db" + environment = "${var.cluster_name}" +} + module "iam_user_deployer" { source = "terraform-aws-modules/iam/aws//modules/iam-user" diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index f8d4db0b7a..f547c5533a 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -42,5 +42,4 @@ variable "iam_keybase_user" { default = "keybase:mytf-key" } - variable "db_password" {} \ No newline at end of file From 6d796d04a551320761462f73e68607e09fecfcc5 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Wed, 7 Jul 2021 18:23:25 +0530 Subject: [PATCH 008/742] egov deployer --- deploy-as-code/egov-deployer/cmd/deploy.go | 2 +- deploy-as-code/egov-deployer/digit_setup.go | 442 +++++++++++------- deploy-as-code/egov-deployer/go.mod | 11 +- deploy-as-code/egov-deployer/go.sum | 18 + deploy-as-code/egov-deployer/main.go | 4 +- .../dependancy_chart-digit-v2.0.yaml | 144 ++++++ .../dependancy_chart-digit-v2.1.yaml | 144 ++++++ .../dependancy_chart-digit-v2.2.yaml | 144 ++++++ ....yaml => dependancy_chart-digit-v2.3.yaml} | 0 .../dependancy_chart-digit-v2.4.yaml | 144 ++++++ .../dependancy_chart-mGramSeva-v1.0.yaml | 146 ++++++ .../dependancy_chart-quickstart-v2.4.yaml | 52 +++ 12 files changed, 1084 insertions(+), 167 deletions(-) create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml rename deploy-as-code/helm/digit-release-versions/{digit_dependancy_chart-v2.3.yaml => dependancy_chart-digit-v2.3.yaml} (100%) create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml diff --git a/deploy-as-code/egov-deployer/cmd/deploy.go b/deploy-as-code/egov-deployer/cmd/deploy.go index 504796765f..dba5532282 100644 --- a/deploy-as-code/egov-deployer/cmd/deploy.go +++ b/deploy-as-code/egov-deployer/cmd/deploy.go @@ -18,7 +18,7 @@ package cmd import ( "errors" - "github.com/egovernments/eGov-infraOps/egov-deployer/pkg/cmd/deployer" + "github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer/pkg/cmd/deployer" "github.com/spf13/cobra" "github.com/spf13/viper" ) diff --git a/deploy-as-code/egov-deployer/digit_setup.go b/deploy-as-code/egov-deployer/digit_setup.go index 7632aae3f0..ce720f8a60 100644 --- a/deploy-as-code/egov-deployer/digit_setup.go +++ b/deploy-as-code/egov-deployer/digit_setup.go @@ -1,158 +1,284 @@ -package main - -import ( - "bytes" - "container/list" - "flag" - "fmt" - "io" - "io/ioutil" - "log" - "os" - "os/exec" - "strings" - - "gopkg.in/yaml.v2" -) - -//Defining a struct to parse the yaml file - -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - //Input the yaml file and the required service using flag - var argFile string - var env string - svclist := list.New() - fmt.Print("INFO: 1. Validating if chart file exists....") - flag.StringVar(&argFile, "f", "", "YAML file to parse.") - service := flag.String("s", "", "a string") - flag.StringVar(&env, "e", "", "a string var") - flag.Parse() - - if argFile == "" { - fmt.Println("\n\tWARNING: Please provide yaml file by using -f option") - return - } else { - fmt.Print("Success\n") - } - - // Decode the yaml file and assigning the values to a map - fmt.Print("INFO: 2. Reading chart file to install DIGIT Services....") - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } else { - fmt.Print("Success\n") - } - - // Parse the yaml values - fmt.Print("INFO: 3. Parsing chart file details....") - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return - } else { - fmt.Print("Success\n") - } - - // Mapping the images to servicename - fmt.Print("INFO: 4. Reading all services undier the service category....") - var m = make(map[string][]string) - set := NewSet() - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - } - fmt.Print("Success\n") - - //Checking dependencies of service on core or buisness services etc. - fmt.Println("INFO: 5. Mapping dependancies to the service category....") - var argStr string = "" - - getService(fullChart, *service, *set, svclist) - - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - - goPrintCmd := fmt.Sprintf("go run main.go deploy -e %s %s -p", env, argStr) - execCommand(goPrintCmd) - - var deploy string - fmt.Print("Do you want to deploy the mamifest to cluster? yes/no: ") - fmt.Scanf("%s", &deploy) - if deploy == "yes" || deploy == "YES" || deploy == "y" || deploy == "Y" { - goDeployCmd := fmt.Sprintf("go run main.go deploy -e %s %s", env, argStr) - execCommand(goDeployCmd) - } -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} - -func execCommand(command string) { - var err error - parts := strings.Fields(command) - log.Println("Printing full command part", parts) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - cmd := exec.Command(head, args...) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } -} - +package main + +import ( + "bytes" + "container/list" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "os" + "os/exec" + "strings" + s "strings" + + "github.com/manifoldco/promptui" + "gopkg.in/yaml.v2" +) + +var Reset = "\033[0m" +var Red = "\033[31m" +var Green = "\033[32m" +var Yellow = "\033[33m" +var Blue = "\033[34m" +var Purple = "\033[35m" +var Cyan = "\033[36m" +var Gray = "\033[37m" +var White = "\033[97m" + +//Defining a struct to parse the yaml file +type Digit struct { + Version string `yaml:"version"` + Modules []struct { + Name string `yaml:"name"` + Services []string `yaml:"services"` + Dependencies []string `yaml:"dependencies,omitempty"` + } `yaml:"modules"` +} + +type Set struct { + set map[string]bool +} + +func NewSet() *Set { + return &Set{make(map[string]bool)} +} +func (set *Set) Add(i string) bool { + _, found := set.set[i] + set.set[i] = true + return !found //False if it existed already +} +func (set *Set) Get(i string) bool { + _, found := set.set[i] + return found +} + +func main() { + var versionfiles []string + var envfiles []string + var modules []string + var selectedMod []string + svclist := list.New() + set := NewSet() + var argStr string = "" + + fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") + const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." + // Get the Proceedual of the user + fmt.Println(string(Cyan), sPreReq) + //var proceedQuestion string + preReqConfirm := []string{"Yes", "No"} + var proceed string = "" + proceed, _ = sel(preReqConfirm, "Are you good to proceed?") + if proceed == "Yes" { + contextset := setClusterContext() + if contextset { + // Get the versions from the chart and display it to user to select + files, err := ioutil.ReadDir("../helm/digit-release-versions/") + if err != nil { + log.Fatal(err) + } + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) + } + var version string = "" + version, _ = sel(versionfiles, "Which DIGIT Version You would like to install, Select below") + if version != "" { + argFile := "../helm/digit-release-versions/dependancy_chart-" + version + ".yaml" + + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Reading file =>", argFile, err) + return + } + + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) + if err != nil { + fmt.Println("\n\tERROR: Parsing => ", argFile, err) + return + } + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) + } + } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } + + } + } + + envfilesFromDir, err := ioutil.ReadDir("../helm/environments/") + if err != nil { + log.Fatal(err) + } + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") { + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } + } + + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") + fmt.Print("") + if env != "" { + var goDeployCmd string + confirm := []string{"Yes", "No"} + + goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + + preview, _ := sel(confirm, "Do you want to preview the manifests before the actual Deployment") + if preview == "Yes" { + goDeployCmd = fmt.Sprintf("%s -p", goDeployCmd) + fmt.Println("That's cool... The preview is getting loaded. Please review it and proceed with the deployment") + execCommand(goDeployCmd) + } + + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } + } + } + } + //} + } + } + } + fmt.Println("") + endScript() +} + +func getService(fullChart Digit, service string, set Set, svclist *list.List) { + for _, s := range fullChart.Modules { + if s.Name == service { + if set.Add(service) { + svclist.PushFront(service) //Add services into the list + if s.Dependencies != nil { + for _, deps := range s.Dependencies { + getService(fullChart, deps, set, svclist) + } + } + } + } + } +} + +func execCommand(command string) error { + var err error + parts := strings.Fields(command) + //log.Println("Printing full command part", parts) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + cmd := exec.Command(head, args...) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func setClusterContext() bool { + var contextset bool = false + var kubeconfig string = "" + + validatepath := func(input string) error { + _, err := os.Stat(input) + if os.IsNotExist(err) { + return errors.New("The File does not exist in the given path") + } + return nil + } + + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of the kubeconfig file") + + if kubeconfig != "" { + getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) + err := execCommand(getcontextcmd) + if err == nil { + context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") + if context != "" { + usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) + err := execCommand(usecontextcmd) + if err == nil { + contextset = true + } + } + } + } + return contextset +} + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank You!!!") + return +} diff --git a/deploy-as-code/egov-deployer/go.mod b/deploy-as-code/egov-deployer/go.mod index d9bb0cb409..f13b14bd86 100644 --- a/deploy-as-code/egov-deployer/go.mod +++ b/deploy-as-code/egov-deployer/go.mod @@ -1,14 +1,13 @@ -module github.com/egovernments/eGov-infraOps/egov-deployer +module github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer go 1.13 require ( + github.com/manifoldco/promptui v0.8.0 github.com/mitchellh/go-homedir v1.1.0 - github.com/spf13/afero v1.2.2 // indirect github.com/spf13/cobra v0.0.5 - github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/viper v1.6.1 - github.com/stretchr/testify v1.4.0 // indirect - golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 // indirect - golang.org/x/text v0.3.2 // indirect + gopkg.in/yaml.v2 v2.2.4 ) + +replace github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer => ../egov-deployer diff --git a/deploy-as-code/egov-deployer/go.sum b/deploy-as-code/egov-deployer/go.sum index 3365dedfc2..7da957e18d 100644 --- a/deploy-as-code/egov-deployer/go.sum +++ b/deploy-as-code/egov-deployer/go.sum @@ -8,6 +8,10 @@ github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= @@ -50,6 +54,8 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU= +github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= @@ -60,9 +66,17 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a h1:weJVJJRzAJBFRlAiJQROKQs8oC9vOxvm4rZmBBk0ONw= +github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/manifoldco/promptui v0.8.0 h1:R95mMF+McvXZQ7j1g8ucVZE1gLP3Sv6j9vlF9kyRqQo= +github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= +github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= @@ -103,6 +117,7 @@ github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= @@ -145,10 +160,13 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= diff --git a/deploy-as-code/egov-deployer/main.go b/deploy-as-code/egov-deployer/main.go index a7c851ee20..efc303e90c 100644 --- a/deploy-as-code/egov-deployer/main.go +++ b/deploy-as-code/egov-deployer/main.go @@ -15,8 +15,8 @@ limitations under the License. */ package main -import "github.com/egovernments/eGov-infraOps/egov-deployer/cmd" +import "github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer/cmd" func main() { - cmd.Execute() + cmd.Execute() } diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml new file mode 100644 index 0000000000..fba9e8bf81 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml @@ -0,0 +1,144 @@ +version: v2.0 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.1.0-582ddd0 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.0-3acc52b + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.0-07592ae + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-f9375a4 + - egovio/egov-persister:v1.1.0-9994513 + - egovio/egov-pg-service:v1.1.0-f9375a4 + - egovio/egov-searcher:v1.1.0-59d3598 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/pdf-service:v1.1.0-09b11d9 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.0-afb3913 + - egovio/billing-service:v1.1.0-4367159 + - egovio/egf-instrument:v1.1.0-87dfb2d + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.0-5553009 + - egovio/egov-hrms:v1.1.0-43cb793 + - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.0.0-5c70cea1d + - egovio/employee:v1.0.0-5c70cea1d + - egovio/digit-ui:v1.2.0-4016cc5-233 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/rainmaker-pgr:v1.1.0-5058d47e + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.0.0-ecf3410a + - egovio/pt-calculator-v2:v1.1.0-63e20365 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.0.0-67e5a1bc + - egovio/sw-services:v1.0.0-a2ee0ed4 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.0.0-1aeb87df + - bpa-services:v1.0.0-b5520589 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.0-c52ffe21 + - egovio/tl-services:v1.1.0-be11a0f5 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.0.0-ae96e930 + - firenoc-services:v1.0.0-4abf83d8 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.0.0-d7529cf4 + - egovio/ws-services:v1.0.0-67c2139c + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.0.0-d7529cf4 + - egovio/ws-services:v1.0.0-67c2139c + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.0.0-d7529cf4 + - egovio/ws-services:v1.0.0-67c2139c + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.3.1-a8da9ece-41 + - egovio/ws-services:v1.4.0-a8da9ece-9 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-28439fcd-10 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml new file mode 100644 index 0000000000..7f50dfff90 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml @@ -0,0 +1,144 @@ +version: v2.1 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.0-3acc52b + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.1-da68594-7 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-f9375a4 + - egovio/egov-persister:v1.1.1-58f6da0-9 + - egovio/egov-pg-service:v1.1.0-f9375a4 + - egovio/egov-searcher:v1.1.0-59d3598 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/pdf-service:v1.1.0-09b11d9 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.1-4f6c6f7-15 + - egovio/billing-service:v1.1.1-33b0fcf-14 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.2-3436cd5-4 + - egovio/egov-hrms:v1.1.0-43cb793 + - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.2.0-patch-a5a118ad6-280 + - egovio/employee:v1.2.0-a5a118ad6-291 + - egovio/digit-ui:dev-ad464d9-180 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.0.0-51bfb264-25 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.0-c4f9b279-48 + - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.0.0-1aeb87df-1 + - bpa-services:v1.1.0-02d3e507-1 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.1.0-ad7a3c61-4 + - firenoc-services:v1.1.0-ad7a3c61-6 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml new file mode 100644 index 0000000000..0b76841392 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml @@ -0,0 +1,144 @@ +version: v2.2 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.1-2bf24d01-8 + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.2-bd81e951-23 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-27f2fa2e-1 + - egovio/egov-persister:v1.1.2-2fc5d31a-17 + - egovio/egov-pg-service:v1.2.0-109a570c-21 + - egovio/egov-searcher:v1.1.1-b6e26f5a-7 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.2-9b0951ec-48 + - egovio/pdf-service:v1.1.1-8ff2e98b-12 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.2-2a911c3-89 + - egovio/billing-service:v1.2.1-6342a7f-65 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.3-409aa9b-9 + - egovio/egov-hrms:v1.2.0-528e4db-6 + - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.3.0-97bb648d2-715 + - egovio/employee:v1.3.0-97bb648d2-809 + - egovio/digit-ui:v1.0.0-1a04d0b-87 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.0-cfabecd3-87 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.3-0f4443f3-177 + - egovio/pt-calculator-v2:v1.1.2-c8d4b111-114 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.0.0-1aeb87df-1 + - bpa-services:v1.1.1-08161234-2 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.1.1-ad52954a-10 + - firenoc-services:v1.1.1-ad52954a-20 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.2.0-ad52954a-14 + - egovio/ws-services:v1.2.0-ad52954a-61 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/digit-release-versions/digit_dependancy_chart-v2.3.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/digit_dependancy_chart-v2.3.yaml rename to deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml new file mode 100644 index 0000000000..92b83b4223 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml @@ -0,0 +1,144 @@ +version: v2.4 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.0-667cb3d3-8 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.1-19a3ba19-5 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 + - egovio/egov-idgen:v1.2.2-2ee9ec37-3 + - egovio/egov-indexer:v1.1.4-2ee9ec37-3 + - egovio/egov-localization:v1.1.2-2ee9ec37-2 + - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 + - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 + - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-persister:v1.1.3-2ee9ec37-2 + - egovio/egov-pg-service:v1.2.2-2ee9ec37-17 + - egovio/egov-searcher:v1.1.3-2ee9ec37-2 + - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 + - egovio/egov-user:v1.2.4-d1d62cdf-11 + - egovio/user-otp:v1.1.3-2ee9ec37-6 + - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + - egovio/pdf-service:v1.1.4-a4e9bb2c-6 + - egovio/report:v1.3.2-07a30430-5 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.4-c3cba4b-15 + - egovio/billing-service:v1.3.2-7dfa157-22 + - egovio/egf-instrument:v1.1.3-b5944f0-1 + - egovio/egf-master:v1.1.2-b5944f0-2 + - egovio/egov-apportion-service:v1.1.4-ec514d1-12 + - egovio/egov-hrms:v1.2.2-57f79eb-1 + - egovio/finance-collections-voucher-consumer:v1.1.4-665e9d7-8 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.5.0-c1825dd69-291 + - egovio/employee:v1.5.0-c1825dd69-292 + - egovio/digit-ui:v1.2.0-4016cc5-233 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.5-a8da9ece-26 + - egovio/pt-calculator-v2:v1.1.4-ef94c644-20 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.3.1-a8da9ece-32 + - egovio/sw-services:v1.4.0-a8da9ece-8 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.1.0-4ee62c15-1 + - bpa-services:v1.1.3-2e687e00-7 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.3-0b2efd7f-3 + - egovio/tl-services:v1.1.4-a8da9ece-6 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.2.0-a8da9ece-3 + - firenoc-services:v1.3.0-090c647b-26 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.3.1-a8da9ece-41 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.3.1-a8da9ece-41 + - egovio/ws-services:v1.4.0-a8da9ece-9 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-28439fcd-10 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml new file mode 100644 index 0000000000..e73d09ad7c --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml @@ -0,0 +1,146 @@ +version: v1.0 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.0-3acc52b + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.1-da68594-7 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-f9375a4 + - egovio/egov-persister:v1.1.1-58f6da0-9 + - egovio/egov-pg-service:v1.1.0-f9375a4 + - egovio/egov-searcher:v1.1.0-59d3598 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/pdf-service:v1.1.0-09b11d9 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.1-4f6c6f7-15 + - egovio/billing-service:v1.1.1-33b0fcf-14 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.2-3436cd5-4 + - egovio/egov-hrms:v1.1.0-43cb793 + - egovio/dashboard-analytics:v1.1.1-14637ce-14 + - egovio/dashboard-ingest:v1.1.1-3436cd5-2 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.2.0-patch-6141c53a9-1070 + - egovio/employee:v1.2.0-a5a118ad6-291 + - egovio/digit-ui:dev-ad464d9-180 + + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.0.0-51bfb264-25 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.0-c4f9b279-48 + - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator + - bpa-services + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator + - firenoc-services + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml new file mode 100644 index 0000000000..c00d7c26a2 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml @@ -0,0 +1,52 @@ +version: v2.4 +modules: + - name: backbone + services: + - zookeeper + - kafka + - postgres + - name: authn-authz + services: + - redis + - nginx-ingress + - zuul:v1.3.0-667cb3d3-8 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.1-19a3ba19-5 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 + - egovio/egov-idgen:v1.2.2-2ee9ec37-3 + - egovio/egov-indexer:v1.1.4-2ee9ec37-3 + - egovio/egov-localization:v1.1.2-2ee9ec37-2 + - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 + - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 + - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-persister:v1.1.3-2ee9ec37-2 + - egovio/egov-searcher:v1.1.3-2ee9ec37-2 + - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 + - egovio/egov-user:v1.2.4-d1d62cdf-11 + - egovio/user-otp:v1.1.3-2ee9ec37-6 + - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + + - name: business + dependencies: + - "core" + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.5.0-c1825dd69-291 + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 + \ No newline at end of file From af38a252fc07de179caa2070a757acb280ee0b9a Mon Sep 17 00:00:00 2001 From: Sathish P Date: Fri, 6 Aug 2021 16:00:32 +0530 Subject: [PATCH 009/742] Updated dependency chart for DIGIT 2.5 Release (#270) * Create dependancy_chart-digit-v2.5.yaml * Update dependancy_chart-digit-v2.5.yaml --- .../dependancy_chart-digit-v2.5.yaml | 166 ++++++++++++++++++ 1 file changed, 166 insertions(+) create mode 100644 deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml new file mode 100644 index 0000000000..927bbc97b9 --- /dev/null +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml @@ -0,0 +1,166 @@ +version: v2.5 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.0-667cb3d3-8 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 + - egovio/egov-enc-service:v1.1.1-19a3ba19-5 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 + - egovio/egov-idgen:v1.2.2-2ee9ec37-3 + - egovio/egov-indexer:v1.1.5-196178f4-9 + - egovio/egov-localization:v1.1.2-4517fb39-3 + - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 + - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 + - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-persister:v1.1.3-2ee9ec37-2 + - egovio/egov-pg-service:v1.2.2-2ee9ec37-17 + - egovio/egov-searcher:v1.1.4-196178f4-7 + - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 + - egovio/egov-user:v1.2.5-196178f4-28 + - egovio/user-otp:v1.1.3-2ee9ec37-6 + - egovio/egov-workflow-v2:v1.2.0-f8601b36-49 + - egovio/pdf-service:v1.1.4-a4e9bb2c-16 + - egovio/report:v1.3.3-c1315264-15 + - egovio/chatbot:v1.1.5-196178f4-9 + - egovio/xstate-chatbot:v1.0.2-196178f4-190 + - egovio/egov-user-chatbot:v1.2.1-4976757 + - egovio/nlp-engine:v1.0.0-fbea6fba-21 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.5-33d01f1-38 + - egovio/billing-service:v1.3.3-581d2eb-54 + - egovio/egf-instrument:v1.1.3-b5944f0-1 + - egovio/egf-master:v1.1.2-b5944f0-2 + - egovio/egov-apportion-service:v1.1.4-ec514d1-12 + - egovio/egov-hrms:v1.2.3-464d95d-17 + - egovio/finance-collections-voucher-consumer:v1.1.5-cb9776c-11 + - name: utilities + dependencies: + - "core" + services: + - egovio/egov-custom-consumer:v1.1.0-7a6db73 + - egovio/egov-pdf:v1.1.1-caf76f9-17 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:v1.6.0-49e3d9211-609 + - egovio/employee:v1.6.0-49e3d9211-609 + - egovio/digit-ui:v1.3.0-e03ec9d-658 + - name: m_pgr #PGR + dependencies: + - "core" + - "business" + services: + - egovio/pgr-services:v1.1.3-e3052c649-13 + - egovio/rainmaker-pgr:v1.1.4-39d6a23fb-20 + - name: m_property-tax #PT + dependencies: + - "core" + - "business" + services: + - egovio/property-services:v1.1.6-dea64712f-117 + - egovio/pt-calculator-v2:v1.1.4-ef94c644-20 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "core" + - "business" + services: + - egovio/sw-calculator:v1.3.1-a8da9ece-32 + - egovio/sw-services:v1.4.1-e3052c649-22 + - name: m_bpa #BPA + dependencies: + - "core" + - "business" + services: + - egovio/bpa-calculator:v1.1.0-4ee62c15-1 + - egovio/bpa-services:v1.1.4-ebe6a2b30-20 + - egovio/land-services:v1.0.3-e3052c649-6 + - egovio/noc-services:v1.0.3-d89ad8118-11 + - name: m_trade-license #TL + dependencies: + - "core" + - "business" + services: + - egovio/tl-calculator:v1.1.3-0b2efd7f-3 + - egovio/tl-services:v1.1.5-d3163d602-29 + - name: m_firenoc #Fire NOC + dependencies: + - "core" + - "business" + services: + - firenoc-calculator:v1.2.0-a8da9ece-3 + - firenoc-services:v1.3.1-e3052c649-28 + - name: m_water-service #Water + dependencies: + - "core" + - "business" + services: + - egovio/ws-calculator:v1.3.1-a8da9ece-41 + - egovio/ws-services:v1.4.1-e3052c649-26 + - name: m_dss #dss + dependencies: + - "frontend" + - "core" + - "business" + services: + - egovio/dashboard-analytics:v1.1.5-33d01f1-20 + - egovio/dashboard-ingest:v1.1.3-6cb5d67-5 + - egovio/dss-dashboard:v1.6.0-520453001-21 + - name: m_fsm #fsm + dependencies: + - "core" + - "business" + services: + - egovio/fsm:v1.0.3-e3052c649-62 + - egovio/fsm-calculator:v1.0.0-39678039-14 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vehicle:v1.0.2-e3052c649-25 + - egovio/vendor:v1.0.2-e3052c649-23 + - name: m_echallan #eChallan + dependencies: + - "core" + - "business" + services: + - egovio/echallan-services:v1.0.3-0fbd202db-22 + - egovio/echallan-calculator:v1.0.1-e3052c649-7 + - name: Other #Other Services + dependencies: + - "core" + - "business" + services: + - egovio/inbox:v1.0.0-dd430b7a8-28 + - egovio/turn-io-adapter:v1.0.0-e3052c649-33 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/egov-edcr:v2.0.0-baa4485-19 + - name: m_finance #Finance + dependencies: + - "core" + services: + - egovio/egov-finance:v3.0.2-0d0a8db8ff-28 From 5ef878595f459c51d54a2b2508512c6e300a6410 Mon Sep 17 00:00:00 2001 From: Sathish P Date: Fri, 6 Aug 2021 21:38:30 +0530 Subject: [PATCH 010/742] Update dependancy_chart-digit-v2.5.yaml (#271) --- .../dependancy_chart-digit-v2.5.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml index 927bbc97b9..2fb1ad1d79 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml @@ -66,9 +66,9 @@ modules: dependencies: - "business" services: - - egovio/citizen:v1.6.0-49e3d9211-609 - - egovio/employee:v1.6.0-49e3d9211-609 - - egovio/digit-ui:v1.3.0-e03ec9d-658 + - egovio/citizen:v1.6.0-f2e14587d-616 + - egovio/employee:v1.6.0-f2e14587d-618 + - egovio/digit-ui:v1.3.0-e03ec9d-664 - name: m_pgr #PGR dependencies: - "core" @@ -145,13 +145,14 @@ modules: - "core" - "business" services: - - egovio/echallan-services:v1.0.3-0fbd202db-22 + - egovio/echallan-services:v1.0.3-fe3e42537-25 - egovio/echallan-calculator:v1.0.1-e3052c649-7 - name: Other #Other Services dependencies: - "core" - "business" services: + - egovio/egov-user-event:v1.1.3-a8da9ece-3 - egovio/inbox:v1.0.0-dd430b7a8-28 - egovio/turn-io-adapter:v1.0.0-e3052c649-33 - name: m_edcr #edcr From 52eef6f1332dadbe66ee80087f9f0281269a1c80 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 13 Sep 2021 13:46:39 +0530 Subject: [PATCH 011/742] Added ci demo env --- .../helm/environments/ci-demo-secrets.yaml | 127 ++++++++++++++++++ deploy-as-code/helm/environments/ci-demo.yaml | 78 +++++++++++ 2 files changed, 205 insertions(+) create mode 100644 deploy-as-code/helm/environments/ci-demo-secrets.yaml create mode 100644 deploy-as-code/helm/environments/ci-demo.yaml diff --git a/deploy-as-code/helm/environments/ci-demo-secrets.yaml b/deploy-as-code/helm/environments/ci-demo-secrets.yaml new file mode 100644 index 0000000000..09c5152f98 --- /dev/null +++ b/deploy-as-code/helm/environments/ci-demo-secrets.yaml @@ -0,0 +1,127 @@ +cluster-configs: + secrets: + jenkins: + clientId: ENC[AES256_GCM,data:xIQ1krQ+oWneuX561pAORjk4bo=,iv:sHlWi8ZdozHxSaLbfTfyVwl1zvMzSzyNB0uSbFYSZ3M=,tag:Slar++x9HSFxh9WpRJ/RhA==,type:str] + clientSecret: ENC[AES256_GCM,data:UBZaOhwHcpV345NekVTzXfWlVSfdXzpKvGQEzyzSf3ce5MVn4VrFJQ==,iv:uowONeS1XbZe2oeFtizgzcVKeOMHaCaAXF0XhlImD3M=,tag:j7lHeQerqrsEAfmRPaqzNg==,type:str] + gitReadSshPrivateKey: ENC[AES256_GCM,data:Li/nW6qHkH3345hXe9paeMncaz4ytyPtoipDTCnEb2pYBhObAMxAc5xUvqkdNrjc86mQj3sFDQcsQtJ6G1RiQMAF/XxKVhjPAQXl/6NdWpHg7hmh/JuhEClhYZeiyijZGuviMUOxIlX/Rxt2AczAPwt6K5z2DEHto55e/TGn3A9amzloX0RSGyELhCWKL2pVHBSk5UtIXXayRE7soGHSZOb86XWL+a8TTwsiO9/+/7dOVzvRiVDmr39T0qNjBxaIdr81NNMXvYrPUGsqxfd8hOEf+XT1OnoG7OOe2sCJMiS8to1WOnETsu34UHMA3msmp1MAQxDO9fdNOH9kvj5LvYM2tlOC3xHXrhxOp0GT6czBQr4ejwTQTcvb+Ys07l25WRm1DBVLngFf5hgwzyr/z4v7yuI0d+WvMXyLEumoTkpoX4JGT0AssI1NYksTKaHkaFrS+mBWd2M2tQDWn5HGz9cGSvpxbI5UIymvT1ypjWOTGrefsz06ukAd98bKGOReU+ExEEASLjjZk7nNy4FqCpLu+rz6FQzRDCw6vZkBO5hSm554gN7nzAYlCcx1aPUJdf1N5oDekID3rsbH51jvV36WjAJuiGbZ0R0psdFuGmsU1nDdogn9QWtc3ij+9rVkTla8giaQDrQ1vnDlk8BjCGoco4PP/g1WUDjS/eMkD27inBgfQOyKOKpTPyveDSOSM+YA+WNOyPTQWX50tB9Vl93rME4cFbI8rlFzSrzhbGEQoziWFjsed38NGkzbaKxo6gyEXaZHoFpIi4hXR4HwPHEk+aR1UArHTYV9EGtIRGWH+ka/xKFWky3QtBgpi5MKIOZ3Dmr5uUtGD0heEEWZH5kmwdbv5J/jooJxg/kmP4pKJn2D3VnNM4IVeFW78bsJbE+SGWgN4jzj7MtVoeC+bTdypam+CwJK+Ls4KvjE/1G5d0gk9SBY3QtzWFvUtsEDPM1B+RWYFhHM1iMRmSCRwk4Lu7BRV9LnUbyqwMIB2KhTljcXxH9t0SR6cJc7GHJKqCgvivsEuS/pSn6L+usoOHS9fHKr8t6xnI62uzlRNiUFNh7rzz7aiLzhZCoafUlAme/vGxuwsyd1u6T/iwiQhEYx5DyU1BI8lnUieRDc+HjzhuiaOju3cdzDIYGXhsIytoaw5/bPLwiOcEc17DC2vXnZ90wpCWaEAThnaOTc/9JedO1gxzqKrnAFHNqtDbZY9Obqwea+kMJA29tei1TYBBXj1fiRCZ5hz4blqd//1HQe3MgdvxEBQwX1XCTeGEgR3RMBWlJWhrD7j9zHjaCaL96iU1rLLdOhaJ81jInT5Yj0KWp3MhUFeV8p5y91IZlKBSoHxQ32gCA+ZGdXMhHbRB6ARV+l3j2DNnahtkV2qUJwIxlnS9ogHpPg7RQTOwnvs5O9+SET9y8KzunhtlD5JRupBl+UxtDTwUW7ltiu1aSk9aJuyneGuxqWsT67EvLBVtZ2llh/gtgftxm20Dttbu+DkBFuUUkJbZCrYE70LO56m7Hcc8eYlvaiTQkKUGi/5A7EJI5/XztJve917bOOTXZ49G62s9ubkiymNFsV65Mwf3j3D+sZ5A+/iHgSm7lw5kKH7VnvE3HtRDcAUP8dIIa574REcoPsw+yhe0/mK2+rfqCaNrgrgqVG/WGSvBGtpZKbVH3Y9E/tAbKGKJF+9YE7oJou0iabOn3zhlhZRk6R+8sac6PNfz1X4kLewIIl5I5IsALmj6pr959D/vVI/uYbI2XdUGyjrvFfouHOyW2KruVZgi/HOOzWmPd6Iezj0ydI9XmEjpHxSEpjLIn/88951hWV3iuslCQyT3RqvAk2RtF89b+SeeIKBDr6Vcf5FDTduLw9PuvCvCut0+U2+Jpx5tr35cpzW1JQO5Ug+WC1j8VC7xqYj/+dX1tavCO97e+idZ1A8zInuPMqEg9+8ZuFRup+ZKwgfrQEAGcG2Dmm27Ldz6J7EgH8YWtOM65j6qzogEFJ20CBNiSHKJkEuz0S2mZYisQhjJXR22JnAmNttT2pLanau/Z0TQFi2WrstPQ8mjKJGaTnEZoqfTXBf//SYq3i+k5DKtmHsMCJcrTVAgxX1fRE6vXXCKcHXsHxqAVXn3rvaxlKuWpnC5tzXeLgMMeEb1KMiiPHk7O+hEaiP1NBwZOnloXkIv/H+azDdbB64i+2EsFmqun5EmzT2DtZGYTr9toDjnl5oMjPl19kQtxtlhclHxgYycMaygird8u3H7EksrSJrmB4q9XAepBkPu9sfVHvkUDDO9avLnPway3g+OQfwxNlb0WQy4V4I0KKnQs6ment+mnRRa4NOmpzzBWDSsf2sfwFoWCruATd2vqRW0m3Pqnp2YrXer5wXn7uMrdLDU18jP0PLpTMYSFblZ1uSSwJRK26P/UQuFgcajzkJ+5SQLwqpGVtBRgGMdmiS3RAqFqiijP3EtYfdZc0RS3RBYrM2dSfm2Zrza/tkxCzpnzsfoWw1t9pMErtOt3+ksu/rUU8aR1Rf7RCh78YhPPp+rcI79hx3WfvRVMnPkqvZND6EZ4qTzAxosUS9+5tqkjxl3e1JN//tNd7O0vc0whs86J4y4kYtYEUBhcO0awZX5XyiRLtQB1EiK/x7iyYZd9W56mRmCMuck47Mb5W1XxcYbrUhjn5eHgzxJxqcfCVOUaFEmyP4toCQPtne/Exd0bOwUHwSvp07qffHLLNdsaErrIxcOj58OtRx//7EAVYGf3/eBz0zyPCGYkJIZzx2skCAujqQdQk67EZB1Rhg9YtmepakiQuiyRjzeMZP1466TXAgHL6AzycX6d0dfr+Ef/Y4tGl/d4wxgldycvMvpM3Cab0mp3RDJyr0kPXRhUgH/rb8sliBJQm961Qrct384FIUXHR3Im1zIcfXRsLNByNY4FZCazHhiv6tbO65WlXeyCfrJ97dYSZSsgPvVuXkYsPQ6vqD3yIQXU4maDqkC2KLdXd1L0mYM4aPL+F5tDCHzeHw1rqPfJBEfu6ln1alYxnTfYGZ8dQuyAgcYV09b5g3hBEWK7aw0y/vrUdjV2Jl+khZ8pJqFJx7bdYXDZaf9iFW8zpG4AaVuSNhM2QrIS/Xp/gzM/9rh8mMUOwjtVYzjRu0BIjq+UF+EHbXT86cByH+HBiMI1etTzReLrf6Co6bj5xroQYnS3e0F81JlKZcHsxaq6K1nFryXltJ6Q1/Uo7GfurKwC3Zz0TCmib4Fff6RktatPXcHK0fEQShCyS7/Kzin0rXLB1GkNHcZJFy5kz19vjAQ5uFGN16SIlNuIhJtloxSEK2S7KpFFnlnen5ruGAQEnzjlgZ+l3/suQ2ItLEAeRzD3OoCaXlCuzfaKtsGWIT+3sslQp9np5VN3dw9QDZnkA1nhrMtnGj890mNfXB/FY/XKcCsM1c0X5kHNEib3dCLXmjXr98IyH44VpE7belxCrdJ27iNyuKPL1dtkTHFElDNcQsKd5w1cz+pVDFrg0RIlS0wmlGUaz2NLRm38vgTqtt5jIXPnVrugkZjbU2AXMaj9OOHC8vui07peu8HfeGgbbCGLEXv61pjGalTf/71QsV1xxJ4TdZRmNIOD+S+7qjrCBj2UDBTJ+VMIETconi4WXOXtd8zCqEyppWX0rbBbZ7xuHG/iVX+v3K6W5INxIoeClE1DmhUlHaoqppK8pEdQGqbWJI00I9PPVQVw20Ff72AUrHeLGd4goOgDokJVeaVRHNkkeP7Pigd2HDGWCIQzjkkHqV86DFGMhapSUguMtQJhPi7oz3gSm+9x2G93kZUxe/xj8j7izEizuU/V139cfFtBkzt/XimiR838wjE7MflwEsnTMyiD5s+Pc1Z+cboD8G7aaGCFNUPdSQXkRTiOu+UyuaeO3H23z/e4+/UYjyCusF3rD4v943YNjDqevZjapsp6Xz7XvHZAbq9CvrLFq6S67FDVrwhQWgWjluyFYuuRq7r/kgE+b1GgE0Am4sGhC2KFU6XffqvSAG6CrrcKU7v9PcJ1LwcUQUbcCg5JCy7u1cx46IlR91Uaf9QCOFcKNSe5+N1yXEigIv27+QFlOybOUMUZA0yTE/Hytw+xeT5ivcVenxsBFjhuoZ3FONIUVAfNoemQs8x/w2/9g7JiK3BX+Gb6c3txYx4oHz+7McVE02BRQEZ7BNJ7z242IiwOrkZXBXL44poTQZhv/ZXu+7X4WRxtFcY6JaNCN+nZC3df12EI5hvPHVFKUmhz8XoG4IYFW+G5nt0VziBPTjLaKTATlgoC4WTjrUSZyJnxO9FcsP1aFtjhr9Tj6pgKVsAGZ5LXvrU5rUeGiDm6IQgc=,iv:TBgrviJ3vv0Gg1NL69hy/SGsIzLEw7E89v9VFNZbMac=,tag:TCWYv7/8MapzQvPtiq+MNg==,type:str] + gitReadAccessToken: ENC[AES256_GCM,data:X6JkMKWPAEU234viSCeay7EFYkbbA/F/YyIX8DUYcn3mIOA33OPjYwA==,iv:sTFbOSyI+6DqGk682nSkWBPEv/Jgdbz/8UfbgELSlMI=,tag:3br0+0/ysyAjtsRfBWcqnw==,type:str] + dockerConfigJson: ENC[AES256_GCM,data:SRZfLAd975Rw8342uVBL6MPUViW2NXMmpnWl66IuwJiqNGzSrhxLNY+B0ksvyHNebQX3koj7Rgq86sSSnhnlQy5jsDCbW49wrTOU1/dCyUVzgQ6TPW/ofHh0HRnyN9hW9upF1PrphZX7lr/4OQuw88Ri4fuAph7wLn8/pbiyOKLBoa/XH7cysmSdfEYcjzfSHBYGKbnL6UsTYAlVRq214oy7u+K00R+R5qF1jPS1e1FLwoXVZRLaVkR45b3ghLZGszp8,iv:MuTOBQBbEsldvA7t/BKh5Ewpc5eQ+HdTahYYuFJs4U0=,tag:ttDeDA8JSWnLeR1VdYjcPg==,type:str] + dockerUsername: ENC[AES256_GCM,data:q3tEOWPGZw==,iv:2345Lbr+HSnEu8PXS93amDRUE9V50JSO8CU/xDskJQEc=,tag:o8DbUsahqhAJ03neVAD0fA==,type:str] + dockerPassword: ENC[AES256_GCM,data:A7gq7P1/Z2TPiw==,iv:o6UXpQuv14/QrzossOiPAGj5CBMckcS8+123jxl6c=,tag:yx245PNa58XLSYzh/aB6jA==,type:str] + kubeConfigs: + dev: + apiVersion: ENC[AES256_GCM,data:jIc=,iv:V9fpGQfx0eTGNIUmc14ImHi6k4TkpkkL7cWX0i8E9w0=,tag:1NkS/8fx8wH6plyThdtIPw==,type:str] + clusters: + - cluster: + certificate-authority-data: ENC[AES256_GCM,data:uYC6SQ6S4WiiDJWCQAsHI+sadziRE5oDrj1gWYBYOCkno9qsljL74codv/lrQYKQ/9ji0PgzT5e/fveQlRGPwAQkAzi6EM31LaiM1wcoMZn4+UQDY6Z8WjyyoQBI/gMzBgmVnKZCPOo9Jz/fkFbLPLux0gekZQYZpwlfM4JWnEV2s2uvBv2v91Pl6ZKal/BuqpM8ZBFSbk3G/yJSSkCkOJ4VGU3Ve902ZiE6qelcmHNWvCowo4ZPW+vHFDEyP6JswDjngWJdvLwtv4dKZos/S+21tosYfitfSPpP3aBZGh/mcsez0I8KtqlEuCDN3y335ZqZAMJFh5smlBDh/IkmR6i2Vf/ll4mJKSUMizmDhHnzjxXCBU1K+tBxqxaV6C623fFVkKLy8zk5xyJZb76OVzq2qU1PxycESlsEz18txvTZBR5aViwqaA2ZBalcXsFCMOON+Jn9NXeb0A+kVD9REgTSOJEzIiBPx3BNvPtsF6cAnCY3y0N1rIbI7AiVLDyJXXX9dwjh11MgCytixY7djKjsrP7YIhXWHrKdcoQvRkY37WkYkXQ7VKz1MS30a+DFUtUP7qSIZx/yGRpcPQ7jyKojqn7tDsRE1eyx+CCOeTFs2YPwG8keFWVIJ/VyAFePizKa1ygeWXXByzghkAECywJk/NFb+RfqHcxa4H6U0mEBilT3BtnycY6URYbJUVVW60P75AtSHYwO0SOTsfCPKqivy/rkMwCBaPHyn+982flhh5u5ISJcYYtijRx6GYsMFxwb6GE6dsgWd0Nx3NorG6WSx4BUkvVIfNETzq04M/M24m0nBVKGN45/V+xViaR38aZNZagNQXcvDqjXZvQtUgMTu/YLx/4C8TIMhblRHQnntZKjlAhhA/JnrFwxY7voTozFdVxK+7ejzUxoBAcO7vjp/NVYnVHQyHvFrObKA5/EJgzzwylOH4o6vh7PRcauDIytUqETNHFQKQr35MI4E65FlHcdxxmPTWTZtE67PWgFggjZa6R+u7velOO62bQ2aMAPAeRw6RxGimX9RAxSzAQAtrywpJDT2iJXurvgFvB4PIoRXbdM8CcQeiMpu1gXmuXHfN4y4gpjAQ7J3YvUQt7tvLDcaKL3PgjYJwfyElrppxRtXX+Yn6iSYNOrby/P55SonRERAjJqmZcK9y/rKGfLe0MiVcJikO0ewAlHupepZ7GHjGBDEeyVx99t2PXukiAZYLuWanjs+CbmBXtVhOhlUq0K55QdwheOqE4JQ58w8PGNTa+lnCMXuz31tVWyDia5ZpU4Fi2/LCwyl+YbpneQJWgKa4ily9GzPf4J8BTJysXlJ+8AD2kQ4agMYkybcyNjxMG7C1apTb6BDwB7lazdMnyEs4uhC+cijrgeoqIjUqjBdHYwDzsuxPsHupKC+79kSqZ3cwp9Hv51ZR5ZQT5a6KybYGVtNB3EYXMsUpQoO6xr/7jI9V/ZtWvPo22+GzSK8BtbJ3ShcQ0F2TBTmAsHyREAXX7xgn3LYguWwV1saKOFWTIEigaNNZQXPwqOsP6vsipAyQtLOS5UXu92U1pM+42x50zR8S+3otcy1onTMaO4zIgLLVI5btAFoeA+4g0C8BE2SO3HfAdhrk22siyRve1qLGtnvwDGw4/Qfl/d12crj7t2k5/FDEu5X72zfESeq7W2e+F014E1TztAy5eLhs0uUeAtoZW55yKIWHUAsq5SRj9uOND2EyfudCo/PTUHCWebEej2UF5QKX21QOZvHmLI5T/PhJCIbRMlxYleM0si+VQhj8gOrlb84MCJ3isr38wVsz0Gybh+CdZQrHPTdA90FY9W,iv:XqYelD35KzETy+QCMVEh3V2UMKcjaUKDIFXN9URmmqg=,tag:Cr4FmQqoRsXxV3RmzNhjbw==,type:str] + server: ENC[AES256_GCM,data:b634kM8RmHlS9urUMkwaCq7TAYg+DMOk1otc/yMfHRg32B42hpiaIvOqehjNVMhU8FJFQ7bvrbIAKUqncVUyxtz9v+bWgQlB3Q==,iv:+qn4w2mxnjE1qKW1QjVaHf9B1i/m1D5Yl/PIczQdm9s=,tag:ii9dqSPfHfUMjFRxblRVTw==,type:str] + name: ENC[AES256_GCM,data:lCrCSTnjmMo+FQfV,iv:dJ96D+GFZiK4My5O9fdokDOq4GP1H6k1S5iXjx1MZlg=,tag:u/JcmCMVDWYGW4fN/jkujQ==,type:str] + contexts: + - context: + cluster: ENC[AES256_GCM,data:RVFc9y66MFuH+bTS,iv:uJgSD7QtsM+PhD8ft1CLiP8AxbA5HohOCuqKSfiLNh8=,tag:I1JrlLAVuWTOFw5DWCjCzw==,type:str] + namespace: ENC[AES256_GCM,data:U7vZUQ==,iv:NhxVyH0IJP4AYbdeqYCWRtQx7V2LV/rq5PChljDyNXY=,tag:h6e8CghFNmfSoj4docYMHg==,type:str] + user: ENC[AES256_GCM,data:BPQbMY6nfoLKbNV5,iv:kb6wv1e1QKyLsESC6IDtQeF8leRsMhfqLthy1VVFr6k=,tag:lhlHw/KQaEpXDtDQamGYWA==,type:str] + name: ENC[AES256_GCM,data:gsH5,iv:bIPEBou0cWf9m66iqU46SZ/5tW/yfnh0I8vG0lKJ2Ec=,tag:g2szAj2fISsC3Sb4r+e9lQ==,type:str] + current-context: ENC[AES256_GCM,data:BtjC,iv:PxN9e9N2/YFmMCgCXp7KEBrYR3qaKZlIuP88STsyZGA=,tag:awViisXyeOPNOReS35moxw==,type:str] + kind: ENC[AES256_GCM,data:urNG+zhW,iv:mUXTbXxAEQUIGIKQhhUfw0aMsikdwAY75ItHDT5EP5w=,tag:UJxRAGs+zg5D0DiS7Vf6aQ==,type:str] + preferences: {} + users: + - name: ENC[AES256_GCM,data:qpoxmGJhjgWgvLBz,iv:rD9NLA4TmbNJzjW8wpdoO54YYk1HSk3iQKb+ftdrF94=,tag:yHeQwSp2DlxSLEWiviW9Ug==,type:str] + user: + exec: + apiVersion: ENC[AES256_GCM,data:mcxYrct3qBDyM83Fcxj50hU/bnt1Ujd5ZwL9XrtaJMBqF00Xcw==,iv:4wMtee1rmc099yMn14QqPSyVx+cyrxhyB3YI3K5BO+0=,tag:TXlPlSCR50Hp93BnIDb09A==,type:str] + args: + - ENC[AES256_GCM,data:WBccCqo=,iv:gAYTv8l2JK2ATWyJI9zUdzNImULN4/74wDCZmOiCQ5s=,tag:unXsaf5Rk6V0hyyWF+sJhQ==,type:str] + - ENC[AES256_GCM,data:Nnc=,iv:nEF16NElpzgn6hGfdf+H2V0hxbRU5T3/thqNEixibzw=,tag:3e29ss83iDBQiAWkq+BN6A==,type:str] + - ENC[AES256_GCM,data:BEFo4c72MUA=,iv:FSXTo8t0vTxaDY1/NuahsKoLFY89zxh/z949RwMqnEM=,tag:6lSEnSBzjOKhoF6MEvQsIw==,type:str] + command: ENC[AES256_GCM,data:1nJVSi0/opG0+loZJthQDUQVuWaj,iv:4pbel7J43Liai/dZ6fEE8GjLGmaO038vC2W10raDTMg=,tag:vVC512y12+gqNtyPMRcz5g==,type:str] + env: + - name: ENC[AES256_GCM,data:wFoCj/5YAtdDtWoJs=,iv:xYLdRHQ/DTr9Ik5uTg0ndDDAVA9wQJySKNFD5QCvUjU=,tag:sNEf4GQ8AGqyatKCm1x3vg==,type:str] + value: ENC[AES256_GCM,data:lTCIimkOH7c65V9H+8BfEYvhzs0=,iv:4CBRdwiqRTRGL0KhOXHeU9RtohnbRrnrG+CKZOqbMaU=,tag:V+vikMOHH+jiREED6INq5Q==,type:str] + - name: ENC[AES256_GCM,data:jUXlLVlHsGYg0l3IhU+5iCgSA0aU,iv:zmXspNChwTTci9y35GzNDfberjFyhaHoHm645Y4M5S8=,tag:ebIcraixGpPqvJ5/EGyW9g==,type:str] + value: ENC[AES256_GCM,data:5ltZsyB77xuMZW98TyZ7Yxpt4Kg5Ltfe9ikp+8K+XKD7lgaOVIbw4g==,iv:oBPCT2KynhjtLaL0QPfO30QJfh1Tl0qt7g0pj9DuZNg=,tag:I1IhlUm5mUn24IYpPIhwjQ==,type:str] + - name: ENC[AES256_GCM,data:543==,iv:OC4mj2NLgjnlBFZz0UAJvuIUCxi2t48HrkfyQF+w18c=,tag:3Gw/n1Hsn4XYD30V4gKNog==,type:str] + value: ENC[AES256_GCM,data:Emak/6d4561AGQ==,iv:zZjWymapfRFZZvEiD/GpoyqFCbIeL8SS367QFMcDhmg=,tag:501Udo4IplvczQDG2yBOhQ==,type:str] + qa: + apiVersion: ENC[AES256_GCM,data:0VA=,iv:jtO3q9re8lOAebPd4u7+jGaItV8xG1XMALJHHJXPVP0=,tag:MfXMwUZ93o4L6EkNDEnXDA==,type:str] + clusters: + - cluster: + certificate-authority-data: ENC[AES256_GCM,data:4IpDBxtp+yn7r5Ff/GMDqw2Zs2hQfLJAnlJ5Fy0iR3emwQTZ7sG/1sJZNeJm1f01I+Mz7K5xPqM750OQEvowVzACTBtUNFa86n0q2hiYVJ7lE5TKruwk/4iRSdDNDCEV5ksdJqyAzWSscJgK7SFMxNdml/HZ3MZOr/mJEtAQ98bSDtL281BFktYNJ3W1DgPPE5CEZLnvGnP1Pn8r9aVcS1i1qIjPVho0HznNDiUw7vQD//yj9XYxQZg3aNlywKwMYBmtfHnwYmyNhBFr007kJJOGsLAjxZLdmPkuq/9d8qo82NEbPdHZjrRx0Cabv/NJTdcspx94Go+26o+h+Qo8ZhtlarTit4f1aQjzFEJ0dP66TQGamaxBmkmZH/HXdHqw7kzSL/ePsrYyhyrKc/tVtfEd4w2yS/yB3nTdtH0m5sgOHrwANVGLDpQuXowu9X1d/1iEK9lZvmI68bFoGtFNtD1YOo3HCZV84GiF5Adwrm3g8nCQN2KHwdZ7HhnmeaK8a7zxk4kt78bP0nnNLweRykXZM64oQG+zwzVV4jtx8FTVgg+CYOIsgK57/9C8XK35mvAxHVtDpZE+zDPpXbm8Y5m2Rfp9Y5CYVB+ao0VbsufWMaTw8CtXsX7zys0d0qKgoI94m7yDLJksuZgBpsHF/jhmRBYYIwwL6HCgI/VYPgwEkWruUJ0/pYY49AiORumPu1CsJ1GZ8pk9vRVinGJT6YTgI7CxE4qKf10sEXhv1lo/7M7y82MgbM8LPUUwHAVskvjhCjZY76QqNUs3a8dmV9eKg9LqqgXGqeHvV4BpB8FrnSRAaEAOkR6mduRxxVtSQ9IRXdYoBaVXDlsJjfwC5bNRmJxkBid6JY0KVI7ce2rOsRJXA3pcU8bJe1I6WzxoJLDJiu3dVfOtIVYgB9vGDjaDJHdXDVB0Ngs4vOav61AH3DEQa2p0/RvocT1o4+RZQReVAQwYQhcQATab0nbAUQy76FrN+MNaX5KSHBT+rsqSGI33Gm8EeUjHg0ZkDmVg06eis4zYOJvQSPiQEJ9Fb73a1RjMXJg4Dnra21AZXTEFIbIMmhWCyVKpVF6x5LU05WCkWFCmGx4day1CFxW0Mf/25CXEg7BEQ7LIASw6OsmmCpBC82QIC9Nijtqtr2mlLID8YiQ5z1mZjToy82VAyk+xjz2fonCRMm3vqlgLTlugUKEUAxWreIjx91jN5V0AR/9jzqmmbZrUt1nnHPjDATCLh9g19MmqtNdBVzlpXkG3RNPikz5OqXQtoS2vJMmFrJSgz01WIQENvDDwcdtz77tScP8x5CIJ2kQ2IYGDDoR2Nu9x0Eott/WMBVQPUiHrrcqrakXJxP4FwaAbvQoeiV57gZG3QyqktJCxw5VkNq6od3nC8OGtBEvKRN+eHPbYveI+vdfWK2QW7JhvykwrqNCHRynPTJ8pECPkFYXERNA1ZDEciJD9AkwFT/OodaiRy/uEZQyGMGLCyLhlZOoEeQDpdZdLPWW+jJue05n1HIwclI2/CpPWp55/BmgkRADLC3qmDK7r6oUUXx8ieVsfQxfydjz37A1wm3MTl/V6n+PGJkax4HDFajYUzRc0zYFi8CcHCNqy2uwUV/Gg9nziYvA2ZPrY2dFsgguHUdNPzKmk64bKdrLaoARppSlylbvWSCS+0mJM0f7R5LlaSCp6x04iFKcQJ7ERdLHaBT3Plg7kw+pX2KYhyLWcX+hxgq7HTlH0ghvxGHJlhyDfTNKeufXq5E+JYTYlUQh08uRXDM0CMSmGclQJ1qKzSo0TmnRoWMW50KYRLD63Yz+GY0JhXZ2tq1v8mI3p,iv:rIp5lVOf0Atrwh11GEhLnvR+9W3Vg3y7wmrnqKH19ZE=,tag:mRnI3ngyTthl2pzmIWybXg==,type:str] + server: ENC[AES256_GCM,data:wLRZkNw9VxWE4u/8pP3KQAsRPSpgRSuRTimlC8+y6OXVc2gwntz9R9aaMIu4kG47bMZTJML+K1q3K2M8W2tuL/D1/EwMiEipxQ==,iv:d1Icmt5ef9bQTwT7Cu7ZzdJcMm/kR0ieG3jrjvDHFFo=,tag:mG1JMvCcA7YX3dSx1RPlUA==,type:str] + name: ENC[AES256_GCM,data:cJ0klrPJjX9+6wc=,iv:BwsCEMXaVAzPfTyTirGh1TyVD0wjsBTLTvmCl6B0e7M=,tag:MrJeMiQDQYz0hrZg3A2DKw==,type:str] + contexts: + - context: + cluster: ENC[AES256_GCM,data:owNNGQccKT55Ux8=,iv:qMnefTjsXdOx4oTPiXJ720m3dXGwB2H0c2JH6gQucLU=,tag:ZESrowy9XRyjRGqsKgEOug==,type:str] + namespace: ENC[AES256_GCM,data:4hHTyA==,iv:qjOTG8dxepQxHi3qWqWRtpYnEwsrLosce2Ngy8gjJvk=,tag:lEpWXWmMyn19ZKOKApYShA==,type:str] + user: ENC[AES256_GCM,data:4nEUJ996VQZ30ec=,iv:b5OH8d0UYdLHZde9ypKB2ieitksWlbRMmQDkAosWY+U=,tag:9e5wwL8sLzUca64+YUUd/g==,type:str] + name: ENC[AES256_GCM,data:eRHfWV3j7w==,iv:xjGGPbowuWf4EmMrUpu1QxHpQktcXkaM23N7SsuUPsw=,tag:Es99fZrb1EqXbyNbHle62Q==,type:str] + current-context: ENC[AES256_GCM,data:AOJBiXIg0A==,iv:cixHxuShv7vR5JIe4YAAZzycwmGaOFkXI0nJwLAo53k=,tag:gI4uhJqwt8MmX1YvUt7XLA==,type:str] + kind: ENC[AES256_GCM,data:k3tEzPEk,iv:ihfR2N4s6hLZUp78BoAzHiR0iCb0CZ2sF45BCB8A/lo=,tag:9OOa2ku8a98we/eTzrzHWw==,type:str] + preferences: {} + users: + - name: ENC[AES256_GCM,data:G7lWK9NYbNjgYTY=,iv:X/v59PrLWbt1BRC0Okv3U/ARX9ksqC59ehXbroK4SyU=,tag:66kdbceCnhrAxfutKFF8Bw==,type:str] + user: + exec: + apiVersion: ENC[AES256_GCM,data:8O6c48fFjq6V9tGiSmgbLCIBFUbtU1MtudP2FQkUA75+HwTTVw==,iv:i0FOtrN8cNjsfoyfglmd+IpPDNXP7dM7r2A0hstwEH0=,tag:1jPqNxz1+0nVgGWsHIhr6A==,type:str] + args: + - ENC[AES256_GCM,data:FQ8DcSQ=,iv:9di5WFTRpyxq3Sr7xQgDd4+EhaUKjGRmWaltlfz0/YM=,tag:yNW/h+4jn2iitTVVGP51ng==,type:str] + - ENC[AES256_GCM,data:E1I=,iv:8Kc+QqWo7qaNNe9oZ+XpQ6BjNypuwHWI4iFZJOWhmZk=,tag:kxlzKn2oC5l2uG/+eRUzNA==,type:str] + - ENC[AES256_GCM,data:8kf12+Loxw==,iv:wCr9Fz10lo61QLYsNPMU/1c4+IYm+C3Y7XjzwMul2dM=,tag:adAdiw+oat1Wf+u+FNBZ+Q==,type:str] + command: ENC[AES256_GCM,data:ocBACWHB5/h2lZXz/Rz3IZXDnVyk,iv:Xw/5wJJ1wkmVURcW11kJ/PyB1ev4MyUjCs39oV5UEL8=,tag:3Dz5iJt7qO3yqzcWiJPzeA==,type:str] + env: + - name: ENC[AES256_GCM,data:djPX79/ubIQtuA6cQ0A=,iv:WYTRy6PWW8bZs6JXp5biboRGRerviWh9nfFonf1rRGk=,tag:iMdBzbAHv9nVWEECXvcdZA==,type:str] + value: ENC[AES256_GCM,data:mkCJvbngfO6V+M33bFudcAC3heE=,iv:9Y/ca21UYNa2ck6ko9ZCiGhDe6dHM6zYlVClxLbSgoU=,tag:WJPBqpisVA5OKDdqjT5TgA==,type:str] + - name: ENC[AES256_GCM,data:9gbWAGleKcnfLaF9dHfeawU9Lbsw,iv:sSAhL1SXnw/mFJ1luYH1llOOLK47qPHhcBcbsNrbfwM=,tag:mYXLklo03RmDP0QflWEC3w==,type:str] + value: ENC[AES256_GCM,data:vjNvbhgF81aPBF1ONkSNl2wx1qZxDYizHUR8CfbG84NqmNNbRxHXdw==,iv:GIKkElscAgL2qXDTNxb8+jllrYN5f3sc5Fl3qzplogk=,tag:c9CiOdASL/Ie41tBO8L/SQ==,type:str] + - name: ENC[AES256_GCM,data:yTjZzbHSC03OyA==,iv:CqX43YZw2vPpQlyYqYmhL26sejf48IJPMA11jx36f2c=,tag:YG8ecYcgr9LT+n7/KQTRcQ==,type:str] + value: ENC[AES256_GCM,data:4werhaP+2llGuA==,iv:xICs+Fwjo8FzFLEbvfb7Hi+pri7KVOwCVEOTIos7e4g=,tag:MArVDnPGkun7CksmUSm3pA==,type:str] + ci: + apiVersion: ENC[AES256_GCM,data:Qnc=,iv:RSLfsDrgvF+Q360X2kbEfospWbVB7ELbZX3bNY4D9Y4=,tag:c8fV9RhzmXX9FJTyf6TUhw==,type:str] + clusters: + - cluster: + certificate-authority-data: ENC[AES256_GCM,data:0emfjpxn5A7pbk1x44IxxS+ORsD3sEU++TYfz43sgY0Y1P3RxvyY4gOpnDNfLTqBQsdvY31922xjWdQTs6wX6DTZnZnuXNtn6eKhDn70MnAr9zfByj9RTV/aoq69BVZoWJWoOG+d/1IVyiFJEkFiel88czvzc7aoMp4Ww2zkfZjWebRnOSeGkb+pK+SgpMzqSCS9uI12t3a6B5jUh6WYfNlLsVSNnW1L3PvRjqOvSHMD3wPmJHk4p8PxIFjqQ0mT3Fyl6S3awmwYOVre/NmED988FOal7cRUlQYXFwPkbFofLJEM9jd7CjuGy2k6lnJ/Xco5paGvR8Q0tOn8/h49f6IE0pFwhylR8uSkzoXUcnhjM1lGtiO5T3vOjgsg1N+JuxCqNF3k3NbJvDbIMhqzh+1DsmqASfUnocVYBP1VDFK/MmTeGFd/ZUPmh7jfd1mAoF3juUuE7v0lMAkoXgEttxwdAM6mJdroC9trg7NkprIMAjOULBnIlqs2mFOzTM6RiFdYD9t2wJyB3kfUuvDO3GP7AsJF8cYNz+bl2iyyqaRtrTodjC8R+ih8FI0NxYX+xPZq4GvC2iK8dSU9CnEorEM7yw3rOtDNI191My3wKns2xz7eNTQEF2VLLDSdtxmdh+HpzaIo7dssqUGWl49Ie0lsY91TTBqEbtD/zAKk7CuFOR1yOJ14JCuguivwJT2odR2a8DM+fuc7jQNy0dG4RKg9o3X+7BgIprgudMg00eMqip7mglL1Fyu8HcQvFTBcvdEj5g1YMQtip+gpbJkx/AY2Za6U37Obb6VitAJbqRYcbpr4kbuGdJugUxH5BwpvecHgXqSMg4S4Uktlt3fSQJ6WZvU1Y63pUTQWXfzPXG4hL+SnWiVE3sXoJ38d1pVaul96k2bIv5ZRQHD3Xc3yoaubEAtRcMIJSTqG4qJOUHCd0Irj3fOeKbWrLnhaXISRIdi91dMfDu+SeyswePdx4YX/hXFRY1htnu9cmCBUsU0fh3qlFUN+BEV/CuGWx8Ohjtn8i3gxLhIe9GPdYXYUpA3kFsgJMg7Uc+WXJVh2bmV+pKD7PdwDh8a2UZJ5hsdNW6fTo/aU+cYRP39dSyVvmNtn7mBSaZXW5uwCbMAqaVSZFNYZhxyyTjyYiYREqQbAmbexmmLXyo0IXU2jcrzDUV/9E8d4uLuhetEfRaxJGo03oxhTXuq4nrcN8SO5+FZBegXoU49VZpPFq6PYPLn+Q7SHavKQYTJ1Fr0fIxKSSauYKlpRdW+A3ng9QbyjKWhVX3s2XlSHWg9+Y4p57L3x1VplzysvSe3Suq7BTkUQr6wETIMil4x6V62sMbtew4o59ltwUUsM8dFjfSWPQPl2RA+Ffh3YhHEAQys4XMdonml1vH/fRrH9VXo2qUkGD6HfcT0+VARJAKDgNMgl0B2HZ9kact26vWvOCfYEWqdehO6Q4/eizocMXKkGSJqKs4dC7hRLR1QBnndY1i+uNRXE0LZjcsXGsDtj80xSQkUS+gVXzlB3xOl3QbLGGHiZn3i9kOHUXAO+Wp6vQQwxJq0fh/7/j0QFJDEZUWa3k2mkoK1/b/soxr8wKN0GvTOHzKGzVckLKcYQcy7PePBGhXNzpfscdXqHkvhTxArkaTHlqId3AelmE9b8yWxIcK1K5ceQmrbxqisuEC5h4w8fReJ8fprylpHgcLhEsIlk5bmh+HGTl81aJkMwcTkXUsPspruJ1VSG0PXZ5o7i+et4HXREuw6syfw/XyzidKMi5AmTGUCwUrZ+dGYoXFNAbReU+hD4f0sSYcyGzjPlnVxRoOLRKNJgzwDFFP7u,iv:+Al5q1CEDtRoP9gRoGzao+Y1ktZQlEz8kqvNOvIVIiw=,tag:icrEVExAKGnQPGXSIzB/6w==,type:str] + server: ENC[AES256_GCM,data:tN3O9mv7wrbe8f9fiO4QRbR26LFeSDn28sLjuXRbpIvXraSqQeRDnQSDYPYdK8jogowtgJbvL7zEocgkLFK0+r/V54BFJBSwgQ==,iv:e0xcPtWw/Rorfn6AeMCloyA4cxKcFf5XB9YUM1Yv9KE=,tag:JQcA7RqOIR8UlkqZSQqJbQ==,type:str] + name: ENC[AES256_GCM,data:mZ1A2LF48Y8+M5V4rw==,iv:oCffwlbJXYz31ac2TGo8qB94LNf9DNkufx9Oq7WTmtM=,tag:gTQkyoz0yMSSXdOaD+LgvQ==,type:str] + contexts: + - context: + cluster: ENC[AES256_GCM,data:+QagNy9iiEl7SsiAXQ==,iv:M2ThYcim7nbQ1sxt1cMmqDyu1VL/Hroxuj1ffBQpYbc=,tag:WU5mVJSLBYBLv+HmLNa7iw==,type:str] + namespace: ENC[AES256_GCM,data:dvbhwSF/5g==,iv:H7AqH3Y7vAqiIKUNNAS5rP7g8EzM2XrCQniQSQ70oOo=,tag:pJtKtAH0WJG4Xn4uLg+0dA==,type:str] + user: ENC[AES256_GCM,data:929YN0AvHF7TTtNUTQ==,iv:uzrZKnBo5vHONTGPp2cb7o/dG0dvX0BvwQbUFDkx2hM=,tag:+vkzdJSDaTiHgjr1e0DzRQ==,type:str] + name: ENC[AES256_GCM,data:i1zKKTdQUvQOPpYzDA==,iv:Lpx5XUQzF+9HEp7/BZaApCGN0gVMD4ks2uPufuLnxdU=,tag:QLTsUTAy2zUYJdp+wSHLew==,type:str] + current-context: ENC[AES256_GCM,data:CNNX5NFpy3vMvIzlEA==,iv:B1m15h/0DGnkwj4jKTfeEw5mTXzita3u++wBKiXS3Cg=,tag:X4oOCmjjO65b+qjivQdIbA==,type:str] + kind: ENC[AES256_GCM,data:LahO8WjL,iv:3whYipH4ltnlxYH2RNFHxsMZ35DxAMFtIY7TBvAK/GM=,tag:RjyWvNbV0t6CwWSME62XeQ==,type:str] + preferences: {} + users: + - name: ENC[AES256_GCM,data:dR50jQH5rpF3uAUD9w==,iv:GVzZz9mDd9df9b+AtV99uSxP+1nnEk0HaS8hpwgC/bk=,tag:73S6tEzZekGQqdqOQDpIRQ==,type:str] + user: + exec: + apiVersion: ENC[AES256_GCM,data:rAXT3NQLQwAzgDQdVEF1XKEBnaMn90Sy1/F9EO6VA2fZmZNRyg==,iv:Ad4dsDP7guCah4lgijWh032Qyn4/iOtWDzT+IdKG9A0=,tag:XcuskfkWGnGAH7xw/C0FMw==,type:str] + args: + - ENC[AES256_GCM,data:pgfIqAY=,iv:o4Y6qW++L/zH3NqfaEZdmBD8IqI4DRsXuD1kqPWkn7k=,tag:n5ZOh2OLJo8FnVmEi1HmwA==,type:str] + - ENC[AES256_GCM,data:FeA=,iv:Gtrzfo3zTppMhVmIfDQOsh9ZkS1RhoJ2HrhivPhjK78=,tag:61gqTDs4obBDgg/bBxTo9g==,type:str] + - ENC[AES256_GCM,data:fPlo1RgCKZi5,iv:CqUzYOiGqNk+InIyh2TpwfTsGngqKQ5q+NxYvYY8Gz8=,tag:6o8chbaRM2Pg1td5JKjGKg==,type:str] + command: ENC[AES256_GCM,data:tsR6W17x2ysu91AjGONMEuj9pwaf,iv:3ujm+o3nvEo4uw8cvusf0kHQAyJbZB8hJKDAS1bTI/g=,tag:1ybuOF1u+T/Xh5F6ENDfzw==,type:str] + env: + - name: ENC[AES256_GCM,data:buAbimQGroCN9Wf7Ty0=,iv:IGPz54M9qZWkGeFzDdEKWuoyeP0mDXHQcswaJrTAMfU=,tag:NsquEFCswz6cKo5iXKIp/Q==,type:str] + value: ENC[AES256_GCM,data:i234pYBpxfAnlQp4yMud3ItbgE=,iv:Hj3FtD773wnO+SbLTE6pzs5xpnfpL4kx4tXHrcOswSY=,tag:6El8mWl5hEsEe69hiIEOzg==,type:str] + - name: ENC[AES256_GCM,data:0JFXk34GkTMZytZhEHgvbyRXNBA,iv:XGnaroUY+5Ij+QQ0uVQC/YmbMLKrojdQGKQJOhwQJ1g=,tag:DC+JXfzN8boVIqtNK3rQ+Q==,type:str] + value: ENC[AES256_GCM,data:rDEbdfghQxBfrd9nHyock66ACx4b5UEDLu2f2wusRjkuqF4gUbYJoQ==,iv:8bCRtGDFRu7YKPvcp/qVXiYPCYxf1nui6dqpNCJGTuo=,tag:sE5VIzxF0NzMzr3dNU8mhA==,type:str] + - name: ENC[AES256_GCM,data:7UPYdtDmRh5nag==,iv:VDznS4jMroXFjyRpLnfTYGA2jA0r563CUUzoDXC4LjQ=,tag:Uwq8UAM0CCp1CKaEeQ0Kqg==,type:str] + value: ENC[AES256_GCM,data:nfgrhj+8nA==,iv:YGktcYcjFUl0G09xc+mP7R1EHozlMfs3Vf1S5jB+1t8=,tag:Dqhl4LP0noj/GZVvaA+jlA==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2020-07-16T06:27:48Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGt0N8wLqktjyzxSiYwjBs4AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMG73vwk4q/FWeWwgFAgEQgDsF61W4Wstk2d88gxS+Ql8jg5h41lVQ7CqXccGntVHOJy0cWG8jPcVtmiLYrPj/JyOs6c06XKTy1/IYtw== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + lastmodified: '2021-08-11T10:34:59Z' + mac: ENC[AES256_GCM,data:uCzYOyjgpsorsqxkhlBuvks302rzSjGO2/Jydd41JPUkXAPZqvNuyESVPADwSUImIXH1/yoe7a9JNpmk1lPO5Qd2grOOOpmTWqwlTCvVeuhxkoX3YnmebTm3LoN5917thrI3x2Mc0Pk/QeSwGit3Bdgl4ESk0YUduDPmDz3iGYk=,iv:KScmHsk4aKzYmr5s7rEdTA1yw5oTZmmjrAIWBh+TxCU=,tag:EmXKP+d9mvCsyFTGuqmYhQ==,type:str] + pgp: + - created_at: '2020-07-16T06:27:48Z' + enc: "-----BEGIN PGP MESSAGE-----\r\n\r\nhQEMA+gtFIQvidpKAQf9FlfcstXejz7f804cGhSm0Eyrjkn+BV3zfdgqfCFu/kV5\r\n7rSZinxjfDG6FV1zWptlq1Tyv6w6Dg4+f1SatRLsM8wR/+Kb+PSkDgQcs19mM9R4\r\ne82dkywfjRwF7jBmFiSHwhMf9M8mHnpmtNJBIQu9lyFMVM7d/H5MKj72jXUmADEo\r\n78LQ8uxTOFWY7mfh0xBZYJ1P2gJgujar33CGQcT34iUxjScMZztwcBs15ZjqidbQ\r\nLkEsv1pVkn71MV/LZ5WLlC0b6/T+z0rJD+y4Kk44G3C3CxwuV4Ge3tCsejTy4itJ\r\nyY1DBb+l7l3ozO8pBqulQVhwDTh9Uz26Si6NFpxpbNJcAXGsbOBiayxAZTGV5eRn\r\nJF0w59TDHywO62qGG5yRS6EViEcrIzCIsX9LuwYKG4gdwsAVlqVEQIJVpF4bAR4y\r\nHhyoZvA43i9JYDj8/gpjvdek0daqU0NZ2HlSztQ=\r\n=33Ur\r\n-----END + PGP MESSAGE-----\r\n" + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + encrypted_regex: ^(secrets)$ + version: 3.5.0 diff --git a/deploy-as-code/helm/environments/ci-demo.yaml b/deploy-as-code/helm/environments/ci-demo.yaml new file mode 100644 index 0000000000..0d0c8339f4 --- /dev/null +++ b/deploy-as-code/helm/environments/ci-demo.yaml @@ -0,0 +1,78 @@ +global: + domain: ## Add your Domain Name Eg: site.mydomain.com +cluster-configs: + namespaces: + create: false + values: [ jenkins ] + root-ingress: + namespace: jenkins + serviceName: jenkins + servicePort: 8080 + appRoot: "" + cert-issuer: "letsencrypt-prod" + +jenkins: + persistence: + enabled: true + aws: + - volumeId: "vol-060d0b69accaf9312" # Add volume id for jenkins-home + zone: ap-south-1b # Add respective availability_zones + + oauth: + enabled: true + acl: + admin: + - egovernments*micro-service-devops # Add github team. Members of this team gets admin access on jenkins + user: # Add github team. Members of this team gets login access on jenkins + - egovernments*micro-service-dev + - egovernments*micro-service-qa + - egovernments*micro-service-uat + + + jobBuilder: # Add jobBuilder repo's, add repo's ssh link + repos: >- + 'git@github.com:egovernments/core-services.git','git@github.com:egovernments/business-services.git' + deploymentJobs: # Setup deploymentJobs ACL + - name: dev # deployment job name + acl: [egovernments*micro-service-dev] # GitHub team name, Members of the team get access to deployment job + - name: qa + acl: [egovernments*micro-service-qa] + - name: uat + acl: [egovernments*micro-service-uat] + + + master: + ingress: + enabled: true + resources: + limits: + cpu: "2000m" + memory: "4096Mi" + javaOpts: "-Xms2560M -Xmx2560M -Duser.timezone=Asia/Calcutta" + +nginx-ingress: + replicas: 1 + default-backend-service: "jenkins/jenkins" + namespace: jenkins + cert-issuer: "letsencrypt-staging" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + +cert-manager: + namespace: jenkins + email: "" # Add mail id + +cluster-autoscaler: + namespace: jenkins + cloudProvider: aws + awsRegion: ap-south-1 + autoDiscovery: + clusterName: # Add cluster name + tags: + - kubernetes.io/cluster/ # Add cluster name + From 7d2f3bd848ff27a8dc68a2d79a1830867ddbf9a2 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 13 Sep 2021 14:13:13 +0530 Subject: [PATCH 012/742] Added ci secret demo env --- .../cluster-configs/templates/secrets/jenkins-secret.yaml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml index 060f78c010..d93f0d9c13 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml @@ -12,14 +12,7 @@ data: gitReadSshPrivateKey: {{ index . "gitReadSshPrivateKey" | b64enc | quote }} gitReadAccessToken: {{ index . "gitReadAccessToken" | b64enc | quote }} dockerConfigJson: {{ index . "dockerConfigJson" | b64enc | quote }} - gcpServiceAccount: {{ index . "gcpServiceAccount" | b64enc | quote }} - gcpKmsServiceAccount: {{ index . "gcpKmsServiceAccount" | b64enc | quote }} - slackToken: {{ index . "slackToken" | b64enc | quote }} dockerUserName: {{ index . "dockerUsername" | b64enc | quote }} dockerPassword: {{ index . "dockerPassword" | b64enc | quote }} - nexusUsername: {{ index . "nexusUsername" | b64enc | quote }} - nexusPassword: {{ index . "nexusPassword" | b64enc | quote }} - ciDbUsername: {{ index . "ciDbUsername" | b64enc | quote }} - ciDbpassword: {{ index . "ciDbpassword" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 880cad0de359a2de56bdc9529dd5a6b36e39f7d1 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 13 Sep 2021 17:10:33 +0530 Subject: [PATCH 013/742] Update values.yaml --- .../charts/backbone-services/jenkins/values.yaml | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml index bece8b22c1..13c0da7a01 100644 --- a/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml @@ -480,22 +480,13 @@ master: definition { cps { script("""library 'ci-libs' - {{- if (eq $job.name "central-instance") }} - deployer(repo:'git@github.com:egovernments/DIGIT-DevOps.git', branch: 'central-instance', helmDir: 'deploy-as-code/helm', environment: '{{ $job.name }}')""") - sandbox() - } - } - disabled(false) - } - {{- else }} + deployer(repo:'git@github.com:egovernments/DIGIT-DevOps.git', branch: 'master', helmDir: 'deploy-as-code/helm', environment: '{{ $job.name }}')""") sandbox() } } disabled(false) - } - {{- end }} - + } {{- end }} @@ -935,4 +926,4 @@ backup: # Additional support can added. Visit this repository for details # Ref: https://github.com/maorfr/skbn destination: "s3://jenkins-data/backup" -checkDeprecation: true \ No newline at end of file +checkDeprecation: true From 860354902251186bb28aff7553a340fe549c77fb Mon Sep 17 00:00:00 2001 From: Nikesh Date: Thu, 14 Apr 2022 12:24:00 +0530 Subject: [PATCH 014/742] modified eks tf --- infra-as-code/terraform/sample-aws/main.tf | 142 +++++------------- infra-as-code/terraform/sample-aws/outputs.tf | 23 --- .../terraform/sample-aws/remote-state/main.tf | 12 +- .../terraform/sample-aws/variables.tf | 13 +- 4 files changed, 53 insertions(+), 137 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index bec0107082..e9a61b21d3 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,10 +1,4 @@ -terraform { - backend "s3" { - bucket = "try-workshop" - key = "terraform" - region = "ap-south-1" - } -} + module "network" { source = "../modules/kubernetes/aws/network" @@ -13,59 +7,6 @@ module "network" { availability_zones = "${var.network_availability_zones}" } - -module "db" { - source = "../modules/db/aws" - subnet_ids = "${module.network.private_subnets}" - vpc_security_group_ids = ["${module.network.rds_db_sg_id}"] - availability_zone = "${element(var.availability_zones, 0)}" - instance_class = "db.t3.medium" - engine_version = "11.5" - storage_type = "gp2" - storage_gb = "100" - backup_retention_days = "7" - administrator_login = "egovdev" - administrator_login_password = "${var.db_password}" - db_name = "${var.cluster_name}-db" - environment = "${var.cluster_name}" -} - -module "iam_user_deployer" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-deployer" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_admin" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-admin" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_user" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-user" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "test" has uploaded his public key here - https://keybase.io/test/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - data "aws_eks_cluster" "cluster" { name = "${module.eks.cluster_id}" } @@ -73,59 +14,42 @@ data "aws_eks_cluster" "cluster" { data "aws_eks_cluster_auth" "cluster" { name = "${module.eks.cluster_id}" } + provider "kubernetes" { host = "${data.aws_eks_cluster.cluster.endpoint}" cluster_ca_certificate = "${base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)}" token = "${data.aws_eks_cluster_auth.cluster.token}" - load_config_file = false - version = "~> 1.11" + #load_config_file = false } module "eks" { source = "terraform-aws-modules/eks/aws" + version = "17.24.0" cluster_name = "${var.cluster_name}" + vpc_id = "${module.network.vpc_id}" cluster_version = "${var.kubernetes_version}" subnets = "${concat(module.network.private_subnets, module.network.public_subnets)}" - tags = "${ - map( - "kubernetes.io/cluster/${var.cluster_name}", "owned", - "KubernetesCluster", "${var.cluster_name}" - ) - }" - - vpc_id = "${module.network.vpc_id}" - - worker_groups_launch_template = [ - { - name = "spot" - subnets = "${concat(slice(module.network.private_subnets, 0, length(var.availability_zones)), slice(module.network.public_subnets, 0, length(var.availability_zones)))}" - override_instance_types = "${var.override_instance_types}" - asg_max_size = 3 - asg_desired_capacity = 3 - kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" - spot_allocation_strategy= "capacity-optimized" - spot_instance_pools = null - }, - ] - - map_users = [ - { - userarn = "${module.iam_user_deployer.iam_user_arn}" - username = "${module.iam_user_deployer.iam_user_name}" - groups = ["system:masters"] - }, + worker_groups = [ { - userarn = "${module.iam_user_admin.iam_user_arn}" - username = "${module.iam_user_admin.iam_user_name}" - groups = ["global-readonly", "digit-user"] - }, - { - userarn = "${module.iam_user_user.iam_user_arn}" - username = "${module.iam_user_user.iam_user_name}" - groups = ["global-readonly"] - }, + name = "spot" + subnets = "${concat(slice(module.network.private_subnets, 0, length(var.availability_zones)))}" + override_instance_types = "${var.override_instance_types}" + kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" + additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] + asg_max_size = 4 + asg_desired_capacity = 4 + spot_allocation_strategy = "capacity-optimized" + spot_instance_pools = null + } ] + tags = "${ + tomap({ + "kubernetes.io/cluster/${var.cluster_name}" = "owned", + "KubernetesCluster" = "${var.cluster_name}" + }) + }" + } module "es-master" { @@ -136,7 +60,7 @@ module "es-master" { disk_prefix = "es-master" availability_zones = "${var.availability_zones}" storage_sku = "gp2" - disk_size_gb = "2" + disk_size_gb = "10" } module "es-data-v1" { @@ -147,7 +71,7 @@ module "es-data-v1" { disk_prefix = "es-data-v1" availability_zones = "${var.availability_zones}" storage_sku = "gp2" - disk_size_gb = "25" + disk_size_gb = "100" } @@ -159,7 +83,7 @@ module "zookeeper" { disk_prefix = "zookeeper" availability_zones = "${var.availability_zones}" storage_sku = "gp2" - disk_size_gb = "2" + disk_size_gb = "10" } @@ -171,6 +95,16 @@ module "kafka" { disk_prefix = "kafka" availability_zones = "${var.availability_zones}" storage_sku = "gp2" - disk_size_gb = "50" + disk_size_gb = "100" -} \ No newline at end of file +} + +data "aws_security_group" "node_sg" { + tags = { + Name = "${var.cluster_name}-eks_worker_sg" + } + depends_on = [ + module.eks + ] +} + diff --git a/infra-as-code/terraform/sample-aws/outputs.tf b/infra-as-code/terraform/sample-aws/outputs.tf index 4977165a37..12d82cb035 100644 --- a/infra-as-code/terraform/sample-aws/outputs.tf +++ b/infra-as-code/terraform/sample-aws/outputs.tf @@ -10,13 +10,6 @@ output "public_subnets" { value = module.network.public_subnets } -output "master_nodes_sg_id" { - value = module.network.master_nodes_sg_id -} - -output "worker_nodes_sg_id" { - value = module.network.worker_nodes_sg_id -} output "cluster_endpoint" { description = "Endpoint for EKS control plane." @@ -28,10 +21,6 @@ output "kubectl_config" { value = module.eks.kubeconfig } -output "config_map_aws_auth" { - description = "A kubernetes configuration to authenticate to this EKS cluster." - value = module.eks.config_map_aws_auth -} output "es_master_volume_ids" { value = "${module.es-master.volume_ids}" @@ -48,15 +37,3 @@ output "zookeeper_volume_ids" { output "kafka_vol_ids" { value = "${module.kafka.volume_ids}" } - -output "deployer_secret_key_cmd" { - value = "${map(module.iam_user_deployer.iam_access_key_id, module.iam_user_deployer.keybase_secret_key_decrypt_command)}" -} - -output "admin_secret_key_cmd" { - value = "${map(module.iam_user_admin.iam_access_key_id, module.iam_user_admin.keybase_secret_key_decrypt_command)}" -} - -output "user_secret_key_cmd" { - value = "${map(module.iam_user_user.iam_access_key_id, module.iam_user_user.keybase_secret_key_decrypt_command)}" -} \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/remote-state/main.tf b/infra-as-code/terraform/sample-aws/remote-state/main.tf index 23613a1153..0ef1c75312 100644 --- a/infra-as-code/terraform/sample-aws/remote-state/main.tf +++ b/infra-as-code/terraform/sample-aws/remote-state/main.tf @@ -5,15 +5,19 @@ provider "aws" { resource "aws_s3_bucket" "terraform_state" { bucket = "try-workshop" - versioning { - enabled = true - } - lifecycle { prevent_destroy = true } } +resource "aws_s3_bucket_versioning" "versioning" { + bucket = aws_s3_bucket.terraform_state.id + versioning_configuration { + status = "Enabled" + } +} + + resource "aws_dynamodb_table" "terraform_state_lock" { name = "try-workshop" read_capacity = 1 diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index f547c5533a..c073e3287d 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -7,19 +7,19 @@ variable "cluster_name" { } variable "vpc_cidr_block" { - default = "192.172.0.0/16" + default = "192.168.0.0/16" } variable "network_availability_zones" { - default = ["ap-south-1a", "ap-south-1b"] + default = ["ap-south-1b", "ap-south-1a"] } variable "availability_zones" { - default = ["ap-south-1a"] + default = ["ap-south-1b"] } variable "kubernetes_version" { - default = "1.18" + default = "1.20" } variable "instance_type" { @@ -38,8 +38,9 @@ variable "number_of_worker_nodes" { variable "ssh_key_name" { default = "my-first-eks" } + variable "iam_keybase_user" { - default = "keybase:mytf-key" + default = "keybase:egovterraform" } -variable "db_password" {} \ No newline at end of file + From fc56678e9aedfcf511faa5865ebafa5e1ea3dc6e Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 14 Apr 2022 12:26:08 +0530 Subject: [PATCH 015/742] Added aws_s3_bucket --- infra-as-code/terraform/sample-aws/main.tf | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index e9a61b21d3..68be92528b 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,4 +1,10 @@ - +terraform { + backend "s3" { + bucket = "try-workshop" + key = "terraform" + region = "ap-south-1" + } +} module "network" { source = "../modules/kubernetes/aws/network" From 32e9ae0947064d6561e892ed84038be676abe933 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 20 Apr 2022 09:45:44 +0530 Subject: [PATCH 016/742] Update main.tf --- infra-as-code/terraform/sample-aws/main.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 68be92528b..28053b425c 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -105,12 +105,4 @@ module "kafka" { } -data "aws_security_group" "node_sg" { - tags = { - Name = "${var.cluster_name}-eks_worker_sg" - } - depends_on = [ - module.eks - ] -} From 015733515c8bb07c43cbff5533a082b7730f5a92 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 20 Apr 2022 14:03:09 +0530 Subject: [PATCH 017/742] Update egov-demo-sample.yaml --- deploy-as-code/helm/environments/egov-demo-sample.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index 7d6e4ea59d..a3d76b0fc9 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -2,6 +2,10 @@ global: domain: ## Add your Domain Name Eg: site.mydomain.com cluster-configs: + namespaces: ## Set true to create muliple namespaces + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + root-ingress: cert-issuer: letsencrypt-prod configmaps: From a0ce861c7f272cf5f5bc033847b3a77a2e01eb82 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 20 Apr 2022 14:04:04 +0530 Subject: [PATCH 018/742] Update egov-demo.yaml --- deploy-as-code/helm/environments/egov-demo.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/environments/egov-demo.yaml b/deploy-as-code/helm/environments/egov-demo.yaml index 651ae66d39..8cc2f83b1f 100644 --- a/deploy-as-code/helm/environments/egov-demo.yaml +++ b/deploy-as-code/helm/environments/egov-demo.yaml @@ -3,6 +3,10 @@ global: moca-domain: epassapi.egovernments.org cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + root-ingress: cert-issuer: letsencrypt-prod configmaps: From df7af68aef5384e2b3d024725a3ca9dd4181e38d Mon Sep 17 00:00:00 2001 From: Nikesh Date: Thu, 21 Apr 2022 19:48:11 +0530 Subject: [PATCH 019/742] removed sops encryption --- deploy-as-code/helm/.sops.yaml | 25 --- .../dependancy_chart-digit-v2.1.yaml | 2 +- .../dependancy_chart-digit-v2.2.yaml | 2 +- .../dependancy_chart-digit-v2.3.yaml | 2 +- .../dependancy_chart-mGramSeva-v1.0.yaml | 2 +- .../helm/environments/ci-demo-secrets.yaml | 160 ++++++++---------- .../egov-demo-sample-secrets.yaml | 118 +------------ .../helm/environments/egov-demo-secrets.yaml | 94 +--------- 8 files changed, 83 insertions(+), 322 deletions(-) delete mode 100644 deploy-as-code/helm/.sops.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml deleted file mode 100644 index 2c38161ca3..0000000000 --- a/deploy-as-code/helm/.sops.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# creation rules are evaluated sequentially, the first match wins -creation_rules: - # upon creation of a file that matches the pattern *dev.yaml, - # KMS set A is used - # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - - path_regex: environments/egov-demo\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - # DEFAULT ------------------------------------------------------------------------------------------------------------- # - # Finally, if the rules above have not matched, this one is a - # catchall that will encrypt the file using KMS set C - # The absence of a path_regex means it will match everything - - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - #gcp_kms: 'projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key' - encrypted_regex: '^(secrets)$' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - # - path_regex: environments/dev\.yaml$ - # encrypted_regex: '^(secrets)$' - # kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - # pgp: 'C7ED80C79625B40667A6FAD6774DE10645AAD1BB' diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml index 7f50dfff90..06b87f8f28 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml @@ -14,7 +14,7 @@ modules: - redis - nginx-ingress - cert-manager - - zuul + - zuul:v1.1.0-582ddd0 - name: core dependencies: - "backbone" diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml index 0b76841392..ce109c453a 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml @@ -14,7 +14,7 @@ modules: - redis - nginx-ingress - cert-manager - - zuul + - zuul:v1.1.0-582ddd0 - name: core dependencies: - "backbone" diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml index 78769f38ce..066d971305 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml @@ -14,7 +14,7 @@ modules: - redis - nginx-ingress - cert-manager - - zuul + - zuul:v1.1.0-582ddd0 - name: core dependencies: - "backbone" diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml index e73d09ad7c..278e04304f 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml @@ -14,7 +14,7 @@ modules: - redis - nginx-ingress - cert-manager - - zuul + - zuul:v1.3.0-667cb3d3-8 - name: core dependencies: - "backbone" diff --git a/deploy-as-code/helm/environments/ci-demo-secrets.yaml b/deploy-as-code/helm/environments/ci-demo-secrets.yaml index 09c5152f98..40e6df68b4 100644 --- a/deploy-as-code/helm/environments/ci-demo-secrets.yaml +++ b/deploy-as-code/helm/environments/ci-demo-secrets.yaml @@ -1,127 +1,101 @@ cluster-configs: secrets: jenkins: - clientId: ENC[AES256_GCM,data:xIQ1krQ+oWneuX561pAORjk4bo=,iv:sHlWi8ZdozHxSaLbfTfyVwl1zvMzSzyNB0uSbFYSZ3M=,tag:Slar++x9HSFxh9WpRJ/RhA==,type:str] - clientSecret: ENC[AES256_GCM,data:UBZaOhwHcpV345NekVTzXfWlVSfdXzpKvGQEzyzSf3ce5MVn4VrFJQ==,iv:uowONeS1XbZe2oeFtizgzcVKeOMHaCaAXF0XhlImD3M=,tag:j7lHeQerqrsEAfmRPaqzNg==,type:str] - gitReadSshPrivateKey: ENC[AES256_GCM,data:Li/nW6qHkH3345hXe9paeMncaz4ytyPtoipDTCnEb2pYBhObAMxAc5xUvqkdNrjc86mQj3sFDQcsQtJ6G1RiQMAF/XxKVhjPAQXl/6NdWpHg7hmh/JuhEClhYZeiyijZGuviMUOxIlX/Rxt2AczAPwt6K5z2DEHto55e/TGn3A9amzloX0RSGyELhCWKL2pVHBSk5UtIXXayRE7soGHSZOb86XWL+a8TTwsiO9/+/7dOVzvRiVDmr39T0qNjBxaIdr81NNMXvYrPUGsqxfd8hOEf+XT1OnoG7OOe2sCJMiS8to1WOnETsu34UHMA3msmp1MAQxDO9fdNOH9kvj5LvYM2tlOC3xHXrhxOp0GT6czBQr4ejwTQTcvb+Ys07l25WRm1DBVLngFf5hgwzyr/z4v7yuI0d+WvMXyLEumoTkpoX4JGT0AssI1NYksTKaHkaFrS+mBWd2M2tQDWn5HGz9cGSvpxbI5UIymvT1ypjWOTGrefsz06ukAd98bKGOReU+ExEEASLjjZk7nNy4FqCpLu+rz6FQzRDCw6vZkBO5hSm554gN7nzAYlCcx1aPUJdf1N5oDekID3rsbH51jvV36WjAJuiGbZ0R0psdFuGmsU1nDdogn9QWtc3ij+9rVkTla8giaQDrQ1vnDlk8BjCGoco4PP/g1WUDjS/eMkD27inBgfQOyKOKpTPyveDSOSM+YA+WNOyPTQWX50tB9Vl93rME4cFbI8rlFzSrzhbGEQoziWFjsed38NGkzbaKxo6gyEXaZHoFpIi4hXR4HwPHEk+aR1UArHTYV9EGtIRGWH+ka/xKFWky3QtBgpi5MKIOZ3Dmr5uUtGD0heEEWZH5kmwdbv5J/jooJxg/kmP4pKJn2D3VnNM4IVeFW78bsJbE+SGWgN4jzj7MtVoeC+bTdypam+CwJK+Ls4KvjE/1G5d0gk9SBY3QtzWFvUtsEDPM1B+RWYFhHM1iMRmSCRwk4Lu7BRV9LnUbyqwMIB2KhTljcXxH9t0SR6cJc7GHJKqCgvivsEuS/pSn6L+usoOHS9fHKr8t6xnI62uzlRNiUFNh7rzz7aiLzhZCoafUlAme/vGxuwsyd1u6T/iwiQhEYx5DyU1BI8lnUieRDc+HjzhuiaOju3cdzDIYGXhsIytoaw5/bPLwiOcEc17DC2vXnZ90wpCWaEAThnaOTc/9JedO1gxzqKrnAFHNqtDbZY9Obqwea+kMJA29tei1TYBBXj1fiRCZ5hz4blqd//1HQe3MgdvxEBQwX1XCTeGEgR3RMBWlJWhrD7j9zHjaCaL96iU1rLLdOhaJ81jInT5Yj0KWp3MhUFeV8p5y91IZlKBSoHxQ32gCA+ZGdXMhHbRB6ARV+l3j2DNnahtkV2qUJwIxlnS9ogHpPg7RQTOwnvs5O9+SET9y8KzunhtlD5JRupBl+UxtDTwUW7ltiu1aSk9aJuyneGuxqWsT67EvLBVtZ2llh/gtgftxm20Dttbu+DkBFuUUkJbZCrYE70LO56m7Hcc8eYlvaiTQkKUGi/5A7EJI5/XztJve917bOOTXZ49G62s9ubkiymNFsV65Mwf3j3D+sZ5A+/iHgSm7lw5kKH7VnvE3HtRDcAUP8dIIa574REcoPsw+yhe0/mK2+rfqCaNrgrgqVG/WGSvBGtpZKbVH3Y9E/tAbKGKJF+9YE7oJou0iabOn3zhlhZRk6R+8sac6PNfz1X4kLewIIl5I5IsALmj6pr959D/vVI/uYbI2XdUGyjrvFfouHOyW2KruVZgi/HOOzWmPd6Iezj0ydI9XmEjpHxSEpjLIn/88951hWV3iuslCQyT3RqvAk2RtF89b+SeeIKBDr6Vcf5FDTduLw9PuvCvCut0+U2+Jpx5tr35cpzW1JQO5Ug+WC1j8VC7xqYj/+dX1tavCO97e+idZ1A8zInuPMqEg9+8ZuFRup+ZKwgfrQEAGcG2Dmm27Ldz6J7EgH8YWtOM65j6qzogEFJ20CBNiSHKJkEuz0S2mZYisQhjJXR22JnAmNttT2pLanau/Z0TQFi2WrstPQ8mjKJGaTnEZoqfTXBf//SYq3i+k5DKtmHsMCJcrTVAgxX1fRE6vXXCKcHXsHxqAVXn3rvaxlKuWpnC5tzXeLgMMeEb1KMiiPHk7O+hEaiP1NBwZOnloXkIv/H+azDdbB64i+2EsFmqun5EmzT2DtZGYTr9toDjnl5oMjPl19kQtxtlhclHxgYycMaygird8u3H7EksrSJrmB4q9XAepBkPu9sfVHvkUDDO9avLnPway3g+OQfwxNlb0WQy4V4I0KKnQs6ment+mnRRa4NOmpzzBWDSsf2sfwFoWCruATd2vqRW0m3Pqnp2YrXer5wXn7uMrdLDU18jP0PLpTMYSFblZ1uSSwJRK26P/UQuFgcajzkJ+5SQLwqpGVtBRgGMdmiS3RAqFqiijP3EtYfdZc0RS3RBYrM2dSfm2Zrza/tkxCzpnzsfoWw1t9pMErtOt3+ksu/rUU8aR1Rf7RCh78YhPPp+rcI79hx3WfvRVMnPkqvZND6EZ4qTzAxosUS9+5tqkjxl3e1JN//tNd7O0vc0whs86J4y4kYtYEUBhcO0awZX5XyiRLtQB1EiK/x7iyYZd9W56mRmCMuck47Mb5W1XxcYbrUhjn5eHgzxJxqcfCVOUaFEmyP4toCQPtne/Exd0bOwUHwSvp07qffHLLNdsaErrIxcOj58OtRx//7EAVYGf3/eBz0zyPCGYkJIZzx2skCAujqQdQk67EZB1Rhg9YtmepakiQuiyRjzeMZP1466TXAgHL6AzycX6d0dfr+Ef/Y4tGl/d4wxgldycvMvpM3Cab0mp3RDJyr0kPXRhUgH/rb8sliBJQm961Qrct384FIUXHR3Im1zIcfXRsLNByNY4FZCazHhiv6tbO65WlXeyCfrJ97dYSZSsgPvVuXkYsPQ6vqD3yIQXU4maDqkC2KLdXd1L0mYM4aPL+F5tDCHzeHw1rqPfJBEfu6ln1alYxnTfYGZ8dQuyAgcYV09b5g3hBEWK7aw0y/vrUdjV2Jl+khZ8pJqFJx7bdYXDZaf9iFW8zpG4AaVuSNhM2QrIS/Xp/gzM/9rh8mMUOwjtVYzjRu0BIjq+UF+EHbXT86cByH+HBiMI1etTzReLrf6Co6bj5xroQYnS3e0F81JlKZcHsxaq6K1nFryXltJ6Q1/Uo7GfurKwC3Zz0TCmib4Fff6RktatPXcHK0fEQShCyS7/Kzin0rXLB1GkNHcZJFy5kz19vjAQ5uFGN16SIlNuIhJtloxSEK2S7KpFFnlnen5ruGAQEnzjlgZ+l3/suQ2ItLEAeRzD3OoCaXlCuzfaKtsGWIT+3sslQp9np5VN3dw9QDZnkA1nhrMtnGj890mNfXB/FY/XKcCsM1c0X5kHNEib3dCLXmjXr98IyH44VpE7belxCrdJ27iNyuKPL1dtkTHFElDNcQsKd5w1cz+pVDFrg0RIlS0wmlGUaz2NLRm38vgTqtt5jIXPnVrugkZjbU2AXMaj9OOHC8vui07peu8HfeGgbbCGLEXv61pjGalTf/71QsV1xxJ4TdZRmNIOD+S+7qjrCBj2UDBTJ+VMIETconi4WXOXtd8zCqEyppWX0rbBbZ7xuHG/iVX+v3K6W5INxIoeClE1DmhUlHaoqppK8pEdQGqbWJI00I9PPVQVw20Ff72AUrHeLGd4goOgDokJVeaVRHNkkeP7Pigd2HDGWCIQzjkkHqV86DFGMhapSUguMtQJhPi7oz3gSm+9x2G93kZUxe/xj8j7izEizuU/V139cfFtBkzt/XimiR838wjE7MflwEsnTMyiD5s+Pc1Z+cboD8G7aaGCFNUPdSQXkRTiOu+UyuaeO3H23z/e4+/UYjyCusF3rD4v943YNjDqevZjapsp6Xz7XvHZAbq9CvrLFq6S67FDVrwhQWgWjluyFYuuRq7r/kgE+b1GgE0Am4sGhC2KFU6XffqvSAG6CrrcKU7v9PcJ1LwcUQUbcCg5JCy7u1cx46IlR91Uaf9QCOFcKNSe5+N1yXEigIv27+QFlOybOUMUZA0yTE/Hytw+xeT5ivcVenxsBFjhuoZ3FONIUVAfNoemQs8x/w2/9g7JiK3BX+Gb6c3txYx4oHz+7McVE02BRQEZ7BNJ7z242IiwOrkZXBXL44poTQZhv/ZXu+7X4WRxtFcY6JaNCN+nZC3df12EI5hvPHVFKUmhz8XoG4IYFW+G5nt0VziBPTjLaKTATlgoC4WTjrUSZyJnxO9FcsP1aFtjhr9Tj6pgKVsAGZ5LXvrU5rUeGiDm6IQgc=,iv:TBgrviJ3vv0Gg1NL69hy/SGsIzLEw7E89v9VFNZbMac=,tag:TCWYv7/8MapzQvPtiq+MNg==,type:str] - gitReadAccessToken: ENC[AES256_GCM,data:X6JkMKWPAEU234viSCeay7EFYkbbA/F/YyIX8DUYcn3mIOA33OPjYwA==,iv:sTFbOSyI+6DqGk682nSkWBPEv/Jgdbz/8UfbgELSlMI=,tag:3br0+0/ysyAjtsRfBWcqnw==,type:str] - dockerConfigJson: ENC[AES256_GCM,data:SRZfLAd975Rw8342uVBL6MPUViW2NXMmpnWl66IuwJiqNGzSrhxLNY+B0ksvyHNebQX3koj7Rgq86sSSnhnlQy5jsDCbW49wrTOU1/dCyUVzgQ6TPW/ofHh0HRnyN9hW9upF1PrphZX7lr/4OQuw88Ri4fuAph7wLn8/pbiyOKLBoa/XH7cysmSdfEYcjzfSHBYGKbnL6UsTYAlVRq214oy7u+K00R+R5qF1jPS1e1FLwoXVZRLaVkR45b3ghLZGszp8,iv:MuTOBQBbEsldvA7t/BKh5Ewpc5eQ+HdTahYYuFJs4U0=,tag:ttDeDA8JSWnLeR1VdYjcPg==,type:str] - dockerUsername: ENC[AES256_GCM,data:q3tEOWPGZw==,iv:2345Lbr+HSnEu8PXS93amDRUE9V50JSO8CU/xDskJQEc=,tag:o8DbUsahqhAJ03neVAD0fA==,type:str] - dockerPassword: ENC[AES256_GCM,data:A7gq7P1/Z2TPiw==,iv:o6UXpQuv14/QrzossOiPAGj5CBMckcS8+123jxl6c=,tag:yx245PNa58XLSYzh/aB6jA==,type:str] + clientId: + clientSecret: + gitReadSshPrivateKey: + gitReadAccessToken: + dockerConfigJson: + dockerUsername: + dockerPassword: kubeConfigs: dev: - apiVersion: ENC[AES256_GCM,data:jIc=,iv:V9fpGQfx0eTGNIUmc14ImHi6k4TkpkkL7cWX0i8E9w0=,tag:1NkS/8fx8wH6plyThdtIPw==,type:str] + apiVersion: v1 clusters: - cluster: - certificate-authority-data: ENC[AES256_GCM,data:uYC6SQ6S4WiiDJWCQAsHI+sadziRE5oDrj1gWYBYOCkno9qsljL74codv/lrQYKQ/9ji0PgzT5e/fveQlRGPwAQkAzi6EM31LaiM1wcoMZn4+UQDY6Z8WjyyoQBI/gMzBgmVnKZCPOo9Jz/fkFbLPLux0gekZQYZpwlfM4JWnEV2s2uvBv2v91Pl6ZKal/BuqpM8ZBFSbk3G/yJSSkCkOJ4VGU3Ve902ZiE6qelcmHNWvCowo4ZPW+vHFDEyP6JswDjngWJdvLwtv4dKZos/S+21tosYfitfSPpP3aBZGh/mcsez0I8KtqlEuCDN3y335ZqZAMJFh5smlBDh/IkmR6i2Vf/ll4mJKSUMizmDhHnzjxXCBU1K+tBxqxaV6C623fFVkKLy8zk5xyJZb76OVzq2qU1PxycESlsEz18txvTZBR5aViwqaA2ZBalcXsFCMOON+Jn9NXeb0A+kVD9REgTSOJEzIiBPx3BNvPtsF6cAnCY3y0N1rIbI7AiVLDyJXXX9dwjh11MgCytixY7djKjsrP7YIhXWHrKdcoQvRkY37WkYkXQ7VKz1MS30a+DFUtUP7qSIZx/yGRpcPQ7jyKojqn7tDsRE1eyx+CCOeTFs2YPwG8keFWVIJ/VyAFePizKa1ygeWXXByzghkAECywJk/NFb+RfqHcxa4H6U0mEBilT3BtnycY6URYbJUVVW60P75AtSHYwO0SOTsfCPKqivy/rkMwCBaPHyn+982flhh5u5ISJcYYtijRx6GYsMFxwb6GE6dsgWd0Nx3NorG6WSx4BUkvVIfNETzq04M/M24m0nBVKGN45/V+xViaR38aZNZagNQXcvDqjXZvQtUgMTu/YLx/4C8TIMhblRHQnntZKjlAhhA/JnrFwxY7voTozFdVxK+7ejzUxoBAcO7vjp/NVYnVHQyHvFrObKA5/EJgzzwylOH4o6vh7PRcauDIytUqETNHFQKQr35MI4E65FlHcdxxmPTWTZtE67PWgFggjZa6R+u7velOO62bQ2aMAPAeRw6RxGimX9RAxSzAQAtrywpJDT2iJXurvgFvB4PIoRXbdM8CcQeiMpu1gXmuXHfN4y4gpjAQ7J3YvUQt7tvLDcaKL3PgjYJwfyElrppxRtXX+Yn6iSYNOrby/P55SonRERAjJqmZcK9y/rKGfLe0MiVcJikO0ewAlHupepZ7GHjGBDEeyVx99t2PXukiAZYLuWanjs+CbmBXtVhOhlUq0K55QdwheOqE4JQ58w8PGNTa+lnCMXuz31tVWyDia5ZpU4Fi2/LCwyl+YbpneQJWgKa4ily9GzPf4J8BTJysXlJ+8AD2kQ4agMYkybcyNjxMG7C1apTb6BDwB7lazdMnyEs4uhC+cijrgeoqIjUqjBdHYwDzsuxPsHupKC+79kSqZ3cwp9Hv51ZR5ZQT5a6KybYGVtNB3EYXMsUpQoO6xr/7jI9V/ZtWvPo22+GzSK8BtbJ3ShcQ0F2TBTmAsHyREAXX7xgn3LYguWwV1saKOFWTIEigaNNZQXPwqOsP6vsipAyQtLOS5UXu92U1pM+42x50zR8S+3otcy1onTMaO4zIgLLVI5btAFoeA+4g0C8BE2SO3HfAdhrk22siyRve1qLGtnvwDGw4/Qfl/d12crj7t2k5/FDEu5X72zfESeq7W2e+F014E1TztAy5eLhs0uUeAtoZW55yKIWHUAsq5SRj9uOND2EyfudCo/PTUHCWebEej2UF5QKX21QOZvHmLI5T/PhJCIbRMlxYleM0si+VQhj8gOrlb84MCJ3isr38wVsz0Gybh+CdZQrHPTdA90FY9W,iv:XqYelD35KzETy+QCMVEh3V2UMKcjaUKDIFXN9URmmqg=,tag:Cr4FmQqoRsXxV3RmzNhjbw==,type:str] - server: ENC[AES256_GCM,data:b634kM8RmHlS9urUMkwaCq7TAYg+DMOk1otc/yMfHRg32B42hpiaIvOqehjNVMhU8FJFQ7bvrbIAKUqncVUyxtz9v+bWgQlB3Q==,iv:+qn4w2mxnjE1qKW1QjVaHf9B1i/m1D5Yl/PIczQdm9s=,tag:ii9dqSPfHfUMjFRxblRVTw==,type:str] - name: ENC[AES256_GCM,data:lCrCSTnjmMo+FQfV,iv:dJ96D+GFZiK4My5O9fdokDOq4GP1H6k1S5iXjx1MZlg=,tag:u/JcmCMVDWYGW4fN/jkujQ==,type:str] + server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com + certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + name: demo contexts: - context: - cluster: ENC[AES256_GCM,data:RVFc9y66MFuH+bTS,iv:uJgSD7QtsM+PhD8ft1CLiP8AxbA5HohOCuqKSfiLNh8=,tag:I1JrlLAVuWTOFw5DWCjCzw==,type:str] - namespace: ENC[AES256_GCM,data:U7vZUQ==,iv:NhxVyH0IJP4AYbdeqYCWRtQx7V2LV/rq5PChljDyNXY=,tag:h6e8CghFNmfSoj4docYMHg==,type:str] - user: ENC[AES256_GCM,data:BPQbMY6nfoLKbNV5,iv:kb6wv1e1QKyLsESC6IDtQeF8leRsMhfqLthy1VVFr6k=,tag:lhlHw/KQaEpXDtDQamGYWA==,type:str] - name: ENC[AES256_GCM,data:gsH5,iv:bIPEBou0cWf9m66iqU46SZ/5tW/yfnh0I8vG0lKJ2Ec=,tag:g2szAj2fISsC3Sb4r+e9lQ==,type:str] - current-context: ENC[AES256_GCM,data:BtjC,iv:PxN9e9N2/YFmMCgCXp7KEBrYR3qaKZlIuP88STsyZGA=,tag:awViisXyeOPNOReS35moxw==,type:str] - kind: ENC[AES256_GCM,data:urNG+zhW,iv:mUXTbXxAEQUIGIKQhhUfw0aMsikdwAY75ItHDT5EP5w=,tag:UJxRAGs+zg5D0DiS7Vf6aQ==,type:str] - preferences: {} + cluster: demo + user: demo + name: demo + current-context: demo users: - - name: ENC[AES256_GCM,data:qpoxmGJhjgWgvLBz,iv:rD9NLA4TmbNJzjW8wpdoO54YYk1HSk3iQKb+ftdrF94=,tag:yHeQwSp2DlxSLEWiviW9Ug==,type:str] + - name: demo user: exec: - apiVersion: ENC[AES256_GCM,data:mcxYrct3qBDyM83Fcxj50hU/bnt1Ujd5ZwL9XrtaJMBqF00Xcw==,iv:4wMtee1rmc099yMn14QqPSyVx+cyrxhyB3YI3K5BO+0=,tag:TXlPlSCR50Hp93BnIDb09A==,type:str] + apiVersion: client.authentication.k8s.io/v1alpha1 args: - - ENC[AES256_GCM,data:WBccCqo=,iv:gAYTv8l2JK2ATWyJI9zUdzNImULN4/74wDCZmOiCQ5s=,tag:unXsaf5Rk6V0hyyWF+sJhQ==,type:str] - - ENC[AES256_GCM,data:Nnc=,iv:nEF16NElpzgn6hGfdf+H2V0hxbRU5T3/thqNEixibzw=,tag:3e29ss83iDBQiAWkq+BN6A==,type:str] - - ENC[AES256_GCM,data:BEFo4c72MUA=,iv:FSXTo8t0vTxaDY1/NuahsKoLFY89zxh/z949RwMqnEM=,tag:6lSEnSBzjOKhoF6MEvQsIw==,type:str] - command: ENC[AES256_GCM,data:1nJVSi0/opG0+loZJthQDUQVuWaj,iv:4pbel7J43Liai/dZ6fEE8GjLGmaO038vC2W10raDTMg=,tag:vVC512y12+gqNtyPMRcz5g==,type:str] + - "token" + - "-i" + - "demo" + command: aws-iam-authenticator env: - - name: ENC[AES256_GCM,data:wFoCj/5YAtdDtWoJs=,iv:xYLdRHQ/DTr9Ik5uTg0ndDDAVA9wQJySKNFD5QCvUjU=,tag:sNEf4GQ8AGqyatKCm1x3vg==,type:str] - value: ENC[AES256_GCM,data:lTCIimkOH7c65V9H+8BfEYvhzs0=,iv:4CBRdwiqRTRGL0KhOXHeU9RtohnbRrnrG+CKZOqbMaU=,tag:V+vikMOHH+jiREED6INq5Q==,type:str] - - name: ENC[AES256_GCM,data:jUXlLVlHsGYg0l3IhU+5iCgSA0aU,iv:zmXspNChwTTci9y35GzNDfberjFyhaHoHm645Y4M5S8=,tag:ebIcraixGpPqvJ5/EGyW9g==,type:str] - value: ENC[AES256_GCM,data:5ltZsyB77xuMZW98TyZ7Yxpt4Kg5Ltfe9ikp+8K+XKD7lgaOVIbw4g==,iv:oBPCT2KynhjtLaL0QPfO30QJfh1Tl0qt7g0pj9DuZNg=,tag:I1IhlUm5mUn24IYpPIhwjQ==,type:str] - - name: ENC[AES256_GCM,data:543==,iv:OC4mj2NLgjnlBFZz0UAJvuIUCxi2t48HrkfyQF+w18c=,tag:3Gw/n1Hsn4XYD30V4gKNog==,type:str] - value: ENC[AES256_GCM,data:Emak/6d4561AGQ==,iv:zZjWymapfRFZZvEiD/GpoyqFCbIeL8SS367QFMcDhmg=,tag:501Udo4IplvczQDG2yBOhQ==,type:str] + - name: AWS_ACCESS_KEY + value: cvbgfgbnmscvbq + - name: AWS_SECRET_ACCESS_KEY + value: 123efrghytr32sfghjf + - name: AWS_REGION + value: ap-south-1 qa: - apiVersion: ENC[AES256_GCM,data:0VA=,iv:jtO3q9re8lOAebPd4u7+jGaItV8xG1XMALJHHJXPVP0=,tag:MfXMwUZ93o4L6EkNDEnXDA==,type:str] + apiVersion: v1 clusters: - cluster: - certificate-authority-data: ENC[AES256_GCM,data:4IpDBxtp+yn7r5Ff/GMDqw2Zs2hQfLJAnlJ5Fy0iR3emwQTZ7sG/1sJZNeJm1f01I+Mz7K5xPqM750OQEvowVzACTBtUNFa86n0q2hiYVJ7lE5TKruwk/4iRSdDNDCEV5ksdJqyAzWSscJgK7SFMxNdml/HZ3MZOr/mJEtAQ98bSDtL281BFktYNJ3W1DgPPE5CEZLnvGnP1Pn8r9aVcS1i1qIjPVho0HznNDiUw7vQD//yj9XYxQZg3aNlywKwMYBmtfHnwYmyNhBFr007kJJOGsLAjxZLdmPkuq/9d8qo82NEbPdHZjrRx0Cabv/NJTdcspx94Go+26o+h+Qo8ZhtlarTit4f1aQjzFEJ0dP66TQGamaxBmkmZH/HXdHqw7kzSL/ePsrYyhyrKc/tVtfEd4w2yS/yB3nTdtH0m5sgOHrwANVGLDpQuXowu9X1d/1iEK9lZvmI68bFoGtFNtD1YOo3HCZV84GiF5Adwrm3g8nCQN2KHwdZ7HhnmeaK8a7zxk4kt78bP0nnNLweRykXZM64oQG+zwzVV4jtx8FTVgg+CYOIsgK57/9C8XK35mvAxHVtDpZE+zDPpXbm8Y5m2Rfp9Y5CYVB+ao0VbsufWMaTw8CtXsX7zys0d0qKgoI94m7yDLJksuZgBpsHF/jhmRBYYIwwL6HCgI/VYPgwEkWruUJ0/pYY49AiORumPu1CsJ1GZ8pk9vRVinGJT6YTgI7CxE4qKf10sEXhv1lo/7M7y82MgbM8LPUUwHAVskvjhCjZY76QqNUs3a8dmV9eKg9LqqgXGqeHvV4BpB8FrnSRAaEAOkR6mduRxxVtSQ9IRXdYoBaVXDlsJjfwC5bNRmJxkBid6JY0KVI7ce2rOsRJXA3pcU8bJe1I6WzxoJLDJiu3dVfOtIVYgB9vGDjaDJHdXDVB0Ngs4vOav61AH3DEQa2p0/RvocT1o4+RZQReVAQwYQhcQATab0nbAUQy76FrN+MNaX5KSHBT+rsqSGI33Gm8EeUjHg0ZkDmVg06eis4zYOJvQSPiQEJ9Fb73a1RjMXJg4Dnra21AZXTEFIbIMmhWCyVKpVF6x5LU05WCkWFCmGx4day1CFxW0Mf/25CXEg7BEQ7LIASw6OsmmCpBC82QIC9Nijtqtr2mlLID8YiQ5z1mZjToy82VAyk+xjz2fonCRMm3vqlgLTlugUKEUAxWreIjx91jN5V0AR/9jzqmmbZrUt1nnHPjDATCLh9g19MmqtNdBVzlpXkG3RNPikz5OqXQtoS2vJMmFrJSgz01WIQENvDDwcdtz77tScP8x5CIJ2kQ2IYGDDoR2Nu9x0Eott/WMBVQPUiHrrcqrakXJxP4FwaAbvQoeiV57gZG3QyqktJCxw5VkNq6od3nC8OGtBEvKRN+eHPbYveI+vdfWK2QW7JhvykwrqNCHRynPTJ8pECPkFYXERNA1ZDEciJD9AkwFT/OodaiRy/uEZQyGMGLCyLhlZOoEeQDpdZdLPWW+jJue05n1HIwclI2/CpPWp55/BmgkRADLC3qmDK7r6oUUXx8ieVsfQxfydjz37A1wm3MTl/V6n+PGJkax4HDFajYUzRc0zYFi8CcHCNqy2uwUV/Gg9nziYvA2ZPrY2dFsgguHUdNPzKmk64bKdrLaoARppSlylbvWSCS+0mJM0f7R5LlaSCp6x04iFKcQJ7ERdLHaBT3Plg7kw+pX2KYhyLWcX+hxgq7HTlH0ghvxGHJlhyDfTNKeufXq5E+JYTYlUQh08uRXDM0CMSmGclQJ1qKzSo0TmnRoWMW50KYRLD63Yz+GY0JhXZ2tq1v8mI3p,iv:rIp5lVOf0Atrwh11GEhLnvR+9W3Vg3y7wmrnqKH19ZE=,tag:mRnI3ngyTthl2pzmIWybXg==,type:str] - server: ENC[AES256_GCM,data:wLRZkNw9VxWE4u/8pP3KQAsRPSpgRSuRTimlC8+y6OXVc2gwntz9R9aaMIu4kG47bMZTJML+K1q3K2M8W2tuL/D1/EwMiEipxQ==,iv:d1Icmt5ef9bQTwT7Cu7ZzdJcMm/kR0ieG3jrjvDHFFo=,tag:mG1JMvCcA7YX3dSx1RPlUA==,type:str] - name: ENC[AES256_GCM,data:cJ0klrPJjX9+6wc=,iv:BwsCEMXaVAzPfTyTirGh1TyVD0wjsBTLTvmCl6B0e7M=,tag:MrJeMiQDQYz0hrZg3A2DKw==,type:str] + server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com + certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + name: demo contexts: - context: - cluster: ENC[AES256_GCM,data:owNNGQccKT55Ux8=,iv:qMnefTjsXdOx4oTPiXJ720m3dXGwB2H0c2JH6gQucLU=,tag:ZESrowy9XRyjRGqsKgEOug==,type:str] - namespace: ENC[AES256_GCM,data:4hHTyA==,iv:qjOTG8dxepQxHi3qWqWRtpYnEwsrLosce2Ngy8gjJvk=,tag:lEpWXWmMyn19ZKOKApYShA==,type:str] - user: ENC[AES256_GCM,data:4nEUJ996VQZ30ec=,iv:b5OH8d0UYdLHZde9ypKB2ieitksWlbRMmQDkAosWY+U=,tag:9e5wwL8sLzUca64+YUUd/g==,type:str] - name: ENC[AES256_GCM,data:eRHfWV3j7w==,iv:xjGGPbowuWf4EmMrUpu1QxHpQktcXkaM23N7SsuUPsw=,tag:Es99fZrb1EqXbyNbHle62Q==,type:str] - current-context: ENC[AES256_GCM,data:AOJBiXIg0A==,iv:cixHxuShv7vR5JIe4YAAZzycwmGaOFkXI0nJwLAo53k=,tag:gI4uhJqwt8MmX1YvUt7XLA==,type:str] - kind: ENC[AES256_GCM,data:k3tEzPEk,iv:ihfR2N4s6hLZUp78BoAzHiR0iCb0CZ2sF45BCB8A/lo=,tag:9OOa2ku8a98we/eTzrzHWw==,type:str] - preferences: {} + cluster: demo + user: demo + name: demo + current-context: demo users: - - name: ENC[AES256_GCM,data:G7lWK9NYbNjgYTY=,iv:X/v59PrLWbt1BRC0Okv3U/ARX9ksqC59ehXbroK4SyU=,tag:66kdbceCnhrAxfutKFF8Bw==,type:str] + - name: demo user: exec: - apiVersion: ENC[AES256_GCM,data:8O6c48fFjq6V9tGiSmgbLCIBFUbtU1MtudP2FQkUA75+HwTTVw==,iv:i0FOtrN8cNjsfoyfglmd+IpPDNXP7dM7r2A0hstwEH0=,tag:1jPqNxz1+0nVgGWsHIhr6A==,type:str] + apiVersion: client.authentication.k8s.io/v1alpha1 args: - - ENC[AES256_GCM,data:FQ8DcSQ=,iv:9di5WFTRpyxq3Sr7xQgDd4+EhaUKjGRmWaltlfz0/YM=,tag:yNW/h+4jn2iitTVVGP51ng==,type:str] - - ENC[AES256_GCM,data:E1I=,iv:8Kc+QqWo7qaNNe9oZ+XpQ6BjNypuwHWI4iFZJOWhmZk=,tag:kxlzKn2oC5l2uG/+eRUzNA==,type:str] - - ENC[AES256_GCM,data:8kf12+Loxw==,iv:wCr9Fz10lo61QLYsNPMU/1c4+IYm+C3Y7XjzwMul2dM=,tag:adAdiw+oat1Wf+u+FNBZ+Q==,type:str] - command: ENC[AES256_GCM,data:ocBACWHB5/h2lZXz/Rz3IZXDnVyk,iv:Xw/5wJJ1wkmVURcW11kJ/PyB1ev4MyUjCs39oV5UEL8=,tag:3Dz5iJt7qO3yqzcWiJPzeA==,type:str] + - "token" + - "-i" + - "demo" + command: aws-iam-authenticator env: - - name: ENC[AES256_GCM,data:djPX79/ubIQtuA6cQ0A=,iv:WYTRy6PWW8bZs6JXp5biboRGRerviWh9nfFonf1rRGk=,tag:iMdBzbAHv9nVWEECXvcdZA==,type:str] - value: ENC[AES256_GCM,data:mkCJvbngfO6V+M33bFudcAC3heE=,iv:9Y/ca21UYNa2ck6ko9ZCiGhDe6dHM6zYlVClxLbSgoU=,tag:WJPBqpisVA5OKDdqjT5TgA==,type:str] - - name: ENC[AES256_GCM,data:9gbWAGleKcnfLaF9dHfeawU9Lbsw,iv:sSAhL1SXnw/mFJ1luYH1llOOLK47qPHhcBcbsNrbfwM=,tag:mYXLklo03RmDP0QflWEC3w==,type:str] - value: ENC[AES256_GCM,data:vjNvbhgF81aPBF1ONkSNl2wx1qZxDYizHUR8CfbG84NqmNNbRxHXdw==,iv:GIKkElscAgL2qXDTNxb8+jllrYN5f3sc5Fl3qzplogk=,tag:c9CiOdASL/Ie41tBO8L/SQ==,type:str] - - name: ENC[AES256_GCM,data:yTjZzbHSC03OyA==,iv:CqX43YZw2vPpQlyYqYmhL26sejf48IJPMA11jx36f2c=,tag:YG8ecYcgr9LT+n7/KQTRcQ==,type:str] - value: ENC[AES256_GCM,data:4werhaP+2llGuA==,iv:xICs+Fwjo8FzFLEbvfb7Hi+pri7KVOwCVEOTIos7e4g=,tag:MArVDnPGkun7CksmUSm3pA==,type:str] + - name: AWS_ACCESS_KEY + value: cvbgfgbnmscvbq + - name: AWS_SECRET_ACCESS_KEY + value: 123efrghytr32sfghjf + - name: AWS_REGION + value: ap-south-1 ci: - apiVersion: ENC[AES256_GCM,data:Qnc=,iv:RSLfsDrgvF+Q360X2kbEfospWbVB7ELbZX3bNY4D9Y4=,tag:c8fV9RhzmXX9FJTyf6TUhw==,type:str] + apiVersion: v1 clusters: - cluster: - certificate-authority-data: ENC[AES256_GCM,data:0emfjpxn5A7pbk1x44IxxS+ORsD3sEU++TYfz43sgY0Y1P3RxvyY4gOpnDNfLTqBQsdvY31922xjWdQTs6wX6DTZnZnuXNtn6eKhDn70MnAr9zfByj9RTV/aoq69BVZoWJWoOG+d/1IVyiFJEkFiel88czvzc7aoMp4Ww2zkfZjWebRnOSeGkb+pK+SgpMzqSCS9uI12t3a6B5jUh6WYfNlLsVSNnW1L3PvRjqOvSHMD3wPmJHk4p8PxIFjqQ0mT3Fyl6S3awmwYOVre/NmED988FOal7cRUlQYXFwPkbFofLJEM9jd7CjuGy2k6lnJ/Xco5paGvR8Q0tOn8/h49f6IE0pFwhylR8uSkzoXUcnhjM1lGtiO5T3vOjgsg1N+JuxCqNF3k3NbJvDbIMhqzh+1DsmqASfUnocVYBP1VDFK/MmTeGFd/ZUPmh7jfd1mAoF3juUuE7v0lMAkoXgEttxwdAM6mJdroC9trg7NkprIMAjOULBnIlqs2mFOzTM6RiFdYD9t2wJyB3kfUuvDO3GP7AsJF8cYNz+bl2iyyqaRtrTodjC8R+ih8FI0NxYX+xPZq4GvC2iK8dSU9CnEorEM7yw3rOtDNI191My3wKns2xz7eNTQEF2VLLDSdtxmdh+HpzaIo7dssqUGWl49Ie0lsY91TTBqEbtD/zAKk7CuFOR1yOJ14JCuguivwJT2odR2a8DM+fuc7jQNy0dG4RKg9o3X+7BgIprgudMg00eMqip7mglL1Fyu8HcQvFTBcvdEj5g1YMQtip+gpbJkx/AY2Za6U37Obb6VitAJbqRYcbpr4kbuGdJugUxH5BwpvecHgXqSMg4S4Uktlt3fSQJ6WZvU1Y63pUTQWXfzPXG4hL+SnWiVE3sXoJ38d1pVaul96k2bIv5ZRQHD3Xc3yoaubEAtRcMIJSTqG4qJOUHCd0Irj3fOeKbWrLnhaXISRIdi91dMfDu+SeyswePdx4YX/hXFRY1htnu9cmCBUsU0fh3qlFUN+BEV/CuGWx8Ohjtn8i3gxLhIe9GPdYXYUpA3kFsgJMg7Uc+WXJVh2bmV+pKD7PdwDh8a2UZJ5hsdNW6fTo/aU+cYRP39dSyVvmNtn7mBSaZXW5uwCbMAqaVSZFNYZhxyyTjyYiYREqQbAmbexmmLXyo0IXU2jcrzDUV/9E8d4uLuhetEfRaxJGo03oxhTXuq4nrcN8SO5+FZBegXoU49VZpPFq6PYPLn+Q7SHavKQYTJ1Fr0fIxKSSauYKlpRdW+A3ng9QbyjKWhVX3s2XlSHWg9+Y4p57L3x1VplzysvSe3Suq7BTkUQr6wETIMil4x6V62sMbtew4o59ltwUUsM8dFjfSWPQPl2RA+Ffh3YhHEAQys4XMdonml1vH/fRrH9VXo2qUkGD6HfcT0+VARJAKDgNMgl0B2HZ9kact26vWvOCfYEWqdehO6Q4/eizocMXKkGSJqKs4dC7hRLR1QBnndY1i+uNRXE0LZjcsXGsDtj80xSQkUS+gVXzlB3xOl3QbLGGHiZn3i9kOHUXAO+Wp6vQQwxJq0fh/7/j0QFJDEZUWa3k2mkoK1/b/soxr8wKN0GvTOHzKGzVckLKcYQcy7PePBGhXNzpfscdXqHkvhTxArkaTHlqId3AelmE9b8yWxIcK1K5ceQmrbxqisuEC5h4w8fReJ8fprylpHgcLhEsIlk5bmh+HGTl81aJkMwcTkXUsPspruJ1VSG0PXZ5o7i+et4HXREuw6syfw/XyzidKMi5AmTGUCwUrZ+dGYoXFNAbReU+hD4f0sSYcyGzjPlnVxRoOLRKNJgzwDFFP7u,iv:+Al5q1CEDtRoP9gRoGzao+Y1ktZQlEz8kqvNOvIVIiw=,tag:icrEVExAKGnQPGXSIzB/6w==,type:str] - server: ENC[AES256_GCM,data:tN3O9mv7wrbe8f9fiO4QRbR26LFeSDn28sLjuXRbpIvXraSqQeRDnQSDYPYdK8jogowtgJbvL7zEocgkLFK0+r/V54BFJBSwgQ==,iv:e0xcPtWw/Rorfn6AeMCloyA4cxKcFf5XB9YUM1Yv9KE=,tag:JQcA7RqOIR8UlkqZSQqJbQ==,type:str] - name: ENC[AES256_GCM,data:mZ1A2LF48Y8+M5V4rw==,iv:oCffwlbJXYz31ac2TGo8qB94LNf9DNkufx9Oq7WTmtM=,tag:gTQkyoz0yMSSXdOaD+LgvQ==,type:str] + server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com + certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== + name: demo contexts: - context: - cluster: ENC[AES256_GCM,data:+QagNy9iiEl7SsiAXQ==,iv:M2ThYcim7nbQ1sxt1cMmqDyu1VL/Hroxuj1ffBQpYbc=,tag:WU5mVJSLBYBLv+HmLNa7iw==,type:str] - namespace: ENC[AES256_GCM,data:dvbhwSF/5g==,iv:H7AqH3Y7vAqiIKUNNAS5rP7g8EzM2XrCQniQSQ70oOo=,tag:pJtKtAH0WJG4Xn4uLg+0dA==,type:str] - user: ENC[AES256_GCM,data:929YN0AvHF7TTtNUTQ==,iv:uzrZKnBo5vHONTGPp2cb7o/dG0dvX0BvwQbUFDkx2hM=,tag:+vkzdJSDaTiHgjr1e0DzRQ==,type:str] - name: ENC[AES256_GCM,data:i1zKKTdQUvQOPpYzDA==,iv:Lpx5XUQzF+9HEp7/BZaApCGN0gVMD4ks2uPufuLnxdU=,tag:QLTsUTAy2zUYJdp+wSHLew==,type:str] - current-context: ENC[AES256_GCM,data:CNNX5NFpy3vMvIzlEA==,iv:B1m15h/0DGnkwj4jKTfeEw5mTXzita3u++wBKiXS3Cg=,tag:X4oOCmjjO65b+qjivQdIbA==,type:str] - kind: ENC[AES256_GCM,data:LahO8WjL,iv:3whYipH4ltnlxYH2RNFHxsMZ35DxAMFtIY7TBvAK/GM=,tag:RjyWvNbV0t6CwWSME62XeQ==,type:str] - preferences: {} + cluster: demo + user: demo + name: demo + current-context: demo users: - - name: ENC[AES256_GCM,data:dR50jQH5rpF3uAUD9w==,iv:GVzZz9mDd9df9b+AtV99uSxP+1nnEk0HaS8hpwgC/bk=,tag:73S6tEzZekGQqdqOQDpIRQ==,type:str] + - name: demo user: exec: - apiVersion: ENC[AES256_GCM,data:rAXT3NQLQwAzgDQdVEF1XKEBnaMn90Sy1/F9EO6VA2fZmZNRyg==,iv:Ad4dsDP7guCah4lgijWh032Qyn4/iOtWDzT+IdKG9A0=,tag:XcuskfkWGnGAH7xw/C0FMw==,type:str] + apiVersion: client.authentication.k8s.io/v1alpha1 args: - - ENC[AES256_GCM,data:pgfIqAY=,iv:o4Y6qW++L/zH3NqfaEZdmBD8IqI4DRsXuD1kqPWkn7k=,tag:n5ZOh2OLJo8FnVmEi1HmwA==,type:str] - - ENC[AES256_GCM,data:FeA=,iv:Gtrzfo3zTppMhVmIfDQOsh9ZkS1RhoJ2HrhivPhjK78=,tag:61gqTDs4obBDgg/bBxTo9g==,type:str] - - ENC[AES256_GCM,data:fPlo1RgCKZi5,iv:CqUzYOiGqNk+InIyh2TpwfTsGngqKQ5q+NxYvYY8Gz8=,tag:6o8chbaRM2Pg1td5JKjGKg==,type:str] - command: ENC[AES256_GCM,data:tsR6W17x2ysu91AjGONMEuj9pwaf,iv:3ujm+o3nvEo4uw8cvusf0kHQAyJbZB8hJKDAS1bTI/g=,tag:1ybuOF1u+T/Xh5F6ENDfzw==,type:str] + - "token" + - "-i" + - "demo" + command: aws-iam-authenticator env: - - name: ENC[AES256_GCM,data:buAbimQGroCN9Wf7Ty0=,iv:IGPz54M9qZWkGeFzDdEKWuoyeP0mDXHQcswaJrTAMfU=,tag:NsquEFCswz6cKo5iXKIp/Q==,type:str] - value: ENC[AES256_GCM,data:i234pYBpxfAnlQp4yMud3ItbgE=,iv:Hj3FtD773wnO+SbLTE6pzs5xpnfpL4kx4tXHrcOswSY=,tag:6El8mWl5hEsEe69hiIEOzg==,type:str] - - name: ENC[AES256_GCM,data:0JFXk34GkTMZytZhEHgvbyRXNBA,iv:XGnaroUY+5Ij+QQ0uVQC/YmbMLKrojdQGKQJOhwQJ1g=,tag:DC+JXfzN8boVIqtNK3rQ+Q==,type:str] - value: ENC[AES256_GCM,data:rDEbdfghQxBfrd9nHyock66ACx4b5UEDLu2f2wusRjkuqF4gUbYJoQ==,iv:8bCRtGDFRu7YKPvcp/qVXiYPCYxf1nui6dqpNCJGTuo=,tag:sE5VIzxF0NzMzr3dNU8mhA==,type:str] - - name: ENC[AES256_GCM,data:7UPYdtDmRh5nag==,iv:VDznS4jMroXFjyRpLnfTYGA2jA0r563CUUzoDXC4LjQ=,tag:Uwq8UAM0CCp1CKaEeQ0Kqg==,type:str] - value: ENC[AES256_GCM,data:nfgrhj+8nA==,iv:YGktcYcjFUl0G09xc+mP7R1EHozlMfs3Vf1S5jB+1t8=,tag:Dqhl4LP0noj/GZVvaA+jlA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-07-16T06:27:48Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgGt0N8wLqktjyzxSiYwjBs4AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMG73vwk4q/FWeWwgFAgEQgDsF61W4Wstk2d88gxS+Ql8jg5h41lVQ7CqXccGntVHOJy0cWG8jPcVtmiLYrPj/JyOs6c06XKTy1/IYtw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-08-11T10:34:59Z' - mac: ENC[AES256_GCM,data:uCzYOyjgpsorsqxkhlBuvks302rzSjGO2/Jydd41JPUkXAPZqvNuyESVPADwSUImIXH1/yoe7a9JNpmk1lPO5Qd2grOOOpmTWqwlTCvVeuhxkoX3YnmebTm3LoN5917thrI3x2Mc0Pk/QeSwGit3Bdgl4ESk0YUduDPmDz3iGYk=,iv:KScmHsk4aKzYmr5s7rEdTA1yw5oTZmmjrAIWBh+TxCU=,tag:EmXKP+d9mvCsyFTGuqmYhQ==,type:str] - pgp: - - created_at: '2020-07-16T06:27:48Z' - enc: "-----BEGIN PGP MESSAGE-----\r\n\r\nhQEMA+gtFIQvidpKAQf9FlfcstXejz7f804cGhSm0Eyrjkn+BV3zfdgqfCFu/kV5\r\n7rSZinxjfDG6FV1zWptlq1Tyv6w6Dg4+f1SatRLsM8wR/+Kb+PSkDgQcs19mM9R4\r\ne82dkywfjRwF7jBmFiSHwhMf9M8mHnpmtNJBIQu9lyFMVM7d/H5MKj72jXUmADEo\r\n78LQ8uxTOFWY7mfh0xBZYJ1P2gJgujar33CGQcT34iUxjScMZztwcBs15ZjqidbQ\r\nLkEsv1pVkn71MV/LZ5WLlC0b6/T+z0rJD+y4Kk44G3C3CxwuV4Ge3tCsejTy4itJ\r\nyY1DBb+l7l3ozO8pBqulQVhwDTh9Uz26Si6NFpxpbNJcAXGsbOBiayxAZTGV5eRn\r\nJF0w59TDHywO62qGG5yRS6EViEcrIzCIsX9LuwYKG4gdwsAVlqVEQIJVpF4bAR4y\r\nHhyoZvA43i9JYDj8/gpjvdek0daqU0NZ2HlSztQ=\r\n=33Ur\r\n-----END - PGP MESSAGE-----\r\n" - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 + - name: AWS_ACCESS_KEY + value: cvbgfgbnmscvbq + - name: AWS_SECRET_ACCESS_KEY + value: 123efrghytr32sfghjf + - name: AWS_REGION + value: ap-south-1 \ No newline at end of file diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml index 2a9d1b6d87..cf4b7624e7 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -1,116 +1,10 @@ cluster-configs: secrets: db: - username: ENC[AES256_GCM,data:zAyM8wmGEKxrUA==,iv:suauKtSoZdcCN1gIRsDkqJUeolqUJU0IwQ4BJLQgYRM=,tag:RfXMpQWsaePsq2519ul5Zg==,type:str] - password: ENC[AES256_GCM,data:OYXm2FVYSdOzQPdyhg==,iv:rL76NXC4tawK4ITYBOCEFfS9T/7iJzAH08jWk61IRKk=,tag:EAf5rWMwoMQLoACB07z1GA==,type:str] - flywayUsername: ENC[AES256_GCM,data:veZ54lQZ8iq2Pw==,iv:KaeZthsqZ/1YV3tPK7oFwmCapmbeaJE46Q1gYMG63iU=,tag:IyOMLoiIuFW86MUmJJmueA==,type:str] - flywayPassword: ENC[AES256_GCM,data:FWlp1FIRyYgVfyreyw==,iv:gNtwX8Rc4jHQYgbvFLgv2/2Pu5a2/WUuEGYRks12H8A=,tag:qNQVpvsWLhPGFgkfbzRXyg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:6XKDSQBE3o4=,iv:lRjFZCAHER4FatyLD3Irt8sywi4x3+Rb0zsS0vUwvPI=,tag:shMpyoGwkl79KG0fbSORlw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:M3qMixMjGu5OBENIG1NHUpHUX6Q=,iv:nYp30K71FiIODnGZeqCtWxxPSKNhzj/eHxQ3wMmOjpQ=,tag:Zf4mVIG0dPfaZ7HFcru3+w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:s/C8CZ0b8lry8DnWAYKsST835mgzwnd6xqi54CMH4Pjk4TcfZyV/9w==,iv:2WOzXHSlUWPOR9t9NzMs0LFwdVBoSLbkglVDph5mdIA=,tag:6mKNXA4OGvzp8dFnTsos/g==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:RN3G5VeFS8T3XbzaXr0+nw==,iv:h/bdQApXCQg7y3SUyyINByOKgMOWAJ8LsPvnxq9Bbxo=,tag:ju7zSODwxTlqXyQ5pFJuig==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:DyivoESTToF9YJjox8y36ssmwcvKaOhsoC/fcyY=,iv:+pNwxpneD5tiwX5fjVd4gssQtDjtDPl9LTAfSBdX+cs=,tag:byu2BFHTcM3X6EdNGn2Unw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:NAkt77ffExP8dCKO1meyJeGt,iv:Wu7k+de1S+qMFi2b8s5/Im7mxaNsJwZbIkyR4HfkSa4=,tag:cXgG5oLvaoOKxVZ1PDqdcA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:YaKHztXzc6du4r8=,iv:euz3KT8NO/6W7eEEa+FVwfppCFGx3tUXdsdfxDFLZBU=,tag:1sQpYok31KwI06e5n+ZyVw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Dk/9AbjYH8kE,iv:3HtFJjFOD3azGeCK8bdkCyWx2f73chDqGH9aLB2Bnhg=,tag:Ez6LAJff5ZWsvCv3C+khXw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:RuZTMeol,iv:K2K4/k1lxlYaFfRDuvkOpkEg4uwaD20BHrqO6K68qhI=,tag:pc/qNeeOoSZnA+F3iQANmQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:Zc5129eGy3EVvQPMEvK4dB5HQig=,iv:n3eLqIDlFyZR99Jzmq/GwXpzOEV+CCaq25Z2ti9usVs=,tag:tk18367EChBsN35hucBxjQ==,type:str] - clientSecret: ENC[AES256_GCM,data:kPGM/CdWtrlPRyMjl7Az6ZKJAizgI0rlQmtOoRwxuc7+zmJANFnVOQ==,iv:qUCaGl7OobgMLJMlFjICbMWLeiwj3I2ZeIPEpx1l8cA=,tag:hi9GYABVLyzueWLZvk9nrQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:m2q7jHsZKeEcr0GwZBY11jMXfAvchGYjbqWRTzVXl91OK9cG,iv:AjYA0sOdo/r+rpsqBx0Q4GYtBm7vO1uG/F7qWCgV/XU=,tag:8GodHvfl6vvD33DEu80rqA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:s/Y=,iv:IaXwi3pn+YMdgHnWPN0h2g0B9VZ/JKjc7GtBhr3chL4=,tag:TvZjmZac1s/xIAfzcfuHpg==,type:str] - route: - receiver: ENC[AES256_GCM,data:yggN1X5Pf3WN8mY98/4wnctfUA==,iv:kWUEsWCgviifbw3Un47ibWiZBJFL1XmZik6+2Ovz61M=,tag:kX8M0xg8gjGxMAmPRBRJ4Q==,type:str] - group_by: - - ENC[AES256_GCM,data:SazP3pSTVebc,iv:ZHaPLIM2Tdf/NMIJPkgLhyIy6dPsfm2HWPi+yYgyUmY=,tag:QUv69KkskBxlQss7um7rUw==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:x4Bn5JlypBsdnd5/xQZORUswSQ==,iv:p1nbidvGYI7nEpywlrvH+qxtwn411JhgOmJjE5oCgNM=,tag:ak1x421wuHkvREql7aNVyA==,type:str] - match: - alertname: ENC[AES256_GCM,data:m7Ocs48JrXE=,iv:MLpTVCutfraO02epwWAK+lkxX9IDKK8ciMOjSJ6d3JY=,tag:8Hpitk1sCKbrjckVjQ8Duw==,type:str] - group_wait: ENC[AES256_GCM,data:KQ9M,iv:uKG952L+YMfhkESMx5vGRGeO2cad7+FXr0A3DJjchH8=,tag:QcUfs9L/xgmmJvZXLJXVHQ==,type:str] - group_interval: ENC[AES256_GCM,data:t24=,iv:CFD93MzLGJ46OzHX9yw/hG31ixnr4OOKHCOv/6Ap8+Q=,tag:k3nDbNSMJsQ6wXskAnLabQ==,type:str] - repeat_interval: ENC[AES256_GCM,data:T9H+,iv:9F2lg80+InUq/FjRUkltqqHLzHyzR0mPJCmdJ8X1Kyc=,tag:cxouK8GJCRbLfwHnnTXTmA==,type:str] - receivers: - - name: ENC[AES256_GCM,data:r0LAiyycrYIy0YJ0fep0peTjXw==,iv:XQhqNZ0mhLG/ZxlshvFv32oH6JJNzb5sSxmPGX2mWFw=,tag:KgEXjnEog4FFsXT8/g3FFA==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:M9K5FA==,iv:M6iqfcnTFaXQMMxdU+dGF8pG1YyMbl6LIbwj4WAfp7w=,tag:etmGVQl9AmU091tOooAxPQ==,type:bool] - api_url: ENC[AES256_GCM,data:xeIU5xgYeHtJ0sjdFDyVKuypWqxBoJtb8JRGA95RyPoG2+4x58dr6ZN43flJxMNoomAax3yNRt12/nwDap/3MWAbWA1rncju/5YtA03mKA==,iv:Qd3diKewnFOs0+IZxP2MjqDoExaJbvw8TXGyr1y/JZg=,tag:dHByzVUYf6tMdCwtHIPL7g==,type:str] - channel: ENC[AES256_GCM,data:7C2XAQLcKpPrN5C1GV4CfZri2tpKnQ==,iv:S6EGlOpjzJ8NFunjwGt80lRR7dFZdJak1PQXJ81W+jc=,tag:s8q+QT1zC/ORyCUkuaKZkw==,type:str] - username: ENC[AES256_GCM,data:+oeV3fQ8JJtxXDR9,iv:OhcuaQjqLyHpkVxLYTglsTKQTDuIWorbV7bDFTjQrVE=,tag:EGPOSTpikIUQmVVKQ99gYg==,type:str] - title: ENC[AES256_GCM,data:zz/G/DKNpYabqF1aRPrvgoMHqR60fAjACMen5tG05V4/TkddK2U=,iv:xTvpPnHMknoX8bCcaZp/bXC5ReNiQLgNTfZJduMe6xs=,tag:3X4y+9dEy+dASVLoAHJZ0w==,type:str] - text: ENC[AES256_GCM,data:j9D/y0awNYPPDx4sVxkAbB58lMgZuTm6ssYhFI22b8eZqxSnLQ==,iv:aF40Oaco9I2EaZlMotM2zfXGi5ih0syUc+5G6pcuk8U=,tag:jlnCwEYrpY+upEvP55VIUg==,type:str] - templates: - - ENC[AES256_GCM,data:wUteqLfnIcDVPN4avxYe8mqr+3Z3LqGynkFAqXRQSeYbu0+R4Oav9o8ZMR/1hrl32HMW9jLX0foenGTihBdpwvsQfqgKL38=,iv:Xd46zFIz4RWO7RqvhJUT7KuI3tGNx4TDe+WF+8J4cvU=,tag:R241Kj77zQOLELavoRUxOw==,type:str] + username: test + password: test + flywayUsername: test + flywayPassword: test git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:dpUIAfOGg/DYKSyDRuvBusIvpbEj5kauwVPKCws2QZzIucHcnzLg/bAD+UG+8lKMk/Wvm6mItKA42nv/5sUYE7O1siU0a2NSPiNc9TMZsfYoeodwCKvNNLQV6oE7rfgFvoCHteFha51eQIvcwg7KVs/LDfgaH6qnXxNQd2iunMqVR8YFRjC8+fNM9xhe5EEaVDvdsGHCHQxawPGompQZCueNa+bvt1Hh4p0avlep9MuIEzBkxtqTspvsGZW/dowiEpehXKj1HjdiovxlMK6ZZziMsS8SJ+ftTLwaX2hVW4hnYNKwimNzC1o+ga+roOUVX7Csf3CelsMhd6BvhZOrf1kXWeRgjGEH1KH7CnxdTSHzGn70MDGfghzbm1TQerPPWKQQB7/GNAgYIdr32xvvaHrVyguR0SUrIfhaW7cYi4RXQuxqNbIDe5LtHE+GU6MPz+3QBuRUPOJlDI8TaGjZPDwBQoimwsBTnaQSGFcxnv8FOF9lIjRjXJNGkHKgk3JsFi/pRYIdbQ==,iv:cK88hnm4Q4llROhS/RwW/18NuZuIoFH+zs83PdaAT5E=,tag:Tb/rFgdvV5ed0sZ8GmXMVA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T08:30:37Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEKpUbHDalFEjlD8d3fR4q9AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMVx3MC+eezKTpmgXVAgEQgDs+wPQLWS7lCdr2AOw/3mnDnFggmNA6XSNDOj02Js6PC+wB+uDEjCJI73+I7WWItZSllOI2OblL09mVvw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - lastmodified: '2021-06-21T12:51:29Z' - mac: ENC[AES256_GCM,data:vXULUiFrIl4ytOAjIoeFQDHiBaBkAneug/tmZS3G47AkLyjsQReJiNmAGUt3SU6hMbBFHWgECfI2LxqjCha/ko261mU21pRVb/mptGofSm/iQNLCUu4/qmnQibNL99y9pzeKR95BUNZFEYqFLGjwKKB/C8X0GW6MpYW0WgA1+8Q=,iv:QWbYR411u4c51YX0FLcQaFuLKMxR3HxH1+QpcAhAY1o=,tag:I53/lbsFJ9pZoesEY2wcXQ==,type:str] - pgp: - - created_at: '2020-11-10T08:30:37Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/WK9wtulEp0xnpmN3qP3ppNCgFHH6clItn+LyvxQWLjYQ - wACAgwk8Vp94DPfKzh2Jyqo2M6/AdH0r5INEHhQkJorDK8ZYKyUu9dT6lhBqGlvZ - BUHdmpCBuH+4nRU5nLssU4ACsSDCYdq80hE7QOm/7dE1NjipH3bnsXg8UnVOVbkv - TkIORITZD1lVHAR+vC69+HFNB2bvzfTy0hkDMcIFomjQj7MRQRW9aaBhg/Mp+dGV - 2rwN9miX/O+8XS/4wgk/mFgEA8njmQ6PEPtKH6OWgfbIyCehah9gBC7qN9IRQnoP - Y5F82Yam4TfK+/owNBR+gvsFFDkXIb4xXz4UsoDI2tJeAUu+XOUt8QfX1AZBVBgV - owioW4WUyc46yu82Y6QohFad8I3WvzAVR05YEjCB4wkNt5M/3t93FXl+CF6dE5Wn - TOFKVWi1+Kb3LVHB+ZcDmalImT/cnBLSFQoiqPO/Jg== - =gJic - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.5.0 + ssh: ssh-key + known-hosts: known-hosts \ No newline at end of file diff --git a/deploy-as-code/helm/environments/egov-demo-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-secrets.yaml index 04e596b8e7..cf4b7624e7 100644 --- a/deploy-as-code/helm/environments/egov-demo-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-secrets.yaml @@ -1,92 +1,10 @@ cluster-configs: secrets: db: - username: ENC[AES256_GCM,data:En2+f1v59YFVscpJynJ8rqsSgnb1EXDuLTY8lQbIZe6IQiCcSBZebQ2mYgwHYg==,iv:qvfpmVK9dL4kEzgMv30UQ56wgyxg52vej/XDDmzeCGc=,tag:KehVVfs5qHynQwZfHay3IQ==,type:str] - password: ENC[AES256_GCM,data:G8SIT4KfwmxpznGcY73ucw==,iv:OFcC8C7zLNg1yfsMZXQPxtRSRkB0ftht2s/GjlMJnvE=,tag:0z1hPoL7taxpl31TiG6QCw==,type:str] - flywayUsername: ENC[AES256_GCM,data:KHuqf2j/BZOi86UGH3m/fXZOywAI9f3rSZVErVA5V1dhQ/VpnrA1Y1VHR2x46g==,iv:B06frZWbBDUJ55TxgXqSwrK1JpnvoUbo+a4LACIRBv0=,tag:IxyMs75Ucz4Nn6TKWs1k5Q==,type:str] - flywayPassword: ENC[AES256_GCM,data:SBFWdd5aFoQCYyTmXxM8dA==,iv:m/dTxbTY+zDx1Pto+4y5nP3XiE0KqDYz9Vah8rD0pu8=,tag:DuZzC0ZYF0sODTMPHYnNQQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:n1AHfdyu2Q==,iv:cN+njVywo7deBbVo6h52D4M1WihvVrkN0cgdSlvLd0o=,tag:g0UmSy8YP2CCvX6REuLzfQ==,type:str] - password: ENC[AES256_GCM,data:CmC0q7kkvw==,iv:EeYIo8ui6DcsOsYonhYEJwhSzIfSw0VDnJx8yoAeyFU=,tag:GreosUtOl3L1MVynuI1iPA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:ASp2uTdmoyzg3WGqW1FlBQISq4A=,iv:Z2fbmnWjtzyGlKzvn3Ah6N9sPZxQfooBUr2rq5Qu4O0=,tag:aBPocAM6DUOo3v8Uy0JJFw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:8+S/AKOM7ZqXw7jqUFHpIh/G2ryukIeTQPaCecz/V3Vur8o2yX5sCg==,iv:zi/eijnKSia/x3PT35r4I6ge7R+PFf0wK9hoeAtkdDo=,tag:OBCqqzlPOji+SvdHRcP+nw==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:WIk/vMy3Z8qRxm4XxhmgYIy7syzW5GCTH1CFJHm1ZtTEBEMHDXbt,iv:yBLVOJetLORtz7nFf19SZMSrr97nx7VrfIvACPo4asE=,tag:Mtg6HFr+Z1ccktZ7j9xnnQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:mXuKJlYBOZLKVdnOp9FfRg==,iv:vX1ARV5FR/l+2TgT8v8rodTyQTpV0JsYIhVxr8e/+ZM=,tag:yvnDKgUi/zCqq549TDST2g==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:4RnEMSiHE5rbJ3WRt3xO8NjJltwXlMTTZSGYbqbfb3o=,iv:N7V0rjUW+yiz8+c2+yX17UcDmvaKikduet75nQ87btI=,tag:EmzT+Loc3jK0AzywLRCJaw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:nDU9KseKxh23IKLN3o2m,iv:nmakscSzf4VWa+whJ7IqA5owUy2mozrYTEI9SV3DRbU=,tag:JtuPJSoih7dcBinLRlriGg==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:Sp1g7l0O57hIsEE=,iv:59RvZYRgkrsgcNPbu1yZc5qXc+w8HKQt4qPy1IgXyv0=,tag:OQsCaOJpydL84E09Ebf2VA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:EKEgpSR18RQ=,iv:TiNfMhGdvweM5wZwOgNURBkjtU+m1JJM9wBVVf2OaKk=,tag:TDF5z8ca9YaQQO+4lVrGVw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:f0kQa1nU,iv:2d2ikCBWaVv/aG86iUi2Q0ozZsT4JUHwbx19SJ9coSM=,tag:i64d7eujEiZubRqGZbEzEA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:YKAoALKjB0I=,iv:ToE4EOyum1Z3FgFNCAWmii2eO1ZqgDbERzO6z0/Fn+k=,tag:NzJmK6bRJ1yyU1GhIVkb4w==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:fUb2ze17kETWLcaUxhpTg7rz6ilTOIOTAA==,iv:qHNeNWJ1gv77D3RgHke5ss2O3D1vkgkVWMTemzHEylE=,tag:3sShr0oQuRPMAAuvJQvUZQ==,type:str] - admin-password: ENC[AES256_GCM,data:DAvfmucbH/ZlnhYYgFA=,iv:yLvWMv6WFmaNvP8YYdWSViKQRC/J2ov+UXBdQ+Rc/Uk=,tag:yFvssmpE4+0c/bafLM8hbg==,type:str] - read-email: ENC[AES256_GCM,data:VMzdHiL+3q61Sw2WuxPwDLjU6+KuQ39u,iv:jDODYHkfW0k/ze1TJQrnw1CzWDD5+m3ynND/JiUtHdM=,tag:88q0tcr2L9kJvIlQTAcahQ==,type:str] - read-password: ENC[AES256_GCM,data:TTg3AO1HDiqXh1r9fHoy5Vw=,iv:YF5hqEKtslSuTndUze0ocBr8qcYVfGNVFnfwiF4CYOI=,tag:mLJ+FYXqL8OTp8ARLq8/AA==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:N2tyVWLXhE8KGoJyBQK40Q==,iv:v7HXVTebjDsax2v2Qdf6OJh49h5SUI79U9xm36zEcX0=,tag:I6ik8auwlPUlY79ndBoyzw==,type:str] - master-salt: ENC[AES256_GCM,data:So15EzBe8w4=,iv:EJHTFkUWs+NU89YBDc9K4RB18a2DuRZe98Z7qddb5/Y=,tag:G+Fyix0BWXSI59kS8e1fig==,type:str] - master-initialvector: ENC[AES256_GCM,data:/MXqrk8Gwy908X4o,iv:3VeCbgpg91BKC6T+D1uU/P8c+knW6OOx3vA6y1Bai/o=,tag:1TPvhvV0RAaaZRuy/wKoFQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:46SVi1svvzO3PCslqEsB7UDlmpSznGzUOURFJKQ=,iv:MiBSosshP7oXu685PIXHaB5n8rFhs2SuSKJ4H3F3VpM=,tag:FBFa9QSdX9+xJJb06ggh1g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:aj9GtQh3t6WHLOC2qKwjCsfu,iv:o+1QsKOV4F6fJDMmaTi8OsmEtdsnqUvZYnl1Ib5YCSg=,tag:TsPGoVJYC7Jb2BSbB6SdZQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:EAOQ5E1wVxVgMos=,iv:zm/VoF3WOaC1NgMXkHBeBsesgbtjvAEMa9OsoNNAI9A=,tag:/vVnwQJ5fRHehvoH5qwSxg==,type:str] - valuefirst-password: ENC[AES256_GCM,data:/mSnh8iwAhhl,iv:JX+38t5TrnEUUImyI+rOYUPig6yLLKGXWzf2r1ZcFDM=,tag:HHwdhWffcI6nIsFqYCeHPQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:J14KeRHF,iv:YQ+uozqH12OlBLUEreSz0XgwjDOENPf/0VKP3S5zxy0=,tag:jh/c+FZ9NfRaKZ2EZsGtNg==,type:str] + username: test + password: test + flywayUsername: test + flywayPassword: test git-sync: - ssh: ENC[AES256_GCM,data:aHSARuLB6Is31jrItxxlKpQ7MLleSFgnjqTAmr0Jl0y6tuQlplkXwN7ygj+L7G6ZZojbtRsIpwtbe21qojL5RZhCm0FQNGZX4ATF0GV8FqrGf5ONREjlhxbxsDs/khysiJe0NDG73nmETRudwClzRmfpPg+OiLGzuOJgFT8M7A6RNZsLi7g7N/CCsOB42XMl8UciwWQgs7ctofSF0o+bH3AZqA8VrIyLMMrSVADmLxsL2CXvANY04Xd5tTHenQ4yvNk/1LJrZh7wlZrJLlQ7a+p3H+Cl0XIl0ApaLkVn2rqkBmhZ9JFNhWyrEzz/KPZ7hjD0qTdYoAXVJpXqcKrV2LsEarvVXQF5cxHR6qZbEQsYbKWf0K8FVem7dxbAe+GnyplSTzQOVQqDe8Mt5AUFMezZvNvv52LzoDfstsfJ575pLowiYoJ4dm731uZEgvCATRMYVEpmYhdbY/Bt8u1E0TLCnzYDot9HwYaz+gNzMvxprTEA7Pp0d7mvgmvjcoZRLJ8R/gJ9Xl1x7EmTkDozg7t7sQAimIHvMdMlXD2wZ/E93Cffm9N1qXC0a+EELgdgGJzJY74WWTYM6y9urVbGFBumFuvpG4blEshCnQZ7l2zGXKQfouVm0LlDiME8Q55oqJtI3ucvVHBmj5kpV5/P4mUd9SaWFavYnNioz0Ohw6/WaPJ8fyI+w1Igh58L5iorO4v3O4z5wn5JB32AOdIT4ePgfiEpSsRAnupZytMduPiWHl1jdVE7rJC6TAxYfFkUpL6gkVUNM6tAmIq7ITYfTVge8FuoGH6fDgFk9jAbyN2pswV+z+DDzfqyfS0gzl51E3ggvInFX5i8lReOx7DG5dGCwdC/U4CUpqHPBeC1rJ821IFKJ2GgXy3waNxepVDpx4R41SyMlgjLs7sHW8S/cOcX1UBVL+aMRG4FnZU7EZlS4txHND1iKXl65t7ucQICXKZOAcrkUKuoPfNZnnl0gFyGBVJPvtJA938MNiORjCb9NPK6Rqk3q+Bo2C1bDQfx097D22RoV5itWeTbUPGElRdt7vZmKDPfp6VEkmT87JN5nJAEp4OD0e1ZYsnTE7EIMgJBznX17qZGJgk2x/4ZU1VKGMOKEPFhXaIhZfFk1vqN59aOGTPbWbzdISzGrds0MT0fvQuIaKmx7gp9zP94NZVefl3v+7tXkNSsatMa6/CG2W2XAWVy/IQRO2xmSTK37tn25LTGyM6Nl4fNuvBqkZVb0lrA77dnOIpf9ZfFZ6mxkkIBpgIJi/EYwrscWrGkrFPEgbS4IxrCblve4QvpjB8Us8FbVLzxLzT0iotn5gp926E+H0nlUKJxluvuZFq8MSs8qMCyYXDHcMKK6ESw2KiN6F46i44k5Zw18Ie9CD/y9e8uOSi0WpjNaLSq+N+kLawpCwDB58aFzmJ8eGNlaG6jh6DxGhX1YWLOX56ZWh+O3XV3OLgHj9leMBFcgurz8mtQS+lRfDhWbVGPzQg9KjN4Tk/yLdMEmMpahAtfrtHxGtc9FwX00iV0BC+KPyX+MyeaellVIx+KZilHt75B9vbfpMKTesS5L9NaIuLH9np7m839v/FSZlnFWnDAO5AjtjhXtlY2oEwYDhhf9wMVtbh4geVvw70t7S3tIq/VHgcE5Ibqcxd0vrv/zjd/BKZPsyrz6Hr5AXOlTOlp7a4PRhsUpXzhzUeoxgMj4jWEzZyNWuu+cL8t3QfSrijjukMv/HsTtEEYUxDMJE1q8Dc7i7v8ITGX08q7UPS+OaRLp2/nJkGrtL1RlxdlxF2cTUq24RmUBbjVo9ofdqsRaXlfobMRvbulM4EYhUg4EfVQFjBuf23d6ld5ZsA60TykS8Azhi8AgRli+X0htyvW9ikGs8OqCN+BBZ6tXXmNOuRz6uoBSYKZv+JVt/HCa71CKN92e9qLsxU1+PiN1zVyW+q5re8mFoujcEaUICJ/0Xnk5MwrO7q4tU2zDG5hqPAtA5ie7szIRu1dflv+/voY/8D9GQi+BOPOOgnjfvRNycNjpEGlk/Wpp8gbIg+xNiw70cQ2QEi1Hm3hUfpmLo084+I3Uw6o1KNbiM5mPDL8RZUqOqXhLWAp2gFPI+k+c2HTBfXh/Q5qUwKSPkLvIdOYy0vIMeWAggleZ0pp8GZuTuQV3RFvj9ZCmPMS/KsUaGF4IxVNJFTOeJZ7j9wJfRojyu9zxsWUcnhn1CjOasz3+sgbHbFJojzel3lbT70L8o4XhyLxN94UvTa9auEz+kEbxOfp9H3h67zJPjb3xsE1K977sks6hZ1SvbLf4B1gIB/cfw973oshrQ4lQwQibiGZPjRFGt8m5CmZ1wGT2zM+Tcvzb82F1klMjEpFCoyzOS32RtrvgCRehACg0VUaPvq4GB9axXzxFEmpkoAQ5TAiTKoz5VX1P970qwqp6vwX2eyzam+mgM1Ul1bzPMA3lCJmi+L4Hi3GgW6yz1UmsgnPSUa7AVUdr1ZQmynuFW4rgcUdqZfMDFX4SBta6PHY8sJjfOUSjP2ii0e+ifYACpAic7WG0UcYzOmkWbS7saWRuO8h/htbiiQeysZyRjEKJWtNLLFT7zRv3gi7SmAsMz8C1GWAJHejPpFAC3lQI0jyaMIIJYsbjxGdMVtKUWvaERCzuGvA8cqRZ0z/HaMfMNVs6KpBUBzkU3nAQJPcw99S/FbyrmKQloKtBq2VIOLu4w3P+EGRcvmlcqUK4caG5v6zWvqecktqPklhlBsRQtMjWHmQzATA7Y2KbP3OdXhZ4inBWu5esf8kzoOUbfh8HUIXiSNx7Y7jThfMMF44jZ1BxUkHIc+jxKSmxSuFoVAAmVZANlsvjlROyXYJ106kEZ2Cjab8QRWCfXm9zk8Hbp0mJ7BXWA5U4+solo5uhxGY7m+In8h7vL4q1WNROOFhGGMiMVOkXiLRGgCmLUfJmOboN86zkpxZ/rrNXFeSdnez2+HOI9DEcCZZ9AEmnLWzhWimJbNVtlwrbRyluZjiNupAoWxolFZazEyCYHwi2ST+RP+Mit0nvGJ2/NfNNxso5inuy6uHIp35B2FuTtsLJ5PW75BVwHhXfJ0nTo8EWoNMDC36Eh8Y6B64gHieA8RKOJg5h6fEWiU2YLI91SMXPKOZLbKBNAAknzlq2HlcB3wrhN4JcdMafxcNaaHTZoWvAfB1eQYnfyanCO6NTq7MuseYJ7ycYPQlFX5dbmm5/B0jh7alsM1BkKQwK1z93FA5eNHsipZfqIEh+CnCalu8mdhB5goAsO5u6JLTzLv5RZQJeaL6lUhvweMzrPbMj5HXItSj4k7IwtriKR07Z32s2lEtMNeFeyC1wLTT3jzwSBCr7wf1D7nCaUaWLNE+v6p9OxbIk30NUemnqWS3fDZnIe52xFL9U3n6nkSwFqyIkD69lb4gxIOcFJrgxYMyLlawK+I+Q1URb1aTBG7W0uzWFdxkLXWV1FdRlRuf8s0xdBTQ6FLPYyMLaPowY4kwNQcRyD/mHGc4dEtuk8VCKjaVuJvfQ898Fws04oCQy45I7vcjK3DpiAmtcElo5OoTk4zCoPihA8ubAiI4cnh3rLKIgGohPRsHQAN5qqgsPJ8eU1EIeQXi+1bSP5iwHBuaqTQkbrND16iVpCU4/103qkkccC0d7yz4iWr0vd1T1jmjP/P0rmOenkWiFi2ezW1lo4qYJeaGQ6zq/KRHbTqtyfCiJY9mJX75g0YmN1aHNRfHZaUtznOzRyUiRbKdSYRcmBXCAJLLmZ/SAXQGdwUyRXwpswyb3s3y1P0RzYOZaSRty5zpaA7XY87XCmfu578DJfT7SHWHDTWdgKQzyd32AEfaCsPNW+R0t1PZsMGIjRdazuNpaQgCRdrCssgcX3aPkDOaXNbo6lOWQqE9divzJpaEG9Nho45dzmjmvijq7LLkjdp/p085YjKzPSgAGo5QZE5JSguvRC0Ng2qkgOhTdTdAMfWc72qfIiuwhZrbkzvqe79DAZM41D27mOUe7cTobKwWTZlMwZemxJConFPm9Zc0XvFCrTRTdWoIiPeXUoqY8VZcvo1sso8nho507WpyZ8oEd9weIZYO9M1nrRjI7DhdBjN8soboYFYanom1Mf6bXd0oczJcvLLvasFnibqsPAJuSex683BQ2FMi9rfhZTdb9m1AHJPCavep21adsDs8GMvRmQp6pZtyCTq8lVTyl4+ZwaQX+geFvEBq+sa8lwgkaIkhKg5TRZopqAmwMOSLInAPEWHbBgbNyhRP9AKuGcXP3lDlfRGoD2zufyDCLM2N7lYXWRsOxIfdHOHPSx1oenBFPuNkxqIpX/Z2m21B9RrtuWFa,iv:RzqntbJb+bSZg53A3M1NKAqBE59imTFJzeXKr2G1p+Q=,tag:xfDyv+j78gsEVxQDTzYsTA==,type:str] - known-hosts: ENC[AES256_GCM,data:bD4kZ3KSegM2HD+pi0B4O1cA37As9D+AulqsFvDIEP9KN1oIP3ydO4L4ZbpP9e9ROrTxKcYswULITCPcI4kSRrZenfvQsK8t/TvItlU7cYTiXY4HWWejJRtuI+OesAc4azyJJav6SUzCI75aB2MKXSTystVr2lJXkRkSQMfnl5p9p1ckDCLpQU5gmKag7FTXRS7AKhSisU+CFKEHiEyrHgqQa68Ngt2lY51Llf7XILlgbKC35QxVHegx6cXJ8lI5fFXEyTM2Vb3wP6/Ch4uVtIAS10a2G8wnvp7VxE5Re1QXOapoAE2FS11ZKGFP5HJl36sNhgbECTRkBkYijmJQrplc+Asal6t/BJDTwoFLjw1Zw3981qBkIstu1FPrqIJat/WIZ1gzdJB257aDLWR+LI4eSXjdVaThyzHA3vZ98Jj/Ny4ivh+OQ84szg+RJ1Qa2uiG151NVQsBeX3ZHFsqi8pfJg/Hb/r02sUe5Jl7cqrdDrJ0c7mqf7ZfEYFd3GoZsGG8oCpyIQ==,iv:0nflX4QAV3VQ0pab/qAHV2FnePwKxxcoEDgfOMko9TQ=,tag:3ATzMI7n37xUT+64NhNr1g==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:/nF25GUYZXUZQA==,iv:UyXZhjpEA5Wg1dSWH8pHOlVDjuoo1pevKyISgKKAVLI=,tag:gn53GFYHA6fmaaLrHuA+1w==,type:str] - credentials: ENC[AES256_GCM,data:aeiT6NgUgS685DslXeTF83n8yfYJ5Zt/LZrFhM9fhb+JNP7KIn+G8xz5Dq6fvfgr,iv:13ANY3xedLn5+Gh+h+Q5VpVFrXx4mgJ/MrO1jizTwFw=,tag:DTa9v+NJL9whFwjn2yVFXQ==,type:str] - ispirit-ecurfew: - karix-auth-token: ENC[AES256_GCM,data:FP+oZhm3NOnlEYyZZ7+E5YOG7VKtiqLJ,iv:YX0HH/rzkH3beNffE0V+YBEFUVnsZO8YBFtTDuczowQ=,tag:d6f9zVtTX0ynOVkEw2MtPQ==,type:str] - db-username: ENC[AES256_GCM,data:u/9a/9a3yEPQv8e7Je5LlHiCV++qmhliudok6Cwi0knpFCL1job3HnJPSPfj9mRZvQ==,iv:2Z/5bseffw547SLG/wjY1hBQcZubw6QNwNx83O7QFeE=,tag:A7gniCo7hNZ/kj0XcX8Yfw==,type:str] - db-password: ENC[AES256_GCM,data:UXf4/8Ui1pHyKz0Lsb48PA==,iv:S7jcdsQd/UhHqe2MLbbAms/8okAOSbaDfx4ZHcOm6HE=,tag:L/JqyX1UPsqFI1TqXzXpsw==,type:str] - s3-accesskey: ENC[AES256_GCM,data:NHbAH71LsfyUSX6zXFOFRTe+tuw=,iv:TOM6ROWqkzSs6TdvLmlKvFJZedoI/x/kocry2cAt6yE=,tag:YtnezjD7GaGILOE5T0CSSA==,type:str] - s3-secretaccesskey: ENC[AES256_GCM,data:SMlGZ8cvhujHLJY/nXzorLoWmJYSSkpqS4CQvQVX4agS3TweqTrwww==,iv:0yPU1AKAFJV1tikKnoadgsGCuUvwTC/V6W94fySt8Tc=,tag:WSzFyNLt2ZC940dTn7xAgg==,type:str] - twilio-account-sid: ENC[AES256_GCM,data:gv1yyEJxYE5WFk6IdDpfb/kPxFqpGN0K2JOn7QvBWMs5xA==,iv:DnKtvXce+EE3TGdOh3wW9jKQ02adC0T8JRAV6lNZ2KE=,tag:/glF6HkS9EaYNEK12CYkPA==,type:str] - twilio-auth-token: ENC[AES256_GCM,data:TkDUhT/4dzOgyFmlTF4DJshR9AFe48XFCp/WSs05of4=,iv:vs4n6fUaEmP9wwUbIFbOOs0MxXh2xHqiugjKd0eUsSo=,tag:E3SRZbULDYeE9xBrzXrHnw==,type:str] - twilio-phone: ENC[AES256_GCM,data:LHy6qGocuWyJl1Hp,iv:Aa+VeOhv1GEispCD5Q7lvhjJj7AVvtoIPWoFHFKqByY=,tag:eeE4wHmaFLorDDTym1EJCg==,type:str] - sendgrid-api-key: ENC[AES256_GCM,data:He/kqhQI14goYL8LdDNJTG1ckeX5x5ve+jZU03Twj1bZflChzmJKdZigCXukdMA7vYDjjWyiAeMTiNWtKzX5weI9I22E,iv:N91xG3eKS6BFDpzPReWPkx0ZLTol/6dK33RiEWpeEfc=,tag:Ylut55+Zq81dwjs1cqBp6w==,type:str] - secret: ENC[AES256_GCM,data:0AlGlnCznlxQR8pE/M4it2ywRW13PfYxDugwqftxo+7VC8hStXO5FPk//ErNgsSCu8NT3w36x3uv/bT2KnIbpg==,iv:XpUtR7o6zUPd6mLnDFiCjk9O/XOemndO8TjcaelI0Es=,tag:79PQZLH9P8dNDRCvHCU93g==,type:str] - auth-token: ENC[AES256_GCM,data:Xj/muZyiK/NrdNDBeKfB4ZeX2dI7sIec1dGTHhu6YxGN7Qrk,iv:OFsxpAo5xP0rt+B8d7Fl1PZ9oO5Bg2e13LNeegaYqf8=,tag:+b46PZsSLV51ECsmle0tSg==,type:str] - jwt-secret: ENC[AES256_GCM,data:VRC1OedOg9hn+5zByjRDaQebiXz2slfopejjcF7U22MqQS22e6QsX9AP4oOlwnBy8lQL,iv:IRgBB9RxVsf26NoGaW6v83Ft0LKrBu1NHr2dXzXDM5o=,tag:kD+G6ulzBGqYpNNpRA8Vdw==,type:str] - public-key: ENC[AES256_GCM,data:NaDYzcbm1YRfYWg9CbylQXPiZv2vBpUZTrz5dxQfpMEkrY5VSAW3ldcROMuY348jYoWcx7IXLWDNfV0J0wE7PHgczxC/+r+D/o2Dhvk0wgorDVWqwJCggugXss8tyOJp9Q6HtjwK3uvKC5jYaq7r3q4e54rchF7mvNTz55djR8SovMG7k6GGTg76m9lPayHRpLiIT7E/9QVS5wDzqEelVrGMjqqLuznX6iKfo2rA3lceGZJONDEn9QAQr6D61SzAftjwOXynzMfnKHT2HvGvjmISA68luP5An3PULu8eb8xfbiZ6kkQXrxsG2jJgza0yaCx+apeUvX6ga/neY5jEhYTNvhefNd39l9aXynBfJrJnAqu0mRa52+r90eduAKGvjNIsLa10V7DhTp2WCXn5fDu4qUjzE2BSMnuo+Uz9mEEi1tRIXSOUJi+UWHGJsKvwKxmypEs1EXOMjI7QGbXdTgoTdajR4PDoRngYgZR66VehirNI/83XFtsrGMiPkg4GAjN9t38KNJzBncI2g5vtpn1yP9GI8ZeYqIhqbxR/sZbdwV/kz8cd7klcHd/YYd6gqZqE2QsbKWjTt3nedri0iA/MC7vKMr2kcflEeZ9yfPo02DrupPvatgtq/dL7b9h8IpBl7hG8Fxhr4GD8xDh13QbdC94D2e7GrDaO2R8QByPVwULTlH9zOCzxacWVA6bJmxBmB/gFlCggHPLNeqxOAwYzeA24EzjHbjjqwBE+Xvi1BOz2FdqLTe/+jq41XfSx8c8tlrPlgfTSNbRpSftBsyUJQq6GXHXI5WIbT0QYLeXggoURosxASLLboLfzpl7AmUisDAxS7QJJnHrZylmO2RuZlUt4LSOUeosodlkJr+3Fx6Ch8YBnW6bjE1soIxAMMcAInHP/tyLwMaCQH0+wW4VG9ZMgOsn+PtPquhqnGRPjJxcvCXjDTkwo01WTsTAyXLGsXmkztox/v0GxHGr4486eaDGlhV/gyW60lJcCVpydi7DJavs0NQgL3O+SPa2zL0qNXRQlM5xwBbKDCY7ef1NQwFcJVXaxM9cVul/EcQMam5bjzH3HT4pGvJXi2XxHzHJfGgO5pHmalIKTDzRTz/DIvXmLQTzbmtK03oIkbR76mDr0dOHhm9JoyXRvaK5nyhWrqMMmj+Hm94CVWQFgfwiiDuU/fvz59fXZraDkaR77vakuOZzV5N185R2JdofoKaLkjnF6136xdWywClvimYCWn4I2ZvLDwpcSK9cT8ZfyfPJsjgKpTgzf31tma/KhLv62z/i+pMB2vZXs9VzeBj8nLYwlIF87W76zUm28eA8W6i5ad6L1VOGnlsMHgAi55JzgkxwhYj2wop5ZO0rSsL/786I9YSddrIqLERHlY9YaPCdWaC4IA2ch6bjmsjr8y3XtW+gWJCUSUhSLQImT8doKSHdTTziby0l0lEz3C6aD1z+P1IKc8Ef+M2VCLg9UPGWs4OeHQqgmW4yuMxySjT33LvGdQ8mKxbq07fgFcsOkDB4bAilhk2ZlRICPAwUyK5PNiijdqX91Vd7c3SW5j5ZcbO4IFVtaElTPCxZlh8Bbl3R0MvEKZ1dl,iv:M9V28TbZaLGFHa1rpgD84sUMrKcp1w9BrIbu47/vGHM=,tag:HKIEryHi77RWLCRPft4bsA==,type:str] - private-key: ENC[AES256_GCM,data:n9uEARVPj/4+ad/rjxEFSEWHPP11dj9WDyeJeY4kA9CTylPNNwiVCuXGjCTFdnvEGmLeSAtJjzxj1MmsWTnHW/dnUW8SXlnp1rUVJJ9SMjTMpTZweiZW73ZSrc7srGtBxTzgNJnsPUQbxYS2wn3zECKA7aRFRPPN19vMQincZCOLq8LDw+TKFMqqmeVGE8Wfaz8c3/UsyEcIA0mpSsCBwFjSynLKshrTFsD9v350YLV/GPkq6wcV4PIL28z87h7RJFz0bMnyfxu+qf7hqRPnYzunwTinQ10w7A2g4tJ1C/JQHCdQMG4oOwrJjscRGRkW9DosXn0E724zdhee3RkxJhvt8gY5B+utsR9Ti/p/+wHOu9wnw1ScGsVULMeZT8hIwBY5wcLqDsgskNn3lL5zOhuuEKXxgSvwxgbNp7DslM8gmJQ52kmykWpQ8ChEfF6yPQNbg9Boc2GvvCKwYEJmtwcB7d07iVnBufFCSUm2WKUiEegonHLjKGxeJO44FeavskOCF6rPxhYZ3z/5Z44vKbaXItNpYglRaBfK0Dk0vJeupdkZ8kcTCB1YaGdUhi2514kF/VZlz6COlvy3VZtzEvHdqXTjkg3lya/AbEMaRqlzRe9lJg4WXR/u2WKxQLioBbpJKQvzHbzCGO8qdzc5hG/w6TFfTuemIbpiynm33YKyD+FjkKZxT8JTYY2zb7bhVC/8DOMdAZnHZ+E3bgPhm15z2QIauV91JDSeW8usEgyuOyQvDpHxRs5J7JsHg3loKKKp1WhJFuHaQ4X6X1vbYj4VZWwdprSQMeal9AWjbQBzsohlvYwfYpT1khyUkhkukH/hHDpiC/Qyw94f+rrGM2VMPdJdDIdHf/cDjLNYgbFxSIJVlrBEoKByGranQrP3+3icyaMpJghTJ/KIF46vGwREnMiRfZoYHJfZgxkBt8cXF2B78iSdKNGeYagFlyeFFRldt2hxdWPQwCuWOCgEfomekNsjCoc84zHzAKtZiP7MdWH6UuBlibKNjwA8ou4xbnWE9Jx3KpUYLqtLf4j5djwIa6hayIDWVSjWp9vZpU7B46tIQ7v8TfcRZOXdVYNsjoa3VG0z52EM3ypbE6qTF3L+m/n7M68vzPxC5U0BAxnbaGhT6/YB5ZU0I+Rn4RLi7VVny79O8IbT2QAJylJD04Pqmgv6Az3niqZ+,iv:zyvzRphBZ6bQSHSXx8nPA5lVQrGlXQy7lh52xiq8opY=,tag:8rfQoLr24e98+fc7ncsLLw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:880678429748:key/b792c6d0-9cc9-415b-bd7f-628f55f1bfdd - created_at: '2020-03-25T06:14:04Z' - enc: AQICAHgUs9A8TLHKRtAfsjeKI9XtaqZmxQdyfMJP0RLxw9s4hQFQrIu5VVu6xfb7FDNud5LbAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMgMC3B2N+bFI9H0ayAgEQgDsjGbkLvfY+hEzhm4gOE5RCV/cNuwsU9EMiqM5P7eB3bKEcpg2kF3hQMx6c52TJQhXUi9tOn+fiFsWcKg== - aws_profile: "" - gcp_kms: - - resource_id: projects/digit-egov/locations/asia-south1/keyRings/egov-sops/cryptoKeys/egov-sops-key - created_at: '2020-03-25T06:14:04Z' - enc: CiQA7dyWCt/ikCKkRctuCRI9R1V7Y5b8h2clAZSkgfwqRtfwSqwSSQD+2/5WZSJ6TAEWcUiECp1gGaGfr84iyVHzncUR7UgOJygjYyTHxNTjqVVFrR8+rk5nwEr29bsFYhKBw8WcJOiQfI60sP2Wscs= - azure_kv: [] - lastmodified: '2020-04-18T05:28:40Z' - mac: ENC[AES256_GCM,data:vXzkOHEaAosh+jnIiM+fpeOTqD3C1DPdqblQPrvklTibWjVhNdlWn5ij8GC3zQbniMQaygIfJ8VWnUZboEPHggCp4A9UHjWHMY8wWJdBs4A+13qpfYjltUI0qlo5LCu7kzimwf+3eRO9HUIoAAZg9uf4j8XDqfPGAiUtSk5Tzj0=,iv:PcMtiqYs0luKX92qfBkqfeiPzvDLN2i2gKvUoRGlEZo=,tag:J80MCUqQiOd3LXbr7TXs0w==,type:str] - pgp: - - created_at: '2020-03-25T06:14:04Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQgAlJCguMS9sddFcWmK6SRiQsS7woCZkrtYrqgpzcicA/Ib - za9lbrLta+DHbfNC+fKMXNA/T+GkKreJolDtfyXREJrNDAzqUcbCpvb6/kXPaeoF - 1cBHo31eAHxQQge0VEdGxpcIs7L6WZ8nPlwMOGz5Qhv4Iz+IHBzU5ulAiqeZZFeA - 3YcPl509kDOolPQgoRIsZZt/9SSzmb13/6FLRtWbiGAM+I4Eb0f59LStpXdQ2BeG - TiWl9RdCLrxBK/JhebauPhe6kgeaSer94Ik+/PmD94qhBYH87h9k4+hR5u7UQKcG - kKLpCuG93onzWXHYTt37HFn75a/kcLTK9eoTjEoyStJeAc/JJtaYhLYrXKBHLYml - i+l3XQsfISxJLomjS7GbIs45xARBMNeybfPjUxvO31GRTdaQIyUEJ7COD9TK+eGG - 17hDQlPFVQw4dSKPVFHt4WChR9KOlNf/esUiXGXxpA== - =uuWf - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - encrypted_regex: ^(secrets)$ - version: 3.5.0 + ssh: ssh-key + known-hosts: known-hosts \ No newline at end of file From 4ce5d279350d1c0d32b87d4dbf036bb933c639cb Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 22 Apr 2022 14:09:54 +0530 Subject: [PATCH 020/742] simplification of digit deployment process --- .../egov-demo-sample-secrets.yaml | 87 +++++++++++++++++-- .../helm/environments/egov-demo-sample.yaml | 12 +-- .../helm/environments/egov-demo-secrets.yaml | 87 +++++++++++++++++-- 3 files changed, 164 insertions(+), 22 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml index cf4b7624e7..40ed9b21c0 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -1,10 +1,81 @@ cluster-configs: secrets: - db: - username: test - password: test - flywayUsername: test - flywayPassword: test - git-sync: - ssh: ssh-key - known-hosts: known-hosts \ No newline at end of file + db: // Create postgres db user and mention the details + username: demo + password: demo + flywayUsername: demo + flywayPassword: demo + egov-notification-sms: // To work sms notification service add the sms provider details + username: demo + password: demo + egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. + aws-key: aswedfghew + aws-secret-key: xdefghgdxc + egov-location: // To work Location service add your gmap key + gmapskey: AIzaSyAQOd09-sdfegv + egov-pg-service: // To work pg service add your respective bank details + axis-merchant-id: demo + axis-merchant-secret-key: demo + axis-merchant-user: demo + axis-merchant-pwd: demo + axis-merchant-access-code: demo + payu-merchant-key: demo + payu-merchant-salt: demo + pgadmin: // To work pgadmin service add details + admin-email: demo@demo.com + admin-password: demo + read-email: demo@demo.com + read-password: demo + egov-enc-service: // To work egov-enc service add the details + master-password: demo + master-salt: q7.fr.cr + master-initialvector: 9J&asfgrU-H2 + egov-notification-mail: // To work mail notification service add respective mail details + mailsenderusername: demo@demo + mailsenderpassword: demo + git-sync: // To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. + ssh: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t + B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O + wvGNiLrSkqeKTbAflj/j1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG + Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A + Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ + dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 + z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn + woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA + AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP + 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK + U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb + xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc + kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa + RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA + 1RJ4Lxm9sGFuM1T + -----END RSA PRIVATE KEY----- + known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + kibana: // Add Kibana details + namespace: es-cluster + credentials: demo + egov-si-microservice: // Add finance service details + si-microservice-user: demo + si-microservice-password: demo + mail-sender-password: demo + egov-edcr-notification: // Add edcr service details + edcr-mail-username: demo@demo.com + edcr-mail-password: demo + edcr-sms-username: demo + edcr-sms-password: demo + egov-edcr-bank-gateway: // Add edcr bank gateway details + edcr-pnb-mid: demo + edcr-pnb-encryption-key: 12345678 + edcr-hdfc-key: qwer + edcr-hdfc-salt: sdfgt + chatbot: // Add chatbot details + valuefirst-username: demo + valuefirst-password: demo + egov-user-chatbot: // Add user chatbot details + citizen-login-password-otp-fixed-value: "546941" + oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details + clientID: qwgethjymnbv + clientSecret: 3a08079easd9d8055470475696fd3baad5292 + cookieSecret: QVbnq0L8npoyfxZs96wtBg== \ No newline at end of file diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index a3d76b0fc9..15386406e4 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -164,20 +164,20 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" + branch: "master" ### Branch need to be changed as per your env egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" + branch: "master" ### Branch need to be changed as per your env egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" + repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo + branch: "master" ### Branch need to be changed as per your env egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" @@ -281,8 +281,8 @@ report: pdf-service: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "new-pdf-changes" + repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo + branch: "new-pdf-changes" ### Branch need to be changed as per your env data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" diff --git a/deploy-as-code/helm/environments/egov-demo-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-secrets.yaml index cf4b7624e7..bfe93a79d2 100644 --- a/deploy-as-code/helm/environments/egov-demo-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-secrets.yaml @@ -1,10 +1,81 @@ cluster-configs: secrets: - db: - username: test - password: test - flywayUsername: test - flywayPassword: test - git-sync: - ssh: ssh-key - known-hosts: known-hosts \ No newline at end of file + db: // Create postgres db user and mention the details + username: demo + password: demo + flywayUsername: demo + flywayPassword: demo + egov-notification-sms: // To work sms notification service add the sms provider details + username: demo + password: demo + egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. + aws-key: aswedfghew + aws-secret-key: xdefghgdxc + egov-location: // To work Location service add your gmap key + gmapskey: AIzaSyAQOd09-sdfegv + egov-pg-service: // To work pg service add your respective bank details + axis-merchant-id: demo + axis-merchant-secret-key: demo + axis-merchant-user: demo + axis-merchant-pwd: demo + axis-merchant-access-code: demo + payu-merchant-key: demo + payu-merchant-salt: demo + pgadmin: // To work pgadmin service add details + admin-email: demo@demo.com + admin-password: demo + read-email: demo@demo.com + read-password: demo + egov-enc-service: // To work egov-enc service add the details + master-password: demo + master-salt: q7.fr.cr + master-initialvector: 9J&asfgrU-H2 + egov-notification-mail: // To work mail notification service add respective mail details + mailsenderusername: demo@demo + mailsenderpassword: demo + git-sync: // To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. + ssh: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t + B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O + wvGNiLrSkqeKTbAflj/j1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG + Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A + Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ + dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 + z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn + woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA + AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP + 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK + U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb + xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc + kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa + RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA + 1RJ4Lxm9sGFuM1T + -----END RSA PRIVATE KEY----- + known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== + kibana: // Add Kibana details + namespace: es-cluster + credentials: demo + egov-si-microservice: // Add finance service details + si-microservice-user: demo + si-microservice-password: demo + mail-sender-password: demo + egov-edcr-notification: // Add edcr service details + edcr-mail-username: demo@demo.com + edcr-mail-password: demo + edcr-sms-username: demo + edcr-sms-password: demo + egov-edcr-bank-gateway: // Add edcr bank gateway details + edcr-pnb-mid: demo + edcr-pnb-encryption-key: 12345678 + edcr-hdfc-key: qwer + edcr-hdfc-salt: sdfgt + chatbot: // Add chatbot details + valuefirst-username: demo + valuefirst-password: demo + egov-user-chatbot: // Add user chatbot details + citizen-login-password-otp-fixed-value: "546941" + oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details + clientID: qwgethjymnbv + clientSecret: 3a08079easd9d8055470475696fd3baad5292 + cookieSecret: QVbnq0L8npoyfxZs96wtBg== \ No newline at end of file From e712eb9ad7d65951a2c5b95256dd8a8a8b59ff21 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 22 Apr 2022 14:13:03 +0530 Subject: [PATCH 021/742] simplification of digit deployment process --- .../egov-demo-sample-secrets.yaml | 32 +++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml index 40ed9b21c0..1df2735196 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -1,19 +1,19 @@ cluster-configs: secrets: - db: // Create postgres db user and mention the details + db: ## Create postgres db user and mention the details username: demo password: demo flywayUsername: demo flywayPassword: demo - egov-notification-sms: // To work sms notification service add the sms provider details + egov-notification-sms: ## To work sms notification service add the sms provider details username: demo password: demo - egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. + egov-filestore: ## To work Filestore service add the IAM user details which has access on the filestore s3 bucket. aws-key: aswedfghew aws-secret-key: xdefghgdxc - egov-location: // To work Location service add your gmap key + egov-location: ## To work Location service add your gmap key gmapskey: AIzaSyAQOd09-sdfegv - egov-pg-service: // To work pg service add your respective bank details + egov-pg-service: ## To work pg service add your respective bank details axis-merchant-id: demo axis-merchant-secret-key: demo axis-merchant-user: demo @@ -21,19 +21,19 @@ cluster-configs: axis-merchant-access-code: demo payu-merchant-key: demo payu-merchant-salt: demo - pgadmin: // To work pgadmin service add details + pgadmin: ## To work pgadmin service add details admin-email: demo@demo.com admin-password: demo read-email: demo@demo.com read-password: demo - egov-enc-service: // To work egov-enc service add the details + egov-enc-service: ## To work egov-enc service add the details master-password: demo master-salt: q7.fr.cr master-initialvector: 9J&asfgrU-H2 - egov-notification-mail: // To work mail notification service add respective mail details + egov-notification-mail: ## To work mail notification service add respective mail details mailsenderusername: demo@demo mailsenderpassword: demo - git-sync: // To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. + git-sync: ## To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. ssh: | -----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t @@ -53,29 +53,29 @@ cluster-configs: 1RJ4Lxm9sGFuM1T -----END RSA PRIVATE KEY----- known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - kibana: // Add Kibana details + kibana: ## Add Kibana details namespace: es-cluster credentials: demo - egov-si-microservice: // Add finance service details + egov-si-microservice: ## Add finance service details si-microservice-user: demo si-microservice-password: demo mail-sender-password: demo - egov-edcr-notification: // Add edcr service details + egov-edcr-notification: ## Add edcr service details edcr-mail-username: demo@demo.com edcr-mail-password: demo edcr-sms-username: demo edcr-sms-password: demo - egov-edcr-bank-gateway: // Add edcr bank gateway details + egov-edcr-bank-gateway: ## Add edcr bank gateway details edcr-pnb-mid: demo edcr-pnb-encryption-key: 12345678 edcr-hdfc-key: qwer edcr-hdfc-salt: sdfgt - chatbot: // Add chatbot details + chatbot: ## Add chatbot details valuefirst-username: demo valuefirst-password: demo - egov-user-chatbot: // Add user chatbot details + egov-user-chatbot: ## Add user chatbot details citizen-login-password-otp-fixed-value: "546941" - oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details + oauth2-proxy: ## To work oauth2-proxy service, create and add your github OAuth Apps details clientID: qwgethjymnbv clientSecret: 3a08079easd9d8055470475696fd3baad5292 cookieSecret: QVbnq0L8npoyfxZs96wtBg== \ No newline at end of file From f38817469b8c7ddfa52bea5beb4ecf0af9292a06 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 22 Apr 2022 14:40:33 +0530 Subject: [PATCH 022/742] simplification of digit deployment process --- deploy-as-code/helm/environments/egov-demo-sample.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index 15386406e4..5b0e491a33 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -142,7 +142,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ### Change this to Your MDMS Repo - branch: "CURFEW_E_PASS_DEMO" ### Branch need to be changed as per your env + branch: "DEV" ### Branch need to be changed as per your env mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring From e98580c93b4f94c6bc2d753fbfe8f2ef906312c6 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 22 Apr 2022 23:24:44 +0530 Subject: [PATCH 023/742] Update egov-demo-sample.yaml --- deploy-as-code/helm/environments/egov-demo-sample.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index 5b0e491a33..f39016f3a2 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -20,8 +20,8 @@ cluster-configs: s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name ## Do not Change - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 @@ -63,7 +63,7 @@ cluster-configs: egov-data-uploader: http://egov-data-uploader.egov:8080/ egov-indexer: http://egov-indexer.egov:8080/ egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 + es-client: http://elasticsearch-data-v1.es-cluster:9200 location: http://location.egov:8080/ property-services: http://property-services.egov:8080/ pt-calculator-v2: http://pt-calculator-v2.egov:8080/ From ec51076631ab1c71cd5ead318f4a0f214a637fd7 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 22 Apr 2022 23:25:59 +0530 Subject: [PATCH 024/742] Update egov-demo.yaml --- deploy-as-code/helm/environments/egov-demo.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo.yaml b/deploy-as-code/helm/environments/egov-demo.yaml index 8cc2f83b1f..3ca41bd463 100644 --- a/deploy-as-code/helm/environments/egov-demo.yaml +++ b/deploy-as-code/helm/environments/egov-demo.yaml @@ -18,8 +18,8 @@ cluster-configs: domain: "egov-demo.egovernments.org" egov-services-fqdn-name: "https://egov-demo.egovernments.org/" egov-state-level-tenant-id: "in" - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 @@ -62,7 +62,7 @@ cluster-configs: egov-data-uploader: http://egov-data-uploader.egov:8080/ egov-indexer: http://egov-indexer.egov:8080/ egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 + es-client: http://elasticsearch-data-v1.es-cluster:9200 location: http://location.egov:8080/ property-services: http://property-services.egov:8080/ pt-calculator-v2: http://pt-calculator-v2.egov:8080/ From ba2bfae43b09136bcaee41b4fcf1831ae642a30b Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Sat, 23 Apr 2022 18:36:05 +0530 Subject: [PATCH 025/742] Update dependancy_chart-digit-v2.4.yaml --- .../digit-release-versions/dependancy_chart-digit-v2.4.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml index 92b83b4223..96634d6560 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml @@ -46,6 +46,7 @@ modules: - name: business dependencies: - "core" + - "frontend" services: - egovio/collection-services:v1.1.4-c3cba4b-15 - egovio/billing-service:v1.3.2-7dfa157-22 @@ -141,4 +142,4 @@ modules: - egovio/fsm:v1.0.1-28439fcd-10 - egovio/inbox:fsm-395-913aa399-1 - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file + - egovio/vendor:fsm-services-dev-581ee46a-2 From 248e855a2cb82074b495b873e53ecaa60f7dcf25 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Sat, 23 Apr 2022 18:37:45 +0530 Subject: [PATCH 026/742] Update dependancy_chart-digit-v2.5.yaml --- .../helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml index 2fb1ad1d79..d246ed6e22 100644 --- a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml +++ b/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml @@ -48,6 +48,7 @@ modules: - name: business dependencies: - "core" + - "frontend" services: - egovio/collection-services:v1.1.5-33d01f1-38 - egovio/billing-service:v1.3.3-581d2eb-54 From 8919bfe6ae583101b6a2577979efad36bf4392a3 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Mon, 25 Apr 2022 22:35:23 +0530 Subject: [PATCH 027/742] Upgrade the cert-manager version --- .../cert-manager/crds/cert-manager-crds.yaml | 5200 +++++++++++++++-- .../cert-manager/templates/clusterissuer.yaml | 24 +- .../cert-manager/templates/clusterrole.yaml | 123 +- .../templates/clusterrolebinding.yaml | 23 +- .../cert-manager/templates/deployment.yaml | 78 +- .../cert-manager/templates/role.yaml | 34 + .../cert-manager/templates/rolebinding.yaml | 41 + .../cert-manager/templates/service.yaml | 18 + .../templates/serviceaccount.yaml | 19 +- .../cert-manager/values.yaml | 14 +- .../templates/ingress/root-ingress.yaml | 3 +- .../helm/environments/egov-demo-sample.yaml | 4 +- 12 files changed, 4963 insertions(+), 618 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml index 89a5154ddb..d4344da386 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml @@ -1,18 +1,12 @@ apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: certificates.certmanager.k8s.io + name: certificaterequests.cert-manager.io spec: additionalPrinterColumns: - JSONPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string - - JSONPath: .spec.secretName - name: Secret - type: string - JSONPath: .spec.issuerRef.name name: Issuer priority: 1 @@ -28,89 +22,66 @@ spec: in RFC3339 form and is in UTC. name: Age type: date - group: certmanager.k8s.io + group: cert-manager.io + preserveUnknownFields: false names: - kind: Certificate - plural: certificates + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests shortNames: - - cert - - certs + - cr + - crs + singular: certificaterequest scope: Namespaced + subresources: + status: {} validation: openAPIV3Schema: + description: CertificateRequest is a type to represent a Certificate Signing + Request + type: object properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: CertificateRequestSpec defines the desired state of CertificateRequest + type: object + required: + - csr + - issuerRef properties: - acme: - description: ACME contains configuration specific to ACME Certificates. - Notably, this contains details on how the domain names listed on this - Certificate resource should be 'solved', i.e. mapping HTTP01 and DNS01 - providers to DNS names. - properties: - config: - items: - properties: - domains: - description: Domains is the list of domains that this SolverConfig - applies to. - items: - type: string - type: array - required: - - domains - type: object - type: array - required: - - config - type: object - commonName: - description: CommonName is a common name to be used on the Certificate. - If no CommonName is given, then the first entry in DNSNames is used - as the CommonName. The CommonName should have a length of 64 characters - or fewer to avoid generating invalid CSRs; in order to have longer - domain names, set the CommonName (or first DNSNames entry) to have - 64 characters or fewer, and then add the longer domain name to DNSNames. + csr: + description: Byte slice containing the PEM encoded CertificateSigningRequest type: string - dnsNames: - description: DNSNames is a list of subject alt names to be used on the - Certificate. If no CommonName is given, then the first entry in DNSNames - is used as the CommonName and must have a length of 64 characters - or fewer. - items: - type: string - type: array + format: byte duration: - description: Certificate default Duration + description: Requested certificate default Duration type: string - ipAddresses: - description: IPAddresses is a list of IP addresses to be used on the - Certificate - items: - type: string - type: array isCA: - description: IsCA will mark this Certificate as valid for signing. This - implies that the 'signing' usage is set + description: IsCA will mark the resulting certificate as valid for signing. + This implies that the 'cert sign' usage is set type: boolean issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. - If the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the Certificate will - be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer + description: IssuerRef is a reference to the issuer for this CertificateRequest. If + the 'kind' field is not set, or set to 'Issuer', an Issuer resource + with the given name in the same namespace as the CertificateRequest + will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer with the provided name will be used. The 'name' field in this stanza - is required at all times. + is required at all times. The group field refers to the API group + of the issuer which defaults to 'cert-manager.io' if empty. + type: object + required: + - name properties: group: type: string @@ -118,60 +89,76 @@ spec: type: string name: type: string - required: - - name - type: object - keyAlgorithm: - description: KeyAlgorithm is the private key algorithm of the corresponding - private key for this certificate. If provided, allowed values are - either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is - not provided, key size of 256 will be used for "ecdsa" key algorithm - and key size of 2048 will be used for "rsa" key algorithm. - enum: - - rsa - - ecdsa - type: string - keyEncoding: - description: KeyEncoding is the private key cryptography standards (PKCS) - for this certificate's private key to be encoded in. If provided, - allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, - respectively. If KeyEncoding is not specified, then PKCS#1 will be - used by default. - type: string - keySize: - description: KeySize is the key bit size of the corresponding private - key for this certificate. If provided, value must be between 2048 - and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", - and value must be one of (256, 384, 521) when KeyAlgorithm is set - to "ecdsa". - format: int64 - type: integer - organization: - description: Organization is the organization to be used on the Certificate + usages: + description: Usages is the set of x509 actions that are enabled for + a given key. Defaults are ('digital signature', 'key encipherment') + if empty + type: array items: + description: 'KeyUsage specifies valid usage contexts for keys. See: + https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 + Valid KeyUsage values are as follows: "signing", "digital signature", + "content commitment", "key encipherment", "key agreement", "data + encipherment", "cert sign", "crl sign", "encipher only", "decipher + only", "any", "server auth", "client auth", "code signing", "email + protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec + user", "timestamping", "ocsp signing", "microsoft sgc", "netscape + sgc"' type: string - type: array - renewBefore: - description: Certificate renew before expiration duration - type: string - secretName: - description: SecretName is the name of the secret resource to store - this secret in - type: string - required: - - secretName - - issuerRef - type: object + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc status: + description: CertificateStatus defines the observed state of CertificateRequest + and resulting signed certificate. + type: object properties: + ca: + description: Byte slice containing the PEM encoded certificate authority + of the signed certificate. + type: string + format: byte + certificate: + description: Byte slice containing a PEM encoded signed certificate + resulting from the given certificate signing request. + type: string + format: byte conditions: + type: array items: + description: CertificateRequestCondition contains condition information + for a CertificateRequest. + type: object + required: + - status + - type properties: lastTransitionTime: description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - format: date-time type: string + format: date-time message: description: Message is a human readable description of the details of the last transition, complementing reason. @@ -183,48 +170,37 @@ spec: status: description: Status of the condition, one of ('True', 'False', 'Unknown'). + type: string enum: - "True" - "False" - Unknown - type: string type: - description: Type of the condition, currently ('Ready'). + description: Type of the condition, currently ('Ready', 'InvalidRequest'). type: string - required: - - type - - status - type: object - type: array - lastFailureTime: - format: date-time + failureTime: + description: FailureTime stores the time that this CertificateRequest + failed. This is used to influence garbage collection and back-off. type: string - notAfter: - description: The expiration time of the certificate stored in the secret - named by this resource in spec.secretName. format: date-time - type: string - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: certificaterequests.certmanager.k8s.io + name: certificates.cert-manager.io spec: additionalPrinterColumns: - JSONPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string + - JSONPath: .spec.secretName + name: Secret + type: string - JSONPath: .spec.issuerRef.name name: Issuer priority: 1 @@ -240,50 +216,79 @@ spec: in RFC3339 form and is in UTC. name: Age type: date - group: certmanager.k8s.io + group: cert-manager.io + preserveUnknownFields: false names: - kind: CertificateRequest - plural: certificaterequests + kind: Certificate + listKind: CertificateList + plural: certificates shortNames: - - cr - - crs + - cert + - certs + singular: certificate scope: Namespaced + subresources: + status: {} validation: openAPIV3Schema: + description: Certificate is a type to represent a Certificate from ACME + type: object properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: CertificateSpec defines the desired state of Certificate. A + valid Certificate requires at least one of a CommonName, DNSName, or URISAN + to be valid. + type: object + required: + - issuerRef + - secretName properties: - csr: - description: Byte slice containing the PEM encoded CertificateSigningRequest - format: byte + commonName: + description: CommonName is a common name to be used on the Certificate. + The CommonName should have a length of 64 characters or fewer to avoid + generating invalid CSRs. type: string + dnsNames: + description: DNSNames is a list of subject alt names to be used on the + Certificate. + type: array + items: + type: string duration: - description: Requested certificate default Duration + description: Certificate default Duration type: string + ipAddresses: + description: IPAddresses is a list of IP addresses to be used on the + Certificate + type: array + items: + type: string isCA: - description: IsCA will mark the resulting certificate as valid for signing. - This implies that the 'signing' usage is set + description: IsCA will mark this Certificate as valid for signing. This + implies that the 'cert sign' usage is set type: boolean issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If - the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the CertificateRequest - will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer + description: IssuerRef is a reference to the issuer for this certificate. + If the 'kind' field is not set, or set to 'Issuer', an Issuer resource + with the given name in the same namespace as the Certificate will + be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer with the provided name will be used. The 'name' field in this stanza - is required at all times. The group field refers to the API group - of the issuer which defaults to 'certmanager.k8s.io' if empty. + is required at all times. + type: object + required: + - name properties: group: type: string @@ -291,32 +296,147 @@ spec: type: string name: type: string - required: - - name + keyAlgorithm: + description: KeyAlgorithm is the private key algorithm of the corresponding + private key for this certificate. If provided, allowed values are + either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is + not provided, key size of 256 will be used for "ecdsa" key algorithm + and key size of 2048 will be used for "rsa" key algorithm. + type: string + enum: + - rsa + - ecdsa + keyEncoding: + description: KeyEncoding is the private key cryptography standards (PKCS) + for this certificate's private key to be encoded in. If provided, + allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, + respectively. If KeyEncoding is not specified, then PKCS#1 will be + used by default. + type: string + enum: + - pkcs1 + - pkcs8 + keySize: + description: KeySize is the key bit size of the corresponding private + key for this certificate. If provided, value must be between 2048 + and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", + and value must be one of (256, 384, 521) when KeyAlgorithm is set + to "ecdsa". + type: integer + organization: + description: Organization is the organization to be used on the Certificate + type: array + items: + type: string + renewBefore: + description: Certificate renew before expiration duration + type: string + secretName: + description: SecretName is the name of the secret resource to store + this secret in + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). type: object - required: - - issuerRef - type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uriSANs: + description: URISANs is a list of URI Subject Alternative Names to be + set on this Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 actions that are enabled for + a given key. Defaults are ('digital signature', 'key encipherment') + if empty + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: + https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 + Valid KeyUsage values are as follows: "signing", "digital signature", + "content commitment", "key encipherment", "key agreement", "data + encipherment", "cert sign", "crl sign", "encipher only", "decipher + only", "any", "server auth", "client auth", "code signing", "email + protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec + user", "timestamping", "ocsp signing", "microsoft sgc", "netscape + sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc status: + description: CertificateStatus defines the observed state of Certificate + type: object properties: - ca: - description: Byte slice containing the PEM encoded certificate authority - of the signed certificate. - format: byte - type: string - certificate: - description: Byte slice containing a PEM encoded signed certificate - resulting from the given certificate signing request. - format: byte - type: string conditions: + type: array items: + description: CertificateCondition contains condition information for + an Certificate. + type: object + required: + - status + - type properties: lastTransitionTime: description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - format: date-time type: string + format: date-time message: description: Message is a human readable description of the details of the last transition, complementing reason. @@ -328,35 +448,32 @@ spec: status: description: Status of the condition, one of ('True', 'False', 'Unknown'). + type: string enum: - "True" - "False" - Unknown - type: string type: description: Type of the condition, currently ('Ready'). type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + lastFailureTime: + type: string + format: date-time + notAfter: + description: The expiration time of the certificate stored in the secret + named by this resource in spec.secretName. + type: string + format: date-time + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: challenges.certmanager.k8s.io + name: challenges.acme.cert-manager.io spec: additionalPrinterColumns: - JSONPath: .status.state @@ -376,38 +493,51 @@ spec: in RFC3339 form and is in UTC. name: Age type: date - group: certmanager.k8s.io + group: acme.cert-manager.io + preserveUnknownFields: false names: kind: Challenge + listKind: ChallengeList plural: challenges + singular: challenge scope: Namespaced + subresources: + status: {} validation: openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME + server + type: object + required: + - metadata properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + type: object + required: + - authzURL + - dnsName + - issuerRef + - key + - token + - type + - url properties: authzURL: description: AuthzURL is the URL to the ACME Authorization resource that this challenge is a part of. type: string - config: - description: 'Config specifies the solver configuration for this challenge. - Only **one** of ''config'' or ''solver'' may be specified, and if - both are specified then no action will be performed on the Challenge - resource. DEPRECATED: the ''solver'' field should be specified instead' - type: object dnsName: description: DNSName is the identifier that this challenge is for, e.g. example.com. @@ -418,6 +548,9 @@ spec: not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. + type: object + required: + - name properties: group: type: string @@ -425,21 +558,1223 @@ spec: type: string name: type: string - required: - - name - type: object key: description: Key is the ACME challenge key for this challenge type: string solver: description: Solver contains the domain solving configuration that should - be used to solve this challenge resource. Only **one** of 'config' - or 'solver' may be specified, and if both are specified then no action - will be performed on the Challenge resource. + be used to solve this challenge resource. + type: object properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure containing + the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure containing + the DNS configuration for Akamai DNS—Zone Record Management + API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a structure + containing the DNS configuration for DigitalOcean Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure containing + the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting RFC2136. + Required. Note: FQDN is not a valid value, only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting + RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` + are defined. Supported values are (case-insensitive): + ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or + ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If + ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG + value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure containing + the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared credentials + file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this + zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName + api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider + will assume using either the explicit credentials AccessKeyID/SecretAccessKey + or the inferred credentials from environment variables, + shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared credentials + file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies configuration + for a webhook DNS01 provider, including where to POST ChallengePayload + resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed + to the webhook apiserver when challenges are processed. + This can contain arbitrary JSON data. Secret values should + not be specified in this stanza. If secret values are + needed (e.g. credentials for a DNS service), you should + use a SecretKeySelector to reference a Secret resource. + For details on the schema of this field, consult the webhook + provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when + POSTing ChallengePayload resources to the webhook apiserver. + This should be the same as the GroupName specified in + the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in + the webhook provider implementation. This will typically + be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration detailing + how to solve HTTP01 challenges within a Kubernetes cluster. Typically + this is accomplished through creating 'routes' of some description + that configure ingress controllers to direct traffic to 'solver + pods', which are responsible for responding to the ACME server's + HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver will + solve challenges by creating or modifying Ingress resources + in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress + resources to solve ACME challenges that use this challenge + solver. Only one of 'class' or 'name' may be specified. + type: string + name: + description: The name of the ingress resource that should + have ACME challenge solving routes inserted into it in + order to solve HTTP01 challenges. This is typically used + in conjunction with ingress controllers like ingress-gce, + which maintains a 1:1 mapping between external IPs and + ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the + ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to + solve HTTP01 challenges. Only the 'labels' and 'annotations' + fields may be set. If labels or annotations overlap + with in-built values, the values here will override + the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to + the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the + created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 + challenge solver pod. Only the 'nodeSelector', 'affinity' + and 'tolerations' fields are supported currently. + All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with + the greatest sum of weights, i.e. for + each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a + sum by iterating through the elements + of this field and adding "weight" to the + sum if the node matches the corresponding + matchExpressions; the node(s) with the + highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling + term matches all objects with implicit + weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no + objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, + associated with the corresponding + weight. + type: object + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + matchFields: + description: A list of node selector + requirements by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + weight: + description: Weight associated with + matching the corresponding nodeSelectorTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to an update), the system may or may + not try to eventually evict the pod from + its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node + selector terms. The terms are ORed. + type: array + items: + description: A null or empty node + selector term matches no objects. + The requirements of them are ANDed. + The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + matchFields: + description: A list of node selector + requirements by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the same + node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with + the greatest sum of weights, i.e. for + each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a + sum by iterating through the elements + of this field and adding "weight" to the + sum if the node has pods which matches + the corresponding podAffinityTerm; the + node(s) with the highest sum are the most + preferred. + type: array + items: + description: The weights of all of the + matched WeightedPodAffinityTerm fields + are added per-node to find the most + preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key and + values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to a + set of values. Valid + operators are In, + NotIn, Exists and + DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, the + values array must + be non-empty. If the + operator is Exists + or DoesNotExist, the + values array must + be empty. This array + is replaced during + a strategic merge + patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in + the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be + co-located (affinity) or not + co-located (anti-affinity) with + the pods matching the labelSelector + in the specified namespaces, + where co-located is defined + as running on a node whose value + of the label with key topologyKey + matches that of any node on + which any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system + may or may not try to eventually evict + the pod from its node. When there are + multiple elements, the lists of nodes + corresponding to each podAffinityTerm + are intersected, i.e. all terms must be + satisfied. + type: array + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this + pod should be co-located (affinity) + or not co-located (anti-affinity) with, + where co-located is defined as running + on a node whose value of the label with + key matches that of any + node on which a pod of the set of pods + is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a + set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); null + or empty list means "this pod's + namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the + same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + anti-affinity expressions specified by + this field, but it may choose a node that + violates one or more of the expressions. + The node that is most preferred is the + one with the greatest sum of weights, + i.e. for each node that meets all of the + scheduling requirements (resource request, + requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and + adding "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with the + highest sum are the most preferred. + type: array + items: + description: The weights of all of the + matched WeightedPodAffinityTerm fields + are added per-node to find the most + preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key and + values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to a + set of values. Valid + operators are In, + NotIn, Exists and + DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, the + values array must + be non-empty. If the + operator is Exists + or DoesNotExist, the + values array must + be empty. This array + is replaced during + a strategic merge + patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in + the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be + co-located (affinity) or not + co-located (anti-affinity) with + the pods matching the labelSelector + in the specified namespaces, + where co-located is defined + as running on a node whose value + of the label with key topologyKey + matches that of any node on + which any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the anti-affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system + may or may not try to eventually evict + the pod from its node. When there are + multiple elements, the lists of nodes + corresponding to each podAffinityTerm + are intersected, i.e. all terms must be + satisfied. + type: array + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this + pod should be co-located (affinity) + or not co-located (anti-affinity) with, + where co-located is defined as running + on a node whose value of the label with + key matches that of any + node on which a pod of the set of pods + is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a + set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); null + or empty list means "this pod's + namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must + be true for the pod to fit on a node. Selector + which must match a node''s labels for the pod + to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached + to tolerates any taint that matches the triple + using the matching operator + . + type: object + properties: + effect: + description: Effect indicates the taint effect + to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the + toleration applies to. Empty means match + all taint keys. If the key is empty, operator + must be Exists; this combination means to + match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists + and Equal. Defaults to Equal. Exists is + equivalent to wildcard for value, so that + a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration (which + must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By + default, it is not set, which means tolerate + the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the + toleration matches to. If the operator is + Exists, the value should be empty, otherwise + just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver + service + type: string selector: description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. + type: object properties: dnsNames: description: List of DNSNames that this solver will be used @@ -449,9 +1784,9 @@ spec: the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array dnsZones: description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here @@ -462,15 +1797,15 @@ spec: the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array matchLabels: description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. type: object - type: object - type: object + additionalProperties: + type: string token: description: Token is the ACME challenge token for this challenge. type: string @@ -487,17 +1822,8 @@ spec: description: Wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com' type: boolean - required: - - authzURL - - type - - url - - dnsName - - token - - key - - wildcard - - issuerRef - type: object status: + type: object properties: presented: description: Presented will be set to true if the challenge values for @@ -521,8 +1847,8 @@ spec: state: description: State contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string enum: - - "" - valid - ready - pending @@ -530,62 +1856,121 @@ spec: - invalid - expired - errored - type: string - required: - - processing - - presented - - reason - type: object - required: - - metadata - - spec - - status - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: clusterissuers.certmanager.k8s.io + name: clusterissuers.cert-manager.io spec: - group: certmanager.k8s.io + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false names: kind: ClusterIssuer + listKind: ClusterIssuerList plural: clusterissuers + singular: clusterissuer scope: Cluster + subresources: + status: {} validation: openAPIV3Schema: + type: object properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: IssuerSpec is the specification of an Issuer. This includes + any configuration required for the issuer. + type: object properties: acme: + description: ACMEIssuer contains the specification for an ACME issuer + type: object + required: + - privateKeySecretRef + - server properties: email: description: Email is the email for this account type: string + externalAccountBinding: + description: ExternalAcccountBinding is a reference to a CA external + account of the ACME server. + type: object + required: + - keyAlgorithm + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: keyAlgorithm is the MAC key algorithm that the + key is used for. Valid values are "HS256", "HS384" and "HS512". + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External + Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing + a data item in a Kubernetes Secret which holds the symmetric + MAC key of the External Account Binding. The `key` is the + index string that is paired with the key data in the Secret + and should not be confused with the key data itself, or indeed + with the External Account Binding keyID above. The secret + key stored in the Secret **must** be un-padded, base64 URL + encoded data. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string privateKeySecretRef: description: PrivateKey is the name of a secret containing the private key for this user account. + type: object + required: + - name properties: key: description: The key of the secret to select from. Must be a @@ -595,9 +1980,6 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object server: description: Server is the ACME server URL type: string @@ -607,11 +1989,1349 @@ spec: solvers: description: Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. + type: array items: + type: object properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure + containing the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure + containing the DNS configuration for Akamai DNS—Zone + Record Management API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a + structure containing the DNS configuration for DigitalOcean + Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure + containing the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting + RFC2136. Required. Note: FQDN is not a valid value, + only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the + DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` + and ``tsigKeyName`` are defined. Supported values + are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, + ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. + If ``tsigSecretSecretRef`` is defined, this field + is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the + TSIG value. If ``tsigKeyName`` is defined, this + field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure + containing the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only + this zone in Route53 and will not do an lookup using + the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 + provider will assume using either the explicit credentials + AccessKeyID/SecretAccessKey or the inferred credentials + from environment variables, shared credentials file + or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies + configuration for a webhook DNS01 provider, including + where to POST ChallengePayload resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should + be passed to the webhook apiserver when challenges + are processed. This can contain arbitrary JSON data. + Secret values should not be specified in this stanza. + If secret values are needed (e.g. credentials for + a DNS service), you should use a SecretKeySelector + to reference a Secret resource. For details on the + schema of this field, consult the webhook provider + implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used + when POSTing ChallengePayload resources to the webhook + apiserver. This should be the same as the GroupName + specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined + in the webhook provider implementation. This will + typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration + detailing how to solve HTTP01 challenges within a Kubernetes + cluster. Typically this is accomplished through creating + 'routes' of some description that configure ingress controllers + to direct traffic to 'solver pods', which are responsible + for responding to the ACME server's HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver + will solve challenges by creating or modifying Ingress + resources in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating + Ingress resources to solve ACME challenges that + use this challenge solver. Only one of 'class' or + 'name' may be specified. + type: string + name: + description: The name of the ingress resource that + should have ACME challenge solving routes inserted + into it in order to solve HTTP01 challenges. This + is typically used in conjunction with ingress controllers + like ingress-gce, which maintains a 1:1 mapping + between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure + the ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod + used to solve HTTP01 challenges. Only the 'labels' + and 'annotations' fields may be set. If labels + or annotations overlap with in-built values, + the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added + to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to + the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the + HTTP01 challenge solver pod. Only the 'nodeSelector', + 'affinity' and 'tolerations' fields are supported + currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node matches the + corresponding matchExpressions; + the node(s) with the highest sum + are the most preferred. + type: array + items: + description: An empty preferred + scheduling term matches all objects + with implicit weight 0 (i.e. it's + a no-op). A null preferred scheduling + term matches no objects (i.e. + is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector + term, associated with the + corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + weight: + description: Weight associated + with matching the corresponding + nodeSelectorTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to an update), the system + may or may not try to eventually + evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list + of node selector terms. The + terms are ORed. + type: array + items: + description: A null or empty + node selector term matches + no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of + the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the + same node, zone, etc. as some other + pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node has pods + which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to a pod label update), + the system may or may not try to + eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity + scheduling rules (e.g. avoid putting + this pod in the same node, zone, etc. + as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the anti-affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + anti-affinity expressions, etc.), + compute a sum by iterating through + the elements of this field and adding + "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity + requirements specified by this field + are not met at scheduling time, + the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to + be met at some point during pod + execution (e.g. due to a pod label + update), the system may or may not + try to eventually evict the pod + from its node. When there are multiple + elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which + must be true for the pod to fit on a node. + Selector which must match a node''s labels + for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is + attached to tolerates any taint that matches + the triple using the + matching operator . + type: object + properties: + effect: + description: Effect indicates the taint + effect to match. Empty means match + all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that + the toleration applies to. Empty means + match all taint keys. If the key is + empty, operator must be Exists; this + combination means to match all values + and all keys. + type: string + operator: + description: Operator represents a key's + relationship to the value. Valid operators + are Exists and Equal. Defaults to + Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration + (which must be of effect NoExecute, + otherwise this field is ignored) tolerates + the taint. By default, it is not set, + which means tolerate the taint forever + (do not evict). Zero and negative + values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value + the toleration matches to. If the + operator is Exists, the value should + be empty, otherwise just a regular + string. + type: string + serviceType: + description: Optional service type for Kubernetes + solver service + type: string selector: description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. + type: object properties: dnsNames: description: List of DNSNames that this solver will be @@ -621,9 +3341,9 @@ spec: value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array dnsZones: description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified @@ -634,39 +3354,45 @@ spec: the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array matchLabels: description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. type: object - type: object - type: object - type: array - required: - - server - - privateKeySecretRef - type: object + additionalProperties: + type: string ca: + type: object + required: + - secretName properties: secretName: description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. type: string - required: - - secretName - type: object selfSigned: type: object vault: + type: object + required: + - auth + - path + - server properties: auth: description: Vault authentication + type: object properties: appRole: description: This Secret contains a AppRole and Secret + type: object + required: + - path + - roleId + - secretRef properties: path: description: Where the authentication path is mounted in @@ -675,6 +3401,9 @@ spec: roleId: type: string secretRef: + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -684,16 +3413,47 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object + kubernetes: + description: This contains a Role and Secret with a ServiceAccount + token to authenticate with vault. + type: object required: - - path - - roleId + - role - secretRef - type: object + properties: + mountPath: + description: The Vault mountPath here is the mount path + to use when authenticating with Vault. For example, setting + a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` + to authenticate with Vault. If unspecified, the default + value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role + to assume. A Role binds a Kubernetes ServiceAccount with + a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes + ServiceAccount JWT used for authenticating with Vault. + Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string tokenSecretRef: description: This Secret contains the Vault token key + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -703,37 +3463,39 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object - type: object caBundle: description: Base64 encoded CA bundle to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. - format: byte type: string + format: byte path: description: Vault URL path to the certificate role type: string server: description: Server is the vault connection address type: string - required: - - auth - - server - - path - type: object venafi: + description: VenafiIssuer describes issuer configuration details for + Venafi Cloud. + type: object + required: + - zone properties: cloud: description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef properties: apiTokenSecretRef: description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -743,19 +3505,16 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object url: description: URL is the base URL for Venafi Cloud type: string - required: - - url - - apiTokenSecretRef - type: object tpp: description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url properties: caBundle: description: CABundle is a PEM encoded TLS certifiate to use @@ -764,39 +3523,34 @@ spec: must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. - format: byte type: string + format: byte credentialsRef: description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name properties: name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object url: description: URL is the base URL for the Venafi TPP instance type: string - required: - - url - - credentialsRef - type: object zone: description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. type: string - required: - - zone - type: object - type: object status: + description: IssuerStatus contains status information about an Issuer + type: object properties: acme: + type: object properties: lastRegisteredEmail: description: LastRegisteredEmail is the email associated with the @@ -807,15 +3561,21 @@ spec: description: URI is the unique account identifier, which can also be used to retrieve account details from the CA type: string - type: object conditions: + type: array items: + description: IssuerCondition contains condition information for an + Issuer. + type: object + required: + - status + - type properties: lastTransitionTime: description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - format: date-time type: string + format: date-time message: description: Message is a human readable description of the details of the last transition, complementing reason. @@ -827,66 +3587,129 @@ spec: status: description: Status of the condition, one of ('True', 'False', 'Unknown'). + type: string enum: - "True" - "False" - Unknown - type: string type: description: Type of the condition, currently ('Ready'). type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: issuers.certmanager.k8s.io + name: issuers.cert-manager.io spec: - group: certmanager.k8s.io + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false names: kind: Issuer + listKind: IssuerList plural: issuers + singular: issuer scope: Namespaced + subresources: + status: {} validation: openAPIV3Schema: + type: object properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + description: IssuerSpec is the specification of an Issuer. This includes + any configuration required for the issuer. + type: object properties: acme: + description: ACMEIssuer contains the specification for an ACME issuer + type: object + required: + - privateKeySecretRef + - server properties: email: description: Email is the email for this account type: string + externalAccountBinding: + description: ExternalAcccountBinding is a reference to a CA external + account of the ACME server. + type: object + required: + - keyAlgorithm + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: keyAlgorithm is the MAC key algorithm that the + key is used for. Valid values are "HS256", "HS384" and "HS512". + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External + Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing + a data item in a Kubernetes Secret which holds the symmetric + MAC key of the External Account Binding. The `key` is the + index string that is paired with the key data in the Secret + and should not be confused with the key data itself, or indeed + with the External Account Binding keyID above. The secret + key stored in the Secret **must** be un-padded, base64 URL + encoded data. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string privateKeySecretRef: description: PrivateKey is the name of a secret containing the private key for this user account. + type: object + required: + - name properties: key: description: The key of the secret to select from. Must be a @@ -895,10 +3718,7 @@ spec: name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - required: - - name - type: object + type: string server: description: Server is the ACME server URL type: string @@ -908,11 +3728,1349 @@ spec: solvers: description: Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. + type: array items: + type: object properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure + containing the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure + containing the DNS configuration for Akamai DNS—Zone + Record Management API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a + structure containing the DNS configuration for DigitalOcean + Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure + containing the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting + RFC2136. Required. Note: FQDN is not a valid value, + only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the + DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` + and ``tsigKeyName`` are defined. Supported values + are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, + ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. + If ``tsigSecretSecretRef`` is defined, this field + is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the + TSIG value. If ``tsigKeyName`` is defined, this + field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure + containing the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only + this zone in Route53 and will not do an lookup using + the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 + provider will assume using either the explicit credentials + AccessKeyID/SecretAccessKey or the inferred credentials + from environment variables, shared credentials file + or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies + configuration for a webhook DNS01 provider, including + where to POST ChallengePayload resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should + be passed to the webhook apiserver when challenges + are processed. This can contain arbitrary JSON data. + Secret values should not be specified in this stanza. + If secret values are needed (e.g. credentials for + a DNS service), you should use a SecretKeySelector + to reference a Secret resource. For details on the + schema of this field, consult the webhook provider + implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used + when POSTing ChallengePayload resources to the webhook + apiserver. This should be the same as the GroupName + specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined + in the webhook provider implementation. This will + typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration + detailing how to solve HTTP01 challenges within a Kubernetes + cluster. Typically this is accomplished through creating + 'routes' of some description that configure ingress controllers + to direct traffic to 'solver pods', which are responsible + for responding to the ACME server's HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver + will solve challenges by creating or modifying Ingress + resources in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating + Ingress resources to solve ACME challenges that + use this challenge solver. Only one of 'class' or + 'name' may be specified. + type: string + name: + description: The name of the ingress resource that + should have ACME challenge solving routes inserted + into it in order to solve HTTP01 challenges. This + is typically used in conjunction with ingress controllers + like ingress-gce, which maintains a 1:1 mapping + between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure + the ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod + used to solve HTTP01 challenges. Only the 'labels' + and 'annotations' fields may be set. If labels + or annotations overlap with in-built values, + the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added + to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to + the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the + HTTP01 challenge solver pod. Only the 'nodeSelector', + 'affinity' and 'tolerations' fields are supported + currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node matches the + corresponding matchExpressions; + the node(s) with the highest sum + are the most preferred. + type: array + items: + description: An empty preferred + scheduling term matches all objects + with implicit weight 0 (i.e. it's + a no-op). A null preferred scheduling + term matches no objects (i.e. + is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector + term, associated with the + corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + weight: + description: Weight associated + with matching the corresponding + nodeSelectorTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to an update), the system + may or may not try to eventually + evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list + of node selector terms. The + terms are ORed. + type: array + items: + description: A null or empty + node selector term matches + no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of + the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the + same node, zone, etc. as some other + pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node has pods + which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to a pod label update), + the system may or may not try to + eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity + scheduling rules (e.g. avoid putting + this pod in the same node, zone, etc. + as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the anti-affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + anti-affinity expressions, etc.), + compute a sum by iterating through + the elements of this field and adding + "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity + requirements specified by this field + are not met at scheduling time, + the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to + be met at some point during pod + execution (e.g. due to a pod label + update), the system may or may not + try to eventually evict the pod + from its node. When there are multiple + elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which + must be true for the pod to fit on a node. + Selector which must match a node''s labels + for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is + attached to tolerates any taint that matches + the triple using the + matching operator . + type: object + properties: + effect: + description: Effect indicates the taint + effect to match. Empty means match + all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that + the toleration applies to. Empty means + match all taint keys. If the key is + empty, operator must be Exists; this + combination means to match all values + and all keys. + type: string + operator: + description: Operator represents a key's + relationship to the value. Valid operators + are Exists and Equal. Defaults to + Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration + (which must be of effect NoExecute, + otherwise this field is ignored) tolerates + the taint. By default, it is not set, + which means tolerate the taint forever + (do not evict). Zero and negative + values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value + the toleration matches to. If the + operator is Exists, the value should + be empty, otherwise just a regular + string. + type: string + serviceType: + description: Optional service type for Kubernetes + solver service + type: string selector: description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. + type: object properties: dnsNames: description: List of DNSNames that this solver will be @@ -922,9 +5080,9 @@ spec: value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array dnsZones: description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified @@ -935,39 +5093,45 @@ spec: the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array items: type: string - type: array matchLabels: description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. type: object - type: object - type: object - type: array - required: - - server - - privateKeySecretRef - type: object + additionalProperties: + type: string ca: + type: object + required: + - secretName properties: secretName: description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. type: string - required: - - secretName - type: object selfSigned: type: object vault: + type: object + required: + - auth + - path + - server properties: auth: description: Vault authentication + type: object properties: appRole: description: This Secret contains a AppRole and Secret + type: object + required: + - path + - roleId + - secretRef properties: path: description: Where the authentication path is mounted in @@ -976,6 +5140,9 @@ spec: roleId: type: string secretRef: + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -985,16 +5152,47 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object + kubernetes: + description: This contains a Role and Secret with a ServiceAccount + token to authenticate with vault. + type: object required: - - path - - roleId + - role - secretRef - type: object + properties: + mountPath: + description: The Vault mountPath here is the mount path + to use when authenticating with Vault. For example, setting + a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` + to authenticate with Vault. If unspecified, the default + value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role + to assume. A Role binds a Kubernetes ServiceAccount with + a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes + ServiceAccount JWT used for authenticating with Vault. + Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string tokenSecretRef: description: This Secret contains the Vault token key + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -1004,37 +5202,39 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object - type: object caBundle: description: Base64 encoded CA bundle to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. - format: byte type: string + format: byte path: description: Vault URL path to the certificate role type: string server: description: Server is the vault connection address type: string - required: - - auth - - server - - path - type: object venafi: + description: VenafiIssuer describes issuer configuration details for + Venafi Cloud. + type: object + required: + - zone properties: cloud: description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef properties: apiTokenSecretRef: description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name properties: key: description: The key of the secret to select from. Must @@ -1044,19 +5244,16 @@ spec: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object url: description: URL is the base URL for Venafi Cloud type: string - required: - - url - - apiTokenSecretRef - type: object tpp: description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url properties: caBundle: description: CABundle is a PEM encoded TLS certifiate to use @@ -1065,39 +5262,34 @@ spec: must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. - format: byte type: string + format: byte credentialsRef: description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name properties: name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - name - type: object url: description: URL is the base URL for the Venafi TPP instance type: string - required: - - url - - credentialsRef - type: object zone: description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. type: string - required: - - zone - type: object - type: object status: + description: IssuerStatus contains status information about an Issuer + type: object properties: acme: + type: object properties: lastRegisteredEmail: description: LastRegisteredEmail is the email associated with the @@ -1108,15 +5300,21 @@ spec: description: URI is the unique account identifier, which can also be used to retrieve account details from the CA type: string - type: object conditions: + type: array items: + description: IssuerCondition contains condition information for an + Issuer. + type: object + required: + - status + - type properties: lastTransitionTime: description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - format: date-time type: string + format: date-time message: description: Message is a human readable description of the details of the last transition, complementing reason. @@ -1128,35 +5326,24 @@ spec: status: description: Status of the condition, one of ('True', 'False', 'Unknown'). + type: string enum: - "True" - "False" - Unknown - type: string type: description: Type of the condition, currently ('Ready'). type: string - required: - - type - - status - type: object - type: array - type: object - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition metadata: - creationTimestamp: null - labels: - controller-tools.k8s.io: "1.0" - name: orders.certmanager.k8s.io + name: orders.acme.cert-manager.io spec: additionalPrinterColumns: - JSONPath: .status.state @@ -1177,27 +5364,40 @@ spec: in RFC3339 form and is in UTC. name: Age type: date - group: certmanager.k8s.io + group: acme.cert-manager.io + preserveUnknownFields: false names: kind: Order + listKind: OrderList plural: orders + singular: order scope: Namespaced + subresources: + status: {} validation: openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: + type: object + required: + - csr + - issuerRef properties: commonName: description: CommonName is the common name as specified on the DER encoded @@ -1206,49 +5406,30 @@ spec: must be set. This field must match the corresponding field on the DER encoded CSR. type: string - config: - description: 'Config specifies a mapping from DNS identifiers to how - those identifiers should be solved when performing ACME challenges. - A config entry must exist for each domain listed in DNSNames and CommonName. - Only **one** of ''config'' or ''solvers'' may be specified, and if - both are specified then no action will be performed on the Order resource. This - field will be removed when support for solver config specified on - the Certificate under certificate.spec.acme has been removed. DEPRECATED: - this field will be removed in future. Solver configuration must instead - be provided on ACME Issuer resources.' - items: - properties: - domains: - description: Domains is the list of domains that this SolverConfig - applies to. - items: - type: string - type: array - required: - - domains - type: object - type: array csr: description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. - format: byte type: string + format: byte dnsNames: description: DNSNames is a list of DNS names that should be included as part of the Order validation process. If CommonName is not specified, the first DNSName specified will be used as the CommonName. At least one of CommonName or a DNSNames must be set. This field must match the corresponding field on the DER encoded CSR. + type: array items: type: string - type: array issuerRef: description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name properties: group: type: string @@ -1256,134 +5437,79 @@ spec: type: string name: type: string - required: - - name - type: object - required: - - csr - - issuerRef - type: object status: + type: object properties: - certificate: - description: Certificate is a copy of the PEM encoded certificate for - this Order. This field will be populated after the order has been - successfully finalized with the ACME server, and the order has transitioned - to the 'valid' state. - format: byte - type: string - challenges: - description: Challenges is a list of ChallengeSpecs for Challenges that - must be created in order to complete this Order. + authorizations: + description: Authorizations contains data returned from the ACME server + on what authoriations must be completed in order to validate the DNS + names specified on the Order. + type: array items: + description: ACMEAuthorization contains data returned from the ACME + server on an authorization that must be completed in order validate + a DNS name on an ACME Order resource. + type: object + required: + - url properties: - authzURL: - description: AuthzURL is the URL to the ACME Authorization resource - that this challenge is a part of. - type: string - config: - description: 'Config specifies the solver configuration for this - challenge. Only **one** of ''config'' or ''solver'' may be specified, - and if both are specified then no action will be performed on - the Challenge resource. DEPRECATED: the ''solver'' field should - be specified instead' - type: object - dnsName: - description: DNSName is the identifier that this challenge is - for, e.g. example.com. - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type - Issuer which should be used to create this Challenge. If the - Issuer does not exist, processing will be retried. If the Issuer - is not an 'ACME' Issuer, an error will be returned and the Challenge - will be marked as failed. - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - key: - description: Key is the ACME challenge key for this challenge - type: string - solver: - description: Solver contains the domain solving configuration - that should be used to solve this challenge resource. Only **one** - of 'config' or 'solver' may be specified, and if both are specified - then no action will be performed on the Challenge resource. - properties: - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - items: - type: string - type: array - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - type: object - type: object - token: - description: Token is the ACME challenge token for this challenge. - type: string - type: - description: Type is the type of ACME challenge this resource - represents, e.g. "dns01" or "http01" + challenges: + description: Challenges specifies the challenge types offered + by the ACME server. One of these challenge types will be selected + when validating the DNS name and an appropriate Challenge resource + will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the + ACME server for an Order. An appropriate Challenge resource + can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for + this challenge. This is used to compute the 'key' that + must also be presented. + type: string + type: + description: Type is the type of challenge being offered, + e.g. http-01, dns-01 + type: string + url: + description: URL is the URL of this challenge. It can be + used to retrieve additional metadata about the Challenge + from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part + of this authorization type: string url: - description: URL is the URL of the ACME Challenge resource for - this challenge. This can be used to lookup details about the - status of this challenge. + description: URL is the URL of the Authorization that must be + completed type: string wildcard: - description: Wildcard will be true if this challenge is for a - wildcard identifier, for example '*.example.com' + description: Wildcard will be true if this authorization is for + a wildcard DNS name. If this is true, the identifier will be + the *non-wildcard* version of the DNS name. For example, if + '*.example.com' is the DNS name being validated, this field + will be 'true' and the 'identifier' field will be 'example.com'. type: boolean - required: - - authzURL - - type - - url - - dnsName - - token - - key - - wildcard - - issuerRef - type: object - type: array + certificate: + description: Certificate is a copy of the PEM encoded certificate for + this Order. This field will be populated after the order has been + successfully finalized with the ACME server, and the order has transitioned + to the 'valid' state. + type: string + format: byte failureTime: description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. - format: date-time type: string + format: date-time finalizeURL: description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. @@ -1395,8 +5521,8 @@ spec: state: description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string enum: - - "" - valid - ready - pending @@ -1404,23 +5530,15 @@ spec: - invalid - expired - errored - type: string url: description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. type: string - type: object - required: - - metadata - - spec - - status - version: v1alpha1 -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] ---- + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index c09ed9228d..6a82806205 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -1,37 +1,29 @@ -apiVersion: certmanager.k8s.io/v1alpha1 +apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.stage.name }} spec: acme: - # The ACME server URL - server: {{ .Values.clusterIssuer.stage.acme.server }} - # Email address used for ACME registration email: {{ .Values.clusterIssuer.stage.acme.email }} - # Name of a secret used to store the ACME account private key privateKeySecretRef: - name: {{ .Values.clusterIssuer.stage.acme.secretName }} - # Enable the HTTP-01 challenge provider + name: {{ .Values.clusterIssuer.stage.name }} + server: {{ .Values.clusterIssuer.stage.acme.secretName }} solvers: - http01: ingress: - class: nginx + class: nginx --- -apiVersion: certmanager.k8s.io/v1alpha1 +apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.prod.name }} spec: acme: - # The ACME server URL - server: {{ .Values.clusterIssuer.prod.acme.server }} - # Email address used for ACME registration email: {{ .Values.clusterIssuer.prod.acme.email }} - # Name of a secret used to store the ACME account private key privateKeySecretRef: - name: {{ .Values.clusterIssuer.prod.acme.secretName }} - # Enable the HTTP-01 challenge provider + name: {{ .Values.clusterIssuer.prod.name }} + server: {{ .Values.clusterIssuer.prod.acme.server }} solvers: - http01: ingress: - class: nginx + class: nginx \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml index ca7bf7633f..5641e560b5 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml @@ -1,26 +1,45 @@ apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: - name: {{ template "name" . }}-leaderelection + name: {{ template "name" . }}-cainjector labels: - app: {{ template "name" . }} + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} rules: - # Used for leader election by the controller + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] - apiGroups: [""] - resources: ["configmaps"] + resources: ["events"] verbs: ["get", "create", "update", "patch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update"] --- +# Issuer controller role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-issuers labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["issuers"] verbs: ["get", "list", "watch"] - apiGroups: [""] @@ -37,11 +56,13 @@ metadata: name: {{ template "name" . }}-controller-clusterissuers labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["clusterissuers"] verbs: ["get", "list", "watch"] - apiGroups: [""] @@ -49,30 +70,33 @@ rules: verbs: ["get", "list", "watch", "create", "update", "delete"] - apiGroups: [""] resources: ["events"] - verbs: ["create", "patch"] + verbs: ["create", "patch"] --- +# Certificates controller role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-certificates labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates", "certificaterequests", "clusterissuers", "issuers", "orders"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] verbs: ["get", "list", "watch"] # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: + # admission controller enabled: # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] - resources: ["certificates/finalizers"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates/finalizers", "certificaterequests/finalizers"] verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["orders"] - verbs: ["create", "delete"] + verbs: ["create", "delete", "get", "list", "watch"] - apiGroups: [""] resources: ["secrets"] verbs: ["get", "list", "watch", "create", "update", "delete"] @@ -80,26 +104,32 @@ rules: resources: ["events"] verbs: ["create", "patch"] --- +# Orders controller role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-orders labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] verbs: ["update"] - - apiGroups: ["certmanager.k8s.io"] - resources: ["orders", "clusterissuers", "issuers", "challenges"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "challenges"] + verbs: ["get", "list", "watch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "issuers"] verbs: ["get", "list", "watch"] - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["challenges"] verbs: ["create", "delete"] # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: + # admission controller enabled: # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["orders/finalizers"] verbs: ["update"] - apiGroups: [""] @@ -109,20 +139,27 @@ rules: resources: ["events"] verbs: ["create", "patch"] --- +# Challenges controller role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-challenges labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: # Use to update challenge resource status - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["challenges", "challenges/status"] verbs: ["update"] + # Used to watch challenge resources + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["get", "list", "watch"] # Used to watch challenges, issuer and clusterissuer resources - - apiGroups: ["certmanager.k8s.io"] - resources: ["challenges", "issuers", "clusterissuers"] + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "clusterissuers"] verbs: ["get", "list", "watch"] # Need to be able to retrieve ACME account private key to complete challenges - apiGroups: [""] @@ -140,34 +177,37 @@ rules: resources: ["ingresses"] verbs: ["get", "list", "watch", "create", "delete", "update"] # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: + # admission controller enabled: # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["acme.cert-manager.io"] resources: ["challenges/finalizers"] verbs: ["update"] - # DNS01 rules (duplicated above) + # DNS01 rules (duplicated above) - apiGroups: [""] resources: ["secrets"] verbs: ["get", "list", "watch"] --- +# ingress-shim controller role apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-ingress-shim labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests"] verbs: ["create", "update", "delete"] - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] verbs: ["get", "list", "watch"] - apiGroups: ["extensions"] resources: ["ingresses"] verbs: ["get", "list", "watch"] # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: + # admission controller enabled: # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - apiGroups: ["extensions"] resources: ["ingresses/finalizers"] @@ -179,26 +219,31 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "name" . }}-edit + name: {{ template "name" . }}-view labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} + rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["create", "delete", "deletecollection", "patch", "update"] + verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ template "name" . }}-view + name: {{ template "name" . }}-edit labels: app: {{ template "name" . }} - rbac.authorization.k8s.io/aggregate-to-view: "true" + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" rules: - - apiGroups: ["certmanager.k8s.io"] + - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["get", "list", "watch"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml index b226fc0976..538e9dc5ab 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml @@ -1,15 +1,17 @@ apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: - name: {{ template "name" . }}-leaderelection + name: {{ template "name" . }}-cainjector labels: - app: {{ template "name" . }} + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ template "name" . }}-leaderelection + name: {{ template "name" . }}-cainjector subjects: - - name: cert-manager + - name: {{ template "name" . }}-cainjector namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -19,6 +21,8 @@ metadata: name: {{ template "name" . }}-controller-issuers labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -34,6 +38,8 @@ metadata: name: {{ template "name" . }}-controller-clusterissuers labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -49,6 +55,8 @@ metadata: name: {{ template "name" . }}-controller-certificates labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -64,6 +72,8 @@ metadata: name: {{ template "name" . }}-controller-orders labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -79,6 +89,8 @@ metadata: name: {{ template "name" . }}-controller-challenges labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -94,6 +106,8 @@ metadata: name: {{ template "name" . }}-controller-ingress-shim labels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole @@ -102,3 +116,4 @@ subjects: - name: {{ template "name" . }} namespace: {{ .Values.namespace }} kind: ServiceAccount +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml index 7c5ec74a32..5eecb28cc6 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml @@ -2,34 +2,94 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "name" . }} - namespace: {{ .Values.namespace }} + namespace: {{ .Values.namespace }} labels: - app: {{ template "name" . }} + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} template: metadata: labels: - app: {{ template "name" . }} + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} + annotations: + prometheus.io/path: "/metrics" + prometheus.io/scrape: 'true' + prometheus.io/port: '9402' spec: serviceAccountName: {{ template "name" . }} containers: - name: {{ template "name" . }} - image: "{{ .Values.image.repository }}:{{ .Chart.AppVersion }}" + image: {{ .Values.image.repository }}:{{ .Values.image.tag }} + #image: "quay.io/jetstack/cert-manager-controller:v0.13.1" imagePullPolicy: {{ .Values.image.pullPolicy }} args: - - --v=2 - - --cluster-resource-namespace=$(POD_NAMESPACE) - - --leader-election-namespace=$(POD_NAMESPACE) + - --v=2 + - --cluster-resource-namespace=$(POD_NAMESPACE) + - --leader-election-namespace=kube-system + - --webhook-namespace=$(POD_NAMESPACE) + - --webhook-ca-secret=cert-manager-webhook-ca + - --webhook-serving-secret=cert-manager-webhook-tls + - --webhook-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc ports: - containerPort: 9402 + protocol: TCP + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + resources: + requests: + cpu: 10m + memory: 32Mi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "name" . }}-cainjector + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} + template: + metadata: + labels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} + annotations: + spec: + serviceAccountName: {{ template "name" . }}-cainjector + containers: + - name: {{ template "name" . }} + image: {{ .Values.cainjector.image.repository }}:{{ .Values.cainjector.image.tag }} + imagePullPolicy: {{ .Values.cainjector.image.pullPolicy }} + args: + - --v=2 + - --leader-election-namespace=kube-system env: - name: POD_NAMESPACE valueFrom: fieldRef: - fieldPath: metadata.namespace + fieldPath: metadata.namespace resources: - {} \ No newline at end of file + {} + +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml new file mode 100644 index 0000000000..17c9c8d0be --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml @@ -0,0 +1,34 @@ +# leader election rules +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: {{ template "name" . }}-cainjector:leaderelection + namespace: kube-system + labels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} +rules: + # Used for leader election by the controller + # TODO: refine the permission to *just* the leader election configmap + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "update", "patch"] +--- +# Source: cert-manager/templates/rbac.yaml +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: Role +metadata: + name: {{ template "name" . }}:leaderelection + namespace: kube-system + labels: + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} +rules: + # Used for leader election by the controller + # TODO: refine the permission to *just* the leader election configmap + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "create", "update", "patch"] +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml new file mode 100644 index 0000000000..e2871417a2 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml @@ -0,0 +1,41 @@ +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: {{ template "name" . }}-cainjector:leaderelection + namespace: kube-system + labels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: cainjector + app.kubernetes.io/instance: {{ template "name" . }} + app.kubernetes.io/managed-by: Tiller + helm.sh/chart: {{ template "name" . }}-v0.13.1 +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "name" . }}-cainjector:leaderelection +subjects: + - kind: ServiceAccount + name: {{ template "name" . }}-cainjector + namespace: {{ .Values.namespace }} +--- +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: RoleBinding +metadata: + name: {{ template "name" . }}:leaderelection + namespace: kube-system + labels: + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "name" . }}:leaderelection +subjects: + - apiGroup: "" + kind: ServiceAccount + name: {{ template "name" . }} + namespace: {{ .Values.namespace }} +--- \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml new file mode 100644 index 0000000000..b19b26abe1 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 9402 + targetPort: 9402 + selector: + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml index 6ba9103c3f..09d3242af0 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml @@ -1,9 +1,24 @@ {{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount +metadata: + name: {{ template "name" . }}-cainjector + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }}-cainjector + app.kubernetes.io/name: {{ template "name" . }}-cainjector + app.kubernetes.io/instance: {{ template "name" . }} +--- +# Source: cert-manager/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount metadata: name: {{ template "name" . }} - namespace: {{ .Values.namespace }} + namespace: {{ .Values.namespace }} + annotations: labels: - app: {{ template "name" . }} + app: {{ template "name" . }} + app.kubernetes.io/name: {{ template "name" . }} + app.kubernetes.io/instance: {{ template "name" . }} +--- {{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml index 8a75d30069..d159869e3d 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml @@ -6,9 +6,15 @@ namespace: egov replicaCount: 1 image: - repository: quay.io/jetstack/cert-manager-controller + repository: "quay.io/jetstack/cert-manager-controller" pullPolicy: IfNotPresent - tag: v0.10.1 + tag: "v0.13.1" + +cainjector: + image: + repository: "quay.io/jetstack/cert-manager-cainjector" + pullPolicy: IfNotPresent + tag: "v0.13.1" imagePullSecrets: [] @@ -26,13 +32,13 @@ clusterIssuer: name: letsencrypt-staging acme: server: https://acme-staging-v02.api.letsencrypt.org/directory - email: nithin.dv@egovernments.org + email: devops@egovernments.org secretName: letsencrypt-staging prod: name: letsencrypt-prod acme: server: https://acme-v02.api.letsencrypt.org/directory - email: nithin.dv@egovernments.org + email: devops@egovernments.org secretName: letsencrypt-prod podSecurityContext: {} diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml index fb95cf8bec..ca025c9619 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml @@ -6,7 +6,8 @@ metadata: {{- if ne .appRoot ""}} nginx.ingress.kubernetes.io/app-root: /{{ .appRoot }} {{- end }} - certmanager.k8s.io/cluster-issuer: {{ index . "cert-issuer" }} + #certmanager.k8s.io/cluster-issuer: {{ index . "cert-issuer" }} + cert-manager.io/cluster-issuer: {{ index . "cert-issuer" }} name: {{ .name }} namespace: {{ .namespace }} spec: diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-sample.yaml index f39016f3a2..5c7bcf1a4a 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample.yaml @@ -434,9 +434,9 @@ elasticsearch-data-v1: esJavaOpts: "-Xmx1g -Xms1g" resources: requests: - memory: "896Mi" + memory: "2Gi" limits: - memory: "896Mi" + memory: "2Gi" ## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> #elasticsearch-data-v1: # image: From b8bda6c9fcfcc448e50d50f13dc6236249bc6aca Mon Sep 17 00:00:00 2001 From: Nikesh Date: Tue, 26 Apr 2022 14:13:21 +0530 Subject: [PATCH 028/742] Modified eks tf --- infra-as-code/terraform/sample-aws/main.tf | 21 +++++++++++++++++-- .../terraform/sample-aws/variables.tf | 1 + 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 28053b425c..9cf1292f7c 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -13,6 +13,23 @@ module "network" { availability_zones = "${var.network_availability_zones}" } +# PostGres DB +module "db" { + source = "../modules/db/aws" + subnet_ids = "${module.network.private_subnets}" + vpc_security_group_ids = ["${module.network.rds_db_sg_id}"] + availability_zone = "${element(var.availability_zones, 0)}" + instance_class = "db.t3.medium" + engine_version = "11.13" + storage_type = "gp2" + storage_gb = "100" + backup_retention_days = "7" + administrator_login = "egovdemo" + administrator_login_password = "${var.db_password}" + db_name = "${var.cluster_name}-db" + environment = "${var.cluster_name}" +} + data "aws_eks_cluster" "cluster" { name = "${module.eks.cluster_id}" } @@ -43,8 +60,8 @@ module "eks" { override_instance_types = "${var.override_instance_types}" kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] - asg_max_size = 4 - asg_desired_capacity = 4 + asg_max_size = 5 + asg_desired_capacity = 5 spot_allocation_strategy = "capacity-optimized" spot_instance_pools = null } diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index c073e3287d..1d910b2d6a 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -43,4 +43,5 @@ variable "iam_keybase_user" { default = "keybase:egovterraform" } +variable "db_password" {} From f780d1b359851758e047bbbcc155ea89a88b7c9c Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 29 Apr 2022 13:08:43 +0530 Subject: [PATCH 029/742] Update values.yaml --- .../helm/charts/backbone-services/playground/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/playground/values.yaml b/deploy-as-code/helm/charts/backbone-services/playground/values.yaml index 7f389aa061..0e63df9bd5 100644 --- a/deploy-as-code/helm/charts/backbone-services/playground/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/playground/values.yaml @@ -9,5 +9,5 @@ labels: image: pullPolicy: IfNotPresent repository: playground - tag: "1.0" -replicas: "1" \ No newline at end of file + tag: "1.3" +replicas: "1" From 9903ea02e367a67977370a2fc40fc4be56963553 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 29 Apr 2022 13:10:02 +0530 Subject: [PATCH 030/742] Update egov-demo-sample-secrets.yaml --- .../helm/environments/egov-demo-sample-secrets.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml index 1df2735196..73fcb9cbde 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml @@ -65,11 +65,6 @@ cluster-configs: edcr-mail-password: demo edcr-sms-username: demo edcr-sms-password: demo - egov-edcr-bank-gateway: ## Add edcr bank gateway details - edcr-pnb-mid: demo - edcr-pnb-encryption-key: 12345678 - edcr-hdfc-key: qwer - edcr-hdfc-salt: sdfgt chatbot: ## Add chatbot details valuefirst-username: demo valuefirst-password: demo @@ -78,4 +73,4 @@ cluster-configs: oauth2-proxy: ## To work oauth2-proxy service, create and add your github OAuth Apps details clientID: qwgethjymnbv clientSecret: 3a08079easd9d8055470475696fd3baad5292 - cookieSecret: QVbnq0L8npoyfxZs96wtBg== \ No newline at end of file + cookieSecret: QVbnq0L8npoyfxZs96wtBg== From 8cbb672a37a3ed5781cb57119941f427ae8504a0 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Sat, 7 May 2022 00:51:17 +0530 Subject: [PATCH 031/742] New Installer --- deploy-as-code/egov-deployer/cmd/deploy.go | 3 +- deploy-as-code/egov-deployer/go.mod | 9 +- deploy-as-code/egov-deployer/go.sum | 11 +- deploy-as-code/egov-deployer/main.go | 2 +- .../DIGIT}/dependancy_chart-digit-v2.0.yaml | 0 .../DIGIT}/dependancy_chart-digit-v2.1.yaml | 0 .../DIGIT}/dependancy_chart-digit-v2.2.yaml | 0 .../DIGIT}/dependancy_chart-digit-v2.3.yaml | 0 .../DIGIT}/dependancy_chart-digit-v2.4.yaml | 0 .../DIGIT}/dependancy_chart-digit-v2.5.yaml | 0 .../dependancy_chart-mGramSeva-v1.0.yaml | 0 .../dependancy_chart-quickstart-v2.4.yaml | 0 .../URBAN/dependancy_chart-digit-v2.2.yaml | 144 +++++ .../URBAN/dependancy_chart-digit-v2.3.yaml | 144 +++++ .../URBAN/dependancy_chart-digit-v2.4.yaml | 144 +++++ .../dependancy_chart-quickstart-v2.4.yaml | 52 ++ .../iFix/dependancy_chart-mGramSeva-v1.0.yaml | 146 +++++ deploy-as-code/infra-provisioner/Dockerfile | 44 ++ deploy-as-code/infra-provisioner/go.mod | 12 + deploy-as-code/infra-provisioner/go.sum | 177 ++++++ .../infra-provisioner/infra_setup.go | 512 ++++++++++++++++++ 21 files changed, 1388 insertions(+), 12 deletions(-) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.0.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.1.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.2.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.3.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.4.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-digit-v2.5.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-mGramSeva-v1.0.yaml (100%) rename deploy-as-code/helm/{digit-release-versions => product-release-charts/DIGIT}/dependancy_chart-quickstart-v2.4.yaml (100%) create mode 100644 deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml create mode 100644 deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml create mode 100644 deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml create mode 100644 deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml create mode 100644 deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml create mode 100644 deploy-as-code/infra-provisioner/Dockerfile create mode 100644 deploy-as-code/infra-provisioner/go.mod create mode 100644 deploy-as-code/infra-provisioner/go.sum create mode 100644 deploy-as-code/infra-provisioner/infra_setup.go diff --git a/deploy-as-code/egov-deployer/cmd/deploy.go b/deploy-as-code/egov-deployer/cmd/deploy.go index dba5532282..06f0b41de7 100644 --- a/deploy-as-code/egov-deployer/cmd/deploy.go +++ b/deploy-as-code/egov-deployer/cmd/deploy.go @@ -18,7 +18,8 @@ package cmd import ( "errors" - "github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer/pkg/cmd/deployer" + "egov-deployer/pkg/cmd/deployer" + "github.com/spf13/cobra" "github.com/spf13/viper" ) diff --git a/deploy-as-code/egov-deployer/go.mod b/deploy-as-code/egov-deployer/go.mod index f13b14bd86..881e0bf9bb 100644 --- a/deploy-as-code/egov-deployer/go.mod +++ b/deploy-as-code/egov-deployer/go.mod @@ -1,13 +1,16 @@ -module github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer +module egov-deployer go 1.13 require ( github.com/manifoldco/promptui v0.8.0 + deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa + github.com/manifoldco/promptui v0.9.0 github.com/mitchellh/go-homedir v1.1.0 github.com/spf13/cobra v0.0.5 github.com/spf13/viper v1.6.1 + github.com/stretchr/testify v1.4.0 // indirect + golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 // indirect + golang.org/x/text v0.3.2 // indirect gopkg.in/yaml.v2 v2.2.4 ) - -replace github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer => ../egov-deployer diff --git a/deploy-as-code/egov-deployer/go.sum b/deploy-as-code/egov-deployer/go.sum index 7da957e18d..86a763d63b 100644 --- a/deploy-as-code/egov-deployer/go.sum +++ b/deploy-as-code/egov-deployer/go.sum @@ -9,7 +9,6 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -25,6 +24,9 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/egovernments/DIGIT-DevOps v0.0.0-20220506120657-78f3ada606fa h1:zsjuenUxEOLN6+mx1ijmho4/XeaF+418aXMF3REmAPU= +github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa h1:VND2LbduzVA83JJd/BnN0+98bT8QRrguYKjvM6a92F0= +github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa/go.mod h1:fP/zOe/hVmXnpKdVOXxQ1JsilpKPtJH6t/j+nk0iRCM= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -71,12 +73,7 @@ github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQN github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.8.0 h1:R95mMF+McvXZQ7j1g8ucVZE1gLP3Sv6j9vlF9kyRqQo= -github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= -github.com/mattn/go-colorable v0.0.9 h1:UVL0vNpWh04HeJXV0KLcaT7r06gOH2l4OW6ddYRUIY4= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= diff --git a/deploy-as-code/egov-deployer/main.go b/deploy-as-code/egov-deployer/main.go index efc303e90c..49c7d4af4b 100644 --- a/deploy-as-code/egov-deployer/main.go +++ b/deploy-as-code/egov-deployer/main.go @@ -15,7 +15,7 @@ limitations under the License. */ package main -import "github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer/cmd" +import "egov-deployer/cmd" func main() { cmd.Execute() diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.0.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.1.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.2.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.3.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.4.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-digit-v2.5.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-mGramSeva-v1.0.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml diff --git a/deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/digit-release-versions/dependancy_chart-quickstart-v2.4.yaml rename to deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml new file mode 100644 index 0000000000..0b76841392 --- /dev/null +++ b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml @@ -0,0 +1,144 @@ +version: v2.2 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.1-2bf24d01-8 + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.2-bd81e951-23 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-27f2fa2e-1 + - egovio/egov-persister:v1.1.2-2fc5d31a-17 + - egovio/egov-pg-service:v1.2.0-109a570c-21 + - egovio/egov-searcher:v1.1.1-b6e26f5a-7 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.2-9b0951ec-48 + - egovio/pdf-service:v1.1.1-8ff2e98b-12 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.2-2a911c3-89 + - egovio/billing-service:v1.2.1-6342a7f-65 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.3-409aa9b-9 + - egovio/egov-hrms:v1.2.0-528e4db-6 + - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.3.0-97bb648d2-715 + - egovio/employee:v1.3.0-97bb648d2-809 + - egovio/digit-ui:v1.0.0-1a04d0b-87 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.0-cfabecd3-87 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.3-0f4443f3-177 + - egovio/pt-calculator-v2:v1.1.2-c8d4b111-114 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.0.0-1aeb87df-1 + - bpa-services:v1.1.1-08161234-2 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.1.1-ad52954a-10 + - firenoc-services:v1.1.1-ad52954a-20 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.2.0-ad52954a-14 + - egovio/ws-services:v1.2.0-ad52954a-61 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml new file mode 100644 index 0000000000..78769f38ce --- /dev/null +++ b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml @@ -0,0 +1,144 @@ +version: v2.3 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.0-3acc52b + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.1-da68594-7 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-f9375a4 + - egovio/egov-persister:v1.1.1-58f6da0-9 + - egovio/egov-pg-service:v1.1.0-f9375a4 + - egovio/egov-searcher:v1.1.0-59d3598 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/pdf-service:v1.1.0-09b11d9 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.1-4f6c6f7-15 + - egovio/billing-service:v1.1.1-33b0fcf-14 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.2-3436cd5-4 + - egovio/egov-hrms:v1.1.0-43cb793 + - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.2.0-patch-6141c53a9-1070 + - egovio/employee:v1.2.0-a5a118ad6-291 + - egovio/digit-ui:dev-ad464d9-180 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.0.0-51bfb264-25 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.0-c4f9b279-48 + - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator + - bpa-services + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator + - firenoc-services + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml new file mode 100644 index 0000000000..92b83b4223 --- /dev/null +++ b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml @@ -0,0 +1,144 @@ +version: v2.4 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.0-667cb3d3-8 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.1-19a3ba19-5 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 + - egovio/egov-idgen:v1.2.2-2ee9ec37-3 + - egovio/egov-indexer:v1.1.4-2ee9ec37-3 + - egovio/egov-localization:v1.1.2-2ee9ec37-2 + - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 + - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 + - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-persister:v1.1.3-2ee9ec37-2 + - egovio/egov-pg-service:v1.2.2-2ee9ec37-17 + - egovio/egov-searcher:v1.1.3-2ee9ec37-2 + - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 + - egovio/egov-user:v1.2.4-d1d62cdf-11 + - egovio/user-otp:v1.1.3-2ee9ec37-6 + - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + - egovio/pdf-service:v1.1.4-a4e9bb2c-6 + - egovio/report:v1.3.2-07a30430-5 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.4-c3cba4b-15 + - egovio/billing-service:v1.3.2-7dfa157-22 + - egovio/egf-instrument:v1.1.3-b5944f0-1 + - egovio/egf-master:v1.1.2-b5944f0-2 + - egovio/egov-apportion-service:v1.1.4-ec514d1-12 + - egovio/egov-hrms:v1.2.2-57f79eb-1 + - egovio/finance-collections-voucher-consumer:v1.1.4-665e9d7-8 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.5.0-c1825dd69-291 + - egovio/employee:v1.5.0-c1825dd69-292 + - egovio/digit-ui:v1.2.0-4016cc5-233 + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.5-a8da9ece-26 + - egovio/pt-calculator-v2:v1.1.4-ef94c644-20 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.3.1-a8da9ece-32 + - egovio/sw-services:v1.4.0-a8da9ece-8 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator:v1.1.0-4ee62c15-1 + - bpa-services:v1.1.3-2e687e00-7 + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.3-0b2efd7f-3 + - egovio/tl-services:v1.1.4-a8da9ece-6 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator:v1.2.0-a8da9ece-3 + - firenoc-services:v1.3.0-090c647b-26 + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.3.1-a8da9ece-41 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.3.1-a8da9ece-41 + - egovio/ws-services:v1.4.0-a8da9ece-9 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-28439fcd-10 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml new file mode 100644 index 0000000000..c00d7c26a2 --- /dev/null +++ b/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml @@ -0,0 +1,52 @@ +version: v2.4 +modules: + - name: backbone + services: + - zookeeper + - kafka + - postgres + - name: authn-authz + services: + - redis + - nginx-ingress + - zuul:v1.3.0-667cb3d3-8 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.1-19a3ba19-5 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 + - egovio/egov-idgen:v1.2.2-2ee9ec37-3 + - egovio/egov-indexer:v1.1.4-2ee9ec37-3 + - egovio/egov-localization:v1.1.2-2ee9ec37-2 + - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 + - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 + - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-persister:v1.1.3-2ee9ec37-2 + - egovio/egov-searcher:v1.1.3-2ee9ec37-2 + - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 + - egovio/egov-user:v1.2.4-d1d62cdf-11 + - egovio/user-otp:v1.1.3-2ee9ec37-6 + - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + + - name: business + dependencies: + - "core" + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.5.0-c1825dd69-291 + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 + \ No newline at end of file diff --git a/deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml b/deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml new file mode 100644 index 0000000000..e73d09ad7c --- /dev/null +++ b/deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml @@ -0,0 +1,146 @@ +version: v1.0 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.0-f9375a4 + - egovio/egov-common-masters:408-14b79e9 + - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 + - egovio/egov-enc-service:v1.1.0-f9375a4 + - egovio/egov-filestore:v1.2.0-3acc52b + - egovio/egov-idgen:v1.2.0-f9375a4 + - egovio/egov-indexer:v1.1.1-da68594-7 + - egovio/egov-localization:v1.1.0-f9375a4 + - egovio/egov-location:v1.1.0-f9375a4 + - egovio/egov-mdms-service:v1.3.0-e50b9eb + - egovio/egov-notification-mail:v1.1.0-40b5f2d + - egovio/egov-notification-sms:v1.1.0-245443e + - egovio/egov-otp:v1.2.0-f9375a4 + - egovio/egov-persister:v1.1.1-58f6da0-9 + - egovio/egov-pg-service:v1.1.0-f9375a4 + - egovio/egov-searcher:v1.1.0-59d3598 + - egovio/egov-url-shortening:v1.0.0-40cc090 + - egovio/egov-user:v1.2.1-4976757 + - egovio/user-otp:v1.1.0-2f36d3a + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/pdf-service:v1.1.0-09b11d9 + - egovio/report:v1.3.0-28b3c97 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.1-4f6c6f7-15 + - egovio/billing-service:v1.1.1-33b0fcf-14 + - egovio/egf-instrument:v1.1.0-005ff61 + - egovio/egf-master:v1.1.0-9959f29 + - egovio/egov-apportion-service:v1.1.2-3436cd5-4 + - egovio/egov-hrms:v1.1.0-43cb793 + - egovio/dashboard-analytics:v1.1.1-14637ce-14 + - egovio/dashboard-ingest:v1.1.1-3436cd5-2 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:citizen-v1.2.0-patch-6141c53a9-1070 + - egovio/employee:v1.2.0-a5a118ad6-291 + - egovio/digit-ui:dev-ad464d9-180 + + + - name: m_pgr #PGR + dependencies: + - "business" + services: + - egovio/pgr-services:v1.0.0-51bfb264-25 + - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 + - name: m_property-tax #PT + dependencies: + - "business" + services: + - egovio/property-services:v1.1.0-c4f9b279-48 + - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 + - egovio/pt-services-v2:v1.0.0-ecf3410a + - name: m_sewerage #Sewerage + dependencies: + - "business" + services: + - egovio/sw-calculator:v1.1.0-fee435c1-2 + - egovio/sw-services:v1.1.0-ae23de49-12 + - name: m_bpa #BPA + dependencies: + - "core" + services: + - bpa-calculator + - bpa-services + - name: m_trade-license #TL + dependencies: + - "frontend" + - "core" + services: + - egovio/tl-calculator:v1.1.1-c98f0344-4 + - egovio/tl-services:v1.1.1-8b2af30a-30 + - name: m_finance #Finance + dependencies: + - "core" + services: + - firenoc-calculator + - firenoc-services + - name: m_water-service #Water + dependencies: + - "frontend" + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fire-noc #Fnoc + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_chatbot #chatbot + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_dss #dss + dependencies: + - "core" + services: + - egovio/ws-calculator:v1.1.0-4c3c8873-6 + - egovio/ws-services:v1.1.0-28617974-28 + - name: m_fsm #fsm + dependencies: + - "core" + services: + - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 + - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 + - egovio/fsm-db:v1.0.1-d9a0be51-4 + - egovio/fsm:v1.0.1-d9a0be51-4 + - egovio/inbox:fsm-395-913aa399-1 + - egovio/vendor-db:fsm-services-dev-581ee46a-2 + - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/infra-provisioner/Dockerfile b/deploy-as-code/infra-provisioner/Dockerfile new file mode 100644 index 0000000000..e61c50bbcd --- /dev/null +++ b/deploy-as-code/infra-provisioner/Dockerfile @@ -0,0 +1,44 @@ + +FROM golang:1.13-alpine as build + +ENV GO111MODULE=on +ENV GOCACHE=/tmp + +ARG WORK_DIR +WORKDIR /app + +COPY ${WORK_DIR}/go.mod . +COPY ${WORK_DIR}/go.sum . + +RUN go mod download + +COPY . . + +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build + + +# Create runtime image +FROM alpine:3 + +ARG KUBECTL_VERSION=v1.15.12 +ARG SOPS_VERSION=v3.5.0 +ARG HELM_VERSION=v3.2.1 +ARG TERRAFORM_VERSION=0.14.10 + +WORKDIR /opt/egov + +RUN addgroup -S egov && adduser -S -G egov egov +COPY --chown=egov:egov --from=build /app/infra-provisioner /opt/egov/ + +RUN chmod +x /opt/egov/infra-provisioner +RUN wget https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl \ + && wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/aws-iam-authenticator \ + && wget -O sops https://github.com/mozilla/sops/releases/download/$SOPS_VERSION/sops-$SOPS_VERSION.linux \ + && wget -qO- https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar xvz \ + && chmod +x ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm \ + && mv ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm /usr/local/bin \ + && wget -O https://releases.hashicorp.com/terraform/$TERRAFORM_VERSION/terraform_$TERRAFORM_VERSION_linux_amd64.zip \ + && unzip ./ terraform_$TERRAFORM_VERSION_linux_amd64.zip -d /usr/local/bin \ + && rm -rf ./linux-amd64 && rm -f /var/cache/apk/* + +# USER egov diff --git a/deploy-as-code/infra-provisioner/go.mod b/deploy-as-code/infra-provisioner/go.mod new file mode 100644 index 0000000000..3426555c05 --- /dev/null +++ b/deploy-as-code/infra-provisioner/go.mod @@ -0,0 +1,12 @@ +module infra-provisioner + +go 1.13 + +require ( + github.com/manifoldco/promptui v0.9.0 + github.com/mitchellh/go-homedir v1.1.0 + github.com/spf13/cobra v0.0.5 + github.com/spf13/viper v1.6.1 + gopkg.in/yaml.v2 v2.2.4 + +) diff --git a/deploy-as-code/infra-provisioner/go.sum b/deploy-as-code/infra-provisioner/go.sum new file mode 100644 index 0000000000..fcb7462149 --- /dev/null +++ b/deploy-as-code/infra-provisioner/go.sum @@ -0,0 +1,177 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= +github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= +github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= +github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= +github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= +github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= +github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= +github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= +github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= +github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= +go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +google.golang.org/appengine v1.1.0 h1:igQkv0AAhEIvTEpD5LIpAfav2eeVO9HBTjvKHVJPRSs= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno= +gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/deploy-as-code/infra-provisioner/infra_setup.go b/deploy-as-code/infra-provisioner/infra_setup.go new file mode 100644 index 0000000000..d62f8b23e3 --- /dev/null +++ b/deploy-as-code/infra-provisioner/infra_setup.go @@ -0,0 +1,512 @@ +package main + +import ( + "bytes" + "container/list" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "math/rand" + "os" + "os/exec" + "strconv" + "strings" + s "strings" + + "github.com/manifoldco/promptui" + "gopkg.in/yaml.v2" + //"bufio" +) + +var Reset = "\033[0m" +var Red = "\033[31m" +var Green = "\033[32m" +var Yellow = "\033[33m" +var Blue = "\033[34m" +var Purple = "\033[35m" +var Cyan = "\033[36m" +var Gray = "\033[37m" +var White = "\033[97m" + +//Defining a struct to parse the yaml file +type Digit struct { + Version string `yaml:"version"` + Modules []struct { + Name string `yaml:"name"` + Services []string `yaml:"services"` + Dependencies []string `yaml:"dependencies,omitempty"` + } `yaml:"modules"` +} + +type Set struct { + set map[string]bool +} + +func NewSet() *Set { + return &Set{make(map[string]bool)} +} +func (set *Set) Add(i string) bool { + _, found := set.set[i] + set.set[i] = true + return !found //False if it existed already +} +func (set *Set) Get(i string) bool { + _, found := set.set[i] + return found +} + +func main() { + + fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please ensure the Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") + //var proceedQuestion string + + infraType := []string{ + "1. Pilot/POC (Just for a POC to Quickstart and explore", + "2. DevTest Setup (You to setup and build/customize and test", + "3. Bare Minimal (95% reliability), 10 concurrent gov services per sec", + "4. Mendium (99.99% reliability), 100 concurrent gov services per sec", + "5. High (99.99% reliability), 1000 concurrent gov services per sec", + "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} + + var optedInfraType string = "" + optedInfraType, _ = sel(infraType, "Select the suitable below infra option for your usecase") + + var number_of_worker_nodes int + switch { + case optedInfraType == "1. Pilot/POC (Just for a POC where for a Quickstart and explore)": + number_of_worker_nodes = 1 + case optedInfraType == "2. DevTest Setup (You to setup and build/customize and test": + number_of_worker_nodes = 2 //TBD + case optedInfraType == "3. Bare Minimal (95% reliability), 10 concurrent gov services per sec": + number_of_worker_nodes = 3 //TBD + case optedInfraType == "4. Mendium (99.99% reliability), 100 concurrent gov services per sec": + number_of_worker_nodes = 4 //TBD + case optedInfraType == "5. High (99.99% reliability), 1000 concurrent gov services per sec": + number_of_worker_nodes = 5 //TBD + case optedInfraType == "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator) ": + number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) + } + + selectGovServicesToInstall() + + cloudPlatforms := []string{"AWS", "AZURE", "GOOGLE CLOUD (GCP)", "On-prem/Private Cloud"} + var optedCloud string = "" + optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") + + var login bool = false + var cloud string = "sample-aws" + + switch { + case optedCloud == "AWS": + var optedAccessType string + var aws_access_key string + var aws_secret_key string + var aws_session_key string + + accessTypes := []string{"Root Admin", "Temprory Admin"} + optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") + + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Input the AWS access key id\n") + fmt.Scanln(&aws_access_key) + + fmt.Println("Input the AWS secret key\n") + fmt.Scanln(&aws_secret_key) + + fmt.Println("Input the AWS Session Token\n") + fmt.Scanln(&aws_session_key) + + if optedAccessType == "Temprory Admin" { + login = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) + } else { + login = awslogin(aws_access_key, aws_secret_key) + } + + case optedCloud == "AZURE": + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + azure_username := enterValue(nil, "Please enter your AZURE UserName") + azure_password := enterValue(nil, "Enter your AZURE Password") + login = azurelogin(azure_username, azure_password) + + case optedCloud == "GOOGLE CLOUD (GCP)": + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + case optedCloud == "On-prem/Private Cloud": + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + default: + //fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + //fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + } + + if login { + fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") + cluster_name := enterValue(nil, "How do you want to name the Cluster? eg: dev-your-name or org-name") + s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) + dir := "DIGIT-DevOps" + gitCmd := "" + _, err := os.Stat(dir) + if os.IsNotExist(err) { + gitCmd = fmt.Sprintf("git clone -b release-infra-demo https://github.com/egovernments/DIGIT-DevOps.git %s", dir) + } else { + gitCmd = fmt.Sprintf("git -C %s pull", dir) + } + execCommand(gitCmd) + + //fmt.Println(string(Green), "\n******* The number of nodes depend on the the following options *********\n") + //worker_nodes := enterValue(nil, "How many VM/nodes is required") + + //db_name := enterValue(nil, "As part of the DIGIT setup, you need DB to created, what do you want to name the database") + + db_pswd := enterValue(nil, "What should be the database pswd to be created") + + tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloud) + execSingleCommand(tfInitCmd) + + tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloud) + fmt.Println(tfPlan) + execSingleCommand(tfPlan) + + tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloud) + execSingleCommand(tfApply) + + tfMainInit := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloud) + execSingleCommand(tfMainInit) + tfMainPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloud) + fmt.Println() + fmt.Println(tfMainPlan) + execSingleCommand(tfMainPlan) + //tfMainApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" -auto-approve %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, worker_nodes, dir, cloud) + //execCommand(tfMainApply) + } + + //terraform output to a file + //replace the env values with the tf output + //save the kubetconfig and set the currentcontext + //set dns in godaddy using the api's + + fmt.Println("") + endScript() +} + +func getService(fullChart Digit, service string, set Set, svclist *list.List) { + for _, s := range fullChart.Modules { + if s.Name == service { + if set.Add(service) { + svclist.PushFront(service) //Add services into the list + if s.Dependencies != nil { + for _, deps := range s.Dependencies { + getService(fullChart, deps, set, svclist) + } + } + } + } + } +} + +func execCommand(command string) error { + var err error + parts := strings.Fields(command) + //log.Println("Printing full command part", parts) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + cmd := exec.Command(head, args...) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func execSingleCommand(command string) error { + var err error + + cmd := exec.Command("sh", "-c", command) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func setClusterContext() bool { + var contextset bool = false + var kubeconfig string = "" + + validatepath := func(input string) error { + _, err := os.Stat(input) + if os.IsNotExist(err) { + return errors.New("The File does not exist in the given path") + } + return nil + } + + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of the kubeconfig file") + + if kubeconfig != "" { + getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) + err := execCommand(getcontextcmd) + if err == nil { + context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") + if context != "" { + usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) + err := execCommand(usecontextcmd) + if err == nil { + contextset = true + } + } + } + } + return contextset +} + +func awslogin(accessKey string, secretKey string) bool { + + var login bool = false + + if accessKey != "" && secretKey != "" { + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey) + fmt.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + login = true + } + } + return login +} + +func awsloginWithSession(accessKey string, secretKey string, sessionToken string) bool { + + var login bool = false + + if accessKey != "" && secretKey != "" { + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set aws_session_token \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey, sessionToken) + fmt.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + login = true + } + } + return login +} + +func azurelogin(userName string, password string) bool { + + var login bool = false + if userName != "" && password != "" { + azurelogincommand := fmt.Sprintf("az login -u %s -p %s", userName, password) + err := execCommand(azurelogincommand) + if err == nil { + login = true + } + } + return login +} + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return +} + +func selectGovServicesToInstall() { + + var versionfiles []string + var modules []string + var selectedMod []string + svclist := list.New() + set := NewSet() + var argStr string = "" + + // Get the versions from the chart and display it to user to select + file, err := os.Open("../helm/product-release-charts/") + if err != nil { + log.Fatalf("failed opening directory: %s", err) + } + defer file.Close() + + prodList, _ := file.Readdirnames(0) // 0 to read all files and folders + + var optedProduct string = "" + optedProduct, _ = sel(prodList, "Choose the Gov stack services that you would you like to install") + + if optedProduct != "" { + files, err := ioutil.ReadDir("../helm/product-release-charts/" + optedProduct) + if err != nil { + log.Fatal(err) + } + + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) + } + var version string = "" + version, _ = sel(versionfiles, "Which version of the selected product would like to install?") + if version != "" { + argFile := "../helm/product-release-charts/" + optedProduct + "/dependancy_chart-" + version + ".yaml" + + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Preparing required services details =>", argFile, err) + return + } + + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) + if err != nil { + fmt.Println("\n\tERROR: Sourcing the the gov services matrix for your requirement => ", argFile, err) + return + } + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) + } + } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT gov services that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, you can select multiple if you wish, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } + + } + } + } + } + } + +} + +func deployScript(argStr string, envfile string) { + + var envfiles []string + contextset := setClusterContext() + + if contextset { + envfilesFromDir, err := ioutil.ReadDir("../helm/environments/") + if err != nil { + log.Fatal(err) + } + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") { + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } + } + + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env for the installation") + + if env != "" { + var goDeployCmd string + confirm := []string{"Yes", "No"} + + goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + + preview, _ := sel(confirm, "Do you want to preview the manifests before the actual Deployment") + if preview == "Yes" { + goDeployCmd = fmt.Sprintf("%s -p", goDeployCmd) + fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } + + } + + } + } +} From 0dbd7800c9901fe074fb0363799c76c760ed6259 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Mon, 9 May 2022 14:42:33 +0530 Subject: [PATCH 032/742] added demo template --- ...s.yaml => egov-demo-template-secrets.yaml} | 26 +++--- ...mo-sample.yaml => egov-demo-template.yaml} | 84 +++++++++---------- 2 files changed, 55 insertions(+), 55 deletions(-) rename deploy-as-code/helm/environments/{egov-demo-sample-secrets.yaml => egov-demo-template-secrets.yaml} (86%) rename deploy-as-code/helm/environments/{egov-demo-sample.yaml => egov-demo-template.yaml} (92%) diff --git a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml similarity index 86% rename from deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml rename to deploy-as-code/helm/environments/egov-demo-template-secrets.yaml index 73fcb9cbde..653f80108e 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample-secrets.yaml +++ b/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml @@ -1,18 +1,18 @@ cluster-configs: secrets: - db: ## Create postgres db user and mention the details - username: demo - password: demo - flywayUsername: demo - flywayPassword: demo - egov-notification-sms: ## To work sms notification service add the sms provider details - username: demo - password: demo - egov-filestore: ## To work Filestore service add the IAM user details which has access on the filestore s3 bucket. - aws-key: aswedfghew - aws-secret-key: xdefghgdxc - egov-location: ## To work Location service add your gmap key - gmapskey: AIzaSyAQOd09-sdfegv + db: // Create postgres db user and mention the details + username: + password: + flywayUsername: + flywayPassword: + egov-notification-sms: // To work sms notification service add the sms provider details + username: + password: + egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. + aws-key: + aws-secret-key: + egov-location: // To work Location service add your gmap key + gmapskey: egov-pg-service: ## To work pg service add your respective bank details axis-merchant-id: demo axis-merchant-secret-key: demo diff --git a/deploy-as-code/helm/environments/egov-demo-sample.yaml b/deploy-as-code/helm/environments/egov-demo-template.yaml similarity index 92% rename from deploy-as-code/helm/environments/egov-demo-sample.yaml rename to deploy-as-code/helm/environments/egov-demo-template.yaml index 5c7bcf1a4a..fa2b75aed1 100644 --- a/deploy-as-code/helm/environments/egov-demo-sample.yaml +++ b/deploy-as-code/helm/environments/egov-demo-template.yaml @@ -1,5 +1,5 @@ global: - domain: ## Add your Domain Name Eg: site.mydomain.com + domain: ## Add your Domain Name Eg: site.mydomain.com cluster-configs: namespaces: ## Set true to create muliple namespaces @@ -11,13 +11,13 @@ cluster-configs: configmaps: egov-config: data: - db-host: "db-host name" ## Add db-host name eg: egov-demo.database.azure.com - db-name: "db-name" ## Add db-name - db-url: "Add db-url" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "your Domain Name" ## Add your Domain Name - egov-services-fqdn-name: "https:///" ## Add your Domain Name - egov-state-level-tenant-id: "Add tenant id" ##example: pb - s3-assets-bucket: "s3-assets-bucket name" ## Add s3-assets-bucket name + db-host: "" ## Add db-host name eg: egov-demo.database.azure.com + db-name: "" ## Add db-name + db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "" ## Add your Domain Name + egov-services-fqdn-name: "https:///" ## Add your Domain Name + egov-state-level-tenant-id: "" ##example: pb + s3-assets-bucket: "" ## Add s3-assets-bucket name ## Do not Change es-host: "elasticsearch-data-v1.es-cluster" @@ -142,7 +142,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ### Change this to Your MDMS Repo - branch: "DEV" ### Branch need to be changed as per your env + branch: "" ### Branch need to be changed as per your env mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -153,7 +153,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" + branch: "" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -164,20 +164,20 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" ### Branch need to be changed as per your env + branch: "" ### Branch need to be changed as per your env egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" ### Branch need to be changed as per your env + branch: "" ### Branch need to be changed as per your env egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "master" ### Branch need to be changed as per your env + branch: "" ### Branch need to be changed as per your env egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" @@ -215,7 +215,7 @@ nginx-ingress: ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" cert-manager: - email: "email id" ## Add email id + email: "" ## Add email id images: - "quay.io/jetstack/cert-manager-controller:v0.10.1" namespace: egov @@ -247,14 +247,14 @@ dashboard-analytics: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "" dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "" citizen: @@ -273,7 +273,7 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "" report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -282,7 +282,7 @@ pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "new-pdf-changes" ### Branch need to be changed as per your env + branch: "" ### Branch need to be changed as per your env data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" @@ -292,12 +292,12 @@ kafka-v2: persistence: enabled: true aws: - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b ## add respective zone - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b + - volumeId: "" ## add volume id + zone: ## add respective zone + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -355,12 +355,12 @@ zookeeper-v2: persistence: enabled: true aws: - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -424,12 +424,12 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: esJavaOpts: "-Xmx1g -Xms1g" resources: @@ -488,12 +488,12 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b - - volumeId: "volume-id" ## add volume id - zone: ap-south-1b + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: esJavaOpts: "-Xmx448m -Xms448m" resources: From e0673f056aabd03d53d3a2b38f56638bb5a2c9f1 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 10 May 2022 11:16:20 +0530 Subject: [PATCH 033/742] Modified the aws tf (#830) * generic eks tf * Updated var Co-authored-by: Nikesh --- infra-as-code/terraform/sample-aws/main.tf | 6 +++--- infra-as-code/terraform/sample-aws/remote-state/main.tf | 4 ++-- .../terraform/sample-aws/remote-state/variables.tf | 3 +++ infra-as-code/terraform/sample-aws/variables.tf | 6 +++++- 4 files changed, 13 insertions(+), 6 deletions(-) create mode 100644 infra-as-code/terraform/sample-aws/remote-state/variables.tf diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 9cf1292f7c..2a46bee648 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,6 +1,6 @@ terraform { backend "s3" { - bucket = "try-workshop" + bucket = "${var.bucket_name}" key = "terraform" region = "ap-south-1" } @@ -60,8 +60,8 @@ module "eks" { override_instance_types = "${var.override_instance_types}" kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] - asg_max_size = 5 - asg_desired_capacity = 5 + asg_max_size = "${var.number_of_worker_nodes}" + asg_desired_capacity = "${var.number_of_worker_nodes}" spot_allocation_strategy = "capacity-optimized" spot_instance_pools = null } diff --git a/infra-as-code/terraform/sample-aws/remote-state/main.tf b/infra-as-code/terraform/sample-aws/remote-state/main.tf index 0ef1c75312..40d7e21e9c 100644 --- a/infra-as-code/terraform/sample-aws/remote-state/main.tf +++ b/infra-as-code/terraform/sample-aws/remote-state/main.tf @@ -3,7 +3,7 @@ provider "aws" { } resource "aws_s3_bucket" "terraform_state" { - bucket = "try-workshop" + bucket = "${var.bucket_name}" lifecycle { prevent_destroy = true @@ -19,7 +19,7 @@ resource "aws_s3_bucket_versioning" "versioning" { resource "aws_dynamodb_table" "terraform_state_lock" { - name = "try-workshop" + name = "${var.bucket_name}" read_capacity = 1 write_capacity = 1 hash_key = "LockID" diff --git a/infra-as-code/terraform/sample-aws/remote-state/variables.tf b/infra-as-code/terraform/sample-aws/remote-state/variables.tf new file mode 100644 index 0000000000..2889e05c1c --- /dev/null +++ b/infra-as-code/terraform/sample-aws/remote-state/variables.tf @@ -0,0 +1,3 @@ +variable "bucket_name" { + default = "try-workshop" +} \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 1d910b2d6a..c18d0b226a 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -32,13 +32,17 @@ variable "override_instance_types" { } variable "number_of_worker_nodes" { - default = "3" + default = "5" } variable "ssh_key_name" { default = "my-first-eks" } +variable "bucket_name" { + default = "try-workshop" +} + variable "iam_keybase_user" { default = "keybase:egovterraform" } From 72a7238e0fde376a745714ec9d1abb95d0d76699 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Tue, 10 May 2022 12:18:51 +0530 Subject: [PATCH 034/742] Advanced Installer --- .../environments/ci-demo-secrets.yaml | 0 .../environments/ci-demo.yaml | 0 .../environments/egov-demo-secrets.yaml | 0 .../egov-demo-template-secrets.yaml | 0 .../environments/egov-demo-template.yaml | 0 .../environments/egov-demo.yaml | 0 .../cert-manager/.helmignore | 0 .../backbone-services/cert-manager/Chart.yaml | 0 .../cert-manager/crds/cert-manager-crds.yaml | 0 .../cert-manager/templates/_helpers.tpl | 0 .../cert-manager/templates/clusterissuer.yaml | 0 .../cert-manager/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../cert-manager/templates/deployment.yaml | 0 .../cert-manager/templates/role.yaml | 0 .../cert-manager/templates/rolebinding.yaml | 0 .../cert-manager/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../cert-manager/values.yaml | 0 .../cluster-autoscaler/.helmignore | 0 .../cluster-autoscaler/Chart.yaml | 0 .../cluster-autoscaler/OWNERS | 0 .../cluster-autoscaler/README.md | 0 .../cluster-autoscaler/requirements.lock | 0 .../cluster-autoscaler/templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/deployment.yaml | 0 .../cluster-autoscaler/templates/pdb.yaml | 0 .../templates/podsecuritypolicy.yaml | 0 .../priority-expander-configmap.yaml | 0 .../cluster-autoscaler/templates/role.yaml | 0 .../templates/rolebinding.yaml | 0 .../cluster-autoscaler/templates/secret.yaml | 0 .../cluster-autoscaler/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../cluster-autoscaler/values.yaml | 0 .../elasticsearch/Chart.yaml | 0 .../elasticsearch-data-infra-v1-values.yaml | 0 .../elasticsearch-data-v1-values.yaml | 0 .../elasticsearch-master-infra-v1-values.yaml | 0 .../elasticsearch-master-v1-values.yaml | 0 .../elasticsearch/templates/_helpers.tpl | 0 .../templates/headless-service.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../elasticsearch/templates/service.yaml | 0 .../elasticsearch/templates/statefulset.yaml | 0 .../backbone-services/es-curator/Chart.yaml | 0 .../es-curator/es-curator-infra-values.yaml | 0 .../es-curator/templates/_helpers.tpl | 0 .../es-curator/templates/configmap.yaml | 0 .../es-curator/templates/cronjob.yaml | 0 .../backbone-services/fluent-bit/Chart.yaml | 0 .../fluent-bit/templates/_helpers.tpl | 0 .../fluent-bit/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../fluent-bit/templates/configmap.yaml | 0 .../fluent-bit/templates/daemonset.yaml | 0 .../fluent-bit/templates/serviceaccount.yaml | 0 .../backbone-services/fluent-bit/values.yaml | 0 .../backbone-services/grafana/Chart.yaml | 0 .../grafana/templates/configmap.yaml | 0 .../grafana/templates/deployment.yaml | 0 .../grafana/templates/ingress.yaml | 0 .../grafana/templates/service.yaml | 0 .../backbone-services/grafana/values.yaml | 0 .../backbone-services/jaeger/Chart.yaml | 0 .../jaeger/templates/_helpers.tpl | 0 .../jaeger/templates/agent-ds.yaml | 0 .../jaeger/templates/agent-svc.yaml | 0 .../jaeger/templates/collector-configmap.yaml | 0 .../jaeger/templates/collector-deploy.yaml | 0 .../jaeger/templates/collector-hpa.yaml | 0 .../jaeger/templates/collector-svc.yaml | 0 .../jaeger/templates/query-configmap.yaml | 0 .../jaeger/templates/query-deploy.yaml | 0 .../jaeger/templates/query-ing.yaml | 0 .../jaeger/templates/query-svc.yaml | 0 .../jaeger/templates/spark-cronjob.yaml | 0 .../backbone-services/jaeger/values.yaml | 0 .../backbone-services/jenkins/.helmignore | 0 .../backbone-services/jenkins/CHANGELOG.md | 0 .../backbone-services/jenkins/Chart.yaml | 0 .../charts/backbone-services/jenkins/OWNERS | 0 .../backbone-services/jenkins/README.md | 0 .../jenkins/templates/NOTES.txt | 0 .../jenkins/templates/_helpers.tpl | 0 .../jenkins/templates/config.yaml | 0 .../jenkins/templates/deprecation.yaml | 0 .../jenkins/templates/home-pv.yaml | 0 .../jenkins/templates/home-pvc.yaml | 0 .../jenkins/templates/jcasc-config.yaml | 0 .../jenkins/templates/jenkins-agent-svc.yaml | 0 .../templates/jenkins-backup-cronjob.yaml | 0 .../templates/jenkins-backup-rbac.yaml | 0 .../jenkins-master-alerting-rules.yaml | 0 .../jenkins-master-backendconfig.yaml | 0 .../templates/jenkins-master-deployment.yaml | 0 .../templates/jenkins-master-ingress.yaml | 0 .../jenkins-master-networkpolicy.yaml | 0 .../templates/jenkins-master-route.yaml | 0 .../jenkins-master-servicemonitor.yaml | 0 .../jenkins/templates/jenkins-master-svc.yaml | 0 .../jenkins/templates/jobs.yaml | 0 .../jenkins/templates/rbac.yaml | 0 .../jenkins/templates/secret-https-jks.yaml | 0 .../jenkins/templates/secret.yaml | 0 .../templates/service-account-agent.yaml | 0 .../jenkins/templates/service-account.yaml | 0 .../backbone-services/jenkins/values.yaml | 0 .../kafka-connect-restart-tasks/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../kafka-connect-restart-tasks/values.yaml | 0 .../kafka-connect/Chart.yaml | 0 .../kafka-connect-infra-values.yaml | 0 .../kafka-connect/templates/deployment.yaml | 0 .../kafka-connect/templates/service.yaml | 0 .../kafka-connect/values.yaml | 0 .../backbone-services/kafka-v2/Chart.yaml | 0 .../kafka-v2/kafka-v2-infra-values.yaml | 0 .../kafka-v2/templates/_helpers.tpl | 0 .../kafka-v2/templates/headless-service.yaml | 0 .../kafka-v2/templates/persistentvolume.yaml | 0 .../kafka-v2/templates/service.yaml | 0 .../kafka-v2/templates/statefulset.yaml | 0 .../backbone-services/kafka-v2/values.yaml | 0 .../kaniko-cache-warmer/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/persistentvolumeclaim.yaml | 0 .../kaniko-cache-warmer/values.yaml | 0 .../backbone-services/kibana-v1/Chart.yaml | 0 .../kibana-v1/kibana-infra-v1-values.yaml | 0 .../kibana-v1/templates/deployment.yaml | 0 .../kibana-v1/templates/ingress.yaml | 0 .../kibana-v1/templates/service.yaml | 0 .../backbone-services/kibana-v1/values.yaml | 0 .../kube-state-metrics/.helmignore | 0 .../kube-state-metrics/Chart.yaml | 0 .../kube-state-metrics/OWNERS | 0 .../kube-state-metrics/README.md | 0 .../kube-state-metrics/templates/NOTES.txt | 0 .../kube-state-metrics/templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/deployment.yaml | 0 .../kube-state-metrics/templates/pdb.yaml | 0 .../templates/podsecuritypolicy.yaml | 0 .../templates/psp-clusterrole.yaml | 0 .../templates/psp-clusterrolebinding.yaml | 0 .../kube-state-metrics/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../templates/stsdiscovery-role.yaml | 0 .../templates/stsdiscovery-rolebinding.yaml | 0 .../kube-state-metrics/values.yaml | 0 .../backbone-services/kuberhealthy/Chart.yaml | 0 .../backbone-services/kuberhealthy/NOTES.txt | 0 .../backbone-services/kuberhealthy/README.md | 0 .../kuberhealthy/crds/khcheck.yaml | 0 .../kuberhealthy/crds/khstate.yaml | 0 .../kuberhealthy/templates/_helpers.tpl | 0 .../kuberhealthy/templates/check-reaper.yaml | 0 .../kuberhealthy/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../kuberhealthy/templates/configmap.yaml | 0 .../kuberhealthy/templates/deployment.yaml | 0 .../templates/khcheck-daemonset.yaml | 0 .../templates/khcheck-db-connections.yaml | 0 .../khcheck-db-es-collections-sync.yaml | 0 .../templates/khcheck-db-es-pgr-sync.yaml | 0 .../templates/khcheck-db-es-pt-sync.yaml | 0 .../templates/khcheck-db-es-tl-sync.yaml | 0 .../kuberhealthy/templates/khcheck-db.yaml | 0 .../templates/khcheck-deployment.yaml | 0 .../kuberhealthy/templates/khcheck-dns.yaml | 0 .../kuberhealthy/templates/khcheck-kafka.yaml | 0 .../templates/khcheck-pod-restarts.yaml | 0 .../templates/khcheck-pod-status.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../kuberhealthy/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../kuberhealthy/values.yaml | 0 .../backbone-services/minio/.helmignore | 0 .../charts/backbone-services/minio/Chart.yaml | 0 .../minio/templates/_helpers.tpl | 0 .../templates/deployment-standalone.yaml | 0 .../minio/templates/ingress.yaml | 0 .../minio/templates/persistentvolume.yaml | 0 .../minio/templates/pv-standalone.yaml | 0 .../minio/templates/pvc-standalone.yaml | 0 .../minio/templates/service.yaml | 0 .../minio/templates/statefulset.yaml | 0 .../minio/templates/svc-headless.yaml | 0 .../backbone-services/minio/values.yaml | 0 .../nginx-errors/.helmignore | 0 .../backbone-services/nginx-errors/Chart.yaml | 0 .../nginx-errors/templates/NOTES.txt | 0 .../nginx-errors/templates/_helpers.tpl | 0 .../nginx-errors/templates/deployment.yaml | 0 .../nginx-errors/templates/service.yaml | 0 .../templates/tests/test-connection.yaml | 0 .../nginx-errors/values.yaml | 0 .../nginx-ingress/Chart.yaml | 0 .../backbone-services/nginx-ingress/README.md | 0 .../nginx-ingress/templates/_helpers.tpl | 0 .../nginx-ingress/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/controller-configmap.yaml | 0 .../templates/controller-daemonset.yaml | 0 .../templates/controller-deployment.yaml | 0 .../templates/controller-metrics-service.yaml | 0 .../templates/controller-prometheusrules.yaml | 0 .../templates/controller-role.yaml | 0 .../templates/controller-rolebinding.yaml | 0 .../templates/controller-service.yaml | 0 .../templates/controller-serviceaccount.yaml | 0 .../templates/controller-servicemonitor.yaml | 0 .../templates/custom-headers.yaml | 0 .../nginx-ingress/values.yaml | 0 .../oauth2-proxy/.helmignore | 0 .../backbone-services/oauth2-proxy/Chart.yaml | 0 .../oauth2-proxy/templates/configmap.yaml | 0 .../oauth2-proxy/templates/deployment.yaml | 0 .../oauth2-proxy/templates/ingress.yaml | 0 .../oauth2-proxy/templates/service.yaml | 0 .../oauth2-proxy/values.yaml | 0 .../backbone-services/pgadmin/Chart.yaml | 0 .../pgadmin/templates/deployment.yaml | 0 .../pgadmin/templates/ingress.yaml | 0 .../pgadmin/templates/service.yaml | 0 .../backbone-services/pgadmin/values.yaml | 0 .../backbone-services/playground/Chart.yaml | 0 .../backbone-services/playground/README.md | 0 .../playground/templates/deployment.yaml | 0 .../backbone-services/playground/values.yaml | 0 .../backbone-services/postgres/Chart.yaml | 0 .../postgres/templates/deployment.yaml | 0 .../postgres/templates/service.yaml | 0 .../backbone-services/postgres/values.yaml | 0 .../prometheus-kafka-exporter/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../templates/servicemonitor.yaml | 0 .../prometheus-kafka-exporter/values.yaml | 0 .../prometheus-operator/.helmignore | 0 .../prometheus-operator/CONTRIBUTING.md | 0 .../prometheus-operator/Chart.yaml | 0 .../prometheus-operator/OWNERS | 0 .../prometheus-operator/README.md | 0 .../crds/crd-alertmanager.yaml | 0 .../crds/crd-podmonitor.yaml | 0 .../crds/crd-prometheus.yaml | 0 .../crds/crd-prometheusrules.yaml | 0 .../crds/crd-servicemonitor.yaml | 0 .../crds/crd-thanosrulers.yaml | 0 .../prometheus-operator/hack/README.md | 0 .../hack/minikube/README.md | 0 .../prometheus-operator/hack/minikube/cmd.sh | 0 .../hack/minikube/values.yaml | 0 .../prometheus-operator/hack/requirements.txt | 0 .../hack/sync_grafana_dashboards.py | 0 .../hack/sync_prometheus_rules.py | 0 .../prometheus-operator/requirements.lock | 0 .../prometheus-operator/requirements.yaml | 0 .../prometheus-operator/templates/NOTES.txt | 0 .../templates/_helpers.tpl | 0 .../templates/alertmanager/alertmanager.yaml | 0 .../templates/alertmanager/ingress.yaml | 0 .../alertmanager/ingressperreplica.yaml | 0 .../alertmanager/podDisruptionBudget.yaml | 0 .../templates/alertmanager/psp-role.yaml | 0 .../alertmanager/psp-rolebinding.yaml | 0 .../templates/alertmanager/psp.yaml | 0 .../templates/alertmanager/secret.yaml | 0 .../templates/alertmanager/service.yaml | 0 .../alertmanager/serviceaccount.yaml | 0 .../alertmanager/servicemonitor.yaml | 0 .../alertmanager/serviceperreplica.yaml | 0 .../alertmanager/templatefiles-configmap.yaml | 0 .../templates/exporters/core-dns/service.yaml | 0 .../exporters/core-dns/servicemonitor.yaml | 0 .../kube-api-server/servicemonitor.yaml | 0 .../kube-controller-manager/endpoints.yaml | 0 .../kube-controller-manager/service.yaml | 0 .../servicemonitor.yaml | 0 .../templates/exporters/kube-dns/service.yaml | 0 .../exporters/kube-dns/servicemonitor.yaml | 0 .../exporters/kube-etcd/endpoints.yaml | 0 .../exporters/kube-etcd/service.yaml | 0 .../exporters/kube-etcd/servicemonitor.yaml | 0 .../exporters/kube-proxy/endpoints.yaml | 0 .../exporters/kube-proxy/service.yaml | 0 .../exporters/kube-proxy/servicemonitor.yaml | 0 .../exporters/kube-scheduler/endpoints.yaml | 0 .../exporters/kube-scheduler/service.yaml | 0 .../kube-scheduler/servicemonitor.yaml | 0 .../kube-state-metrics/serviceMonitor.yaml | 0 .../exporters/kubelet/servicemonitor.yaml | 0 .../node-exporter/servicemonitor.yaml | 0 .../templates/operator/cleanup-crds.yaml | 0 .../templates/operator/clusterrole.yaml | 0 .../operator/clusterrolebinding.yaml | 0 .../templates/operator/crds.yaml | 0 .../templates/operator/deployment.yaml | 0 .../templates/operator/psp-clusterrole.yaml | 0 .../operator/psp-clusterrolebinding.yaml | 0 .../templates/operator/psp.yaml | 0 .../templates/operator/service.yaml | 0 .../templates/operator/serviceaccount.yaml | 0 .../templates/operator/servicemonitor.yaml | 0 .../additionalAlertRelabelConfigs.yaml | 0 .../additionalAlertmanagerConfigs.yaml | 0 .../prometheus/additionalPrometheusRules.yaml | 0 .../prometheus/additionalScrapeConfigs.yaml | 0 .../templates/prometheus/clusterrole.yaml | 0 .../prometheus/clusterrolebinding.yaml | 0 .../templates/prometheus/ingress.yaml | 0 .../prometheus/ingressperreplica.yaml | 0 .../prometheus/podDisruptionBudget.yaml | 0 .../templates/prometheus/podmonitors.yaml | 0 .../templates/prometheus/prometheus.yaml | 0 .../templates/prometheus/psp-clusterrole.yaml | 0 .../prometheus/psp-clusterrolebinding.yaml | 0 .../templates/prometheus/psp.yaml | 0 .../rules-1.14/alertmanager.rules.yaml | 0 .../templates/prometheus/rules-1.14/etcd.yaml | 0 .../prometheus/rules-1.14/general.rules.yaml | 0 .../prometheus/rules-1.14/k8s.rules.yaml | 0 .../rules-1.14/kube-apiserver-slos.yaml | 0 .../rules-1.14/kube-apiserver.rules.yaml | 0 .../kube-prometheus-general.rules.yaml | 0 .../kube-prometheus-node-recording.rules.yaml | 0 .../rules-1.14/kube-scheduler.rules.yaml | 0 .../rules-1.14/kube-state-metrics.yaml | 0 .../prometheus/rules-1.14/kubelet.rules.yaml | 0 .../rules-1.14/kubernetes-apps.yaml | 0 .../rules-1.14/kubernetes-resources.yaml | 0 .../rules-1.14/kubernetes-storage.yaml | 0 .../kubernetes-system-apiserver.yaml | 0 .../kubernetes-system-controller-manager.yaml | 0 .../rules-1.14/kubernetes-system-kubelet.yaml | 0 .../kubernetes-system-scheduler.yaml | 0 .../rules-1.14/kubernetes-system.yaml | 0 .../rules-1.14/node-exporter.rules.yaml | 0 .../prometheus/rules-1.14/node-exporter.yaml | 0 .../prometheus/rules-1.14/node-network.yaml | 0 .../prometheus/rules-1.14/node.rules.yaml | 0 .../rules-1.14/prometheus-operator.yaml | 0 .../prometheus/rules-1.14/prometheus.yaml | 0 .../prometheus/rules/alertmanager.rules.yaml | 0 .../templates/prometheus/rules/etcd.yaml | 0 .../prometheus/rules/general.rules.yaml | 0 .../templates/prometheus/rules/k8s.rules.yaml | 0 .../rules/kube-apiserver.rules.yaml | 0 .../kube-prometheus-node-alerting.rules.yaml | 0 .../kube-prometheus-node-recording.rules.yaml | 0 .../rules/kube-scheduler.rules.yaml | 0 .../prometheus/rules/kubernetes-absent.yaml | 0 .../prometheus/rules/kubernetes-apps.yaml | 0 .../rules/kubernetes-resources.yaml | 0 .../prometheus/rules/kubernetes-storage.yaml | 0 .../prometheus/rules/kubernetes-system.yaml | 0 .../prometheus/rules/node-network.yaml | 0 .../templates/prometheus/rules/node-time.yaml | 0 .../prometheus/rules/node.rules.yaml | 0 .../prometheus/rules/prometheus-operator.yaml | 0 .../prometheus/rules/prometheus.rules.yaml | 0 .../templates/prometheus/service.yaml | 0 .../templates/prometheus/serviceaccount.yaml | 0 .../templates/prometheus/servicemonitor.yaml | 0 .../templates/prometheus/servicemonitors.yaml | 0 .../prometheus/serviceperreplica.yaml | 0 .../prometheus-operator/values.yaml | 0 .../charts/backbone-services/redis/Chart.yaml | 0 .../redis/templates/deployment.yaml | 0 .../redis/templates/service.yaml | 0 .../backbone-services/redis/values.yaml | 0 .../charts/backbone-services/redoc/Chart.yaml | 0 .../redoc/templates/deployment.yaml | 0 .../redoc/templates/ingress.yaml | 0 .../redoc/templates/service.yaml | 0 .../backbone-services/redoc/values.yaml | 0 .../spot-termination-handler/Chart.yaml | 0 .../templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/daemonset.yaml | 0 .../templates/serviceaccount.yaml | 0 .../spot-termination-handler/values.yaml | 0 .../backbone-services/zookeeper-v2/Chart.yaml | 0 .../backbone-services/zookeeper-v2/README.md | 0 .../zookeeper-v2/templates/_helpers.tpl | 0 .../templates/headless-service.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../zookeeper-v2/templates/service.yaml | 0 .../zookeeper-v2/templates/statefulset.yaml | 0 .../zookeeper-v2/values.yaml | 0 .../billing-service/Chart.yaml | 0 .../billing-service/templates/deployment.yaml | 0 .../billing-service/templates/ingress.yaml | 0 .../billing-service/templates/service.yaml | 0 .../billing-service/values.yaml | 0 .../collection-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../collection-services/values.yaml | 0 .../dashboard-analytics/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../dashboard-analytics/values.yaml | 0 .../dashboard-ingest/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../dashboard-ingest/templates/ingress.yaml | 0 .../dashboard-ingest/templates/service.yaml | 0 .../dashboard-ingest/values.yaml | 0 .../egf-account-details-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egf-account-details-consumer/values.yaml | 0 .../egf-instrument/Chart.yaml | 0 .../egf-instrument/templates/deployment.yaml | 0 .../egf-instrument/templates/ingress.yaml | 0 .../egf-instrument/templates/service.yaml | 0 .../egf-instrument/values.yaml | 0 .../business-services/egf-master/Chart.yaml | 0 .../egf-master/templates/deployment.yaml | 0 .../egf-master/templates/ingress.yaml | 0 .../egf-master/templates/service.yaml | 0 .../business-services/egf-master/values.yaml | 0 .../business-services/egf-masters/Chart.yaml | 0 .../egf-masters/templates/deployment.yaml | 0 .../egf-masters/templates/service.yaml | 0 .../business-services/egf-masters/values.yaml | 0 .../egf-voucher-indexer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egf-voucher-indexer/values.yaml | 0 .../egov-apportion-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yml | 0 .../templates/service.yaml | 0 .../egov-apportion-service/values.yaml | 0 .../business-services/egov-edcr/Chart.yaml | 0 .../egov-edcr/templates/deployment.yaml | 0 .../egov-edcr/templates/ingress.yaml | 0 .../templates/override-configmap.yaml | 0 .../egov-edcr/templates/service.yaml | 0 .../business-services/egov-edcr/values.yaml | 0 .../business-services/egov-finance/Chart.yaml | 0 .../egov-finance/templates/deployment.yaml | 0 .../egov-finance/templates/ingress.yaml | 0 .../templates/override-configmap.yaml | 0 .../egov-finance/templates/service.yaml | 0 .../egov-finance/values.yaml | 0 .../business-services/egov-hrms/Chart.yaml | 0 .../egov-hrms/templates/deployment.yaml | 0 .../egov-hrms/templates/ingress.yaml | 0 .../egov-hrms/templates/service.yaml | 0 .../business-services/egov-hrms/values.yaml | 0 .../Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../values.yaml | 0 .../charts/business-services/mysql/Chart.yaml | 0 .../mysql/templates/deployment.yaml | 0 .../business-services/mysql/templates/pv.yaml | 0 .../mysql/templates/pvc.yaml | 0 .../mysql/templates/service.yaml | 0 .../business-services/mysql/values.yaml | 0 .../business-services/wordpress/Chart.yaml | 0 .../wordpress/templates/deployment.yaml | 0 .../wordpress/templates/ingress.yaml | 0 .../wordpress/templates/pv.yaml | 0 .../wordpress/templates/pvc.yaml | 0 .../wordpress/templates/service.yaml | 0 .../business-services/wordpress/values.yaml | 0 .../helm/charts/cluster-configs/Chart.yaml | 0 .../templates/0-namespaces/0-namespaces.yaml | 0 .../configmaps/common-configmap.yaml | 0 .../egov-service-host-comfigmap.yaml | 0 .../configmaps/egov-user-chatbot.yaml | 0 .../templates/ingress/nginx-errors.yaml | 0 .../templates/ingress/root-ingress.yaml | 0 .../templates/rbac/clusterroles.yaml | 0 .../rbac/read-clusterrolebinding.yaml | 0 .../templates/rbac/rolebindings.yaml | 0 .../secrets/alertmanager-secret.yaml | 0 .../secrets/case-management-secret.yaml | 0 .../templates/secrets/chatbot-secret.yaml | 0 .../templates/secrets/covid-chatbot.yaml | 0 .../templates/secrets/db-secret.yaml | 0 .../egov-edcr-bank-gateway-secret-.yaml | 0 .../egov-edcr-notification-secret.yaml | 0 .../secrets/egov-enc-service-secret.yaml | 0 .../secrets/egov-filestore-secret.yaml | 0 .../secrets/egov-location-secret.yaml | 0 .../egov-notification-mail-secret.yaml | 0 .../secrets/egov-notification-sms-secret.yaml | 0 .../secrets/egov-pg-service-secret.yaml | 0 .../secrets/egov-si-microservice-secret.yaml | 0 .../templates/secrets/git-sync-secret.yaml | 0 ...me-isolation-notification-mail-secret.yaml | 0 .../secrets/ispirit-ecurfew-secret.yaml | 0 .../secrets/jenkins-kubeconfigs.yaml | 0 .../templates/secrets/jenkins-secret.yaml | 0 .../secrets/kibana-infra-secret.yaml | 0 .../templates/secrets/kibana-secret.yaml | 0 .../templates/secrets/minio-secret.yaml | 0 .../templates/secrets/mysql-secret.yaml | 0 .../secrets/oauth2-proxy-secret.yaml | 0 .../templates/secrets/pgadmin-secret.yaml | 0 .../templates/secrets/wordpress-secret.yaml | 0 .../templates/services/db-endpoints.yaml | 0 .../templates/services/db-service.yaml | 0 .../helm/charts/cluster-configs/values.yaml | 0 .../helm/charts/common/.helmignore | 0 .../helm/charts/common/Chart.yaml | 0 .../helm/charts/common/README.md | 0 .../charts/common/templates/_cronjob.yaml | 0 .../charts/common/templates/_deployment.yaml | 0 .../helm/charts/common/templates/_helpers.tpl | 0 .../charts/common/templates/_ingress.yaml | 0 .../charts/common/templates/_service.yaml | 0 .../common/templates/_servicemonitor.yaml | 0 .../helm/charts/common/values.yaml | 0 .../charts/core-services/chatbot/Chart.yaml | 0 .../core-services/chatbot/chatbot-values.yaml | 0 .../home-isolation-chatbot-values.yaml | 0 .../core-services/chatbot/requirements.lock | 0 .../chatbot/templates/deployment.yaml | 0 .../chatbot/templates/ingress.yaml | 0 .../chatbot/templates/service.yaml | 0 .../egov-accesscontrol/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-accesscontrol/templates/ingress.yaml | 0 .../egov-accesscontrol/templates/service.yaml | 0 .../egov-accesscontrol/values.yaml | 0 .../egov-common-masters/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-common-masters/values.yaml | 0 .../egov-data-uploader/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-data-uploader/templates/ingress.yaml | 0 .../egov-data-uploader/templates/service.yaml | 0 .../egov-data-uploader/values.yaml | 0 .../core-services/egov-enc-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-enc-service/templates/ingress.yml | 0 .../egov-enc-service/templates/service.yaml | 0 .../egov-enc-service/values.yaml | 0 .../core-services/egov-filestore/Chart.yaml | 0 .../egov-filestore/templates/deployment.yaml | 0 .../egov-filestore/templates/ingress.yaml | 0 .../templates/persistentvolume.yaml | 0 .../egov-filestore/templates/pvc.yaml | 0 .../egov-filestore/templates/service.yaml | 0 .../core-services/egov-filestore/values.yaml | 0 .../core-services/egov-idgen/Chart.yaml | 0 .../egov-idgen/templates/deployment.yaml | 0 .../egov-idgen/templates/ingress.yaml | 0 .../egov-idgen/templates/service.yaml | 0 .../core-services/egov-idgen/values.yaml | 0 .../egov-index-custom-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-index-custom-consumer/values.yaml | 0 .../core-services/egov-indexer/Chart.yaml | 0 .../egov-indexer/templates/deployment.yaml | 0 .../egov-indexer/templates/ingress.yaml | 0 .../egov-indexer/templates/service.yaml | 0 .../core-services/egov-indexer/values.yaml | 0 .../egov-localization/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-localization/templates/ingress.yaml | 0 .../egov-localization/templates/service.yaml | 0 .../egov-localization/values.yaml | 0 .../core-services/egov-location/Chart.yaml | 0 .../egov-location/templates/deployment.yaml | 0 .../egov-location/templates/ingress.yaml | 0 .../egov-location/templates/service.yaml | 0 .../core-services/egov-location/values.yaml | 0 .../egov-mdms-service/Chart.yaml | 0 .../ispirit-mdms-service-values.yaml | 0 .../templates/deployment.yaml | 0 .../egov-mdms-service/templates/ingress.yaml | 0 .../egov-mdms-service/templates/service.yaml | 0 .../egov-mdms-service/tenant-a-mdms-data.yaml | 0 .../egov-mdms-service/tenant-b-mdms-data.yaml | 0 .../egov-mdms-service/values.yaml | 0 .../egov-notification-mail/Chart.yaml | 0 .../home-isolation-email-values.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-notification-mail/values.yaml | 0 .../egov-notification-sms/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-notification-sms/values.yaml | 0 .../charts/core-services/egov-otp/Chart.yaml | 0 .../egov-otp/templates/deployment.yaml | 0 .../egov-otp/templates/ingress.yaml | 0 .../egov-otp/templates/service.yaml | 0 .../charts/core-services/egov-otp/values.yaml | 0 .../charts/core-services/egov-pdf/Chart.yaml | 0 .../egov-pdf/templates/deployment.yaml | 0 .../egov-pdf/templates/ingress.yaml | 0 .../egov-pdf/templates/service.yaml | 0 .../charts/core-services/egov-pdf/values.yaml | 0 .../core-services/egov-persister/Chart.yaml | 0 .../egov-persister/templates/deployment.yaml | 0 .../egov-persister/templates/service.yaml | 0 .../core-services/egov-persister/values.yaml | 0 .../core-services/egov-pg-service/Chart.yaml | 0 .../egov-pg-service/templates/deployment.yaml | 0 .../egov-pg-service/templates/ingress.yaml | 0 .../egov-pg-service/templates/service.yaml | 0 .../core-services/egov-pg-service/values.yaml | 0 .../core-services/egov-searcher/Chart.yaml | 0 .../egov-searcher/templates/deployment.yaml | 0 .../egov-searcher/templates/ingress.yaml | 0 .../egov-searcher/templates/service.yaml | 0 .../core-services/egov-searcher/values.yaml | 0 .../egov-telemetry-kafka-streams/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-telemetry-kafka-streams/values.yaml | 0 .../egov-url-shortening/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-url-shortening/values.yaml | 0 .../egov-user-chatbot/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-user-chatbot/templates/service.yaml | 0 .../egov-user-chatbot/values.yaml | 0 .../charts/core-services/egov-user/Chart.yaml | 0 .../egov-user/egov-user-enc-values.yaml | 0 .../egov-user/egov-user-values.yaml | 0 .../egov-user/templates/deployment.yaml | 0 .../egov-user/templates/ingress.yaml | 0 .../egov-user/templates/service.yaml | 0 .../core-services/egov-workflow-v2/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-workflow-v2/templates/ingress.yaml | 0 .../egov-workflow-v2/templates/service.yaml | 0 .../egov-workflow-v2/values.yaml | 0 .../core-services/egov-workflow/Chart.yaml | 0 .../egov-workflow/templates/deployment.yaml | 0 .../egov-workflow/templates/service.yaml | 0 .../core-services/egov-workflow/values.yaml | 0 .../core-services/internal-gateway/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../internal-gateway/templates/role.yaml | 0 .../templates/rolebinding.yaml | 0 .../internal-gateway/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../internal-gateway/values.yaml | 0 .../charts/core-services/mailbot/Chart.yaml | 0 .../core-services/mailbot/requirements.lock | 0 .../mailbot/templates/deployment.yaml | 0 .../mailbot/templates/ingress.yaml | 0 .../mailbot/templates/service.yaml | 0 .../charts/core-services/mailbot/values.yaml | 0 .../core-services/nlp-engine/Chart.yaml | 0 .../nlp-engine/templates/deployment.yaml | 0 .../nlp-engine/templates/ingress.yaml | 0 .../nlp-engine/templates/service.yaml | 0 .../core-services/nlp-engine/values.yaml | 0 .../core-services/pdf-service/Chart.yaml | 0 .../pdf-service/templates/deployment.yaml | 0 .../pdf-service/templates/ingress.yaml | 0 .../pdf-service/templates/service.yaml | 0 .../core-services/pdf-service/values.yaml | 0 .../charts/core-services/report/Chart.yaml | 0 .../report/templates/deployment.yaml | 0 .../report/templates/ingress.yaml | 0 .../report/templates/service.yaml | 0 .../charts/core-services/report/values.yaml | 0 .../charts/core-services/telemetry/Chart.yaml | 0 .../telemetry/templates/deployment.yaml | 0 .../telemetry/templates/ingress.yaml | 0 .../telemetry/templates/service.yaml | 0 .../core-services/telemetry/values.yaml | 0 .../charts/core-services/user-otp/Chart.yaml | 0 .../user-otp/templates/deployment.yaml | 0 .../user-otp/templates/ingress.yaml | 0 .../user-otp/templates/service.yaml | 0 .../charts/core-services/user-otp/values.yaml | 0 .../core-services/xstate-chatbot/Chart.yaml | 0 .../xstate-chatbot/covid-chatbot-values.yaml | 0 .../xstate-chatbot/templates/deployment.yaml | 0 .../xstate-chatbot/templates/ingress.yaml | 0 .../xstate-chatbot/templates/service.yaml | 0 .../core-services/xstate-chatbot/values.yaml | 0 .../helm/charts/core-services/zuul/Chart.yaml | 0 .../zuul/templates/deployment.yaml | 0 .../core-services/zuul/templates/role.yaml | 0 .../zuul/templates/rolebinding.yaml | 0 .../core-services/zuul/templates/service.yaml | 0 .../zuul/templates/serviceaccount.yaml | 0 .../charts/core-services/zuul/values.yaml | 0 .../helm/charts/frontend/citizen/Chart.yaml | 0 .../citizen/templates/deployment.yaml | 0 .../frontend/citizen/templates/ingress.yaml | 0 .../frontend/citizen/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/citizen/values.yaml | 0 .../charts/frontend/common-screen/Chart.yaml | 0 .../common-screen/templates/deployment.yaml | 0 .../common-screen/templates/ingress.yaml | 0 .../common-screen/templates/service.yaml | 0 .../charts/frontend/common-screen/values.yaml | 0 .../helm/charts/frontend/digit-ui/Chart.yaml | 0 .../digit-ui/templates/deployment.yaml | 0 .../frontend/digit-ui/templates/ingress.yaml | 0 .../frontend/digit-ui/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/digit-ui/values.yaml | 0 .../charts/frontend/dss-dashboard/Chart.yaml | 0 .../dss-dashboard/templates/deployment.yaml | 0 .../dss-dashboard/templates/ingress.yaml | 0 .../dss-dashboard/templates/service.yaml | 0 .../charts/frontend/dss-dashboard/values.yaml | 0 .../charts/frontend/employee-mcs/Chart.yaml | 0 .../employee-mcs/templates/deployment.yaml | 0 .../employee-mcs/templates/ingress.yaml | 0 .../employee-mcs/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../charts/frontend/employee-mcs/values.yaml | 0 .../frontend/employee-tradelicence/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../employee-tradelicence/values.yaml | 0 .../helm/charts/frontend/employee/Chart.yaml | 0 .../employee/templates/deployment.yaml | 0 .../frontend/employee/templates/ingress.yaml | 0 .../frontend/employee/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/employee/values.yaml | 0 .../helm/charts/frontend/hrms-web/Chart.yaml | 0 .../hrms-web/templates/deployment.yaml | 0 .../frontend/hrms-web/templates/service.yaml | 0 .../helm/charts/frontend/hrms-web/values.yaml | 0 .../rainmaker-custom-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress-open.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../rainmaker-custom-service/values.yaml | 0 .../charts/frontend/react-pgr-web/Chart.yaml | 0 .../react-pgr-web/templates/deployment.yaml | 0 .../react-pgr-web/templates/service.yaml | 0 .../charts/frontend/react-pgr-web/values.yaml | 0 .../helm/charts/frontend/ui-app/Chart.yaml | 0 .../frontend/ui-app/templates/deployment.yaml | 0 .../frontend/ui-app/templates/service.yaml | 0 .../helm/charts/frontend/ui-app/values.yaml | 0 .../charts/frontend/ui-dashboard/Chart.yaml | 0 .../ui-dashboard/templates/deployment.yaml | 0 .../ui-dashboard/templates/ingress.yaml | 0 .../ui-dashboard/templates/service.yaml | 0 .../charts/frontend/ui-dashboard/values.yaml | 0 .../frontend/ui-localisation/Chart.yaml | 0 .../ui-localisation/templates/deployment.yaml | 0 .../ui-localisation/templates/ingress.yaml | 0 .../ui-localisation/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../frontend/ui-localisation/values.yaml | 0 .../charts/frontend/ui-uploader/Chart.yaml | 0 .../ui-uploader/templates/deployment.yaml | 0 .../ui-uploader/templates/service.yaml | 0 .../charts/frontend/ui-uploader/values.yaml | 0 .../ispirit/approver-dashboard/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../approver-dashboard/templates/ingress.yaml | 0 .../approver-dashboard/templates/service.yaml | 0 .../ispirit/approver-dashboard/values.yaml | 0 .../charts/ispirit/ecurfew-cron/Chart.yaml | 0 .../ecurfew-cron/templates/deployment.yaml | 0 .../ecurfew-cron/templates/ingress.yaml | 0 .../ecurfew-cron/templates/service.yaml | 0 .../charts/ispirit/ecurfew-cron/values.yaml | 0 .../helm/charts/ispirit/ecurfew/Chart.yaml | 0 .../ispirit/ecurfew/templates/deployment.yaml | 0 .../ispirit/ecurfew/templates/ingress.yaml | 0 .../ispirit/ecurfew/templates/service.yaml | 0 .../helm/charts/ispirit/ecurfew/values.yaml | 0 .../charts/ispirit/epass-chatbot/Chart.yaml | 0 .../epass-chatbot/templates/deployment.yaml | 0 .../epass-chatbot/templates/ingress.yaml | 0 .../epass-chatbot/templates/service.yaml | 0 .../charts/ispirit/epass-chatbot/values.yaml | 0 .../helm/charts/ispirit/epasszuul/Chart.yaml | 0 .../epasszuul/templates/deployment.yaml | 0 .../ispirit/epasszuul/templates/role.yaml | 0 .../epasszuul/templates/rolebinding.yaml | 0 .../ispirit/epasszuul/templates/service.yaml | 0 .../epasszuul/templates/serviceaccount.yaml | 0 .../helm/charts/ispirit/epasszuul/values.yaml | 0 .../ispirit/requester-dashboard/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../ispirit/requester-dashboard/values.yaml | 0 .../charts/ispirit/trai-gateway/Chart.yaml | 0 .../trai-gateway/templates/ca-configmap.yaml | 0 .../trai-gateway/templates/deployment.yaml | 0 .../trai-gateway/templates/ingress.yaml | 0 .../trai-gateway/templates/service.yaml | 0 .../charts/ispirit/trai-gateway/values.yaml | 0 .../bpa-calculator/Chart.yaml | 0 .../bpa-calculator/templates/deployment.yaml | 0 .../bpa-calculator/templates/ingress.yaml | 0 .../bpa-calculator/templates/service.yaml | 0 .../bpa-calculator/values.yaml | 0 .../bpa-services/Chart.yaml | 0 .../bpa-services/templates/deployment.yaml | 0 .../bpa-services/templates/ingress.yaml | 0 .../bpa-services/templates/service.yaml | 0 .../bpa-services/values.yaml | 0 .../echallan-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../echallan-calculator/values.yaml | 0 .../echallan-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../echallan-services/templates/ingress.yaml | 0 .../echallan-services/templates/service.yaml | 0 .../echallan-services/values.yaml | 0 .../egov-user-event/Chart.yaml | 0 .../egov-user-event/templates/deployment.yaml | 0 .../egov-user-event/templates/ingress.yaml | 0 .../egov-user-event/templates/service.yaml | 0 .../egov-user-event/values.yaml | 0 .../firenoc-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../firenoc-calculator/templates/ingress.yaml | 0 .../firenoc-calculator/templates/service.yaml | 0 .../firenoc-calculator/values.yaml | 0 .../firenoc-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../firenoc-services/templates/ingress.yaml | 0 .../firenoc-services/templates/service.yaml | 0 .../firenoc-services/values.yaml | 0 .../fsm-calculator/Chart.yaml | 0 .../fsm-calculator/templates/deployment.yaml | 0 .../fsm-calculator/templates/ingress.yaml | 0 .../fsm-calculator/templates/service.yaml | 0 .../fsm-calculator/values.yaml | 0 .../charts/municipal-services/fsm/Chart.yaml | 0 .../fsm/templates/deployment.yaml | 0 .../fsm/templates/ingress.yaml | 0 .../fsm/templates/service.yaml | 0 .../charts/municipal-services/fsm/values.yaml | 0 .../municipal-services/inbox/Chart.yaml | 0 .../inbox/templates/deployment.yaml | 0 .../inbox/templates/ingress.yaml | 0 .../inbox/templates/service.yaml | 0 .../municipal-services/inbox/values.yaml | 0 .../land-services/Chart.yaml | 0 .../land-services/templates/deployment.yaml | 0 .../land-services/templates/ingress.yaml | 0 .../land-services/templates/service.yaml | 0 .../land-services/values.yaml | 0 .../noc-services/Chart.yaml | 0 .../noc-services/templates/deployment.yaml | 0 .../noc-services/templates/ingress.yaml | 0 .../noc-services/templates/service.yaml | 0 .../noc-services/values.yaml | 0 .../pgr-services/Chart.yaml | 0 .../pgr-services/templates/deployment.yaml | 0 .../pgr-services/templates/ingress.yaml | 0 .../pgr-services/templates/service.yaml | 0 .../pgr-services/values.yaml | 0 .../property-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../property-services/templates/ingress.yaml | 0 .../property-services/templates/service.yaml | 0 .../property-services/values.yaml | 0 .../pt-calculator-v2/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../pt-calculator-v2/templates/ingress.yaml | 0 .../pt-calculator-v2/templates/service.yaml | 0 .../pt-calculator-v2/values.yaml | 0 .../pt-services-v2/Chart.yaml | 0 .../pt-services-v2/templates/deployment.yaml | 0 .../pt-services-v2/templates/ingress.yaml | 0 .../pt-services-v2/templates/service.yaml | 0 .../pt-services-v2/values.yaml | 0 .../rainmaker-pgr/Chart.yaml | 0 .../rainmaker-pgr/templates/deployment.yaml | 0 .../rainmaker-pgr/templates/ingress.yaml | 0 .../rainmaker-pgr/templates/service.yaml | 0 .../rainmaker-pgr/values.yaml | 0 .../sw-calculator/Chart.yaml | 0 .../sw-calculator/templates/deployment.yaml | 0 .../sw-calculator/templates/ingress.yaml | 0 .../sw-calculator/templates/service.yaml | 0 .../sw-calculator/values.yaml | 0 .../municipal-services/sw-services/Chart.yaml | 0 .../sw-services/templates/deployment.yaml | 0 .../sw-services/templates/ingress.yaml | 0 .../sw-services/templates/service.yaml | 0 .../sw-services/values.yaml | 0 .../tl-calculator/Chart.yaml | 0 .../tl-calculator/templates/deployment.yaml | 0 .../tl-calculator/templates/ingress.yaml | 0 .../tl-calculator/templates/service.yaml | 0 .../tl-calculator/values.yaml | 0 .../municipal-services/tl-services/Chart.yaml | 0 .../tl-services/templates/deployment.yaml | 0 .../tl-services/templates/ingress.yaml | 0 .../tl-services/templates/service.yaml | 0 .../tl-services/values.yaml | 0 .../turn-io-adapter/Chart.yaml | 0 .../turn-io-adapter/templates/deployment.yaml | 0 .../turn-io-adapter/templates/ingress.yaml | 0 .../turn-io-adapter/templates/service.yaml | 0 .../turn-io-adapter/values.yaml | 0 .../municipal-services/vehicle/Chart.yaml | 0 .../vehicle/templates/deployment.yaml | 0 .../vehicle/templates/ingress.yaml | 0 .../vehicle/templates/service.yaml | 0 .../municipal-services/vehicle/values.yaml | 0 .../municipal-services/vendor/Chart.yaml | 0 .../vendor/templates/deployment.yaml | 0 .../vendor/templates/ingress.yaml | 0 .../vendor/templates/service.yaml | 0 .../municipal-services/vendor/values.yaml | 0 .../ws-calculator/Chart.yaml | 0 .../ws-calculator/templates/deployment.yaml | 0 .../ws-calculator/templates/ingress.yaml | 0 .../ws-calculator/templates/service.yaml | 0 .../ws-calculator/values.yaml | 0 .../municipal-services/ws-services/Chart.yaml | 0 .../ws-services/templates/deployment.yaml | 0 .../ws-services/templates/ingress.yaml | 0 .../ws-services/templates/service.yaml | 0 .../ws-services/values.yaml | 0 .../ukd-assets/Chart.yaml | 0 .../ukd-assets/templates/deployment.yaml | 0 .../ukd-assets/templates/ingress.yaml | 0 .../ukd-assets/templates/service.yaml | 0 .../ukd-assets/values.yaml | 0 .../ukd-custom-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../ukd-custom-service/templates/ingress.yaml | 0 .../ukd-custom-service/templates/service.yaml | 0 .../ukd-custom-service/values.yaml | 0 .../utilities/case-management/Chart.yaml | 0 .../case-management/templates/deployment.yaml | 0 .../case-management/templates/ingress.yaml | 0 .../case-management/templates/service.yaml | 0 .../utilities/case-management/values.yaml | 0 .../utilities/cova-dgr-fetch/Chart.yaml | 0 .../cova-dgr-fetch/templates/cronjob.yaml | 0 .../utilities/cova-dgr-fetch/values.yaml | 0 .../charts/utilities/data-upload/Chart.yaml | 0 .../data-upload/templates/deployment.yaml | 0 .../data-upload/templates/ingress.yaml | 0 .../data-upload/templates/service.yaml | 0 .../charts/utilities/data-upload/values.yaml | 0 .../utilities/egov-custom-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-custom-consumer/values.yaml | 0 .../egov-weekly-impact-notifier/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../egov-weekly-impact-notifier/values.yaml | 0 .../charts/utilities/mailbot-cron/Chart.yaml | 0 .../mailbot-cron/templates/cronjob.yaml | 0 .../charts/utilities/mailbot-cron/values.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.0.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.1.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.2.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.3.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.4.yaml | 0 .../DIGIT/dependancy_chart-digit-v2.5.yaml | 0 .../dependancy_chart-quickstart-v2.4.yaml | 0 .../URBAN/dependancy_chart-digit-v2.2.yaml | 0 .../URBAN/dependancy_chart-digit-v2.3.yaml | 0 .../URBAN/dependancy_chart-digit-v2.4.yaml | 0 .../dependancy_chart-quickstart-v2.4.yaml | 0 .../iFix/dependancy_chart-mGramSeva-v1.0.yaml | 0 .../{egov-deployer => deployer}/Dockerfile | 0 .../{egov-deployer => deployer}/cmd/deploy.go | 6 +- .../{egov-deployer => deployer}/cmd/root.go | 8 +- .../full_installer.go} | 25 ++- .../{egov-deployer => deployer}/go.mod | 8 +- .../{egov-deployer => deployer}/go.sum | 5 + .../internal/README.md | 0 .../internal/app/_your_app_/.keep | 0 .../internal/pkg/_your_private_lib_/.keep | 0 .../{egov-deployer => deployer}/main.go | 2 +- .../{egov-deployer => deployer}/pkg/README.md | 0 .../pkg/cmd/deployer/deployer.go | 14 +- .../pkg/cmd/deployer/options.go | 2 +- .../standalone_installer.go} | 185 ++++++++++-------- .../helm/charts/cluster-configs/Chart.lock | 6 - .../dependancy_chart-mGramSeva-v1.0.yaml | 146 -------------- deploy-as-code/infra-provisioner/Dockerfile | 44 ----- deploy-as-code/infra-provisioner/go.mod | 12 -- deploy-as-code/infra-provisioner/go.sum | 177 ----------------- 1014 files changed, 147 insertions(+), 493 deletions(-) rename {deploy-as-code/helm => config-as-code}/environments/ci-demo-secrets.yaml (100%) rename {deploy-as-code/helm => config-as-code}/environments/ci-demo.yaml (100%) rename {deploy-as-code/helm => config-as-code}/environments/egov-demo-secrets.yaml (100%) rename {deploy-as-code/helm => config-as-code}/environments/egov-demo-template-secrets.yaml (100%) rename {deploy-as-code/helm => config-as-code}/environments/egov-demo-template.yaml (100%) rename {deploy-as-code/helm => config-as-code}/environments/egov-demo.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cert-manager/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/OWNERS (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/requirements.lock (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/cluster-autoscaler/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/es-curator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/es-curator/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/es-curator/templates/configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/es-curator/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/fluent-bit/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/templates/configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/grafana/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/query-ing.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/query-svc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jaeger/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/CHANGELOG.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/OWNERS (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/NOTES.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/config.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/deprecation.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/home-pv.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/jobs.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/rbac.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/templates/service-account.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/jenkins/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-connect/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kafka-v2/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kibana-v1/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/OWNERS (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kube-state-metrics/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/NOTES.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/kuberhealthy/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/pv-standalone.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/statefulset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/templates/svc-headless.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/minio/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-errors/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/nginx-ingress/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/oauth2-proxy/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/pgadmin/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/pgadmin/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/pgadmin/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/pgadmin/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/pgadmin/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/playground/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/playground/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/playground/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/playground/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/postgres/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/postgres/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/postgres/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/postgres/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/OWNERS (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/requirements.lock (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/requirements.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/prometheus-operator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redis/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redis/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redis/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redis/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redoc/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redoc/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redoc/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redoc/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/redoc/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/spot-termination-handler/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/backbone-services/zookeeper-v2/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/billing-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/billing-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/billing-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/billing-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/billing-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/collection-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/collection-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/collection-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/collection-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/collection-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-analytics/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-analytics/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-analytics/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-ingest/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-ingest/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/dashboard-ingest/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-account-details-consumer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-account-details-consumer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-instrument/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-instrument/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-instrument/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-instrument/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-instrument/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-master/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-master/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-master/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-master/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-master/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-masters/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-masters/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-masters/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-masters/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-voucher-indexer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egf-voucher-indexer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-apportion-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-apportion-service/templates/ingress.yml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-apportion-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-apportion-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-edcr/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/templates/override-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-finance/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-hrms/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-hrms/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-hrms/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-hrms/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/egov-hrms/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/templates/pv.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/templates/pvc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/mysql/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/templates/pv.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/templates/pvc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/business-services/wordpress/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/db-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/services/db-endpoints.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/templates/services/db-service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/cluster-configs/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/.helmignore (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/README.md (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_helpers.tpl (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/templates/_servicemonitor.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/common/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/chatbot-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/requirements.lock (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/chatbot/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-accesscontrol/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-accesscontrol/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-accesscontrol/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-common-masters/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-common-masters/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-common-masters/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-common-masters/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-common-masters/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-data-uploader/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-data-uploader/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-data-uploader/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-enc-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-enc-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-enc-service/templates/ingress.yml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-enc-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-enc-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/templates/pvc.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-filestore/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-idgen/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-idgen/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-idgen/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-idgen/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-idgen/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-index-custom-consumer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-indexer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-indexer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-indexer/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-indexer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-indexer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-localization/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-localization/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-localization/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-localization/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-localization/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-location/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-location/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-location/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-location/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-location/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-mdms-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-mail/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-mail/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-mail/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-sms/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-sms/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-notification-sms/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-otp/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-otp/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-otp/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-otp/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-otp/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pdf/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pdf/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pdf/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pdf/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pdf/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-persister/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-persister/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-persister/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-persister/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pg-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pg-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pg-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pg-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-pg-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-searcher/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-searcher/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-searcher/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-searcher/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-searcher/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-url-shortening/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-url-shortening/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-url-shortening/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user-chatbot/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user-chatbot/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user-chatbot/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/egov-user-enc-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/egov-user-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-user/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow-v2/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow-v2/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow-v2/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/egov-workflow/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/templates/role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/internal-gateway/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/requirements.lock (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/mailbot/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/nlp-engine/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/nlp-engine/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/nlp-engine/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/nlp-engine/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/nlp-engine/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/pdf-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/pdf-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/pdf-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/pdf-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/pdf-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/report/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/report/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/report/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/report/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/report/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/telemetry/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/telemetry/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/telemetry/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/telemetry/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/telemetry/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/user-otp/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/user-otp/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/user-otp/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/user-otp/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/user-otp/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/xstate-chatbot/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/templates/role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/templates/rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/core-services/zuul/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/citizen/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/common-screen/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/common-screen/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/common-screen/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/common-screen/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/common-screen/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/digit-ui/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/dss-dashboard/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/dss-dashboard/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/dss-dashboard/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/dss-dashboard/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/dss-dashboard/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-mcs/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-tradelicence/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-tradelicence/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee-tradelicence/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/employee/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/hrms-web/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/hrms-web/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/hrms-web/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/hrms-web/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/rainmaker-custom-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/react-pgr-web/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/react-pgr-web/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/react-pgr-web/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/react-pgr-web/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-app/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-app/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-app/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-app/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-dashboard/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-dashboard/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-dashboard/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-dashboard/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-dashboard/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-localisation/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-uploader/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-uploader/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-uploader/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/frontend/ui-uploader/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/approver-dashboard/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/approver-dashboard/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/approver-dashboard/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew-cron/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew-cron/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew-cron/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/ecurfew/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epass-chatbot/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epass-chatbot/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epass-chatbot/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/templates/role.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/epasszuul/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/requester-dashboard/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/requester-dashboard/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/requester-dashboard/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ispirit/trai-gateway/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/bpa-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/echallan-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/egov-user-event/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/egov-user-event/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/egov-user-event/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/firenoc-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/fsm/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/inbox/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/inbox/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/inbox/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/inbox/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/inbox/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/land-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/land-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/land-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/land-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/land-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/noc-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/noc-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/noc-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/noc-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/noc-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pgr-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pgr-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pgr-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pgr-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pgr-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/property-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/property-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/property-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/property-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/property-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-calculator-v2/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-services-v2/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-services-v2/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/pt-services-v2/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/rainmaker-pgr/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/sw-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/tl-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/turn-io-adapter/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/turn-io-adapter/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vehicle/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vehicle/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vehicle/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vehicle/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vehicle/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vendor/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vendor/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vendor/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vendor/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/vendor/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-calculator/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-calculator/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-calculator/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-services/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-services/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-services/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-services/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/municipal-services/ws-services/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/case-management/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/case-management/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/case-management/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/case-management/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/case-management/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/cova-dgr-fetch/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/cova-dgr-fetch/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/data-upload/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/data-upload/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/data-upload/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/data-upload/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/data-upload/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-custom-consumer/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-custom-consumer/templates/service.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-custom-consumer/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/mailbot-cron/Chart.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml (100%) rename {deploy-as-code => config-as-code}/helm/charts/utilities/mailbot-cron/values.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml (100%) rename {deploy-as-code/helm => config-as-code}/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml (100%) rename deploy-as-code/{egov-deployer => deployer}/Dockerfile (100%) rename deploy-as-code/{egov-deployer => deployer}/cmd/deploy.go (93%) rename deploy-as-code/{egov-deployer => deployer}/cmd/root.go (92%) rename deploy-as-code/{infra-provisioner/infra_setup.go => deployer/full_installer.go} (91%) rename deploy-as-code/{egov-deployer => deployer}/go.mod (56%) rename deploy-as-code/{egov-deployer => deployer}/go.sum (97%) rename deploy-as-code/{egov-deployer => deployer}/internal/README.md (100%) rename deploy-as-code/{egov-deployer => deployer}/internal/app/_your_app_/.keep (100%) rename deploy-as-code/{egov-deployer => deployer}/internal/pkg/_your_private_lib_/.keep (100%) rename deploy-as-code/{egov-deployer => deployer}/main.go (95%) rename deploy-as-code/{egov-deployer => deployer}/pkg/README.md (100%) rename deploy-as-code/{egov-deployer => deployer}/pkg/cmd/deployer/deployer.go (93%) rename deploy-as-code/{egov-deployer => deployer}/pkg/cmd/deployer/options.go (95%) rename deploy-as-code/{egov-deployer/digit_setup.go => deployer/standalone_installer.go} (53%) delete mode 100644 deploy-as-code/helm/charts/cluster-configs/Chart.lock delete mode 100644 deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml delete mode 100644 deploy-as-code/infra-provisioner/Dockerfile delete mode 100644 deploy-as-code/infra-provisioner/go.mod delete mode 100644 deploy-as-code/infra-provisioner/go.sum diff --git a/deploy-as-code/helm/environments/ci-demo-secrets.yaml b/config-as-code/environments/ci-demo-secrets.yaml similarity index 100% rename from deploy-as-code/helm/environments/ci-demo-secrets.yaml rename to config-as-code/environments/ci-demo-secrets.yaml diff --git a/deploy-as-code/helm/environments/ci-demo.yaml b/config-as-code/environments/ci-demo.yaml similarity index 100% rename from deploy-as-code/helm/environments/ci-demo.yaml rename to config-as-code/environments/ci-demo.yaml diff --git a/deploy-as-code/helm/environments/egov-demo-secrets.yaml b/config-as-code/environments/egov-demo-secrets.yaml similarity index 100% rename from deploy-as-code/helm/environments/egov-demo-secrets.yaml rename to config-as-code/environments/egov-demo-secrets.yaml diff --git a/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml b/config-as-code/environments/egov-demo-template-secrets.yaml similarity index 100% rename from deploy-as-code/helm/environments/egov-demo-template-secrets.yaml rename to config-as-code/environments/egov-demo-template-secrets.yaml diff --git a/deploy-as-code/helm/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml similarity index 100% rename from deploy-as-code/helm/environments/egov-demo-template.yaml rename to config-as-code/environments/egov-demo-template.yaml diff --git a/deploy-as-code/helm/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml similarity index 100% rename from deploy-as-code/helm/environments/egov-demo.yaml rename to config-as-code/environments/egov-demo.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore b/config-as-code/helm/charts/backbone-services/cert-manager/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore rename to config-as-code/helm/charts/backbone-services/cert-manager/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml b/config-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml rename to config-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml rename to config-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml b/config-as-code/helm/charts/backbone-services/es-curator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml rename to config-as-code/helm/charts/backbone-services/es-curator/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml b/config-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml rename to config-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml b/config-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml rename to config-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml b/config-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml rename to config-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/values.yaml b/config-as-code/helm/charts/backbone-services/fluent-bit/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/fluent-bit/values.yaml rename to config-as-code/helm/charts/backbone-services/fluent-bit/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/Chart.yaml b/config-as-code/helm/charts/backbone-services/grafana/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/Chart.yaml rename to config-as-code/helm/charts/backbone-services/grafana/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml b/config-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml rename to config-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/templates/service.yaml b/config-as-code/helm/charts/backbone-services/grafana/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/grafana/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/grafana/values.yaml b/config-as-code/helm/charts/backbone-services/grafana/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/grafana/values.yaml rename to config-as-code/helm/charts/backbone-services/grafana/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/Chart.yaml b/config-as-code/helm/charts/backbone-services/jaeger/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/Chart.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml b/config-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/values.yaml b/config-as-code/helm/charts/backbone-services/jaeger/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jaeger/values.yaml rename to config-as-code/helm/charts/backbone-services/jaeger/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/.helmignore b/config-as-code/helm/charts/backbone-services/jenkins/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/.helmignore rename to config-as-code/helm/charts/backbone-services/jenkins/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md b/config-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md rename to config-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/Chart.yaml b/config-as-code/helm/charts/backbone-services/jenkins/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/Chart.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/OWNERS b/config-as-code/helm/charts/backbone-services/jenkins/OWNERS similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/OWNERS rename to config-as-code/helm/charts/backbone-services/jenkins/OWNERS diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/README.md b/config-as-code/helm/charts/backbone-services/jenkins/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/README.md rename to config-as-code/helm/charts/backbone-services/jenkins/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt rename to config-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml b/config-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml b/config-as-code/helm/charts/backbone-services/jenkins/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml rename to config-as-code/helm/charts/backbone-services/jenkins/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml b/config-as-code/helm/charts/backbone-services/kafka-connect/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml rename to config-as-code/helm/charts/backbone-services/kafka-connect/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/values.yaml b/config-as-code/helm/charts/backbone-services/kafka-v2/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kafka-v2/values.yaml rename to config-as-code/helm/charts/backbone-services/kafka-v2/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml b/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml b/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml rename to config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml b/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml rename to config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml b/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml rename to config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml b/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml rename to config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana-v1/values.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kibana-v1/values.yaml rename to config-as-code/helm/charts/backbone-services/kibana-v1/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore b/config-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS b/config-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/README.md b/config-as-code/helm/charts/backbone-services/kube-state-metrics/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/README.md rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml b/config-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml rename to config-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt b/config-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt rename to config-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/README.md b/config-as-code/helm/charts/backbone-services/kuberhealthy/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/README.md rename to config-as-code/helm/charts/backbone-services/kuberhealthy/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml b/config-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml rename to config-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/.helmignore b/config-as-code/helm/charts/backbone-services/minio/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/.helmignore rename to config-as-code/helm/charts/backbone-services/minio/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/minio/Chart.yaml b/config-as-code/helm/charts/backbone-services/minio/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/Chart.yaml rename to config-as-code/helm/charts/backbone-services/minio/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/service.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml b/config-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml rename to config-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/minio/values.yaml b/config-as-code/helm/charts/backbone-services/minio/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/minio/values.yaml rename to config-as-code/helm/charts/backbone-services/minio/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/.helmignore b/config-as-code/helm/charts/backbone-services/nginx-errors/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/.helmignore rename to config-as-code/helm/charts/backbone-services/nginx-errors/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml b/config-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml rename to config-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt rename to config-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml b/config-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml b/config-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml rename to config-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-errors/values.yaml b/config-as-code/helm/charts/backbone-services/nginx-errors/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-errors/values.yaml rename to config-as-code/helm/charts/backbone-services/nginx-errors/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/README.md b/config-as-code/helm/charts/backbone-services/nginx-ingress/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/README.md rename to config-as-code/helm/charts/backbone-services/nginx-ingress/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml rename to config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore b/config-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml b/config-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml rename to config-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml b/config-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml rename to config-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml b/config-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml b/config-as-code/helm/charts/backbone-services/pgadmin/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml rename to config-as-code/helm/charts/backbone-services/pgadmin/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/playground/Chart.yaml b/config-as-code/helm/charts/backbone-services/playground/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/playground/Chart.yaml rename to config-as-code/helm/charts/backbone-services/playground/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/playground/README.md b/config-as-code/helm/charts/backbone-services/playground/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/playground/README.md rename to config-as-code/helm/charts/backbone-services/playground/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/playground/values.yaml b/config-as-code/helm/charts/backbone-services/playground/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/playground/values.yaml rename to config-as-code/helm/charts/backbone-services/playground/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/Chart.yaml b/config-as-code/helm/charts/backbone-services/postgres/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/postgres/Chart.yaml rename to config-as-code/helm/charts/backbone-services/postgres/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/templates/service.yaml b/config-as-code/helm/charts/backbone-services/postgres/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/postgres/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/postgres/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml b/config-as-code/helm/charts/backbone-services/postgres/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/postgres/values.yaml rename to config-as-code/helm/charts/backbone-services/postgres/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml b/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml b/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore b/config-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore rename to config-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md b/config-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md rename to config-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS b/config-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS rename to config-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/README.md b/config-as-code/helm/charts/backbone-services/prometheus-operator/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/README.md rename to config-as-code/helm/charts/backbone-services/prometheus-operator/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py b/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py rename to config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock b/config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock rename to config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/config-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml rename to config-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redis/Chart.yaml b/config-as-code/helm/charts/backbone-services/redis/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redis/Chart.yaml rename to config-as-code/helm/charts/backbone-services/redis/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redis/templates/service.yaml b/config-as-code/helm/charts/backbone-services/redis/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redis/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/redis/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redis/values.yaml b/config-as-code/helm/charts/backbone-services/redis/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redis/values.yaml rename to config-as-code/helm/charts/backbone-services/redis/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redoc/Chart.yaml b/config-as-code/helm/charts/backbone-services/redoc/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redoc/Chart.yaml rename to config-as-code/helm/charts/backbone-services/redoc/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml rename to config-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml rename to config-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redoc/templates/service.yaml b/config-as-code/helm/charts/backbone-services/redoc/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redoc/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/redoc/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/redoc/values.yaml b/config-as-code/helm/charts/backbone-services/redoc/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/redoc/values.yaml rename to config-as-code/helm/charts/backbone-services/redoc/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml b/config-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml rename to config-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/README.md b/config-as-code/helm/charts/backbone-services/zookeeper-v2/README.md similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/README.md rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/README.md diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml b/config-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml rename to config-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/billing-service/Chart.yaml b/config-as-code/helm/charts/business-services/billing-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/billing-service/Chart.yaml rename to config-as-code/helm/charts/business-services/billing-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml b/config-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml b/config-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/billing-service/templates/service.yaml b/config-as-code/helm/charts/business-services/billing-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/billing-service/templates/service.yaml rename to config-as-code/helm/charts/business-services/billing-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/billing-service/values.yaml b/config-as-code/helm/charts/business-services/billing-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/billing-service/values.yaml rename to config-as-code/helm/charts/business-services/billing-service/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/collection-services/Chart.yaml b/config-as-code/helm/charts/business-services/collection-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/collection-services/Chart.yaml rename to config-as-code/helm/charts/business-services/collection-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml b/config-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml b/config-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/collection-services/templates/service.yaml b/config-as-code/helm/charts/business-services/collection-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/collection-services/templates/service.yaml rename to config-as-code/helm/charts/business-services/collection-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/collection-services/values.yaml b/config-as-code/helm/charts/business-services/collection-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/collection-services/values.yaml rename to config-as-code/helm/charts/business-services/collection-services/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml b/config-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml rename to config-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml b/config-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml b/config-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml b/config-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml rename to config-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml b/config-as-code/helm/charts/business-services/dashboard-analytics/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml rename to config-as-code/helm/charts/business-services/dashboard-analytics/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml b/config-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml rename to config-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml b/config-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml b/config-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml b/config-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml rename to config-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/dashboard-ingest/values.yaml b/config-as-code/helm/charts/business-services/dashboard-ingest/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/dashboard-ingest/values.yaml rename to config-as-code/helm/charts/business-services/dashboard-ingest/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml b/config-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml rename to config-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml b/config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml rename to config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml b/config-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml rename to config-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-instrument/Chart.yaml b/config-as-code/helm/charts/business-services/egf-instrument/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-instrument/Chart.yaml rename to config-as-code/helm/charts/business-services/egf-instrument/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml b/config-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml b/config-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml rename to config-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-instrument/values.yaml b/config-as-code/helm/charts/business-services/egf-instrument/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-instrument/values.yaml rename to config-as-code/helm/charts/business-services/egf-instrument/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-master/Chart.yaml b/config-as-code/helm/charts/business-services/egf-master/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-master/Chart.yaml rename to config-as-code/helm/charts/business-services/egf-master/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml b/config-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-master/templates/service.yaml b/config-as-code/helm/charts/business-services/egf-master/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-master/templates/service.yaml rename to config-as-code/helm/charts/business-services/egf-master/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-master/values.yaml b/config-as-code/helm/charts/business-services/egf-master/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-master/values.yaml rename to config-as-code/helm/charts/business-services/egf-master/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-masters/Chart.yaml b/config-as-code/helm/charts/business-services/egf-masters/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-masters/Chart.yaml rename to config-as-code/helm/charts/business-services/egf-masters/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-masters/templates/service.yaml b/config-as-code/helm/charts/business-services/egf-masters/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-masters/templates/service.yaml rename to config-as-code/helm/charts/business-services/egf-masters/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-masters/values.yaml b/config-as-code/helm/charts/business-services/egf-masters/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-masters/values.yaml rename to config-as-code/helm/charts/business-services/egf-masters/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml b/config-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml rename to config-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml b/config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml rename to config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml b/config-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml rename to config-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml b/config-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml rename to config-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml b/config-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml rename to config-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml diff --git a/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml b/config-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml rename to config-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-apportion-service/values.yaml b/config-as-code/helm/charts/business-services/egov-apportion-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-apportion-service/values.yaml rename to config-as-code/helm/charts/business-services/egov-apportion-service/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/Chart.yaml b/config-as-code/helm/charts/business-services/egov-edcr/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/Chart.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml b/config-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml b/config-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml b/config-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-edcr/values.yaml b/config-as-code/helm/charts/business-services/egov-edcr/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-edcr/values.yaml rename to config-as-code/helm/charts/business-services/egov-edcr/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/Chart.yaml b/config-as-code/helm/charts/business-services/egov-finance/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/Chart.yaml rename to config-as-code/helm/charts/business-services/egov-finance/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml b/config-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml b/config-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml rename to config-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/templates/service.yaml b/config-as-code/helm/charts/business-services/egov-finance/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/templates/service.yaml rename to config-as-code/helm/charts/business-services/egov-finance/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-finance/values.yaml b/config-as-code/helm/charts/business-services/egov-finance/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-finance/values.yaml rename to config-as-code/helm/charts/business-services/egov-finance/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/Chart.yaml b/config-as-code/helm/charts/business-services/egov-hrms/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-hrms/Chart.yaml rename to config-as-code/helm/charts/business-services/egov-hrms/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml b/config-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml b/config-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml b/config-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml rename to config-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml b/config-as-code/helm/charts/business-services/egov-hrms/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml rename to config-as-code/helm/charts/business-services/egov-hrms/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml b/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml rename to config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml b/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml b/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml rename to config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml b/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml rename to config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/Chart.yaml b/config-as-code/helm/charts/business-services/mysql/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/Chart.yaml rename to config-as-code/helm/charts/business-services/mysql/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/templates/deployment.yaml b/config-as-code/helm/charts/business-services/mysql/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/mysql/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/templates/pv.yaml b/config-as-code/helm/charts/business-services/mysql/templates/pv.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/templates/pv.yaml rename to config-as-code/helm/charts/business-services/mysql/templates/pv.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/templates/pvc.yaml b/config-as-code/helm/charts/business-services/mysql/templates/pvc.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/templates/pvc.yaml rename to config-as-code/helm/charts/business-services/mysql/templates/pvc.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/templates/service.yaml b/config-as-code/helm/charts/business-services/mysql/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/templates/service.yaml rename to config-as-code/helm/charts/business-services/mysql/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/mysql/values.yaml b/config-as-code/helm/charts/business-services/mysql/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/mysql/values.yaml rename to config-as-code/helm/charts/business-services/mysql/values.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/Chart.yaml b/config-as-code/helm/charts/business-services/wordpress/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/Chart.yaml rename to config-as-code/helm/charts/business-services/wordpress/Chart.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml b/config-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml rename to config-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml b/config-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml rename to config-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/templates/pv.yaml b/config-as-code/helm/charts/business-services/wordpress/templates/pv.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/templates/pv.yaml rename to config-as-code/helm/charts/business-services/wordpress/templates/pv.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml b/config-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml rename to config-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/templates/service.yaml b/config-as-code/helm/charts/business-services/wordpress/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/templates/service.yaml rename to config-as-code/helm/charts/business-services/wordpress/templates/service.yaml diff --git a/deploy-as-code/helm/charts/business-services/wordpress/values.yaml b/config-as-code/helm/charts/business-services/wordpress/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/business-services/wordpress/values.yaml rename to config-as-code/helm/charts/business-services/wordpress/values.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/Chart.yaml b/config-as-code/helm/charts/cluster-configs/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/Chart.yaml rename to config-as-code/helm/charts/cluster-configs/Chart.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml b/config-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml rename to config-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml b/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml rename to config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml b/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml rename to config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml b/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml rename to config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml b/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml rename to config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml rename to config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml b/config-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml rename to config-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml b/config-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml rename to config-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml b/config-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml rename to config-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml rename to config-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml b/config-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml rename to config-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml b/config-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml rename to config-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/config-as-code/helm/charts/cluster-configs/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/values.yaml rename to config-as-code/helm/charts/cluster-configs/values.yaml diff --git a/deploy-as-code/helm/charts/common/.helmignore b/config-as-code/helm/charts/common/.helmignore similarity index 100% rename from deploy-as-code/helm/charts/common/.helmignore rename to config-as-code/helm/charts/common/.helmignore diff --git a/deploy-as-code/helm/charts/common/Chart.yaml b/config-as-code/helm/charts/common/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/Chart.yaml rename to config-as-code/helm/charts/common/Chart.yaml diff --git a/deploy-as-code/helm/charts/common/README.md b/config-as-code/helm/charts/common/README.md similarity index 100% rename from deploy-as-code/helm/charts/common/README.md rename to config-as-code/helm/charts/common/README.md diff --git a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml b/config-as-code/helm/charts/common/templates/_cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_cronjob.yaml rename to config-as-code/helm/charts/common/templates/_cronjob.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_deployment.yaml b/config-as-code/helm/charts/common/templates/_deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_deployment.yaml rename to config-as-code/helm/charts/common/templates/_deployment.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_helpers.tpl b/config-as-code/helm/charts/common/templates/_helpers.tpl similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_helpers.tpl rename to config-as-code/helm/charts/common/templates/_helpers.tpl diff --git a/deploy-as-code/helm/charts/common/templates/_ingress.yaml b/config-as-code/helm/charts/common/templates/_ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_ingress.yaml rename to config-as-code/helm/charts/common/templates/_ingress.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_service.yaml b/config-as-code/helm/charts/common/templates/_service.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_service.yaml rename to config-as-code/helm/charts/common/templates/_service.yaml diff --git a/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml b/config-as-code/helm/charts/common/templates/_servicemonitor.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml rename to config-as-code/helm/charts/common/templates/_servicemonitor.yaml diff --git a/deploy-as-code/helm/charts/common/values.yaml b/config-as-code/helm/charts/common/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/common/values.yaml rename to config-as-code/helm/charts/common/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/Chart.yaml b/config-as-code/helm/charts/core-services/chatbot/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/Chart.yaml rename to config-as-code/helm/charts/core-services/chatbot/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml b/config-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml rename to config-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml b/config-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml rename to config-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/requirements.lock b/config-as-code/helm/charts/core-services/chatbot/requirements.lock similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/requirements.lock rename to config-as-code/helm/charts/core-services/chatbot/requirements.lock diff --git a/deploy-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml b/config-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml b/config-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/chatbot/templates/service.yaml b/config-as-code/helm/charts/core-services/chatbot/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/chatbot/templates/service.yaml rename to config-as-code/helm/charts/core-services/chatbot/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml b/config-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/config-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml rename to config-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml b/config-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml b/config-as-code/helm/charts/core-services/egov-common-masters/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml rename to config-as-code/helm/charts/core-services/egov-common-masters/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml b/config-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml b/config-as-code/helm/charts/core-services/egov-data-uploader/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml rename to config-as-code/helm/charts/core-services/egov-data-uploader/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml b/config-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml b/config-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml rename to config-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml b/config-as-code/helm/charts/core-services/egov-enc-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml rename to config-as-code/helm/charts/core-services/egov-enc-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/Chart.yaml b/config-as-code/helm/charts/core-services/egov-filestore/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml b/config-as-code/helm/charts/core-services/egov-filestore/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml rename to config-as-code/helm/charts/core-services/egov-filestore/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/Chart.yaml b/config-as-code/helm/charts/core-services/egov-idgen/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-idgen/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-idgen/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml b/config-as-code/helm/charts/core-services/egov-idgen/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml rename to config-as-code/helm/charts/core-services/egov-idgen/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml b/config-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml b/config-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml rename to config-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/Chart.yaml b/config-as-code/helm/charts/core-services/egov-indexer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-indexer/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-indexer/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/config-as-code/helm/charts/core-services/egov-indexer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml rename to config-as-code/helm/charts/core-services/egov-indexer/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/Chart.yaml b/config-as-code/helm/charts/core-services/egov-localization/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-localization/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-localization/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-localization/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-localization/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-localization/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml b/config-as-code/helm/charts/core-services/egov-localization/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-localization/values.yaml rename to config-as-code/helm/charts/core-services/egov-localization/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-location/Chart.yaml b/config-as-code/helm/charts/core-services/egov-location/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-location/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-location/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-location/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-location/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-location/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-location/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml b/config-as-code/helm/charts/core-services/egov-location/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-location/values.yaml rename to config-as-code/helm/charts/core-services/egov-location/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml b/config-as-code/helm/charts/core-services/egov-mdms-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml rename to config-as-code/helm/charts/core-services/egov-mdms-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml b/config-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml b/config-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml rename to config-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml b/config-as-code/helm/charts/core-services/egov-notification-mail/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml rename to config-as-code/helm/charts/core-services/egov-notification-mail/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml b/config-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml b/config-as-code/helm/charts/core-services/egov-notification-sms/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml rename to config-as-code/helm/charts/core-services/egov-notification-sms/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/Chart.yaml b/config-as-code/helm/charts/core-services/egov-otp/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-otp/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-otp/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-otp/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-otp/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-otp/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml b/config-as-code/helm/charts/core-services/egov-otp/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-otp/values.yaml rename to config-as-code/helm/charts/core-services/egov-otp/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/Chart.yaml b/config-as-code/helm/charts/core-services/egov-pdf/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pdf/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-pdf/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml b/config-as-code/helm/charts/core-services/egov-pdf/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml rename to config-as-code/helm/charts/core-services/egov-pdf/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/Chart.yaml b/config-as-code/helm/charts/core-services/egov-persister/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-persister/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-persister/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-persister/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-persister/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-persister/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml b/config-as-code/helm/charts/core-services/egov-persister/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-persister/values.yaml rename to config-as-code/helm/charts/core-services/egov-persister/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml b/config-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml b/config-as-code/helm/charts/core-services/egov-pg-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml rename to config-as-code/helm/charts/core-services/egov-pg-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/Chart.yaml b/config-as-code/helm/charts/core-services/egov-searcher/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-searcher/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-searcher/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml b/config-as-code/helm/charts/core-services/egov-searcher/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml rename to config-as-code/helm/charts/core-services/egov-searcher/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml b/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml b/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml rename to config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml b/config-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/config-as-code/helm/charts/core-services/egov-url-shortening/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml rename to config-as-code/helm/charts/core-services/egov-url-shortening/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml b/config-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml rename to config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/Chart.yaml b/config-as-code/helm/charts/core-services/egov-user/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-user/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml b/config-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml rename to config-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml rename to config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-user/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-user/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-user/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml rename to config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/Chart.yaml b/config-as-code/helm/charts/core-services/egov-workflow/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow/Chart.yaml rename to config-as-code/helm/charts/core-services/egov-workflow/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml rename to config-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml b/config-as-code/helm/charts/core-services/egov-workflow/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml rename to config-as-code/helm/charts/core-services/egov-workflow/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/Chart.yaml b/config-as-code/helm/charts/core-services/internal-gateway/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/Chart.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml b/config-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml b/config-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml b/config-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml b/config-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml b/config-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml b/config-as-code/helm/charts/core-services/internal-gateway/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml rename to config-as-code/helm/charts/core-services/internal-gateway/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/mailbot/Chart.yaml b/config-as-code/helm/charts/core-services/mailbot/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/Chart.yaml rename to config-as-code/helm/charts/core-services/mailbot/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/mailbot/requirements.lock b/config-as-code/helm/charts/core-services/mailbot/requirements.lock similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/requirements.lock rename to config-as-code/helm/charts/core-services/mailbot/requirements.lock diff --git a/deploy-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml b/config-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml b/config-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/mailbot/templates/service.yaml b/config-as-code/helm/charts/core-services/mailbot/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/templates/service.yaml rename to config-as-code/helm/charts/core-services/mailbot/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml b/config-as-code/helm/charts/core-services/mailbot/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/mailbot/values.yaml rename to config-as-code/helm/charts/core-services/mailbot/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/Chart.yaml b/config-as-code/helm/charts/core-services/nlp-engine/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/nlp-engine/Chart.yaml rename to config-as-code/helm/charts/core-services/nlp-engine/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml b/config-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml b/config-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml b/config-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml rename to config-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml b/config-as-code/helm/charts/core-services/nlp-engine/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml rename to config-as-code/helm/charts/core-services/nlp-engine/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/Chart.yaml b/config-as-code/helm/charts/core-services/pdf-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/pdf-service/Chart.yaml rename to config-as-code/helm/charts/core-services/pdf-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml b/config-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml b/config-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/templates/service.yaml b/config-as-code/helm/charts/core-services/pdf-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/pdf-service/templates/service.yaml rename to config-as-code/helm/charts/core-services/pdf-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml b/config-as-code/helm/charts/core-services/pdf-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/pdf-service/values.yaml rename to config-as-code/helm/charts/core-services/pdf-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/report/Chart.yaml b/config-as-code/helm/charts/core-services/report/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/report/Chart.yaml rename to config-as-code/helm/charts/core-services/report/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/report/templates/deployment.yaml b/config-as-code/helm/charts/core-services/report/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/report/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/report/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/report/templates/ingress.yaml b/config-as-code/helm/charts/core-services/report/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/report/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/report/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/report/templates/service.yaml b/config-as-code/helm/charts/core-services/report/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/report/templates/service.yaml rename to config-as-code/helm/charts/core-services/report/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/report/values.yaml b/config-as-code/helm/charts/core-services/report/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/report/values.yaml rename to config-as-code/helm/charts/core-services/report/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/telemetry/Chart.yaml b/config-as-code/helm/charts/core-services/telemetry/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/telemetry/Chart.yaml rename to config-as-code/helm/charts/core-services/telemetry/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml b/config-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml b/config-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/telemetry/templates/service.yaml b/config-as-code/helm/charts/core-services/telemetry/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/telemetry/templates/service.yaml rename to config-as-code/helm/charts/core-services/telemetry/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml b/config-as-code/helm/charts/core-services/telemetry/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/telemetry/values.yaml rename to config-as-code/helm/charts/core-services/telemetry/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/user-otp/Chart.yaml b/config-as-code/helm/charts/core-services/user-otp/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/user-otp/Chart.yaml rename to config-as-code/helm/charts/core-services/user-otp/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml b/config-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml b/config-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/user-otp/templates/service.yaml b/config-as-code/helm/charts/core-services/user-otp/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/user-otp/templates/service.yaml rename to config-as-code/helm/charts/core-services/user-otp/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/user-otp/values.yaml b/config-as-code/helm/charts/core-services/user-otp/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/user-otp/values.yaml rename to config-as-code/helm/charts/core-services/user-otp/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml b/config-as-code/helm/charts/core-services/xstate-chatbot/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml rename to config-as-code/helm/charts/core-services/xstate-chatbot/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/Chart.yaml b/config-as-code/helm/charts/core-services/zuul/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/Chart.yaml rename to config-as-code/helm/charts/core-services/zuul/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/deployment.yaml b/config-as-code/helm/charts/core-services/zuul/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/templates/deployment.yaml rename to config-as-code/helm/charts/core-services/zuul/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml b/config-as-code/helm/charts/core-services/zuul/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml rename to config-as-code/helm/charts/core-services/zuul/templates/role.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml b/config-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml rename to config-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/service.yaml b/config-as-code/helm/charts/core-services/zuul/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/templates/service.yaml rename to config-as-code/helm/charts/core-services/zuul/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml b/config-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml rename to config-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/config-as-code/helm/charts/core-services/zuul/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/zuul/values.yaml rename to config-as-code/helm/charts/core-services/zuul/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/Chart.yaml b/config-as-code/helm/charts/frontend/citizen/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/Chart.yaml rename to config-as-code/helm/charts/frontend/citizen/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/templates/deployment.yaml b/config-as-code/helm/charts/frontend/citizen/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/citizen/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/templates/ingress.yaml b/config-as-code/helm/charts/frontend/citizen/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/citizen/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/templates/service.yaml b/config-as-code/helm/charts/frontend/citizen/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/templates/service.yaml rename to config-as-code/helm/charts/frontend/citizen/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml b/config-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml rename to config-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/frontend/citizen/values.yaml b/config-as-code/helm/charts/frontend/citizen/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/citizen/values.yaml rename to config-as-code/helm/charts/frontend/citizen/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/common-screen/Chart.yaml b/config-as-code/helm/charts/frontend/common-screen/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/common-screen/Chart.yaml rename to config-as-code/helm/charts/frontend/common-screen/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml b/config-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml b/config-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/common-screen/templates/service.yaml b/config-as-code/helm/charts/frontend/common-screen/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/common-screen/templates/service.yaml rename to config-as-code/helm/charts/frontend/common-screen/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/common-screen/values.yaml b/config-as-code/helm/charts/frontend/common-screen/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/common-screen/values.yaml rename to config-as-code/helm/charts/frontend/common-screen/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/Chart.yaml b/config-as-code/helm/charts/frontend/digit-ui/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/Chart.yaml rename to config-as-code/helm/charts/frontend/digit-ui/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml b/config-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml b/config-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/templates/service.yaml b/config-as-code/helm/charts/frontend/digit-ui/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/templates/service.yaml rename to config-as-code/helm/charts/frontend/digit-ui/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml b/config-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml rename to config-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml b/config-as-code/helm/charts/frontend/digit-ui/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/digit-ui/values.yaml rename to config-as-code/helm/charts/frontend/digit-ui/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml b/config-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml rename to config-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml b/config-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml rename to config-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/dss-dashboard/values.yaml b/config-as-code/helm/charts/frontend/dss-dashboard/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/dss-dashboard/values.yaml rename to config-as-code/helm/charts/frontend/dss-dashboard/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/Chart.yaml b/config-as-code/helm/charts/frontend/employee-mcs/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/Chart.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml b/config-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml b/config-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml b/config-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml b/config-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-mcs/values.yaml b/config-as-code/helm/charts/frontend/employee-mcs/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-mcs/values.yaml rename to config-as-code/helm/charts/frontend/employee-mcs/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml b/config-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml rename to config-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml b/config-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml b/config-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml rename to config-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee-tradelicence/values.yaml b/config-as-code/helm/charts/frontend/employee-tradelicence/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee-tradelicence/values.yaml rename to config-as-code/helm/charts/frontend/employee-tradelicence/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/Chart.yaml b/config-as-code/helm/charts/frontend/employee/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/Chart.yaml rename to config-as-code/helm/charts/frontend/employee/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/templates/deployment.yaml b/config-as-code/helm/charts/frontend/employee/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/employee/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/templates/ingress.yaml b/config-as-code/helm/charts/frontend/employee/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/employee/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/templates/service.yaml b/config-as-code/helm/charts/frontend/employee/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/templates/service.yaml rename to config-as-code/helm/charts/frontend/employee/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml b/config-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml rename to config-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/frontend/employee/values.yaml b/config-as-code/helm/charts/frontend/employee/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/employee/values.yaml rename to config-as-code/helm/charts/frontend/employee/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/hrms-web/Chart.yaml b/config-as-code/helm/charts/frontend/hrms-web/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/hrms-web/Chart.yaml rename to config-as-code/helm/charts/frontend/hrms-web/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml b/config-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/hrms-web/templates/service.yaml b/config-as-code/helm/charts/frontend/hrms-web/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/hrms-web/templates/service.yaml rename to config-as-code/helm/charts/frontend/hrms-web/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/hrms-web/values.yaml b/config-as-code/helm/charts/frontend/hrms-web/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/hrms-web/values.yaml rename to config-as-code/helm/charts/frontend/hrms-web/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml b/config-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml rename to config-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml b/config-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml rename to config-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml b/config-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml b/config-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml rename to config-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/react-pgr-web/values.yaml b/config-as-code/helm/charts/frontend/react-pgr-web/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/react-pgr-web/values.yaml rename to config-as-code/helm/charts/frontend/react-pgr-web/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-app/Chart.yaml b/config-as-code/helm/charts/frontend/ui-app/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-app/Chart.yaml rename to config-as-code/helm/charts/frontend/ui-app/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml b/config-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-app/templates/service.yaml b/config-as-code/helm/charts/frontend/ui-app/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-app/templates/service.yaml rename to config-as-code/helm/charts/frontend/ui-app/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-app/values.yaml b/config-as-code/helm/charts/frontend/ui-app/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-app/values.yaml rename to config-as-code/helm/charts/frontend/ui-app/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml b/config-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml rename to config-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml b/config-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml rename to config-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-dashboard/values.yaml b/config-as-code/helm/charts/frontend/ui-dashboard/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-dashboard/values.yaml rename to config-as-code/helm/charts/frontend/ui-dashboard/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/Chart.yaml b/config-as-code/helm/charts/frontend/ui-localisation/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/Chart.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml b/config-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml b/config-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml b/config-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml b/config-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-localisation/values.yaml b/config-as-code/helm/charts/frontend/ui-localisation/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-localisation/values.yaml rename to config-as-code/helm/charts/frontend/ui-localisation/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-uploader/Chart.yaml b/config-as-code/helm/charts/frontend/ui-uploader/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-uploader/Chart.yaml rename to config-as-code/helm/charts/frontend/ui-uploader/Chart.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml b/config-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml rename to config-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml b/config-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml rename to config-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml diff --git a/deploy-as-code/helm/charts/frontend/ui-uploader/values.yaml b/config-as-code/helm/charts/frontend/ui-uploader/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/frontend/ui-uploader/values.yaml rename to config-as-code/helm/charts/frontend/ui-uploader/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml rename to config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml rename to config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/approver-dashboard/values.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/approver-dashboard/values.yaml rename to config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml rename to config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml rename to config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml rename to config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew/Chart.yaml b/config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew/Chart.yaml rename to config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml rename to config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/ecurfew/values.yaml b/config-as-code/helm/charts/ispirit/ecurfew/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/ecurfew/values.yaml rename to config-as-code/helm/charts/ispirit/ecurfew/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml rename to config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml rename to config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epass-chatbot/values.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epass-chatbot/values.yaml rename to config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/Chart.yaml b/config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/Chart.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/ispirit/epasszuul/values.yaml b/config-as-code/helm/charts/ispirit/epasszuul/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/epasszuul/values.yaml rename to config-as-code/helm/charts/ispirit/epasszuul/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml rename to config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml rename to config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/requester-dashboard/values.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/requester-dashboard/values.yaml rename to config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ispirit/trai-gateway/values.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ispirit/trai-gateway/values.yaml rename to config-as-code/helm/charts/ispirit/trai-gateway/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml b/config-as-code/helm/charts/municipal-services/bpa-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml rename to config-as-code/helm/charts/municipal-services/bpa-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml b/config-as-code/helm/charts/municipal-services/echallan-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml rename to config-as-code/helm/charts/municipal-services/echallan-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml b/config-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml rename to config-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml b/config-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml b/config-as-code/helm/charts/municipal-services/egov-user-event/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml rename to config-as-code/helm/charts/municipal-services/egov-user-event/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml b/config-as-code/helm/charts/municipal-services/firenoc-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml rename to config-as-code/helm/charts/municipal-services/firenoc-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml b/config-as-code/helm/charts/municipal-services/fsm/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml rename to config-as-code/helm/charts/municipal-services/fsm/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml b/config-as-code/helm/charts/municipal-services/fsm/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/fsm/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/values.yaml b/config-as-code/helm/charts/municipal-services/fsm/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/fsm/values.yaml rename to config-as-code/helm/charts/municipal-services/fsm/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml b/config-as-code/helm/charts/municipal-services/inbox/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml rename to config-as-code/helm/charts/municipal-services/inbox/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml b/config-as-code/helm/charts/municipal-services/inbox/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/inbox/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/values.yaml b/config-as-code/helm/charts/municipal-services/inbox/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/inbox/values.yaml rename to config-as-code/helm/charts/municipal-services/inbox/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/land-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/land-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/land-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/land-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/values.yaml b/config-as-code/helm/charts/municipal-services/land-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/values.yaml rename to config-as-code/helm/charts/municipal-services/land-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/noc-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/noc-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml b/config-as-code/helm/charts/municipal-services/noc-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml rename to config-as-code/helm/charts/municipal-services/noc-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml b/config-as-code/helm/charts/municipal-services/pgr-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml rename to config-as-code/helm/charts/municipal-services/pgr-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/property-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/property-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/property-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/property-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/values.yaml b/config-as-code/helm/charts/municipal-services/property-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/values.yaml rename to config-as-code/helm/charts/municipal-services/property-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml b/config-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml rename to config-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml b/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml b/config-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml rename to config-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml b/config-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml rename to config-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml b/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml b/config-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml rename to config-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml b/config-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml rename to config-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml b/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml b/config-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml rename to config-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/sw-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/sw-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/sw-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/sw-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml b/config-as-code/helm/charts/municipal-services/sw-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml rename to config-as-code/helm/charts/municipal-services/sw-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/tl-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/tl-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/tl-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/tl-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml b/config-as-code/helm/charts/municipal-services/tl-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml rename to config-as-code/helm/charts/municipal-services/tl-services/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml b/config-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml rename to config-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml b/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml b/config-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml rename to config-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml b/config-as-code/helm/charts/municipal-services/vehicle/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml rename to config-as-code/helm/charts/municipal-services/vehicle/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml b/config-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml b/config-as-code/helm/charts/municipal-services/vehicle/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml rename to config-as-code/helm/charts/municipal-services/vehicle/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml b/config-as-code/helm/charts/municipal-services/vendor/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml rename to config-as-code/helm/charts/municipal-services/vendor/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml b/config-as-code/helm/charts/municipal-services/vendor/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/vendor/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/values.yaml b/config-as-code/helm/charts/municipal-services/vendor/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/vendor/values.yaml rename to config-as-code/helm/charts/municipal-services/vendor/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml b/config-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml rename to config-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml b/config-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/ws-calculator/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml rename to config-as-code/helm/charts/municipal-services/ws-calculator/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml b/config-as-code/helm/charts/municipal-services/ws-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml rename to config-as-code/helm/charts/municipal-services/ws-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml b/config-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml rename to config-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml b/config-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml rename to config-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml b/config-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml rename to config-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml b/config-as-code/helm/charts/municipal-services/ws-services/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml rename to config-as-code/helm/charts/municipal-services/ws-services/values.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml rename to config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/case-management/Chart.yaml b/config-as-code/helm/charts/utilities/case-management/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/case-management/Chart.yaml rename to config-as-code/helm/charts/utilities/case-management/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/case-management/templates/deployment.yaml b/config-as-code/helm/charts/utilities/case-management/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/case-management/templates/deployment.yaml rename to config-as-code/helm/charts/utilities/case-management/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/utilities/case-management/templates/ingress.yaml b/config-as-code/helm/charts/utilities/case-management/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/case-management/templates/ingress.yaml rename to config-as-code/helm/charts/utilities/case-management/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/utilities/case-management/templates/service.yaml b/config-as-code/helm/charts/utilities/case-management/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/case-management/templates/service.yaml rename to config-as-code/helm/charts/utilities/case-management/templates/service.yaml diff --git a/deploy-as-code/helm/charts/utilities/case-management/values.yaml b/config-as-code/helm/charts/utilities/case-management/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/case-management/values.yaml rename to config-as-code/helm/charts/utilities/case-management/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml b/config-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml rename to config-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml b/config-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml rename to config-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml b/config-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml rename to config-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/data-upload/Chart.yaml b/config-as-code/helm/charts/utilities/data-upload/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/data-upload/Chart.yaml rename to config-as-code/helm/charts/utilities/data-upload/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml b/config-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml rename to config-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml b/config-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml rename to config-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/utilities/data-upload/templates/service.yaml b/config-as-code/helm/charts/utilities/data-upload/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/data-upload/templates/service.yaml rename to config-as-code/helm/charts/utilities/data-upload/templates/service.yaml diff --git a/deploy-as-code/helm/charts/utilities/data-upload/values.yaml b/config-as-code/helm/charts/utilities/data-upload/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/data-upload/values.yaml rename to config-as-code/helm/charts/utilities/data-upload/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml b/config-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml rename to config-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml b/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml rename to config-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml b/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml rename to config-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml b/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml rename to config-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml b/config-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml rename to config-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml b/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml rename to config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml b/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml rename to config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml b/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml rename to config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml diff --git a/deploy-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml b/config-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml rename to config-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml diff --git a/deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml b/config-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml rename to config-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/utilities/mailbot-cron/values.yaml b/config-as-code/helm/charts/utilities/mailbot-cron/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/utilities/mailbot-cron/values.yaml rename to config-as-code/helm/charts/utilities/mailbot-cron/values.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml rename to config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml rename to config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.2.yaml diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml rename to config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.3.yaml diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml rename to config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml diff --git a/deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml rename to config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml diff --git a/deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml b/config-as-code/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml similarity index 100% rename from deploy-as-code/helm/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml rename to config-as-code/product-release-charts/iFix/dependancy_chart-mGramSeva-v1.0.yaml diff --git a/deploy-as-code/egov-deployer/Dockerfile b/deploy-as-code/deployer/Dockerfile similarity index 100% rename from deploy-as-code/egov-deployer/Dockerfile rename to deploy-as-code/deployer/Dockerfile diff --git a/deploy-as-code/egov-deployer/cmd/deploy.go b/deploy-as-code/deployer/cmd/deploy.go similarity index 93% rename from deploy-as-code/egov-deployer/cmd/deploy.go rename to deploy-as-code/deployer/cmd/deploy.go index 06f0b41de7..a4f5df86e6 100644 --- a/deploy-as-code/egov-deployer/cmd/deploy.go +++ b/deploy-as-code/deployer/cmd/deploy.go @@ -18,7 +18,7 @@ package cmd import ( "errors" - "egov-deployer/pkg/cmd/deployer" + "deployer/pkg/cmd/deployer" "github.com/spf13/cobra" "github.com/spf13/viper" @@ -48,7 +48,7 @@ to quickly create a Cobra application.`, Run: func(cmd *cobra.Command, args []string) { // fmt.Println("deploy called with images: " + args[0]) - options.HelmDir = viper.GetString("helm-dir") + options.ConfigDir = viper.GetString("helm-dir") deployer.DeployCharts(options) }, } @@ -56,7 +56,7 @@ to quickly create a Cobra application.`, func init() { // deployCmd.Flags().StringVarP(&images, "images", "i", "", "Images to be deployed") - deployCmd.Flags().String("helm-dir", "../helm", "Helm Charts / Configs directory") + deployCmd.Flags().String("helm-dir", "../../config-as-code", "Helm Charts / Configs directory") viper.BindPFlag("helm-dir", deployCmd.Flags().Lookup("helm-dir")) deployCmd.Flags().StringVarP(&options.Environment, "environment", "e", "", "Environment override to be applied") diff --git a/deploy-as-code/egov-deployer/cmd/root.go b/deploy-as-code/deployer/cmd/root.go similarity index 92% rename from deploy-as-code/egov-deployer/cmd/root.go rename to deploy-as-code/deployer/cmd/root.go index 67bad2acb8..8c617d8b37 100644 --- a/deploy-as-code/egov-deployer/cmd/root.go +++ b/deploy-as-code/deployer/cmd/root.go @@ -29,7 +29,7 @@ var cfgFile string // rootCmd represents the base command when called without any subcommands var rootCmd = &cobra.Command{ - Use: "egov-deployer", + Use: "deployer", Short: "A brief description of your application", Long: `A longer description that spans multiple lines and likely contains examples and usage of using your application. For example: @@ -58,7 +58,7 @@ func init() { // Cobra supports persistent flags, which, if defined here, // will be global for your application. - rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.egov-deployer.yaml)") + rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.deployer.yaml)") } @@ -75,9 +75,9 @@ func initConfig() { os.Exit(1) } - // Search config in home directory with name ".egov-deployer" (without extension). + // Search config in home directory with name ".deployer" (without extension). viper.AddConfigPath(home) - viper.SetConfigName(".egov-deployer") + viper.SetConfigName(".deployer") } viper.AutomaticEnv() // read in environment variables that match diff --git a/deploy-as-code/infra-provisioner/infra_setup.go b/deploy-as-code/deployer/full_installer.go similarity index 91% rename from deploy-as-code/infra-provisioner/infra_setup.go rename to deploy-as-code/deployer/full_installer.go index d62f8b23e3..a411d70497 100644 --- a/deploy-as-code/infra-provisioner/infra_setup.go +++ b/deploy-as-code/deployer/full_installer.go @@ -151,7 +151,7 @@ func main() { gitCmd := "" _, err := os.Stat(dir) if os.IsNotExist(err) { - gitCmd = fmt.Sprintf("git clone -b release-infra-demo https://github.com/egovernments/DIGIT-DevOps.git %s", dir) + gitCmd = fmt.Sprintf("git clone -b release https://github.com/egovernments/DIGIT-DevOps.git %s", dir) } else { gitCmd = fmt.Sprintf("git -C %s pull", dir) } @@ -365,7 +365,7 @@ func selectGovServicesToInstall() { var argStr string = "" // Get the versions from the chart and display it to user to select - file, err := os.Open("../helm/product-release-charts/") + file, err := os.Open("../../config-as-code/product-release-charts/") if err != nil { log.Fatalf("failed opening directory: %s", err) } @@ -377,7 +377,7 @@ func selectGovServicesToInstall() { optedProduct, _ = sel(prodList, "Choose the Gov stack services that you would you like to install") if optedProduct != "" { - files, err := ioutil.ReadDir("../helm/product-release-charts/" + optedProduct) + files, err := ioutil.ReadDir("../../config-as-code/product-release-charts/" + optedProduct) if err != nil { log.Fatal(err) } @@ -389,7 +389,7 @@ func selectGovServicesToInstall() { var version string = "" version, _ = sel(versionfiles, "Which version of the selected product would like to install?") if version != "" { - argFile := "../helm/product-release-charts/" + optedProduct + "/dependancy_chart-" + version + ".yaml" + argFile := "../../config-as-code/product-release-charts/" + optedProduct + "/dependancy_chart-" + version + ".yaml" // Decode the yaml file and assigning the values to a map chartFile, err := ioutil.ReadFile(argFile) @@ -448,7 +448,7 @@ func deployScript(argStr string, envfile string) { contextset := setClusterContext() if contextset { - envfilesFromDir, err := ioutil.ReadDir("../helm/environments/") + envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/enironments/") if err != nil { log.Fatal(err) } @@ -464,19 +464,18 @@ func deployScript(argStr string, envfile string) { env, err = sel(envfiles, "Choose the target env for the installation") if env != "" { - var goDeployCmd string - confirm := []string{"Yes", "No"} - goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s%s", env, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) - preview, _ := sel(confirm, "Do you want to preview the manifests before the actual Deployment") + confirm := []string{"Yes", "No"} + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") if preview == "Yes" { - goDeployCmd = fmt.Sprintf("%s -p", goDeployCmd) - fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") - err := execCommand(goDeployCmd) + + fmt.Println("That's cool... Thepreview is getting loaded. Please review it and decide to proceed with the deployment") + err := execCommand(previewDeployCmd) if err == nil { fmt.Println("You can now start actual deployment") - goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) err := execCommand(goDeployCmd) if err == nil { fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") diff --git a/deploy-as-code/egov-deployer/go.mod b/deploy-as-code/deployer/go.mod similarity index 56% rename from deploy-as-code/egov-deployer/go.mod rename to deploy-as-code/deployer/go.mod index 881e0bf9bb..20b3ddb118 100644 --- a/deploy-as-code/egov-deployer/go.mod +++ b/deploy-as-code/deployer/go.mod @@ -1,11 +1,13 @@ -module egov-deployer +module deployer go 1.13 require ( - github.com/manifoldco/promptui v0.8.0 - deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa + github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a // indirect + github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a // indirect github.com/manifoldco/promptui v0.9.0 + github.com/mattn/go-colorable v0.0.9 // indirect + github.com/mattn/go-isatty v0.0.4 // indirect github.com/mitchellh/go-homedir v1.1.0 github.com/spf13/cobra v0.0.5 github.com/spf13/viper v1.6.1 diff --git a/deploy-as-code/egov-deployer/go.sum b/deploy-as-code/deployer/go.sum similarity index 97% rename from deploy-as-code/egov-deployer/go.sum rename to deploy-as-code/deployer/go.sum index 86a763d63b..e91d579612 100644 --- a/deploy-as-code/egov-deployer/go.sum +++ b/deploy-as-code/deployer/go.sum @@ -9,6 +9,7 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= @@ -73,7 +74,11 @@ github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQN github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= +github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= diff --git a/deploy-as-code/egov-deployer/internal/README.md b/deploy-as-code/deployer/internal/README.md similarity index 100% rename from deploy-as-code/egov-deployer/internal/README.md rename to deploy-as-code/deployer/internal/README.md diff --git a/deploy-as-code/egov-deployer/internal/app/_your_app_/.keep b/deploy-as-code/deployer/internal/app/_your_app_/.keep similarity index 100% rename from deploy-as-code/egov-deployer/internal/app/_your_app_/.keep rename to deploy-as-code/deployer/internal/app/_your_app_/.keep diff --git a/deploy-as-code/egov-deployer/internal/pkg/_your_private_lib_/.keep b/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep similarity index 100% rename from deploy-as-code/egov-deployer/internal/pkg/_your_private_lib_/.keep rename to deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep diff --git a/deploy-as-code/egov-deployer/main.go b/deploy-as-code/deployer/main.go similarity index 95% rename from deploy-as-code/egov-deployer/main.go rename to deploy-as-code/deployer/main.go index 49c7d4af4b..9031614abe 100644 --- a/deploy-as-code/egov-deployer/main.go +++ b/deploy-as-code/deployer/main.go @@ -15,7 +15,7 @@ limitations under the License. */ package main -import "egov-deployer/cmd" +import "deployer/cmd" func main() { cmd.Execute() diff --git a/deploy-as-code/egov-deployer/pkg/README.md b/deploy-as-code/deployer/pkg/README.md similarity index 100% rename from deploy-as-code/egov-deployer/pkg/README.md rename to deploy-as-code/deployer/pkg/README.md diff --git a/deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go similarity index 93% rename from deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go rename to deploy-as-code/deployer/pkg/cmd/deployer/deployer.go index fd8be8fcad..1a7869a553 100644 --- a/deploy-as-code/egov-deployer/pkg/cmd/deployer/deployer.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -14,14 +14,16 @@ import ( // DeployCharts deploys render all charts using helm template and deploy them using kubectl apply --recursive func DeployCharts(options Options) { - helmDir, _ := filepath.Abs(options.HelmDir) + configDir, _ := filepath.Abs(options.ConfigDir) + var helmDir = configDir + "/helm" + log.Println(configDir) log.Println("Helm Directory - " + helmDir) index := buildIndex(helmDir) - envOverrideFile := filepath.FromSlash(fmt.Sprintf(helmDir+"/environments/%s.yaml", options.Environment)) + envOverrideFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s.yaml", options.Environment)) if options.ClusterConfigs && !options.Print { - envSecretFile := filepath.FromSlash(fmt.Sprintf(helmDir+"/environments/%s-secrets.yaml", options.Environment)) + envSecretFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s-secrets.yaml", options.Environment)) deployClusterConfigs(index, helmDir, envOverrideFile, envSecretFile) } @@ -117,7 +119,7 @@ func getImageTagFromCluster(service string) (tag string) { } -func deployClusterConfigs(index map[string]string, helmDir string, envOverrideFile string, envSecretFile string) { +func deployClusterConfigs(index map[string]string, configDir string, envOverrideFile string, envSecretFile string) { log.Println("------------------------------------ DEPLOYING CLUSTER CONFIGS ------------------------------------") clusterConfigDir, ok := index["cluster-configs"] @@ -145,11 +147,11 @@ func deployClusterConfigs(index map[string]string, helmDir string, envOverrideFi defer os.RemoveAll(tmpDir) args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - if _, err := os.Stat(helmDir + "/.sops.yaml"); os.IsNotExist(err) { + if _, err := os.Stat(configDir + "/.sops.yaml"); os.IsNotExist(err) { args = append(args, fmt.Sprintf("-f %s", envSecretFile)) } else { sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) - execCommand(sopsDecryptCmd, helmDir) + execCommand(sopsDecryptCmd, configDir) args = append(args, fmt.Sprintf("-f %s", tmpDecFile.Name())) } diff --git a/deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go b/deploy-as-code/deployer/pkg/cmd/deployer/options.go similarity index 95% rename from deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go rename to deploy-as-code/deployer/pkg/cmd/deployer/options.go index 458863a31f..fb56ca7032 100644 --- a/deploy-as-code/egov-deployer/pkg/cmd/deployer/options.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/options.go @@ -1,7 +1,7 @@ package deployer type Options struct { - HelmDir string + ConfigDir string Images string Environment string ClusterConfigs bool diff --git a/deploy-as-code/egov-deployer/digit_setup.go b/deploy-as-code/deployer/standalone_installer.go similarity index 53% rename from deploy-as-code/egov-deployer/digit_setup.go rename to deploy-as-code/deployer/standalone_installer.go index ce720f8a60..d0260da5ee 100644 --- a/deploy-as-code/egov-deployer/digit_setup.go +++ b/deploy-as-code/deployer/standalone_installer.go @@ -75,105 +75,136 @@ func main() { contextset := setClusterContext() if contextset { // Get the versions from the chart and display it to user to select - files, err := ioutil.ReadDir("../helm/digit-release-versions/") + file, err := os.Open("../../config-as-code/product-release-charts/") if err != nil { - log.Fatal(err) + log.Fatalf("failed opening directory: %s", err) } - for _, f := range files { - name := f.Name() - versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) - } - var version string = "" - version, _ = sel(versionfiles, "Which DIGIT Version You would like to install, Select below") - if version != "" { - argFile := "../helm/digit-release-versions/dependancy_chart-" + version + ".yaml" + defer file.Close() - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } + prodList, _ := file.Readdirnames(0) // 0 to read all files and folders - // Parse the yaml values - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) + var product string = "" + product, _ = sel(prodList, "Which Product would you like to install, Please Select") + if product != "" { + files, err := ioutil.ReadDir("../../config-as-code/product-release-charts/" + product) if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return + log.Fatal(err) } - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - } - modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") - //if err == nil { - for result != "Exit" && err == nil { - selectedMod = append(selectedMod, result) - result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) } - if selectedMod != nil { - for _, mod := range selectedMod { - getService(fullChart, mod, *set, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } + var version string = "" + version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") + if version != "" { + argFile := "../../config-as-code/product-release-charts/" + product + "/dependancy_chart-" + version + ".yaml" - } + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Reading file =>", argFile, err) + return } - envfilesFromDir, err := ioutil.ReadDir("../helm/environments/") + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) if err != nil { - log.Fatal(err) + fmt.Println("\n\tERROR: Parsing => ", argFile, err) + return } - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") { - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) } } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") - fmt.Print("") - if env != "" { - var goDeployCmd string - confirm := []string{"Yes", "No"} - - goDeployCmd = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) - - preview, _ := sel(confirm, "Do you want to preview the manifests before the actual Deployment") - if preview == "Yes" { - goDeployCmd = fmt.Sprintf("%s -p", goDeployCmd) - fmt.Println("That's cool... The preview is getting loaded. Please review it and proceed with the deployment") - execCommand(goDeployCmd) + } + } + + envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/environments/") + if err != nil { + log.Fatal(err) + } + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") { + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } } - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") + if env != "" { + confirm := []string{"Yes", "No"} + + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") + + if preview == "Yes" { + fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") + err := execCommand(previewDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } + } } } } - //} } } } diff --git a/deploy-as-code/helm/charts/cluster-configs/Chart.lock b/deploy-as-code/helm/charts/cluster-configs/Chart.lock deleted file mode 100644 index e99ca3c685..0000000000 --- a/deploy-as-code/helm/charts/cluster-configs/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../../common - version: 0.0.5 -digest: sha256:0b29ac5e185ae44f5395fbfd49f48d776adad77e38eb6a6c49355d3f9cd4f934 -generated: "2019-10-24T03:15:55.0429799+05:30" diff --git a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml b/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml deleted file mode 100644 index 278e04304f..0000000000 --- a/deploy-as-code/helm/product-release-charts/DIGIT/dependancy_chart-mGramSeva-v1.0.yaml +++ /dev/null @@ -1,146 +0,0 @@ -version: v1.0 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.3.0-667cb3d3-8 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.0-f9375a4 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.0-f9375a4 - - egovio/egov-filestore:v1.2.0-3acc52b - - egovio/egov-idgen:v1.2.0-f9375a4 - - egovio/egov-indexer:v1.1.1-da68594-7 - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-location:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.0-e50b9eb - - egovio/egov-notification-mail:v1.1.0-40b5f2d - - egovio/egov-notification-sms:v1.1.0-245443e - - egovio/egov-otp:v1.2.0-f9375a4 - - egovio/egov-persister:v1.1.1-58f6da0-9 - - egovio/egov-pg-service:v1.1.0-f9375a4 - - egovio/egov-searcher:v1.1.0-59d3598 - - egovio/egov-url-shortening:v1.0.0-40cc090 - - egovio/egov-user:v1.2.1-4976757 - - egovio/user-otp:v1.1.0-2f36d3a - - egovio/egov-workflow-v2:v1.1.0-42786ef - - egovio/pdf-service:v1.1.0-09b11d9 - - egovio/report:v1.3.0-28b3c97 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - services: - - egovio/collection-services:v1.1.1-4f6c6f7-15 - - egovio/billing-service:v1.1.1-33b0fcf-14 - - egovio/egf-instrument:v1.1.0-005ff61 - - egovio/egf-master:v1.1.0-9959f29 - - egovio/egov-apportion-service:v1.1.2-3436cd5-4 - - egovio/egov-hrms:v1.1.0-43cb793 - - egovio/dashboard-analytics:v1.1.1-14637ce-14 - - egovio/dashboard-ingest:v1.1.1-3436cd5-2 - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.2.0-patch-6141c53a9-1070 - - egovio/employee:v1.2.0-a5a118ad6-291 - - egovio/digit-ui:dev-ad464d9-180 - - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.0.0-51bfb264-25 - - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.1.0-c4f9b279-48 - - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.1.0-fee435c1-2 - - egovio/sw-services:v1.1.0-ae23de49-12 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator - - bpa-services - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.1-c98f0344-4 - - egovio/tl-services:v1.1.1-8b2af30a-30 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator - - firenoc-services - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-d9a0be51-4 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/deploy-as-code/infra-provisioner/Dockerfile b/deploy-as-code/infra-provisioner/Dockerfile deleted file mode 100644 index e61c50bbcd..0000000000 --- a/deploy-as-code/infra-provisioner/Dockerfile +++ /dev/null @@ -1,44 +0,0 @@ - -FROM golang:1.13-alpine as build - -ENV GO111MODULE=on -ENV GOCACHE=/tmp - -ARG WORK_DIR -WORKDIR /app - -COPY ${WORK_DIR}/go.mod . -COPY ${WORK_DIR}/go.sum . - -RUN go mod download - -COPY . . - -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build - - -# Create runtime image -FROM alpine:3 - -ARG KUBECTL_VERSION=v1.15.12 -ARG SOPS_VERSION=v3.5.0 -ARG HELM_VERSION=v3.2.1 -ARG TERRAFORM_VERSION=0.14.10 - -WORKDIR /opt/egov - -RUN addgroup -S egov && adduser -S -G egov egov -COPY --chown=egov:egov --from=build /app/infra-provisioner /opt/egov/ - -RUN chmod +x /opt/egov/infra-provisioner -RUN wget https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl \ - && wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.21.2/2021-07-05/bin/linux/amd64/aws-iam-authenticator \ - && wget -O sops https://github.com/mozilla/sops/releases/download/$SOPS_VERSION/sops-$SOPS_VERSION.linux \ - && wget -qO- https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar xvz \ - && chmod +x ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm \ - && mv ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm /usr/local/bin \ - && wget -O https://releases.hashicorp.com/terraform/$TERRAFORM_VERSION/terraform_$TERRAFORM_VERSION_linux_amd64.zip \ - && unzip ./ terraform_$TERRAFORM_VERSION_linux_amd64.zip -d /usr/local/bin \ - && rm -rf ./linux-amd64 && rm -f /var/cache/apk/* - -# USER egov diff --git a/deploy-as-code/infra-provisioner/go.mod b/deploy-as-code/infra-provisioner/go.mod deleted file mode 100644 index 3426555c05..0000000000 --- a/deploy-as-code/infra-provisioner/go.mod +++ /dev/null @@ -1,12 +0,0 @@ -module infra-provisioner - -go 1.13 - -require ( - github.com/manifoldco/promptui v0.9.0 - github.com/mitchellh/go-homedir v1.1.0 - github.com/spf13/cobra v0.0.5 - github.com/spf13/viper v1.6.1 - gopkg.in/yaml.v2 v2.2.4 - -) diff --git a/deploy-as-code/infra-provisioner/go.sum b/deploy-as-code/infra-provisioner/go.sum deleted file mode 100644 index fcb7462149..0000000000 --- a/deploy-as-code/infra-provisioner/go.sum +++ /dev/null @@ -1,177 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= -github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= -github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -google.golang.org/appengine v1.1.0 h1:igQkv0AAhEIvTEpD5LIpAfav2eeVO9HBTjvKHVJPRSs= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= From 9e352f5a531866960cf436ae66adab4784292ac8 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 10 May 2022 22:01:07 +0530 Subject: [PATCH 035/742] removed s3 state --- infra-as-code/terraform/sample-aws/main.tf | 8 -------- 1 file changed, 8 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 2a46bee648..1c2487d830 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,11 +1,3 @@ -terraform { - backend "s3" { - bucket = "${var.bucket_name}" - key = "terraform" - region = "ap-south-1" - } -} - module "network" { source = "../modules/kubernetes/aws/network" vpc_cidr_block = "${var.vpc_cidr_block}" From b83770b12ce5affebbf00369e4c35be3dc523885 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 11 May 2022 00:52:35 +0530 Subject: [PATCH 036/742] Adding more cases to full installer --- deploy-as-code/deployer/full_installer.go | 509 ++++++++++-------- .../deployer/standalone_installer.go | 9 +- 2 files changed, 288 insertions(+), 230 deletions(-) diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index a411d70497..d8b0707ba5 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -59,91 +59,110 @@ func (set *Set) Get(i string) bool { func main() { - fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please ensure the Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") - //var proceedQuestion string + var optedInfraType string // Infra types supported to deploy DIGIT + var servicesToDeploy string // Modules to be deployed + var number_of_worker_nodes int // No of VMs for the k8s worker nodes + var optedCloud string // Desired InfraType to deploy + var cloudTemplate string // Which terraform template to choose + var cloudLoginCredentials bool // Is there a valid cloud account and credentials infraType := []string{ + "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", "1. Pilot/POC (Just for a POC to Quickstart and explore", "2. DevTest Setup (You to setup and build/customize and test", "3. Bare Minimal (95% reliability), 10 concurrent gov services per sec", - "4. Mendium (99.99% reliability), 100 concurrent gov services per sec", + "4. Medium (99.99% reliability), 100 concurrent gov services per sec", "5. High (99.99% reliability), 1000 concurrent gov services per sec", "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} - var optedInfraType string = "" - optedInfraType, _ = sel(infraType, "Select the suitable below infra option for your usecase") - - var number_of_worker_nodes int - switch { - case optedInfraType == "1. Pilot/POC (Just for a POC where for a Quickstart and explore)": - number_of_worker_nodes = 1 - case optedInfraType == "2. DevTest Setup (You to setup and build/customize and test": - number_of_worker_nodes = 2 //TBD - case optedInfraType == "3. Bare Minimal (95% reliability), 10 concurrent gov services per sec": - number_of_worker_nodes = 3 //TBD - case optedInfraType == "4. Mendium (99.99% reliability), 100 concurrent gov services per sec": - number_of_worker_nodes = 4 //TBD - case optedInfraType == "5. High (99.99% reliability), 1000 concurrent gov services per sec": - number_of_worker_nodes = 5 //TBD - case optedInfraType == "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator) ": - number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) - } + cloudPlatforms := []string{"Local machine/VM", "AWS", "AZURE", "GOOGLE CLOUD (GCP)", "On-prem/Private Cloud"} + + fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please read the detailed Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") + const sPreReq = "Pre-requsites (Please Read Carefully):\nvDIGIT Stack is a combination of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." + fmt.Println(string(Cyan), sPreReq) + + preReqConfirm := []string{"Yes", "No"} + var proceed string = "" + proceed, _ = sel(preReqConfirm, "Are you good to proceed?") + if proceed == "Yes" { + optedInfraType, _ = sel(infraType, "Select the below suitable infra option for your usecase") + switch optedInfraType { + case infraType[0]: + number_of_worker_nodes = 0 + case infraType[1]: + number_of_worker_nodes = 1 + case infraType[2]: + number_of_worker_nodes = 2 + case infraType[3]: + number_of_worker_nodes = 3 //TBD + case infraType[4]: + number_of_worker_nodes = 4 //TBD + case infraType[5]: + number_of_worker_nodes = 5 //TBD + case infraType[6]: + number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) + default: + number_of_worker_nodes = 0 + } - selectGovServicesToInstall() + servicesToDeploy = selectGovServicesToInstall() - cloudPlatforms := []string{"AWS", "AZURE", "GOOGLE CLOUD (GCP)", "On-prem/Private Cloud"} - var optedCloud string = "" - optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") + optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") - var login bool = false - var cloud string = "sample-aws" + switch { + case optedCloud == "Local": - switch { - case optedCloud == "AWS": - var optedAccessType string - var aws_access_key string - var aws_secret_key string - var aws_session_key string + case optedCloud == "AWS": + var optedAccessType string + var aws_access_key string + var aws_secret_key string + var aws_session_key string - accessTypes := []string{"Root Admin", "Temprory Admin"} - optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") + cloudTemplate = "sample-aws" - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Input the AWS access key id\n") - fmt.Scanln(&aws_access_key) + accessTypes := []string{"Root Admin", "Temprory Admin"} + optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") - fmt.Println("Input the AWS secret key\n") - fmt.Scanln(&aws_secret_key) + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Input the AWS access key id\n") + fmt.Scanln(&aws_access_key) - fmt.Println("Input the AWS Session Token\n") - fmt.Scanln(&aws_session_key) + fmt.Println("Input the AWS secret key\n") + fmt.Scanln(&aws_secret_key) - if optedAccessType == "Temprory Admin" { - login = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) - } else { - login = awslogin(aws_access_key, aws_secret_key) - } + fmt.Println("Input the AWS Session Token\n") + fmt.Scanln(&aws_session_key) - case optedCloud == "AZURE": - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - azure_username := enterValue(nil, "Please enter your AZURE UserName") - azure_password := enterValue(nil, "Enter your AZURE Password") - login = azurelogin(azure_username, azure_password) - - case optedCloud == "GOOGLE CLOUD (GCP)": - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - - case optedCloud == "On-prem/Private Cloud": - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + if optedAccessType == "Temprory Admin" { + cloudLoginCredentials = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) + } else { + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key) + } - default: - //fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - //fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + case optedCloud == "AZURE": + cloudTemplate = "sample-azure" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + azure_username := enterValue(nil, "Please enter your AZURE UserName") + azure_password := enterValue(nil, "Enter your AZURE Password") + cloudLoginCredentials = azurelogin(azure_username, azure_password) + + case optedCloud == "GOOGLE CLOUD (GCP)": + cloudTemplate = "sample-gcp" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + case optedCloud == "On-prem/Private Cloud": + cloudTemplate = "sample-private-cloud" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + default: + //fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + //fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + } } - if login { + if cloudLoginCredentials { fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") cluster_name := enterValue(nil, "How do you want to name the Cluster? eg: dev-your-name or org-name") s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) @@ -162,21 +181,21 @@ func main() { //db_name := enterValue(nil, "As part of the DIGIT setup, you need DB to created, what do you want to name the database") - db_pswd := enterValue(nil, "What should be the database pswd to be created") + db_pswd := enterValue(nil, "What should be the database password to be created") - tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloud) + tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloudTemplate) execSingleCommand(tfInitCmd) - tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloud) + tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) fmt.Println(tfPlan) execSingleCommand(tfPlan) - tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloud) + tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) execSingleCommand(tfApply) - tfMainInit := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloud) + tfMainInit := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate) execSingleCommand(tfMainInit) - tfMainPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloud) + tfMainPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate) fmt.Println() fmt.Println(tfMainPlan) execSingleCommand(tfMainPlan) @@ -184,6 +203,11 @@ func main() { //execCommand(tfMainApply) } + contextset := setClusterContext() + if contextset { + deployCharts(servicesToDeploy, prepareDeploymentConfig(optedInfraType)) + } + //terraform output to a file //replace the env values with the tf output //save the kubetconfig and set the currentcontext @@ -229,25 +253,7 @@ func execCommand(command string) error { return err } -func execSingleCommand(command string) error { - var err error - - cmd := exec.Command("sh", "-c", command) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - func setClusterContext() bool { - var contextset bool = false - var kubeconfig string = "" validatepath := func(input string) error { _, err := os.Stat(input) @@ -257,7 +263,8 @@ func setClusterContext() bool { return nil } - kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of the kubeconfig file") + var kubeconfig string + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") if kubeconfig != "" { getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) @@ -268,94 +275,15 @@ func setClusterContext() bool { usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) err := execCommand(usecontextcmd) if err == nil { - contextset = true + return true } } } } - return contextset -} - -func awslogin(accessKey string, secretKey string) bool { - - var login bool = false - - if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey) - fmt.Println(awslogincommand) - err := execSingleCommand(awslogincommand) - if err == nil { - login = true - } - } - return login -} - -func awsloginWithSession(accessKey string, secretKey string, sessionToken string) bool { - - var login bool = false - - if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set aws_session_token \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey, sessionToken) - fmt.Println(awslogincommand) - err := execSingleCommand(awslogincommand) - if err == nil { - login = true - } - } - return login -} - -func azurelogin(userName string, password string) bool { - - var login bool = false - if userName != "" && password != "" { - azurelogincommand := fmt.Sprintf("az login -u %s -p %s", userName, password) - err := execCommand(azurelogincommand) - if err == nil { - login = true - } - } - return login -} - -func sel(items []string, label string) (string, error) { - var result string - var err error - prompt := promptui.Select{ - Label: label, - Items: items, - Size: 30, - } - _, result, err = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result, err -} - -func enterValue(validate promptui.ValidateFunc, label string) string { - var result string - prompt := promptui.Prompt{ - Label: label, - Validate: validate, - } - result, _ = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result + return false } -func endScript() { - fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") - return -} - -func selectGovServicesToInstall() { +func selectGovServicesToInstall() string { var versionfiles []string var modules []string @@ -363,9 +291,10 @@ func selectGovServicesToInstall() { svclist := list.New() set := NewSet() var argStr string = "" + var releaseChartDir string = "../../config-as-code/product-release-charts/" // Get the versions from the chart and display it to user to select - file, err := os.Open("../../config-as-code/product-release-charts/") + file, err := os.Open(releaseChartDir) if err != nil { log.Fatalf("failed opening directory: %s", err) } @@ -377,7 +306,7 @@ func selectGovServicesToInstall() { optedProduct, _ = sel(prodList, "Choose the Gov stack services that you would you like to install") if optedProduct != "" { - files, err := ioutil.ReadDir("../../config-as-code/product-release-charts/" + optedProduct) + files, err := ioutil.ReadDir(releaseChartDir + optedProduct) if err != nil { log.Fatal(err) } @@ -389,13 +318,13 @@ func selectGovServicesToInstall() { var version string = "" version, _ = sel(versionfiles, "Which version of the selected product would like to install?") if version != "" { - argFile := "../../config-as-code/product-release-charts/" + optedProduct + "/dependancy_chart-" + version + ".yaml" + argFile := releaseChartDir + optedProduct + "/dependancy_chart-" + version + ".yaml" // Decode the yaml file and assigning the values to a map chartFile, err := ioutil.ReadFile(argFile) if err != nil { fmt.Println("\n\tERROR: Preparing required services details =>", argFile, err) - return + return "" } // Parse the yaml values @@ -403,7 +332,7 @@ func selectGovServicesToInstall() { err = yaml.Unmarshal(chartFile, &fullChart) if err != nil { fmt.Println("\n\tERROR: Sourcing the the gov services matrix for your requirement => ", argFile, err) - return + return "" } // Mapping the images to servicename @@ -439,73 +368,201 @@ func selectGovServicesToInstall() { } } } - + return argStr } -func deployScript(argStr string, envfile string) { +func prepareDeploymentConfig(installType string) string { - var envfiles []string - contextset := setClusterContext() + var targetConfig string = "" - if contextset { + fmt.Sprintf("Now, you need to prepare the deployment configuration for the following infraType that you chose\n\t %s", installType) + + fmt.Sprintf("Prepare deployment configuration eessentially means the following, please read carefully and ensure it is available:\n\n\t 1. You need to specify your URL in which you want to application to be available\n\t 2. Depending the Gov services that you chose, following specific details should be configured\n\t\t\t 1. Notification services like SMS, Email, gateway details for OTPs, Notifications\n\t\t\t 2. Whatsapp Integration configuration for chartBot services\n\t\t\t 3. Payment Gateways if PT, TL services chosen for making the payment transactions\n\t\t\t 4. Google GeoCoding API credentials, for the location services\n\t\t\t 5.Your MDMS and configuration with your tenant and role access details\n\t 3. Your DB details \n\t 4. As per your Infra type and the actual cloud resource provisioning the Disk volumes should be mapped to the stateful services like ElasticService, Kafka, Zookeeper, etc") + + /* envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/enironments/") if err != nil { log.Fatal(err) } - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") { - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + + switch { + case infraType[0]: + targetConfig = "" + case infraType[1]: + targetConfig = "egov-demo" + case infraType[2]: + targetConfig = "egov-demo" + case infraType[3]: + targetConfig = "egov-demo" + case infraType[4]: + targetConfig = "egov-demo" + case infraType[5]: + targetConfig = "egov-demo" + case infraType[6]: + targetConfig = "egov-demo" + default: + targetConfig = "egov-demo" + } + + + var envfile string = "" + + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") { + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } } - } - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env for the installation") + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env for the installation") - if env != "" { + */ - var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s%s", env, argStr) - var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + return targetConfig +} - confirm := []string{"Yes", "No"} - preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") - if preview == "Yes" { +func deployCharts(argStr string, configFile string) { - fmt.Println("That's cool... Thepreview is getting loaded. Please review it and decide to proceed with the deployment") - err := execCommand(previewDeployCmd) - if err == nil { - fmt.Println("You can now start actual deployment") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } else { - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s%s", configFile, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + confirm := []string{"Yes", "No"} + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") + if preview == "Yes" { + fmt.Println("That's cool... preview is getting loaded. Please review it and cross check the kubernetes manifests before the deployment") + err := execCommand(previewDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + endScript() + } + + } + +} + +func execSingleCommand(command string) error { + var err error + + cmd := exec.Command("sh", "-c", command) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} +// Cloud cloudLoginCredentials functions +func awslogin(accessKey string, secretKey string) bool { + + var cloudLoginCredentials bool = false + + if accessKey != "" && secretKey != "" { + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey) + fmt.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + cloudLoginCredentials = true } } + return cloudLoginCredentials +} + +func awsloginWithSession(accessKey string, secretKey string, sessionToken string) bool { + + var cloudLoginCredentials bool = false + + if accessKey != "" && secretKey != "" { + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set aws_session_token \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey, sessionToken) + fmt.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + cloudLoginCredentials = true + } + } + return cloudLoginCredentials +} + +func azurelogin(userName string, password string) bool { + + var cloudLoginCredentials bool = false + if userName != "" && password != "" { + azurelogincommand := fmt.Sprintf("az cloudLoginCredentials -u %s -p %s", userName, password) + err := execCommand(azurelogincommand) + if err == nil { + cloudLoginCredentials = true + } + } + return cloudLoginCredentials +} + +// Input functions + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return } diff --git a/deploy-as-code/deployer/standalone_installer.go b/deploy-as-code/deployer/standalone_installer.go index d0260da5ee..93c1f87b40 100644 --- a/deploy-as-code/deployer/standalone_installer.go +++ b/deploy-as-code/deployer/standalone_installer.go @@ -62,6 +62,7 @@ func main() { svclist := list.New() set := NewSet() var argStr string = "" + var releaseChartDir string = "../../config-as-code/product-release-charts/" fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." @@ -75,7 +76,7 @@ func main() { contextset := setClusterContext() if contextset { // Get the versions from the chart and display it to user to select - file, err := os.Open("../../config-as-code/product-release-charts/") + file, err := os.Open(releaseChartDir) if err != nil { log.Fatalf("failed opening directory: %s", err) } @@ -86,7 +87,7 @@ func main() { var product string = "" product, _ = sel(prodList, "Which Product would you like to install, Please Select") if product != "" { - files, err := ioutil.ReadDir("../../config-as-code/product-release-charts/" + product) + files, err := ioutil.ReadDir(releaseChartDir + product) if err != nil { log.Fatal(err) } @@ -98,7 +99,7 @@ func main() { var version string = "" version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") if version != "" { - argFile := "../../config-as-code/product-release-charts/" + product + "/dependancy_chart-" + version + ".yaml" + argFile := releaseChartDir + product + "/dependancy_chart-" + version + ".yaml" // Decode the yaml file and assigning the values to a map chartFile, err := ioutil.ReadFile(argFile) @@ -260,7 +261,7 @@ func setClusterContext() bool { return nil } - kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of the kubeconfig file") + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") if kubeconfig != "" { getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) From 8074743967ee8fb544fb746ee2dea1e99ee08f13 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 11 May 2022 10:46:05 +0530 Subject: [PATCH 037/742] merging quicksstart to release --- .../quickstart-config-secrets.yaml | 0 .../environments/quickstart-config.yaml | 137 ++++++++++++++++++ .../dependancy_chart-quickstart-v2.4.yaml | 34 ++--- .../dependancy_chart-quickstart-v2.4.yaml | 37 ++--- 4 files changed, 164 insertions(+), 44 deletions(-) create mode 100644 config-as-code/environments/quickstart-config-secrets.yaml create mode 100644 config-as-code/environments/quickstart-config.yaml diff --git a/config-as-code/environments/quickstart-config-secrets.yaml b/config-as-code/environments/quickstart-config-secrets.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/config-as-code/environments/quickstart-config.yaml b/config-as-code/environments/quickstart-config.yaml new file mode 100644 index 0000000000..029a300a6a --- /dev/null +++ b/config-as-code/environments/quickstart-config.yaml @@ -0,0 +1,137 @@ +global: + domain: quickstart.local.digit ## Add your Domain Name + +cluster-configs: + namespaces: + create: true #set this flag true for 1st time deployment, will create the respective namespaces. + values: [ backbone, cert-manager, egov, kafka-cluster, monitoring, playground, zookeeper-cluster ] + root-ingress: + cert-issuer: letsencrypt-prod + serviceName: digit-ui + appRoot: digit-ui + configmaps: + egov-config: + data: + db-host: postgres.egov ## Add db-host name + db-name: egov_ms ## Add db-name + db-url: "jdbc:postgresql://postgres.egov:5432/egov_ms" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "quickstart.local.digit" ## Add your Domain Name + egov-services-fqdn-name: "http://quickstart.local.digit/" ## Add your Domain Name + egov-state-level-tenant-id: "pg" ##Add tenant id example: pb + es-host: "elasticsearch-client-v1.es-cluster" + es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + s3-assets-bucket: "(pg-egov-assets|egov-uat-assets)" ## Add s3-assets-bucket name + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + + egov-service-host: + data: + billing-service: http://billing-service.egov:8080/ + collection-services: http://collection-services.egov:8080/ + collection-search-indexer: http://collection-search-indexer.egov:8080/ + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + egov-common-masters: http://egov-common-masters.egov:8080/ + egov-apportion-service: http://egov-apportion-service.egov:8080/ + egf-master: http://egf-master.egov:8080/ + egf-instrument: http://egf-instrument.egov:8080/ + egov-accesscontrol: http://egov-accesscontrol.egov:8080/ + egov-user: http://egov-user.egov:8080/ + egov-location: http://egov-location.egov:8080/ + egov-filestore: http://egov-filestore.egov:8080/ + egov-localization: http://egov-localization.egov:8080/ + egov-idgen: http://egov-idgen.egov:8080/ + egov-otp: http://egov-otp.egov:8080/ + egov-mdms-service: http://egov-mdms-service.egov:8080/ + egov-mdms-create: http://egov-mdms-create.egov:8080/ + egov-enc-service: http://egov-enc-service.egov:8080/ + egov-workflow-v2: http://egov-workflow-v2.egov:8080/ + egov-searcher: http://egov-searcher.egov:8080/ + egov-data-uploader: http://egov-data-uploader.egov:8080/ + egov-indexer: http://egov-indexer.egov:8080/ + egov-hrms: http://egov-hrms.egov:8080/ + es-client: http://elasticsearch-client-v1.es-cluster:9200 + location: http://location.egov:8080/ + property-services: http://property-services.egov:8080/ + pt-calculator-v2: http://pt-calculator-v2.egov:8080/ + pt-services-v2: http://pt-services-v2.egov:8080/ + pdf-service: http://pdf-service.egov:8080/ + report: http://report.egov:8080/ + tl-services: http://tl-services.egov:8080/ + tl-workflow: http://tl-workflow.egov:8080/ + tl-calculator: http://tl-calculator.egov:8080/ + user-otp: http://user-otp.egov:8080/ + ws-calculator: http://ws-calculator.egov:8080/ + ws-services: http://ws-services.egov:8080/ + firenoc-services: http://firenoc-services.egov:8080/ + firenoc-calculator: http://firenoc-calculator.egov:8080/ + egov-user-event: http://egov-user-event.egov:8080/ + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + +nginx-ingress: + replicas: 1 + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + default-backend-service: "egov/nginx" + namespace: egov + + +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml, file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml, file:///work-dir/configs/egov-persister/fsm-persister.yaml, file:///work-dir/configs/egov-persister/echallan.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UAT" + +zuul: + replicas: 1 + memory_limits: "512Mi" + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx256m -Xms256m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" + + + diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml index c00d7c26a2..1f9f0cea41 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml @@ -5,48 +5,40 @@ modules: - zookeeper - kafka - postgres - - name: authn-authz - services: - - redis - nginx-ingress - - zuul:v1.3.0-667cb3d3-8 + - redis + - s3-proxy - name: core dependencies: - "backbone" - - "authn-authz" services: - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - egovio/egov-enc-service:v1.1.1-19a3ba19-5 - - egovio/egov-filestore:v1.2.3-2ee9ec37-4 - egovio/egov-idgen:v1.2.2-2ee9ec37-3 - egovio/egov-indexer:v1.1.4-2ee9ec37-3 - - egovio/egov-localization:v1.1.2-2ee9ec37-2 - - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-localization:v1.1.0-f9375a4 - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 - - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 - - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 - - egovio/egov-otp:v1.2.1-07a30430-2 - egovio/egov-persister:v1.1.3-2ee9ec37-2 - - egovio/egov-searcher:v1.1.3-2ee9ec37-2 - - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 - egovio/egov-user:v1.2.4-d1d62cdf-11 - egovio/user-otp:v1.1.3-2ee9ec37-6 - - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-hrms:v1.2.2-57f79eb-1 + - egovio/egov-location:v1.1.3-2ee9ec37-1 + - zuul:v1.3.0-667cb3d3-8 + - egovio/egov-user-event:v1.1.3-a8da9ece-3 - name: business dependencies: - "core" - name: "frontend" - dependencies: - - "business" services: - - egovio/citizen:citizen-v1.5.0-c1825dd69-291 - - name: m_pgr #PGR + - egovio/employee:v1.5.2-0af363ce1-372 + - egovio/digit-ui:v1.2.0-4016cc5-315 + - name: m_PublicGrievanceRedressal #PGR dependencies: - "business" + - "frontend" services: - egovio/pgr-services:v1.1.2-a8da9ece-4 - - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 \ No newline at end of file diff --git a/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml index c00d7c26a2..f0abfd8ef8 100644 --- a/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml +++ b/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml @@ -5,48 +5,39 @@ modules: - zookeeper - kafka - postgres - - name: authn-authz - services: - - redis - nginx-ingress - - zuul:v1.3.0-667cb3d3-8 + - redis + - s3-proxy - name: core dependencies: - "backbone" - - "authn-authz" services: - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - egovio/egov-enc-service:v1.1.1-19a3ba19-5 - - egovio/egov-filestore:v1.2.3-2ee9ec37-4 - egovio/egov-idgen:v1.2.2-2ee9ec37-3 - egovio/egov-indexer:v1.1.4-2ee9ec37-3 - - egovio/egov-localization:v1.1.2-2ee9ec37-2 - - egovio/egov-location:1.1.3-2ee9ec37-1 + - egovio/egov-localization:v1.1.0-f9375a4 - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 - - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 - - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 - - egovio/egov-otp:v1.2.1-07a30430-2 - egovio/egov-persister:v1.1.3-2ee9ec37-2 - - egovio/egov-searcher:v1.1.3-2ee9ec37-2 - - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 - egovio/egov-user:v1.2.4-d1d62cdf-11 - egovio/user-otp:v1.1.3-2ee9ec37-6 - - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 + - egovio/egov-workflow-v2:v1.1.0-42786ef + - egovio/egov-otp:v1.2.1-07a30430-2 + - egovio/egov-hrms:v1.2.2-57f79eb-1 + - egovio/egov-location:v1.1.3-2ee9ec37-1 + - zuul:v1.3.0-667cb3d3-8 + - egovio/egov-user-event:v1.1.3-a8da9ece-3 - name: business dependencies: - "core" - name: "frontend" - dependencies: - - "business" services: - - egovio/citizen:citizen-v1.5.0-c1825dd69-291 - - name: m_pgr #PGR + - egovio/employee:v1.5.2-0af363ce1-372 + - egovio/digit-ui:v1.2.0-4016cc5-315 + - name: m_PublicGrievanceRedressal #PGR dependencies: - "business" + - "frontend" services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 - - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 - \ No newline at end of file + - egovio/pgr-services:v1.1.2-a8da9ece-4 \ No newline at end of file From c4d2c9e597a540b2e114064f68e760fed66a9318 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 11 May 2022 14:38:00 +0530 Subject: [PATCH 038/742] terraform provider profile and seedscript skeleton --- .../quickstart-config-secrets.yaml | 67 +++++++++++++++++++ .../DIGIT/seedscript_digit-v2.5.yaml | 0 .../DIGIT/seedscript_digit-v2.6.yaml | 0 deploy-as-code/deployer/full_installer.go | 22 +++--- .../terraform/sample-aws/providers.tf | 1 + 5 files changed, 80 insertions(+), 10 deletions(-) create mode 100644 config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml create mode 100644 config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml diff --git a/config-as-code/environments/quickstart-config-secrets.yaml b/config-as-code/environments/quickstart-config-secrets.yaml index e69de29bb2..57d912d5a0 100644 --- a/config-as-code/environments/quickstart-config-secrets.yaml +++ b/config-as-code/environments/quickstart-config-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: egovdbuser #local DB cred + password: postgres@4321 + flywayUsername: egovdbuser + flywayPassword: postgres@4321 + egov-enc-service: # use-enc keys to encrypt/decrypt users details + master-password: keiz0phashiNgoh7 + master-salt: Eegh8ut7 + master-initialvector: quooR4Oereiy + egov-location: # google maps key + gmapskey: AIzaSyADqpKqZOggMr33usQvZ5hml3tyWZ6SCMc + git-sync: # Read-only user + ssh: | + -----BEGIN RSA PRIVATE KEY----- + MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t + B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O + wvGNiLrSkqeKTbAflj/347aGOyO6tG+lDFPtGDOWI8EXQNRDKQb7zxans9fdli1u + vdXEDEF5nqzso0CLOtWjnRcOdWOghOyKdHZLvDIqwMSDvOVcnWH/zUqjMqpQJItu + bCun9tvRGxU5eSdTXCR7bs5qvm0NJR2VdJFZJNnxy9i0iQrinpLNlmoWl0LEunns + vSI9nBd3s0/l0nVzNzyvstCnywR8BKj1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG + Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A + Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ + dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 + z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn + woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA + AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP + 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK + U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb + xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc + kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa + RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA + 1RJ4Lxm9sGFuM1TuqU+1hLNc2/alZtclq2R424yCjzkz00vPNF+TpOGDdlUMiLpe + 2kbgYyY/hXKrSl2dbWPe00bj0AfNhdDJgb8cDVf9lz/MniG3A/U2St4lKK4ULDgt + /BRwLJzYROP/p1NWNO3m18BvJRXt16dAsBAXy+49CVY+t3twZ4KNO+hzOC+T2bXs + RZWWZXBsSXcT8suCy8CpzsM2V6wmipjBEcTR8MOjBHa5XSSH/e7k4+c1mV2Kjdix + 5GHNEi/oYgseBlIo5SeDtgcVRRX8L07ttG7LjuKW2icrcQnWgQKCAQEA6AFeRdO4 + ajHavP9t9DZEQWs0Xl0xsa4E0BTOXCGvxOgr9mg5ZaVzy/O53aaT92Geb5LkWhJJ + 5STLLEl7C+7WDn4Tn4EOqS2BQVylzjuP7/5ljSuH2rNl45r2t88HU+PT6hhW1xw9 + UyNZ2dqITAHIGSpZLosjsb1i5GPcgxkNrRYBH96Zew9GQ87yIu9cI5FpQSA1ijiu + 6B9AozIGAkEBgHj98RgO16Wh6f9UsAyWgiyq67IP3f1cexzuH6sgPWFjvUv4+F7i + HDMZmtftA3sDfs4hFhe7PW0WcW/Ys2ucfjDVeqlOZrlLbDoUYEHZwb3/Ts+Xs5F5 + tRNtpKIPNrFvVwKCAQEA2To/WNk+7pZGZZQU/xyYHiyO9979TtkMnaXOF6Wr8bSD + UAm+4+fPBg3iKhqEOlf8Ldrz1Cc7boIJATx5RmFs+zuc8H9LU0GHp9S/AQ7xjmcG + Os6QmPI2dyQ5dFeKt1eRqZhcedAO1bsj3idnrbk64mfwfxFi86xX80oLBabmDba+ + w5cqjOfGHMfXiHebtUiuOLrxM8no3bAVpf9chzZODdSsLZT6J8Lep4A9pnPsYw+9 + vU1QgTYqk7sTL2ZTA963nm5IACrPBg866p98MRsdlagXtasduWBwnXNTnqM8nKX0 + /Wf90KtbN+ueep8/qWPF4QRZL/wj6y11nyvYIq0CUQKCAQA6dQXM8FDaKR+lWXLa + AsZl+V4jnLXFwEQkLenlGvPP2HQjTRWRQAQSUqH1cGB+B5HFKSzyaQNHgmLTENy5 + H/+9fRTyrrED/ZxA3NhGQ4m7/cyWqm47s9IrbENYAwkkoRYnOOTApLPq+9BK7R5E + kHpbpOj9qj9fLIn7ZBIO0kQ45X95CTyA3lNlCILIPKlpqNztdPEol6mygRVnSVZs + QPbg6RuLIPW0bl6CuDwdc76EpD6Yzq/izlD8EEkLn7Gq5Zwc+USNSFMOqe18r4Vf + yCIUVFnP2EDsdE0gXf8rDiVLQoC3vGstxOh1J5k0u8LjZz0qHXJq42/YKUIKJm9Q + 55pXAoIBAQCGgkfZd2Q9jnX2zjQWKBmVjZfVqpGFsmbac2HjSKXo3BL3i6FVNCQA + JralxZedHQA9ULfs5YIqkoCK8GxUBV3bT3WFgf0dh5U9ekHvoNY4jFjSLzhgTJMn + QRoGjXKKxsGel4ajsw6Mj/3MwO+1Jd5tdVj5BcYVBuHK901N6aPIWCFVsZQafiYx + ihlPGmkjXubqn+9dVyhHpZIyIKal3x2D+O3Ip9giqMsAQytpl5yHVqbxwh8Yc3b3 + 1T4y+pRq8A0ZIEabO+bHZMThpXHcYmL2WYic6GFWeX4iMNhVgdS1VxoVk8AZ5xFr + 1g1i9psQA4TzKaMkUGfZZ2PO9PI3vpORAoIBAQDJOh5OWRFZCgHwMTOumgxv/wof + CuhsAzJ4tQZ0kMWGMXh1JuBgnLOWn6SgNLhl1SErwx67ftNhfFIXJR7WkNJ7n8Oe + DY9NZtgq85Lm/THmdn07COFrQpDzhZIy0YYHc3EZL0EjOOz0vrYOJAnWphAdSbYt + P//GtFAuNQ6HYEX48XUJ3NgBzBbweS03jEQBdE1CiH4GIxqT1BEr+OgHjyCEynLA + z9biV2jCYKO6W2CsxsjVGqvEFkOcGz3OwPFQGYEM85W5piKKZnP8LoElIhpZ82gF + ZN2SXKC6SZumRAcRdloo5jq5Qg0JDo+ltxHLeyTU/eJyY7aIojsWHm5kUlbf + -----END RSA PRIVATE KEY----- + known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== diff --git a/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml b/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index d8b0707ba5..21a7fe7cce 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -181,17 +181,19 @@ func main() { //db_name := enterValue(nil, "As part of the DIGIT setup, you need DB to created, what do you want to name the database") - db_pswd := enterValue(nil, "What should be the database password to be created") + db_pswd := enterValue(nil, "What should be the database password to be created, it should be 8 char min") - tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloudTemplate) - execSingleCommand(tfInitCmd) + /* + tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloudTemplate) + execSingleCommand(tfInitCmd) - tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) - fmt.Println(tfPlan) - execSingleCommand(tfPlan) + tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) + fmt.Println(tfPlan) + execSingleCommand(tfPlan) - tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) - execSingleCommand(tfApply) + tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) + execSingleCommand(tfApply) + */ tfMainInit := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate) execSingleCommand(tfMainInit) @@ -491,7 +493,7 @@ func awslogin(accessKey string, secretKey string) bool { var cloudLoginCredentials bool = false if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey) + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey) fmt.Println(awslogincommand) err := execSingleCommand(awslogincommand) if err == nil { @@ -506,7 +508,7 @@ func awsloginWithSession(accessKey string, secretKey string, sessionToken string var cloudLoginCredentials bool = false if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure set aws_secret_access_key \"%s\" && aws configure set aws_session_token \"%s\" && aws configure set region \"ap-south-1\"", accessKey, secretKey, sessionToken) + awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) fmt.Println(awslogincommand) err := execSingleCommand(awslogincommand) if err == nil { diff --git a/infra-as-code/terraform/sample-aws/providers.tf b/infra-as-code/terraform/sample-aws/providers.tf index 88fecb61a1..547b286efd 100644 --- a/infra-as-code/terraform/sample-aws/providers.tf +++ b/infra-as-code/terraform/sample-aws/providers.tf @@ -4,6 +4,7 @@ provider "aws" { region = "ap-south-1" + profile = "digit-infra-aws" } From 826d5b4674e53bf749d061d4eae3ddf8f16e3f46 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 11 May 2022 19:49:56 +0530 Subject: [PATCH 039/742] quickstart on vm teerraform --- .../terraform/digit-quickstart-aws/main.tf | 22 +++++++++++++ .../terraform/digit-quickstart-aws/output.tf | 3 ++ .../digit-quickstart-aws/variables.tf | 31 +++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 infra-as-code/terraform/digit-quickstart-aws/main.tf create mode 100644 infra-as-code/terraform/digit-quickstart-aws/output.tf create mode 100644 infra-as-code/terraform/digit-quickstart-aws/variables.tf diff --git a/infra-as-code/terraform/digit-quickstart-aws/main.tf b/infra-as-code/terraform/digit-quickstart-aws/main.tf new file mode 100644 index 0000000000..64b29d507f --- /dev/null +++ b/infra-as-code/terraform/digit-quickstart-aws/main.tf @@ -0,0 +1,22 @@ +provider "aws" { + region = "${var.region}" + profile = "digit-quickstart" +} +module "ssh_key" { + source = "../modules/instance/aws-ec2" + key_name = "${var.key_name}" + public_key = "${var.public_key}" +} + +resource "aws_instance" "digit-quickstart-vm" { + ami = "${var.ami_name_value}" + instance_type = "${var.instance_type}" + key_name = module.ssh_key.ssh_key_name + monitoring = false + associate_public_ip_address = true + availability_zone = "ap-south-1b" + + tags = { + Name = "${var.tag}" + } +} \ No newline at end of file diff --git a/infra-as-code/terraform/digit-quickstart-aws/output.tf b/infra-as-code/terraform/digit-quickstart-aws/output.tf new file mode 100644 index 0000000000..c2941c9240 --- /dev/null +++ b/infra-as-code/terraform/digit-quickstart-aws/output.tf @@ -0,0 +1,3 @@ +output "public_ip" { + value = "${aws_instance.digit-quickstart-vm.public_ip}" +} diff --git a/infra-as-code/terraform/digit-quickstart-aws/variables.tf b/infra-as-code/terraform/digit-quickstart-aws/variables.tf new file mode 100644 index 0000000000..70b10ab553 --- /dev/null +++ b/infra-as-code/terraform/digit-quickstart-aws/variables.tf @@ -0,0 +1,31 @@ +variable "region" { + default = "ap-south-1" +} + +variable "ami_name_value" { + default = "ami-0bb9e2d19522c61d4" +} + +variable "instance_type" { + default = "c5.2xlarge" +} + +## change tag name eg. digit-quickstart_your-name + +variable "tag" { + default = "digit-quickstart" +} + +## change ssh public_key with your public ssh key + +variable "public_key" { + default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrfbaDFN3FmjUoVUx4YH1eHPruFbWz6JGPfSKTwIqT75xFzU/Q6KCa3Xa6FnEOpcUKXej95pkeUnXywohojF6FrNak5p5xfGmmwC8UA9s5UxsI7flBKVnjsAbcRuxoa/AtOzg4Cizz6zQLl2JZAivZU1PwZjIJo8dcum9bjZYVHwZc3csKJ2nYgpcQrV8AWnfKtLvl5WNfNF0i5bWOieNLKiEc5DtsKYbQ6umrhhCaoGcH0S/Gy6w0PPSnnfl/AWXO7ckFtEXQbdz9Y15zeUFKgUsbklXxmC6D37BkPGu+IjCZSOttPV+PRM0Dnf0jQLvMV0UhEkguD9ALC5xikqNlFyPH5bGetWDxtLbn61tnoOIYG6lXAdk2Oe35yWWt3ZgcccWtYuRwDo0ofBwY9jWOkEcCefDyYg+S7h1VzNsbB9DsFv0vPcaxHcZK8bLdyhnz1+9rXy/flbiS5kE0O97aZ4zm4wAmqiivN2wWhUez18k2Mcs= demo@demo" + description = "ssh key" +} + +## change ssh key_name eg. digit-quickstart_your-name + +variable "key_name" { + default = "digit-quickstart" + description = "ssh key name" +} From aa3da8c2023bb38d323b6d3080a520737af5c6aa Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 11 May 2022 22:21:03 +0530 Subject: [PATCH 040/742] aws profile setup --- infra-as-code/terraform/sample-aws/providers.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra-as-code/terraform/sample-aws/providers.tf b/infra-as-code/terraform/sample-aws/providers.tf index 547b286efd..1b439ceab5 100644 --- a/infra-as-code/terraform/sample-aws/providers.tf +++ b/infra-as-code/terraform/sample-aws/providers.tf @@ -4,8 +4,9 @@ provider "aws" { region = "ap-south-1" + shared_config_files = ["~/.aws/config"] + shared_credentials_files = ["~/.aws/credentials"] profile = "digit-infra-aws" - } # Using these data sources allows the configuration to be From 3ae837a6af883ba189d04048ae311b65266e2bf7 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Mon, 16 May 2022 00:18:23 +0530 Subject: [PATCH 041/742] rename terraform ec2-template --- .../{digit-quickstart-aws => quickstart-aws-ec2}/main.tf | 0 .../{digit-quickstart-aws => quickstart-aws-ec2}/output.tf | 0 .../{digit-quickstart-aws => quickstart-aws-ec2}/variables.tf | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename infra-as-code/terraform/{digit-quickstart-aws => quickstart-aws-ec2}/main.tf (100%) rename infra-as-code/terraform/{digit-quickstart-aws => quickstart-aws-ec2}/output.tf (100%) rename infra-as-code/terraform/{digit-quickstart-aws => quickstart-aws-ec2}/variables.tf (100%) diff --git a/infra-as-code/terraform/digit-quickstart-aws/main.tf b/infra-as-code/terraform/quickstart-aws-ec2/main.tf similarity index 100% rename from infra-as-code/terraform/digit-quickstart-aws/main.tf rename to infra-as-code/terraform/quickstart-aws-ec2/main.tf diff --git a/infra-as-code/terraform/digit-quickstart-aws/output.tf b/infra-as-code/terraform/quickstart-aws-ec2/output.tf similarity index 100% rename from infra-as-code/terraform/digit-quickstart-aws/output.tf rename to infra-as-code/terraform/quickstart-aws-ec2/output.tf diff --git a/infra-as-code/terraform/digit-quickstart-aws/variables.tf b/infra-as-code/terraform/quickstart-aws-ec2/variables.tf similarity index 100% rename from infra-as-code/terraform/digit-quickstart-aws/variables.tf rename to infra-as-code/terraform/quickstart-aws-ec2/variables.tf From ef3008a98903faadb9c47240b66564f34a06d865 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Mon, 16 May 2022 00:41:13 +0530 Subject: [PATCH 042/742] Enhancing the full digit install --- .../environments/quickstart-config.yaml | 5 +- .../dependancy_chart-quickstart-v2.4.yaml | 3 +- .../URBAN/dependancy_chart-digit-v2.4.yaml | 2 +- .../dependancy_chart-quickstart-v2.4.yaml | 2 +- deploy-as-code/deployer/full_installer.go | 155 ++++++++---------- deploy-as-code/deployer/go.sum | 12 +- .../modules/Instance/aws-ec2/main.tf | 4 + .../modules/Instance/aws-ec2/output.tf | 4 + .../modules/Instance/aws-ec2/variables.tf | 7 + 9 files changed, 93 insertions(+), 101 deletions(-) create mode 100644 infra-as-code/terraform/modules/Instance/aws-ec2/main.tf create mode 100644 infra-as-code/terraform/modules/Instance/aws-ec2/output.tf create mode 100644 infra-as-code/terraform/modules/Instance/aws-ec2/variables.tf diff --git a/config-as-code/environments/quickstart-config.yaml b/config-as-code/environments/quickstart-config.yaml index 029a300a6a..79502a2065 100644 --- a/config-as-code/environments/quickstart-config.yaml +++ b/config-as-code/environments/quickstart-config.yaml @@ -131,7 +131,4 @@ zuul: server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" - - - + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" \ No newline at end of file diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml index 1f9f0cea41..74a28d7f5a 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml @@ -40,5 +40,4 @@ modules: - "business" - "frontend" services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 - \ No newline at end of file + - egovio/pgr-services-db:pgr-quickstart-86837e0a85-35 \ No newline at end of file diff --git a/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml index 92b83b4223..3ddbe340c2 100644 --- a/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml +++ b/config-as-code/product-release-charts/URBAN/dependancy_chart-digit-v2.4.yaml @@ -66,7 +66,7 @@ modules: dependencies: - "business" services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 + - egovio/pgr-services-db:pgr-quickstart-86837e0a85-35 - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 - name: m_property-tax #PT dependencies: diff --git a/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml index f0abfd8ef8..74a28d7f5a 100644 --- a/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml +++ b/config-as-code/product-release-charts/URBAN/dependancy_chart-quickstart-v2.4.yaml @@ -40,4 +40,4 @@ modules: - "business" - "frontend" services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 \ No newline at end of file + - egovio/pgr-services-db:pgr-quickstart-86837e0a85-35 \ No newline at end of file diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index 21a7fe7cce..d1357a927e 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -59,12 +59,12 @@ func (set *Set) Get(i string) bool { func main() { - var optedInfraType string // Infra types supported to deploy DIGIT - var servicesToDeploy string // Modules to be deployed - var number_of_worker_nodes int // No of VMs for the k8s worker nodes - var optedCloud string // Desired InfraType to deploy - var cloudTemplate string // Which terraform template to choose - var cloudLoginCredentials bool // Is there a valid cloud account and credentials + var optedInfraType string // Infra types supported to deploy DIGIT + var servicesToDeploy string // Modules to be deployed + var number_of_worker_nodes int = 1 // No of VMs for the k8s worker nodes + var optedCloud string // Desired InfraType to deploy + var cloudTemplate string // Which terraform template to choose + var cloudLoginCredentials bool // Is there a valid cloud account and credentials infraType := []string{ "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", @@ -75,7 +75,14 @@ func main() { "5. High (99.99% reliability), 1000 concurrent gov services per sec", "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} - cloudPlatforms := []string{"Local machine/VM", "AWS", "AZURE", "GOOGLE CLOUD (GCP)", "On-prem/Private Cloud"} + cloudPlatforms := []string{ + "0. Local machine/Your Existing VM", + "1. AWS-EC2 - Quickstart with a Single EC2 Instace on AWS", + "2. AWS-EKS - Production grade Elastic Kubernetes Service (EKS)", + "3. AZURE-AKS - Production grade Azure Kubernetes Service (AKS)", + "4. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", + "5. On-prem/Private Cloud - Quickstart with Single VM", + "6. On-prem/Privare Cloud - Production grade Kubernetes Cluster Setup"} fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please read the detailed Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") const sPreReq = "Pre-requsites (Please Read Carefully):\nvDIGIT Stack is a combination of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." @@ -109,10 +116,35 @@ func main() { optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") - switch { - case optedCloud == "Local": + switch optedCloud { + case cloudPlatforms[1]: + var optedAccessType string + var aws_access_key string + var aws_secret_key string + var aws_session_key string + + cloudTemplate = "quickstart-aws-ec2" + + accessTypes := []string{"Root Admin", "Temprory Admin"} + optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") + + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) - case optedCloud == "AWS": + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + fmt.Println("\nInput the AWS Session Token") + fmt.Scanln(&aws_session_key) + + if optedAccessType == "Temprory Admin" { + cloudLoginCredentials = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) + } else { + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key) + } + + case cloudPlatforms[2]: var optedAccessType string var aws_access_key string var aws_secret_key string @@ -124,13 +156,13 @@ func main() { optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Input the AWS access key id\n") + fmt.Println("Input the AWS access key id") fmt.Scanln(&aws_access_key) - fmt.Println("Input the AWS secret key\n") + fmt.Println("\nInput the AWS secret key") fmt.Scanln(&aws_secret_key) - fmt.Println("Input the AWS Session Token\n") + fmt.Println("\nInput the AWS Session Token") fmt.Scanln(&aws_session_key) if optedAccessType == "Temprory Admin" { @@ -139,19 +171,19 @@ func main() { cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key) } - case optedCloud == "AZURE": + case cloudPlatforms[3]: cloudTemplate = "sample-azure" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") azure_username := enterValue(nil, "Please enter your AZURE UserName") azure_password := enterValue(nil, "Enter your AZURE Password") cloudLoginCredentials = azurelogin(azure_username, azure_password) - case optedCloud == "GOOGLE CLOUD (GCP)": + case cloudPlatforms[4]: cloudTemplate = "sample-gcp" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - case optedCloud == "On-prem/Private Cloud": + case cloudPlatforms[5]: cloudTemplate = "sample-private-cloud" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") @@ -164,7 +196,7 @@ func main() { if cloudLoginCredentials { fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") - cluster_name := enterValue(nil, "How do you want to name the Cluster? eg: dev-your-name or org-name") + cluster_name := enterValue(nil, "How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc \n Make sure that this name is unique if you are trying for the consecutive times, possibly a duplicate DNS entry under digit.org domain could be mapped already") s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) dir := "DIGIT-DevOps" gitCmd := "" @@ -176,33 +208,14 @@ func main() { } execCommand(gitCmd) - //fmt.Println(string(Green), "\n******* The number of nodes depend on the the following options *********\n") - //worker_nodes := enterValue(nil, "How many VM/nodes is required") + db_pswd := enterValue(nil, "What should be the database password to be created, it should be 8 char min") - //db_name := enterValue(nil, "As part of the DIGIT setup, you need DB to created, what do you want to name the database") + execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) - db_pswd := enterValue(nil, "What should be the database password to be created, it should be 8 char min") + execSingleCommand(fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + + execSingleCommand(fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) - /* - tfInitCmd := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s/remote-state", dir, cloudTemplate) - execSingleCommand(tfInitCmd) - - tfPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) - fmt.Println(tfPlan) - execSingleCommand(tfPlan) - - tfApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -auto-approve %s/infra-as-code/terraform/%s/remote-state", s3_bucket_tfstore, dir, cloudTemplate) - execSingleCommand(tfApply) - */ - - tfMainInit := fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate) - execSingleCommand(tfMainInit) - tfMainPlan := fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate) - fmt.Println() - fmt.Println(tfMainPlan) - execSingleCommand(tfMainPlan) - //tfMainApply := fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%s\" -auto-approve %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, worker_nodes, dir, cloud) - //execCommand(tfMainApply) } contextset := setClusterContext() @@ -237,11 +250,12 @@ func getService(fullChart Digit, service string, set Set, svclist *list.List) { func execCommand(command string) error { var err error parts := strings.Fields(command) - //log.Println("Printing full command part", parts) // The first part is the command, the rest are the args: head := parts[0] args := parts[1:len(parts)] // Format the command + + log.Println(string(Blue), " ==> "+command) cmd := exec.Command(head, args...) var stdoutBuf, stderrBuf bytes.Buffer @@ -381,47 +395,6 @@ func prepareDeploymentConfig(installType string) string { fmt.Sprintf("Prepare deployment configuration eessentially means the following, please read carefully and ensure it is available:\n\n\t 1. You need to specify your URL in which you want to application to be available\n\t 2. Depending the Gov services that you chose, following specific details should be configured\n\t\t\t 1. Notification services like SMS, Email, gateway details for OTPs, Notifications\n\t\t\t 2. Whatsapp Integration configuration for chartBot services\n\t\t\t 3. Payment Gateways if PT, TL services chosen for making the payment transactions\n\t\t\t 4. Google GeoCoding API credentials, for the location services\n\t\t\t 5.Your MDMS and configuration with your tenant and role access details\n\t 3. Your DB details \n\t 4. As per your Infra type and the actual cloud resource provisioning the Disk volumes should be mapped to the stateful services like ElasticService, Kafka, Zookeeper, etc") - /* - envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/enironments/") - if err != nil { - log.Fatal(err) - } - - switch { - case infraType[0]: - targetConfig = "" - case infraType[1]: - targetConfig = "egov-demo" - case infraType[2]: - targetConfig = "egov-demo" - case infraType[3]: - targetConfig = "egov-demo" - case infraType[4]: - targetConfig = "egov-demo" - case infraType[5]: - targetConfig = "egov-demo" - case infraType[6]: - targetConfig = "egov-demo" - default: - targetConfig = "egov-demo" - } - - - var envfile string = "" - - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") { - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) - } - } - - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env for the installation") - - */ - return targetConfig } @@ -476,6 +449,8 @@ func execSingleCommand(command string) error { cmd := exec.Command("sh", "-c", command) + log.Println(string(Blue), " ==> "+command) + var stdoutBuf, stderrBuf bytes.Buffer cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) @@ -563,6 +538,20 @@ func enterValue(validate promptui.ValidateFunc, label string) string { return result } +func addDNS(dnsDomain string, dnsType string, dnsName string, dnsValue string) bool { + + var headers string = "Authorization: sso-key 3mM44UcBKoVvB2_Xspi4jKZqJSQUkdouMV4Ck:3pzZiuUPNxzZKu2FfUD9Sm" + + dnsCommand := fmt.Sprintf("curl -X PATCH \"https://api.godaddy.com/v1/domains/%s/records -H %s -H Content-Type: application/json --data-raw [{\"data\":\"%s\",\"name\":\"%s\",\"type\":\"%s\"}]", dnsDomain, headers, dnsValue, dnsName, dnsType) + fmt.Println(dnsCommand) + err := execSingleCommand(dnsCommand) + if err == nil { + return true + } else { + return false + } +} + func endScript() { fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") diff --git a/deploy-as-code/deployer/go.sum b/deploy-as-code/deployer/go.sum index e91d579612..8b19298a56 100644 --- a/deploy-as-code/deployer/go.sum +++ b/deploy-as-code/deployer/go.sum @@ -8,9 +8,11 @@ github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= @@ -25,9 +27,6 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/egovernments/DIGIT-DevOps v0.0.0-20220506120657-78f3ada606fa h1:zsjuenUxEOLN6+mx1ijmho4/XeaF+418aXMF3REmAPU= -github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa h1:VND2LbduzVA83JJd/BnN0+98bT8QRrguYKjvM6a92F0= -github.com/egovernments/DIGIT-DevOps/deploy-as-code/egov-deployer v0.0.0-20220506120657-78f3ada606fa/go.mod h1:fP/zOe/hVmXnpKdVOXxQ1JsilpKPtJH6t/j+nk0iRCM= github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -57,7 +56,6 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a h1:FaWFmfWdAUKbSCtOU2QjDaorUexogfaMgbipgYATUMU= github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= @@ -69,12 +67,10 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a h1:weJVJJRzAJBFRlAiJQROKQs8oC9vOxvm4rZmBBk0ONw= github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.8.0/go.mod h1:n4zTdgP0vr0S3w7/O/g98U+e0gwLScEXGwov2nIKuGQ= github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= @@ -111,8 +107,6 @@ github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4k github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= -github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= @@ -121,8 +115,6 @@ github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9 github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= -github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= diff --git a/infra-as-code/terraform/modules/Instance/aws-ec2/main.tf b/infra-as-code/terraform/modules/Instance/aws-ec2/main.tf new file mode 100644 index 0000000000..08019a9a14 --- /dev/null +++ b/infra-as-code/terraform/modules/Instance/aws-ec2/main.tf @@ -0,0 +1,4 @@ +resource "aws_key_pair" "ssh_key" { + key_name = "${var.key_name}" + public_key = "${var.public_key}" +} \ No newline at end of file diff --git a/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf b/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf new file mode 100644 index 0000000000..57c5735b7b --- /dev/null +++ b/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf @@ -0,0 +1,4 @@ + +output "ssh_key_name" { + value = "${aws_key_pair.ssh_key.key_name}" +} \ No newline at end of file diff --git a/infra-as-code/terraform/modules/Instance/aws-ec2/variables.tf b/infra-as-code/terraform/modules/Instance/aws-ec2/variables.tf new file mode 100644 index 0000000000..01da332f47 --- /dev/null +++ b/infra-as-code/terraform/modules/Instance/aws-ec2/variables.tf @@ -0,0 +1,7 @@ +variable "public_key" { + description = "ssh key" +} + +variable "key_name" { + description = "key_name eg. k3d-demo-your_name" +} \ No newline at end of file From d0dd264d853554343f086f24f6437cc75d992288 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Mon, 16 May 2022 01:00:59 +0530 Subject: [PATCH 043/742] adding terraform template ec2 instance module --- deploy-as-code/deployer/full_installer.go | 3 ++- infra-as-code/terraform/modules/Instance/aws-ec2/output.tf | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index d1357a927e..3c9b501925 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -196,7 +196,8 @@ func main() { if cloudLoginCredentials { fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") - cluster_name := enterValue(nil, "How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc \n Make sure that this name is unique if you are trying for the consecutive times, possibly a duplicate DNS entry under digit.org domain could be mapped already") + fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already") + cluster_name := enterValue(nil, "How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) dir := "DIGIT-DevOps" gitCmd := "" diff --git a/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf b/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf index 57c5735b7b..8840db4ac6 100644 --- a/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf +++ b/infra-as-code/terraform/modules/Instance/aws-ec2/output.tf @@ -1,4 +1,5 @@ output "ssh_key_name" { value = "${aws_key_pair.ssh_key.key_name}" + } \ No newline at end of file From 3d8c716c36785ecda4c769b6162ae8eca380682c Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 18 May 2022 11:07:43 +0530 Subject: [PATCH 044/742] changing quickstart terraform aws profile --- infra-as-code/terraform/quickstart-aws-ec2/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infra-as-code/terraform/quickstart-aws-ec2/main.tf b/infra-as-code/terraform/quickstart-aws-ec2/main.tf index 64b29d507f..3e8eb0ce3a 100644 --- a/infra-as-code/terraform/quickstart-aws-ec2/main.tf +++ b/infra-as-code/terraform/quickstart-aws-ec2/main.tf @@ -1,6 +1,6 @@ provider "aws" { region = "${var.region}" - profile = "digit-quickstart" + profile = "digit-infra-aws" } module "ssh_key" { source = "../modules/instance/aws-ec2" From 000124fc3388643de59ad8f53dbd55b986b198dd Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 18 May 2022 11:32:34 +0530 Subject: [PATCH 045/742] common branch of quickstart and release (#851) Co-authored-by: Nikesh --- config-as-code/environments/ci-demo.yaml | 2 + .../environments/egov-demo-template.yaml | 1 + config-as-code/environments/egov-demo.yaml | 1 + .../environments/quickstart-config.yaml | 3 +- .../backbone-services/kafka/.helmignore | 21 + .../charts/backbone-services/kafka/Chart.yaml | 4 + .../charts/backbone-services/kafka/README.md | 750 ++++++++++ .../kafka/templates/_helpers.tpl | 134 ++ .../backbone-services/kafka/templates/pv.yaml | 19 + .../kafka/templates/pvc.yaml | 15 + .../kafka/templates/scripts-configmap.yaml | 140 ++ .../kafka/templates/statefulset.yaml | 452 ++++++ .../kafka/templates/svc-headless.yaml | 21 + .../kafka/templates/svc.yaml | 38 + .../backbone-services/kafka/values.yaml | 1241 +++++++++++++++++ .../postgres/templates/pv.yaml | 16 + .../postgres/templates/pvc.yaml | 16 + .../backbone-services/postgres/values.yaml | 15 +- .../backbone-services/zookeeper/.helmignore | 21 + .../backbone-services/zookeeper/Chart.yaml | 8 + .../backbone-services/zookeeper/README.md | 348 +++++ .../zookeeper/templates/_helpers.tpl | 179 +++ .../zookeeper/templates/pv.yaml | 15 + .../zookeeper/templates/pvc.yaml | 15 + .../zookeeper/templates/statefulset.yaml | 527 +++++++ .../zookeeper/templates/svc-headless.yaml | 30 + .../zookeeper/templates/svc.yaml | 41 + .../backbone-services/zookeeper/values.yaml | 590 ++++++++ .../templates/ingress/root-ingress.yaml | 8 +- .../charts/common/templates/_ingress.yaml | 2 + 30 files changed, 4666 insertions(+), 7 deletions(-) create mode 100644 config-as-code/helm/charts/backbone-services/kafka/.helmignore create mode 100644 config-as-code/helm/charts/backbone-services/kafka/Chart.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/README.md create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml create mode 100644 config-as-code/helm/charts/backbone-services/kafka/values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml create mode 100644 config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/.helmignore create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/README.md create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml create mode 100644 config-as-code/helm/charts/backbone-services/zookeeper/values.yaml diff --git a/config-as-code/environments/ci-demo.yaml b/config-as-code/environments/ci-demo.yaml index 0d0c8339f4..29134a8e99 100644 --- a/config-as-code/environments/ci-demo.yaml +++ b/config-as-code/environments/ci-demo.yaml @@ -1,5 +1,7 @@ global: domain: ## Add your Domain Name Eg: site.mydomain.com + setup: fullsetup + cluster-configs: namespaces: create: false diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index fa2b75aed1..c2ba0766b3 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -1,5 +1,6 @@ global: domain: ## Add your Domain Name Eg: site.mydomain.com + setup: fullsetup cluster-configs: namespaces: ## Set true to create muliple namespaces diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 3ca41bd463..2400da1c3a 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -1,5 +1,6 @@ global: domain: egov-demo.egovernments.org + setup: fullsetup moca-domain: epassapi.egovernments.org cluster-configs: diff --git a/config-as-code/environments/quickstart-config.yaml b/config-as-code/environments/quickstart-config.yaml index 79502a2065..554b475cd9 100644 --- a/config-as-code/environments/quickstart-config.yaml +++ b/config-as-code/environments/quickstart-config.yaml @@ -1,5 +1,6 @@ global: domain: quickstart.local.digit ## Add your Domain Name + setup: "quickstart" cluster-configs: namespaces: @@ -120,7 +121,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "UAT" + branch: "quickstart" zuul: replicas: 1 diff --git a/config-as-code/helm/charts/backbone-services/kafka/.helmignore b/config-as-code/helm/charts/backbone-services/kafka/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/config-as-code/helm/charts/backbone-services/kafka/Chart.yaml b/config-as-code/helm/charts/backbone-services/kafka/Chart.yaml new file mode 100644 index 0000000000..c49002769c --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v2 +appVersion: 2.8.0 +name: kafka +version: 12.20.0 diff --git a/config-as-code/helm/charts/backbone-services/kafka/README.md b/config-as-code/helm/charts/backbone-services/kafka/README.md new file mode 100644 index 0000000000..c71adb696f --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/README.md @@ -0,0 +1,750 @@ +# Kafka + +[Kafka](https://kafka.apache.org/) is a distributed streaming platform used for building real-time data pipelines and streaming apps. It is horizontally scalable, fault-tolerant, wicked fast, and runs in production in thousands of companies. + +## TL;DR + +```console +helm repo add bitnami https://charts.bitnami.com/bitnami +helm install my-release bitnami/kafka +``` + +## Introduction + +This chart bootstraps a [Kafka](https://github.com/bitnami/bitnami-docker-kafka) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications. + +## Prerequisites + +- Kubernetes 1.12+ +- Helm 3.1.0 +- PV provisioner support in the underlying infrastructure + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm repo add bitnami https://charts.bitnami.com/bitnami +helm install my-release bitnami/kafka +``` + +These commands deploy Kafka on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +The following tables lists the configurable parameters of the Kafka chart and their default values per section/component: + +### Global parameters + +| Parameter | Description | Default | +|---------------------------|-------------------------------------------------|---------------------------------------------------------| +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | + +### Common parameters + +| Parameter | Description | Default | +|---------------------|---------------------------------------------------|---------------------------------| +| `nameOverride` | String to partially override kafka.fullname | `nil` | +| `fullnameOverride` | String to fully override kafka.fullname | `nil` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `extraDeploy` | Array of extra objects to deploy with the release | `nil` (evaluated as a template) | + +### Kafka parameters + +| Parameter | Description | Default | +|-------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `image.registry` | Kafka image registry | `docker.io` | +| `image.repository` | Kafka image name | `bitnami/kafka` | +| `image.tag` | Kafka image tag | `{TAG_NAME}` | +| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `image.debug` | Set to true if you would like to see extra information on logs | `false` | +| `config` | Configuration file for Kafka. Auto-generated based on other parameters when not specified (see [below](#setting-custom-parameters)) | `nil` | +| `existingConfigmap` | Name of existing ConfigMap with Kafka configuration (see [below](#setting-custom-parameters)) | `nil` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `log4j` | An optional log4j.properties file to overwrite the default of the Kafka brokers. | `nil` | +| `existingLog4jConfigMap` | The name of an existing ConfigMap containing a log4j.properties file. | `nil` | +| `heapOpts` | Kafka's Java Heap size | `-Xmx1024m -Xms1024m` | +| `deleteTopicEnable` | Switch to enable topic deletion or not | `false` | +| `autoCreateTopicsEnable` | Switch to enable auto creation of topics. Enabling auto creation of topics not recommended for production or similar environments | `false` | +| `logFlushIntervalMessages` | The number of messages to accept before forcing a flush of data to disk | `_10000` | +| `logFlushIntervalMs` | The maximum amount of time a message can sit in a log before we force a flush | `1000` | +| `logRetentionBytes` | A size-based retention policy for logs | `_1073741824` | +| `logRetentionCheckIntervalMs` | The interval at which log segments are checked to see if they can be deleted | `300000` | +| `logRetentionHours` | The minimum age of a log file to be eligible for deletion due to age | `168` | +| `logSegmentBytes` | The maximum size of a log segment file. When this size is reached a new log segment will be created | `_1073741824` | +| `logsDirs` | A comma separated list of directories under which to store log files | `/bitnami/kafka/data` | +| `maxMessageBytes` | The largest record batch size allowed by Kafka | `1000012` | +| `defaultReplicationFactor` | Default replication factors for automatically created topics | `1` | +| `offsetsTopicReplicationFactor` | The replication factor for the offsets topic | `1` | +| `transactionStateLogReplicationFactor` | The replication factor for the transaction topic | `1` | +| `transactionStateLogMinIsr` | Overridden min.insync.replicas config for the transaction topic | `1` | +| `numIoThreads` | The number of threads doing disk I/O | `8` | +| `numNetworkThreads` | The number of threads handling network requests | `3` | +| `numPartitions` | The default number of log partitions per topic | `1` | +| `numRecoveryThreadsPerDataDir` | The number of threads per data directory to be used for log recovery at startup and flushing at shutdown | `1` | +| `socketReceiveBufferBytes` | The receive buffer (SO_RCVBUF) used by the socket server | `102400` | +| `socketRequestMaxBytes` | The maximum size of a request that the socket server will accept (protection against OOM) | `_104857600` | +| `socketSendBufferBytes` | The send buffer (SO_SNDBUF) used by the socket server | `102400` | +| `zookeeperConnectionTimeoutMs` | Timeout in ms for connecting to Zookeeper | `6000` | +| `extraEnvVars` | Extra environment variables to add to kafka pods (see [below](#setting-custom-parameters)) | `[]` | +| `extraVolumes` | Extra volume(s) to add to Kafka statefulset | `[]` | +| `extraVolumeMounts` | Extra volumeMount(s) to add to Kafka containers | `[]` | +| `auth.clientProtocol` | Authentication protocol for communications with clients. Allowed protocols: `plaintext`, `tls`, `mtls`, `sasl` and `sasl_tls` | `plaintext` | +| `auth.interBrokerProtocol` | Authentication protocol for inter-broker communications. Allowed protocols: `plaintext`, `tls`, `mtls`, `sasl` and `sasl_tls` | `plaintext` | +| `auth.sasl.mechanisms` | SASL mechanisms when either `auth.interBrokerProtocol` or `auth.clientProtocol` are `sasl`. Allowed types: `plain`, `scram-sha-256`, `scram-sha-512` | `plain,scram-sha-256,scram-sha-512` | +| `auth.sasl.interBrokerMechanism` | SASL mechanism to use as inter broker protocol, it must be included at `auth.sasl.mechanisms` | `plain` | +| `auth.sasl.jaas.interBrokerUser` | Kafka inter broker communication user for SASL authentication | `admin` | +| `auth.sasl.jaas.interBrokerPassword` | Kafka inter broker communication password for SASL authentication | `nil` | +| `auth.sasl.jaas.zookeeperUser` | Kafka Zookeeper user for SASL authentication | `nil` | +| `auth.sasl.jaas.zookeeperPassword` | Kafka Zookeeper password for SASL authentication | `nil` | +| `auth.sasl.jaas.clientUsers` | List of Kafka client users to be created, separated by commas. This values will override `auth.jaas.clientUser` | `["user"]` | +| `auth.sasl.jaas.clientPasswords` | List of passwords for `auth.sasl.jaas.clientUsers`. It is mandatory to provide the passwords when using `auth.sasl.jaas.clientUsers` | `[]` | +| `auth.sasl.jaas.existingSecret` | Name of the existing secret containing credentials for brokerUser, interBrokerUser and zookeeperUser | `nil` | +| `auth.tls.type` | Format to use for TLS certificates. Allowed types: `jks` and `pem` | `jks` | +| `auth.tls.existingSecret` | Name of the existing secret containing the TLS certificates for the Kafka brokers | `nil` | +| `auth.tls.autoGenerated` | Generate automatically self-signed TLS certificates for Kafka brokers. Currently only supported if `auth.tls.type` is `pem` | `false` | +| `auth.tls.password` | Password to access the JKS files or PEM key when they are password-protected. | `nil` | +| `auth.tls.jksTruststoreSecret` | Name of the existing secret containing your truststore if truststore not existing or different from the one in the `auth.tls.existingSecret` | `nil` | +| `auth.tls.jksKeystoreSAN` | The secret key from the `auth.tls.existingSecret` containing the keystore with a SAN certificate | `nil` | +| `auth.tls.jksTruststore` | The secret key from the `auth.tls.existingSecret` or `auth.tls.jksTruststoreSecret` containing the truststore | `nil` | +| `auth.tls.endpointIdentificationAlgorithm`| The endpoint identification algorithm to validate server hostname using server certificate | `https` | +| `listeners` | The address(es) the socket server listens on. Auto-calculated it's set to an empty array | `[]` | +| `advertisedListeners` | The address(es) (hostname:port) the broker will advertise to producers and consumers. Auto-calculated it's set to an empty array | `[]` | +| `listenerSecurityProtocolMap` | The protocol->listener mapping. Auto-calculated it's set to nil | `nil` | +| `allowPlaintextListener` | Allow to use the PLAINTEXT listener | `true` | +| `interBrokerListenerName` | The listener that the brokers should communicate on | `INTERNAL` | +| `initContainers` | Add extra init containers | `[]` | +| `podManagementPolicy` | Management Policy for Kafka StatefulSet (either Parallel or OrderedReady) | `Parallel` | + +### Statefulset parameters + +| Parameter | Description | Default | +|:----------------------------|:------------------------------------------------------------------------------------------|:---------------------------------------------------| +| `replicaCount` | Number of Kafka nodes | `1` | +| `minBrokerId` | Minimal broker.id value, nodes increment their `broker.id` respectively | `0` | +| `updateStrategy` | Update strategy for the stateful set | `RollingUpdate` | +| `rollingUpdatePartition` | Partition update strategy | `nil` | +| `podLabels` | Kafka pod labels | `{}` (evaluated as a template) | +| `podAnnotations` | Kafka Pod annotations | `{}` (evaluated as a template) | +| `priorityClassName` | Name of the existing priority class to be used by kafka pods | `""` | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` (evaluated as a template) | +| `nodeSelector` | Node labels for pod assignment | `{}` (evaluated as a template) | +| `tolerations` | Tolerations for pod assignment | `[]` (evaluated as a template) | +| `podSecurityContext` | Kafka pods' Security Context | `{}` | +| `containerSecurityContext` | Kafka containers' Security Context | `{}` | +| `resources.limits` | The resources limits for Kafka containers | `{}` | +| `resources.requests` | The requested resources for Kafka containers | `{}` | +| `schedulerName` | Name of the k8s scheduler (other than default) | `nil` | +| `livenessProbe` | Liveness probe configuration for Kafka | `Check values.yaml file` | +| `readinessProbe` | Readiness probe configuration for Kafka | `Check values.yaml file` | +| `customLivenessProbe` | Custom Liveness probe configuration for Kafka | `{}` | +| `customReadinessProbe` | Custom Readiness probe configuration for Kafka | `{}` | +| `pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | +| `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `nil` | +| `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `1` | +| `command` | Override kafka container command | `['/scripts/setup.sh']` (evaluated as a template) | +| `args` | Override kafka container arguments | `[]` (evaluated as a template) | +| `sidecars` | Attach additional sidecar containers to the Kafka pod | `{}` | +| `terminationGracePeriodSeconds` | Seconds the pod needs to gracefully terminate | `nil` | + +### Exposure parameters + +| Parameter | Description | Default | +|---------------------------------------------------|-----------------------------------------------------------------------------------------------|-------------------------------| +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.port` | Kafka port for client connections | `9092` | +| `service.internalPort` | Kafka port for inter-broker connections | `9093` | +| `service.externalPort` | Kafka port for external connections | `9094` | +| `service.nodePorts.client` | Nodeport for client connections | `""` | +| `service.nodePorts.external` | Nodeport for external connections | `""` | +| `service.loadBalancerIP` | loadBalancerIP for Kafka Service | `nil` | +| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `service.annotations` | Service annotations | `{}`(evaluated as a template) | +| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` | +| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` | +| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry (kubectl) | `docker.io` | +| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image name (kubectl) | `bitnami/kubectl` | +| `externalAccess.autoDiscovery.image.tag` | Init container auto-discovery image tag (kubectl) | `{TAG_NAME}` | +| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy (kubectl) | `Always` | +| `externalAccess.autoDiscovery.resources.limits` | Init container auto-discovery resource limits | `{}` | +| `externalAccess.autoDiscovery.resources.requests` | Init container auto-discovery resource requests | `{}` | +| `externalAccess.service.type` | Kubernetes Service type for external access. It can be NodePort or LoadBalancer | `LoadBalancer` | +| `externalAccess.service.port` | Kafka port used for external access when service type is LoadBalancer | `9094` | +| `externalAccess.service.loadBalancerIPs` | Array of load balancer IPs for Kafka brokers | `[]` | +| `externalAccess.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort | `nil` | +| `externalAccess.service.nodePorts` | Array of node ports used to configure Kafka external listener when service type is NodePort | `[]` | +| `externalAccess.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | +| `externalAccess.service.annotations` | Service annotations for external access | `{}`(evaluated as a template) | + +### Persistence parameters + +| Parameter | Description | Default | +|--------------------------------|----------------------------------------------------------------------------------------|-------------------------------| +| `persistence.enabled` | Enable Kafka data persistence using PVC, note that Zookeeper persistence is unaffected | `true` | +| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template | `nil` | +| `persistence.storageClass` | PVC Storage Class for Kafka data volume | `nil` | +| `persistence.accessMode` | PVC Access Mode for Kafka data volume | `ReadWriteOnce` | +| `persistence.size` | PVC Storage Request for Kafka data volume | `8Gi` | +| `persistence.annotations` | Annotations for the PVC | `{}`(evaluated as a template) | +| `persistence.selector` | Selector to match an existing Persistent Volume for Kafka's data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}`(evaluated as a template) | +| `persistence.mountPath` | Mount path of the Kafka data volume | `/bitnami/kafka` | +| `logPersistence.enabled` | Enable Kafka logs persistence using PVC, note that Zookeeper persistence is unaffected | `false` | +| `logPersistence.existingClaim` | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template | `nil` | +| `logPersistence.accessMode` | PVC Access Mode for Kafka logs volume | `ReadWriteOnce` | +| `logPersistence.size` | PVC Storage Request for Kafka logs volume | `8Gi` | +| `logPersistence.annotations` | Annotations for the PVC | `{}`(evaluated as a template) | +| `logPersistence.selector` | Selector to match an existing Persistent Volume for Kafka's log data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}`(evaluated as a template) | +| `logPersistence.mountPath` | Mount path of the Kafka logs volume | `/opt/bitnami/kafka/logs` | + +### RBAC parameters + +| Parameter | Description | Default | +|-------------------------|------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `serviceAccount.create` | Enable creation of ServiceAccount for Kafka pods | `true` | +| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | Generated using the `kafka.serviceAccountName` template | + `serviceAccount.automountServiceAccountToken` | Enable/Disable automountServiceAccountToken for Service Account | `true` | +| `rbac.create` | Whether to create & use RBAC resources or not | `false` | + +### Volume Permissions parameters + +| Parameter | Description | Default | +|----------------------------------------|----------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `"10"` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | +| `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.securityContext` | Init container volume-permissions security context | `{runAsUser: 0}` (interpreted as YAML) | + +### Metrics parameters + +| Parameter | Description | Default | +|----------------------------------------|----------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` | +| `metrics.kafka.image.registry` | Kafka exporter image registry | `docker.io` | +| `metrics.kafka.image.repository` | Kafka exporter image name | `bitnami/kafka-exporter` | +| `metrics.kafka.image.tag` | Kafka exporter image tag | `{TAG_NAME}` | +| `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` | +| `metrics.kafka.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `metrics.kafka.extraFlags` | Extra flags to be passed to Kafka exporter | `{}` | +| `metrics.kafka.certificatesSecret` | Name of the existing secret containing the optional certificate and key files | `nil` | +| `metrics.kafka.tlsCert` | The secret key from the certificatesSecret if `client-cert` key different from the default | `cert-file` | +| `metrics.kafka.tlsKey` | The secret key from the certificatesSecret if `client-key` key different from the default | `key-file` | +| `metrics.kafka.tlsCaCert` | The secret key from the certificatesSecret or tlsCaSecret if 'ca-cert' key different from the default | `ca-file` | +| `metrics.kafka.tlsCaSecret` | Name of the existing secret containing the ca certificate file, if the ca cert can not be found in `metrics.kafka.certificatesSecret` | `nil` | +| `metrics.kafka.resources.limits` | Kafka Exporter container resource limits | `{}` | +| `metrics.kafka.resources.requests` | Kafka Exporter container resource requests | `{}` | +| `metrics.kafka.affinity` | Affinity for Kafka Exporter pod assignment | `{}` | +| `metrics.kafka.nodeSelector` | Node labels for Kafka Exporter pod assignment | `{}` | +| `metrics.kafka.tolerations` | Tolerations for Kafka Exporter pod assignment | `[]` | +| `metrics.kafka.schedulerName` | Name of the k8s scheduler (other than default) for Kafka Exporter | `nil` | +| `metrics.kafka.initContainers` | Add init containers to the Kafka exporter pods | `{}` | +| `metrics.kafka.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) for Kafka Exporter | `ClusterIP` | +| `metrics.kafka.service.port` | Kafka Exporter Prometheus port | `9308` | +| `metrics.kafka.service.nodePort` | Kubernetes HTTP node port | `""` | +| `metrics.kafka.service.annotations` | Annotations for Prometheus metrics service | `Check values.yaml file` | +| `metrics.kafka.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `nil` | +| `metrics.kafka.service.clusterIP` | Static clusterIP or None for headless services | `nil` | +| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | +| `metrics.jmx.image.registry` | JMX exporter image registry | `docker.io` | +| `metrics.jmx.image.repository` | JMX exporter image name | `bitnami/jmx-exporter` | +| `metrics.jmx.image.tag` | JMX exporter image tag | `{TAG_NAME}` | +| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | +| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `metrics.jmx.resources.limits` | JMX Exporter container resource limits | `{}` | +| `metrics.jmx.resources.requests` | JMX Exporter container resource requests | `{}` | +| `metrics.jmx.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) for JMX Exporter | `ClusterIP` | +| `metrics.jmx.service.port` | JMX Exporter Prometheus port | `5556` | +| `metrics.jmx.service.nodePort` | Kubernetes HTTP node port | `""` | +| `metrics.jmx.service.annotations` | Annotations for Prometheus metrics service | `Check values.yaml file` | +| `metrics.jmx.service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `nil` | +| `metrics.jmx.service.clusterIP` | Static clusterIP or None for headless services | `nil` | +| `metrics.jmx.whitelistObjectNames` | Allows setting which JMX objects you want to expose to via JMX stats to JMX Exporter | (see `values.yaml`) | +| `metrics.jmx.config` | Configuration file for JMX exporter | (see `values.yaml`) | +| `metrics.jmx.existingConfigmap` | Name of existing ConfigMap with JMX exporter configuration | `nil` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.kafka.enabled` or `metrics.jmx.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace which Prometheus is running in | `monitoring` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `nil` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `nil` (Prometheus Operator default value) | +| `metrics.serviceMonitor.selector` | ServiceMonitor selector labels | `nil` (Prometheus Operator default value) | +| `metrics.serviceMonitor.relabelings` | Relabel configuration for the metrics | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | + +### Kafka provisioning parameters + +| Parameter | Description | Default | +|----------------------------------|-----------------------------------------------------------------------|--------------------------------| +| `provisioning.enabled` | Enable kafka provisioning Job | `false` | +| `provisioning.image` | Kafka provisioning Job image | `Check values.yaml file` | +| `provisioning.numPartitions` | Default number of partitions for topics when unspecified. | 1 | +| `provisioning.replicationFactor` | Default replication factor for topics when unspecified. | 1 | +| `provisioning.podAnnotations` | Provisioning Pod annotations. | `{}` (evaluated as a template) | +| `provisioning.resources` | Kafka provisioning Job resources | `Check values.yaml file` | +| `provisioning.topics` | Kafka provisioning topics | `[]` | +| `provisioning.schedulerName` | Name of the k8s scheduler (other than default) for kafka provisioning | `nil` | +| `provisioning.command` | Override provisioning container command | `[]` (evaluated as a template) | +| `provisioning.args` | Override provisioning container arguments | `[]` (evaluated as a template) | + +### Zookeeper chart parameters + +| Parameter | Description | Default | +|---------------------------------|------------------------------------------------------|---------| +| `zookeeper.enabled` | Switch to enable or disable the Zookeeper helm chart | `true` | +| `zookeeper.persistence.enabled` | Enable Zookeeper persistence using PVC | `true` | +| `externalZookeeper.servers` | Server or list of external Zookeeper servers to use | `[]` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +helm install my-release \ + --set replicaCount=3 \ + bitnami/kafka +``` + +The above command deploys Kafka with 3 brokers (replicas). + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml bitnami/kafka +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Configuration and installation details + +### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Setting custom parameters + +Any environment variable beginning with `KAFKA_CFG_` will be mapped to its corresponding Kafka key. For example, use `KAFKA_CFG_BACKGROUND_THREADS` in order to set `background.threads`. In order to pass custom environment variables use the `extraEnvVars` property. + +Using `extraEnvVars` with `KAFKA_CFG_` is the preferred and simplest way to add custom Kafka parameters not otherwise specified in this chart. Alternatively, you can provide a *full* Kafka configuration using `config` or `existingConfigmap`. +Setting either `config` or `existingConfigmap` will cause the chart to disregard `KAFKA_CFG_` settings, which are used by many other Kafka-related chart values described above, as well as dynamically generated parameters such as `zookeeper.connect`. This can cause unexpected behavior. + +### Listeners configuration + +This chart allows you to automatically configure Kafka with 3 listeners: + +- One for inter-broker communications. +- A second one for communications with clients within the K8s cluster. +- (optional) a third listener for communications with clients outside the K8s cluster. Check [this section](#accessing-kafka-brokers-from-outside-the-clusters) for more information. + +For more complex configurations, set the `listeners`, `advertisedListeners` and `listenerSecurityProtocolMap` parameters as needed. + +### Enable security for Kafka and Zookeeper + +You can configure different authentication protocols for each listener you configure in Kafka. For instance, you can use `sasl_tls` authentication for client communications, while using `tls` for inter-broker communications. This table shows the available protocols and the security they provide: + +| Method | Authentication | Encryption via TLS | +|-----------|------------------------------|--------------------| +| plaintext | None | No | +| tls | None | Yes | +| mtls | Yes (two-way authentication) | Yes | +| sasl | Yes (via SASL) | No | +| sasl_tls | Yes (via SASL) | Yes | + +Learn more about how to configure Kafka to use the different authentication protocols in the [chart documentation](https://docs.bitnami.com/kubernetes/infrastructure/kafka/administration/enable-security/). + +If you enabled SASL authentication on any listener, you can set the SASL credentials using the parameters below: + +- `auth.sasl.jaas.clientUsers`/`auth.sasl.jaas.clientPasswords`: when enabling SASL authentication for communications with clients. +- `auth.sasl.jaas.interBrokerUser`/`auth.sasl.jaas.interBrokerPassword`: when enabling SASL authentication for inter-broker communications. +- `auth.jaas.zookeeperUser`/`auth.jaas.zookeeperPassword`: In the case that the Zookeeper chart is deployed with SASL authentication enabled. + +In order to configure TLS authentication/encryption, you **can** create a secret containing the Java Key Stores (JKS) files: the truststore (`kafka.truststore.jks`) and one keystore (`kafka.keystore.jks`) per Kafka broker you have in the cluster. Then, you need pass the secret name with the `--auth.jksSecret` parameter when deploying the chart. + +> **Note**: If the JKS files are password protected (recommended), you will need to provide the password to get access to the keystores. To do so, use the `auth.jksPassword` parameter to provide your password. + +For instance, to configure TLS authentication on a Kafka cluster with 2 Kafka brokers use the command below to create the secret: + +```console +kubectl create secret generic kafka-jks --from-file=./kafka.truststore.jks --from-file=./kafka-0.keystore.jks --from-file=./kafka-1.keystore.jks +``` + +> **Note**: the command above assumes you already created the trustore and keystores files. This [script](https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh) can help you with the JKS files generation. + +As an alternative to manually create the secret before installing the chart, you can put your JKS files inside the chart folder `files/jks`, an a secret including them will be generated. Please note this alternative requires to have the chart downloaded locally, so you will have to clone this repository or fetch the chart before installing it. + +If, for some reason (like using Cert-Manager) you can not use the default JKS secret scheme, you can use the additional parameters: + +- `auth.jksTruststoreSecret` to define additional secret, where the `kafka.truststore.jks` is being kept. The truststore password **must** be the same as in `auth.jksPassword` +- `auth.jksTruststore` to overwrite the default value of the truststore key (`kafka.truststore.jks`). +- `auth.jksKeystoreSAN` if you want to use a SAN certificate for your brokers. Setting this parameter would mean that the chart expects a existing key in the `auth.jksSecret` with the `auth.jksKeystoreSAN`-value and use this as a keystore for **all** brokers + +> **Note**: The truststore/keystore from above **must** be protected with the same password as in `auth.jksPassword` + +You can deploy the chart with authentication using the following parameters: + +```console +replicaCount=2 +auth.clientProtocol=sasl +auth.interBrokerProtocol=tls +auth.certificatesSecret=kafka-jks +auth.certificatesPassword=jksPassword +auth.sasl.jaas.clientUsers[0]=brokerUser +auth.sasl.jaas.clientPasswords[0]=brokerPassword +auth.jaas.zookeeperUser=zookeeperUser +auth.jaas.zookeeperPassword=zookeeperPassword +zookeeper.auth.enabled=true +zookeeper.auth.serverUsers=zookeeperUser +zookeeper.auth.serverPasswords=zookeeperPassword +zookeeper.auth.clientUser=zookeeperUser +zookeeper.auth.clientPassword=zookeeperPassword +``` + +If you also enable exposing metrics using the Kafka expoter, and you are using `sasl_tls`, `tls`, or `mtls` authentication protocols, you need to mount the CA certificated used to sign the brokers certificates in the exporter so it can validate the Kafka brokers. To do so, create a secret containing the CA, and set the `metrics.certificatesSecret` parameter. As an alternative, you can skip TLS validation using extra flags: + +```console +metrics.kafka.extraFlags={tls.insecure-skip-tls-verify: ""} +``` + +### Accessing Kafka brokers from outside the cluster + +In order to access Kafka Brokers from outside the cluster, an additional listener and advertised listener must be configured. Additionally, a specific service per kafka pod will be created. + +There are two ways of configuring external access. Using LoadBalancer services or using NodePort services. + +#### Using LoadBalancer services + +You have two alternatives to use LoadBalancer services: + +- Option A) Use random load balancer IPs using an **initContainer** that waits for the IPs to be ready and discover them automatically. + +```console +externalAccess.enabled=true +externalAccess.service.type=LoadBalancer +externalAccess.service.port=9094 +externalAccess.autoDiscovery.enabled=true +serviceAccount.create=true +rbac.create=true +``` + +Note: This option requires creating RBAC rules on clusters where RBAC policies are enabled. + +- Option B) Manually specify the load balancer IPs: + +```console +externalAccess.enabled=true +externalAccess.service.type=LoadBalancer +externalAccess.service.port=9094 +externalAccess.service.loadBalancerIPs[0]='external-ip-1' +externalAccess.service.loadBalancerIPs[1]='external-ip-2'} +``` + +Note: You need to know in advance the load balancer IPs so each Kafka broker advertised listener is configured with it. + +#### Using NodePort services + +You have two alternatives to use NodePort services: + +- Option A) Use random node ports using an **initContainer** that discover them automatically. + +```console +externalAccess.enabled=true +externalAccess.service.type=NodePort +externalAccess.autoDiscovery.enabled=true +serviceAccount.create=true +rbac.create=true +``` + +Note: This option requires creating RBAC rules on clusters where RBAC policies are enabled. + +- Option B) Manually specify the node ports: + +```console +externalAccess.enabled=true +externalAccess.service.type=NodePort +externalAccess.service.nodePorts[0]='node-port-1' +externalAccess.service.nodePorts[1]='node-port-2' +``` + +Note: You need to know in advance the node ports that will be exposed so each Kafka broker advertised listener is configured with it. + +The pod will try to get the external ip of the node using `curl -s https://ipinfo.io/ip` unless `externalAccess.service.domain` or `externalAccess.service.useHostIPs` is provided. + +Following the aforementioned steps will also allow to connect the brokers from the outside using the cluster's default service (when `service.type` is `LoadBalancer` or `NodePort`). Use the property `service.externalPort` to specify the port used for external connections. + +#### Name resolution with External-DNS + +You can use the following values to generate External-DNS annotations which automatically creates DNS records for each ReplicaSet pod: + +```yaml +externalAccess: + service: + annotations: + external-dns.alpha.kubernetes.io/hostname: "{{ .targetPod }}.example.com" +``` +### Sidecars + +If you have a need for additional containers to run within the same pod as Kafka (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec. + +```yaml +sidecars: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +### Setting Pod's affinity + +This chart allows you to set your custom affinity using the `affinity` parameter. Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +### Deploying extra resources + +There are cases where you may want to deploy extra objects, such as Kafka Connect. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter. The following example would create a deployment including a Kafka Connect deployment so you can connect Kafka with MongoDB®: + +```yaml +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: + - | + apiVersion: apps/v1 + kind: Deployment + metadata: + name: {{ include "kafka.fullname" . }}-connect + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: connector + spec: + replicas: 1 + selector: + matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} + app.kubernetes.io/component: connector + template: + metadata: + labels: {{- include "common.labels.standard" . | nindent 8 }} + app.kubernetes.io/component: connector + spec: + containers: + - name: connect + image: KAFKA-CONNECT-IMAGE + imagePullPolicy: IfNotPresent + ports: + - name: connector + containerPort: 8083 + volumeMounts: + - name: configuration + mountPath: /bitnami/kafka/config + volumes: + - name: configuration + configMap: + name: {{ include "kafka.fullname" . }}-connect + - | + apiVersion: v1 + kind: ConfigMap + metadata: + name: {{ include "kafka.fullname" . }}-connect + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: connector + data: + connect-standalone.properties: |- + bootstrap.servers = {{ include "kafka.fullname" . }}-0.{{ include "kafka.fullname" . }}-headless.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.service.port }} + ... + mongodb.properties: |- + connection.uri=mongodb://root:password@mongodb-hostname:27017 + ... + - | + apiVersion: v1 + kind: Service + metadata: + name: {{ include "kafka.fullname" . }}-connect + labels: {{- include "common.labels.standard" . | nindent 4 }} + app.kubernetes.io/component: connector + spec: + ports: + - protocol: TCP + port: 8083 + targetPort: connector + selector: {{- include "common.labels.matchLabels" . | nindent 4 }} + app.kubernetes.io/component: connector +``` + +You can create the Kafka Connect image using the Dockerfile below: + +```Dockerfile +FROM bitnami/kafka:latest +# Download MongoDB® Connector for Apache Kafka https://www.confluent.io/hub/mongodb/kafka-connect-mongodb +RUN mkdir -p /opt/bitnami/kafka/plugins && \ + cd /opt/bitnami/kafka/plugins && \ + curl --remote-name --location --silent https://search.maven.org/remotecontent?filepath=org/mongodb/kafka/mongo-kafka-connect/1.2.0/mongo-kafka-connect-1.2.0-all.jar +CMD /opt/bitnami/kafka/bin/connect-standalone.sh /opt/bitnami/kafka/config/connect-standalone.properties /opt/bitnami/kafka/config/mongo.properties +``` + +## Persistence + +The [Bitnami Kafka](https://github.com/bitnami/bitnami-docker-kafka) image stores the Kafka data at the `/bitnami/kafka` path of the container. + +Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. See the [Parameters](#persistence-parameters) section to configure the PVC or to disable persistence. + +### Adjust permissions of persistent volume mountpoint + +As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. + +By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. +As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. + +You can enable this initContainer by setting `volumePermissions.enabled` to `true`. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami’s Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Upgrading + +### To 12.2.0 + +This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. + +### To 12.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +**What changes were introduced in this major version?** + +- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. +- Move dependency information from the *requirements.yaml* to the *Chart.yaml* +- After running `helm dependency update`, a *Chart.lock* file is generated containing the same structure used in the previous *requirements.lock* +- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts + +**Considerations when upgrading to this version** + +- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues +- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore +- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 + +**Useful links** + +- https://docs.bitnami.com/tutorials/resolve-helm2-helm3-post-migration-issues/ +- https://helm.sh/docs/topics/v2_v3_migration/ +- https://helm.sh/blog/migrate-from-helm-v2-to-helm-v3/ + +### To 11.8.0 + +External access to brokers can now be achieved through the cluster's Kafka service. + +- `service.nodePort` -> deprecated in favor of `service.nodePorts.client` and `service.nodePorts.external` + +### 11.7.0 + +The way to configure the users and passwords changed. Now it is allowed to create multiple users during the installation by providing the list of users and passwords. + +- `auth.jaas.clientUser` (string) -> deprecated in favor of `auth.jaas.clientUsers` (array). +- `auth.jaas.clientPassword` (string) -> deprecated in favor of `auth.jaas.clientPasswords` (array). + +### 11.0.0 + +The way to configure listeners and athentication on Kafka is totally refactored allowing users to configure different authentication protocols on different listeners. Please check the sections [Listeners Configuration](listeners-configuration) and [Listeners Configuration](enable-kafka-for-kafka-and-zookeeper) for more information. + +Backwards compatibility is not guaranteed you adapt your values.yaml to the new format. Here you can find some parameters that were renamed or disappeared in favor of new ones on this major version: + +- `auth.enabled` -> deprecated in favor of `auth.clientProtocol` and `auth.interBrokerProtocol` parameters. +- `auth.ssl` -> deprecated in favor of `auth.clientProtocol` and `auth.interBrokerProtocol` parameters. +- `auth.certificatesSecret` -> renamed to `auth.jksSecret`. +- `auth.certificatesPassword` -> renamed to `auth.jksPassword`. +- `sslEndpointIdentificationAlgorithm` -> renamedo to `auth.tlsEndpointIdentificationAlgorithm`. +- `auth.interBrokerUser` -> renamed to `auth.jaas.interBrokerUser` +- `auth.interBrokerPassword` -> renamed to `auth.jaas.interBrokerPassword` +- `auth.zookeeperUser` -> renamed to `auth.jaas.zookeeperUser` +- `auth.zookeeperPassword` -> renamed to `auth.jaas.zookeeperPassword` +- `auth.existingSecret` -> renamed to `auth.jaas.existingSecret` +- `service.sslPort` -> deprecated in favor of `service.internalPort` +- `service.nodePorts.kafka` and `service.nodePorts.ssl` -> deprecated in favor of `service.nodePort` +- `metrics.kafka.extraFlag` -> new parameter +- `metrics.kafka.certificatesSecret` -> new parameter + +### 10.0.0 + +If you are setting the `config` or `log4j` parameter, backwards compatibility is not guaranteed, because the `KAFKA_MOUNTED_CONFDIR` has moved from `/opt/bitnami/kafka/conf` to `/bitnami/kafka/config`. In order to continue using these parameters, you must also upgrade your image to `docker.io/bitnami/kafka:2.4.1-debian-10-r38` or later. + +### 9.0.0 + +Backwards compatibility is not guaranteed you adapt your values.yaml to the new format. Here you can find some parameters that were renamed on this major version: + +```diff +- securityContext.enabled +- securityContext.fsGroup +- securityContext.fsGroup ++ podSecurityContext +- externalAccess.service.loadBalancerIP ++ externalAccess.service.loadBalancerIPs +- externalAccess.service.nodePort ++ externalAccess.service.nodePorts +- metrics.jmx.configMap.enabled +- metrics.jmx.configMap.overrideConfig ++ metrics.jmx.config +- metrics.jmx.configMap.overrideName ++ metrics.jmx.existingConfigmap +``` + +Ports names were prefixed with the protocol to comply with Istio (see https://istio.io/docs/ops/deployment/requirements/). + +### 8.0.0 + +There is not backwards compatibility since the brokerID changes to the POD_NAME. For more information see [this PR](https://github.com/bitnami/charts/pull/2028). + +### 7.0.0 + +Backwards compatibility is not guaranteed when Kafka metrics are enabled, unless you modify the labels used on the exporter deployments. +Use the workaround below to upgrade from versions previous to 7.0.0. The following example assumes that the release name is kafka: + +```console +helm upgrade kafka bitnami/kafka --version 6.1.8 --set metrics.kafka.enabled=false +helm upgrade kafka bitnami/kafka --version 7.0.0 --set metrics.kafka.enabled=true +``` + +### 2.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is kafka: + +```console +kubectl delete statefulset kafka-kafka --cascade=false +kubectl delete statefulset kafka-zookeeper --cascade=false +``` + +### 1.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to 1.0.0. The following example assumes that the release name is kafka: + +```console +kubectl delete statefulset kafka-kafka --cascade=false +kubectl delete statefulset kafka-zookeeper --cascade=false +``` diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl new file mode 100644 index 0000000000..8dba270baa --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl @@ -0,0 +1,134 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values -}} +{{- default .Chart.Name .Values.name -}} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for statefulset. +*/}} +{{- define "statefulset.apiVersion" -}} +{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "apps/v1beta2" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{- define "common.image" -}} +{{- if contains "/" .repository -}} +{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} +{{- else -}} +{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Storage Class +*/}} +{{- define "kafka.storageClass" -}} +{{/* +Helm 2.11 supports the assignment of a value to a variable defined in a different scope, +but Helm 2.9 and 2.10 does not support it, so we need to implement this if-else logic. +*/}} +{{- if .Values.global -}} + {{- if .Values.global.storageClass -}} + {{- if (eq "-" .Values.global.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.global.storageClass -}} + {{- end -}} + {{- else -}} + {{- if .Values.persistence.storageClass -}} + {{- if (eq "-" .Values.persistence.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.persistence.storageClass -}} + {{- end -}} + {{- end -}} + {{- end -}} +{{- else -}} + {{- if .Values.persistence.storageClass -}} + {{- if (eq "-" .Values.persistence.storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" .Values.persistence.storageClass -}} + {{- end -}} + {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if authentication via SASL should be configured for client communications +*/}} +{{- define "kafka.client.saslAuthentication" -}} +{{- $saslProtocols := list "sasl" "sasl_tls" -}} +{{- if has .Values.auth.clientProtocol $saslProtocols -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if authentication via SASL should be configured for inter-broker communications +*/}} +{{- define "kafka.interBroker.saslAuthentication" -}} +{{- $saslProtocols := list "sasl" "sasl_tls" -}} +{{- if has .Values.auth.interBrokerProtocol $saslProtocols -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if encryption via TLS for client connections should be configured +*/}} +{{- define "kafka.client.tlsEncryption" -}} +{{- $tlsProtocols := list "tls" "mtls" "sasl_tls" -}} +{{- if (has .Values.auth.clientProtocol $tlsProtocols) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if encryption via TLS for inter broker communication connections should be configured +*/}} +{{- define "kafka.interBroker.tlsEncryption" -}} +{{- $tlsProtocols := list "tls" "mtls" "sasl_tls" -}} +{{- if (has .Values.auth.interBrokerProtocol $tlsProtocols) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if encryption via TLS should be configured +*/}} +{{- define "kafka.tlsEncryption" -}} +{{- if or (include "kafka.client.tlsEncryption" .) (include "kafka.interBroker.tlsEncryption" .) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the type of listener +Usage: +{{ include "kafka.listenerType" ( dict "protocol" .Values.path.to.the.Value ) }} +*/}} +{{- define "kafka.listenerType" -}} +{{- if eq .protocol "plaintext" -}} +PLAINTEXT +{{- else if or (eq .protocol "tls") (eq .protocol "mtls") -}} +SSL +{{- else if eq .protocol "sasl_tls" -}} +SASL_SSL +{{- else if eq .protocol "sasl" -}} +SASL_PLAINTEXT +{{- end -}} +{{- end -}} + + diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml new file mode 100644 index 0000000000..3bc4e8ed68 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ template "name" . }}-data-{{ template "name" . }}-0 + labels: + app: {{ template "name" . }} + type: local +spec: + storageClassName: manual + capacity: + storage: {{ .Values.persistence.dataDirSize | quote }} + accessModes: + - ReadWriteOnce + hostPath: + path: "/kube/kafka" + + + + diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml new file mode 100644 index 0000000000..44e25eab24 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-{{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} + type: local +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.persistence.dataDirSize | quote }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml new file mode 100644 index 0000000000..0e5c4c1eaf --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml @@ -0,0 +1,140 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "name" . }}-scripts + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +data: + {{- $fullname := include "name" . }} + {{- $releaseNamespace := .Values.Namespace }} + {{- $clusterDomain := .Values.clusterDomain }} + {{- $interBrokerPort := .Values.service.internalPort }} + {{- $clientPort := .Values.service.port }} + {{- $jksTruststoreSecret := coalesce .Values.auth.tls.jksTruststoreSecret .Values.auth.jksTruststoreSecret -}} + {{- $jksTruststore := coalesce .Values.auth.tls.jksTruststore .Values.auth.jksTruststore -}} + {{- $jksKeystoreSAN := coalesce .Values.auth.tls.jksKeystoreSAN .Values.auth.jksKeystoreSAN -}} + {{- if .Values.externalAccess.autoDiscovery.enabled }} + auto-discovery.sh: |- + #!/bin/bash + + SVC_NAME="${MY_POD_NAME}-external" + + {{- if eq .Values.externalAccess.service.type "LoadBalancer" }} + # Auxiliary functions + retry_while() { + local -r cmd="${1:?cmd is missing}" + local -r retries="${2:-12}" + local -r sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<< "$cmd" + for ((i = 1 ; i <= retries ; i+=1 )); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value + } + k8s_svc_lb_ip() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + local service_ip=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].ip}") + local service_hostname=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].hostname}") + + if [[ -n ${service_ip} ]]; then + echo "${service_ip}" + else + echo "${service_hostname}" + fi + } + k8s_svc_lb_ip_ready() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + [[ -n "$(k8s_svc_lb_ip "$namespace" "$service")" ]] + } + # Wait until LoadBalancer IP is ready + retry_while "k8s_svc_lb_ip_ready {{ $releaseNamespace }} $SVC_NAME" || exit 1 + # Obtain LoadBalancer external IP + k8s_svc_lb_ip "{{ $releaseNamespace }}" "$SVC_NAME" | tee "$SHARED_FILE" + {{- else if eq .Values.externalAccess.service.type "NodePort" }} + k8s_svc_node_port() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + local index=${3:-0} + local node_port="$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.spec.ports[$index].nodePort}")" + echo "$node_port" + } + k8s_svc_node_port "{{ $releaseNamespace }}" "$SVC_NAME" | tee "$SHARED_FILE" + {{- end }} + {{- end }} + setup.sh: |- + #!/bin/bash + + ID="${MY_POD_NAME#"{{ $fullname }}-"}" + if [[ -f "/bitnami/kafka/data/meta.properties" ]]; then + export KAFKA_CFG_BROKER_ID="$(grep "broker.id" /bitnami/kafka/data/meta.properties | awk -F '=' '{print $2}')" + else + export KAFKA_CFG_BROKER_ID="$((ID + {{ .Values.minBrokerId }}))" + fi + + {{- if .Values.externalAccess.enabled }} + # Configure external ip and port + {{- if eq .Values.externalAccess.service.type "LoadBalancer" }} + {{- if .Values.externalAccess.autoDiscovery.enabled }} + export EXTERNAL_ACCESS_IP="$(<${SHARED_FILE})" + {{- else }} + export EXTERNAL_ACCESS_IP=$(echo '{{ .Values.externalAccess.service.loadBalancerIPs }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))") + {{- end }} + export EXTERNAL_ACCESS_PORT={{ .Values.externalAccess.service.port }} + {{- else if eq .Values.externalAccess.service.type "NodePort" }} + {{- if or .Values.externalAccess.service.useHostIPs .Values.externalAccess.autoDiscovery.enabled }} + export EXTERNAL_ACCESS_IP="${HOST_IP}" + {{- else if .Values.externalAccess.service.domain }} + export EXTERNAL_ACCESS_IP={{ .Values.externalAccess.service.domain }} + {{- else }} + export EXTERNAL_ACCESS_IP=$(curl -s https://ipinfo.io/ip) + {{- end }} + {{- if .Values.externalAccess.autoDiscovery.enabled }} + export EXTERNAL_ACCESS_PORT="$(<${SHARED_FILE})" + {{- else }} + export EXTERNAL_ACCESS_PORT=$(echo '{{ .Values.externalAccess.service.nodePorts }}' | tr -d '[]' | cut -d ' ' -f "$(($ID + 1))") + {{- end }} + {{- end }} + + # Configure Kafka advertised listeners + {{- if .Values.advertisedListeners }} + export KAFKA_CFG_ADVERTISED_LISTENERS={{ join "," .Values.advertisedListeners }} + {{- else }} + export KAFKA_CFG_ADVERTISED_LISTENERS="INTERNAL://${MY_POD_NAME}.{{ $fullname }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ $interBrokerPort }},CLIENT://${MY_POD_NAME}.{{ $fullname }}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ $clientPort }},EXTERNAL://${EXTERNAL_ACCESS_IP}:${EXTERNAL_ACCESS_PORT}" + {{- end }} + {{- end }} + + {{- if (include "kafka.tlsEncryption" .) }} + mkdir -p /opt/bitnami/kafka/config/certs + {{- if eq .Values.auth.tls.type "jks" }} + JKS_TRUSTSTORE={{ printf "/%s/%s" (ternary "certs" "truststore" (empty $jksTruststoreSecret)) (default "kafka.truststore.jks" $jksTruststore) | quote }} + JKS_KEYSTORE={{ printf "/certs/%s" (default "kafka-${ID}.keystore.jks" $jksKeystoreSAN) | quote }} + if [[ -f "$JKS_TRUSTSTORE" ]] && [[ -f "$JKS_KEYSTORE" ]]; then + cp "$JKS_TRUSTSTORE" "/opt/bitnami/kafka/config/certs/kafka.truststore.jks" + cp "$JKS_KEYSTORE" "/opt/bitnami/kafka/config/certs/kafka.keystore.jks" + else + echo "Couldn't find the expected Java Key Stores (JKS) files! They are mandatory when encryption via TLS is enabled." + exit 1 + fi + {{- else if eq .Values.auth.tls.type "pem" }} + PEM_CA="/certs/kafka.truststore.pem" + PEM_CERT="/certs/kafka-${ID}.keystore.pem" + PEM_KEY="/certs/kafka-${ID}.keystore.key" + if [[ -f "$PEM_CA" ]] && [[ -f "$PEM_CERT" ]] && [[ -f "$PEM_KEY" ]]; then + cp "$PEM_CA" "/opt/bitnami/kafka/config/certs/kafka.truststore.pem" + cp "$PEM_CERT" "/opt/bitnami/kafka/config/certs/kafka.keystore.pem" + # Ensure the key used PEM format with PKCS#8 + openssl pkcs8 -topk8 -nocrypt -in "$PEM_KEY" > "/opt/bitnami/kafka/config/certs/kafka.keystore.key" + else + echo "Couldn't find the expected PEM files! They are mandatory when encryption via TLS is enabled." + exit 1 + fi + {{- end }} + {{- end }} + + exec /entrypoint.sh /run.sh diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml new file mode 100644 index 0000000000..982804739b --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml @@ -0,0 +1,452 @@ +{{- $interBrokerProtocol := include "kafka.listenerType" (dict "protocol" .Values.auth.interBrokerProtocol) -}} +{{- $clientProtocol := include "kafka.listenerType" (dict "protocol" .Values.auth.clientProtocol) -}} +apiVersion: {{ template "statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + replicas: {{ .Values.replicas }} + podManagementPolicy: {{ .Values.podManagementPolicy }} + selector: + matchLabels: + app: {{ template "name" . }} + serviceName: {{ template "name" . }}-headless + updateStrategy: + type: {{ .Values.updateStrategy | quote }} + {{- if (eq "OnDelete" .Values.updateStrategy) }} + rollingUpdate: null + {{- else if .Values.rollingUpdatePartition }} + rollingUpdate: + partition: {{ .Values.rollingUpdatePartition }} + {{- end }} + template: + metadata: + labels: + app: {{ template "name" . }} + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app: {{ template "name" . }} + namespaces: + - "{{ .Values.namespace }}" + topologyKey: kubernetes.io/hostname + weight: 1 + {{- if or (and .Values.volumePermissions.enabled .Values.persistence.enabled) (and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled) .Values.initContainers }} + initContainers: + {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: {{ include "kafka.volumePermissions.image" . }} + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + command: + - /bin/bash + args: + - -ec + - | + chown -R "{{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" "{{ .Values.persistence.mountPath }}" + chown -R "{{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }}" "{{ .Values.logPersistence.mountPath }}" + securityContext: {{- .Values.volumePermissions.securityContext | toYaml | nindent 12 }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.logPersistence.mountPath }} + {{- end }} + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + - name: auto-discovery + image: {{ include "kafka.externalAccess.autoDiscovery.image" . }} + imagePullPolicy: {{ .Values.externalAccess.autoDiscovery.image.pullPolicy | quote }} + command: + - /scripts/auto-discovery.sh + env: + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: SHARED_FILE + value: "/shared/info.txt" + {{- if .Values.externalAccess.autoDiscovery.resources }} + resources: {{- toYaml .Values.externalAccess.autoDiscovery.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: shared + mountPath: /shared + - name: logs + mountPath: {{ .Values.logPersistence.mountPath }} + - name: scripts + mountPath: /scripts/auto-discovery.sh + subPath: auto-discovery.sh + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers "context" $ ) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: {{ template "name" . }} + image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + command: + - /scripts/setup.sh + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" .Values.image.debug | quote }} + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: KAFKA_CFG_ZOOKEEPER_CONNECT + value: {{ .Values.zookeeperHosts | quote }} + - name: KAFKA_INTER_BROKER_LISTENER_NAME + value: {{ .Values.interBrokerListenerName | quote }} + - name: KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP + {{- if .Values.listenerSecurityProtocolMap }} + value: {{ .Values.listenerSecurityProtocolMap | quote }} + {{- else if .Values.externalAccess.enabled }} + value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }},EXTERNAL:{{ $clientProtocol }}" + {{- else }} + value: "INTERNAL:{{ $interBrokerProtocol }},CLIENT:{{ $clientProtocol }}" + {{- end }} + {{- if or ($clientProtocol | regexFind "SASL") ($interBrokerProtocol | regexFind "SASL") (coalesce .Values.auth.sasl.jaas.zookeeperUser .Values.auth.jaas.zookeeperUser) }} + - name: KAFKA_CFG_SASL_ENABLED_MECHANISMS + value: {{ upper (coalesce .Values.auth.sasl.mechanisms .Values.auth.saslMechanisms) | quote }} + - name: KAFKA_CFG_SASL_MECHANISM_INTER_BROKER_PROTOCOL + value: {{ upper (coalesce .Values.auth.sasl.interBrokerMechanism .Values.auth.saslInterBrokerMechanism) | quote }} + {{- end }} + - name: KAFKA_CFG_LISTENERS + {{- if .Values.listeners }} + value: {{ join "," .Values.listeners }} + {{- else if .Values.externalAccess.enabled }} + value: "INTERNAL://:{{ .Values.service.internalPort }},CLIENT://:9092,EXTERNAL://:9094" + {{- else }} + value: "INTERNAL://:{{ .Values.service.internalPort }},CLIENT://:9092" + {{- end }} + {{- if .Values.externalAccess.enabled }} + {{- if .Values.externalAccess.autoDiscovery.enabled }} + - name: SHARED_FILE + value: "/shared/info.txt" + {{- end }} + {{- if eq .Values.externalAccess.service.type "NodePort" }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + {{- end }} + {{- else }} + - name: KAFKA_CFG_ADVERTISED_LISTENERS + {{- if .Values.advertisedListeners }} + value: {{ join "," .Values.advertisedListeners }} + {{- else }} + value: "INTERNAL://$(MY_POD_NAME).{{ template "name" . }}-headless.{{ .Values.namespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.service.internalPort }},CLIENT://$(MY_POD_NAME).{{ template "name" . }}-headless.{{ .Values.namespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.service.port }}" + {{- end }} + {{- end }} + - name: ALLOW_PLAINTEXT_LISTENER + value: {{ ternary "yes" "no" .Values.allowPlaintextListener | quote }} + {{- if or (include "kafka.client.saslAuthentication" .) (include "kafka.interBroker.saslAuthentication" .) }} + - name: KAFKA_OPTS + value: "-Djava.security.auth.login.config=/opt/bitnami/kafka/config/kafka_jaas.conf" + {{- if (include "kafka.client.saslAuthentication" .) }} + - name: KAFKA_CLIENT_USERS + value: {{ join "," (coalesce .Values.auth.sasl.jaas.clientUsers .Values.auth.jaas.clientUsers) | quote }} + - name: KAFKA_CLIENT_PASSWORDS + valueFrom: + secretKeyRef: + name: {{ include "kafka.jaasSecretName" . }} + key: client-passwords + {{- end }} + {{- if (include "kafka.interBroker.saslAuthentication" .) }} + - name: KAFKA_INTER_BROKER_USER + value: {{ coalesce .Values.auth.sasl.jaas.interBrokerUser .Values.auth.jaas.interBrokerUser | quote }} + - name: KAFKA_INTER_BROKER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.jaasSecretName" . }} + key: inter-broker-password + {{- end }} + {{- end }} + {{- if and .Values.zookeeper.auth.enabled (coalesce .Values.auth.sasl.jaas.zookeeperUser .Values.auth.jaas.zookeeperUser) }} + - name: KAFKA_ZOOKEEPER_PROTOCOL + value: "SASL" + - name: KAFKA_ZOOKEEPER_USER + value: {{ coalesce .Values.auth.sasl.jaas.zookeeperUser .Values.auth.jaas.zookeeperUser | quote }} + - name: KAFKA_ZOOKEEPER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.jaasSecretName" . }} + key: zookeeper-password + {{- end }} + {{- if (include "kafka.tlsEncryption" .) }} + - name: KAFKA_CFG_TLS_TYPE + value: {{ upper .Values.auth.tls.type | quote }} + - name: KAFKA_CFG_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM + value: {{ default "" (coalesce .Values.auth.tls.endpointIdentificationAlgorithm .Values.auth.tlsEndpointIdentificationAlgorithm) | quote }} + - name: KAFKA_CFG_TLS_CLIENT_AUTH + value: {{ ternary "required" "none" (eq .Values.auth.clientProtocol "mtls") | quote }} + {{- $tlsPassword := coalesce .Values.auth.tls.password .Values.auth.jksPassword }} + - name: KAFKA_CERTIFICATE_PASSWORD + value: {{ default "" $tlsPassword | quote }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: JMX_PORT + value: "5555" + {{- end }} + - name: KAFKA_VOLUME_DIR + value: {{ .Values.persistence.mountPath | quote }} + - name: KAFKA_LOG_DIR + value: {{ .Values.logPersistence.mountPath | quote }} + - name: KAFKA_CFG_DELETE_TOPIC_ENABLE + value: {{ .Values.deleteTopicEnable | quote }} + - name: KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE + value: {{ .Values.autoCreateTopicsEnable | quote }} + - name: KAFKA_HEAP_OPTS + value: {{ .Values.heapOpts | quote }} + - name: KAFKA_CFG_LOG_FLUSH_INTERVAL_MESSAGES + value: {{ .Values.logFlushIntervalMessages | replace "_" "" | quote }} + - name: KAFKA_CFG_LOG_FLUSH_INTERVAL_MS + value: {{ .Values.logFlushIntervalMs | quote }} + - name: KAFKA_CFG_LOG_RETENTION_BYTES + value: {{ .Values.logRetentionBytes | replace "_" "" | quote }} + - name: KAFKA_CFG_LOG_RETENTION_CHECK_INTERVALS_MS + value: {{ .Values.logRetentionCheckIntervalMs | quote }} + - name: KAFKA_CFG_LOG_RETENTION_HOURS + value: {{ .Values.logRetentionHours | quote }} + - name: KAFKA_CFG_MESSAGE_MAX_BYTES + value: {{ .Values.maxMessageBytes | replace "_" "" | quote }} + - name: KAFKA_CFG_LOG_SEGMENT_BYTES + value: {{ .Values.logSegmentBytes | replace "_" "" | quote }} + - name: KAFKA_CFG_LOG_DIRS + value: {{ .Values.logsDirs | quote }} + - name: KAFKA_CFG_DEFAULT_REPLICATION_FACTOR + value: {{ .Values.defaultReplicationFactor | quote }} + - name: KAFKA_CFG_OFFSETS_TOPIC_REPLICATION_FACTOR + value: {{ .Values.offsetsTopicReplicationFactor | quote }} + - name: KAFKA_CFG_TRANSACTION_STATE_LOG_REPLICATION_FACTOR + value: {{ .Values.transactionStateLogReplicationFactor | quote }} + - name: KAFKA_CFG_TRANSACTION_STATE_LOG_MIN_ISR + value: {{ .Values.transactionStateLogMinIsr | quote }} + - name: KAFKA_CFG_NUM_IO_THREADS + value: {{ .Values.numIoThreads | quote }} + - name: KAFKA_CFG_NUM_NETWORK_THREADS + value: {{ .Values.numNetworkThreads | quote }} + - name: KAFKA_CFG_NUM_PARTITIONS + value: {{ .Values.numPartitions | quote }} + - name: KAFKA_CFG_NUM_RECOVERY_THREADS_PER_DATA_DIR + value: {{ .Values.numRecoveryThreadsPerDataDir | quote }} + - name: KAFKA_CFG_SOCKET_RECEIVE_BUFFER_BYTES + value: {{ .Values.socketReceiveBufferBytes | quote }} + - name: KAFKA_CFG_SOCKET_REQUEST_MAX_BYTES + value: {{ .Values.socketRequestMaxBytes | replace "_" "" | quote }} + - name: KAFKA_CFG_SOCKET_SEND_BUFFER_BYTES + value: {{ .Values.socketSendBufferBytes | quote }} + - name: KAFKA_CFG_ZOOKEEPER_CONNECTION_TIMEOUT_MS + value: {{ .Values.zookeeperConnectionTimeoutMs | quote }} + {{- if .Values.extraEnvVars }} + {{ include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + ports: + - name: kafka-client + containerPort: 9092 + - name: kafka-internal + containerPort: {{ .Values.service.internalPort }} + {{- if .Values.externalAccess.enabled }} + - name: kafka-external + containerPort: 9094 + {{- end }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + tcpSocket: + port: kafka-client + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + {{- else if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: + tcpSocket: + port: kafka-client + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + {{- else if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: kafka-data + mountPath: {{ .Values.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.logPersistence.mountPath }} + {{- if or .Values.config .Values.existingConfigmap }} + - name: kafka-config + mountPath: {{ .Values.persistence.mountPath }}/config/server.properties + subPath: server.properties + {{- end }} + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + mountPath: {{ .Values.persistence.mountPath }}/config/log4j.properties + subPath: log4j.properties + {{- end }} + - name: scripts + mountPath: /scripts/setup.sh + subPath: setup.sh + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + - name: shared + mountPath: /shared + {{- end }} + {{- if (include "kafka.tlsEncryption" .) }} + - name: kafka-certificates + mountPath: /certs + readOnly: true + {{- if (coalesce .Values.auth.tls.jksTruststoreSecret .Values.auth.jksTruststoreSecret) }} + - name: kafka-truststore + mountPath: /truststore + readOnly: true + {{- end }} + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-exporter + image: {{ template "kafka.metrics.jmx.image" . }} + imagePullPolicy: {{ .Values.metrics.jmx.image.pullPolicy | quote }} + command: + - java + - -XX:+UnlockExperimentalVMOptions + - -XX:+UseCGroupMemoryLimitForHeap + - -XX:MaxRAMFraction=1 + - -XshowSettings:vm + - -jar + - jmx_prometheus_httpserver.jar + - "5556" + - /etc/jmx-kafka/jmx-kafka-prometheus.yml + ports: + - name: metrics + containerPort: 5556 + {{- if .Values.metrics.jmx.resources }} + resources: {{- toYaml .Values.metrics.jmx.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: jmx-config + mountPath: /etc/jmx-kafka + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if or .Values.config .Values.existingConfigmap }} + - name: kafka-config + configMap: + name: {{ include "kafka.configmapName" . }} + {{- end }} + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + configMap: + name: {{ include "kafka.log4j.configMapName" . }} + {{ end }} + - name: scripts + configMap: + name: {{ template "name" . }}-scripts + defaultMode: 0755 + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + - name: shared + emptyDir: {} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-config + configMap: + name: {{ include "kafka.metrics.jmx.configmapName" . }} + {{- end }} + {{- if (include "kafka.tlsEncryption" .) }} + - name: kafka-certificates + secret: + secretName: {{ include "kafka.tlsSecretName" . }} + defaultMode: 256 + {{- if (coalesce .Values.auth.tls.jksTruststoreSecret .Values.auth.jksTruststoreSecret) }} + - name: kafka-truststore + secret: + secretName: {{ coalesce .Values.auth.tls.jksTruststoreSecret .Values.auth.jksTruststoreSecret }} + defaultMode: 256 + {{- end }} + {{- end }} + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} +{{- if not .Values.persistence.enabled }} + - name: data + emptyDir: {} +{{- else if .Values.persistence.existingClaim }} + - name: kafka-data + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.persistence.existingClaim .) }} +{{- end }} +{{- if not .Values.logPersistence.enabled }} + - name: logs + emptyDir: {} +{{- else if .Values.logPersistence.existingClaim }} + - name: logs + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.logPersistence.existingClaim .) }} +{{- end }} + {{- if or (and .Values.persistence.enabled (not .Values.persistence.existingClaim)) (and .Values.logPersistence.enabled (not .Values.logPersistence.existingClaim)) }} + volumeClaimTemplates: + {{- end }} +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} + - metadata: + name: data + {{- if .Values.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.annotations "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.dataDirSize | quote }} + {{ include "kafka.storageClass" . | nindent 8 }} + {{- if .Values.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 10 }} + {{- end -}} +{{- end }} +{{- if and .Values.logPersistence.enabled (not .Values.logPersistence.existingClaim) }} + - metadata: + name: logs + {{- if .Values.logPersistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.logPersistence.annotations "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.logPersistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.logPersistence.size | quote }} + {{ include "kafka.storageClass" . | nindent 8 }} + {{- if .Values.logPersistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.logPersistence.selector "context" $) | nindent 10 }} + {{- end -}} +{{- end }} + diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml new file mode 100644 index 0000000000..3226d6c293 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "name" . }}-headless + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + type: ClusterIP + clusterIP: None + ports: + - name: tcp-client + port: {{ .Values.service.port }} + protocol: TCP + targetPort: kafka-client + - name: tcp-internal + port: {{ .Values.service.internalPort }} + protocol: TCP + targetPort: kafka-internal + selector: + app: {{ template "name" . }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml b/config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml new file mode 100644 index 0000000000..8616bdfd8a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml @@ -0,0 +1,38 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + type: {{ .Values.service.type }} + {{- if eq .Values.service.type "LoadBalancer" }} + {{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml .Values.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + {{- end }} + ports: + - name: tcp-client + port: {{ .Values.service.port }} + protocol: TCP + targetPort: kafka-client + {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.client)) }} + nodePort: {{ .Values.service.nodePorts.client }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if and .Values.externalAccess.enabled (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) }} + - name: tcp-external + port: {{ .Values.service.externalPort }} + protocol: TCP + targetPort: kafka-external + {{- if (not (empty .Values.service.nodePorts.external)) }} + nodePort: {{ .Values.service.nodePorts.external }} + {{- end }} + {{- end }} + selector: + app: {{ template "name" . }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/kafka/values.yaml b/config-as-code/helm/charts/backbone-services/kafka/values.yaml new file mode 100644 index 0000000000..85f1c96876 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/kafka/values.yaml @@ -0,0 +1,1241 @@ +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry and imagePullSecrets +## +# global: +# imageRegistry: myRegistryName +# imagePullSecrets: +# - myRegistryKeySecretName +# storageClass: myStorageClass + +## Bitnami Kafka image version +## ref: https://hub.docker.com/r/bitnami/kafka/tags/ +## +name: kafka +namespace: kafka-cluster +replicas: 1 +zookeeperHosts: "zookeeper.zookeeper-cluster:2181/kafka" + +image: + pullPolicy: IfNotPresent + repository: bitnami/kafka + tag: 2.8.0-debian-10-r30 + debug: false + +imagePullPolicy: IfNotPresent + + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## Set to true if you would like to see extra information on logs + #debug: false + +## String to partially override kafka.fullname template (will maintain the release name) +## +# nameOverride: + +## String to fully override kafka.fullname template +## +# fullnameOverride: + +## Deployment pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: [] + +## Use an alternate scheduler, e.g. "stork". +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +# schedulerName: + +## StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel +## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy +## +podManagementPolicy: Parallel + +## Kubernetes Cluster Domain +## +clusterDomain: cluster.local + +## Add labels to all the deployed resources +## +commonLabels: {} + +## Add annotations to all the deployed resources +## +commonAnnotations: {} + +## Kafka Configuration +## Specify content for server.properties +## NOTE: This will override any KAFKA_CFG_ environment variables (including those set by the chart) +## The server.properties is auto-generated based on other parameters when this parameter is not specified +## +## Example: +## config: |- +## broker.id=-1 +## listeners=PLAINTEXT://:9092 +## advertised.listeners=PLAINTEXT://KAFKA_IP:9092 +## num.network.threads=3 +## num.io.threads=8 +## socket.send.buffer.bytes=102400 +## socket.receive.buffer.bytes=102400 +## socket.request.max.bytes=104857600 +## log.dirs=/bitnami/kafka/data +## num.partitions=1 +## num.recovery.threads.per.data.dir=1 +## offsets.topic.replication.factor=1 +## transaction.state.log.replication.factor=1 +## transaction.state.log.min.isr=1 +## log.flush.interval.messages=10000 +## log.flush.interval.ms=1000 +## log.retention.hours=168 +## log.retention.bytes=1073741824 +## log.segment.bytes=1073741824 +## log.retention.check.interval.ms=300000 +## zookeeper.connect=ZOOKEEPER_SERVICE_NAME +## zookeeper.connection.timeout.ms=6000 +## group.initial.rebalance.delay.ms=0 +## +# config: + +## ConfigMap with Kafka Configuration +## NOTE: This will override config AND any KAFKA_CFG_ environment variables. +## +# existingConfigmap: + +## Kafka Log4J Configuration +## An optional log4j.properties file to overwrite the default of the Kafka brokers. +## See an example log4j.properties at: +## https://github.com/apache/kafka/blob/trunk/config/log4j.properties +## +# log4j: + +## Kafka Log4j ConfigMap +## The name of an existing ConfigMap containing a log4j.properties file. +## NOTE: this will override log4j. +## +# existingLog4jConfigMap: + +## Kafka's Java Heap size +## +heapOpts: -Xmx1024m -Xms1024m + +## Switch to enable topic deletion or not. +## +deleteTopicEnable: false + +## Switch to enable auto creation of topics. +## Enabling auto creation of topics not recommended for production or similar environments. +## +autoCreateTopicsEnable: true + +## The number of messages to accept before forcing a flush of data to disk. +## +logFlushIntervalMessages: _10000 + +## The maximum amount of time a message can sit in a log before we force a flush. +## +logFlushIntervalMs: 1000 + +## A size-based retention policy for logs. +## +logRetentionBytes: _1073741824 + +## The interval at which log segments are checked to see if they can be deleted. +## +logRetentionCheckIntervalMs: 300000 + +## The minimum age of a log file to be eligible for deletion due to age. +## +logRetentionHours: 168 + +## The maximum size of a log segment file. When this size is reached a new log segment will be created. +## +logSegmentBytes: _1073741824 + +## A comma separated list of directories under which to store log files. +## +logsDirs: /bitnami/kafka/data + +## The largest record batch size allowed by Kafka +## +maxMessageBytes: _1000012 + +## Default replication factors for automatically created topics +## +defaultReplicationFactor: 1 + +## The replication factor for the offsets topic +## +offsetsTopicReplicationFactor: 1 + +## The replication factor for the transaction topic +## +transactionStateLogReplicationFactor: 1 + +## Overridden min.insync.replicas config for the transaction topic +## +transactionStateLogMinIsr: 1 + +## The number of threads doing disk I/O. +## +numIoThreads: 8 + +## The number of threads handling network requests. +## +numNetworkThreads: 3 + +## The default number of log partitions per topic. +## +numPartitions: 1 + +## The number of threads per data directory to be used for log recovery at startup and flushing at shutdown. +## +numRecoveryThreadsPerDataDir: 1 + +## The receive buffer (SO_RCVBUF) used by the socket server. +## +socketReceiveBufferBytes: 102400 + +## The maximum size of a request that the socket server will accept (protection against OOM). +## +socketRequestMaxBytes: _104857600 + +## The send buffer (SO_SNDBUF) used by the socket server. +## +socketSendBufferBytes: 102400 + +## Timeout in ms for connecting to zookeeper. +## +zookeeperConnectionTimeoutMs: 6000 + +## Command and args for running the container. Use array form +## +command: + - /scripts/setup.sh +args: [] + +## All the parameters from the configuration file can be overwritten by using environment variables with this format: KAFKA_CFG_{KEY} +## ref: https://github.com/bitnami/bitnami-docker-kafka#configuration +## Example: +## extraEnvVars: +## - name: KAFKA_CFG_BACKGROUND_THREADS +## value: "10" +## +extraEnvVars: [] + +## extraVolumes and extraVolumeMounts allows you to mount other volumes +## Examples: +# extraVolumes: +# - name: kafka-jaas +# secret: +# secretName: kafka-jaas +# extraVolumeMounts: +# - name: kafka-jaas +# mountPath: /bitnami/kafka/config/kafka_jaas.conf +# subPath: kafka_jaas.conf +extraVolumes: [] +extraVolumeMounts: [] + +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: [] + +## Authentication parameteres +## https://github.com/bitnami/bitnami-docker-kafka#security +## +auth: + ## Authentication protocol for client and inter-broker communications + ## Supported values: 'plaintext', 'tls', 'mtls', 'sasl' and 'sasl_tls' + ## This table shows the security provided on each protocol: + ## | Method | Authentication | Encryption via TLS | + ## | plaintext | None | No | + ## | tls | None | Yes | + ## | mtls | Yes (two-way authentication) | Yes | + ## | sasl | Yes (via SASL) | No | + ## | sasl_tls | Yes (via SASL) | Yes | + ## + clientProtocol: plaintext + interBrokerProtocol: plaintext + + ## SASL configuration + ## + sasl: + ## Comma separated list of allowed SASL mechanisms. + ## Note: ignored unless `auth.clientProtocol` or `auth.interBrokerProtocol` are using either `sasl` or `sasl_tls` + ## + mechanisms: plain,scram-sha-256,scram-sha-512 + ## SASL mechanism for inter broker communication. + ## + interBrokerMechanism: plain + ## JAAS configuration for SASL authentication. + ## + jaas: + ## Kafka client user list + ## + ## clientUsers: + ## - user1 + ## - user2 + ## + clientUsers: + - user + ## Kafka client passwords. This is mandatory if more than one user is specified in clientUsers. + ## + ## clientPasswords: + ## - password1 + ## - password2" + ## + clientPasswords: [] + ## Kafka inter broker communication user + ## + interBrokerUser: admin + ## Kafka inter broker communication password + ## + interBrokerPassword: "" + ## Kafka Zookeeper user + ## + zookeeperUser: "" + ## Kafka Zookeeper password + ## + zookeeperPassword: "" + ## Name of the existing secret containing credentials for clientUsers, interBrokerUser and zookeeperUser. + ## Create this secret running the command below where SECRET_NAME is the name of the secret you want to create: + ## kubectl create secret generic SECRET_NAME --from-literal=client-passwords=CLIENT_PASSWORD1,CLIENT_PASSWORD2 --from-literal=inter-broker-password=INTER_BROKER_PASSWORD --from-literal=zookeeper-password=ZOOKEEPER_PASSWORD + ## + existingSecret: "" + + ## DEPRECATED: use `auth.sasl.mechanisms` instead. + saslMechanisms: plain,scram-sha-256,scram-sha-512 + ## DEPRECATED: use `auth.sasl.interBrokerMechanism` instead. + saslInterBrokerMechanism: plain + ## DEPRECATED: use `auth.sasl.jaas` instead. + jaas: + clientUsers: + - user + clientPasswords: [] + interBrokerUser: admin + interBrokerPassword: "" + zookeeperUser: "" + zookeeperPassword: "" + existingSecret: "" + + ## TLS configuration + ## + tls: + ## Format to use for TLS certificates + ## Supported values: 'jks' and 'pem' + ## + type: jks + ## Name of an existing secret containing the TLS certificates + ## + ## When using 'jks' format for certificates, the secret should contain: + ## - A truststore + ## - One keystore per Kafka broker you have in the cluster + ## Create this secret following the steps below: + ## 1) Generate your trustore and keystore files. Helpful script: https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh + ## 2) Rename your truststore to `kafka.truststore.jks`. + ## 3) Rename your keystores to `kafka-X.keystore.jks` where X is the ID of each Kafka broker. + ## 4) Run the command below where SECRET_NAME is the name of the secret you want to create: + ## kubectl create secret generic SECRET_NAME --from-file=./kafka.truststore.jks --from-file=./kafka-0.keystore.jks --from-file=./kafka-1.keystore.jks ... + ## + ## When using 'pem' format for certificates, the secret should contain: + ## - A public CA certificate + ## - One public certificate and one private key per Kafka broker you have in the cluster + ## Create this secret following the steps below: + ## 1) Create a certificate key and signing request per Kafka broker, and sign the signing request with your CA + ## 2) Rename your CA file to `kafka.truststore.pem`. + ## 3) Rename your certificates to `kafka-X.keystore.pem` where X is the ID of each Kafka broker. + ## 3) Rename your keys to `kafka-X.keystore.key` where X is the ID of each Kafka broker. + ## 5) Run the command below where SECRET_NAME is the name of the secret you want to create: + ## kubectl create secret generic SECRET_NAME --from-file=./kafka.truststore.pem --from-file=./kafka-0.keystore.pem --from-file=./kafka-0.keystore.key --from-file=./kafka-1.keystore.pem --from-file=./kafka-1.keystore.key ... + ## + existingSecret: "" + ## Create self-signed TLS certificates. Currently only supported for 'pem' format. + ## Note: ignored when using 'jks' format or `auth.tls.existingSecret` is not empty + ## + autoGenerated: false + ## Password to access the JKS files or PEM key when they are password-protected. + ## + password: "" + ## Name of an existing secret containing your JKS truststore if the JKS truststore doesn't exist + ## or is different from the one in the `auth.tls.existingSecret`. + ## Note: ignored when using 'pem' format for certificates . + ## + jksTruststoreSecret: "" + ## The secret key from the `auth.tls.existingSecret` containing the keystore with a SAN certificate. + ## The SAN certificate in it should be issued with Subject Alternative Names for all headless services: + ## - kafka-0.kafka-headless.kafka.svc.cluster.local + ## - kafka-1.kafka-headless.kafka.svc.cluster.local + ## - kafka-2.kafka-headless.kafka.svc.cluster.local + ## Note: ignored when using 'pem' format for certificates. + ## + jksKeystoreSAN: "" + ## The secret key from the `auth.tls.existingSecret` or `auth.tls.jksTruststoreSecret` containing the truststore. + ## Note: ignored when using 'pem' format for certificates. + ## + jksTruststore: "" + ## The endpoint identification algorithm used by clients to validate server host name. + ## Disable server host name verification by setting it to an empty string. + ## ref: https://docs.confluent.io/current/kafka/authentication_ssl.html#optional-settings + ## + endpointIdentificationAlgorithm: https + + ## DEPRECATED: use `auth.tls.existingSecret` instead. + jksSecret: "" + ## DEPRECATED: use `auth.tls.jksTruststoreSecret` instead. + jksTruststoreSecret: "" + ## DEPRECATED: use `auth.tls.jksKeystoreSAN` instead. + jksKeystoreSAN: "" + ## DEPRECATED: use `auth.tls.jksTruststore` instead. + jksTruststore: "" + ## DEPRECATED: use `auth.tls.password` instead. + jksPassword: "" + ## DEPRECATED: use `auth.tls.endpointIdentificationAlgorithm` instead. + tlsEndpointIdentificationAlgorithm: https + +## The address(es) the socket server listens on. +## When it's set to an empty array, the listeners will be configured +## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters) +## +listeners: [] + +## The address(es) (hostname:port) the brokers will advertise to producers and consumers. +## When it's set to an empty array, the advertised listeners will be configured +## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters) +## +advertisedListeners: [] + +## The listener->protocol mapping +## When it's nil, the listeners will be configured +## based on the authentication protocols (auth.clientProtocol and auth.interBrokerProtocol parameters) +## +# listenerSecurityProtocolMap: + +## Allow to use the PLAINTEXT listener. +## +allowPlaintextListener: true + +## Name of listener used for communication between brokers. +## +interBrokerListenerName: INTERNAL + +## Number of Kafka brokers to deploy +## +replicaCount: 1 + +## Minimal broker.id value +## Brokers increment their ID starting at this minimal value. +## E.g., with `minBrokerId=100` and 3 nodes, IDs will be 100, 101, 102 for brokers 0, 1, and 2, respectively. +## +minBrokerId: 0 + +## StrategyType, can be set to RollingUpdate or OnDelete by default. +## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets +## +updateStrategy: RollingUpdate + +## Partition update strategy +## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions +## +# rollingUpdatePartition: + +## Pod labels. Evaluated as a template +## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## Pod annotations. Evaluated as a template +## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +## Name of the priority class to be used by kafka pods, priority class needs to be created beforehand +## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: "" + +## Pod affinity preset +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAffinityPreset: "" + +## Pod anti-affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAntiAffinityPreset: soft + +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## Allowed values: soft, hard +## +nodeAffinityPreset: + ## Node affinity type + ## Allowed values: soft, hard + ## + type: "" + ## Node label key to match + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## Node label values to match + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + +## Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## Tolerations for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Configure the grace time period for sig term +## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution +## +# terminationGracePeriodSeconds: 30 + +## Kafka pods' Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +## +podSecurityContext: + enabled: true + fsGroup: 1001 + runAsUser: 1001 + +## Kafka containers' Security Context +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container +## Example: +## containerSecurityContext: +## capabilities: +## drop: ["NET_RAW"] +## readOnlyRootFilesystem: true +## +containerSecurityContext: {} + +## Kafka containers' resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 250m + # memory: 1Gi + requests: {} + # cpu: 250m + # memory: 256Mi + +## Kafka containers' liveness and readiness probes. Evaluated as a template. +## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes +## +livenessProbe: + enabled: true + initialDelaySeconds: 10 + timeoutSeconds: 5 + # failureThreshold: 3 + # periodSeconds: 10 + # successThreshold: 1 +readinessProbe: + enabled: true + initialDelaySeconds: 5 + failureThreshold: 6 + timeoutSeconds: 5 + # periodSeconds: 10 + # successThreshold: 1 + +## Custom liveness/readiness probes that will override the default ones +## +customLivenessProbe: {} +customReadinessProbe: {} + +## Pod Disruption Budget configuration +## The PDB will only be created if replicaCount is greater than 1 +## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions +## +pdb: + create: false + ## Min number of pods that must still be available after the eviction + ## + # minAvailable: 1 + ## Max number of pods that can be unavailable after the eviction + ## + maxUnavailable: 1 + +## Add sidecars to the pod. +## Example: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: {} + +## Service parameters +## +service: + ## Service type + ## + type: ClusterIP + ## Kafka port for client connections + ## + port: 9092 + ## Kafka port for inter-broker connections + ## + internalPort: 9093 + ## Kafka port for external connections + ## + externalPort: 9094 + ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePorts: + client: "" + external: "" + ## Set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + # loadBalancerIP: + ## Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## Example: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## Provide any additional annotations which may be required. Evaluated as a template + ## + annotations: {} + +## External Access to Kafka brokers configuration +## +externalAccess: + ## Enable Kubernetes external cluster access to Kafka brokers + ## + enabled: false + + ## External IPs auto-discovery configuration + ## An init container is used to auto-detect LB IPs or node ports by querying the K8s API + ## Note: RBAC might be required + ## + autoDiscovery: + ## Enable external IP/ports auto-discovery + ## + enabled: false + ## Bitnami Kubectl image + ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ + ## + image: + registry: docker.io + repository: bitnami/kubectl + tag: 1.19.11-debian-10-r14 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init Container resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 100m + # memory: 128Mi + requests: {} + # cpu: 100m + # memory: 128Mi + + ## Parameters to configure K8s service(s) used to externally access Kafka brokers + ## A new service per broker will be created + ## + service: + ## Service type. Allowed values: LoadBalancer or NodePort + ## + type: LoadBalancer + ## Port used when service type is LoadBalancer + ## + port: 9094 + ## Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount + ## Example: + ## loadBalancerIPs: + ## - X.X.X.X + ## - Y.Y.Y.Y + ## + loadBalancerIPs: [] + ## Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## Example: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## Array of node ports used for each Kafka broker. Length must be the same as replicaCount + ## Example: + ## nodePorts: + ## - 30001 + ## - 30002 + ## + nodePorts: [] + ## Use worker host ips + useHostIPs: false + ## When service type is NodePort, you can specify the domain used for Kafka advertised listeners. + ## If not specified, the container will try to get the kubernetes node external IP + ## + # domain: mydomain.com + ## Provide any additional annotations which may be required. Evaluated as a template + ## + annotations: {} + +## Persistence parameters +## +persistence: + enabled: true + ## A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: pvc-{{ template "name" . }} + ## PV Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + # storageClass: "-" + ## PV Access Mode + ## + accessModes: + - ReadWriteOnce + ## PVC size + ## + dataDirSize: 5Gi + ## PVC annotations + ## + annotations: {} + ## selector can be used to match an existing PersistentVolume + ## selector: + ## matchLabels: + ## app: my-app + selector: {} + ## Mount point for persistence + ## + mountPath: /bitnami/kafka + +## Log Persistence parameters +## +logPersistence: + enabled: false + ## A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + # existingClaim: + ## PV Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + # existingLogClaim: + ## PV Storage Class + ## It getted from persistence.storageClass + ## + ## PV Access Mode + ## + accessModes: + - ReadWriteOnce + ## PVC size + ## + size: 8Gi + ## PVC annotations + ## + annotations: {} + ## selector can be used to match an existing PersistentVolume + ## selector: + ## matchLabels: + ## app: my-app + selector: {} + ## Mount path for persistent logs + ## + mountPath: /opt/bitnami/kafka/logs + +## Init Container parameters +## Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each component +## values from the securityContext section of the component +## +volumePermissions: + enabled: false + ## The security context for the volumePermissions init container + ## + securityContext: + runAsUser: 0 + image: + registry: docker.io + repository: bitnami/bitnami-shell + tag: 10-debian-10-r98 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: Always + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init Container resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 100m + # memory: 128Mi + requests: {} + # cpu: 100m + # memory: 128Mi + +## Kafka pods ServiceAccount +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## Specifies whether a ServiceAccount should be created + ## + create: true + ## The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the kafka.serviceAccountName template + ## + # name: + # Allows auto mount of ServiceAccountToken on the serviceAccount created + # Can be set to false if pods using this serviceAccount do not need to use K8s API + automountServiceAccountToken: true + +## Role Based Access +## ref: https://kubernetes.io/docs/admin/authorization/rbac/ +## +rbac: + ## Specifies whether RBAC rules should be created + ## binding Kafka ServiceAccount to a role + ## that allows Kafka pods querying the K8s API + ## + create: false + +## Kafka provisioning +## +provisioning: + enabled: false + + image: + registry: docker.io + repository: bitnami/kafka + tag: 2.8.0-debian-10-r29 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + + ## Set to true if you would like to see extra information on logs + ## + debug: false + + # provisioning.numPartitions: Number of partitions for the topic when it does not specify. + numPartitions: 1 + + # provisioning.replicationFactor: Replication factor for the topic when it does not specify. + replicationFactor: 1 + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: + + podAnnotations: {} + + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 250m + # memory: 1Gi + requests: {} + # cpu: 250m + # memory: 256Mi + + ## Command and args for running the container (set to default if not set). Use array form + ## + command: [] + args: [] + + topics: [] + # - name: topic-name + # partitions: 1 + # replicationFactor: 1 + # # https://kafka.apache.org/documentation/#topicconfigs + # config: + # max.message.bytes: 64000 + # flush.messages: 1 + +## Prometheus Exporters / Metrics +## +metrics: + ## Prometheus Kafka Exporter: exposes complimentary metrics to JMX Exporter + ## + kafka: + enabled: false + + ## Bitnami Kafka exporter image + ## ref: https://hub.docker.com/r/bitnami/kafka-exporter/tags/ + ## + image: + registry: docker.io + repository: bitnami/kafka-exporter + tag: 1.3.1-debian-10-r14 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + + ## Use an alternate scheduler, e.g. "stork". + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + # schedulerName: + + ## Extra flags to be passed to Kafka exporter + ## Example: + ## extraFlags: + ## tls.insecure-skip-tls-verify: "" + ## web.telemetry-path: "/metrics" + ## + extraFlags: {} + + ## Name of the existing secret containing the optional certificate and key files + ## for Kafka Exporter client authentication + ## + # certificatesSecret: + + ## The secret key from the certificatesSecret if 'client-cert' key different from the default (cert-file) + ## + tlsCert: cert-file + + ## The secret key from the certificatesSecret if 'client-key' key different from the default (key-file) + ## + tlsKey: key-file + + ## Name of the existing secret containing the optional ca certificate + ## for Kafka Exporter client authentication + ## + # tlsCaSecret: + + ## The secret key from the certificatesSecret or tlsCaSecret if 'ca-cert' key different from the default (ca-file) + ## + tlsCaCert: ca-file + + ## Prometheus Kafka Exporter' resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 100m + # memory: 128Mi + requests: {} + # cpu: 100m + # memory: 128Mi + + ## Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + + ## Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + + ## Add init containers to the Kafka exporter pods. + ## Example: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + initContainers: {} + + ## Service configuration + ## + service: + ## Kafka Exporter Service type + ## + type: ClusterIP + ## Kafka Exporter Prometheus port + ## + port: 9308 + ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePort: "" + ## Set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + # loadBalancerIP: + ## Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## Example: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## Set the Cluster IP to use + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## + # clusterIP: None + ## Annotations for the Kafka Exporter Prometheus metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.kafka.service.port }}" + prometheus.io/path: "/metrics" + + ## Prometheus JMX Exporter: exposes the majority of Kafkas metrics + ## + jmx: + enabled: false + + ## Bitnami JMX exporter image + ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/ + ## + image: + registry: docker.io + repository: bitnami/jmx-exporter + tag: 0.15.0-debian-10-r121 + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + + ## Prometheus JMX Exporter' resource requests and limits + ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: {} + # cpu: 100m + # memory: 128Mi + requests: {} + # cpu: 100m + # memory: 128Mi + + ## Service configuration + ## + service: + ## JMX Exporter Service type + ## + type: ClusterIP + ## JMX Exporter Prometheus port + ## + port: 5556 + ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePort: "" + ## Set the LoadBalancer service type to internal only. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer + ## + # loadBalancerIP: + ## Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## Example: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## Set the Cluster IP to use + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## + # clusterIP: None + ## Annotations for the JMX Exporter Prometheus metrics service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.jmx.service.port }}" + prometheus.io/path: "/" + + ## JMX Whitelist Objects, can be set to control which JMX metrics are exposed. Only whitelisted + ## values will be exposed via JMX Exporter. They must also be exposed via Rules. To expose all metrics + ## (warning its crazy excessive and they aren't formatted in a prometheus style) (1) `whitelistObjectNames: []` + ## (2) commented out above `overrideConfig`. + ## + whitelistObjectNames: + - kafka.controller:* + - kafka.server:* + - java.lang:* + - kafka.network:* + - kafka.log:* + + ## Prometheus JMX exporter configuration + ## Specify content for jmx-kafka-prometheus.yml. Evaluated as a template + ## + ## Credits to the incubator/kafka chart for the JMX configuration. + ## https://github.com/helm/charts/tree/master/incubator/kafka + ## + config: |- + jmxUrl: service:jmx:rmi:///jndi/rmi://127.0.0.1:5555/jmxrmi + lowercaseOutputName: true + lowercaseOutputLabelNames: true + ssl: false + {{- if .Values.metrics.jmx.whitelistObjectNames }} + whitelistObjectNames: ["{{ join "\",\"" .Values.metrics.jmx.whitelistObjectNames }}"] + {{- end }} + + ## ConfigMap with Prometheus JMX exporter configuration + ## NOTE: This will override metrics.jmx.config + ## + # existingConfigmap: + + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + enabled: false + ## Namespace in which Prometheus is running + ## + # namespace: monitoring + + ## Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # interval: 10s + + ## Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # scrapeTimeout: 10s + + ## ServiceMonitor selector labels + ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## + # selector: + # prometheus: my-prometheus + + ## Relabel configuration for the metrics. + ## + # relabelings: [] + + # MetricRelabelConfigs to apply to samples before ingestion. + ## + # metricRelabelings: [] + +## +## Zookeeper chart configuration +## +## https://github.com/bitnami/charts/blob/master/bitnami/zookeeper/values.yaml +## +zookeeper: + enabled: true + auth: + ## Enable Zookeeper auth + ## + enabled: false + ## User that will use Zookeeper clients to auth + ## + # clientUser: + ## Password that will use Zookeeper clients to auth + ## + # clientPassword: + ## Comma, semicolon or whitespace separated list of user to be created. Specify them as a string, for example: "user1,user2,admin" + ## + # serverUsers: + ## Comma, semicolon or whitespace separated list of passwords to assign to users when created. Specify them as a string, for example: "pass4user1, pass4user2, pass4admin" + ## + # serverPasswords: + +## This value is only used when zookeeper.enabled is set to false +## +externalZookeeper: + ## Server or list of external zookeeper servers to use. + ## + servers: [] + +## Extra init containers to add to the deployment +## +initContainers: [] diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml b/config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml new file mode 100644 index 0000000000..4b324edd81 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml @@ -0,0 +1,16 @@ +{{- if eq .Values.global.setup "quickstart" }} +apiVersion: v1 +kind: PersistentVolume +metadata: + name: pv-postgres + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/kube/postgres" +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml b/config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml new file mode 100644 index 0000000000..900adb38db --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml @@ -0,0 +1,16 @@ +{{- if eq .Values.global.setup "quickstart" }} +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-postgres + namespace: egov + labels: + type: local +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/postgres/values.yaml b/config-as-code/helm/charts/backbone-services/postgres/values.yaml index e8f75abda0..7c3d973123 100644 --- a/config-as-code/helm/charts/backbone-services/postgres/values.yaml +++ b/config-as-code/helm/charts/backbone-services/postgres/values.yaml @@ -20,13 +20,13 @@ env: | - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: - name: jenkins-credentials - key: ciDbpassword + name: db + key: password - name: POSTGRES_USER valueFrom: secretKeyRef: - name: jenkins-credentials - key: ciDbUsername + name: db + key: username - name: POSTGRES_DB value: {{ default "" .Values.postgresDatabase | quote }} extraVolumeMounts: | @@ -34,3 +34,10 @@ extraVolumeMounts: | mountPath: /var/lib/postgresql/data extraVolumes: | - name: postgres-volume + {{- if eq .Values.global.setup "quickstart" }} + persistentVolumeClaim: + claimName: pvc-postgres + {{- end}} + + +postgresDatabase: egov_ms diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/.helmignore b/config-as-code/helm/charts/backbone-services/zookeeper/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml new file mode 100644 index 0000000000..442bb8380a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml @@ -0,0 +1,8 @@ +apiVersion: v2 +name: zookeeper +description: A centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services for distributed applications. +keywords: + - zookeeper +version: 7.0.1 +engine: gotpl + diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/README.md b/config-as-code/helm/charts/backbone-services/zookeeper/README.md new file mode 100644 index 0000000000..afe715df77 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/README.md @@ -0,0 +1,348 @@ +# ZooKeeper + +[ZooKeeper](https://zookeeper.apache.org/) is a centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services. All of these kinds of services are used in some form or other by distributed applications. + +## TL;DR + +```console +$ helm repo add bitnami https://charts.bitnami.com/bitnami +$ helm install my-release bitnami/zookeeper +``` + +## Introduction + +This chart bootstraps a [ZooKeeper](https://github.com/bitnami/bitnami-docker-zookeeper) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of [Bitnami Kubernetes Production Runtime](https://kubeprod.io/) (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications. + +## Prerequisites + +- Kubernetes 1.12+ +- Helm 3.1.0 +- PV provisioner support in the underlying infrastructure + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm repo add bitnami https://charts.bitnami.com/bitnami +$ helm install my-release bitnami/zookeeper +``` + +These commands deploy ZooKeeper on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +The following tables lists the configurable parameters of the ZooKeeper chart and their default values per section/component: + +| Parameter | Description | Default | +|---------------------------|-------------------------------------------------|---------------------------------------------------------| +| `global.imageRegistry` | Global Docker image registry | `nil` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `global.storageClass` | Global storage class for dynamic provisioning | `nil` | + +### Common parameters + +| Parameter | Description | Default | +|---------------------|----------------------------------------------------|-----------------------------------| +| `nameOverride` | String to partially override common.names.fullname | `nil` | +| `fullnameOverride` | String to fully override common.names.fullname | `nil` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` (evaluated as a template) | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `schedulerName` | Kubernetes pod scheduler registry | `nil` (use the default-scheduler) | + +### Zookeeper chart parameters + +| Parameter | Description | Default | +|-----------------------------|---------------------------------------------------------------------------------------------|---------------------------------------------------------| +| `image.registry` | ZooKeeper image registry | `docker.io` | +| `image.repository` | ZooKeeper Image name | `bitnami/zookeeper` | +| `image.tag` | ZooKeeper Image tag | `{TAG_NAME}` | +| `image.pullPolicy` | ZooKeeper image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | +| `image.debug` | Specify if debug values should be set | `false` | +| `tickTime` | Basic time unit in milliseconds used by ZooKeeper for heartbeats | `2000` | +| `initLimit` | Time the ZooKeeper servers in quorum have to connect to a leader | `10` | +| `syncLimit` | How far out of date a server can be from a leader | `5` | +| `maxClientCnxns` | Number of concurrent connections that a single client may make to a single member | `60` | +| `maxSessionTimeout` | Maximum session timeout in milliseconds that the server will allow the client to negotiate. | `40000` | +| `autopurge.snapRetainCount` | Number of retains snapshots for autopurge | `3` | +| `autopurge.purgeInterval` | The time interval in hours for which the purge task has to be triggered | `0` | +| `fourlwCommandsWhitelist` | A list of comma separated Four Letter Words commands to use | `srvr, mntr` | +| `listenOnAllIPs` | Allow Zookeeper to listen for connections from its peers on all available IP addresses. | `false` | +| `allowAnonymousLogin` | Allow to accept connections from unauthenticated users | `yes` | +| `auth.existingSecret` | Use existing secret (ignores previous password) | `nil` | +| `auth.enabled` | Enable ZooKeeper auth | `false` | +| `auth.clientUser` | User that will use ZooKeeper clients to auth | `nil` | +| `auth.clientPassword` | Password that will use ZooKeeper clients to auth | `nil` | +| `auth.serverUsers` | List of user to be created | `nil` | +| `auth.serverPasswords` | List of passwords to assign to users when created | `nil` | +| `hostAliases` | Add deployment host aliases | `[]` | +| `heapSize` | Size in MB for the Java Heap options (Xmx and XMs) | `[]` | +| `logLevel` | Log level of ZooKeeper server | `ERROR` | +| `jvmFlags` | Default JVMFLAGS for the ZooKeeper process | `nil` | +| `config` | Configure ZooKeeper with a custom zoo.conf file | `nil` | +| `dataLogDir` | Data log directory | `""` | +| `namespaceOverride` | Namespace for ZooKeeper resources. Overrides the release namespace. | The Release Namespace | + +### Statefulset parameters + +| Parameter | Description | Default | +|:-------------------------------------|:------------------------------------------------------------------------------------------|:-------------------------------| +| `replicaCount` | Number of ZooKeeper nodes | `1` | +| `minServerId` | Minimal SERVER_ID value, nodes increment their IDs respectively | `1` | +| `updateStrategy` | Update strategy for the statefulset | `RollingUpdate` | +| `rollingUpdatePartition` | Partition update strategy | `nil` | +| `podManagementPolicy` | Pod management policy | `Parallel` | +| `podLabels` | ZooKeeper pod labels | `{}` (evaluated as a template) | +| `podAnnotations` | ZooKeeper Pod annotations | `{}` (evaluated as a template) | +| `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `affinity` | Affinity for pod assignment | `{}` (evaluated as a template) | +| `nodeSelector` | Node labels for pod assignment | `{}` (evaluated as a template) | +| `tolerations` | Tolerations for pod assignment | `[]` (evaluated as a template) | +| `priorityClassName` | Name of the existing priority class to be used by ZooKeeper pods | `""` | +| `securityContext.enabled` | Enable security context (ZooKeeper master pod) | `true` | +| `securityContext.fsGroup` | Group ID for the container (ZooKeeper master pod) | `1001` | +| `securityContext.runAsUser` | User ID for the container (ZooKeeper master pod) | `1001` | +| `resources` | CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `250m` | +| `livenessProbe` | Liveness probe configuration for ZooKeeper | Check `values.yaml` file | +| `readinessProbe` | Readiness probe configuration for ZooKeeper | Check `values.yaml` file | +| `customLivenessProbe` | Override default liveness probe | `nil` | +| `customReadinessProbe` | Override default readiness probe | `nil` | +| `extraVolumes` | Extra volumes | `nil` | +| `extraVolumeMounts` | Mount extra volume(s) | `nil` | +| `initContainers` | Extra init container to add to the statefulset | `nil` | +| `podDisruptionBudget.maxUnavailable` | Max number of pods down simultaneously | `1` | + +### Exposure parameters + +| Parameter | Description | Default | +|------------------------------------------|----------------------------------------------------------------------------------------------------|------------------------------------------------------| +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.loadBalancerIP` | Use with service.type `LoadBalancer` to assign static IP to Load Balancer instance | `""` | +| `service.port` | ZooKeeper port | `2181` | +| `service.followerPort` | ZooKeeper follower port | `2888` | +| `service.electionPort` | ZooKeeper election port | `3888` | +| `service.nodePorts.client` | Nodeport for client connections | `""` | +| `service.nodePorts.clientTls` | Nodeport for tls client connections | `""` | +| `service.publishNotReadyAddresses` | If the ZooKeeper headless service should publish DNS records for not ready pods | `true` | +| `serviceAccount.create` | Enable creation of ServiceAccount for zookeeper pod | `false` | +| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | Generated using the `common.names.fullname` template | +| `serviceAccount.automountServiceAccountToken` | Enable/Disable automountServiceAccountToken for Service Account | `true` | +| `service.disableBaseClientPort` | Remove client port from service definitions. | `false` | +| `service.tlsClientPort` | Service port for tls client connections | `3181` | +| `service.annotations` | Annotations for the Service | `{}` | +| `service.headless.annotations` | Annotations for the Headless Service | `{}` | +| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | + +### Persistence parameters + +| Parameter | Description | Default | +|----------------------------------------|--------------------------------------------------------------------------------|---------------------------------| +| `persistence.enabled` | Enable Zookeeper data persistence using PVC | `true` | +| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `nil` (evaluated as a template) | +| `persistence.storageClass` | PVC Storage Class for ZooKeeper data volume | `nil` | +| `persistence.accessMode` | PVC Access Mode for ZooKeeper data volume | `ReadWriteOnce` | +| `persistence.size` | PVC Storage Request for ZooKeeper data volume | `8Gi` | +| `persistence.annotations` | Annotations for the PVC | `{}` (evaluated as a template) | +| `persistence.selector` | Selector to match an existing Persistent Volume for Zookeeper's data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` (evaluated as a template) | +| `persistence.dataLogDir.size` | PVC Storage Request for ZooKeeper's Data log directory | `8Gi` | +| `persistence.dataLogDir.existingClaim` | Provide an existing `PersistentVolumeClaim` for Zookeeper's Data log directory | `nil` (evaluated as a template) | +| `persistence.dataLogDir.selector` | Selector to match an existing Persistent Volume for Zookeeper's Data log PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` (evaluated as a template) | + +### Volume Permissions parameters + +| Parameter | Description | Default | +|--------------------------------------|----------------------------------------------------------------------------------------------------------------------|-------------------------| +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | +| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/bitnami-shell` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `"10"` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `Always` | +| `volumePermissions.resources` | Init container resource requests/limit | `nil` | + +### Metrics parameters + +| Parameter | Description | Default | +|----------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------| +| `metrics.enabled` | Enable prometheus to access zookeeper metrics endpoint | `false` | +| `metrics.containerPort` | Port where a Jetty server will expose Prometheus metrics | `9141` | +| `metrics.service.type` | Kubernetes service type (`ClusterIP`, `NodePort` or `LoadBalancer`) for Jetty server exposing Prometheus metrics | `ClusterIP` | +| `metrics.service.port` | Prometheus metrics service port | `9141` | +| `metrics.service.annotations` | Service annotations for Prometheus to auto-discover the metrics endpoint | `{prometheus.io/scrape: "true", prometheus.io/port: "9141"}` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace for the ServiceMonitor Resource | The Release Namespace | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped. | `nil` (Prometheus Operator default value) | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `nil` (Prometheus Operator default value) | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `nil` | +| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (also requires `metrics.enabled` to be `true` and `metrics.prometheusRule.rules`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace for the PrometheusRule Resource | The Release Namespace | +| `metrics.prometheusRule.selector` | Prometheus instance selector labels | `nil` | +| `metrics.prometheusRule.rules` | Prometheus Rule definitions (see values.yaml for examples) | `[]` | + +### TLS/SSL parameters + +| Parameter | Description | Default | +|----------------------------------|------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------| +| `tls.client.enabled` | Enable TLS for client connections | `false` | +| `tls.client.autoGenerated` | Generate automatically self-signed TLS certificates for Zookeeper client communications. Currently only supports PEM certificates. | `false` | +| `tls.client.existingSecret` | Name of the existing secret containing the TLS certificates for Zookeper client communications | `nil` | +| `tls.client.keystorePath` | Location of the KeyStore file used for Client connections | `/opt/bitnami/zookeeper/config/certs/client/zookeeper.keystore.jks` | +| `tls.client.truststorePath` | Location of the TrustStore file used for Client connections | `/opt/bitnami/zookeeper/config/certs/client/zookeeper.truststore.jks` | +| `tls.client.keystorePassword` | Password to access KeyStore if needed | `nil` | +| `tls.client.truststorePassword` | Password to access TrustStore if needed | `nil` | +| `tls.quorum.enabled` | Enable TLS for quorum protocol | `false` | +| `tls.quorum.autoGenerated` | Generate automatically self-signed TLS certificates for Zookeeper quorum protocol. Currently only supports PEM certificates. | `false` | +| `tls.quorum.existingSecret` | Name of the existing secret containing the TLS certificates for Zookeper quorum protocol | `nil` | +| `tls.quorum.keystorePath` | Location of the KeyStore file used for Quorum protocol | `/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.keystore.jks` | +| `tls.quorum.truststorePath` | Location of the TrustStore file used for Quorum protocol | `/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.truststore.jks` | +| `tls.quorum.keystorePassword` | Password to access KeyStore if needed | `nil` | +| `tls.quorum.truststorePassword` | Password to access TrustStore if needed | `nil` | +| `tls.resources.limits` | The resources limits for the TLS init container | `{}` | +| `tls.resources.requests` | The requested resources for the TLS init container | `{}` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install my-release \ + --set auth.clientUser=newUser \ + bitnami/zookeeper +``` + +The above command sets the ZooKeeper user to `newUser`. + +> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +$ helm install my-release -f values.yaml bitnami/zookeeper +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Configuration and installation details + +### [Rolling vs Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Configure log level + +You can configure the ZooKeeper log level using the `ZOO_LOG_LEVEL` environment variable. By default, it is set to `ERROR` because of each readiness probe produce an `INFO` message on connection and a `WARN` message on disconnection. + +## Persistence + +The [Bitnami ZooKeeper](https://github.com/bitnami/bitnami-docker-zookeeper) image stores the ZooKeeper data and configurations at the `/bitnami/zookeeper` path of the container. + +Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. See the [Parameters](#parameters) section to configure the PVC or to disable persistence. + +If you encounter errors when working with persistent volumes, refer to our [troubleshooting guide for persistent volumes](https://docs.bitnami.com/kubernetes/faq/troubleshooting/troubleshooting-persistence-volumes/). + +### Adjust permissions of persistent volume mountpoint + +As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. + +By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. +As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. + +You can enable this initContainer by setting `volumePermissions.enabled` to `true`. + +### Configure the data log directory + +You can use a dedicated device for logs (instead of using the data directory) to help avoiding competition between logging and snaphots. To do so, set the `dataLogDir` parameter with the path to be used for writing transaction logs. Alternatively, set this parameter with an empty string and it will result in the log being written to the data directory (Zookeeper's default behavior). + +When using a dedicated device for logs, you can use a PVC to persist the logs. To do so, set `persistence.enabled` to `true`. See the [Persistence Parameters](#persistence-parameters) section for more information. + +### Set pod affinity + +This chart allows you to set custom pod affinity using the `affinity` parameter. Find more information about pod affinity in the [Kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, you can use any of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/master/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami’s Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Upgrading + +### To 7.0.0 + +This new version renames the parameters used to configure TLS for both client and quorum. + +- `service.tls.disable_base_client_port` is renamed to `service.disableBaseClientPort` +- `service.tls.client_port` is renamed to `service.tlsClientPort` +- `service.tls.client_enable` is renamed to `tls.client.enabled` +- `service.tls.client_keystore_path` is renamed to `tls.client.keystorePath` +- `service.tls.client_truststore_path` is renamed to `tls.client.truststorePath` +- `service.tls.client_keystore_password` is renamed to `tls.client.keystorePassword` +- `service.tls.client_truststore_password` is renamed to `tls.client.truststorePassword` +- `service.tls.quorum_enable` is renamed to `tls.quorum.enabled` +- `service.tls.quorum_keystore_path` is renamed to `tls.quorum.keystorePath` +- `service.tls.quorum_truststore_path` is renamed to `tls.quorum.truststorePath` +- `service.tls.quorum_keystore_password` is renamed to `tls.quorum.keystorePassword` +- `service.tls.quorum_truststore_password` is renamed to `tls.quorum.truststorePassword` + +### 6.1.0 + +This version introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/master/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. + +### To 6.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +[Learn more about this change and related upgrade considerations](https://docs.bitnami.com/kubernetes/infrastructure/zookeeper/administration/upgrade-helm3/). + +### To 5.21.0 + +A couple of parameters related to Zookeeper metrics were renamed or disappeared in favor of new ones: + +- `metrics.port` is renamed to `metrics.containerPort`. +- `metrics.annotations` is deprecated in favor of `metrics.service.annotations`. + +### To 3.0.0 + +This new version of the chart includes the new ZooKeeper major version 3.5.5. Note that to perform an automatic upgrade +of the application, each node will need to have at least one snapshot file created in the data directory. If not, the +new version of the application won't be able to start the service. Please refer to [ZOOKEEPER-3056](https://issues.apache.org/jira/browse/ZOOKEEPER-3056) +in order to find ways to workaround this issue in case you are facing it. + +### To 2.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's statefulsets. +Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is `zookeeper`: + +```console +$ kubectl delete statefulset zookeeper-zookeeper --cascade=false +``` + +### To 1.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to 1.0.0. The following example assumes that the release name is zookeeper: + +```console +$ kubectl delete statefulset zookeeper-zookeeper --cascade=false +``` diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl new file mode 100644 index 0000000000..20c75296d5 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl @@ -0,0 +1,179 @@ +{{- define "name" -}} +{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values -}} +{{- default .Chart.Name .Values.name -}} +{{- end }} +{{- end }} + +{{- define "common.image" -}} +{{- if contains "/" .repository -}} +{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} +{{- else -}} +{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for statefulset. +*/}} +{{- define "statefulset.apiVersion" -}} +{{- if semverCompare "<1.9-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "apps/v1beta2" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + + + + + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "zookeeper.volumePermissions.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "zookeeper.imagePullSecrets" -}} +{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.volumePermissions.image) "global" .Values.global) -}} +{{- end -}} + +{{/* +Check if there are rolling tags in the images +*/}} +{{- define "zookeeper.checkRollingTags" -}} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- end -}} + + + +{{/* +Return ZooKeeper Client Password +*/}} +{{- define "zookeeper.clientPassword" -}} +{{- if .Values.auth.clientPassword -}} + {{- .Values.auth.clientPassword -}} +{{- else -}} + {{- randAlphaNum 10 -}} +{{- end -}} +{{- end -}} + +{{/* +Return ZooKeeper Servers Passwords +*/}} +{{- define "zookeeper.serverPasswords" -}} +{{- if .Values.auth.serverPasswords -}} + {{- .Values.auth.serverPasswords -}} +{{- else -}} + {{- randAlphaNum 10 -}} +{{- end -}} +{{- end -}} + + + +{{/* +Return the secret containing Zookeeper quorum TLS certificates +*/}} +{{- define "zookeeper.quorum.tlsSecretName" -}} +{{- $secretName := .Values.tls.quorum.existingSecret -}} +{{- if $secretName -}} + {{- printf "%s" (tpl $secretName $) -}} +{{- else -}} + {{- printf "%s-quorum-crt" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS secret object should be created +*/}} +{{- define "zookeeper.quorum.createTlsSecret" -}} +{{- if and .Values.tls.quorum.enabled .Values.tls.quorum.autoGenerated (not .Values.tls.quorum.existingSecret)}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the name of the secret containing the Keystore and truststore password +*/}} +{{- define "zookeeper.quorum.tlsPasswordsSecret" -}} +{{- $secretName := .Values.tls.quorum.passwordsSecretName -}} +{{- if $secretName -}} + {{- printf "%s" (tpl $secretName $) -}} +{{- else -}} + {{- printf "%s-quorum-tls-pass" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the secret containing Zookeper client TLS certificates +*/}} +{{- define "zookeeper.client.tlsSecretName" -}} +{{- $secretName := .Values.tls.client.existingSecret -}} +{{- if $secretName -}} + {{- printf "%s" (tpl $secretName $) -}} +{{- else -}} + {{- printf "%s-client-crt" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS secret object should be created +*/}} +{{- define "zookeeper.client.createTlsSecret" -}} +{{- if and .Values.tls.client.enabled .Values.tls.client.autoGenerated (not .Values.tls.client.existingSecret) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the name of the secret containing the Keystore and truststore password +*/}} +{{- define "zookeeper.client.tlsPasswordsSecret" -}} +{{- $secretName := .Values.tls.client.passwordsSecretName -}} +{{- if $secretName -}} + {{- printf "%s" (tpl $secretName $) -}} +{{- else -}} + {{- printf "%s-client-tls-pass" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Compile all warnings into a single message. +*/}} +{{- define "zookeeper.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "zookeeper.validateValues.client.tls" .) -}} +{{- $messages := append $messages (include "zookeeper.validateValues.quorum.tls" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} + +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of Zookeeper - Client TLS enabled */}} +{{- define "zookeeper.validateValues.client.tls" -}} +{{- if and .Values.tls.client.enabled (not .Values.tls.client.autoGenerated) (not .Values.tls.client.existingSecret) }} +zookeeper: tls.client.enabled + In order to enable Client TLS encryption, you also need to provide + an existing secret containing the Keystore and Truststore or + enable auto-generated certificates. +{{- end -}} +{{- end -}} + +{{/* Validate values of Zookeeper - Quorum TLS enabled */}} +{{- define "zookeeper.validateValues.quorum.tls" -}} +{{- if and .Values.tls.quorum.enabled (not .Values.tls.quorum.autoGenerated) (not .Values.tls.quorum.existingSecret) }} +zookeeper: tls.quorum.enabled + In order to enable Quorum TLS, you also need to provide + an existing secret containing the Keystore and Truststore or + enable auto-generated certificates. +{{- end -}} +{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml new file mode 100644 index 0000000000..2d570afdd5 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ template "name" . }}-data-{{ template "name" . }}-0 + labels: + app: {{ template "name" . }} + type: local +spec: + storageClassName: manual + capacity: + storage: {{ .Values.persistence.dataDirSize | quote }} + accessModes: + - ReadWriteOnce + hostPath: + path: "/kube/zookeeper" diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml new file mode 100644 index 0000000000..44e25eab24 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: pvc-{{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} + type: local +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.persistence.dataDirSize | quote }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml new file mode 100644 index 0000000000..819c5eeed2 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml @@ -0,0 +1,527 @@ +apiVersion: {{ template "statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ template "name" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + serviceName: {{ template "name" . }}-headless + replicas: {{ .Values.replicas }} + podManagementPolicy: {{ .Values.podManagementPolicy }} + updateStrategy: + type: {{ .Values.updateStrategy }} + {{- if (eq "Recreate" .Values.updateStrategy) }} + rollingUpdate: null + {{- else if .Values.rollingUpdatePartition }} + rollingUpdate: + partition: {{ .Values.rollingUpdatePartition }} + {{- end }} + selector: + matchLabels: + app: {{ template "name" . }} + template: + metadata: + name: {{ template "name" . }} + labels: + app: {{ template "name" . }} + spec: + {{- if .Values.schedulerName }} + schedulerName: {{ .Values.schedulerName }} + {{- end }} + {{- if .Values.securityContext.enabled }} + securityContext: + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app: {{ template "name" . }} + namespaces: + - "{{ .Values.namespace }}" + topologyKey: kubernetes.io/hostname + weight: 1 + {{- if .Values.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- if or .Values.initContainers (and .Values.volumePermissions.enabled .Values.persistence.enabled) (or .Values.tls.client.enabled .Values.tls.quorum.enabled) }} + initContainers: + {{- if .Values.initContainers }} + {{ include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | trim | nindent 8 }} + {{- end }} + {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }} + - name: volume-permissions + image: {{ template "zookeeper.volumePermissions.image" . }} + imagePullPolicy: {{ default "" .Values.volumePermissions.image.pullPolicy | quote }} + command: + - chown + args: + - -R + - {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} + - /bitnami/zookeeper + {{- if .Values.dataLogDir }} + - {{ .Values.dataLogDir }} + {{- end }} + securityContext: + runAsUser: 0 + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: /bitnami/zookeeper + {{- if .Values.dataLogDir }} + - name: data-log + mountPath: {{ .Values.dataLogDir }} + {{- end }} + {{- end }} + {{- if or .Values.tls.client.enabled .Values.tls.quorum.enabled }} + - name: init-certs + image: {{ include "zookeeper.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + {{- end }} + command: + - /bin/bash + - -ec + - |- + {{- if .Values.tls.client.enabled }} + {{- if .Values.tls.client.autoGenerated }} + if [[ -f "/certs/client/tls.key" ]] && [[ -f "/certs/client/tls.crt" ]] && [[ -f "/certs/client/ca.crt" ]]; then + openssl pkcs12 -export -in "/certs/client/tls.crt" \ + -passout pass:"${ZOO_TLS_CLIENT_KEYSTORE_PASSWORD}" \ + -inkey "/certs/client/tls.key" \ + -out "/tmp/keystore.p12" + keytool -importkeystore -srckeystore "/tmp/keystore.p12" \ + -srcstoretype PKCS12 \ + -srcstorepass "${ZOO_TLS_CLIENT_KEYSTORE_PASSWORD}" \ + -deststorepass "${ZOO_TLS_CLIENT_KEYSTORE_PASSWORD}" \ + -destkeystore "/opt/bitnami/zookeeper/config/certs/client/zookeeper.keystore.jks" + rm "/tmp/keystore.p12" + keytool -import -file "/certs/client/ca.crt" \ + -keystore "/opt/bitnami/zookeeper/config/certs/client/zookeeper.truststore.jks" \ + -storepass "${ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD}" \ + -noprompt + else + echo "Couldn't find the expected PEM certificates! They are mandatory when Client encryption via TLS is enabled." + exit 1 + fi + {{- else }} + if [[ -f "/certs/client/zookeeper.truststore.jks" ]] && [[ -f "/certs/client/zookeeper.keystore.jks" ]]; then + cp "/certs/client/zookeeper.truststore.jks" "/opt/bitnami/zookeeper/config/certs/client/zookeeper.truststore.jks" + cp "/certs/client/zookeeper.keystore.jks" "/opt/bitnami/zookeeper/config/certs/client/zookeeper.keystore.jks" + else + echo "Couldn't find the expected Java Key Stores (JKS) files! They are mandatory when Client encryption via TLS is enabled." + exit 1 + fi + {{- end }} + {{- end }} + {{- if .Values.tls.quorum.enabled }} + {{- if .Values.tls.quorum.autoGenerated }} + if [[ -f "/certs/quorum/tls.key" ]] && [[ -f "/certs/quorum/tls.crt" ]] && [[ -f "/certs/quorum/ca.crt" ]]; then + openssl pkcs12 -export -in "/certs/quorum/tls.crt" \ + -passout pass:"${ZOO_TLS_QUORUM_KEYSTORE_PASSWORD}" \ + -inkey "/certs/quorum/tls.key" \ + -out "/tmp/keystore.p12" + keytool -importkeystore -srckeystore "/tmp/keystore.p12" \ + -srcstoretype PKCS12 \ + -srcstorepass "${ZOO_TLS_QUORUM_KEYSTORE_PASSWORD}" \ + -deststorepass "${ZOO_TLS_QUORUM_KEYSTORE_PASSWORD}" \ + -destkeystore "/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.keystore.jks" + rm "/tmp/keystore.p12" + keytool -import -file "/certs/quorum/ca.crt" \ + -keystore "/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.truststore.jks" \ + -storepass "${ZOO_TLS_QUORUM_TRUSTSTORE_PASSWORD}" \ + -noprompt + else + echo "Couldn't find the expected PEM certificates! They are mandatory when encryption Quorum via TLS is enabled." + exit 1 + fi + {{- else }} + if [[ -f "/certs/quorum/zookeeper.truststore.jks" ]] && [[ -f "/certs/quorum/zookeeper.keystore.jks" ]]; then + cp "/certs/quorum/zookeeper.truststore.jks" "/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.truststore.jks" + cp "/certs/quorum/zookeeper.keystore.jks" "/opt/bitnami/zookeeper/config/certs/quorum/zookeeper.keystore.jks" + else + echo "Couldn't find the expected Java Key Stores (JKS) files! They are mandatory when Quorum encryption via TLS is enabled." + exit 1 + fi + {{- end }} + {{- end }} + env: + - name: MY_POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + {{- if or .Values.tls.client.keystorePassword .Values.tls.client.passwordsSecretName .Values.tls.client.autoGenerated }} + - name: ZOO_TLS_CLIENT_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.client.tlsPasswordsSecret" . }} + key: "keystore-password" + {{- end }} + {{- if or .Values.tls.client.truststorePassword .Values.tls.client.passwordsSecretName .Values.tls.client.autoGenerated }} + - name: ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.client.tlsPasswordsSecret" . }} + key: "truststore-password" + {{- end }} + {{- if or .Values.tls.quorum.keystorePassword .Values.tls.quorum.passwordsSecretName .Values.tls.quorum.autoGenerated }} + - name: ZOO_TLS_QUORUM_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.quorum.tlsPasswordsSecret" . }} + key: "keystore-password" + {{- end }} + {{- if or .Values.tls.quorum.truststorePassword .Values.tls.quorum.passwordsSecretName .Values.tls.quorum.autoGenerated }} + - name: ZOO_TLS_QUORUM_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.quorum.tlsPasswordsSecret" . }} + key: "truststore-password" + {{- end }} + {{- if .Values.tls.resources }} + resources: {{- toYaml .Values.tls.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if or .Values.tls.client.enabled }} + - name: client-certificates + mountPath: /certs/client + - name: client-shared-certs + mountPath: /opt/bitnami/zookeeper/config/certs/client + {{- end }} + {{- if or .Values.tls.quorum.enabled }} + - name: quorum-certificates + mountPath: /certs/quorum + - name: quorum-shared-certs + mountPath: /opt/bitnami/zookeeper/config/certs/quorum + {{- end }} + {{- end }} + {{- end }} + containers: + - name: {{ template "name" . }} + image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + {{- if .Values.securityContext.enabled }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + {{- end }} + command: + - bash + - -ec + - | + # Execute entrypoint as usual after obtaining ZOO_SERVER_ID + # check ZOO_SERVER_ID in persistent volume via myid + # if not present, set based on POD hostname + if [[ -f "/bitnami/zookeeper/data/myid" ]]; then + export ZOO_SERVER_ID="$(cat /bitnami/zookeeper/data/myid)" + else + HOSTNAME=`hostname -s` + if [[ $HOSTNAME =~ (.*)-([0-9]+)$ ]]; then + ORD=${BASH_REMATCH[2]} + export ZOO_SERVER_ID=$((ORD + {{ .Values.minServerId }} )) + else + echo "Failed to get index from hostname $HOST" + exit 1 + fi + fi + exec /entrypoint.sh /run.sh + {{- if .Values.resources }} + resources: {{- toYaml .Values.resources | nindent 12 }} + {{- end }} + env: + - name: ZOO_DATA_LOG_DIR + value: {{ .Values.dataLogDir | quote }} + - name: ZOO_PORT_NUMBER + value: {{ .Values.service.port | quote }} + - name: ZOO_TICK_TIME + value: {{ .Values.tickTime | quote }} + - name: ZOO_INIT_LIMIT + value: {{ .Values.initLimit | quote }} + - name: ZOO_SYNC_LIMIT + value: {{ .Values.syncLimit | quote }} + - name: ZOO_MAX_CLIENT_CNXNS + value: {{ .Values.maxClientCnxns | quote }} + - name: ZOO_4LW_COMMANDS_WHITELIST + value: {{ .Values.fourlwCommandsWhitelist | quote }} + - name: ZOO_LISTEN_ALLIPS_ENABLED + value: {{ ternary "yes" "no" .Values.listenOnAllIPs | quote }} + - name: ZOO_AUTOPURGE_INTERVAL + value: {{ .Values.autopurge.purgeInterval | quote }} + - name: ZOO_AUTOPURGE_RETAIN_COUNT + value: {{ .Values.autopurge.snapRetainCount | quote }} + - name: ZOO_MAX_SESSION_TIMEOUT + value: {{ .Values.maxSessionTimeout | quote }} + - name: ZOO_SERVERS + {{- $replicaCount := int .Values.replicas }} + {{- $minServerId := int .Values.minServerId }} + {{- $followerPort := int .Values.service.followerPort }} + {{- $electionPort := int .Values.service.electionPort }} + {{- $clusterDomain := .Values.clusterDomain }} + value: {{ range $i, $e := until $replicaCount }}{{ $.Values.name }}-{{ $e }}.{{ $.Values.name }}-headless.{{ $.Values.namespace }}.svc.{{ $clusterDomain }}:{{ $followerPort }}:{{ $electionPort }}::{{ add $e $minServerId }} {{ end }} + - name: ZOO_ENABLE_AUTH + value: {{ ternary "yes" "no" .Values.auth.enabled | quote }} + {{- if .Values.auth.enabled }} + - name: ZOO_CLIENT_USER + value: {{ .Values.auth.clientUser | quote }} + - name: ZOO_CLIENT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ if .Values.auth.existingSecret }}{{ .Values.auth.existingSecret }}{{ else }}{{ template "name" . }}{{ end }} + key: client-password + - name: ZOO_SERVER_USERS + value: {{ .Values.auth.serverUsers | quote }} + - name: ZOO_SERVER_PASSWORDS + valueFrom: + secretKeyRef: + name: {{ if .Values.auth.existingSecret }}{{ .Values.auth.existingSecret }}{{ else }}{{ template "name" . }}{{ end }} + key: server-password + {{- end }} + - name: ZOO_HEAP_SIZE + value: {{ .Values.heapSize | quote }} + - name: ZOO_LOG_LEVEL + value: {{ .Values.logLevel | quote }} + - name: ALLOW_ANONYMOUS_LOGIN + value: {{ ternary "yes" "no" .Values.allowAnonymousLogin | quote }} + {{- if .Values.jvmFlags }} + - name: JVMFLAGS + value: {{ .Values.jvmFlags | quote }} + {{- end }} + {{- if .Values.metrics.enabled }} + - name: ZOO_ENABLE_PROMETHEUS_METRICS + value: "yes" + - name: ZOO_PROMETHEUS_METRICS_PORT_NUMBER + value: {{ .Values.metrics.containerPort | quote }} + {{- end }} + {{- if .Values.tls.client.enabled }} + - name: ZOO_TLS_CLIENT_ENABLE + value: {{ .Values.tls.client.enabled | quote }} + - name: ZOO_TLS_CLIENT_KEYSTORE_FILE + value: {{ .Values.tls.client.keystorePath | quote }} + - name: ZOO_TLS_CLIENT_TRUSTSTORE_FILE + value: {{ .Values.tls.client.truststorePath | quote }} + {{- if or .Values.tls.client.keystorePassword .Values.tls.client.passwordsSecretName .Values.tls.client.autoGenerated }} + - name: ZOO_TLS_CLIENT_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.client.tlsPasswordsSecret" . }} + key: "keystore-password" + {{- end }} + {{- if or .Values.tls.client.truststorePassword .Values.tls.client.passwordsSecretName .Values.tls.client.autoGenerated }} + - name: ZOO_TLS_CLIENT_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.client.tlsPasswordsSecret" . }} + key: "truststore-password" + {{- end }} + {{- end }} + {{- if .Values.tls.quorum.enabled }} + - name: ZOO_TLS_QUORUM_ENABLE + value: {{ .Values.tls.quorum.enabled | quote }} + - name: ZOO_TLS_QUORUM_KEYSTORE_FILE + value: {{ .Values.tls.quorum.keystorePath | quote }} + - name: ZOO_TLS_QUORUM_TRUSTSTORE_FILE + value: {{ .Values.tls.quorum.truststorePath | quote }} + {{- if or .Values.tls.quorum.keystorePassword .Values.tls.quorum.passwordsSecretName .Values.tls.quorum.autoGenerated }} + - name: ZOO_TLS_QUORUM_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.quorum.tlsPasswordsSecret" . }} + key: "keystore-password" + {{- end }} + {{- if or .Values.tls.quorum.truststorePassword .Values.tls.quorum.passwordsSecretName .Values.tls.quorum.autoGenerated }} + - name: ZOO_TLS_QUORUM_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "zookeeper.quorum.tlsPasswordsSecret" . }} + key: "truststore-password" + {{- end }} + {{- end }} + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + {{- if .Values.extraEnvVars }} + {{- toYaml .Values.extraEnvVars | nindent 12 }} + {{- end }} + ports: + {{- if not .Values.service.disableBaseClientPort }} + - name: client + containerPort: {{ .Values.service.port }} + {{- end }} + {{- if .Values.tls.client.enabled }} + - name: client-tls + containerPort: {{ .Values.service.tlsClientPort }} + {{- end }} + - name: follower + containerPort: {{ .Values.service.followerPort }} + - name: election + containerPort: {{ .Values.service.electionPort }} + {{- if .Values.metrics.enabled }} + - name: metrics + containerPort: {{ .Values.metrics.containerPort }} + {{- end }} + {{- if .Values.livenessProbe.enabled }} + livenessProbe: + exec: + {{- if not .Values.service.disableBaseClientPort }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} nc -w {{ .Values.livenessProbe.probeCommandTimeout }} localhost {{ .Values.service.port }} | grep imok'] + {{- else }} + {{- if not .Values.tls.client.enabled }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tlsClientPort }} | grep imok'] + {{- else }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tlsClientPort }} -cert {{ .Values.service.tls.client_cert_pem_path }} -key {{ .Values.service.tls.client_key_pem_path }} | grep imok'] + {{- end }} + {{- end }} + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + {{- else if .Values.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.readinessProbe.enabled }} + readinessProbe: + exec: + {{- if not .Values.service.disableBaseClientPort }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.readinessProbe.probeCommandTimeout }} nc -w {{ .Values.readinessProbe.probeCommandTimeout }} localhost {{ .Values.service.port }} | grep imok'] + {{- else }} + {{- if not .Values.tls.client.enabled }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tlsClientPort }} | grep imok'] + {{- else }} + command: ['/bin/bash', '-c', 'echo "ruok" | timeout {{ .Values.livenessProbe.probeCommandTimeout }} openssl s_client -quiet -crlf -connect localhost:{{ .Values.service.tlsClientPort }} -cert {{ .Values.service.tls.client_cert_pem_path }} -key {{ .Values.service.tls.client_key_pem_path }} | grep imok'] + {{- end }} + {{- end }} + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + {{- else if .Values.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} + {{- end }} + volumeMounts: + - name: zookeeper-data + mountPath: /bitnami/zookeeper + {{- if .Values.dataLogDir }} + - name: data-log + mountPath: {{ .Values.dataLogDir }} + {{- end }} + {{- if .Values.config }} + - name: config + mountPath: /opt/bitnami/zookeeper/conf/zoo.cfg + subPath: zoo.cfg + {{- end }} + {{- if .Values.tls.client.enabled }} + - name: client-shared-certs + mountPath: /opt/bitnami/zookeeper/config/certs/client + readOnly: true + {{- end }} + {{- if .Values.tls.quorum.enabled }} + - name: quorum-shared-certs + mountPath: /opt/bitnami/zookeeper/config/certs/quorum + readOnly: true + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- toYaml .Values.extraVolumeMounts | nindent 12 }} + {{- end }} + volumes: + {{- if .Values.config }} + - name: config + configMap: + name: {{ template "name" . }} + {{- end }} + {{- if and .Values.persistence.enabled .Values.persistence.existingClaim }} + - name: {{ template "name" . }}-data + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.persistence.existingClaim .) }} + {{- else if not .Values.persistence.enabled }} + - name: data + emptyDir: {} + {{- end }} + {{- if and .Values.persistence.enabled .Values.persistence.dataLogDir.existingClaim }} + - name: data-log + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.persistence.dataLogDir.existingClaim .) }} + {{- else if and ( not .Values.persistence.enabled ) .Values.dataLogDir }} + - name: data-log + emptyDir: {} + {{- end }} + {{- if .Values.tls.client.enabled }} + - name: client-certificates + secret: + secretName: {{ include "zookeeper.client.tlsSecretName" . }} + defaultMode: 256 + - name: client-shared-certs + emptyDir: {} + {{- end }} + {{- if .Values.tls.quorum.enabled }} + - name: quorum-certificates + secret: + secretName: {{ include "zookeeper.quorum.tlsSecretName" . }} + defaultMode: 256 + - name: quorum-shared-certs + emptyDir: {} + {{- end }} + {{- if .Values.extraVolumes }} + {{- toYaml .Values.extraVolumes | nindent 8 }} + {{- end }} + {{- if and .Values.persistence.enabled (not (and .Values.persistence.existingClaim .Values.persistence.dataLogDir.existingClaim) )}} + volumeClaimTemplates: + {{- if not .Values.persistence.existingClaim }} + - metadata: + name: zookeeper-data + annotations: + {{- range $key, $value := .Values.persistence.annotations }} + {{ $key }}: {{ $value }} + {{- end }} + spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.dataDirSize | quote }} + {{- if and (not .Values.persistence.dataLogDir.existingClaim) .Values.dataLogDir }} + - metadata: + name: data-log + annotations: + {{- range $key, $value := .Values.persistence.annotations }} + {{ $key }}: {{ $value }} + {{- end }} + spec: + accessModes: + {{- range .Values.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.persistence.dataLogDir.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 8 }} + {{- if .Values.persistence.dataLogDir.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataLogDir.selector "context" $) | nindent 10 }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} +{{- end }} + + diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml new file mode 100644 index 0000000000..ad13a92dba --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml @@ -0,0 +1,30 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "name" . }}-headless + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: {{ .Values.service.publishNotReadyAddresses }} + ports: + {{ if not .Values.service.disableBaseClientPort }} + - name: tcp-client + port: 2181 + targetPort: client + {{ end }} + {{ if .Values.tls.client.enabled }} + - name: tcp-client-tls + port: {{ .Values.service.tlsClientPort }} + targetPort: client-tls + {{ end }} + - name: follower + port: 2888 + targetPort: follower + - name: tcp-election + port: 3888 + targetPort: election + selector: + app: {{ template "name" . }} diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml new file mode 100644 index 0000000000..86360d2966 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml @@ -0,0 +1,41 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.name }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "name" . }} +spec: + type: {{ .Values.service.type }} + {{- if and (.Values.service.loadBalancerIP) (eq .Values.service.type "LoadBalancer") }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + ports: + {{ if not .Values.service.disableBaseClientPort }} + - name: tcp-client + port: 2181 + targetPort: client + {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.client)) }} + nodePort: {{ .Values.service.nodePorts.client }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{ end }} + {{ if .Values.tls.client.enabled }} + - name: tcp-client-tls + port: {{ .Values.service.tlsClientPort }} + targetPort: client-tls + {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.clientTls)) }} + nodePort: {{ .Values.service.nodePorts.clientTls }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{ end }} + - name: follower + port: 2888 + targetPort: follower + - name: tcp-election + port: 3888 + targetPort: election + selector: + app: {{ template "name" . }} diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/values.yaml b/config-as-code/helm/charts/backbone-services/zookeeper/values.yaml new file mode 100644 index 0000000000..cedd5f5373 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/zookeeper/values.yaml @@ -0,0 +1,590 @@ +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry and imagePullSecrets +## +# global: +# imageRegistry: myRegistryName +# imagePullSecrets: +# - myRegistryKeySecretName +# storageClass: myStorageClass + +## Bitnami Zookeeper image version +## ref: https://hub.docker.com/r/bitnami/zookeeper/tags/ +name: zookeeper +namespace: zookeeper-cluster +## Number of zookeeper servers, should be odd number +replicas: 1 +imagePullPolicy: IfNotPresent +image: + repository: bitnami/zookeeper + tag: 3.7.0-debian-10-r68 + + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistryKeySecretName + ## Set to true if you would like to see extra information on logs + ## It turns BASH and/or NAMI debugging in the image + ## + debug: false + +## String to partially override common.names.fullname template (will maintain the release name) +# nameOverride: + +## String to fully override common.names.fullname template +# fullnameOverride: + +## Deployment pod host aliases +## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +## +hostAliases: [] + +## Kubernetes Cluster Domain +## +clusterDomain: cluster.local + +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: [] + +## Add labels to all the deployed resources +## +commonLabels: {} + +## Add annotations to all the deployed resources +## +commonAnnotations: {} + +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section. +## +volumePermissions: + enabled: false + image: + registry: docker.io + repository: bitnami/bitnami-shell + tag: 10-debian-10-r111 + pullPolicy: Always + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistryKeySecretName + resources: {} + +## extraVolumes and extraVolumeMounts allows you to mount other volumes +## Example Use Cases: +## mount certificates to enable tls +# extraVolumes: +# - name: zookeeper-keystore +# secret: +# defaultMode: 288 +# secretName: zookeeper-keystore +# - name: zookeeper-trustsore +# secret: +# defaultMode: 288 +# secretName: zookeeper-truststore +# extraVolumeMounts: +# - name: zookeeper-keystore +# mountPath: /certs/keystore +# readOnly: true +# - name: zookeeper-truststore +# mountPath: /certs/truststore +# readOnly: true + +## StatefulSet controller supports automated updates. There are two valid update strategies: RollingUpdate and OnDelete +## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets +## +updateStrategy: RollingUpdate + +## Limits the number of pods of the replicated application that are down simultaneously from voluntary disruptions +## The PDB will only be created if replicaCount is greater than 1 +## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions +## +podDisruptionBudget: + maxUnavailable: 1 + +## Partition update strategy +## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions +## +# rollingUpdatePartition: + +## StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel +## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy +## +podManagementPolicy: Parallel + +## Number of ZooKeeper nodes +## +replicaCount: 1 + +## Minimal server ID (ZooKeeper myid) value +## servers increment their ID starting at this minimal value. +## E.g., with `minServerId=10` and 3 replicas, server IDs will be 10, 11, 12 for z-0, z-1 and z-2 respectively. +## +minServerId: 1 + +## Basic time unit in milliseconds used by ZooKeeper for heartbeats +## +tickTime: 2000 + +## ZooKeeper uses to limit the length of time the ZooKeeper servers in quorum have to connect to a leader +## +initLimit: 10 + +## How far out of date a server can be from a leader +## +syncLimit: 5 + +## Limits the number of concurrent connections that a single client may make to a single member of the ZooKeeper ensemble +## +maxClientCnxns: 60 + +## A list of comma separated Four Letter Words commands to use +## +fourlwCommandsWhitelist: srvr, mntr, ruok + +## Allow zookeeper to listen for peers on all IPs +## +listenOnAllIPs: false + +## Allow to accept connections from unauthenticated users +## +allowAnonymousLogin: true + +autopurge: + ## Retains the snapRetainCount most recent snapshots and the corresponding transaction logs and deletes the rest + ## + snapRetainCount: 3 + ## The time interval in hours for which the purge task has to be triggered. Set to a positive integer (1 and above) to enable the auto purging. + ## + purgeInterval: 0 + +## Maximum session timeout in milliseconds that the server will allow the client to negotiate. Defaults to 20 times the tickTime. +## +maxSessionTimeout: 40000 + +auth: + ## Use existing secret (ignores previous password) + ## + # existingSecret: + ## Enable Zookeeper auth. It uses SASL/Digest-MD5 + ## + enabled: false + ## User that will use Zookeeper clients to auth + ## + clientUser: + ## Password that will use Zookeeper clients to auth + ## + clientPassword: + ## Comma, semicolon or whitespace separated list of user to be created. Specify them as a string, for example: "user1,user2,admin" + ## + serverUsers: + ## Comma, semicolon or whitespace separated list of passwords to assign to users when created. Specify them as a string, for example: "pass4user1, pass4user2, pass4admin" + ## + serverPasswords: + +## Size in MB for the Java Heap options (Xmx and XMs). This env var is ignored if Xmx an Xms are configured via JVMFLAGS +## +heapSize: 1024 + +## Log level for the Zookeeper server. ERROR by default. Have in mind if you set it to INFO or WARN the ReadinessProve will produce a lot of logs. +## +logLevel: ERROR + +## Data log directory. Specifying this option will direct zookeeper to write the transaction log to the dataLogDir rather than the dataDir. +## This allows a dedicated log device to be used, and helps avoid competition between logging and snaphots. +## Example: +## dataLogDir: /bitnami/zookeeper/dataLog +## +dataLogDir: '' + +## Default JVMFLAGS for the ZooKeeper process +## +# jvmFlags: + +## Configure ZooKeeper with a custom zoo.cfg file +## +# config: + +## Namespace for ZooKeeper resources +# namespaceOverride: + +## Kubernetes configuration +## For minikube, set this to NodePort, elsewhere use LoadBalancer +## +service: + type: ClusterIP + ## loadBalancerIP for the Zookeper Service (optional, cloud specific) + ## ref: http://kubernetes.io/docs/user-guide/services/#type-loadbalancer + ## + # loadBalancerIP: + port: 2181 + followerPort: 2888 + electionPort: 3888 + ## Specify the nodePort value for the LoadBalancer and NodePort service types. + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport + ## + nodePorts: + client: "" + clientTls: "" + publishNotReadyAddresses: true + + ## TLS port settings. Previously service.tls.service_port and service.tls.disable_base_client_port + ## + tlsClientPort: 3181 + disableBaseClientPort: false + + annotations: {} + headless: + annotations: {} + +## Enable SSL/TLS encryption +## +tls: + client: + enabled: false + + ## Create self-signed TLS certificates. Currently only supports PEM certificates. + ## + autoGenerated: false + + ## Name of the existing secret containing Kibana server certificates + ## + existingSecret: + + ## Keystore and Truststore Path + ## + keystorePath: /opt/bitnami/zookeeper/config/certs/client/zookeeper.keystore.jks + truststorePath: /opt/bitnami/zookeeper/config/certs/client/zookeeper.truststore.jks + + ## Existing secret containing Keystore and truststore passwords + ## + passwordsSecretName: + ## Keystore and Truststore Password + ## + keystorePassword: '' + truststorePassword: '' + + quorum: + ## Create self-signed TLS certificates. Currently only supports PEM certificates. + ## + autoGenerated: false + + ## Name of the existing secret containing Kibana server certificates + ## + existingSecret: + + ## Keystore and Truststore Path + ## + keystorePath: /opt/bitnami/zookeeper/config/certs/quorum/zookeeper.keystore.jks + truststorePath: /opt/bitnami/zookeeper/config/certs/quorum/zookeeper.truststore.jks + + ## Existing secret containing Keystore and truststore passwords + ## + passwordsSecretName: + ## Keystore and Truststore Password + ## + keystorePassword: '' + truststorePassword: '' + + resources: + ## We usually recommend not to specify default resources and to leave this as a conscious + ## choice for the user. This also increases chances charts run on environments with little + ## resources, such as Minikube. If you do want to specify resources, uncomment the following + ## lines, adjust them as necessary, and remove the curly braces after 'resources:'. + ## + limits: {} + ## cpu: 100m + ## memory: 128Mi + ## + requests: {} + ## cpu: 100m + ## memory: 128Mi + ## + +## Service account for Zookeeper to use. +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## Specifies whether a ServiceAccount should be created + ## + create: false + ## The name of the ServiceAccount to use. + ## If not set and create is true, a name is generated using the common.names.fullname template + # name: + # Allows auto mount of ServiceAccountToken on the serviceAccount created + # Can be set to false if pods using this serviceAccount do not need to use K8s API + automountServiceAccountToken: true + +## Zookeeper Pod Security Context +## +securityContext: + enabled: true + fsGroup: 1001 + runAsUser: 1001 + +## Add initContainers to the web pods. +## Example: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +initContainers: [] + +## Zookeeper data Persistent Volume Storage Class +## If defined, storageClassName: +## If set to "-", storageClassName: "", which disables dynamic provisioning +## If undefined (the default) or set to null, no storageClassName spec is +## set, choosing the default provisioner. (gp2 on AWS, standard on +## GKE, AWS & OpenStack) +## +persistence: + ## A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: pvc-{{ template "name" . }} + + enabled: true + # storageClass: "-" + accessModes: + - ReadWriteOnce + dataDirSize: 2Gi + annotations: {} + ## Selector to match an existing PersistentVolume + ## E.g. + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + + dataLogDir: + size: 8Gi + ## A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + # existingClaim: + + ## Selector to match an existing PersistentVolume + ## E.g. + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + +## Pod affinity preset +## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAffinityPreset: '' + +## Pod anti-affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity +## Allowed values: soft, hard +## +podAntiAffinityPreset: soft + +## Node affinity preset +## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity +## Allowed values: soft, hard +## +nodeAffinityPreset: + ## Node affinity type + ## Allowed values: soft, hard + ## + type: '' + ## Node label key to match + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: '' + ## Node label values to match + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + +## Affinity for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set +## +affinity: {} + +## Node labels for pod assignment +## Ref: https://kubernetes.io/docs/user-guide/node-selection/ +## +nodeSelector: {} + +## Tolerations for pod assignment +## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +## +tolerations: [] + +## Labels +## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +## +podLabels: {} + +## Annotations +## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +## +podAnnotations: {} + +## Name of the priority class to be used by zookeeper pods, priority class needs to be created beforehand +## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ +## +priorityClassName: '' + +## Scheduler name +## https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +# schedulerName: stork + +## Configure resource requests and limits +## ref: http://kubernetes.io/docs/user-guide/compute-resources/ +## +resources: + requests: + memory: 256Mi + cpu: 250m + +## Configure extra options for liveness and readiness probes +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes) +## +livenessProbe: + enabled: true + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + probeCommandTimeout: 2 + +readinessProbe: + enabled: true + initialDelaySeconds: 5 + periodSeconds: 10 + timeoutSeconds: 5 + failureThreshold: 6 + successThreshold: 1 + probeCommandTimeout: 2 + +## Custom Liveness probes for ZooKeeper +## +customLivenessProbe: {} + +## Custom Readiness probes for ZooKeeper +## +customReadinessProbe: {} + +## Network policies +## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ +## +networkPolicy: + ## Specifies whether a NetworkPolicy should be created + ## + enabled: false + + ## The Policy model to apply. When set to false, only pods with the correct + ## client label will have network access to the port Redis(TM) is listening + ## on. When true, zookeeper accept connections from any source + ## (with the correct destination port). + ## + # allowExternal: true + +## Zookeeper Prometheus Exporter configuration +## +metrics: + enabled: false + + ## Zookeeper Prometheus Exporter container port + ## + containerPort: 9141 + + ## Service configuration + ## + service: + ## Zookeeper Prometheus Exporter service type + ## + type: ClusterIP + ## Zookeeper Prometheus Exporter service port + ## + port: 9141 + ## Annotations for the Zookeeper Prometheus Exporter metrics service + ## + annotations: + prometheus.io/scrape: 'true' + prometheus.io/port: '{{ .Values.metrics.service.port }}' + prometheus.io/path: '/metrics' + + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + enabled: false + ## Namespace for the ServiceMonitor Resource (defaults to the Release Namespace) + ## + namespace: + + ## Interval at which metrics should be scraped. + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # interval: 10s + ## Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + # scrapeTimeout: 10s + ## ServiceMonitor selector labels + ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## + # selector: + # prometheus: my-prometheus + + ## Prometheus Operator PrometheusRule configuration + ## + prometheusRule: + enabled: false + ## Namespace for the PrometheusRule Resource (defaults to the Release Namespace) + ## + namespace: + + ## PrometheusRule selector labels + ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration + ## + # selector: + # prometheus: my-prometheus + + ## Some example rules. + ## + rules: [] + # - alert: ZookeeperSyncedFollowers + # annotations: + # message: The number of synced followers for the leader node in Zookeeper deployment my-release is less than 2. This usually means that some of the Zookeeper nodes aren't communicating properly. If it doesn't resolve itself you can try killing the pods (one by one). + # expr: max(synced_followers{service="my-release-metrics"}) < 2 + # for: 5m + # labels: + # severity: critical + # - alert: ZookeeperOutstandingRequests + # annotations: + # message: The number of outstanding requests for Zookeeper pod {{ $labels.pod }} is greater than 10. This can indicate a performance issue with the Pod or cluster a whole. + # expr: outstanding_requests{service="my-release-metrics"} > 10 + # for: 5m + # labels: + # severity: critical diff --git a/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml index ca025c9619..886090eefd 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml @@ -5,9 +5,11 @@ metadata: annotations: {{- if ne .appRoot ""}} nginx.ingress.kubernetes.io/app-root: /{{ .appRoot }} - {{- end }} + {{- end }} + {{- if ne $.Values.global.setup "quickstart" }} #certmanager.k8s.io/cluster-issuer: {{ index . "cert-issuer" }} cert-manager.io/cluster-issuer: {{ index . "cert-issuer" }} + {{- end }} name: {{ .name }} namespace: {{ .namespace }} spec: @@ -19,8 +21,10 @@ spec: serviceName: {{ .serviceName }} servicePort: {{ .servicePort }} path: / +{{- if ne $.Values.global.setup "quickstart" }} tls: - hosts: - {{ $.Values.global.domain }} - secretName: {{ $.Values.global.domain }}-tls-certs + secretName: {{ $.Values.global.domain }}-tls-certs +{{- end }} {{- end -}} diff --git a/config-as-code/helm/charts/common/templates/_ingress.yaml b/config-as-code/helm/charts/common/templates/_ingress.yaml index 087cb32b30..98fbba1acd 100755 --- a/config-as-code/helm/charts/common/templates/_ingress.yaml +++ b/config-as-code/helm/charts/common/templates/_ingress.yaml @@ -36,6 +36,7 @@ spec: servicePort: {{ .Values.ingress.servicePort | default .Values.httpPort }} {{- end }} path: /{{ .Values.ingress.context }} +{{- if ne .Values.global.setup "quickstart" }} tls: {{- if .Values.ingress.tls }} {{- tpl .Values.ingress.tls . | nindent 2 }} @@ -50,5 +51,6 @@ spec: secretName: {{ .Values.global.domain }}-tls-certs {{- end }} {{- end }} +{{- end }} {{- end -}} {{- end -}} From 3127863efb32c72d19d5aeb6babad21f4f3bb184 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 18 May 2022 11:34:50 +0530 Subject: [PATCH 046/742] enhance quickstart on vm installer --- deploy-as-code/deployer/full_installer.go | 216 ++++++++++++++++------ deploy-as-code/deployer/go.mod | 2 + deploy-as-code/deployer/go.sum | 2 + 3 files changed, 163 insertions(+), 57 deletions(-) diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index 3c9b501925..f8fb68631b 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -3,19 +3,24 @@ package main import ( "bytes" "container/list" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" "errors" "fmt" "io" "io/ioutil" "log" - "math/rand" "os" "os/exec" "strconv" "strings" s "strings" + "github.com/jcelliott/lumber" "github.com/manifoldco/promptui" + "golang.org/x/crypto/ssh" "gopkg.in/yaml.v2" //"bufio" ) @@ -65,6 +70,7 @@ func main() { var optedCloud string // Desired InfraType to deploy var cloudTemplate string // Which terraform template to choose var cloudLoginCredentials bool // Is there a valid cloud account and credentials + var isProductionSetup bool = false infraType := []string{ "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", @@ -78,14 +84,14 @@ func main() { cloudPlatforms := []string{ "0. Local machine/Your Existing VM", "1. AWS-EC2 - Quickstart with a Single EC2 Instace on AWS", - "2. AWS-EKS - Production grade Elastic Kubernetes Service (EKS)", - "3. AZURE-AKS - Production grade Azure Kubernetes Service (AKS)", - "4. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", - "5. On-prem/Private Cloud - Quickstart with Single VM", + "2. On-prem/Private Cloud - Quickstart with Single VM", + "3. AWS-EKS - Production grade Elastic Kubernetes Service (EKS)", + "4. AZURE-AKS - Production grade Azure Kubernetes Service (AKS)", + "5. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", "6. On-prem/Privare Cloud - Production grade Kubernetes Cluster Setup"} fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please read the detailed Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") - const sPreReq = "Pre-requsites (Please Read Carefully):\nvDIGIT Stack is a combination of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." + const sPreReq = "Pre-requsites (Please Read Carefully):\n\tDIGIT Stack is a combination of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup a kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[Option a] Local/VM: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." fmt.Println(string(Cyan), sPreReq) preReqConfirm := []string{"Yes", "No"} @@ -99,15 +105,18 @@ func main() { case infraType[1]: number_of_worker_nodes = 1 case infraType[2]: - number_of_worker_nodes = 2 + number_of_worker_nodes = 1 case infraType[3]: number_of_worker_nodes = 3 //TBD + isProductionSetup = true case infraType[4]: number_of_worker_nodes = 4 //TBD + isProductionSetup = true case infraType[5]: number_of_worker_nodes = 5 //TBD case infraType[6]: number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) + isProductionSetup = true default: number_of_worker_nodes = 0 } @@ -125,26 +134,40 @@ func main() { cloudTemplate = "quickstart-aws-ec2" - accessTypes := []string{"Root Admin", "Temprory Admin"} + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configuredd"} optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) + if optedAccessType == "Temprory Admin" { - fmt.Println("\nInput the AWS Session Token") - fmt.Scanln(&aws_session_key) + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) - if optedAccessType == "Temprory Admin" { - cloudLoginCredentials = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + fmt.Println("\nInput the AWS Session Token") + fmt.Scanln(&aws_session_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") + } else if optedAccessType == "Root Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") } else { - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key) + cloudLoginCredentials = awslogin("", "", "", "digit-infra-aws") + fmt.Println("Proceeding with the existing AWS profile configured") } - case cloudPlatforms[2]: + //TBD + + case cloudPlatforms[3]: var optedAccessType string var aws_access_key string var aws_secret_key string @@ -152,38 +175,50 @@ func main() { cloudTemplate = "sample-aws" - accessTypes := []string{"Root Admin", "Temprory Admin"} + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configuredd"} optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) + if optedAccessType == "Temprory Admin" { - fmt.Println("\nInput the AWS Session Token") - fmt.Scanln(&aws_session_key) + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) - if optedAccessType == "Temprory Admin" { - cloudLoginCredentials = awsloginWithSession(aws_access_key, aws_secret_key, aws_session_key) + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + fmt.Println("\nInput the AWS Session Token") + fmt.Scanln(&aws_session_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") + } else if optedAccessType == "Root Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") } else { - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key) + cloudLoginCredentials = awslogin("", "", "", "digit-infra-aws") + fmt.Println("Proceeding with the existing AWS profile configured") } - case cloudPlatforms[3]: + case cloudPlatforms[4]: cloudTemplate = "sample-azure" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") azure_username := enterValue(nil, "Please enter your AZURE UserName") azure_password := enterValue(nil, "Enter your AZURE Password") cloudLoginCredentials = azurelogin(azure_username, azure_password) - case cloudPlatforms[4]: + case cloudPlatforms[5]: cloudTemplate = "sample-gcp" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - case cloudPlatforms[5]: + case cloudPlatforms[6]: cloudTemplate = "sample-private-cloud" fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") @@ -196,9 +231,10 @@ func main() { if cloudLoginCredentials { fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") - fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already") + fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already\n") + cluster_name := enterValue(nil, "How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") - s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) + //s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) dir := "DIGIT-DevOps" gitCmd := "" _, err := os.Stat(dir) @@ -211,11 +247,32 @@ func main() { db_pswd := enterValue(nil, "What should be the database password to be created, it should be 8 char min") - execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) + if !isProductionSetup { + + var sshFile string = "./digit-ssh.pem" + var keyName string = "digit-aws-vm" + + pubKey, _, err := GetKeyPair(sshFile) + + if err != nil { + log.Fatalf("Failed to generate SSH Key %s\n", err) + } else { + + execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform plan -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform plan -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, dir, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform apply -var=\"bucket_name=%s\" -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", s3_bucket_tfstore, cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, dir, cloudTemplate)) + } + + } else { + execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) + + execSingleCommand(fmt.Sprintf("terraform plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + + execSingleCommand(fmt.Sprintf("terraform apply -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + + } } @@ -464,32 +521,23 @@ func execSingleCommand(command string) error { } // Cloud cloudLoginCredentials functions -func awslogin(accessKey string, secretKey string) bool { +func awslogin(accessKey string, secretKey string, sessionToken string, profile string) bool { var cloudLoginCredentials bool = false + var awslogincommand string = "" - if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey) - fmt.Println(awslogincommand) - err := execSingleCommand(awslogincommand) - if err == nil { - cloudLoginCredentials = true - } + if accessKey != "" && secretKey != "" && sessionToken == "" { + awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey) + } else if sessionToken != "" { + awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) + } else { + awslogincommand = fmt.Sprintf("aws configure list") } - return cloudLoginCredentials -} - -func awsloginWithSession(accessKey string, secretKey string, sessionToken string) bool { - var cloudLoginCredentials bool = false - - if accessKey != "" && secretKey != "" { - awslogincommand := fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) - fmt.Println(awslogincommand) - err := execSingleCommand(awslogincommand) - if err == nil { - cloudLoginCredentials = true - } + log.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + cloudLoginCredentials = true } return cloudLoginCredentials } @@ -553,6 +601,60 @@ func addDNS(dnsDomain string, dnsType string, dnsName string, dnsValue string) b } } +func GetKeyPair(file string) (string, string, error) { + // read keys from file + _, err := os.Stat(file) + if err == nil { + priv, err := ioutil.ReadFile(file) + if err != nil { + lumber.Debug("Failed to read file - %s", err) + goto genKeys + } + pub, err := ioutil.ReadFile(file + ".pub") + if err != nil { + lumber.Debug("Failed to read pub file - %s", err) + goto genKeys + } + return string(pub), string(priv), nil + } + + // generate keys and save to file +genKeys: + pub, priv, err := GenKeyPair() + err = ioutil.WriteFile(file, []byte(priv), 0600) + if err != nil { + return "", "", fmt.Errorf("Failed to write file - %s", err) + } + err = ioutil.WriteFile(file+".pub", []byte(pub), 0644) + if err != nil { + return "", "", fmt.Errorf("Failed to write pub file - %s", err) + } + + return pub, priv, nil +} + +func GenKeyPair() (string, string, error) { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return "", "", err + } + + privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)} + var private bytes.Buffer + if err := pem.Encode(&private, privateKeyPEM); err != nil { + return "", "", err + } + + // generate public key + pub, err := ssh.NewPublicKey(&privateKey.PublicKey) + if err != nil { + return "", "", err + } + + public := ssh.MarshalAuthorizedKey(pub) + return string(public), private.String(), nil +} + func endScript() { fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") diff --git a/deploy-as-code/deployer/go.mod b/deploy-as-code/deployer/go.mod index 20b3ddb118..abf947ff27 100644 --- a/deploy-as-code/deployer/go.mod +++ b/deploy-as-code/deployer/go.mod @@ -3,6 +3,7 @@ module deployer go 1.13 require ( + github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a // indirect github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a // indirect github.com/manifoldco/promptui v0.9.0 @@ -12,6 +13,7 @@ require ( github.com/spf13/cobra v0.0.5 github.com/spf13/viper v1.6.1 github.com/stretchr/testify v1.4.0 // indirect + golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 // indirect golang.org/x/text v0.3.2 // indirect gopkg.in/yaml.v2 v2.2.4 diff --git a/deploy-as-code/deployer/go.sum b/deploy-as-code/deployer/go.sum index 8b19298a56..6ff8380b4a 100644 --- a/deploy-as-code/deployer/go.sum +++ b/deploy-as-code/deployer/go.sum @@ -53,6 +53,8 @@ github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 h1:EFT6MH3igZK/dIVqgGbTqWVvkZ7wJ5iGN03SVtvvdd8= +github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25/go.mod h1:sWkGw/wsaHtRsT9zGQ/WyJCotGWG/Anow/9hsAcBWRw= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= From 6418ea81602c54b37b5b9d832dc21757724c6ec0 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Wed, 18 May 2022 11:36:39 +0530 Subject: [PATCH 047/742] cleanup helm chart --- .../ispirit/approver-dashboard/Chart.yaml | 26 --- .../templates/deployment.yaml | 2 - .../approver-dashboard/templates/ingress.yaml | 2 - .../approver-dashboard/templates/service.yaml | 2 - .../ispirit/approver-dashboard/values.yaml | 32 --- .../charts/ispirit/ecurfew-cron/Chart.yaml | 26 --- .../ecurfew-cron/templates/deployment.yaml | 2 - .../ecurfew-cron/templates/ingress.yaml | 2 - .../ecurfew-cron/templates/service.yaml | 2 - .../charts/ispirit/ecurfew-cron/values.yaml | 170 -------------- .../helm/charts/ispirit/ecurfew/Chart.yaml | 26 --- .../ispirit/ecurfew/templates/deployment.yaml | 2 - .../ispirit/ecurfew/templates/ingress.yaml | 2 - .../ispirit/ecurfew/templates/service.yaml | 2 - .../helm/charts/ispirit/ecurfew/values.yaml | 212 ------------------ .../charts/ispirit/epass-chatbot/Chart.yaml | 26 --- .../epass-chatbot/templates/deployment.yaml | 2 - .../epass-chatbot/templates/ingress.yaml | 2 - .../epass-chatbot/templates/service.yaml | 2 - .../charts/ispirit/epass-chatbot/values.yaml | 117 ---------- .../helm/charts/ispirit/epasszuul/Chart.yaml | 26 --- .../epasszuul/templates/deployment.yaml | 2 - .../ispirit/epasszuul/templates/role.yaml | 24 -- .../epasszuul/templates/rolebinding.yaml | 21 -- .../ispirit/epasszuul/templates/service.yaml | 2 - .../epasszuul/templates/serviceaccount.yaml | 15 -- .../helm/charts/ispirit/epasszuul/values.yaml | 110 --------- .../ispirit/requester-dashboard/Chart.yaml | 26 --- .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../ispirit/requester-dashboard/values.yaml | 32 --- .../charts/ispirit/trai-gateway/Chart.yaml | 26 --- .../trai-gateway/templates/ca-configmap.yaml | 61 ----- .../trai-gateway/templates/deployment.yaml | 2 - .../trai-gateway/templates/ingress.yaml | 2 - .../trai-gateway/templates/service.yaml | 2 - .../charts/ispirit/trai-gateway/values.yaml | 68 ------ .../ukd-assets/Chart.yaml | 26 --- .../ukd-assets/templates/deployment.yaml | 2 - .../ukd-assets/templates/ingress.yaml | 2 - .../ukd-assets/templates/service.yaml | 2 - .../ukd-assets/values.yaml | 24 -- .../ukd-custom-service/Chart.yaml | 26 --- .../templates/deployment.yaml | 2 - .../ukd-custom-service/templates/ingress.yaml | 2 - .../ukd-custom-service/templates/service.yaml | 2 - .../ukd-custom-service/values.yaml | 88 -------- 48 files changed, 1260 deletions(-) delete mode 100644 config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/ecurfew/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml delete mode 100644 config-as-code/helm/charts/ispirit/epasszuul/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ispirit/trai-gateway/values.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml delete mode 100644 config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml diff --git a/config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml deleted file mode 100644 index ad61e83756..0000000000 --- a/config-as-code/helm/charts/ispirit/approver-dashboard/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: approver-dashboard -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/approver-dashboard/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml b/config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml deleted file mode 100644 index e88974d23f..0000000000 --- a/config-as-code/helm/charts/ispirit/approver-dashboard/values.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Common Labels -labels: - app: "approver-dashboard" - group: "ispirt" - -namespace: ispirit - -# Ingress Configs -ingress: - enabled: true - context: "approver-dashboard" - host: | - - host: {{ index .Values "global" "moca-domain" }} - tls: | - - hosts: - - {{ index .Values "global" "moca-domain" }} - secretName: {{ index .Values "global" "moca-domain" }}-tls-certs - additionalAnnotations: | - certmanager.k8s.io/cluster-issuer: {{ index $.Values "cluster-configs" "root-ingress" "cert-issuer" | quote }} - -# Init Containers Configs -initContainers: {} - -# Container Configs -image: - repository: "approver-dashboard" -replicas: "1" -httpPort: 80 -healthChecks: - enabled: true - livenessProbePath: "/approver-dashboard/" - readinessProbePath: "/approver-dashboard/" diff --git a/config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml deleted file mode 100644 index fcedd1b43c..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew-cron/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: ecurfew-cron -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew-cron/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml b/config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml deleted file mode 100644 index 5d419e586b..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew-cron/values.yaml +++ /dev/null @@ -1,170 +0,0 @@ -# Common Labels -labels: - app: "ecurfew-cron" - group: "ispirit" -namespace: ispirit - -# Ingress Configs -ingress: - enabled: false - -# Container Configs -image: - repository: "ecurfew-cron" -replicas: "1" -heap: "-Xmx512M -Xms512M" -java-args: "-Dspring.profiles.active=monitoring" -memory_limits: 832Mi -from-address: no-reply@anumati.gov -cronInstance: true -fixed-otp-enabled: false -storage: - aws: - region: us-east-2 - bucket: ecurfew -resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - cpu: 2 - limits: - memory: {{ .Values.memory_limits | quote }} - cpu: 2 - -# Additional Container Envs -env: | - - name: SPRING_DATASOURCE_URL - value: "{{ index .Values "db-url" }}" - - name: APP_TIMEZONE - value: "Asia/Kolkata" - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: db-username - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: db-password - - name: AWS_S3_ACCESSKEYID - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: s3-accesskey - - name: AWS_S3_SECRETACCESSKEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: s3-secretaccesskey - - name: AWS_KMS_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-accesskey - - name: AWS_KMS_SECRET_KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-secretaccesskey - - name: TWILIO_ACCOUNT_SID - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-account-sid - - name: TWILIO_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-auth-token - - name: TWILIO_FROM_PHONE - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-phone - - name: SPRING_SENDGRID_API-KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: sendgrid-api-key - - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: SIGNATUREPRIVATEKEYNAME - value: "/etc/ispirit/private_key.pem" - - name: SIGNATUREPUBLICKEYNAME - value: "/etc/ispirit/public_key.pem" - - name: AWS_S3_REGION - value: {{ .Values.storage.aws.region }} - - name: AWS_KMS_REGION - value: {{ .Values.storage.aws.region }} - - name: AWS_KMS_SIGNATURE_KEY_ID - value: {{ index .Values "aws-kms-signature-key-id" | quote }} - - name: AWS_S3_BUCKET - value: {{ .Values.storage.aws.bucket }} - - name: SECURITY_REQUIRE_SSL - value: "false" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: REDISHOST - value: redis.backbone - - name: REDISPORT - value: "6379" - - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE - value: "10" - - name: SERVER_SERVLET_CONTEXT_PATH - value: /ecurfew - - name: SERVER_PORT - value: "8080" - - name: SECRET - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: secret - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: EMAIL_FROM_ADDRESS - value: {{ index .Values "from-address" | quote }} - - name: CRONINSTANCE - value: {{ index .Values "cronInstance" | quote }} - - name: SUPERUSER_ID - value: "1" - - name: AAROGYA_SETU_URL - value: {{ index .Values "aarogya-setu-url" | quote }} - - name: AAROGYA_SETU_CHECK_ENABLED - value: {{ index .Values "aarogya-setu-check-enabled" | quote }} - - name: AAROGYA_SETU_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: auth-token - - name: AAROGYA_SETU_JWT_SECRET - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: jwt-secret - - name: AAROGYA_SETU_JWT_TOKEN_EXPIRY_MINUTES - value: {{ index .Values "aarogya-setu-jwt-token-expiry-minutes" | quote }} - - name: FIXED_OTP_ENABLED - value: {{ index .Values "fixed-otp-enabled" | quote }} - - name: TENANT_ID_FOR_ENCRYPTION - value: "in" - - name: EGOV_ENC_SERVICE_HOST - value: "http://egov-enc-service.egov:8080" - - -extraVolumes: | - - name: crypto-keys - secret: - secretName: ispirit-ecurfew - defaultMode: 288 # = mode 0440 - -extraVolumeMounts: | - - mountPath: /etc/ispirit/public_key.pem - name: crypto-keys - subPath: public_key.pem - - mountPath: /etc/ispirit/private_key.pem - name: crypto-keys - subPath: private_key.pem diff --git a/config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml b/config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml deleted file mode 100644 index 0dd663e3c8..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: ecurfew -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml b/config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/ecurfew/values.yaml b/config-as-code/helm/charts/ispirit/ecurfew/values.yaml deleted file mode 100644 index 1dff5b21e0..0000000000 --- a/config-as-code/helm/charts/ispirit/ecurfew/values.yaml +++ /dev/null @@ -1,212 +0,0 @@ -# Common Labels -labels: - app: "ecurfew" - group: "ispirit" -namespace: ispirit - -# Ingress Configs -ingress: - enabled: true - context: "ecurfew" - serviceName: epasszuul - servicePort: 8080 - host: | - - host: {{ index .Values "global" "moca-domain" }} - tls: | - - hosts: - - {{ index .Values "global" "moca-domain" }} - secretName: {{ index .Values "global" "moca-domain" }}-tls-certs - additionalAnnotations: | - certmanager.k8s.io/cluster-issuer: {{ index $.Values "cluster-configs" "root-ingress" "cert-issuer" | quote }} - -service: - additionalAnnotations: | - zuul/route-path: {{ .Values.ingress.context }} - -# Container Configs -image: - repository: "ecurfew" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/ecurfew/actuator/health" - readinessProbePath: "/ecurfew/actuator/health" -heap: "-Xmx2G -Xms2G" -java-args: "-Dspring.profiles.active=monitoring" -memory_limits: 2560Mi -from-address: no-reply@anumati.gov -cronInstance: false -fixed-otp-enabled: false -pdf-with-qr-code-enabled: false -aws-ses-sendemail: true -storage: - aws: - region: us-east-2 - bucket: ecurfew -resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - cpu: 500m - limits: - memory: {{ .Values.memory_limits | quote }} - cpu: 1 - -# Additional Container Envs -env: | - - name: SPRING_DATASOURCE_URL - value: "{{ index .Values "db-url" }}" - - name: APP_TIMEZONE - value: "Asia/Kolkata" - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: db-username - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: db-password - - name: AWS_S3_ACCESSKEYID - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: s3-accesskey - - name: AWS_S3_SECRETACCESSKEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: s3-secretaccesskey - - name: AWS_KMS_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-accesskey - - name: AWS_SES_ACCESSKEYID - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-accesskey - - name: AWS_KMS_SECRET_KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-secretaccesskey - - name: AWS_SES_SECRETACCESSKEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: kms-secretaccesskey - - name: TWILIO_ACCOUNT_SID - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-account-sid - - name: TWILIO_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-auth-token - - name: TWILIO_FROM_PHONE - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: twilio-phone - - name: SPRING_SENDGRID_API-KEY - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: sendgrid-api-key - - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: SIGNATUREPRIVATEKEYNAME - value: "/etc/ispirit/private_key.pem" - - name: SIGNATUREPUBLICKEYNAME - value: "/etc/ispirit/public_key.pem" - - name: AWS_S3_REGION - value: {{ .Values.storage.aws.region }} - - name: AWS_KMS_REGION - value: {{ .Values.storage.aws.region }} - - name: AWS_SES_REGION - value: {{ .Values.storage.aws.region }} - - name: AWS_KMS_SIGNATURE_KEY_ID - value: {{ index .Values "aws-kms-signature-key-id" | quote }} - - name: AWS_S3_BUCKET - value: {{ .Values.storage.aws.bucket }} - - name: SECURITY_REQUIRE_SSL - value: "false" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: REDISHOST - value: redis.backbone - - name: REDISPORT - value: "6379" - - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE - value: "10" - - name: SERVER_SERVLET_CONTEXT_PATH - value: /ecurfew - - name: SERVER_PORT - value: "8080" - - name: SECRET - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: secret - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: EMAIL_FROM_ADDRESS - value: {{ index .Values "from-address" | quote }} - - name: CRONINSTANCE - value: {{ index .Values "cronInstance" | quote }} - - name: SUPERUSER_ID - value: "1" - - name: AAROGYA_SETU_URL - value: {{ index .Values "aarogya-setu-url" | quote }} - - name: AAROGYA_SETU_CHECK_ENABLED - value: {{ index .Values "aarogya-setu-check-enabled" | quote }} - - name: AAROGYA_SETU_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: auth-token - - name: AAROGYA_SETU_JWT_SECRET - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: jwt-secret - - name: AAROGYA_SETU_JWT_TOKEN_EXPIRY_MINUTES - value: {{ index .Values "aarogya-setu-jwt-token-expiry-minutes" | quote }} - - name: FIXED_OTP_ENABLED - value: {{ index .Values "fixed-otp-enabled" | quote }} - - name: TENANT_ID_FOR_ENCRYPTION - value: "in" - - name: EGOV_ENC_SERVICE_HOST - value: "http://egov-enc-service.egov:8080" - - name: TRAI_GATEWAY_HOST - value: "http://trai-gateway.ispirit:8080" - - name: AWS_SES_SENDEMAILUSINGSES - value: {{ index .Values "aws-ses-sendemail" | quote }} - - name: AWS_SES_FROMEMAILADDRESS - value: {{ index .Values "from-email-address" | quote }} - - name: AWS_SES_USESTATEREPLYTOEMAIL - value: "false" - - name: PDF_WITH_QR_CODE_ENABLED - value: {{ index .Values "pdf-with-qr-code-enabled" | quote }} - -extraVolumes: | - - name: crypto-keys - secret: - secretName: ispirit-ecurfew - defaultMode: 288 # = mode 0440 - -extraVolumeMounts: | - - mountPath: /etc/ispirit/public_key.pem - name: crypto-keys - subPath: public_key.pem - - mountPath: /etc/ispirit/private_key.pem - name: crypto-keys - subPath: private_key.pem diff --git a/config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml deleted file mode 100644 index 7092165a5c..0000000000 --- a/config-as-code/helm/charts/ispirit/epass-chatbot/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: epass-chatbot -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/epass-chatbot/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml b/config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml deleted file mode 100644 index 6b99281d19..0000000000 --- a/config-as-code/helm/charts/ispirit/epass-chatbot/values.yaml +++ /dev/null @@ -1,117 +0,0 @@ -# Common Labels -labels: - app: "epass-chatbot" - group: "ispirit" -namespace: ispirit - -# Ingress Configs -ingress: - enabled: true - context: "sms-webhook" - ip-whitelist: "0.0.0.0/0" - host: | - - host: {{ index .Values "global" "moca-domain" }} - tls: | - - hosts: - - {{ index .Values "global" "moca-domain" }} - secretName: {{ index .Values "global" "moca-domain" }}-tls-certs - additionalAnnotations: | - certmanager.k8s.io/cluster-issuer: {{ index $.Values "cluster-configs" "root-ingress" "cert-issuer" | quote }} - nginx.ingress.kubernetes.io/whitelist-source-range: {{ index .Values "ingress" "ip-whitelist" | quote }} - -# Container Configs -image: - repository: "epass-chatbot" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/sms-webhook/health" - readinessProbePath: "/sms-webhook/health" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" -sender-id: DOCAEP -karix-send-sms-enabled: false -epass-service-host: http://ecurfew.ispirit:8080/ -error.message.for.not.recognized: "Thanks for reaching out! Unfortunately, Epass only understands messages of the form \"VERIFY \". Please re-send your request in this format" -error-message-for-server-error: "Due to technical difficulties, we are unable to verify passes right now" -message-epass-create: "Dear , your COVID e-Pass valid till has been issued. Pass valid with Govt Id in . To verify pls SMS: \"VERIFY \" on 9686454890. Issued under the authority of Secretary, Dept of Consumer Affairs" -message-verify-response: "COVID e-Pass to is valid till in . Pass valid with Govt Id only. Issued under Secretary, Dept of Consumer Affairs" - -demo-redirect-enabled: false -demo-redirect-url: "https://epassapi.egovernments.org/sms-webhook/messages" -demo-redirect-prefix-keyword: "demo" - -kafka-consumer-fetch-max-wait-ms: 10 -kafka-producer-linger-ms: 5 -kafka-consumer-threads: 1 - -kafka-consumer-fetch-max-wait-ms-for-karix-send: 1000 -kafka-consumer-threads-for-karix-send: 1 -kafka-consumer-max-poll-records-for-karix-send: 100 -karix-sms-max-batch-size: 600 - -# Additional Container Envs -env: | - - name: APP_TIMEZONE - value: "Asia/Kolkata" - - name: SERVER_PORT - value: "8080" - - name: TRACER_OPENTRACING_ENABLED - value: "true" - - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-brokers" }} - - name: JAEGER_SERVICE_NAME - value: epass-chatbot - - name: JAEGER_SAMPLER_TYPE - value: remote - - name: JAEGER_AGENT_HOST - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.hostIP - - name: JAEGER_AGENT_PORT - value: "6831" - - name: JAEGER_SAMPLER_MANAGER_HOST_PORT - value: $(JAEGER_AGENT_HOST):5778 - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: KARIX_SENDER_ID - value: {{ index .Values "sender-id" | quote }} - - name: ERROR_MESSAGE_FOR_SERVER_ERROR - value: {{ index .Values "error-message-for-server-error" | quote }} - - name: MESSAGE_EPASS_CREATE - value: {{ index .Values "message-epass-create" | quote }} - - name: MESSAGE_VERIFY_RESPONSE - value: {{ index .Values "message-verify-response" | quote }} - - name: KARIX_SEND_SMS_ENABLED - value: {{ index .Values "karix-send-sms-enabled" | quote }} - - name: EPASS_SERVICE_HOST - value: {{ index .Values "epass-service-host" | quote }} - - name: DEMO_REDIRECT_ENABLED - value: {{ index .Values "demo-redirect-enabled" | quote }} - - name: DEMO_REDIRECT_URL - value: {{ index .Values "demo-redirect-url" | quote }} - - name: DEMO_REDIRECT_PREFIX_KEYWORD - value: {{ index .Values "demo-redirect-prefix-keyword" | quote }} - - name: KARIX_AUTH_TOKEN - valueFrom: - secretKeyRef: - name: ispirit-ecurfew - key: karix-auth-token - - name: KAFKA_CONSUMER_FETCH_MAX_WAIT_MS - value: {{ index .Values "kafka-consumer-fetch-max-wait-ms" | quote }} - - name: KAFKA_PRODUCER_LINGER_MS - value: {{ index .Values "kafka-producer-linger-ms" | quote }} - - name: KAFKA_CONSUMER_THREADS - value: {{ index .Values "kafka-consumer-threads" | quote }} - - name: KAFKA_CONSUMER_FETCH_MAX_WAIT_MS_FOR_KARIX_SEND - value: {{ index .Values "kafka-consumer-fetch-max-wait-ms-for-karix-send" | quote }} - - name: KAFKA_CONSUMER_THREADS_FOR_KARIX_SEND - value: {{ index .Values "kafka-consumer-threads-for-karix-send" | quote }} - - name: KAFKA_CONSUMER_MAX_POLL_RECORDS_FOR_KARIX_SEND - value: {{ index .Values "kafka-consumer-max-poll-records-for-karix-send" | quote }} - - name: KARIX_SMS_MAX_BATCH_SIZE - value: {{ index .Values "karix-sms-max-batch-size" | quote }} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml b/config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml deleted file mode 100644 index 5ebda6f499..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: epasszuul -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml deleted file mode 100644 index 8566522a47..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/templates/role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: {{ .Chart.Name }} - group: gateway - name: {{ .Chart.Name }} - namespace: {{ .Values.namespace }} -rules: -- apiGroups: - - "" - resources: - - services - - endpoints - - pods - verbs: - - get - - list - - watch -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml deleted file mode 100644 index 2f0751eba6..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/templates/rolebinding.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app: {{ .Chart.Name }} - group: gateway - name: {{ .Chart.Name }} - namespace: {{ .Values.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ .Chart.Name }} -subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount }} - namespace: {{ .Values.namespace }} -{{- end -}} diff --git a/config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml b/config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml deleted file mode 100644 index 844a49d608..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/templates/serviceaccount.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values }} -{{- if or .Values.serviceAccount -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: {{ .Chart.Name }} - group: gateway - name: {{ .Values.serviceAccount }} - namespace: {{ .Values.namespace }} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/epasszuul/values.yaml b/config-as-code/helm/charts/ispirit/epasszuul/values.yaml deleted file mode 100644 index 6c14d6fef8..0000000000 --- a/config-as-code/helm/charts/ispirit/epasszuul/values.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Common Labels -labels: - app: "epasszuul" - group: "gateway" - -serviceAccount: epasszuul -namespace: ispirit - -# Init Containers Configs -initContainers: - extraInitContainers: | - - name: "zuul-kubernetes-discovery" - image: "{{ .Values.global.containerRegistry }}/zuul-kubernetes-discovery:2-master-91c9795" - env: - - name: "OUTPUT_FILE_PATH" - value: "/etc/zuul/routes.properties" - - name: "NAMESPACE" - value: "ispirit" - volumeMounts: - - name: zuul-routes - mountPath: /etc/zuul - -extraVolumes: | - - name: zuul-routes - emptyDir: {} - -extraVolumeMounts: | - - name: zuul-routes - mountPath: "/etc/zuul" - -# Container Configs -image: - repository: "epasszuul" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health" - readinessProbePath: "/health" -custom-filter-property: "false" -posthook-config: "" -prehook-config: "" -heap: "-Xmx192m -Xms192m" -tracing-enabled: true -server-tomcat-max-threads: "350" -server-tomcat-max-connections: "1500" -java-args: "" -egov-open-endpoints-whitelist: "/ecurfew/requestOTP,/ecurfew/verifyOTP,/ecurfew/resendOTP,/ecurfew/fetchStateList,/ecurfew/signin,/ecurfew/addOrganization,/ecurfew/createAccount,/ecurfew/fetchStateList,/ecurfew/verifyToken,/ecurfew/createOrder,/ecurfew/upload" -egov-mixed-mode-endpoints-whitelist: "" -eventlog-enabled: "false" -eventlog-topic: "zuul-event-log" -eventlog-urls-whitelist: "" - -# Additional Container Envs -env: | - - name: URL_LISTS - value: "" - - name: CUSTOM_FILTER_PROPERTY - value: {{ index .Values "custom-filter-property" | quote }} - - name: CUSTOM_FILTER_POSTHOOKS - value: "false" - - name: CUSTOM_FILTER_PREHOOKS - value: "false" - - name: URL_POSTHOOK_LISTS - value: {{ index .Values "posthook-config" | quote }} - - name: URL_PREHOOK_LISTS - value: {{ index .Values "prehook-config" | quote }} - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: epass-api-gateway - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: EGOV_CUSTOM_ASYNC_FILTER_TOPIC - value: res-custom-filter - - name: EGOV_OPEN_ENDPOINTS_WHITELIST - value: {{ index .Values "egov-open-endpoints-whitelist" | quote }} - - name: EGOV_MIXED_MODE_ENDPOINTS_WHITELIST - value: {{ index .Values "egov-mixed-mode-endpoints-whitelist" | quote }} - - name: EVENTLOG_ENABLED - value: {{ index .Values "eventlog-enabled" | quote }} - - name: EVENTLOG_TOPIC - value: {{ index .Values "eventlog-topic" | quote }} - - name: EVENTLOG_URLS_WHITELIST - value: {{ index .Values "eventlog-whitelist" | quote }} - - name: EGOV_AUTH_SERVICE_HOST - value: "http://ecurfew:8080/" - - name: EGOV_AUTH_SERVICE_URI - value: "ecurfew/session/_search?authToken=" - - name: ZUUL_HOST_CONNECT_TIMEOUT_MILLIS - value: "20000" - - name: ZUUL_HOST_SOCKET_TIMEOUT_MILLIS - value: "60000" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: EGOV_STATELEVEL_TENANT - value: "in" - - name: ZUUL_ROUTES_FILEPATH - value: "file:/etc/zuul/routes.properties" diff --git a/config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml deleted file mode 100644 index efa0463255..0000000000 --- a/config-as-code/helm/charts/ispirit/requester-dashboard/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: requester-dashboard -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/requester-dashboard/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml b/config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml deleted file mode 100644 index f4d3ef7e31..0000000000 --- a/config-as-code/helm/charts/ispirit/requester-dashboard/values.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Common Labels -labels: - app: "requester-dashboard" - group: "ispirt" - -namespace: ispirit - -# Ingress Configs -ingress: - enabled: true - context: "requester-dashboard" - host: | - - host: {{ index .Values "global" "moca-domain" }} - tls: | - - hosts: - - {{ index .Values "global" "moca-domain" }} - secretName: {{ index .Values "global" "moca-domain" }}-tls-certs - additionalAnnotations: | - certmanager.k8s.io/cluster-issuer: {{ index $.Values "cluster-configs" "root-ingress" "cert-issuer" | quote }} - -# Init Containers Configs -initContainers: {} - -# Container Configs -image: - repository: "requester-dashboard" -replicas: "1" -httpPort: 80 -healthChecks: - enabled: true - livenessProbePath: "/requester-dashboard/" - readinessProbePath: "/requester-dashboard/" diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml deleted file mode 100644 index f8b12857af..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: trai-gateway -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml deleted file mode 100644 index 028bcbe081..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/templates/ca-configmap.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: ca-certs - namespace: {{ .Values.namespace }} - labels: - app: {{ .Chart.Name }} -data: - ca.pem: | - -----BEGIN CERTIFICATE----- - MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ - MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT - DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow - SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT - GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC - AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF - q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 - SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 - Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA - a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj - /PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T - AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG - CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv - bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k - c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw - VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC - ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz - MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu - Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF - AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo - uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ - wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu - X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG - PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 - KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== - -----END CERTIFICATE----- - -----BEGIN CERTIFICATE----- - MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/ - MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT - DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow - PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD - Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB - AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O - rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq - OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b - xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw - 7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD - aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV - HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG - SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69 - ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr - AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz - R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5 - JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo - Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ - -----END CERTIFICATE----- -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ispirit/trai-gateway/values.yaml b/config-as-code/helm/charts/ispirit/trai-gateway/values.yaml deleted file mode 100644 index 2797cd3e29..0000000000 --- a/config-as-code/helm/charts/ispirit/trai-gateway/values.yaml +++ /dev/null @@ -1,68 +0,0 @@ -# Common Labels -labels: - app: "trai-gateway" - group: "ispirit" -namespace: ispirit - -# Container Configs -image: - repository: "trai-gateway" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/trai-gateway/actuator/health" - readinessProbePath: "/trai-gateway/actuator/health" -heap: "-Xmx256M -Xms256M" -java-args: "-Dspring.profiles.active=monitoring" -memory_limits: 512Mi -resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -# Additional Container Envs -env: | - - name: APP_TIMEZONE - value: "Asia/Kolkata" - - name: SERVER_SERVLET_CONTEXT_PATH - value: /trai-gateway - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: TELCO_CONFIG_PATH - value: "/etc/ispirit/telcos-secret.json" - - name: CLIENT_SSL_CERT_PATH - value: "/etc/certs/cert.pem" - - name: CLIENT_SSL_CA_PATH - value: "/etc/certs/ca.pem" - - name: CLIENT_SSL_PRIVATE_KEY_PATH - value: "/etc/certs/private-key.pem" - -extraVolumes: | - - name: crypto-keys - secret: - secretName: {{ index .Values "global" "moca-domain" }}-tls-certs - defaultMode: 288 # = mode 0440 - - name: ca-certs - configMap: - name: ca-certs - - name: telcos-secret - secret: - secretName: ispirit-ecurfew - defaultMode: 288 # = mode 0440 - -extraVolumeMounts: | - - mountPath: /etc/certs/cert.pem - name: crypto-keys - subPath: tls.crt - - mountPath: /etc/certs/private-key.pem - name: crypto-keys - subPath: tls.key - - name: ca-certs - mountPath: /etc/certs/ca.pem - subPath: ca.pem - - mountPath: /etc/ispirit/telcos-secret.json - name: telcos-secret - subPath: telcos-secret.json diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml deleted file mode 100644 index ab8b67c0cf..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: ukd-assets -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: - - name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml deleted file mode 100644 index cbd483f75d..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-assets/values.yaml +++ /dev/null @@ -1,24 +0,0 @@ -# Common Labels -labels: - app: "ukd-assets" - group: "web" - -# Ingress Configs -ingress: - enabled: true - context: "ukd-assets" - -# Init Containers Configs -initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/ukd-rainmaker-customization" - branch: "master" - -# Container Configs -image: - repository: "ukd-assets" -replicas: "1" -httpPort: 80 - -namespace: egov diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml deleted file mode 100644 index 7f4fa8f1b2..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v1 -name: ukd-custom-service -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.0.0 - -dependencies: - - name: common - version: 0.0.5 - repository: file://../../common diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml b/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml deleted file mode 100644 index 7396a846ec..0000000000 --- a/config-as-code/helm/charts/ukd-rainmaker-customization/ukd-custom-service/values.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Common Labels -labels: - app: "ukd-custom-service" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "ukd-custom-service" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "ukd_custom_service_schema" - image: - repository: "ukd-custom-service-db" - -# Container Configs -image: - repository: "ukd-custom-service" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/ukd-custom-service/health" - readinessProbePath: "/ukd-custom-service/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" -idformat-from-mdms: "false" -autocreate-new-seq: "false" -enable-sms: "false" - -# Additional Container Envs -env: | - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_URL_SHORTER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-url-shortening - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: "ukd-custom-service" - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: KAFKA_BROKER_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: EGOV_NOTIFY_PT_MESSAGE_KEY - value: "pt.payment.bulk" - - name: EGOV_NOTIFY_PT_MESSAGE - value: "Dear , Your property tax due is . Please pay tax loggining in to /citizen/property-tax/my-properties/property//." - - name: EGOV_NOTIFY_DOMAIN - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: EGOV_NOTIFY_SHOULDPUSH - value: {{ index .Values "enable-sms" | quote }} - - name: EGOV_NOTIFY_KAFKA_TOPIC - value: "egov.core.notification.sms" - - name: EGOV_LOCALIZATION_LANGUAGE - value: hi_IN \ No newline at end of file From 26c189a825ce82de4b5ce0779384e6ad02a0ba8f Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 18 May 2022 16:10:50 +0530 Subject: [PATCH 048/742] enhanced sample aws tf --- .../terraform/modules/db/aws/outputs.tf | 20 ++++++++++++++++++ infra-as-code/terraform/sample-aws/outputs.tf | 21 +++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/infra-as-code/terraform/modules/db/aws/outputs.tf b/infra-as-code/terraform/modules/db/aws/outputs.tf index cde0f09f4a..71f2d36906 100644 --- a/infra-as-code/terraform/modules/db/aws/outputs.tf +++ b/infra-as-code/terraform/modules/db/aws/outputs.tf @@ -2,3 +2,23 @@ output "rds_postgres_address" { value = "${aws_db_instance.rds_postgres.address}" } +output "db_instance_endpoint" { + value = "${aws_db_instance.rds_postgres.endpoint}" +} + + +output "db_instance_name" { + description = "The database name" + value = "${aws_db_instance.rds_postgres.name}" +} + +output "db_instance_username" { + description = "The master username for the database" + value = "${aws_db_instance.rds_postgres.username}" + sensitive = true +} + +output "db_instance_port" { + description = "The database port" + value = "${aws_db_instance.rds_postgres.port}" +} \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/outputs.tf b/infra-as-code/terraform/sample-aws/outputs.tf index 12d82cb035..efcff1e78b 100644 --- a/infra-as-code/terraform/sample-aws/outputs.tf +++ b/infra-as-code/terraform/sample-aws/outputs.tf @@ -37,3 +37,24 @@ output "zookeeper_volume_ids" { output "kafka_vol_ids" { value = "${module.kafka.volume_ids}" } + +output "db_instance_endpoint" { + value = module.db.db_instance_endpoint +} + + +output "db_instance_name" { + description = "The database name" + value = module.db.db_instance_name +} + +output "db_instance_username" { + description = "The master username for the database" + value = module.db.db_instance_username + sensitive = true +} + +output "db_instance_port" { + description = "The database port" + value = module.db.db_instance_port +} \ No newline at end of file From cb378be8bab203dd7488142bc20f7267a4fb04bd Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 18 May 2022 20:17:13 +0530 Subject: [PATCH 049/742] Added s3-proxy and implemented branch changes --- .../environments/quickstart-config.yaml | 23 ++++++++++++++++++- .../backbone-services/s3-proxy/Chart.yaml | 21 +++++++++++++++++ .../s3-proxy/templates/ingress.yaml | 22 ++++++++++++++++++ .../s3-proxy/templates/service.yaml | 13 +++++++++++ .../backbone-services/s3-proxy/values.yaml | 12 ++++++++++ 5 files changed, 90 insertions(+), 1 deletion(-) create mode 100644 config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml create mode 100644 config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml create mode 100644 config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml create mode 100644 config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml diff --git a/config-as-code/environments/quickstart-config.yaml b/config-as-code/environments/quickstart-config.yaml index 554b475cd9..9fb2aa7b20 100644 --- a/config-as-code/environments/quickstart-config.yaml +++ b/config-as-code/environments/quickstart-config.yaml @@ -132,4 +132,25 @@ zuul: server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" \ No newline at end of file + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" + +egov-mdms-service: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "quickstart" + +egov-indexer: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "quickstart" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/pgr-migration-batch-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml" + +egov-persister: + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml, file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml, file:///work-dir/configs/egov-persister/fsm-persister.yaml, file:///work-dir/configs/egov-persister/echallan.yml,file:///work-dir/configs/egov-persister/egov-document-upload-persister.yml,file:///work-dir/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/configs/egov-persister/nss-persister.yml,file:///work-dir/configs/egov-persister/birth-death.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "quickstart" \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml b/config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml new file mode 100644 index 0000000000..2a747ee66d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: s3-proxy +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml new file mode 100644 index 0000000000..f3c2ed1401 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml @@ -0,0 +1,22 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/from-to-www-redirect: "true" + nginx.ingress.kubernetes.io/upstream-vhost: {{ .Values.externalName }} + nginx.ingress.kubernetes.io/use-regex: "true" + name: {{ .Values.name }} + namespace: {{ .Values.namespace }} +spec: + rules: + - http: + paths: + - path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ + pathType: Prefix + backend: + service: + name: {{ .Values.name }} + port: + number: {{ .Values.httpPort }} + \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml new file mode 100644 index 0000000000..a12ad51644 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.name }} + namespace: {{ .Values.namespace }} +spec: + externalName: {{ .Values.externalName }} + ports: + - port: {{ .Values.httpPort }} + protocol: TCP + targetPort: {{ .Values.httpPort }} + sessionAffinity: None + type: {{ .Values.type }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml b/config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml new file mode 100644 index 0000000000..7dbfc0e6b3 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml @@ -0,0 +1,12 @@ +namespace: egov +name: s3-proxy + +cluster-configs: + configmaps: + egov-config: + data: + s3-assets-bucket: "(pb-egov-assets|egov-dev-assets)" + +externalName: s3.ap-south-1.amazonaws.com +httpPort: 80 +type: ExternalName \ No newline at end of file From 18c79ae36d61736597e6ceb8321f5dda3b575f13 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 18 May 2022 20:22:09 +0530 Subject: [PATCH 050/742] Update ingress.yaml --- .../s3-proxy/templates/ingress.yaml | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml index f3c2ed1401..8c9d821c36 100644 --- a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml +++ b/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml @@ -1,4 +1,4 @@ -apiVersion: networking.k8s.io/v1 +apiVersion: extensions/v1beta1 kind: Ingress metadata: annotations: @@ -10,13 +10,10 @@ metadata: namespace: {{ .Values.namespace }} spec: rules: - - http: + - host: {{ .Values.global.domain }} + http: paths: - - path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ - pathType: Prefix - backend: - service: - name: {{ .Values.name }} - port: - number: {{ .Values.httpPort }} - \ No newline at end of file + - backend: + serviceName: {{ .Values.name }} + servicePort: {{ .Values.httpPort }} + path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ From b9d630ed04fc06332e857b850f7e2d3dd961118d Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 20 May 2022 10:51:45 +0530 Subject: [PATCH 051/742] Update egov-user-values.yaml --- .../charts/core-services/egov-user/egov-user-values.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index ec22ded52f..1e2d46f82a 100644 --- a/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -85,7 +85,10 @@ env: | name: egov-service-host key: egov-enc-service - name: EGOV_STATE_LEVEL_TENANT_ID - value: {{ index .Values "egov-state-level-tenant-id" | quote }} + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id - name: DECRYPTION_ABAC_ENABLED value: {{ index .Values "decryption-abac-enabled" | quote }} - name: KAFKA_TOPIC_AUDIT From 43093e058d2f9fae450b48715254a40d935fd92d Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Mon, 23 May 2022 17:23:10 +0530 Subject: [PATCH 052/742] enhance full installer --- deploy-as-code/deployer/full_installer.go | 95 ++++++++++++++++++----- 1 file changed, 75 insertions(+), 20 deletions(-) diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index f8fb68631b..2453347df0 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -71,14 +71,15 @@ func main() { var cloudTemplate string // Which terraform template to choose var cloudLoginCredentials bool // Is there a valid cloud account and credentials var isProductionSetup bool = false + var cluster_name string infraType := []string{ "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", - "1. Pilot/POC (Just for a POC to Quickstart and explore", - "2. DevTest Setup (You to setup and build/customize and test", - "3. Bare Minimal (95% reliability), 10 concurrent gov services per sec", - "4. Medium (99.99% reliability), 100 concurrent gov services per sec", - "5. High (99.99% reliability), 1000 concurrent gov services per sec", + "1. Pilot/POC (Just for a POC to Quickstart and explore)", + "2. DevTest Setup (To setup and build/customize and test)", + "3. Production: Bare Minimal (90% reliability), 10 gov services, 10 concurrent users/sec", + "4. Production: Medium (95% reliability), 50+ concurrent gov services 100 concurrent users/sec", + "5. Production: HA/DRS Setup (99.99% reliability), 50+ concurrent gov services 1000 concurrent users/sec", "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} cloudPlatforms := []string{ @@ -90,8 +91,8 @@ func main() { "5. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", "6. On-prem/Privare Cloud - Production grade Kubernetes Cluster Setup"} - fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n Please read the detailed Pre-requsites from the below link before you proceed *********\n https://docs.digit.org/Infra-calculator\n") - const sPreReq = "Pre-requsites (Please Read Carefully):\n\tDIGIT Stack is a combination of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup a kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[Option a] Local/VM: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." + fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n *********\n https://docs.digit.org/Infra-calculator\n") + const sPreReq = "Pre-requsites (Please Read Carefully):\n\tDIGIT comprises of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup a kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[Option a] Local/VM: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." fmt.Println(string(Cyan), sPreReq) preReqConfirm := []string{"Yes", "No"} @@ -233,15 +234,18 @@ func main() { fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already\n") - cluster_name := enterValue(nil, "How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") - //s3_bucket_tfstore := cluster_name + "-tf-store-" + strconv.Itoa(rand.Int()) - dir := "DIGIT-DevOps" + cluster_name = enterValue(nil, "How do you want to name the Cluster? eg: your-name_dev or your-name_poc") + + // fmt.Println("How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") + // fmt.Scanln(&cluster_name) + + repoDirRoot := "DIGIT-DevOps" gitCmd := "" - _, err := os.Stat(dir) + _, err := os.Stat(repoDirRoot) if os.IsNotExist(err) { - gitCmd = fmt.Sprintf("git clone -b release https://github.com/egovernments/DIGIT-DevOps.git %s", dir) + gitCmd = fmt.Sprintf("git clone -b release https://github.com/egovernments/DIGIT-DevOps.git %s", repoDirRoot) } else { - gitCmd = fmt.Sprintf("git -C %s pull", dir) + gitCmd = fmt.Sprintf("git -C %s pull", repoDirRoot) } execCommand(gitCmd) @@ -258,24 +262,25 @@ func main() { log.Fatalf("Failed to generate SSH Key %s\n", err) } else { - execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform plan -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform plan -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, repoDirRoot, cloudTemplate)) } } else { - execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform apply -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, dir, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform apply -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, repoDirRoot, cloudTemplate)) } - } + + contextset := setClusterContext() if contextset { deployCharts(servicesToDeploy, prepareDeploymentConfig(optedInfraType)) @@ -305,6 +310,33 @@ func getService(fullChart Digit, service string, set Set, svclist *list.List) { } } +func createK3d(clusterName string, publicIp string, keyName string) kubeConfig string { + + commands := []string { + "mkdir ~/kube && sudo chmod 777 ~/kube", + "ip addr | grep /'state UP/' -A2 | tail -n1 | awk /'{print $2}/' | cut -f1 -d/'///'", + "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", + } + + //"sudo scp /home/ubuntu/"+ clusterName + "_k3dconfig ." + + execCommand(commands[0]) + privateIp = execRemoteCommand(commands[1]) + + createClusterCmd = fmt.sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) + + err, out := execRemoteCommand(createClusterCmd) + + if err != nil { + log.Fatalf("Failed to create the k3d cluster %s\n", err) + return "" + } else { + + } + + +} + func execCommand(command string) error { var err error parts := strings.Fields(command) @@ -502,6 +534,29 @@ func deployCharts(argStr string, configFile string) { } +func execRemoteCommand(user string, ip string, sshFileLocation string, command string) error, output string { + var err error + sshPreFix = fmt.sprintf("ssh %s@%s -i %s ", user, ip, sshFileLocation) + + command = sshPreFix + command + + cmd := exec.Command("sh", "-c", command) + + log.Println(string(Blue), " ==> "+command) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + return err + } else { + return cmd.Stdout + } +} + func execSingleCommand(command string) error { var err error From 13479c4a8e29d35dabdf43f20be93602734e140c Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Thu, 2 Jun 2022 07:31:00 +0530 Subject: [PATCH 053/742] scp --- deploy-as-code/deployer/full_installer.go | 85 +++++++++++++++++++++-- deploy-as-code/deployer/go.mod | 5 +- deploy-as-code/deployer/go.sum | 11 +++ 3 files changed, 94 insertions(+), 7 deletions(-) diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index 2453347df0..1e7a99106b 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -18,6 +18,8 @@ import ( "strings" s "strings" + scp "github.com/bramvdbogaerde/go-scp" + "github.com/bramvdbogaerde/go-scp/auth" "github.com/jcelliott/lumber" "github.com/manifoldco/promptui" "golang.org/x/crypto/ssh" @@ -315,12 +317,13 @@ func createK3d(clusterName string, publicIp string, keyName string) kubeConfig s commands := []string { "mkdir ~/kube && sudo chmod 777 ~/kube", "ip addr | grep /'state UP/' -A2 | tail -n1 | awk /'{print $2}/' | cut -f1 -d/'///'", - "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", + "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", + } //"sudo scp /home/ubuntu/"+ clusterName + "_k3dconfig ." - execCommand(commands[0]) + execRemoteCommand(commands[0]) privateIp = execRemoteCommand(commands[1]) createClusterCmd = fmt.sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) @@ -330,7 +333,8 @@ func createK3d(clusterName string, publicIp string, keyName string) kubeConfig s if err != nil { log.Fatalf("Failed to create the k3d cluster %s\n", err) return "" - } else { + } else { + } @@ -450,7 +454,7 @@ func selectGovServicesToInstall() string { } } modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT gov services that you want to install, choose Exit to complete selection") + result, err := sel(modules, "Select the DIGIT's Gov services that you want to install, choose Exit to complete selection") //if err == nil { for result != "Exit" && err == nil { selectedMod = append(selectedMod, result) @@ -557,6 +561,79 @@ func execRemoteCommand(user string, ip string, sshFileLocation string, command s } } +func remoteScpFile(host string, username string, sshKeyPath string, remoteFilePath string, localFilePath string) success bool { + // Use SSH key authentication from the auth package + // we ignore the host key in this example, please change this if you use this library + + + ssh := chilkat.NewSsh() + + // Hostname may be an IP address or hostname: + hostname := "www.some-ssh-server.com" + port := 22 + + puttyKey := chilkat.NewSshKey() + ppkText := puttyKey.LoadText(sshKeyPath) + + success := puttyKey.FromPuttyPrivateKey(*ppkText) + if success != true { + fmt.Println(puttyKey.LastErrorText()) + ssh.DisposeSsh() + puttyKey.DisposeSshKey() + return false + } + + // Connect to an SSH server: + success := ssh.Connect(hostname,port) + if success != true { + fmt.Println(ssh.LastErrorText()) + ssh.DisposeSsh() + return false + } + + // Wait a max of 5 seconds when reading responses.. + ssh.SetIdleTimeoutMs(5000) + + // Authenticate using login/password: + success = ssh.AuthenticatePk("myLogin",puttyKey) + if success != true { + fmt.Println(ssh.LastErrorText()) + ssh.DisposeSsh() + return false + } + + // Once the SSH object is connected and authenticated, we use it + // in our SCP object. + scp := chilkat.NewScp() + + success = scp.UseSsh(ssh) + if success != true { + fmt.Println(scp.LastErrorText()) + ssh.DisposeSsh() + scp.DisposeScp() + return false + } + + success = scp.DownloadFile(remoteFilePath,localFilePath) + if success != true { + fmt.Println(scp.LastErrorText()) + ssh.DisposeSsh() + scp.DisposeScp() + return false + } + + fmt.Println("SCP download file success.") + + // Disconnect + ssh.Disconnect() + + ssh.DisposeSsh() + scp.DisposeScp() + + return true + +} + func execSingleCommand(command string) error { var err error diff --git a/deploy-as-code/deployer/go.mod b/deploy-as-code/deployer/go.mod index abf947ff27..2f7f1c729a 100644 --- a/deploy-as-code/deployer/go.mod +++ b/deploy-as-code/deployer/go.mod @@ -3,6 +3,7 @@ module deployer go 1.13 require ( + github.com/bramvdbogaerde/go-scp v1.2.0 github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a // indirect github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a // indirect @@ -13,8 +14,6 @@ require ( github.com/spf13/cobra v0.0.5 github.com/spf13/viper v1.6.1 github.com/stretchr/testify v1.4.0 // indirect - golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 - golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 // indirect - golang.org/x/text v0.3.2 // indirect + golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a gopkg.in/yaml.v2 v2.2.4 ) diff --git a/deploy-as-code/deployer/go.sum b/deploy-as-code/deployer/go.sum index 6ff8380b4a..15c105be05 100644 --- a/deploy-as-code/deployer/go.sum +++ b/deploy-as-code/deployer/go.sum @@ -7,6 +7,8 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/bramvdbogaerde/go-scp v1.2.0 h1:mNF1lCXQ6jQcxCBBuc2g/CQwVy/4QONaoD5Aqg9r+Zg= +github.com/bramvdbogaerde/go-scp v1.2.0/go.mod h1:s4ZldBoRAOgUg8IrRP2Urmq5qqd2yPXQTPshACY8vQ0= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -140,6 +142,8 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -147,6 +151,7 @@ golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -162,10 +167,16 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea h1:+WiDlPBBaO+h9vPNZi8uJ3k4BkKQB7Iow3aqwHVA5hI= +golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= From e6c5800170f829ff8f6475dd5e0d3ec9cdc40a6d Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 6 Jun 2022 11:16:43 +0530 Subject: [PATCH 054/742] Update egov-demo-template-secrets.yaml --- config-as-code/environments/egov-demo-template-secrets.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/config-as-code/environments/egov-demo-template-secrets.yaml b/config-as-code/environments/egov-demo-template-secrets.yaml index 653f80108e..c8637a3891 100644 --- a/config-as-code/environments/egov-demo-template-secrets.yaml +++ b/config-as-code/environments/egov-demo-template-secrets.yaml @@ -60,11 +60,6 @@ cluster-configs: si-microservice-user: demo si-microservice-password: demo mail-sender-password: demo - egov-edcr-notification: ## Add edcr service details - edcr-mail-username: demo@demo.com - edcr-mail-password: demo - edcr-sms-username: demo - edcr-sms-password: demo chatbot: ## Add chatbot details valuefirst-username: demo valuefirst-password: demo From 1450bd81a22bbda897787fa42eac085c72d9fb86 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 7 Jun 2022 00:11:49 +0530 Subject: [PATCH 055/742] Update egov-demo-template.yaml --- config-as-code/environments/egov-demo-template.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index c2ba0766b3..7d08c1b94a 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -17,7 +17,7 @@ cluster-configs: db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: "" ## Add your Domain Name egov-services-fqdn-name: "https:///" ## Add your Domain Name - egov-state-level-tenant-id: "" ##example: pb + egov-state-level-tenant-id: "pg" s3-assets-bucket: "" ## Add s3-assets-bucket name ## Do not Change From ec7ec742d6ae3e924568cd264c1db27cceb1daa6 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 7 Jun 2022 00:20:16 +0530 Subject: [PATCH 056/742] Update egov-demo.yaml --- config-as-code/environments/egov-demo.yaml | 91 +++++++--------------- 1 file changed, 30 insertions(+), 61 deletions(-) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 2400da1c3a..f0c32e9907 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -18,7 +18,7 @@ cluster-configs: db-url: "jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo" domain: "egov-demo.egovernments.org" egov-services-fqdn-name: "https://egov-demo.egovernments.org/" - egov-state-level-tenant-id: "in" + egov-state-level-tenant-id: "pg" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" @@ -155,7 +155,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" - branch: "CURFEW_E_PASS_DEMO" + branch: "UAT" mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -186,7 +186,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-pg-service: @@ -200,20 +200,20 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" @@ -254,19 +254,20 @@ nginx-ingress: ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" cert-manager: - email: "nithin.dv@egovernments.org" + email: "devops@egovernments.org" images: - "quay.io/jetstack/cert-manager-controller:v0.10.1" namespace: egov zuul: + replicas: 1 custom-filter-property: "false" tracing-enabled: "true" heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/egov-pdf/download/epass,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -301,69 +302,37 @@ dashboard-analytics: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "master" + branch: "UAT" -ecurfew: - replicas: 2 - db-url: "jdbc:postgresql://ispiritdb.postgres.database.azure.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: uat-epass-filestore - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fppp.cowin20.in/api/v1/users/epass/status - aarogya-setu-check-enabled: true - aarogya-setu-jwt-token-expiry-minutes: 2 - fixed-otp-enabled: true - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - - - -ecurfew-cron: - replicas: 1 - db-url: "jdbc:postgresql://ispiritdb.postgres.database.azure.com:5432/curfewpass" - storage: - aws: - region: ap-south-1 - bucket: uat-epass-filestore - from-address: secyhome1@gmail.com - aarogya-setu-url: https://fppp.cowin20.in/api/v1/users/epass/status - aarogya-setu-check-enabled: true - aarogya-setu-jwt-token-expiry-minutes: 2 - fixed-otp-enabled: true - heap: "-Xmx512m -Xms512m -XX:TieredStopAtLevel=1" - memory_limits: 832Mi - resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - -epass-chatbot: - karix-send-sms-enabled: false - message-epass-create: "Dear , your COVID e-Pass valid till has been issued. Pass valid with Govt Id in . To verify pls SMS: \"VERIFY \" on 9686454890. This is a sample SMS for demo purpose" - message-verify-response: "COVID e-Pass to is valid till in . Pass valid with Govt Id only. This is a sample SMS for demo purpose" - from-address: secyhome1@gmail.com +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" citizen: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - - + + + ';" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -425,7 +394,7 @@ pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "new-pdf-changes" + branch: "UAT" data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" From 644981e66a8c24be0d50a25393d9f6a8fa9c41b3 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Tue, 7 Jun 2022 11:07:47 +0530 Subject: [PATCH 057/742] Modified env files --- .../environments/egov-demo-template.yaml | 11 + config-as-code/environments/egov-demo.yaml | 569 +++++++++++------- 2 files changed, 362 insertions(+), 218 deletions(-) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 7d08c1b94a..7a8cb7c964 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -221,6 +221,17 @@ cert-manager: - "quay.io/jetstack/cert-manager-controller:v0.10.1" namespace: egov + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< collection-receipt-voucher-consumer: diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index f0c32e9907..84fc8f119a 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -1,7 +1,6 @@ global: - domain: egov-demo.egovernments.org + domain: egov-demo.egovernments.org ## Add your Domain Name Eg: site.mydomain.com setup: fullsetup - moca-domain: epassapi.egovernments.org cluster-configs: namespaces: @@ -13,12 +12,13 @@ cluster-configs: configmaps: egov-config: data: - db-host: "egov-demo.postgres.database.azure.com" - db-name: "egov_demo" - db-url: "jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo" - domain: "egov-demo.egovernments.org" - egov-services-fqdn-name: "https://egov-demo.egovernments.org/" - egov-state-level-tenant-id: "pg" + db-host: "" ## Add db-host name eg: egov-demo.database.azure.com + db-name: "" ## Add db-name + db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "egov-demo.egovernments.org" ## Add your Domain Name + egov-services-fqdn-name: "https://egov-demo.egovernments.org/" ## Add your Domain Name + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" @@ -26,7 +26,6 @@ cluster-configs: kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" - s3-assets-bucket: "(in-epass-assets|egov-dev-assets)" serializers-timezone-in-ist: "true" server-tomcat-max-connections: "500" server-tomcat-max-threads: "10" @@ -87,19 +86,49 @@ cluster-configs: egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" + +#>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" is-s3-enabled: "true" - fixed-bucketname: in-epass-filestore # Only for epass + fixed-bucketname: filestore bucket name ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender sms-sender-requesttype: "GET" sms-custom-config: "true" sms-extra-req-params: "mtype=N&DR=Y" @@ -147,23 +176,10 @@ chatbot: user-service-chatbot-citizen-passwrord: "123456" -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "UAT" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - bpa-services: memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring @@ -180,6 +196,23 @@ bpa-calculator: sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" +egov-pg-service: + axis: true + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "UAT" + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + egov-indexer: heap: "-Xmx512m -Xms512m" memory_limits: "768Mi" @@ -189,9 +222,6 @@ egov-indexer: branch: "UAT" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" -egov-pg-service: - axis: true - egov-persister: replicas: 1 images: @@ -215,13 +245,40 @@ egov-searcher: repo: "git@github.com:egovernments/configs" branch: "UAT" -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UAT" -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UAT" + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "master" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UAT" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -230,6 +287,12 @@ egf-master: memory_limits: 512Mi heap: "-Xmx256m -Xms256m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: @@ -241,7 +304,6 @@ redoc: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - nginx-ingress: images: - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 @@ -289,66 +351,6 @@ finance-collections-voucher-consumer: erp-env-name: "qa" erp-domain-name: "egovernments.org" -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - # rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rainmaker-pgr: notification-sms-enabled: "true" @@ -390,13 +392,6 @@ egov-hrms: heap: "-Xmx192m -Xms192m" employee-applink: "https://egov-demo.egovernments.org/employee/user/login" -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" egov-weekly-impact-notifier: mail-to-address: "lata.naik@egovernments.org" @@ -487,42 +482,11 @@ redis: - egovio/redis:3.2 # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - playground: replicas: 1 images: - egovio/playground:1.0 -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-demo.postgres.database.azure.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "ePASS" - maintenance-db-name: "egov_demo" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - state-level-tenant-id: "in" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> fluent-bit: images: @@ -531,94 +495,263 @@ fluent-bit: egov-infra-log-topic: "egov-infra-logs" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: - replicas: 3 - images: - - confluentinc/cp-kafka:5.2.2 - # Use chroot to reuse single zookeeper ensemble - zookeeper-connect: "zookeeper-v2-headless.zookeeper-cluster:2181/kafka-v2" - heap: "-Xms704M -Xmx704M" - offsets-topic-replication-factor: "3" - linger-ms: "250" - min-insync-replicas: "1" - default-replication-factor: "2" - num-partitions: "3" - storage-size: "50Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/kafka-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/kafka-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/kafka-2 - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> + persistence: + enabled: true + aws: + - volumeId: "" ## add volume id + zone: ## add respective zone + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +#kafka-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +#kafka-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" +# storage-size: "75Gi +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: - replicas: 3 - images: - - confluentinc/cp-zookeeper:5.2.2 - zookeeper-servers: "zookeeper-v2-0.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-1.zookeeper-v2-headless.zookeeper-cluster:2888:3888;zookeeper-v2-2.zookeeper-v2-headless.zookeeper-cluster:2888:3888" - heap: "-Xms256M -Xmx256M" - storage-size: "5Gi" - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/zookeeper-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/zookeeper-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/zookeeper-2 + persistence: + enabled: true + aws: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + +# zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#zookeeper-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + + ## Zookeeper JVM Heap Option +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-connect-infra >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-connect-infra: - replicas: 1 - images: - - egovio/cp-kafka-connect:5.2.2 - heap: "-Xms512M -Xmx512M" - config-storage-replication-factor: "3" - offset-storage-replication-factor: "3" - status-storage-replication-factor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -es-data-v1: - replicas: 2 - shards: "4" - es-replicas: "0" - storage-size: 40Gi - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/es-data-v1-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/es-data-v1-1 - network-host: "_eth0:ipv4_" - heap: "-Xms512M -Xmx512M" - -es-client-v1: - replicas: 1 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - network-host: "_eth0:ipv4_" - -es-master-v1: +## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< +#zookeeper-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. + +# storage-size: 5Gi +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + memory: "2Gi" + limits: + memory: "2Gi" +## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# +# esJavaOpts: "-Xmx1g -Xms1g" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-data-v1 SDC<<<<<<<<<<<<<<< +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. +# storage-size: 25Gi +# esJavaOpts: "-Xmx1g -Xms1g" +# storage-size: 25Gi +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: replicas: 3 - images: - - docker.elastic.co/elasticsearch/elasticsearch-oss:6.6.2 - storage-size: 2Gi - azure-disk: - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/es-master-0 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/es-master-1 - - /subscriptions/b4e1aa53-c521-44e6-8a4d-5ae107916b5b/resourceGroups/MC_egov-demo_egov-demo_southindia/providers/Microsoft.Compute/disks/es-master-2 - network-host: "_eth0:ipv4_" - -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana-oss:6.6.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - credentials: v4EozhGfKlWoZRee+hsR7juez5vdYmMmVBQeW3e05iBI6+iT07glHV06EHxhnOYhfNfkdsLmINtj0PZnmrtQWw== + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + - volumeId: "" ## add volume id + zone: + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# storage-size: 5Gi +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" es-curator: schedule: "45 18 * * *" @@ -628,4 +761,4 @@ es-curator: logs-cleanup-enabled: "true" jaeger-cleanup-enabled: "true" logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file From 2ae45e9eb9417c183186b194d2d78b8d4705c080 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 8 Jun 2022 19:44:31 +0530 Subject: [PATCH 058/742] enable crd of cert-manager --- .../templates/crds/cert-manager-crds.yaml | 5544 +++++++++++++++++ 1 file changed, 5544 insertions(+) create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml new file mode 100644 index 0000000000..d4344da386 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml @@ -0,0 +1,5544 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: CertificateRequest is a type to represent a Certificate Signing + Request + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CertificateRequestSpec defines the desired state of CertificateRequest + type: object + required: + - csr + - issuerRef + properties: + csr: + description: Byte slice containing the PEM encoded CertificateSigningRequest + type: string + format: byte + duration: + description: Requested certificate default Duration + type: string + isCA: + description: IsCA will mark the resulting certificate as valid for signing. + This implies that the 'cert sign' usage is set + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this CertificateRequest. If + the 'kind' field is not set, or set to 'Issuer', an Issuer resource + with the given name in the same namespace as the CertificateRequest + will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer + with the provided name will be used. The 'name' field in this stanza + is required at all times. The group field refers to the API group + of the issuer which defaults to 'cert-manager.io' if empty. + type: object + required: + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + usages: + description: Usages is the set of x509 actions that are enabled for + a given key. Defaults are ('digital signature', 'key encipherment') + if empty + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: + https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 + Valid KeyUsage values are as follows: "signing", "digital signature", + "content commitment", "key encipherment", "key agreement", "data + encipherment", "cert sign", "crl sign", "encipher only", "decipher + only", "any", "server auth", "client auth", "code signing", "email + protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec + user", "timestamping", "ocsp signing", "microsoft sgc", "netscape + sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: CertificateStatus defines the observed state of CertificateRequest + and resulting signed certificate. + type: object + properties: + ca: + description: Byte slice containing the PEM encoded certificate authority + of the signed certificate. + type: string + format: byte + certificate: + description: Byte slice containing a PEM encoded signed certificate + resulting from the given certificate signing request. + type: string + format: byte + conditions: + type: array + items: + description: CertificateRequestCondition contains condition information + for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details + of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for + the condition's last transition. + type: string + status: + description: Status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, currently ('Ready', 'InvalidRequest'). + type: string + failureTime: + description: FailureTime stores the time that this CertificateRequest + failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .spec.secretName + name: Secret + type: string + - JSONPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Certificate is a type to represent a Certificate from ACME + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: CertificateSpec defines the desired state of Certificate. A + valid Certificate requires at least one of a CommonName, DNSName, or URISAN + to be valid. + type: object + required: + - issuerRef + - secretName + properties: + commonName: + description: CommonName is a common name to be used on the Certificate. + The CommonName should have a length of 64 characters or fewer to avoid + generating invalid CSRs. + type: string + dnsNames: + description: DNSNames is a list of subject alt names to be used on the + Certificate. + type: array + items: + type: string + duration: + description: Certificate default Duration + type: string + ipAddresses: + description: IPAddresses is a list of IP addresses to be used on the + Certificate + type: array + items: + type: string + isCA: + description: IsCA will mark this Certificate as valid for signing. This + implies that the 'cert sign' usage is set + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this certificate. + If the 'kind' field is not set, or set to 'Issuer', an Issuer resource + with the given name in the same namespace as the Certificate will + be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer + with the provided name will be used. The 'name' field in this stanza + is required at all times. + type: object + required: + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + keyAlgorithm: + description: KeyAlgorithm is the private key algorithm of the corresponding + private key for this certificate. If provided, allowed values are + either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is + not provided, key size of 256 will be used for "ecdsa" key algorithm + and key size of 2048 will be used for "rsa" key algorithm. + type: string + enum: + - rsa + - ecdsa + keyEncoding: + description: KeyEncoding is the private key cryptography standards (PKCS) + for this certificate's private key to be encoded in. If provided, + allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, + respectively. If KeyEncoding is not specified, then PKCS#1 will be + used by default. + type: string + enum: + - pkcs1 + - pkcs8 + keySize: + description: KeySize is the key bit size of the corresponding private + key for this certificate. If provided, value must be between 2048 + and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", + and value must be one of (256, 384, 521) when KeyAlgorithm is set + to "ecdsa". + type: integer + organization: + description: Organization is the organization to be used on the Certificate + type: array + items: + type: string + renewBefore: + description: Certificate renew before expiration duration + type: string + secretName: + description: SecretName is the name of the secret resource to store + this secret in + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uriSANs: + description: URISANs is a list of URI Subject Alternative Names to be + set on this Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 actions that are enabled for + a given key. Defaults are ('digital signature', 'key encipherment') + if empty + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: + https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 + Valid KeyUsage values are as follows: "signing", "digital signature", + "content commitment", "key encipherment", "key agreement", "data + encipherment", "cert sign", "crl sign", "encipher only", "decipher + only", "any", "server auth", "client auth", "code signing", "email + protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec + user", "timestamping", "ocsp signing", "microsoft sgc", "netscape + sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: CertificateStatus defines the observed state of Certificate + type: object + properties: + conditions: + type: array + items: + description: CertificateCondition contains condition information for + an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details + of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for + the condition's last transition. + type: string + status: + description: Status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, currently ('Ready'). + type: string + lastFailureTime: + type: string + format: date-time + notAfter: + description: The expiration time of the certificate stored in the secret + named by this resource in spec.secretName. + type: string + format: date-time + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: challenges.acme.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.state + name: State + type: string + - JSONPath: .spec.dnsName + name: Domain + type: string + - JSONPath: .status.reason + name: Reason + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: acme.cert-manager.io + preserveUnknownFields: false + names: + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME + server + type: object + required: + - metadata + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - authzURL + - dnsName + - issuerRef + - key + - token + - type + - url + properties: + authzURL: + description: AuthzURL is the URL to the ACME Authorization resource + that this challenge is a part of. + type: string + dnsName: + description: DNSName is the identifier that this challenge is for, e.g. + example.com. + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer + which should be used to create this Challenge. If the Issuer does + not exist, processing will be retried. If the Issuer is not an 'ACME' + Issuer, an error will be returned and the Challenge will be marked + as failed. + type: object + required: + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + key: + description: Key is the ACME challenge key for this challenge + type: string + solver: + description: Solver contains the domain solving configuration that should + be used to solve this challenge resource. + type: object + properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure containing + the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure containing + the DNS configuration for Akamai DNS—Zone Record Management + API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a structure + containing the DNS configuration for DigitalOcean Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure containing + the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting RFC2136. + Required. Note: FQDN is not a valid value, only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting + RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` + are defined. Supported values are (case-insensitive): + ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or + ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If + ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG + value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure containing + the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared credentials + file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this + zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName + api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider + will assume using either the explicit credentials AccessKeyID/SecretAccessKey + or the inferred credentials from environment variables, + shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared credentials + file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies configuration + for a webhook DNS01 provider, including where to POST ChallengePayload + resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed + to the webhook apiserver when challenges are processed. + This can contain arbitrary JSON data. Secret values should + not be specified in this stanza. If secret values are + needed (e.g. credentials for a DNS service), you should + use a SecretKeySelector to reference a Secret resource. + For details on the schema of this field, consult the webhook + provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when + POSTing ChallengePayload resources to the webhook apiserver. + This should be the same as the GroupName specified in + the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in + the webhook provider implementation. This will typically + be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration detailing + how to solve HTTP01 challenges within a Kubernetes cluster. Typically + this is accomplished through creating 'routes' of some description + that configure ingress controllers to direct traffic to 'solver + pods', which are responsible for responding to the ACME server's + HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver will + solve challenges by creating or modifying Ingress resources + in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress + resources to solve ACME challenges that use this challenge + solver. Only one of 'class' or 'name' may be specified. + type: string + name: + description: The name of the ingress resource that should + have ACME challenge solving routes inserted into it in + order to solve HTTP01 challenges. This is typically used + in conjunction with ingress controllers like ingress-gce, + which maintains a 1:1 mapping between external IPs and + ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the + ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to + solve HTTP01 challenges. Only the 'labels' and 'annotations' + fields may be set. If labels or annotations overlap + with in-built values, the values here will override + the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to + the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the + created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 + challenge solver pod. Only the 'nodeSelector', 'affinity' + and 'tolerations' fields are supported currently. + All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with + the greatest sum of weights, i.e. for + each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a + sum by iterating through the elements + of this field and adding "weight" to the + sum if the node matches the corresponding + matchExpressions; the node(s) with the + highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling + term matches all objects with implicit + weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no + objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, + associated with the corresponding + weight. + type: object + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + matchFields: + description: A list of node selector + requirements by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + weight: + description: Weight associated with + matching the corresponding nodeSelectorTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to an update), the system may or may + not try to eventually evict the pod from + its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node + selector terms. The terms are ORed. + type: array + items: + description: A null or empty node + selector term matches no objects. + The requirements of them are ANDed. + The TopologySelectorTerm type implements + a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector + requirements by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + matchFields: + description: A list of node selector + requirements by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key + that the selector applies + to. + type: string + operator: + description: Represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists, DoesNotExist. + Gt, and Lt. + type: string + values: + description: An array of + string values. If the + operator is In or NotIn, + the values array must + be non-empty. If the operator + is Exists or DoesNotExist, + the values array must + be empty. If the operator + is Gt or Lt, the values + array must have a single + element, which will be + interpreted as an integer. + This array is replaced + during a strategic merge + patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the same + node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + affinity expressions specified by this + field, but it may choose a node that violates + one or more of the expressions. The node + that is most preferred is the one with + the greatest sum of weights, i.e. for + each node that meets all of the scheduling + requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a + sum by iterating through the elements + of this field and adding "weight" to the + sum if the node has pods which matches + the corresponding podAffinityTerm; the + node(s) with the highest sum are the most + preferred. + type: array + items: + description: The weights of all of the + matched WeightedPodAffinityTerm fields + are added per-node to find the most + preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key and + values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to a + set of values. Valid + operators are In, + NotIn, Exists and + DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, the + values array must + be non-empty. If the + operator is Exists + or DoesNotExist, the + values array must + be empty. This array + is replaced during + a strategic merge + patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in + the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be + co-located (affinity) or not + co-located (anti-affinity) with + the pods matching the labelSelector + in the specified namespaces, + where co-located is defined + as running on a node whose value + of the label with key topologyKey + matches that of any node on + which any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system + may or may not try to eventually evict + the pod from its node. When there are + multiple elements, the lists of nodes + corresponding to each podAffinityTerm + are intersected, i.e. all terms must be + satisfied. + type: array + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this + pod should be co-located (affinity) + or not co-located (anti-affinity) with, + where co-located is defined as running + on a node whose value of the label with + key matches that of any + node on which a pod of the set of pods + is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a + set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); null + or empty list means "this pod's + namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling + rules (e.g. avoid putting this pod in the + same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to + schedule pods to nodes that satisfy the + anti-affinity expressions specified by + this field, but it may choose a node that + violates one or more of the expressions. + The node that is most preferred is the + one with the greatest sum of weights, + i.e. for each node that meets all of the + scheduling requirements (resource request, + requiredDuringScheduling anti-affinity + expressions, etc.), compute a sum by iterating + through the elements of this field and + adding "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with the + highest sum are the most preferred. + type: array + items: + description: The weights of all of the + matched WeightedPodAffinityTerm fields + are added per-node to find the most + preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity + term, associated with the corresponding + weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key and + values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to a + set of values. Valid + operators are In, + NotIn, Exists and + DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, the + values array must + be non-empty. If the + operator is Exists + or DoesNotExist, the + values array must + be empty. This array + is replaced during + a strategic merge + patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is + a map of {key,value} pairs. + A single {key,value} in + the matchLabels map is equivalent + to an element of matchExpressions, + whose key field is "key", + the operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be + co-located (affinity) or not + co-located (anti-affinity) with + the pods matching the labelSelector + in the specified namespaces, + where co-located is defined + as running on a node whose value + of the label with key topologyKey + matches that of any node on + which any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated with + matching the corresponding podAffinityTerm, + in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements + specified by this field are not met at + scheduling time, the pod will not be scheduled + onto the node. If the anti-affinity requirements + specified by this field cease to be met + at some point during pod execution (e.g. + due to a pod label update), the system + may or may not try to eventually evict + the pod from its node. When there are + multiple elements, the lists of nodes + corresponding to each podAffinityTerm + are intersected, i.e. all terms must be + satisfied. + type: array + items: + description: Defines a set of pods (namely + those matching the labelSelector relative + to the given namespace(s)) that this + pod should be co-located (affinity) + or not co-located (anti-affinity) with, + where co-located is defined as running + on a node whose value of the label with + key matches that of any + node on which a pod of the set of pods + is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a + set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, a key, + and an operator that relates + the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the + label key that the selector + applies to. + type: string + operator: + description: operator represents + a key's relationship to + a set of values. Valid + operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an + array of string values. + If the operator is In + or NotIn, the values array + must be non-empty. If + the operator is Exists + or DoesNotExist, the values + array must be empty. This + array is replaced during + a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a + map of {key,value} pairs. A + single {key,value} in the matchLabels + map is equivalent to an element + of matchExpressions, whose key + field is "key", the operator + is "In", and the values array + contains only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); null + or empty list means "this pod's + namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located + (affinity) or not co-located (anti-affinity) + with the pods matching the labelSelector + in the specified namespaces, where + co-located is defined as running + on a node whose value of the label + with key topologyKey matches that + of any node on which any of the + selected pods is running. Empty + topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must + be true for the pod to fit on a node. Selector + which must match a node''s labels for the pod + to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached + to tolerates any taint that matches the triple + using the matching operator + . + type: object + properties: + effect: + description: Effect indicates the taint effect + to match. Empty means match all taint effects. + When specified, allowed values are NoSchedule, + PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the + toleration applies to. Empty means match + all taint keys. If the key is empty, operator + must be Exists; this combination means to + match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship + to the value. Valid operators are Exists + and Equal. Defaults to Equal. Exists is + equivalent to wildcard for value, so that + a pod can tolerate all taints of a particular + category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration (which + must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By + default, it is not set, which means tolerate + the taint forever (do not evict). Zero and + negative values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the + toleration matches to. If the operator is + Exists, the value should be empty, otherwise + just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver + service + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate + resource that should be solved using this challenge solver. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used + to solve. If specified and a match is found, a dnsNames selector + will take precedence over a dnsZones selector. If multiple + solvers match with the same dnsNames value, the solver with + the most matching labels in matchLabels will be selected. + If neither has more matches, the solver defined earlier in + the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used + to solve. The most specific DNS zone match specified here + will take precedence over other DNS zone matches, so a solver + specifying sys.example.com will be selected over one specifying + example.com for the domain www.sys.example.com. If multiple + solvers match with the same dnsZones value, the solver with + the most matching labels in matchLabels will be selected. + If neither has more matches, the solver defined earlier in + the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set + of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + token: + description: Token is the ACME challenge token for this challenge. + type: string + type: + description: Type is the type of ACME challenge this resource represents, + e.g. "dns01" or "http01" + type: string + url: + description: URL is the URL of the ACME Challenge resource for this + challenge. This can be used to lookup details about the status of + this challenge. + type: string + wildcard: + description: Wildcard will be true if this challenge is for a wildcard + identifier, for example '*.example.com' + type: boolean + status: + type: object + properties: + presented: + description: Presented will be set to true if the challenge values for + this challenge are currently 'presented'. This *does not* imply the + self check is passing. Only that the values have been 'submitted' + for the appropriate challenge mechanism (i.e. the DNS01 TXT record + has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Processing is used to denote whether this challenge should + be processed or not. This field will only be set to true by the 'scheduling' + component. It will only be set to false by the 'challenges' controller, + after the challenge has reached a final state or timed out. If this + field is set to false, the challenge controller will not take any + more action. + type: boolean + reason: + description: Reason contains human readable information on why the Challenge + is in the current state. + type: string + state: + description: State contains the current 'state' of the challenge. If + not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterissuers.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false + names: + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + scope: Cluster + subresources: + status: {} + validation: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IssuerSpec is the specification of an Issuer. This includes + any configuration required for the issuer. + type: object + properties: + acme: + description: ACMEIssuer contains the specification for an ACME issuer + type: object + required: + - privateKeySecretRef + - server + properties: + email: + description: Email is the email for this account + type: string + externalAccountBinding: + description: ExternalAcccountBinding is a reference to a CA external + account of the ACME server. + type: object + required: + - keyAlgorithm + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: keyAlgorithm is the MAC key algorithm that the + key is used for. Valid values are "HS256", "HS384" and "HS512". + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External + Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing + a data item in a Kubernetes Secret which holds the symmetric + MAC key of the External Account Binding. The `key` is the + index string that is paired with the key data in the Secret + and should not be confused with the key data itself, or indeed + with the External Account Binding keyID above. The secret + key stored in the Secret **must** be un-padded, base64 URL + encoded data. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + privateKeySecretRef: + description: PrivateKey is the name of a secret containing the private + key for this user account. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + server: + description: Server is the ACME server URL + type: string + skipTLSVerify: + description: If true, skip verifying the ACME server TLS certificate + type: boolean + solvers: + description: Solvers is a list of challenge solvers that will be + used to solve ACME challenges for the matching domains. + type: array + items: + type: object + properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure + containing the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure + containing the DNS configuration for Akamai DNS—Zone + Record Management API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a + structure containing the DNS configuration for DigitalOcean + Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure + containing the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting + RFC2136. Required. Note: FQDN is not a valid value, + only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the + DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` + and ``tsigKeyName`` are defined. Supported values + are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, + ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. + If ``tsigSecretSecretRef`` is defined, this field + is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the + TSIG value. If ``tsigKeyName`` is defined, this + field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure + containing the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only + this zone in Route53 and will not do an lookup using + the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 + provider will assume using either the explicit credentials + AccessKeyID/SecretAccessKey or the inferred credentials + from environment variables, shared credentials file + or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies + configuration for a webhook DNS01 provider, including + where to POST ChallengePayload resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should + be passed to the webhook apiserver when challenges + are processed. This can contain arbitrary JSON data. + Secret values should not be specified in this stanza. + If secret values are needed (e.g. credentials for + a DNS service), you should use a SecretKeySelector + to reference a Secret resource. For details on the + schema of this field, consult the webhook provider + implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used + when POSTing ChallengePayload resources to the webhook + apiserver. This should be the same as the GroupName + specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined + in the webhook provider implementation. This will + typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration + detailing how to solve HTTP01 challenges within a Kubernetes + cluster. Typically this is accomplished through creating + 'routes' of some description that configure ingress controllers + to direct traffic to 'solver pods', which are responsible + for responding to the ACME server's HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver + will solve challenges by creating or modifying Ingress + resources in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating + Ingress resources to solve ACME challenges that + use this challenge solver. Only one of 'class' or + 'name' may be specified. + type: string + name: + description: The name of the ingress resource that + should have ACME challenge solving routes inserted + into it in order to solve HTTP01 challenges. This + is typically used in conjunction with ingress controllers + like ingress-gce, which maintains a 1:1 mapping + between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure + the ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod + used to solve HTTP01 challenges. Only the 'labels' + and 'annotations' fields may be set. If labels + or annotations overlap with in-built values, + the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added + to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to + the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the + HTTP01 challenge solver pod. Only the 'nodeSelector', + 'affinity' and 'tolerations' fields are supported + currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node matches the + corresponding matchExpressions; + the node(s) with the highest sum + are the most preferred. + type: array + items: + description: An empty preferred + scheduling term matches all objects + with implicit weight 0 (i.e. it's + a no-op). A null preferred scheduling + term matches no objects (i.e. + is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector + term, associated with the + corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + weight: + description: Weight associated + with matching the corresponding + nodeSelectorTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to an update), the system + may or may not try to eventually + evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list + of node selector terms. The + terms are ORed. + type: array + items: + description: A null or empty + node selector term matches + no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of + the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the + same node, zone, etc. as some other + pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node has pods + which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to a pod label update), + the system may or may not try to + eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity + scheduling rules (e.g. avoid putting + this pod in the same node, zone, etc. + as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the anti-affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + anti-affinity expressions, etc.), + compute a sum by iterating through + the elements of this field and adding + "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity + requirements specified by this field + are not met at scheduling time, + the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to + be met at some point during pod + execution (e.g. due to a pod label + update), the system may or may not + try to eventually evict the pod + from its node. When there are multiple + elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which + must be true for the pod to fit on a node. + Selector which must match a node''s labels + for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is + attached to tolerates any taint that matches + the triple using the + matching operator . + type: object + properties: + effect: + description: Effect indicates the taint + effect to match. Empty means match + all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that + the toleration applies to. Empty means + match all taint keys. If the key is + empty, operator must be Exists; this + combination means to match all values + and all keys. + type: string + operator: + description: Operator represents a key's + relationship to the value. Valid operators + are Exists and Equal. Defaults to + Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration + (which must be of effect NoExecute, + otherwise this field is ignored) tolerates + the taint. By default, it is not set, + which means tolerate the taint forever + (do not evict). Zero and negative + values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value + the toleration matches to. If the + operator is Exists, the value should + be empty, otherwise just a regular + string. + type: string + serviceType: + description: Optional service type for Kubernetes + solver service + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate + resource that should be solved using this challenge solver. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be + used to solve. If specified and a match is found, a + dnsNames selector will take precedence over a dnsZones + selector. If multiple solvers match with the same dnsNames + value, the solver with the most matching labels in matchLabels + will be selected. If neither has more matches, the solver + defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be + used to solve. The most specific DNS zone match specified + here will take precedence over other DNS zone matches, + so a solver specifying sys.example.com will be selected + over one specifying example.com for the domain www.sys.example.com. + If multiple solvers match with the same dnsZones value, + the solver with the most matching labels in matchLabels + will be selected. If neither has more matches, the solver + defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the + set of certificate's that this challenge solver will + apply to. + type: object + additionalProperties: + type: string + ca: + type: object + required: + - secretName + properties: + secretName: + description: SecretName is the name of the secret used to sign Certificates + issued by this Issuer. + type: string + selfSigned: + type: object + vault: + type: object + required: + - auth + - path + - server + properties: + auth: + description: Vault authentication + type: object + properties: + appRole: + description: This Secret contains a AppRole and Secret + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: Where the authentication path is mounted in + Vault. + type: string + roleId: + type: string + secretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + kubernetes: + description: This contains a Role and Secret with a ServiceAccount + token to authenticate with vault. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path + to use when authenticating with Vault. For example, setting + a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` + to authenticate with Vault. If unspecified, the default + value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role + to assume. A Role binds a Kubernetes ServiceAccount with + a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes + ServiceAccount JWT used for authenticating with Vault. + Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + tokenSecretRef: + description: This Secret contains the Vault token key + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + caBundle: + description: Base64 encoded CA bundle to validate Vault server certificate. + Only used if the Server URL is using HTTPS protocol. This parameter + is ignored for plain HTTP protocol connection. If not set the + system root certificates are used to validate the TLS connection. + type: string + format: byte + path: + description: Vault URL path to the certificate role + type: string + server: + description: Server is the vault connection address + type: string + venafi: + description: VenafiIssuer describes issuer configuration details for + Venafi Cloud. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. + Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for + the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + url: + description: URL is the base URL for Venafi Cloud + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration + settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: CABundle is a PEM encoded TLS certifiate to use + to verify connections to the TPP instance. If specified, system + roots will not be used and the issuing CA for the TPP instance + must be verifiable using the provided root. If not specified, + the connection will be verified using the cert-manager system + root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing + the username and password for the TPP server. The secret must + contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + url: + description: URL is the base URL for the Venafi TPP instance + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. + All requests made to the Venafi platform will be restricted by + the named zone policy. This field is required. + type: string + status: + description: IssuerStatus contains status information about an Issuer + type: object + properties: + acme: + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the + latest registered ACME account, in order to track changes made + to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also + be used to retrieve account details from the CA + type: string + conditions: + type: array + items: + description: IssuerCondition contains condition information for an + Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details + of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for + the condition's last transition. + type: string + status: + description: Status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, currently ('Ready'). + type: string + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: issuers.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: cert-manager.io + preserveUnknownFields: false + names: + kind: Issuer + listKind: IssuerList + plural: issuers + singular: issuer + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: IssuerSpec is the specification of an Issuer. This includes + any configuration required for the issuer. + type: object + properties: + acme: + description: ACMEIssuer contains the specification for an ACME issuer + type: object + required: + - privateKeySecretRef + - server + properties: + email: + description: Email is the email for this account + type: string + externalAccountBinding: + description: ExternalAcccountBinding is a reference to a CA external + account of the ACME server. + type: object + required: + - keyAlgorithm + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: keyAlgorithm is the MAC key algorithm that the + key is used for. Valid values are "HS256", "HS384" and "HS512". + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External + Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing + a data item in a Kubernetes Secret which holds the symmetric + MAC key of the External Account Binding. The `key` is the + index string that is paired with the key data in the Secret + and should not be confused with the key data itself, or indeed + with the External Account Binding keyID above. The secret + key stored in the Secret **must** be un-padded, base64 URL + encoded data. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + privateKeySecretRef: + description: PrivateKey is the name of a secret containing the private + key for this user account. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + server: + description: Server is the ACME server URL + type: string + skipTLSVerify: + description: If true, skip verifying the ACME server TLS certificate + type: boolean + solvers: + description: Solvers is a list of challenge solvers that will be + used to solve ACME challenges for the matching domains. + type: array + items: + type: object + properties: + dns01: + type: object + properties: + acmedns: + description: ACMEIssuerDNS01ProviderAcmeDNS is a structure + containing the configuration for ACME-DNS servers + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + host: + type: string + akamai: + description: ACMEIssuerDNS01ProviderAkamai is a structure + containing the DNS configuration for Akamai DNS—Zone + Record Management API + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + clientTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + serviceConsumerDomain: + type: string + azuredns: + description: ACMEIssuerDNS01ProviderAzureDNS is a structure + containing the configuration for Azure DNS + type: object + required: + - clientID + - clientSecretSecretRef + - resourceGroupName + - subscriptionID + - tenantID + properties: + clientID: + type: string + clientSecretSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + environment: + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + type: string + resourceGroupName: + type: string + subscriptionID: + type: string + tenantID: + type: string + clouddns: + description: ACMEIssuerDNS01ProviderCloudDNS is a structure + containing the DNS configuration for Google Cloud DNS + type: object + required: + - project + properties: + project: + type: string + serviceAccountSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + cloudflare: + description: ACMEIssuerDNS01ProviderCloudflare is a structure + containing the DNS configuration for Cloudflare + type: object + required: + - email + properties: + apiKeySecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + apiTokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + email: + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider + should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: ACMEIssuerDNS01ProviderDigitalOcean is a + structure containing the DNS configuration for DigitalOcean + Domains + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + rfc2136: + description: ACMEIssuerDNS01ProviderRFC2136 is a structure + containing the configuration for RFC2136 DNS + type: object + required: + - nameserver + properties: + nameserver: + description: 'The IP address of the DNS supporting + RFC2136. Required. Note: FQDN is not a valid value, + only IP.' + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the + DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` + and ``tsigKeyName`` are defined. Supported values + are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, + ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. + If ``tsigSecretSecretRef`` is defined, this field + is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the + TSIG value. If ``tsigKeyName`` is defined, this + field is required. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + route53: + description: ACMEIssuerDNS01ProviderRoute53 is a structure + containing the Route 53 configuration for AWS + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only + this zone in Route53 and will not do an lookup using + the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID + and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 + provider will assume using either the explicit credentials + AccessKeyID/SecretAccessKey or the inferred credentials + from environment variables, shared credentials file + or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. + If not set we fall-back to using env vars, shared + credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. + Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + webhook: + description: ACMEIssuerDNS01ProviderWebhook specifies + configuration for a webhook DNS01 provider, including + where to POST ChallengePayload resources. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should + be passed to the webhook apiserver when challenges + are processed. This can contain arbitrary JSON data. + Secret values should not be specified in this stanza. + If secret values are needed (e.g. credentials for + a DNS service), you should use a SecretKeySelector + to reference a Secret resource. For details on the + schema of this field, consult the webhook provider + implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used + when POSTing ChallengePayload resources to the webhook + apiserver. This should be the same as the GroupName + specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined + in the webhook provider implementation. This will + typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: ACMEChallengeSolverHTTP01 contains configuration + detailing how to solve HTTP01 challenges within a Kubernetes + cluster. Typically this is accomplished through creating + 'routes' of some description that configure ingress controllers + to direct traffic to 'solver pods', which are responsible + for responding to the ACME server's HTTP requests. + type: object + properties: + ingress: + description: The ingress based HTTP01 challenge solver + will solve challenges by creating or modifying Ingress + resources in order to route requests for '/.well-known/acme-challenge/XYZ' + to 'challenge solver' pods that are provisioned by cert-manager + for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating + Ingress resources to solve ACME challenges that + use this challenge solver. Only one of 'class' or + 'name' may be specified. + type: string + name: + description: The name of the ingress resource that + should have ACME challenge solving routes inserted + into it in order to solve HTTP01 challenges. This + is typically used in conjunction with ingress controllers + like ingress-gce, which maintains a 1:1 mapping + between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure + the ACME challenge solver pods used for HTTP01 challenges + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod + used to solve HTTP01 challenges. Only the 'labels' + and 'annotations' fields may be set. If labels + or annotations overlap with in-built values, + the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added + to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to + the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the + HTTP01 challenge solver pod. Only the 'nodeSelector', + 'affinity' and 'tolerations' fields are supported + currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling + constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling + rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node matches the + corresponding matchExpressions; + the node(s) with the highest sum + are the most preferred. + type: array + items: + description: An empty preferred + scheduling term matches all objects + with implicit weight 0 (i.e. it's + a no-op). A null preferred scheduling + term matches no objects (i.e. + is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector + term, associated with the + corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + weight: + description: Weight associated + with matching the corresponding + nodeSelectorTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to an update), the system + may or may not try to eventually + evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list + of node selector terms. The + terms are ORed. + type: array + items: + description: A null or empty + node selector term matches + no objects. The requirements + of them are ANDed. The TopologySelectorTerm + type implements a subset of + the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node + selector requirements + by node's labels. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchFields: + description: A list of node + selector requirements + by node's fields. + type: array + items: + description: A node selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: The label + key that the selector + applies to. + type: string + operator: + description: Represents + a key's relationship + to a set of values. + Valid operators + are In, NotIn, Exists, + DoesNotExist. Gt, + and Lt. + type: string + values: + description: An array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. If + the operator is + Gt or Lt, the values + array must have + a single element, + which will be interpreted + as an integer. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling + rules (e.g. co-locate this pod in the + same node, zone, etc. as some other + pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + affinity expressions, etc.), compute + a sum by iterating through the elements + of this field and adding "weight" + to the sum if the node has pods + which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements + specified by this field are not + met at scheduling time, the pod + will not be scheduled onto the node. + If the affinity requirements specified + by this field cease to be met at + some point during pod execution + (e.g. due to a pod label update), + the system may or may not try to + eventually evict the pod from its + node. When there are multiple elements, + the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity + scheduling rules (e.g. avoid putting + this pod in the same node, zone, etc. + as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer + to schedule pods to nodes that satisfy + the anti-affinity expressions specified + by this field, but it may choose + a node that violates one or more + of the expressions. The node that + is most preferred is the one with + the greatest sum of weights, i.e. + for each node that meets all of + the scheduling requirements (resource + request, requiredDuringScheduling + anti-affinity expressions, etc.), + compute a sum by iterating through + the elements of this field and adding + "weight" to the sum if the node + has pods which matches the corresponding + podAffinityTerm; the node(s) with + the highest sum are the most preferred. + type: array + items: + description: The weights of all + of the matched WeightedPodAffinityTerm + fields are added per-node to find + the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod + affinity term, associated + with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query + over a set of resources, + in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label + selector requirements. + The requirements are + ANDed. + type: array + items: + description: A label + selector requirement + is a selector that + contains values, + a key, and an operator + that relates the + key and values. + type: object + required: + - key + - operator + properties: + key: + description: key + is the label + key that the + selector applies + to. + type: string + operator: + description: operator + represents a + key's relationship + to a set of + values. Valid + operators are + In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array + of string values. + If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or + DoesNotExist, + the values array + must be empty. + This array is + replaced during + a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels + map is equivalent + to an element of matchExpressions, + whose key field is + "key", the operator + is "In", and the values + array contains only + "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces + specifies which namespaces + the labelSelector applies + to (matches against); + null or empty list means + "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) + or not co-located (anti-affinity) + with the pods matching + the labelSelector in the + specified namespaces, + where co-located is defined + as running on a node whose + value of the label with + key topologyKey matches + that of any node on which + any of the selected pods + is running. Empty topologyKey + is not allowed. + type: string + weight: + description: weight associated + with matching the corresponding + podAffinityTerm, in the range + 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity + requirements specified by this field + are not met at scheduling time, + the pod will not be scheduled onto + the node. If the anti-affinity requirements + specified by this field cease to + be met at some point during pod + execution (e.g. due to a pod label + update), the system may or may not + try to eventually evict the pod + from its node. When there are multiple + elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, + i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods + (namely those matching the labelSelector + relative to the given namespace(s)) + that this pod should be co-located + (affinity) or not co-located (anti-affinity) + with, where co-located is defined + as running on a node whose value + of the label with key + matches that of any node on which + a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over + a set of resources, in this + case pods. + type: object + properties: + matchExpressions: + description: matchExpressions + is a list of label selector + requirements. The requirements + are ANDed. + type: array + items: + description: A label selector + requirement is a selector + that contains values, + a key, and an operator + that relates the key + and values. + type: object + required: + - key + - operator + properties: + key: + description: key is + the label key that + the selector applies + to. + type: string + operator: + description: operator + represents a key's + relationship to + a set of values. + Valid operators + are In, NotIn, Exists + and DoesNotExist. + type: string + values: + description: values + is an array of string + values. If the operator + is In or NotIn, + the values array + must be non-empty. + If the operator + is Exists or DoesNotExist, + the values array + must be empty. This + array is replaced + during a strategic + merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels + is a map of {key,value} + pairs. A single {key,value} + in the matchLabels map + is equivalent to an element + of matchExpressions, whose + key field is "key", the + operator is "In", and + the values array contains + only "value". The requirements + are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies + which namespaces the labelSelector + applies to (matches against); + null or empty list means "this + pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should + be co-located (affinity) or + not co-located (anti-affinity) + with the pods matching the + labelSelector in the specified + namespaces, where co-located + is defined as running on a + node whose value of the label + with key topologyKey matches + that of any node on which + any of the selected pods is + running. Empty topologyKey + is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which + must be true for the pod to fit on a node. + Selector which must match a node''s labels + for the pod to be scheduled on that node. + More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is + attached to tolerates any taint that matches + the triple using the + matching operator . + type: object + properties: + effect: + description: Effect indicates the taint + effect to match. Empty means match + all taint effects. When specified, + allowed values are NoSchedule, PreferNoSchedule + and NoExecute. + type: string + key: + description: Key is the taint key that + the toleration applies to. Empty means + match all taint keys. If the key is + empty, operator must be Exists; this + combination means to match all values + and all keys. + type: string + operator: + description: Operator represents a key's + relationship to the value. Valid operators + are Exists and Equal. Defaults to + Equal. Exists is equivalent to wildcard + for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents + the period of time the toleration + (which must be of effect NoExecute, + otherwise this field is ignored) tolerates + the taint. By default, it is not set, + which means tolerate the taint forever + (do not evict). Zero and negative + values will be treated as 0 (evict + immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value + the toleration matches to. If the + operator is Exists, the value should + be empty, otherwise just a regular + string. + type: string + serviceType: + description: Optional service type for Kubernetes + solver service + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate + resource that should be solved using this challenge solver. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be + used to solve. If specified and a match is found, a + dnsNames selector will take precedence over a dnsZones + selector. If multiple solvers match with the same dnsNames + value, the solver with the most matching labels in matchLabels + will be selected. If neither has more matches, the solver + defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be + used to solve. The most specific DNS zone match specified + here will take precedence over other DNS zone matches, + so a solver specifying sys.example.com will be selected + over one specifying example.com for the domain www.sys.example.com. + If multiple solvers match with the same dnsZones value, + the solver with the most matching labels in matchLabels + will be selected. If neither has more matches, the solver + defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the + set of certificate's that this challenge solver will + apply to. + type: object + additionalProperties: + type: string + ca: + type: object + required: + - secretName + properties: + secretName: + description: SecretName is the name of the secret used to sign Certificates + issued by this Issuer. + type: string + selfSigned: + type: object + vault: + type: object + required: + - auth + - path + - server + properties: + auth: + description: Vault authentication + type: object + properties: + appRole: + description: This Secret contains a AppRole and Secret + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: Where the authentication path is mounted in + Vault. + type: string + roleId: + type: string + secretRef: + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + kubernetes: + description: This contains a Role and Secret with a ServiceAccount + token to authenticate with vault. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path + to use when authenticating with Vault. For example, setting + a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` + to authenticate with Vault. If unspecified, the default + value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role + to assume. A Role binds a Kubernetes ServiceAccount with + a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes + ServiceAccount JWT used for authenticating with Vault. + Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + tokenSecretRef: + description: This Secret contains the Vault token key + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + caBundle: + description: Base64 encoded CA bundle to validate Vault server certificate. + Only used if the Server URL is using HTTPS protocol. This parameter + is ignored for plain HTTP protocol connection. If not set the + system root certificates are used to validate the TLS connection. + type: string + format: byte + path: + description: Vault URL path to the certificate role + type: string + server: + description: Server is the vault connection address + type: string + venafi: + description: VenafiIssuer describes issuer configuration details for + Venafi Cloud. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. + Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for + the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + url: + description: URL is the base URL for Venafi Cloud + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration + settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: CABundle is a PEM encoded TLS certifiate to use + to verify connections to the TPP instance. If specified, system + roots will not be used and the issuing CA for the TPP instance + must be verifiable using the provided root. If not specified, + the connection will be verified using the cert-manager system + root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing + the username and password for the TPP server. The secret must + contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + url: + description: URL is the base URL for the Venafi TPP instance + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. + All requests made to the Venafi platform will be restricted by + the named zone policy. This field is required. + type: string + status: + description: IssuerStatus contains status information about an Issuer + type: object + properties: + acme: + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the + latest registered ACME account, in order to track changes made + to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also + be used to retrieve account details from the CA + type: string + conditions: + type: array + items: + description: IssuerCondition contains condition information for an + Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding + to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details + of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for + the condition's last transition. + type: string + status: + description: Status of the condition, one of ('True', 'False', + 'Unknown'). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, currently ('Ready'). + type: string + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: orders.acme.cert-manager.io +spec: + additionalPrinterColumns: + - JSONPath: .status.state + name: State + type: string + - JSONPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - JSONPath: .status.reason + name: Reason + priority: 1 + type: string + - JSONPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when + this object was created. It is not guaranteed to be set in happens-before order + across separate operations. Clients may not set this value. It is represented + in RFC3339 form and is in UTC. + name: Age + type: date + group: acme.cert-manager.io + preserveUnknownFields: false + names: + kind: Order + listKind: OrderList + plural: orders + singular: order + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - csr + - issuerRef + properties: + commonName: + description: CommonName is the common name as specified on the DER encoded + CSR. If CommonName is not specified, the first DNSName specified will + be used as the CommonName. At least one of CommonName or a DNSNames + must be set. This field must match the corresponding field on the + DER encoded CSR. + type: string + csr: + description: Certificate signing request bytes in DER encoding. This + will be used when finalizing the order. This field must be set on + the order. + type: string + format: byte + dnsNames: + description: DNSNames is a list of DNS names that should be included + as part of the Order validation process. If CommonName is not specified, + the first DNSName specified will be used as the CommonName. At least + one of CommonName or a DNSNames must be set. This field must match + the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer + which should be used to create this Order. If the Issuer does not + exist, processing will be retried. If the Issuer is not an 'ACME' + Issuer, an error will be returned and the Order will be marked as + failed. + type: object + required: + - name + properties: + group: + type: string + kind: + type: string + name: + type: string + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server + on what authoriations must be completed in order to validate the DNS + names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME + server on an authorization that must be completed in order validate + a DNS name on an ACME Order resource. + type: object + required: + - url + properties: + challenges: + description: Challenges specifies the challenge types offered + by the ACME server. One of these challenge types will be selected + when validating the DNS name and an appropriate Challenge resource + will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the + ACME server for an Order. An appropriate Challenge resource + can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for + this challenge. This is used to compute the 'key' that + must also be presented. + type: string + type: + description: Type is the type of challenge being offered, + e.g. http-01, dns-01 + type: string + url: + description: URL is the URL of this challenge. It can be + used to retrieve additional metadata about the Challenge + from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part + of this authorization + type: string + url: + description: URL is the URL of the Authorization that must be + completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for + a wildcard DNS name. If this is true, the identifier will be + the *non-wildcard* version of the DNS name. For example, if + '*.example.com' is the DNS name being validated, this field + will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for + this Order. This field will be populated after the order has been + successfully finalized with the ACME server, and the order has transitioned + to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This + is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates + for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why + the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. + States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the + resource is first created. The Order controller will populate this + field when the Order is first processed. This field will be immutable + after it is initially set. + type: string + version: v1alpha2 + versions: + - name: v1alpha2 + served: true + storage: true +--- \ No newline at end of file From 66722b3d7225bab31a4718050779af0cdde2ec86 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 8 Jun 2022 19:46:16 +0530 Subject: [PATCH 059/742] enable crd of cert-manager --- .../cert-manager/crds/cert-manager-crds.yaml | 5544 ----------------- 1 file changed, 5544 deletions(-) delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml deleted file mode 100644 index d4344da386..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/crds/cert-manager-crds.yaml +++ /dev/null @@ -1,5544 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: certificaterequests.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false - names: - kind: CertificateRequest - listKind: CertificateRequestList - plural: certificaterequests - shortNames: - - cr - - crs - singular: certificaterequest - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CertificateRequest is a type to represent a Certificate Signing - Request - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertificateRequestSpec defines the desired state of CertificateRequest - type: object - required: - - csr - - issuerRef - properties: - csr: - description: Byte slice containing the PEM encoded CertificateSigningRequest - type: string - format: byte - duration: - description: Requested certificate default Duration - type: string - isCA: - description: IsCA will mark the resulting certificate as valid for signing. - This implies that the 'cert sign' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If - the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the CertificateRequest - will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. The group field refers to the API group - of the issuer which defaults to 'cert-manager.io' if empty. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - usages: - description: Usages is the set of x509 actions that are enabled for - a given key. Defaults are ('digital signature', 'key encipherment') - if empty - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - Valid KeyUsage values are as follows: "signing", "digital signature", - "content commitment", "key encipherment", "key agreement", "data - encipherment", "cert sign", "crl sign", "encipher only", "decipher - only", "any", "server auth", "client auth", "code signing", "email - protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec - user", "timestamping", "ocsp signing", "microsoft sgc", "netscape - sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: CertificateStatus defines the observed state of CertificateRequest - and resulting signed certificate. - type: object - properties: - ca: - description: Byte slice containing the PEM encoded certificate authority - of the signed certificate. - type: string - format: byte - certificate: - description: Byte slice containing a PEM encoded signed certificate - resulting from the given certificate signing request. - type: string - format: byte - conditions: - type: array - items: - description: CertificateRequestCondition contains condition information - for a CertificateRequest. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready', 'InvalidRequest'). - type: string - failureTime: - description: FailureTime stores the time that this CertificateRequest - failed. This is used to influence garbage collection and back-off. - type: string - format: date-time - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: certificates.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.secretName - name: Secret - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false - names: - kind: Certificate - listKind: CertificateList - plural: certificates - shortNames: - - cert - - certs - singular: certificate - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Certificate is a type to represent a Certificate from ACME - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertificateSpec defines the desired state of Certificate. A - valid Certificate requires at least one of a CommonName, DNSName, or URISAN - to be valid. - type: object - required: - - issuerRef - - secretName - properties: - commonName: - description: CommonName is a common name to be used on the Certificate. - The CommonName should have a length of 64 characters or fewer to avoid - generating invalid CSRs. - type: string - dnsNames: - description: DNSNames is a list of subject alt names to be used on the - Certificate. - type: array - items: - type: string - duration: - description: Certificate default Duration - type: string - ipAddresses: - description: IPAddresses is a list of IP addresses to be used on the - Certificate - type: array - items: - type: string - isCA: - description: IsCA will mark this Certificate as valid for signing. This - implies that the 'cert sign' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. - If the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the Certificate will - be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - keyAlgorithm: - description: KeyAlgorithm is the private key algorithm of the corresponding - private key for this certificate. If provided, allowed values are - either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is - not provided, key size of 256 will be used for "ecdsa" key algorithm - and key size of 2048 will be used for "rsa" key algorithm. - type: string - enum: - - rsa - - ecdsa - keyEncoding: - description: KeyEncoding is the private key cryptography standards (PKCS) - for this certificate's private key to be encoded in. If provided, - allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, - respectively. If KeyEncoding is not specified, then PKCS#1 will be - used by default. - type: string - enum: - - pkcs1 - - pkcs8 - keySize: - description: KeySize is the key bit size of the corresponding private - key for this certificate. If provided, value must be between 2048 - and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", - and value must be one of (256, 384, 521) when KeyAlgorithm is set - to "ecdsa". - type: integer - organization: - description: Organization is the organization to be used on the Certificate - type: array - items: - type: string - renewBefore: - description: Certificate renew before expiration duration - type: string - secretName: - description: SecretName is the name of the secret resource to store - this secret in - type: string - subject: - description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - type: object - properties: - countries: - description: Countries to be used on the Certificate. - type: array - items: - type: string - localities: - description: Cities to be used on the Certificate. - type: array - items: - type: string - organizationalUnits: - description: Organizational Units to be used on the Certificate. - type: array - items: - type: string - postalCodes: - description: Postal codes to be used on the Certificate. - type: array - items: - type: string - provinces: - description: State/Provinces to be used on the Certificate. - type: array - items: - type: string - serialNumber: - description: Serial number to be used on the Certificate. - type: string - streetAddresses: - description: Street addresses to be used on the Certificate. - type: array - items: - type: string - uriSANs: - description: URISANs is a list of URI Subject Alternative Names to be - set on this Certificate. - type: array - items: - type: string - usages: - description: Usages is the set of x509 actions that are enabled for - a given key. Defaults are ('digital signature', 'key encipherment') - if empty - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - Valid KeyUsage values are as follows: "signing", "digital signature", - "content commitment", "key encipherment", "key agreement", "data - encipherment", "cert sign", "crl sign", "encipher only", "decipher - only", "any", "server auth", "client auth", "code signing", "email - protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec - user", "timestamping", "ocsp signing", "microsoft sgc", "netscape - sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: CertificateStatus defines the observed state of Certificate - type: object - properties: - conditions: - type: array - items: - description: CertificateCondition contains condition information for - an Certificate. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - lastFailureTime: - type: string - format: date-time - notAfter: - description: The expiration time of the certificate stored in the secret - named by this resource in spec.secretName. - type: string - format: date-time - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: challenges.acme.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.dnsName - name: Domain - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: acme.cert-manager.io - preserveUnknownFields: false - names: - kind: Challenge - listKind: ChallengeList - plural: challenges - singular: challenge - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Challenge is a type to represent a Challenge request with an ACME - server - type: object - required: - - metadata - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - required: - - authzURL - - dnsName - - issuerRef - - key - - token - - type - - url - properties: - authzURL: - description: AuthzURL is the URL to the ACME Authorization resource - that this challenge is a part of. - type: string - dnsName: - description: DNSName is the identifier that this challenge is for, e.g. - example.com. - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Challenge. If the Issuer does - not exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Challenge will be marked - as failed. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - key: - description: Key is the ACME challenge key for this challenge - type: string - solver: - description: Solver contains the domain solving configuration that should - be used to solve this challenge resource. - type: object - properties: - dns01: - type: object - properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure containing - the configuration for ACME-DNS servers - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure containing - the DNS configuration for Akamai DNS—Zone Record Management - API - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - clientTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS - type: object - required: - - clientID - - clientSecretSecretRef - - resourceGroupName - - subscriptionID - - tenantID - properties: - clientID: - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - environment: - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: - - project - properties: - project: - type: string - serviceAccountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - apiTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a structure - containing the DNS configuration for DigitalOcean Domains - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure containing - the configuration for RFC2136 DNS - type: object - required: - - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting RFC2136. - Required. Note: FQDN is not a valid value, only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting - RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` - are defined. Supported values are (case-insensitive): - ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or - ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If - ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG - value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure containing - the Route 53 configuration for AWS - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared credentials - file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only this - zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName - api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider - will assume using either the explicit credentials AccessKeyID/SecretAccessKey - or the inferred credentials from environment variables, - shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared credentials - file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies configuration - for a webhook DNS01 provider, including where to POST ChallengePayload - resources. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed - to the webhook apiserver when challenges are processed. - This can contain arbitrary JSON data. Secret values should - not be specified in this stanza. If secret values are - needed (e.g. credentials for a DNS service), you should - use a SecretKeySelector to reference a Secret resource. - For details on the schema of this field, consult the webhook - provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when - POSTing ChallengePayload resources to the webhook apiserver. - This should be the same as the GroupName specified in - the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in - the webhook provider implementation. This will typically - be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration detailing - how to solve HTTP01 challenges within a Kubernetes cluster. Typically - this is accomplished through creating 'routes' of some description - that configure ingress controllers to direct traffic to 'solver - pods', which are responsible for responding to the ACME server's - HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver will - solve challenges by creating or modifying Ingress resources - in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress - resources to solve ACME challenges that use this challenge - solver. Only one of 'class' or 'name' may be specified. - type: string - name: - description: The name of the ingress resource that should - have ACME challenge solving routes inserted into it in - order to solve HTTP01 challenges. This is typically used - in conjunction with ingress controllers like ingress-gce, - which maintains a 1:1 mapping between external IPs and - ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the - ACME challenge solver pods used for HTTP01 challenges - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to - solve HTTP01 challenges. Only the 'labels' and 'annotations' - fields may be set. If labels or annotations overlap - with in-built values, the values here will override - the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to - the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the - created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 - challenge solver pod. Only the 'nodeSelector', 'affinity' - and 'tolerations' fields are supported currently. - All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling - constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this - field, but it may choose a node that violates - one or more of the expressions. The node - that is most preferred is the one with - the greatest sum of weights, i.e. for - each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a - sum by iterating through the elements - of this field and adding "weight" to the - sum if the node matches the corresponding - matchExpressions; the node(s) with the - highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). A null - preferred scheduling term matches no - objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, - associated with the corresponding - weight. - type: object - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - matchFields: - description: A list of node selector - requirements by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to an update), the system may or may - not try to eventually evict the pod from - its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - type: array - items: - description: A null or empty node - selector term matches no objects. - The requirements of them are ANDed. - The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - matchFields: - description: A list of node selector - requirements by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same - node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this - field, but it may choose a node that violates - one or more of the expressions. The node - that is most preferred is the one with - the greatest sum of weights, i.e. for - each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a - sum by iterating through the elements - of this field and adding "weight" to the - sum if the node has pods which matches - the corresponding podAffinityTerm; the - node(s) with the highest sum are the most - preferred. - type: array - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key and - values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. Valid - operators are In, - NotIn, Exists and - DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, the - values array must - be non-empty. If the - operator is Exists - or DoesNotExist, the - values array must - be empty. This array - is replaced during - a strategic merge - patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in - the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching the labelSelector - in the specified namespaces, - where co-located is defined - as running on a node whose value - of the label with key topologyKey - matches that of any node on - which any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to a pod label update), the system - may or may not try to eventually evict - the pod from its node. When there are - multiple elements, the lists of nodes - corresponding to each podAffinityTerm - are intersected, i.e. all terms must be - satisfied. - type: array - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this - pod should be co-located (affinity) - or not co-located (anti-affinity) with, - where co-located is defined as running - on a node whose value of the label with - key matches that of any - node on which a pod of the set of pods - is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a - map of {key,value} pairs. A - single {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); null - or empty list means "this pod's - namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. avoid putting this pod in the - same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions specified by - this field, but it may choose a node that - violates one or more of the expressions. - The node that is most preferred is the - one with the greatest sum of weights, - i.e. for each node that meets all of the - scheduling requirements (resource request, - requiredDuringScheduling anti-affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and - adding "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with the - highest sum are the most preferred. - type: array - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key and - values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. Valid - operators are In, - NotIn, Exists and - DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, the - values array must - be non-empty. If the - operator is Exists - or DoesNotExist, the - values array must - be empty. This array - is replaced during - a strategic merge - patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in - the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching the labelSelector - in the specified namespaces, - where co-located is defined - as running on a node whose value - of the label with key topologyKey - matches that of any node on - which any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the anti-affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to a pod label update), the system - may or may not try to eventually evict - the pod from its node. When there are - multiple elements, the lists of nodes - corresponding to each podAffinityTerm - are intersected, i.e. all terms must be - satisfied. - type: array - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this - pod should be co-located (affinity) - or not co-located (anti-affinity) with, - where co-located is defined as running - on a node whose value of the label with - key matches that of any - node on which a pod of the set of pods - is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a - map of {key,value} pairs. A - single {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); null - or empty list means "this pod's - namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must - be true for the pod to fit on a node. Selector - which must match a node''s labels for the pod - to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - using the matching operator - . - type: object - properties: - effect: - description: Effect indicates the taint effect - to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, - PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the - toleration applies to. Empty means match - all taint keys. If the key is empty, operator - must be Exists; this combination means to - match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists - and Equal. Defaults to Equal. Exists is - equivalent to wildcard for value, so that - a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration (which - must be of effect NoExecute, otherwise this - field is ignored) tolerates the taint. By - default, it is not set, which means tolerate - the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the - toleration matches to. If the operator is - Exists, the value should be empty, otherwise - just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver - service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be used - to solve. If specified and a match is found, a dnsNames selector - will take precedence over a dnsZones selector. If multiple - solvers match with the same dnsNames value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used - to solve. The most specific DNS zone match specified here - will take precedence over other DNS zone matches, so a solver - specifying sys.example.com will be selected over one specifying - example.com for the domain www.sys.example.com. If multiple - solvers match with the same dnsZones value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set - of certificate's that this challenge solver will apply to. - type: object - additionalProperties: - type: string - token: - description: Token is the ACME challenge token for this challenge. - type: string - type: - description: Type is the type of ACME challenge this resource represents, - e.g. "dns01" or "http01" - type: string - url: - description: URL is the URL of the ACME Challenge resource for this - challenge. This can be used to lookup details about the status of - this challenge. - type: string - wildcard: - description: Wildcard will be true if this challenge is for a wildcard - identifier, for example '*.example.com' - type: boolean - status: - type: object - properties: - presented: - description: Presented will be set to true if the challenge values for - this challenge are currently 'presented'. This *does not* imply the - self check is passing. Only that the values have been 'submitted' - for the appropriate challenge mechanism (i.e. the DNS01 TXT record - has been presented, or the HTTP01 configuration has been configured). - type: boolean - processing: - description: Processing is used to denote whether this challenge should - be processed or not. This field will only be set to true by the 'scheduling' - component. It will only be set to false by the 'challenges' controller, - after the challenge has reached a final state or timed out. If this - field is set to false, the challenge controller will not take any - more action. - type: boolean - reason: - description: Reason contains human readable information on why the Challenge - is in the current state. - type: string - state: - description: State contains the current 'state' of the challenge. If - not set, the state of the challenge is unknown. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: clusterissuers.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false - names: - kind: ClusterIssuer - listKind: ClusterIssuerList - plural: clusterissuers - singular: clusterissuer - scope: Cluster - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IssuerSpec is the specification of an Issuer. This includes - any configuration required for the issuer. - type: object - properties: - acme: - description: ACMEIssuer contains the specification for an ACME issuer - type: object - required: - - privateKeySecretRef - - server - properties: - email: - description: Email is the email for this account - type: string - externalAccountBinding: - description: ExternalAcccountBinding is a reference to a CA external - account of the ACME server. - type: object - required: - - keyAlgorithm - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: keyAlgorithm is the MAC key algorithm that the - key is used for. Valid values are "HS256", "HS384" and "HS512". - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External - Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing - a data item in a Kubernetes Secret which holds the symmetric - MAC key of the External Account Binding. The `key` is the - index string that is paired with the key data in the Secret - and should not be confused with the key data itself, or indeed - with the External Account Binding keyID above. The secret - key stored in the Secret **must** be un-padded, base64 URL - encoded data. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - server: - description: Server is the ACME server URL - type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - type: array - items: - type: object - properties: - dns01: - type: object - properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure - containing the configuration for ACME-DNS servers - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure - containing the DNS configuration for Akamai DNS—Zone - Record Management API - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS - type: object - required: - - clientID - - clientSecretSecretRef - - resourceGroupName - - subscriptionID - - tenantID - properties: - clientID: - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - environment: - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: - - project - properties: - project: - type: string - serviceAccountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - apiTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a - structure containing the DNS configuration for DigitalOcean - Domains - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure - containing the configuration for RFC2136 DNS - type: object - required: - - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting - RFC2136. Required. Note: FQDN is not a valid value, - only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the - DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` - and ``tsigKeyName`` are defined. Supported values - are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, - ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field - is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the - TSIG value. If ``tsigKeyName`` is defined, this - field is required. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure - containing the Route 53 configuration for AWS - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only - this zone in Route53 and will not do an lookup using - the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 - provider will assume using either the explicit credentials - AccessKeyID/SecretAccessKey or the inferred credentials - from environment variables, shared credentials file - or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies - configuration for a webhook DNS01 provider, including - where to POST ChallengePayload resources. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should - be passed to the webhook apiserver when challenges - are processed. This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for - a DNS service), you should use a SecretKeySelector - to reference a Secret resource. For details on the - schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used - when POSTing ChallengePayload resources to the webhook - apiserver. This should be the same as the GroupName - specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined - in the webhook provider implementation. This will - typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration - detailing how to solve HTTP01 challenges within a Kubernetes - cluster. Typically this is accomplished through creating - 'routes' of some description that configure ingress controllers - to direct traffic to 'solver pods', which are responsible - for responding to the ACME server's HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver - will solve challenges by creating or modifying Ingress - resources in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating - Ingress resources to solve ACME challenges that - use this challenge solver. Only one of 'class' or - 'name' may be specified. - type: string - name: - description: The name of the ingress resource that - should have ACME challenge solving routes inserted - into it in order to solve HTTP01 challenges. This - is typically used in conjunction with ingress controllers - like ingress-gce, which maintains a 1:1 mapping - between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure - the ACME challenge solver pods used for HTTP01 challenges - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod - used to solve HTTP01 challenges. Only the 'labels' - and 'annotations' fields may be set. If labels - or annotations overlap with in-built values, - the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added - to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to - the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the - HTTP01 challenge solver pod. Only the 'nodeSelector', - 'affinity' and 'tolerations' fields are supported - currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling - constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node matches the - corresponding matchExpressions; - the node(s) with the highest sum - are the most preferred. - type: array - items: - description: An empty preferred - scheduling term matches all objects - with implicit weight 0 (i.e. it's - a no-op). A null preferred scheduling - term matches no objects (i.e. - is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector - term, associated with the - corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - weight: - description: Weight associated - with matching the corresponding - nodeSelectorTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to an update), the system - may or may not try to eventually - evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list - of node selector terms. The - terms are ORed. - type: array - items: - description: A null or empty - node selector term matches - no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of - the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the - same node, zone, etc. as some other - pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node has pods - which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: - - key - - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to a pod label update), - the system may or may not try to - eventually evict the pod from its - node. When there are multiple elements, - the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity - scheduling rules (e.g. avoid putting - this pod in the same node, zone, etc. - as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the anti-affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - anti-affinity expressions, etc.), - compute a sum by iterating through - the elements of this field and adding - "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: - - key - - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity - requirements specified by this field - are not met at scheduling time, - the pod will not be scheduled onto - the node. If the anti-affinity requirements - specified by this field cease to - be met at some point during pod - execution (e.g. due to a pod label - update), the system may or may not - try to eventually evict the pod - from its node. When there are multiple - elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which - must be true for the pod to fit on a node. - Selector which must match a node''s labels - for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is - attached to tolerates any taint that matches - the triple using the - matching operator . - type: object - properties: - effect: - description: Effect indicates the taint - effect to match. Empty means match - all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that - the toleration applies to. Empty means - match all taint keys. If the key is - empty, operator must be Exists; this - combination means to match all values - and all keys. - type: string - operator: - description: Operator represents a key's - relationship to the value. Valid operators - are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration - (which must be of effect NoExecute, - otherwise this field is ignored) tolerates - the taint. By default, it is not set, - which means tolerate the taint forever - (do not evict). Zero and negative - values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value - the toleration matches to. If the - operator is Exists, the value should - be empty, otherwise just a regular - string. - type: string - serviceType: - description: Optional service type for Kubernetes - solver service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - additionalProperties: - type: string - ca: - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - selfSigned: - type: object - vault: - type: object - required: - - auth - - path - - server - properties: - auth: - description: Vault authentication - type: object - properties: - appRole: - description: This Secret contains a AppRole and Secret - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - kubernetes: - description: This contains a Role and Secret with a ServiceAccount - token to authenticate with vault. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path - to use when authenticating with Vault. For example, setting - a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` - to authenticate with Vault. If unspecified, the default - value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role - to assume. A Role binds a Kubernetes ServiceAccount with - a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes - ServiceAccount JWT used for authenticating with Vault. - Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - tokenSecretRef: - description: This Secret contains the Vault token key - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. - type: string - format: byte - path: - description: Vault URL path to the certificate role - type: string - server: - description: Server is the vault connection address - type: string - venafi: - description: VenafiIssuer describes issuer configuration details for - Venafi Cloud. - type: object - required: - - zone - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for Venafi Cloud - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for the Venafi TPP instance - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. - type: string - status: - description: IssuerStatus contains status information about an Issuer - type: object - properties: - acme: - type: object - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA - type: string - conditions: - type: array - items: - description: IssuerCondition contains condition information for an - Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: issuers.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false - names: - kind: Issuer - listKind: IssuerList - plural: issuers - singular: issuer - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: IssuerSpec is the specification of an Issuer. This includes - any configuration required for the issuer. - type: object - properties: - acme: - description: ACMEIssuer contains the specification for an ACME issuer - type: object - required: - - privateKeySecretRef - - server - properties: - email: - description: Email is the email for this account - type: string - externalAccountBinding: - description: ExternalAcccountBinding is a reference to a CA external - account of the ACME server. - type: object - required: - - keyAlgorithm - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: keyAlgorithm is the MAC key algorithm that the - key is used for. Valid values are "HS256", "HS384" and "HS512". - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External - Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing - a data item in a Kubernetes Secret which holds the symmetric - MAC key of the External Account Binding. The `key` is the - index string that is paired with the key data in the Secret - and should not be confused with the key data itself, or indeed - with the External Account Binding keyID above. The secret - key stored in the Secret **must** be un-padded, base64 URL - encoded data. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - server: - description: Server is the ACME server URL - type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - type: array - items: - type: object - properties: - dns01: - type: object - properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure - containing the configuration for ACME-DNS servers - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure - containing the DNS configuration for Akamai DNS—Zone - Record Management API - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS - type: object - required: - - clientID - - clientSecretSecretRef - - resourceGroupName - - subscriptionID - - tenantID - properties: - clientID: - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - environment: - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: - - project - properties: - project: - type: string - serviceAccountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - apiTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a - structure containing the DNS configuration for DigitalOcean - Domains - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure - containing the configuration for RFC2136 DNS - type: object - required: - - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting - RFC2136. Required. Note: FQDN is not a valid value, - only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the - DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` - and ``tsigKeyName`` are defined. Supported values - are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, - ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field - is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the - TSIG value. If ``tsigKeyName`` is defined, this - field is required. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure - containing the Route 53 configuration for AWS - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only - this zone in Route53 and will not do an lookup using - the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 - provider will assume using either the explicit credentials - AccessKeyID/SecretAccessKey or the inferred credentials - from environment variables, shared credentials file - or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies - configuration for a webhook DNS01 provider, including - where to POST ChallengePayload resources. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should - be passed to the webhook apiserver when challenges - are processed. This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for - a DNS service), you should use a SecretKeySelector - to reference a Secret resource. For details on the - schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used - when POSTing ChallengePayload resources to the webhook - apiserver. This should be the same as the GroupName - specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined - in the webhook provider implementation. This will - typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration - detailing how to solve HTTP01 challenges within a Kubernetes - cluster. Typically this is accomplished through creating - 'routes' of some description that configure ingress controllers - to direct traffic to 'solver pods', which are responsible - for responding to the ACME server's HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver - will solve challenges by creating or modifying Ingress - resources in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating - Ingress resources to solve ACME challenges that - use this challenge solver. Only one of 'class' or - 'name' may be specified. - type: string - name: - description: The name of the ingress resource that - should have ACME challenge solving routes inserted - into it in order to solve HTTP01 challenges. This - is typically used in conjunction with ingress controllers - like ingress-gce, which maintains a 1:1 mapping - between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure - the ACME challenge solver pods used for HTTP01 challenges - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod - used to solve HTTP01 challenges. Only the 'labels' - and 'annotations' fields may be set. If labels - or annotations overlap with in-built values, - the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added - to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to - the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the - HTTP01 challenge solver pod. Only the 'nodeSelector', - 'affinity' and 'tolerations' fields are supported - currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling - constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node matches the - corresponding matchExpressions; - the node(s) with the highest sum - are the most preferred. - type: array - items: - description: An empty preferred - scheduling term matches all objects - with implicit weight 0 (i.e. it's - a no-op). A null preferred scheduling - term matches no objects (i.e. - is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector - term, associated with the - corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - weight: - description: Weight associated - with matching the corresponding - nodeSelectorTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to an update), the system - may or may not try to eventually - evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list - of node selector terms. The - terms are ORed. - type: array - items: - description: A null or empty - node selector term matches - no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of - the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the - same node, zone, etc. as some other - pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node has pods - which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: - - key - - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to a pod label update), - the system may or may not try to - eventually evict the pod from its - node. When there are multiple elements, - the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity - scheduling rules (e.g. avoid putting - this pod in the same node, zone, etc. - as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the anti-affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - anti-affinity expressions, etc.), - compute a sum by iterating through - the elements of this field and adding - "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: - - key - - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity - requirements specified by this field - are not met at scheduling time, - the pod will not be scheduled onto - the node. If the anti-affinity requirements - specified by this field cease to - be met at some point during pod - execution (e.g. due to a pod label - update), the system may or may not - try to eventually evict the pod - from its node. When there are multiple - elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which - must be true for the pod to fit on a node. - Selector which must match a node''s labels - for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is - attached to tolerates any taint that matches - the triple using the - matching operator . - type: object - properties: - effect: - description: Effect indicates the taint - effect to match. Empty means match - all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that - the toleration applies to. Empty means - match all taint keys. If the key is - empty, operator must be Exists; this - combination means to match all values - and all keys. - type: string - operator: - description: Operator represents a key's - relationship to the value. Valid operators - are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration - (which must be of effect NoExecute, - otherwise this field is ignored) tolerates - the taint. By default, it is not set, - which means tolerate the taint forever - (do not evict). Zero and negative - values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value - the toleration matches to. If the - operator is Exists, the value should - be empty, otherwise just a regular - string. - type: string - serviceType: - description: Optional service type for Kubernetes - solver service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - additionalProperties: - type: string - ca: - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - selfSigned: - type: object - vault: - type: object - required: - - auth - - path - - server - properties: - auth: - description: Vault authentication - type: object - properties: - appRole: - description: This Secret contains a AppRole and Secret - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - kubernetes: - description: This contains a Role and Secret with a ServiceAccount - token to authenticate with vault. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path - to use when authenticating with Vault. For example, setting - a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` - to authenticate with Vault. If unspecified, the default - value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role - to assume. A Role binds a Kubernetes ServiceAccount with - a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes - ServiceAccount JWT used for authenticating with Vault. - Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - tokenSecretRef: - description: This Secret contains the Vault token key - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. - type: string - format: byte - path: - description: Vault URL path to the certificate role - type: string - server: - description: Server is the vault connection address - type: string - venafi: - description: VenafiIssuer describes issuer configuration details for - Venafi Cloud. - type: object - required: - - zone - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for Venafi Cloud - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for the Venafi TPP instance - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. - type: string - status: - description: IssuerStatus contains status information about an Issuer - type: object - properties: - acme: - type: object - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA - type: string - conditions: - type: array - items: - description: IssuerCondition contains condition information for an - Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: orders.acme.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: acme.cert-manager.io - preserveUnknownFields: false - names: - kind: Order - listKind: OrderList - plural: orders - singular: order - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Order is a type to represent an Order with an ACME server - type: object - required: - - metadata - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - required: - - csr - - issuerRef - properties: - commonName: - description: CommonName is the common name as specified on the DER encoded - CSR. If CommonName is not specified, the first DNSName specified will - be used as the CommonName. At least one of CommonName or a DNSNames - must be set. This field must match the corresponding field on the - DER encoded CSR. - type: string - csr: - description: Certificate signing request bytes in DER encoding. This - will be used when finalizing the order. This field must be set on - the order. - type: string - format: byte - dnsNames: - description: DNSNames is a list of DNS names that should be included - as part of the Order validation process. If CommonName is not specified, - the first DNSName specified will be used as the CommonName. At least - one of CommonName or a DNSNames must be set. This field must match - the corresponding field on the DER encoded CSR. - type: array - items: - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Order. If the Issuer does not - exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Order will be marked as - failed. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - status: - type: object - properties: - authorizations: - description: Authorizations contains data returned from the ACME server - on what authoriations must be completed in order to validate the DNS - names specified on the Order. - type: array - items: - description: ACMEAuthorization contains data returned from the ACME - server on an authorization that must be completed in order validate - a DNS name on an ACME Order resource. - type: object - required: - - url - properties: - challenges: - description: Challenges specifies the challenge types offered - by the ACME server. One of these challenge types will be selected - when validating the DNS name and an appropriate Challenge resource - will be created to perform the ACME challenge process. - type: array - items: - description: Challenge specifies a challenge offered by the - ACME server for an Order. An appropriate Challenge resource - can be created to perform the ACME challenge process. - type: object - required: - - token - - type - - url - properties: - token: - description: Token is the token that must be presented for - this challenge. This is used to compute the 'key' that - must also be presented. - type: string - type: - description: Type is the type of challenge being offered, - e.g. http-01, dns-01 - type: string - url: - description: URL is the URL of this challenge. It can be - used to retrieve additional metadata about the Challenge - from the ACME server. - type: string - identifier: - description: Identifier is the DNS name to be validated as part - of this authorization - type: string - url: - description: URL is the URL of the Authorization that must be - completed - type: string - wildcard: - description: Wildcard will be true if this authorization is for - a wildcard DNS name. If this is true, the identifier will be - the *non-wildcard* version of the DNS name. For example, if - '*.example.com' is the DNS name being validated, this field - will be 'true' and the 'identifier' field will be 'example.com'. - type: boolean - certificate: - description: Certificate is a copy of the PEM encoded certificate for - this Order. This field will be populated after the order has been - successfully finalized with the ACME server, and the order has transitioned - to the 'valid' state. - type: string - format: byte - failureTime: - description: FailureTime stores the time that this order failed. This - is used to influence garbage collection and back-off. - type: string - format: date-time - finalizeURL: - description: FinalizeURL of the Order. This is used to obtain certificates - for this order once it has been completed. - type: string - reason: - description: Reason optionally provides more information about a why - the order is in the current state. - type: string - state: - description: State contains the current state of this Order resource. - States 'success' and 'expired' are 'final' - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: URL of the Order. This will initially be empty when the - resource is first created. The Order controller will populate this - field when the Order is first processed. This field will be immutable - after it is initially set. - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- \ No newline at end of file From c6e6e43ed83c0c537252639d426cadea26a5cdda Mon Sep 17 00:00:00 2001 From: Nikesh Date: Mon, 13 Jun 2022 02:14:39 +0530 Subject: [PATCH 060/742] samlpe-azure tf --- .../terraform/modules/db/azure/main.tf | 23 +++++++++------- .../terraform/modules/db/azure/variables.tf | 3 ++- .../modules/kubernetes/azure/main.tf | 18 +++---------- infra-as-code/terraform/sample-azure/main.tf | 26 +++++++++++-------- .../terraform/sample-azure/variables.tf | 16 ++++++++++-- 5 files changed, 48 insertions(+), 38 deletions(-) diff --git a/infra-as-code/terraform/modules/db/azure/main.tf b/infra-as-code/terraform/modules/db/azure/main.tf index 8e0513c8df..f61816628d 100644 --- a/infra-as-code/terraform/modules/db/azure/main.tf +++ b/infra-as-code/terraform/modules/db/azure/main.tf @@ -3,18 +3,21 @@ resource "azurerm_postgresql_server" "postgresql_server" { location = "${var.location}" resource_group_name = "${var.resource_group}" - sku_name = "${var.sku_tier}" + - storage_profile { - storage_mb = "${var.storage_mb}" - backup_retention_days = "${var.backup_retention_days}" - geo_redundant_backup = "Disabled" - } + administrator_login = "${var.administrator_login}" + administrator_login_password = "${var.administrator_login_password}" + + sku_name = "${var.sku_tier}" + version = "${var.db_version}" + storage_mb = "${var.storage_mb}" + + backup_retention_days = "${var.backup_retention_days}" + geo_redundant_backup_enabled = false + + ssl_enforcement_enabled = "${var.ssl_enforce}" + ssl_minimal_tls_version_enforced = "TLSEnforcementDisabled" - administrator_login = "${var.administrator_login}" - administrator_login_password = "${var.administrator_login_password}" - version = "10" - ssl_enforcement = "${var.ssl_enforce}" tags = { environment = "${var.environment}" diff --git a/infra-as-code/terraform/modules/db/azure/variables.tf b/infra-as-code/terraform/modules/db/azure/variables.tf index 673f31bd4b..80c6cd9af5 100644 --- a/infra-as-code/terraform/modules/db/azure/variables.tf +++ b/infra-as-code/terraform/modules/db/azure/variables.tf @@ -9,4 +9,5 @@ variable "administrator_login" {} variable "administrator_login_password" {} variable "ssl_enforce" {} variable "db_name" {} -variable "environment" {} \ No newline at end of file +variable "environment" {} +variable "db_version" {} \ No newline at end of file diff --git a/infra-as-code/terraform/modules/kubernetes/azure/main.tf b/infra-as-code/terraform/modules/kubernetes/azure/main.tf index c70f45de17..1423ced42d 100644 --- a/infra-as-code/terraform/modules/kubernetes/azure/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/azure/main.tf @@ -1,34 +1,24 @@ -resource "azurerm_kubernetes_cluster" "aks" { +resource "azurerm_kubernetes_cluster" "aks" { name = "${var.name}" location = "${var.location}" resource_group_name = "${var.resource_group}" dns_prefix = "${var.name}" - - linux_profile { - admin_username = "ubuntu" - - ssh_key { - key_data = file(var.ssh_public_key) - } - } - + default_node_pool { name = "default" node_count = "${var.nodes}" vm_size = "${var.vm_size}" } + service_principal { client_id = "${var.client_id}" client_secret = "${var.client_secret}" } - role_based_access_control { - enabled = true - } - tags = { Environment = "${var.environment}" } + } \ No newline at end of file diff --git a/infra-as-code/terraform/sample-azure/main.tf b/infra-as-code/terraform/sample-azure/main.tf index 335e7bc136..cc178b6988 100644 --- a/infra-as-code/terraform/sample-azure/main.tf +++ b/infra-as-code/terraform/sample-azure/main.tf @@ -1,10 +1,11 @@ provider "azurerm" { # whilst the `version` attribute is optional, we recommend pinning to a given version of the Provider - version = "=1.28.0" + version = "=3.10.0" subscription_id = "b4e1aa53-c521-44e6-8a4d-5ae107916b5b" tenant_id = "593ce202-d1a9-4760-ba26-ae35417c00cb" - client_id = "${var.client_id}" - client_secret = "${var.client_secret}" + client_id = "${var.client_id}" + client_secret = "${var.client_secret}" + features {} } resource "azurerm_resource_group" "resource_group" { @@ -18,12 +19,14 @@ resource "azurerm_resource_group" "resource_group" { module "kubernetes" { source = "../modules/kubernetes/azure" environment = "${var.environment}" - name = "egov-micro-dev" + name = "${var.environment}" location = "${azurerm_resource_group.resource_group.location}" resource_group = "${azurerm_resource_group.resource_group.name}" - client_id = "${var.client_id}" + client_id = "${var.client_id}" client_secret = "${var.client_secret}" - nodes = "4" + nodes = "${var.nodes}" + vm_size = "Standard_A8_v2" + ssh_public_key = "${var.environment}" } module "zookeeper" { @@ -74,17 +77,18 @@ module "es-data-v1" { module "postgres-db" { source = "../modules/db/azure" - server_name = "egov-micro-dev" + server_name = "${var.environment}" resource_group = "${module.kubernetes.node_resource_group}" sku_cores = "2" location = "${azurerm_resource_group.resource_group.location}" - sku_tier = "Basic" + sku_tier = "B_Gen5_1" storage_mb = "51200" backup_retention_days = "7" - administrator_login = "egovdev" + administrator_login = "${var.db_user}" administrator_login_password = "${var.db_password}" - ssl_enforce = "Disabled" - db_name = "egov_dev_ms" + ssl_enforce = false + db_name = "${var.environment}" environment= "${var.environment}" + db_version = "${var.db_version}" } diff --git a/infra-as-code/terraform/sample-azure/variables.tf b/infra-as-code/terraform/sample-azure/variables.tf index ac64205318..217e6fa399 100644 --- a/infra-as-code/terraform/sample-azure/variables.tf +++ b/infra-as-code/terraform/sample-azure/variables.tf @@ -1,14 +1,26 @@ variable "environment" { - default = "egov-micro-dev" + default = "azure-demo" } variable "resource_group" { - default = "egov-micro-dev" + default = "azure-demo" } variable "location" { default = "SouthIndia" } +variable "nodes" { + default = "4" +} + +variable "db_version" { + default = "11" +} + +variable "db_user" { + default = "demo" +} + variable "db_password" { } From 9ca2d6367619aa79c8668c37a1601eaf11f6f744 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 13 Jun 2022 11:17:05 +0530 Subject: [PATCH 061/742] Update egov-demo.yaml --- config-as-code/environments/egov-demo.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 84fc8f119a..123ebb0fc9 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -1,5 +1,5 @@ global: - domain: egov-demo.egovernments.org ## Add your Domain Name Eg: site.mydomain.com + domain: ## Add your Domain Name Eg: site.mydomain.com setup: fullsetup cluster-configs: @@ -15,8 +15,9 @@ cluster-configs: db-host: "" ## Add db-host name eg: egov-demo.database.azure.com db-name: "" ## Add db-name db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "egov-demo.egovernments.org" ## Add your Domain Name - egov-services-fqdn-name: "https://egov-demo.egovernments.org/" ## Add your Domain Name + domain: "" ## Add your Domain Name + egov-services-fqdn-name: "https:///" ## Add your Domain Name + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" @@ -761,4 +762,4 @@ es-curator: logs-cleanup-enabled: "true" jaeger-cleanup-enabled: "true" logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From b3e5bb8b92bcfcb430a19bd1f41f2838b47d8599 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 13 Jun 2022 11:18:04 +0530 Subject: [PATCH 062/742] Update egov-demo-secrets.yaml --- config-as-code/environments/egov-demo-secrets.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/config-as-code/environments/egov-demo-secrets.yaml b/config-as-code/environments/egov-demo-secrets.yaml index bfe93a79d2..e81cba5382 100644 --- a/config-as-code/environments/egov-demo-secrets.yaml +++ b/config-as-code/environments/egov-demo-secrets.yaml @@ -65,11 +65,6 @@ cluster-configs: edcr-mail-password: demo edcr-sms-username: demo edcr-sms-password: demo - egov-edcr-bank-gateway: // Add edcr bank gateway details - edcr-pnb-mid: demo - edcr-pnb-encryption-key: 12345678 - edcr-hdfc-key: qwer - edcr-hdfc-salt: sdfgt chatbot: // Add chatbot details valuefirst-username: demo valuefirst-password: demo @@ -78,4 +73,4 @@ cluster-configs: oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details clientID: qwgethjymnbv clientSecret: 3a08079easd9d8055470475696fd3baad5292 - cookieSecret: QVbnq0L8npoyfxZs96wtBg== \ No newline at end of file + cookieSecret: QVbnq0L8npoyfxZs96wtBg== From 817d536900c8b0d9b59d82cef98beb20812162d7 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 16 Jun 2022 11:29:49 +0530 Subject: [PATCH 063/742] enhanced config file --- config-as-code/environments/egov-demo.yaml | 96 +++++++++++----------- 1 file changed, 47 insertions(+), 49 deletions(-) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 123ebb0fc9..9cbe014709 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -1,5 +1,5 @@ global: - domain: ## Add your Domain Name Eg: site.mydomain.com + domain: ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: @@ -208,8 +208,8 @@ egov-mdms-service: mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "UAT" + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -219,8 +219,8 @@ egov-indexer: memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -230,35 +230,35 @@ egov-persister: persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> report: @@ -267,15 +267,15 @@ report: spring-datasource-tomcat-max-active: 5 initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "master" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UAT" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" @@ -317,11 +317,9 @@ nginx-ingress: ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" cert-manager: - email: "devops@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + zuul: replicas: 1 custom-filter-property: "false" @@ -501,12 +499,12 @@ kafka-v2: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: ## add respective zone - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -564,12 +562,12 @@ zookeeper-v2: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -633,12 +631,12 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a esJavaOpts: "-Xmx1g -Xms1g" resources: @@ -697,13 +695,13 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ## add your respective zone eg. ap-south-1a + esJavaOpts: "-Xmx448m -Xms448m" resources: requests: From fa54752230bd1ee22ba16a34c31da00161940878 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 20 Jun 2022 15:35:41 +0530 Subject: [PATCH 064/742] Create dependancy_chart-digit-v2.6.yaml --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 167 ++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml new file mode 100644 index 0000000000..5c0c59920a --- /dev/null +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -0,0 +1,167 @@ +version: v2.6 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.1-96b24b0d72-39 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 + - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 + - egovio/egov-filestore:v1.2.4-72f8a8f87b-10 + - egovio/egov-idgen:v1.2.3-72f8a8f87b-7 + - egovio/egov-indexer:v1.1.6-72f8a8f87b-10 + - egovio/egov-localization:v1.1.3-72f8a8f87b-6 + - egovio/egov-location:v1.1.4-72f8a8f87b-6 + - egovio/egov-mdms-service:v1.3.2-72f8a8f87b-12 + - egovio/egov-notification-mail:v1.1.2-72f8a8f87b-12 + - egovio/egov-notification-sms:v1.1.3-48a03ad7bb-10 + - egovio/egov-otp:v1.2.2-72f8a8f87b-12 + - egovio/egov-persister:v1.1.4-72f8a8f87b-6 + - egovio/egov-pg-service:v1.2.3-72f8a8f87b-14 + - egovio/egov-searcher:v1.1.5-72f8a8f87b-16 + - egovio/egov-url-shortening:v1.1.1-72f8a8f87b-20 + - egovio/egov-user:v1.2.6-96b24b0d72-87 + - egovio/user-otp:v1.1.4-96b24b0d72-15 + - egovio/egov-workflow-v2:v1.2.1-96b24b0d72-72 + - egovio/pdf-service:v1.1.6-96b24b0d72-83 + - egovio/report:v1.3.4-96b24b0d72-16 + - egovio/chatbot:v1.1.6-72f8a8f87b-8 + - egovio/xstate-chatbot:v1.1.1-96b24b0d72-21 + - egovio/egov-user-chatbot:v1.2.6-96b24b0d72-4 + - egovio/nlp-engine:v1.0.0-fbea6fba-21 + - egovio/egov-document-uploader:v0.0.1-48a03ad7bb-26 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.6-72f8a8f87b-23 + - egovio/billing-service:v1.3.4-72f8a8f87b-39 + - egovio/egf-instrument:v1.1.4-72f8a8f87b-4 + - egovio/egf-master:v1.1.3-72f8a8f87b-15 + - egovio/egov-apportion-service:v1.1.5-72f8a8f87b-5 + - egovio/egov-hrms:v1.2.4-72f8a8f87b-27 + - egovio/finance-collections-voucher-consumer:v1.1.6-96b24b0d72-18 + - name: utilities + dependencies: + - "core" + services: + - egovio/egov-custom-consumer:v1.1.1-72f8a8f87b-3 + - egovio/egov-pdf:v1.1.2-344ffc814a-37 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:v1.7.0-b630589843-119 + - egovio/employee:v1.7.0-83c152772f-172 + - egovio/digit-ui:v1.4.0-29d4be1d4f-704 + - name: m_pgr #PGR + dependencies: + - "core" + - "business" + services: + - egovio/pgr-services:v1.1.4-96b24b0d72-21 + - egovio/rainmaker-pgr:v1.1.4-48a03ad7bb-4 + - name: m_property-tax #PT + dependencies: + - "core" + - "business" + services: + - egovio/property-services:v1.1.7-96b24b0d72-138 + - egovio/pt-calculator-v2:v1.1.5-96b24b0d72-12 + - egovio/pt-services-v2:v1.0.0-48a03ad7bb-4 + - name: m_sewerage #Sewerage + dependencies: + - "core" + - "business" + services: + - egovio/sw-calculator:v1.3.2-96b24b0d72-15 + - egovio/sw-services:v1.4.2-96b24b0d72-31 + - name: m_bpa #BPA + dependencies: + - "core" + - "business" + services: + - egovio/bpa-services:v1.1.5-59f19cd017-74 + - egovio/bpa-calculator:v1.1.1-72f8a8f87b-8 + - egovio/land-services:v1.0.4-96b24b0d72-14 + - egovio/noc-services:v1.0.4-96b24b0d72-18 + - name: m_trade-license #TL + dependencies: + - "core" + - "business" + services: + - egovio/tl-calculator:v1.1.4-96b24b0d72-9 + - egovio/tl-services:v1.1.5-100cbc1a10-175 + - name: m_firenoc #Fire NOC + dependencies: + - "core" + - "business" + services: + - egovio/firenoc-calculator:v1.2.0-d4a78bf8a3-19 + - egovio/firenoc-services:v1.3.2-12ed7e93c1-64 + - name: m_water-service #Water + dependencies: + - "core" + - "business" + services: + - egovio/ws-calculator:v1.3.2-96b24b0d72-26 + - egovio/ws-services:v1.4.2-96b24b0d72-65 + - name: m_dss #dss + dependencies: + - "frontend" + - "core" + - "business" + services: + - egovio/dashboard-analytics:v1.1.6-72f8a8f87b-5 + - egovio/dashboard-ingest:v1.1.4-72f8a8f87b-10 + - egovio/dss-dashboard:v1.7.0-b916c7d187-13 + - name: m_fsm #fsm + dependencies: + - "core" + - "business" + services: + - egovio/fsm:v1.0.4-96b24b0d72-13 + - egovio/fsm-calculator:v1.0.0-48a03ad7bb-5 + - egovio/vehicle:v1.0.3-96b24b0d72-6 + - egovio/vendor:v1.0.3-96b24b0d72-5 + - name: m_echallan #eChallan + dependencies: + - "core" + - "business" + services: + - egovio/echallan-services:v1.0.4-72f8a8f87b-17 + - egovio/echallan-calculator:v1.0.2-72f8a8f87b-14 + - name: Other #Other Services + dependencies: + - "core" + - "business" + services: + - egovio/egov-user-event:v1.1.4-48a03ad7bb-18 + - egovio/inbox:v1.1.0-96b24b0d72-79 + - egovio/turn-io-adapter:v1.0.1-96b24b0d72-5 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/egov-edcr:v2.1.0-db5adca27f-23 + - name: m_finance #Finance + dependencies: + - "core" + services: + - egovio/egov-finance:v3.0.2-0d0a8db8ff-28 From b4711165c2bf9b934912535b0c905e2b6a9b6b40 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 20 Jun 2022 15:42:41 +0530 Subject: [PATCH 065/742] Update dependancy_chart-digit-v2.6.yaml --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index 5c0c59920a..f59c3569f9 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -57,7 +57,7 @@ modules: - egovio/egov-apportion-service:v1.1.5-72f8a8f87b-5 - egovio/egov-hrms:v1.2.4-72f8a8f87b-27 - egovio/finance-collections-voucher-consumer:v1.1.6-96b24b0d72-18 - - name: utilities + - name: utilities dependencies: - "core" services: From fd4a2eee559f52f4315199a07063390317c277b4 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 20 Jun 2022 15:44:53 +0530 Subject: [PATCH 066/742] Update dependancy_chart-digit-v2.6.yaml --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index f59c3569f9..550332390a 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -140,14 +140,14 @@ modules: - egovio/fsm-calculator:v1.0.0-48a03ad7bb-5 - egovio/vehicle:v1.0.3-96b24b0d72-6 - egovio/vendor:v1.0.3-96b24b0d72-5 - - name: m_echallan #eChallan + - name: m_echallan #eChallan dependencies: - "core" - "business" services: - egovio/echallan-services:v1.0.4-72f8a8f87b-17 - egovio/echallan-calculator:v1.0.2-72f8a8f87b-14 - - name: Other #Other Services + - name: Other #Other Services dependencies: - "core" - "business" From e621116e3352aed0c598030e4e91a0d308ef18fe Mon Sep 17 00:00:00 2001 From: Nikesh Date: Mon, 20 Jun 2022 16:26:29 +0530 Subject: [PATCH 067/742] updated egov-service-host --- .../environments/egov-demo-template.yaml | 133 ++++++++++++------ config-as-code/environments/egov-demo.yaml | 133 ++++++++++++------ 2 files changed, 186 insertions(+), 80 deletions(-) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 7a8cb7c964..3f28a49fe1 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -40,53 +40,106 @@ cluster-configs: egov-service-host: ## Change only if you know the impact data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" dashboard-analytics: http://dashboard-analytics.egov:8080/ dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" bpa-services: "http://bpa-services.egov:8080/" bpa-calculator: "http://bpa-calculator.egov:8080/" rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" egov-filestore: volume: /opt/eGov/filestore diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 9cbe014709..4edb0025b6 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -39,53 +39,106 @@ cluster-configs: egov-service-host: data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" dashboard-analytics: http://dashboard-analytics.egov:8080/ dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-data-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" bpa-services: "http://bpa-services.egov:8080/" bpa-calculator: "http://bpa-calculator.egov:8080/" rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" #>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From c62cb084483a906089215833623385208be1a276 Mon Sep 17 00:00:00 2001 From: karthik-egov Date: Mon, 20 Jun 2022 17:39:22 +0530 Subject: [PATCH 068/742] changed citizen image --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index 550332390a..26db87b957 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -67,7 +67,7 @@ modules: dependencies: - "business" services: - - egovio/citizen:v1.7.0-b630589843-119 + - egovio/citizen:citizen-v1.5.0-c1825dd69-291 - egovio/employee:v1.7.0-83c152772f-172 - egovio/digit-ui:v1.4.0-29d4be1d4f-704 - name: m_pgr #PGR From e074af721b0de47cf3a52ff848eca37af496f99a Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 20 Jun 2022 17:39:37 +0530 Subject: [PATCH 069/742] added digit-ui --- config-as-code/environments/egov-demo-template.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 3f28a49fe1..27c4e1b08e 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -298,7 +298,14 @@ collection-receipt-voucher-consumer: finance-collections-voucher-consumer: erp-env-name: "qa" erp-domain-name: "egovernments.org" - + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + employee: custom-js-injection: | sub_filter.conf: " From c26d390f5270705023fe3a52e0177d66716e2030 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 21 Jun 2022 09:29:29 +0530 Subject: [PATCH 070/742] Update egov-demo.yaml --- config-as-code/environments/egov-demo.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 4edb0025b6..894a2ef437 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -139,6 +139,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + egov-filestore: "http://egov-filestore:8080/" #>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -170,7 +171,13 @@ digit-ui: egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 fixed-bucketname: filestore bucket name ## Add filestore bucket name egov-idgen: From 935ec0d6ba529ee666256e4171ce4738fec50ac2 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 21 Jun 2022 09:30:13 +0530 Subject: [PATCH 071/742] Update egov-demo.yaml --- config-as-code/environments/egov-demo.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 894a2ef437..41845b7d44 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -139,7 +139,6 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" - egov-filestore: "http://egov-filestore:8080/" #>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From b85d766a768018e0835f8150950014bf627496bd Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 21 Jun 2022 09:31:28 +0530 Subject: [PATCH 072/742] Update egov-demo-template.yaml --- config-as-code/environments/egov-demo-template.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 27c4e1b08e..10146083b7 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -144,7 +144,13 @@ cluster-configs: egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 fixed-bucketname: filestore bucket name ## Add filestore bucket name egov-idgen: From 5f4dc9a2160ac2e7e26846e695130b349e021e0d Mon Sep 17 00:00:00 2001 From: karthik-egov Date: Tue, 21 Jun 2022 11:44:23 +0530 Subject: [PATCH 073/742] added correct images --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index 26db87b957..23da1fc5a8 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -22,7 +22,7 @@ modules: services: - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 - - egovio/egov-filestore:v1.2.4-72f8a8f87b-10 + - egovio/egov-filestore:v1.2.3-2ee9ec37-4 - egovio/egov-idgen:v1.2.3-72f8a8f87b-7 - egovio/egov-indexer:v1.1.6-72f8a8f87b-10 - egovio/egov-localization:v1.1.3-72f8a8f87b-6 From 81b421f67fdc1146f5a9adf685f55fb47b330897 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 22 Jun 2022 12:55:49 +0530 Subject: [PATCH 074/742] enhanced cicd tf --- infra-as-code/terraform/egov-cicd/main.tf | 111 ++++-------------- infra-as-code/terraform/egov-cicd/outputs.tf | 11 -- .../terraform/egov-cicd/variables.tf | 7 +- .../modules/kubernetes/aws/network/main.tf | 3 +- 4 files changed, 26 insertions(+), 106 deletions(-) diff --git a/infra-as-code/terraform/egov-cicd/main.tf b/infra-as-code/terraform/egov-cicd/main.tf index 1016d8535f..d67c4b7775 100644 --- a/infra-as-code/terraform/egov-cicd/main.tf +++ b/infra-as-code/terraform/egov-cicd/main.tf @@ -1,10 +1,4 @@ -terraform { - backend "s3" { - bucket = "egov-cicd-terraform-state-store" - key = "terraform" - region = "ap-south-1" - } -} + module "network" { source = "../modules/kubernetes/aws/network" @@ -13,41 +7,6 @@ module "network" { availability_zones = "${var.network_availability_zones}" } -module "iam_user_deployer" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-deployer" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_admin" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-admin" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "egovterraform" has uploaded his public key here - https://keybase.io/egovterraform/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} - -module "iam_user_user" { - source = "terraform-aws-modules/iam/aws//modules/iam-user" - - name = "${var.cluster_name}-kube-user" - force_destroy = true - create_iam_user_login_profile = false - create_iam_access_key = true - - # User "test" has uploaded his public key here - https://keybase.io/test/pgp_keys.asc - pgp_key = "${var.iam_keybase_user}" -} data "aws_eks_cluster" "cluster" { name = "${module.eks.cluster_id}" @@ -56,61 +15,35 @@ data "aws_eks_cluster" "cluster" { data "aws_eks_cluster_auth" "cluster" { name = "${module.eks.cluster_id}" } -provider "kubernetes" { - host = "${data.aws_eks_cluster.cluster.endpoint}" - cluster_ca_certificate = "${base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)}" - token = "${data.aws_eks_cluster_auth.cluster.token}" - load_config_file = false - version = "~> 1.11" -} module "eks" { source = "terraform-aws-modules/eks/aws" + version = "17.24.0" cluster_name = "${var.cluster_name}" + vpc_id = "${module.network.vpc_id}" cluster_version = "${var.kubernetes_version}" subnets = "${concat(module.network.private_subnets, module.network.public_subnets)}" - tags = "${ - map( - "kubernetes.io/cluster/${var.cluster_name}", "owned", - "KubernetesCluster", "${var.cluster_name}" - ) - }" - - vpc_id = "${module.network.vpc_id}" - - worker_groups_launch_template = [ - { - name = "spot" - subnets = "${slice(module.network.private_subnets, 0, length(var.availability_zones))}" - override_instance_types = "${var.override_instance_types}" - asg_max_size = "${var.number_of_worker_nodes}" - asg_desired_capacity = "${var.number_of_worker_nodes}" - kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" - spot_allocation_strategy= "lowest-price" - spot_max_price = "${var.spot_max_price}" - spot_instance_pools = 1 - cpu_credits = "standard" - }, - ] - - map_users = [ - { - userarn = "${module.iam_user_deployer.this_iam_user_arn}" - username = "${module.iam_user_deployer.this_iam_user_name}" - groups = ["system:masters"] - }, + worker_groups = [ { - userarn = "${module.iam_user_admin.this_iam_user_arn}" - username = "${module.iam_user_admin.this_iam_user_name}" - groups = ["global-readonly", "digit-user"] - }, - { - userarn = "${module.iam_user_user.this_iam_user_arn}" - username = "${module.iam_user_user.this_iam_user_name}" - groups = ["global-readonly"] - }, + name = "spot" + subnets = "${concat(slice(module.network.private_subnets, 0, length(var.availability_zones)))}" + override_instance_types = "${var.override_instance_types}" + kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" + additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] + asg_max_size = "${var.number_of_worker_nodes}" + asg_desired_capacity = "${var.number_of_worker_nodes}" + spot_allocation_strategy = "capacity-optimized" + spot_instance_pools = null + } ] + tags = "${ + tomap({ + "kubernetes.io/cluster/${var.cluster_name}" = "owned", + "KubernetesCluster" = "${var.cluster_name}" + }) + }" + } module "jenkins" { @@ -121,6 +54,6 @@ module "jenkins" { disk_prefix = "jenkins-home" availability_zones = "${var.availability_zones}" storage_sku = "gp2" - disk_size_gb = "20" + disk_size_gb = "50" } \ No newline at end of file diff --git a/infra-as-code/terraform/egov-cicd/outputs.tf b/infra-as-code/terraform/egov-cicd/outputs.tf index 405bffa029..751a2e0edc 100644 --- a/infra-as-code/terraform/egov-cicd/outputs.tf +++ b/infra-as-code/terraform/egov-cicd/outputs.tf @@ -37,14 +37,3 @@ output "jenkins" { value = "${module.jenkins.volume_ids}" } -output "deployer_secret_key_cmd" { - value = "${map(module.iam_user_deployer.this_iam_access_key_id, module.iam_user_deployer.keybase_secret_key_decrypt_command)}" -} - -output "admin_secret_key_cmd" { - value = "${map(module.iam_user_admin.this_iam_access_key_id, module.iam_user_admin.keybase_secret_key_decrypt_command)}" -} - -output "user_secret_key_cmd" { - value = "${map(module.iam_user_user.this_iam_access_key_id, module.iam_user_user.keybase_secret_key_decrypt_command)}" -} \ No newline at end of file diff --git a/infra-as-code/terraform/egov-cicd/variables.tf b/infra-as-code/terraform/egov-cicd/variables.tf index 3c254ce7d4..d7a87452e6 100644 --- a/infra-as-code/terraform/egov-cicd/variables.tf +++ b/infra-as-code/terraform/egov-cicd/variables.tf @@ -19,7 +19,7 @@ variable "availability_zones" { } variable "kubernetes_version" { - default = "1.15" + default = "1.20" } variable "instance_type" { @@ -34,6 +34,7 @@ variable "number_of_worker_nodes" { default = "1" } + variable "spot_max_price" { default = "0.0538" } @@ -41,6 +42,4 @@ variable "spot_max_price" { variable "ssh_key_name" { default = "egov-cicd" } -variable "iam_keybase_user" { - default = "keybase:egovterraform" -} + diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf index 36f7426165..e317372f14 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf @@ -159,8 +159,7 @@ resource "aws_security_group" "worker_nodes_sg" { tags = "${ map( - "Name", "nodes-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", + "kubernetes.io/cluster/${var.cluster_name}", "owned", "KubernetesCluster", "${var.cluster_name}" ) }" From d08135cbd22b6cb61385ba65de8eb133a2b29a67 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 22 Jun 2022 13:00:55 +0530 Subject: [PATCH 075/742] modified remote state --- infra-as-code/terraform/egov-cicd/main.tf | 8 +++++++- infra-as-code/terraform/egov-cicd/remote-state/main.tf | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/infra-as-code/terraform/egov-cicd/main.tf b/infra-as-code/terraform/egov-cicd/main.tf index d67c4b7775..84309b15a0 100644 --- a/infra-as-code/terraform/egov-cicd/main.tf +++ b/infra-as-code/terraform/egov-cicd/main.tf @@ -1,4 +1,10 @@ - +terraform { + backend "s3" { + bucket = "try-cicd-workshop-yourname" + key = "terraform" + region = "ap-south-1" + } +} module "network" { source = "../modules/kubernetes/aws/network" diff --git a/infra-as-code/terraform/egov-cicd/remote-state/main.tf b/infra-as-code/terraform/egov-cicd/remote-state/main.tf index c7e051d6ff..c3b2651589 100644 --- a/infra-as-code/terraform/egov-cicd/remote-state/main.tf +++ b/infra-as-code/terraform/egov-cicd/remote-state/main.tf @@ -3,7 +3,7 @@ provider "aws" { } resource "aws_s3_bucket" "terraform_state" { - bucket = "egov-cicd-terraform-state-store" + bucket = "try-cicd-workshop-yourname" versioning { enabled = true @@ -15,7 +15,7 @@ resource "aws_s3_bucket" "terraform_state" { } resource "aws_dynamodb_table" "terraform_state_lock" { - name = "egov-cicd-terraform-state-store" + name = "try-cicd-workshop-yourname" read_capacity = 1 write_capacity = 1 hash_key = "LockID" From a6dcc20ab1bcb7eb7f4f5737c96854e72ab4b62a Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 22 Jun 2022 15:50:23 +0530 Subject: [PATCH 076/742] Update ci-demo-secrets.yaml --- .../environments/ci-demo-secrets.yaml | 56 ++++++++++++++++++- 1 file changed, 53 insertions(+), 3 deletions(-) diff --git a/config-as-code/environments/ci-demo-secrets.yaml b/config-as-code/environments/ci-demo-secrets.yaml index 40e6df68b4..31166d8902 100644 --- a/config-as-code/environments/ci-demo-secrets.yaml +++ b/config-as-code/environments/ci-demo-secrets.yaml @@ -3,9 +3,59 @@ cluster-configs: jenkins: clientId: clientSecret: - gitReadSshPrivateKey: + gitReadSshPrivateKey: |- + -----BEGIN RSA PRIVATE KEY----- + MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t + B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O + wvGNiLrSkqeKTbAflj/347aGOyO6tG+lDFPtGDOWI8EXQNRDKQb7zxans9fdli1u + vdXEDEF5nqzso0CLOtWjnRcOdWOghOyKdHZLvDIqwMSDvOVcnWH/zUqjMqpQJItu + bCun9tvRGxU5eSdTXCR7bs5qvm0NJR2VdJFZJNnxy9i0iQrinpLNlmoWl0LEunns + vSI9nBd3s0/l0nVzNzyvstCnywR8BKj1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG + Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ + z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn + woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA + AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP + 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK + U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb + kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa + RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA + 1RJ4Lxm9sGFuM1TuqU+1hLNc2/alZtclq2R424yCjzkz00vPNF+TpOGDdlUMiLpe + 2kbgYyY/hXKrSl2dbWPe00bj0AfNhdDJgb8cDVf9lz/MniG3A/U2St4lKK4ULDgt + /BRwLJzYROP/p1NWNO3m18BvJRXt16dAsBAXy+49CVY+t3twZ4KNO+hzOC+T2bXs + RZWWZXBsSXcT8suCy8CpzsM2V6wmipjBEcTR8MOjBHa5XSSH/e7k4+c1mV2Kjdix + 5GHNEi/oYgseBlIo5SeDtgcVRRX8L07ttG7LjuKW2icrcQnWgQKCAQEA6AFeRdO4 + ajHavP9t9DZEQWs0Xl0xsa4E0BTOXCGvxOgr9mg5ZaVzy/O53aaT92Geb5LkWhJJ + UyNZ2dqITAHIGSpZLosjsb1i5GPcgxkNrRYBH96Zew9GQ87yIu9cI5FpQSA1ijiu + 6B9AozIGAkEBgHj98RgO16Wh6f9UsAyWgiyq67IP3f1cexzuH6sgPWFjvUv4+F7i + HDMZmtftA3sDfs4hFhe7PW0WcW/Ys2ucfjDVeqlOZrlLbDoUYEHZwb3/Ts+Xs5F5 + tRNtpKIPNrFvVwKCAQEA2To/WNk+7pZGZZQU/xyYHiyO9979TtkMnaXOF6Wr8bSD + UAm+4+fPBg3iKhqEOlf8Ldrz1Cc7boIJATx5RmFs+zuc8H9LU0GHp9S/AQ7xjmcG + Os6QmPI2dyQ5dFeKt1eRqZhcedAO1bsj3idnrbk64mfwfxFi86xX80oLBabmDba+ + w5cqjOfGHMfXiHebtUiuOLrxM8no3bAVpf9chzZODdSsLZT6J8Lep4A9pnPsYw+9 + vU1QgTYqk7sTL2ZTA963nm5IACrPBg866p98MRsdlagXtasduWBwnXNTnqM8nKX0 + /Wf90KtbN+ueep8/qWPF4QRZL/wj6y11nyvYIq0CUQKCAQA6dQXM8FDaKR+lWXLa + AsZl+V4jnLXFwEQkLenlGvPP2HQjTRWRQAQSUqH1cGB+B5HFKSzyaQNHgmLTENy5 + H/+9fRTyrrED/ZxA3NhGQ4m7/cyWqm47s9IrbENYAwkkoRYnOOTApLPq+9BK7R5E + kHpbpOj9qj9fLIn7ZBIO0kQ45X95CTyA3lNlCILIPKlpqNztdPEol6mygRVnSVZs + QPbg6RuLIPW0bl6CuDwdc76EpD6Yzq/izlD8EEkLn7Gq5Zwc+USNSFMOqe18r4Vf + yCIUVFnP2EDsdE0gXf8rDiVLQoC3vGstxOh1J5k0u8LjZz0qHXJq42/YKUIKJm9Q + 55pXAoIBAQCGgkfZd2Q9jnX2zjQWKBmVjZfVqpGFsmbac2HjSKXo3BL3i6FVNCQA + JralxZedHQA9ULfs5YIqkoCK8GxUBV3bT3WFgf0dh5U9ekHvoNY4jFjSLzhgTJMn + QRoGjXKKxsGel4ajsw6Mj/3MwO+1Jd5tdVj5BcYVBuHK901N6aPIWCFVsZQafiYx + ZN2SXKC6SZumRAcRdloo5jq5Qg0JDo+ltxHLeyTU/eJyY7aIojsWHm5kUlbf + -----END RSA PRIVATE KEY----- gitReadAccessToken: - dockerConfigJson: + dockerConfigJson: |- + { + "auths": { + "index.docker.io": { + "username": "", + "password": "", + "email": "", + "auth": "" + } + } + } dockerUsername: dockerPassword: kubeConfigs: @@ -98,4 +148,4 @@ cluster-configs: - name: AWS_SECRET_ACCESS_KEY value: 123efrghytr32sfghjf - name: AWS_REGION - value: ap-south-1 \ No newline at end of file + value: ap-south-1 From 0f58fba3b578fc8b90d2a16a8ccb855e38336e19 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 22 Jun 2022 15:50:59 +0530 Subject: [PATCH 077/742] Update ci-demo-secrets.yaml --- config-as-code/environments/ci-demo-secrets.yaml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/config-as-code/environments/ci-demo-secrets.yaml b/config-as-code/environments/ci-demo-secrets.yaml index 31166d8902..f3edcc1696 100644 --- a/config-as-code/environments/ci-demo-secrets.yaml +++ b/config-as-code/environments/ci-demo-secrets.yaml @@ -10,15 +10,6 @@ cluster-configs: wvGNiLrSkqeKTbAflj/347aGOyO6tG+lDFPtGDOWI8EXQNRDKQb7zxans9fdli1u vdXEDEF5nqzso0CLOtWjnRcOdWOghOyKdHZLvDIqwMSDvOVcnWH/zUqjMqpQJItu bCun9tvRGxU5eSdTXCR7bs5qvm0NJR2VdJFZJNnxy9i0iQrinpLNlmoWl0LEunns - vSI9nBd3s0/l0nVzNzyvstCnywR8BKj1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG - Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ - z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn - woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA - AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP - 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK - U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb - kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa - RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA 1RJ4Lxm9sGFuM1TuqU+1hLNc2/alZtclq2R424yCjzkz00vPNF+TpOGDdlUMiLpe 2kbgYyY/hXKrSl2dbWPe00bj0AfNhdDJgb8cDVf9lz/MniG3A/U2St4lKK4ULDgt /BRwLJzYROP/p1NWNO3m18BvJRXt16dAsBAXy+49CVY+t3twZ4KNO+hzOC+T2bXs @@ -34,9 +25,6 @@ cluster-configs: w5cqjOfGHMfXiHebtUiuOLrxM8no3bAVpf9chzZODdSsLZT6J8Lep4A9pnPsYw+9 vU1QgTYqk7sTL2ZTA963nm5IACrPBg866p98MRsdlagXtasduWBwnXNTnqM8nKX0 /Wf90KtbN+ueep8/qWPF4QRZL/wj6y11nyvYIq0CUQKCAQA6dQXM8FDaKR+lWXLa - AsZl+V4jnLXFwEQkLenlGvPP2HQjTRWRQAQSUqH1cGB+B5HFKSzyaQNHgmLTENy5 - H/+9fRTyrrED/ZxA3NhGQ4m7/cyWqm47s9IrbENYAwkkoRYnOOTApLPq+9BK7R5E - kHpbpOj9qj9fLIn7ZBIO0kQ45X95CTyA3lNlCILIPKlpqNztdPEol6mygRVnSVZs QPbg6RuLIPW0bl6CuDwdc76EpD6Yzq/izlD8EEkLn7Gq5Zwc+USNSFMOqe18r4Vf yCIUVFnP2EDsdE0gXf8rDiVLQoC3vGstxOh1J5k0u8LjZz0qHXJq42/YKUIKJm9Q 55pXAoIBAQCGgkfZd2Q9jnX2zjQWKBmVjZfVqpGFsmbac2HjSKXo3BL3i6FVNCQA From 8649b43c48a3d8a9ad8ecbff6597a7a9db6bb8b1 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 23 Jun 2022 10:05:02 +0530 Subject: [PATCH 078/742] Update ci-demo.yaml --- config-as-code/environments/ci-demo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/environments/ci-demo.yaml b/config-as-code/environments/ci-demo.yaml index 29134a8e99..93f061d3a7 100644 --- a/config-as-code/environments/ci-demo.yaml +++ b/config-as-code/environments/ci-demo.yaml @@ -5,7 +5,7 @@ global: cluster-configs: namespaces: create: false - values: [ jenkins ] + values: [ jenkins, cert-manager ] root-ingress: namespace: jenkins serviceName: jenkins From 9f61b919170d2fdd0aeca8315c1da714e57b2134 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 24 Jun 2022 10:29:24 +0530 Subject: [PATCH 079/742] Added egov-document-uploader chart --- .../egov-document-uploader/Chart.yaml | 26 ++++++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../egov-document-uploader/values.yaml | 79 +++++++++++++++++++ 5 files changed, 111 insertions(+) create mode 100644 config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml create mode 100644 config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml create mode 100644 config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml create mode 100644 config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml create mode 100644 config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml b/config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml new file mode 100644 index 0000000000..e037deadee --- /dev/null +++ b/config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: egov-document-uploader +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml b/config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml new file mode 100644 index 0000000000..a42f47c37a --- /dev/null +++ b/config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml @@ -0,0 +1,79 @@ +# Common Labels +labels: + app: "egov-document-uploader" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "egov-document-uploader" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "egov_document_uploader_schema" + image: + repository: "egov-document-uploader-db" + +# Container Configs +image: + repository: "egov-document-uploader" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-document-uploader/health" + readinessProbePath: "/egov-document-uploader/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx64m -Xms64m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-du-services + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: PERSISTER_SAVE_DOCUMENT_TOPIC + value: save-du-document + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: DU_NOTIFICATION_UI_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" \ No newline at end of file From 7347e54f2507081a6ad4c940ab33ff0fbf4567e8 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 24 Jun 2022 18:15:53 +0530 Subject: [PATCH 080/742] Update main.tf --- infra-as-code/terraform/egov-cicd/main.tf | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/infra-as-code/terraform/egov-cicd/main.tf b/infra-as-code/terraform/egov-cicd/main.tf index 84309b15a0..03e5883a8d 100644 --- a/infra-as-code/terraform/egov-cicd/main.tf +++ b/infra-as-code/terraform/egov-cicd/main.tf @@ -21,7 +21,14 @@ data "aws_eks_cluster" "cluster" { data "aws_eks_cluster_auth" "cluster" { name = "${module.eks.cluster_id}" } - + +provider "kubernetes" { + host = "${data.aws_eks_cluster.cluster.endpoint}" + cluster_ca_certificate = "${base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)}" + token = "${data.aws_eks_cluster_auth.cluster.token}" + #load_config_file = false +} + module "eks" { source = "terraform-aws-modules/eks/aws" version = "17.24.0" @@ -62,4 +69,4 @@ module "jenkins" { storage_sku = "gp2" disk_size_gb = "50" -} \ No newline at end of file +} From e3885e53946f330b02fee320d04e6eb615d0dc25 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 24 Jun 2022 18:17:10 +0530 Subject: [PATCH 081/742] Update outputs.tf --- infra-as-code/terraform/egov-cicd/outputs.tf | 4 ---- 1 file changed, 4 deletions(-) diff --git a/infra-as-code/terraform/egov-cicd/outputs.tf b/infra-as-code/terraform/egov-cicd/outputs.tf index 751a2e0edc..150e5ff2c9 100644 --- a/infra-as-code/terraform/egov-cicd/outputs.tf +++ b/infra-as-code/terraform/egov-cicd/outputs.tf @@ -28,10 +28,6 @@ output "kubectl_config" { value = module.eks.kubeconfig } -output "config_map_aws_auth" { - description = "A kubernetes configuration to authenticate to this EKS cluster." - value = module.eks.config_map_aws_auth -} output "jenkins" { value = "${module.jenkins.volume_ids}" From 6c3811d654566b186efacd7ab7115c64ce2c48b3 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Mon, 27 Jun 2022 16:00:25 +0530 Subject: [PATCH 082/742] updated sg tags --- infra-as-code/terraform/modules/kubernetes/aws/network/main.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf index e317372f14..1a2227dd6d 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf @@ -159,7 +159,8 @@ resource "aws_security_group" "worker_nodes_sg" { tags = "${ map( - "kubernetes.io/cluster/${var.cluster_name}", "owned", + "Name", "masters-${var.cluster_name}", + "kubernetes.io/cluster/${var.cluster_name}", "shared", "KubernetesCluster", "${var.cluster_name}" ) }" From c67a333597f21674eff55a54ee88fb2bd8072e31 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 27 Jun 2022 18:24:06 +0530 Subject: [PATCH 083/742] Removed slackToken --- .../helm/charts/backbone-services/jenkins/values.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/jenkins/values.yaml b/config-as-code/helm/charts/backbone-services/jenkins/values.yaml index 13c0da7a01..216f114820 100644 --- a/config-as-code/helm/charts/backbone-services/jenkins/values.yaml +++ b/config-as-code/helm/charts/backbone-services/jenkins/values.yaml @@ -162,12 +162,7 @@ master: valueFrom: secretKeyRef: name: jenkins-credentials - key: gitReadSshPrivateKey - - name: SLACK_TOKEN - valueFrom: - secretKeyRef: - name: jenkins-credentials - key: slackToken + key: gitReadSshPrivateKey usePodSecurityContext: true # Set runAsUser to 1000 to let Jenkins run as non-root user 'jenkins' which exists in 'jenkins/jenkins' docker image. # When setting runAsUser to a different value than 0 also set fsGroup to the same value: From 348390902ad789b0582862467794c8417436793b Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 29 Jun 2022 16:47:30 +0530 Subject: [PATCH 084/742] enhanced of cicd tf and cert-manager chart --- config-as-code/environments/ci-demo.yaml | 5 ++++- .../cert-manager/templates/clusterissuer.yaml | 4 ++-- .../cert-manager/templates/clusterrole.yaml | 14 +++++++------- .../cert-manager/templates/clusterrolebinding.yaml | 14 +++++++------- .../cert-manager/templates/role.yaml | 4 ++-- .../cert-manager/templates/rolebinding.yaml | 4 ++-- .../modules/kubernetes/aws/network/main.tf | 8 +------- 7 files changed, 25 insertions(+), 28 deletions(-) diff --git a/config-as-code/environments/ci-demo.yaml b/config-as-code/environments/ci-demo.yaml index 93f061d3a7..ca25a65e6c 100644 --- a/config-as-code/environments/ci-demo.yaml +++ b/config-as-code/environments/ci-demo.yaml @@ -67,7 +67,10 @@ nginx-ingress: cert-manager: namespace: jenkins - email: "" # Add mail id + clusterIssuer: + stage: + acme: + email: "" # Add mail id cluster-autoscaler: namespace: jenkins diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index 6a82806205..cfe5a48e50 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -7,7 +7,7 @@ spec: email: {{ .Values.clusterIssuer.stage.acme.email }} privateKeySecretRef: name: {{ .Values.clusterIssuer.stage.name }} - server: {{ .Values.clusterIssuer.stage.acme.secretName }} + server: {{ .Values.clusterIssuer.stage.acme.server }} solvers: - http01: ingress: @@ -19,7 +19,7 @@ metadata: name: {{ .Values.clusterIssuer.prod.name }} spec: acme: - email: {{ .Values.clusterIssuer.prod.acme.email }} + email: {{ .Values.clusterIssuer.stage.acme.email }} privateKeySecretRef: name: {{ .Values.clusterIssuer.prod.name }} server: {{ .Values.clusterIssuer.prod.acme.server }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml index 5641e560b5..0651b12e8c 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml @@ -1,4 +1,4 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-cainjector @@ -27,7 +27,7 @@ rules: verbs: ["get", "list", "watch", "update"] --- # Issuer controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-issuers @@ -50,7 +50,7 @@ rules: verbs: ["create", "patch"] --- # ClusterIssuer controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-clusterissuers @@ -73,7 +73,7 @@ rules: verbs: ["create", "patch"] --- # Certificates controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-certificates @@ -105,7 +105,7 @@ rules: verbs: ["create", "patch"] --- # Orders controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-orders @@ -140,7 +140,7 @@ rules: verbs: ["create", "patch"] --- # Challenges controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-challenges @@ -188,7 +188,7 @@ rules: verbs: ["get", "list", "watch"] --- # ingress-shim controller role -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-controller-ingress-shim diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml index 538e9dc5ab..3f4b6e6bd5 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-cainjector @@ -15,7 +15,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-issuers @@ -32,7 +32,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-clusterissuers @@ -49,7 +49,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-certificates @@ -66,7 +66,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-orders @@ -83,7 +83,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-challenges @@ -100,7 +100,7 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount --- -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-controller-ingress-shim diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml index 17c9c8d0be..7848f120bb 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml @@ -1,5 +1,5 @@ # leader election rules -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "name" . }}-cainjector:leaderelection @@ -16,7 +16,7 @@ rules: verbs: ["get", "create", "update", "patch"] --- # Source: cert-manager/templates/rbac.yaml -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "name" . }}:leaderelection diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml index e2871417a2..d6993a972b 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml @@ -1,5 +1,5 @@ # leader election namespace -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "name" . }}-cainjector:leaderelection @@ -20,7 +20,7 @@ subjects: namespace: {{ .Values.namespace }} --- # leader election namespace -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "name" . }}:leaderelection diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf index 1a2227dd6d..afe04caefa 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf @@ -157,13 +157,7 @@ resource "aws_security_group" "worker_nodes_sg" { cidr_blocks = ["0.0.0.0/0"] } - tags = "${ - map( - "Name", "masters-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) - }" + } resource "aws_security_group" "master_nodes_sg" { From 433ceedf449f5a7643ef867876202a49fbf0c3d2 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Fri, 1 Jul 2022 10:42:04 +0530 Subject: [PATCH 085/742] updated the deployer branch and chart folder path --- .../helm/charts/backbone-services/jenkins/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/backbone-services/jenkins/values.yaml b/config-as-code/helm/charts/backbone-services/jenkins/values.yaml index 216f114820..469a24ceed 100644 --- a/config-as-code/helm/charts/backbone-services/jenkins/values.yaml +++ b/config-as-code/helm/charts/backbone-services/jenkins/values.yaml @@ -476,7 +476,7 @@ master: cps { script("""library 'ci-libs' - deployer(repo:'git@github.com:egovernments/DIGIT-DevOps.git', branch: 'master', helmDir: 'deploy-as-code/helm', environment: '{{ $job.name }}')""") + deployer(repo:'git@github.com:egovernments/DIGIT-DevOps.git', branch: 'release', helmDir: 'config-as-code/helm', environment: '{{ $job.name }}')""") sandbox() } } From afc0dac6adec09a8226da80952813e5e528d98ea Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 28 Jul 2022 12:05:07 +0530 Subject: [PATCH 086/742] Update dependancy_chart-digit-v2.6.yaml --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index 23da1fc5a8..8da4c2b3b7 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -18,7 +18,8 @@ modules: - name: core dependencies: - "backbone" - - "authn-authz" + - "authn-authz" + - "frontend" services: - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 @@ -63,7 +64,7 @@ modules: services: - egovio/egov-custom-consumer:v1.1.1-72f8a8f87b-3 - egovio/egov-pdf:v1.1.2-344ffc814a-37 - - name: "frontend" + - name: frontend dependencies: - "business" services: From 66b90ff6916a3ba8aab685b9f4d456b933746d57 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Thu, 4 Aug 2022 14:35:17 +0530 Subject: [PATCH 087/742] DPG-595 enhancement of tf for AWS RDS instance module --- infra-as-code/terraform/modules/db/aws/main.tf | 3 ++- infra-as-code/terraform/modules/db/aws/variables.tf | 1 + infra-as-code/terraform/sample-aws/main.tf | 5 +++-- infra-as-code/terraform/sample-aws/variables.tf | 8 ++++++-- 4 files changed, 12 insertions(+), 5 deletions(-) diff --git a/infra-as-code/terraform/modules/db/aws/main.tf b/infra-as-code/terraform/modules/db/aws/main.tf index 423b057700..c649757a01 100644 --- a/infra-as-code/terraform/modules/db/aws/main.tf +++ b/infra-as-code/terraform/modules/db/aws/main.tf @@ -14,9 +14,10 @@ resource "aws_db_instance" "rds_postgres" { allocated_storage = "${var.storage_gb}" storage_type = "${var.storage_type}" engine = "postgres" + db_name = "${var.db_name}" engine_version = "${var.engine_version}" instance_class = "${var.instance_class}" - identifier = "${var.db_name}" + identifier = "${var.identifier}" availability_zone = "${var.availability_zone}" username = "${var.administrator_login}" password = "${var.administrator_login_password}" diff --git a/infra-as-code/terraform/modules/db/aws/variables.tf b/infra-as-code/terraform/modules/db/aws/variables.tf index c9e94feba7..97b4eba509 100644 --- a/infra-as-code/terraform/modules/db/aws/variables.tf +++ b/infra-as-code/terraform/modules/db/aws/variables.tf @@ -9,4 +9,5 @@ variable "backup_retention_days" {} variable "administrator_login" {} variable "administrator_login_password" {} variable "db_name" {} +variable "identifier" {} variable "environment" {} \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 1c2487d830..8e9731e9da 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -16,9 +16,10 @@ module "db" { storage_type = "gp2" storage_gb = "100" backup_retention_days = "7" - administrator_login = "egovdemo" + administrator_login = "${var.db_username}" administrator_login_password = "${var.db_password}" - db_name = "${var.cluster_name}-db" + identifier = "${var.cluster_name}-db" + db_name = "${var.db_name}" environment = "${var.cluster_name}" } diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index c18d0b226a..ee25cf3033 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -43,8 +43,12 @@ variable "bucket_name" { default = "try-workshop" } -variable "iam_keybase_user" { - default = "keybase:egovterraform" +variable "db_name" { +default = "digit_test" +} + +variable "db_username" { +default = "egovdemo" } variable "db_password" {} From 9be2bc9ccf2cb0f503060a15d48926098a846ae1 Mon Sep 17 00:00:00 2001 From: Karthik-egov <93192752+Karthik-egov@users.noreply.github.com> Date: Thu, 4 Aug 2022 17:06:52 +0530 Subject: [PATCH 088/742] Create README.md --- config-as-code/product-release-charts/Sanitation/README.md | 1 + 1 file changed, 1 insertion(+) create mode 100644 config-as-code/product-release-charts/Sanitation/README.md diff --git a/config-as-code/product-release-charts/Sanitation/README.md b/config-as-code/product-release-charts/Sanitation/README.md new file mode 100644 index 0000000000..8b13789179 --- /dev/null +++ b/config-as-code/product-release-charts/Sanitation/README.md @@ -0,0 +1 @@ + From 9a100c4fd2607e273f0fc84526f3cc817feec14f Mon Sep 17 00:00:00 2001 From: kapil-eGov <104757835+kapil-eGov@users.noreply.github.com> Date: Fri, 5 Aug 2022 16:36:52 +0530 Subject: [PATCH 089/742] Create dependancy_chart-fsm-v1.2.1.yaml (#937) --- .../dependancy_chart-fsm-v1.2.1.yaml | 174 ++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml diff --git a/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml new file mode 100644 index 0000000000..da01ebc4ab --- /dev/null +++ b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml @@ -0,0 +1,174 @@ +version: v2.7 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.1-96b24b0d72-39 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 + - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 + - egovio/egov-filestore:v1.2.4-72f8a8f87b-10 + - egovio/egov-idgen:v1.2.3-72f8a8f87b-7 + - egovio/egov-indexer:v1.1.7-f52184e6ba-25 + - egovio/egov-localization:v1.1.3-72f8a8f87b-6 + - egovio/egov-location:v1.1.4-72f8a8f87b-6 + - egovio/egov-mdms-service:v1.3.2-72f8a8f87b-12 + - egovio/national-dashboard-ingest:v0.0.1-762c61e743-16 + - egovio/national-dashboard-kafka-pipeline:v0.0.1-762c61e743-3 + - egovio/egov-notification-mail:v1.1.2-72f8a8f87b-12 + - egovio/egov-notification-sms:v1.1.3-48a03ad7bb-10 + - egovio/egov-otp:v1.2.2-72f8a8f87b-12 + - egovio/egov-persister:v1.1.4-72f8a8f87b-6 + - egovio/egov-pg-service:v1.2.3-c856353983-16 + - egovio/egov-searcher:v1.1.5-72f8a8f87b-16 + - egovio/egov-url-shortening:v1.1.2-1715164454-3 + - egovio/egov-user:v1.2.7-cc363f0584-12 + - egovio/user-otp:v1.1.5-1715164454-3 + - egovio/egov-workflow-v2:v1.2.1-df98ec3c35-2 + - egovio/pdf-service:v1.1.6-96b24b0d72-22 + - egovio/report:v1.3.4-96b24b0d72-16 + - egovio/chatbot:v1.1.6-72f8a8f87b-8 + - egovio/xstate-chatbot:v1.1.1-96b24b0d72-21 + - egovio/egov-user-chatbot:v1.2.6-96b24b0d72-4 + - egovio/nlp-engine:v1.0.0-fbea6fba-21 + - egovio/egov-document-uploader:v1.1.0-75d461a4d2-4 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.6-c856353983-29 + - egovio/billing-service:v1.3.4-72f8a8f87b-39 + - egovio/egf-instrument:v1.1.4-72f8a8f87b-4 + - egovio/egf-master:v1.1.3-72f8a8f87b-15 + - egovio/egov-apportion-service:v1.1.5-72f8a8f87b-5 + - egovio/egov-hrms:v1.2.5-1715164454-6 + - egovio/finance-collections-voucher-consumer:v1.1.6-96b24b0d72-18 + - name: utilities + dependencies: + - "core" + services: + - egovio/egov-custom-consumer:v1.1.1-72f8a8f87b-3 + - egovio/egov-pdf:v1.1.2-344ffc814a-37 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:v1.8.0-b078fa041d-97 + - egovio/employee:v1.8.0-2ac8314b2f-116 + - egovio/digit-ui:v1.5.1-3bf6ecc41d-1392 + - name: m_pgr #PGR + dependencies: + - "core" + - "business" + services: + - egovio/pgr-services:v1.1.4-c856353983-23 + - egovio/rainmaker-pgr:v1.1.4-48a03ad7bb-4 + - name: m_property-tax #PT + dependencies: + - "core" + - "business" + services: + - egovio/property-services:v1.1.8-50fadd72a1-37 + - egovio/pt-calculator-v2:v1.1.5-96b24b0d72-12 + - egovio/pt-services-v2:v1.0.0-48a03ad7bb-4 + - name: m_sewerage #Sewerage + dependencies: + - "core" + - "business" + services: + - egovio/sw-calculator:v1.3.3-1715164454-13 + - egovio/sw-services:v1.4.3-9611caae31-20 + - name: m_bpa #BPA + dependencies: + - "core" + - "business" + services: + - egovio/bpa-services:v1.1.6-a19ec01ecf-9 + - egovio/bpa-calculator:v1.1.1-72f8a8f87b-8 + - egovio/land-services:v1.0.4-96b24b0d72-14 + - egovio/noc-services:v1.0.5-1715164454-1 + - name: m_trade-license #TL + dependencies: + - "core" + - "business" + services: + - egovio/tl-calculator:v1.1.5-5bc44eec8a-5 + - egovio/tl-services:v1.1.7-1715164454-66 + - name: m_firenoc #Fire NOC + dependencies: + - "core" + - "business" + services: + - egovio/firenoc-calculator:v1.2.1-96b24b0d72-20 + - egovio/firenoc-services:v1.3.2-12ed7e93c1-64 + - name: m_water-service #Water + dependencies: + - "core" + - "business" + services: + - egovio/ws-calculator:v1.3.3-1715164454-23 + - egovio/ws-services:v1.4.3-9611caae31-23 + - name: m_dss #dss + dependencies: + - "frontend" + - "core" + - "business" + services: + - egovio/dashboard-analytics:v1.1.7-1ffb5fa2fd-49 + - egovio/dashboard-ingest:v1.1.4-72f8a8f87b-10 + - egovio/dss-dashboard:v1.8.0-0d70d60e63-53 + - name: m_fsm #fsm + dependencies: + - "core" + - "business" + services: + - egovio/fsm:v1.2.0-1783392e14-113 + - egovio/fsm-calculator:v1.1.0-2c66d3550a-2 + - egovio/vehicle:v1.2.0-1783392e14-65 + - egovio/vendor:v1.2.0-1783392e14-61 + - name: m_echallan #eChallan + dependencies: + - "core" + - "business" + services: + - egovio/echallan-services:v1.0.5-700b644c79-16 + - egovio/echallan-calculator:v1.0.2-72f8a8f87b-14 + - name: Other #Other Services + dependencies: + - "core" + - "business" + services: + - egovio/egov-user-event:v1.2.0-c1e1e8ce24-21 + - egovio/inbox:v1.1.1-a9e95f948f-75 + - egovio/turn-io-adapter:v1.0.1-96b24b0d72-5 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/egov-edcr:v2.1.1-1815083c26-25 + - name: m_finance #Finance + dependencies: + - "core" + services: + - egovio/egov-finance:v3.0.2-0d0a8db8ff-28 + - name: m_bnd #Birth Death + dependencies: + - "core" + services: + - egovio/birth-death-services:v1.0.0-f96bf4c8bc-110 From 655e1c6cf354cc1719ceeb4c021fdb6b57414739 Mon Sep 17 00:00:00 2001 From: Sathish P Date: Mon, 8 Aug 2022 10:39:07 +0530 Subject: [PATCH 090/742] Dependency chart for DIGIT 2.7 - moved from master to release branch (#940) --- .../DIGIT/dependancy_chart-digit-v2.7.yaml | 174 ++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml new file mode 100644 index 0000000000..41801a175d --- /dev/null +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml @@ -0,0 +1,174 @@ +version: v2.8 +modules: + - name: backbone + services: + - zookeeper-v2 + - kafka-v2 + - kafka-connect + - kafka-connect-restart-tasks + - elasticsearch-data-v1 + - elasticsearch-master-v1 + - kibana-v1 + - name: authn-authz + services: + - redis + - nginx-ingress + - cert-manager + - zuul:v1.3.1-96b24b0d72-39 + - name: core + dependencies: + - "backbone" + - "authn-authz" + services: + - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 + - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 + - egovio/egov-filestore:v1.2.4-72f8a8f87b-10 + - egovio/egov-idgen:v1.2.3-72f8a8f87b-7 + - egovio/egov-indexer:v1.1.7-f52184e6ba-25 + - egovio/egov-localization:v1.1.3-72f8a8f87b-6 + - egovio/egov-location:v1.1.4-72f8a8f87b-6 + - egovio/egov-mdms-service:v1.3.2-72f8a8f87b-12 + - egovio/national-dashboard-ingest:v0.0.1-762c61e743-16 + - egovio/national-dashboard-kafka-pipeline:v0.0.1-762c61e743-3 + - egovio/egov-notification-mail:v1.1.2-72f8a8f87b-12 + - egovio/egov-notification-sms:v1.1.3-48a03ad7bb-10 + - egovio/egov-otp:v1.2.2-72f8a8f87b-12 + - egovio/egov-persister:v1.1.4-72f8a8f87b-6 + - egovio/egov-pg-service:v1.2.3-c856353983-16 + - egovio/egov-searcher:v1.1.5-72f8a8f87b-16 + - egovio/egov-url-shortening:v1.1.2-1715164454-3 + - egovio/egov-user:v1.2.7-cc363f0584-12 + - egovio/user-otp:v1.1.5-1715164454-3 + - egovio/egov-workflow-v2:v1.2.1-df98ec3c35-2 + - egovio/pdf-service:v1.1.6-96b24b0d72-22 + - egovio/report:v1.3.4-96b24b0d72-16 + - egovio/chatbot:v1.1.6-72f8a8f87b-8 + - egovio/xstate-chatbot:v1.1.1-96b24b0d72-21 + - egovio/egov-user-chatbot:v1.2.6-96b24b0d72-4 + - egovio/nlp-engine:v1.0.0-fbea6fba-21 + - egovio/egov-document-uploader:v1.1.0-75d461a4d2-4 + - egovio/playground:1.0 + - name: business + dependencies: + - "core" + services: + - egovio/collection-services:v1.1.6-c856353983-29 + - egovio/billing-service:v1.3.4-72f8a8f87b-39 + - egovio/egf-instrument:v1.1.4-72f8a8f87b-4 + - egovio/egf-master:v1.1.3-72f8a8f87b-15 + - egovio/egov-apportion-service:v1.1.5-72f8a8f87b-5 + - egovio/egov-hrms:v1.2.5-1715164454-6 + - egovio/finance-collections-voucher-consumer:v1.1.6-96b24b0d72-18 + - name: utilities + dependencies: + - "core" + services: + - egovio/egov-custom-consumer:v1.1.1-72f8a8f87b-3 + - egovio/egov-pdf:v1.1.2-344ffc814a-37 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/citizen:v1.8.0-b078fa041d-97 + - egovio/employee:v1.8.0-2ac8314b2f-116 + - egovio/digit-ui:v1.5.0-dc44c10a7b-739 + - name: m_pgr #PGR + dependencies: + - "core" + - "business" + services: + - egovio/pgr-services:v1.1.4-c856353983-23 + - egovio/rainmaker-pgr:v1.1.4-48a03ad7bb-4 + - name: m_property-tax #PT + dependencies: + - "core" + - "business" + services: + - egovio/property-services:v1.1.8-50fadd72a1-37 + - egovio/pt-calculator-v2:v1.1.5-96b24b0d72-12 + - egovio/pt-services-v2:v1.0.0-48a03ad7bb-4 + - name: m_sewerage #Sewerage + dependencies: + - "core" + - "business" + services: + - egovio/sw-calculator:v1.3.3-1715164454-13 + - egovio/sw-services:v1.4.3-9611caae31-20 + - name: m_bpa #BPA + dependencies: + - "core" + - "business" + services: + - egovio/bpa-services:v1.1.6-a19ec01ecf-9 + - egovio/bpa-calculator:v1.1.1-72f8a8f87b-8 + - egovio/land-services:v1.0.4-96b24b0d72-14 + - egovio/noc-services:v1.0.5-1715164454-1 + - name: m_trade-license #TL + dependencies: + - "core" + - "business" + services: + - egovio/tl-calculator:v1.1.5-5bc44eec8a-5 + - egovio/tl-services:v1.1.7-1715164454-66 + - name: m_firenoc #Fire NOC + dependencies: + - "core" + - "business" + services: + - egovio/firenoc-calculator:v1.2.1-96b24b0d72-20 + - egovio/firenoc-services:v1.3.2-12ed7e93c1-64 + - name: m_water-service #Water + dependencies: + - "core" + - "business" + services: + - egovio/ws-calculator:v1.3.3-1715164454-23 + - egovio/ws-services:v1.4.3-9611caae31-23 + - name: m_dss #dss + dependencies: + - "frontend" + - "core" + - "business" + services: + - egovio/dashboard-analytics:v1.1.7-1ffb5fa2fd-49 + - egovio/dashboard-ingest:v1.1.4-72f8a8f87b-10 + - egovio/dss-dashboard:v1.8.0-0d70d60e63-53 + - name: m_fsm #fsm + dependencies: + - "core" + - "business" + services: + - egovio/fsm:v1.1.0-2c66d3550a-45 + - egovio/fsm-calculator:v1.1.0-2c66d3550a-2 + - egovio/vehicle:v1.1.0-2c66d3550a-31 + - egovio/vendor:v1.1.0-2c66d3550a-9 + - name: m_echallan #eChallan + dependencies: + - "core" + - "business" + services: + - egovio/echallan-services:v1.0.5-700b644c79-16 + - egovio/echallan-calculator:v1.0.2-72f8a8f87b-14 + - name: Other #Other Services + dependencies: + - "core" + - "business" + services: + - egovio/egov-user-event:v1.2.0-c1e1e8ce24-21 + - egovio/inbox:v1.1.1-a9e95f948f-75 + - egovio/turn-io-adapter:v1.0.1-96b24b0d72-5 + - name: m_edcr #edcr + dependencies: + - "core" + services: + - egovio/egov-edcr:v2.1.1-1815083c26-25 + - name: m_finance #Finance + dependencies: + - "core" + services: + - egovio/egov-finance:v3.0.2-0d0a8db8ff-28 + - name: m_bnd #Birth Death + dependencies: + - "core" + services: + - egovio/birth-death-services:v1.0.0-f96bf4c8bc-110 From 1bbb4a2f275284f3385878ea49b49265947aa697 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 8 Aug 2022 11:05:26 +0530 Subject: [PATCH 091/742] Update egov-demo-secrets.yaml --- config-as-code/environments/egov-demo-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/environments/egov-demo-secrets.yaml b/config-as-code/environments/egov-demo-secrets.yaml index e81cba5382..b2f671e0cd 100644 --- a/config-as-code/environments/egov-demo-secrets.yaml +++ b/config-as-code/environments/egov-demo-secrets.yaml @@ -1,6 +1,6 @@ cluster-configs: secrets: - db: // Create postgres db user and mention the details + db: // update the db credentials username: demo password: demo flywayUsername: demo From cc76bb33985633c141c89a2d3e011685efb78b77 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 8 Aug 2022 11:06:14 +0530 Subject: [PATCH 092/742] updated the cert API version --- .../cert-manager/templates/clusterissuer.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index cfe5a48e50..af31757a85 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -1,4 +1,4 @@ -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1alpha1 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.stage.name }} @@ -13,7 +13,7 @@ spec: ingress: class: nginx --- -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1alpha1 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.prod.name }} @@ -26,4 +26,4 @@ spec: solvers: - http01: ingress: - class: nginx \ No newline at end of file + class: nginx From 66a22bc7ee082c8acace066c866affe361bc754a Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 8 Aug 2022 11:12:17 +0530 Subject: [PATCH 093/742] Update egov-demo-secrets.yaml --- config-as-code/environments/egov-demo-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/environments/egov-demo-secrets.yaml b/config-as-code/environments/egov-demo-secrets.yaml index b2f671e0cd..70c768068f 100644 --- a/config-as-code/environments/egov-demo-secrets.yaml +++ b/config-as-code/environments/egov-demo-secrets.yaml @@ -1,6 +1,6 @@ cluster-configs: secrets: - db: // update the db credentials + db: // update the postgres db credentials username: demo password: demo flywayUsername: demo From c8c8203772c1c60020c6ba938f2ffedb93bea193 Mon Sep 17 00:00:00 2001 From: Sathish P Date: Mon, 8 Aug 2022 21:54:13 +0530 Subject: [PATCH 094/742] Update dependancy_chart-digit-v2.7.yaml (#941) --- .../DIGIT/dependancy_chart-digit-v2.7.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml index 41801a175d..4828a87a84 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml @@ -1,4 +1,4 @@ -version: v2.8 +version: v2.7 modules: - name: backbone services: @@ -59,7 +59,7 @@ modules: - egovio/egov-apportion-service:v1.1.5-72f8a8f87b-5 - egovio/egov-hrms:v1.2.5-1715164454-6 - egovio/finance-collections-voucher-consumer:v1.1.6-96b24b0d72-18 - - name: utilities + - name: utilities dependencies: - "core" services: From 243d60816e8a69ac5c3f68f48d8841a1c8d2ae57 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 9 Aug 2022 16:09:43 +0530 Subject: [PATCH 095/742] DPG-603: Setup the skip_final_snapshot to true --- infra-as-code/terraform/modules/db/aws/main.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra-as-code/terraform/modules/db/aws/main.tf b/infra-as-code/terraform/modules/db/aws/main.tf index c649757a01..f3868d2ed4 100644 --- a/infra-as-code/terraform/modules/db/aws/main.tf +++ b/infra-as-code/terraform/modules/db/aws/main.tf @@ -25,6 +25,7 @@ resource "aws_db_instance" "rds_postgres" { backup_retention_period = "${var.backup_retention_days}" db_subnet_group_name = "${aws_db_subnet_group.db_subnet_group.name}" copy_tags_to_snapshot = "true" + skip_final_snapshot = "true" tags = "${ map( @@ -32,4 +33,4 @@ resource "aws_db_instance" "rds_postgres" { "environment", "${var.environment}" ) }" -} \ No newline at end of file +} From c6544daecfc0fa1e98cc21944343f755f643b28e Mon Sep 17 00:00:00 2001 From: Nikesh Date: Tue, 9 Aug 2022 19:08:04 +0530 Subject: [PATCH 096/742] Added multiple apiversion capabilities for clusterissuer --- .../cert-manager/templates/clusterissuer.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index af31757a85..a9b17d8aa0 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -1,4 +1,7 @@ +{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} apiVersion: cert-manager.io/v1alpha1 +{{- else }} +apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.stage.name }} @@ -12,8 +15,12 @@ spec: - http01: ingress: class: nginx +{{- end }} --- +{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} apiVersion: cert-manager.io/v1alpha1 +{{- else }} +apiVersion: cert-manager.io/v1alpha2 kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.prod.name }} @@ -27,3 +34,4 @@ spec: - http01: ingress: class: nginx +{{- end }} \ No newline at end of file From a58377683bd9549b300cbe998fedf114138308a7 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 11 Aug 2022 13:53:22 +0530 Subject: [PATCH 097/742] correcting citizen image tag --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index 8da4c2b3b7..a32f9d9afd 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -68,7 +68,7 @@ modules: dependencies: - "business" services: - - egovio/citizen:citizen-v1.5.0-c1825dd69-291 + - egovio/citizen:v1.5.0-c1825dd69-291 - egovio/employee:v1.7.0-83c152772f-172 - egovio/digit-ui:v1.4.0-29d4be1d4f-704 - name: m_pgr #PGR From e7b25add20bb3653eac29d40244b60806a769d89 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 11 Aug 2022 19:30:02 +0530 Subject: [PATCH 098/742] Update clusterissuer.yaml --- .../cert-manager/templates/clusterissuer.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index a9b17d8aa0..a396e5e2de 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -2,6 +2,7 @@ apiVersion: cert-manager.io/v1alpha1 {{- else }} apiVersion: cert-manager.io/v1alpha2 +{{- end }} kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.stage.name }} @@ -14,13 +15,13 @@ spec: solvers: - http01: ingress: - class: nginx -{{- end }} + class: nginx --- {{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} apiVersion: cert-manager.io/v1alpha1 {{- else }} apiVersion: cert-manager.io/v1alpha2 +{{- end }} kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.prod.name }} @@ -34,4 +35,3 @@ spec: - http01: ingress: class: nginx -{{- end }} \ No newline at end of file From fa94ab2b6133dfd82f832c72cd4541caf6f41bef Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 12 Aug 2022 11:32:40 +0530 Subject: [PATCH 099/742] Added descriptions to aws tf's variable.tf --- .../terraform/sample-aws/providers.tf | 3 -- .../terraform/sample-aws/variables.tf | 28 +++++++++++-------- 2 files changed, 17 insertions(+), 14 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/providers.tf b/infra-as-code/terraform/sample-aws/providers.tf index 1b439ceab5..4337a5ea20 100644 --- a/infra-as-code/terraform/sample-aws/providers.tf +++ b/infra-as-code/terraform/sample-aws/providers.tf @@ -4,9 +4,6 @@ provider "aws" { region = "ap-south-1" - shared_config_files = ["~/.aws/config"] - shared_credentials_files = ["~/.aws/credentials"] - profile = "digit-infra-aws" } # Using these data sources allows the configuration to be diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index ee25cf3033..01cc5494cc 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -3,26 +3,32 @@ # variable "cluster_name" { - default = "my-first-eks" + description = "Name of the Kubernetes cluster" + default = "my-first-eks" #REPLACE } variable "vpc_cidr_block" { + description = "CIDR block" default = "192.168.0.0/16" } variable "network_availability_zones" { - default = ["ap-south-1b", "ap-south-1a"] + description = "Configure availability zones configuration for VPC. Leave as default for India. Recommendation is to have subnets in at least two availability zones" + default = ["ap-south-1b", "ap-south-1a"] #REPLACE IF NEEDED } variable "availability_zones" { - default = ["ap-south-1b"] + description = "Amazon EKS runs and scales the Kubernetes control plane across multiple AWS Availability Zones to ensure high availability. Specify a comma separated list to have a cluster spanning multiple zones. Note that this will have cost implications" + default = ["ap-south-1b"] #REPLACE IF NEEDED } variable "kubernetes_version" { + description = "kubernetes version" default = "1.20" } variable "instance_type" { + description = "eGov recommended below instance type as a defaults" default = "m4.xlarge" } @@ -32,24 +38,24 @@ variable "override_instance_types" { } variable "number_of_worker_nodes" { - default = "5" + description = "Worker node counts" + default = "5" #REPLACE IF NEEDED } variable "ssh_key_name" { - default = "my-first-eks" -} - -variable "bucket_name" { - default = "try-workshop" + default = "my-first-eks" #REPLACE } variable "db_name" { -default = "digit_test" + description = "RDS DB name. Make sure there are no hyphens or other special characters in the DB name. Else, DB creation will fail" + default = "digit_test" #REPLACE } variable "db_username" { -default = "egovdemo" + description = "RDS database user name" + default = "egovdemo" #REPLACE } +#DO NOT fill in here. This will be asked at runtime variable "db_password" {} From c2f179d07c2c7071a2d6b04aa8e07b31ebc900ce Mon Sep 17 00:00:00 2001 From: Nikesh Date: Fri, 12 Aug 2022 13:47:23 +0530 Subject: [PATCH 100/742] Enhancing the aws tf templates --- infra-as-code/terraform/sample-aws/main.tf | 8 +++++--- infra-as-code/terraform/sample-aws/variables.tf | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 8e9731e9da..82fbe8d8f8 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -11,10 +11,10 @@ module "db" { subnet_ids = "${module.network.private_subnets}" vpc_security_group_ids = ["${module.network.rds_db_sg_id}"] availability_zone = "${element(var.availability_zones, 0)}" - instance_class = "db.t3.medium" - engine_version = "11.13" + instance_class = "db.t3.medium" ## postgres db instance type + engine_version = "11.13" ## postgres version storage_type = "gp2" - storage_gb = "100" + storage_gb = "100" ## postgres disk size backup_retention_days = "7" administrator_login = "${var.db_username}" administrator_login_password = "${var.db_password}" @@ -46,6 +46,8 @@ module "eks" { cluster_version = "${var.kubernetes_version}" subnets = "${concat(module.network.private_subnets, module.network.public_subnets)}" +##By default worker groups is Configured with SPOT, As per your requirement you can below values. + worker_groups = [ { name = "spot" diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 01cc5494cc..620e0baab8 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -28,27 +28,29 @@ variable "kubernetes_version" { } variable "instance_type" { - description = "eGov recommended below instance type as a defaults" + description = "eGov recommended below instance type as a default" default = "m4.xlarge" } variable "override_instance_types" { + description = "Arry of instance types for SPOT instances" default = ["r5a.large", "r5ad.large", "r5d.large", "m4.xlarge"] } variable "number_of_worker_nodes" { - description = "Worker node counts" + description = "eGov recommended below worker node counts as default" default = "5" #REPLACE IF NEEDED } variable "ssh_key_name" { + description = "ssh key name, not required if your using spot instance types" default = "my-first-eks" #REPLACE } variable "db_name" { description = "RDS DB name. Make sure there are no hyphens or other special characters in the DB name. Else, DB creation will fail" - default = "digit_test" #REPLACE + default = "digitdb" #REPLACE } variable "db_username" { From 3708d36efd61a0ca70b6a22b9b62b4c5df0d4d2c Mon Sep 17 00:00:00 2001 From: subhashini-egov <107110442+subhashini-egov@users.noreply.github.com> Date: Fri, 12 Aug 2022 23:19:14 +0530 Subject: [PATCH 101/742] Added comments to the Terraform variables.tf file for better understanding (#953) Co-authored-by: Subhashini Srinivasan --- .../egov-demo-template-secrets.yaml | 67 ++++----- .../environments/egov-demo-template.yaml | 137 +++++++++++------- .../terraform/sample-aws/variables.tf | 5 +- 3 files changed, 121 insertions(+), 88 deletions(-) diff --git a/config-as-code/environments/egov-demo-template-secrets.yaml b/config-as-code/environments/egov-demo-template-secrets.yaml index c8637a3891..0c182e2de0 100644 --- a/config-as-code/environments/egov-demo-template-secrets.yaml +++ b/config-as-code/environments/egov-demo-template-secrets.yaml @@ -1,39 +1,40 @@ cluster-configs: secrets: db: // Create postgres db user and mention the details - username: - password: - flywayUsername: - flywayPassword: + username: ## REPLACE: Needs be the DB username provisioned during infra provisioning step + password: ## REPLACE: DB password created during infra provisioning + flywayUsername: ## REPLACE: Same as DB username above + flywayPassword: ## REPLACE: Same as DB password above egov-notification-sms: // To work sms notification service add the sms provider details - username: - password: + username: ## REPLACE + password: ## REPLACE egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. - aws-key: - aws-secret-key: + aws-key: ## REPLACE + aws-secret-key: ## REPLACE egov-location: // To work Location service add your gmap key - gmapskey: + gmapskey: ## REPLACE egov-pg-service: ## To work pg service add your respective bank details - axis-merchant-id: demo - axis-merchant-secret-key: demo - axis-merchant-user: demo - axis-merchant-pwd: demo - axis-merchant-access-code: demo - payu-merchant-key: demo - payu-merchant-salt: demo + axis-merchant-id: demo ## REPLACE + axis-merchant-secret-key: demo ## REPLACE + axis-merchant-user: demo ## REPLACE + axis-merchant-pwd: demo ## REPLACE + axis-merchant-access-code: demo ## REPLACE + payu-merchant-key: demo ## REPLACE + payu-merchant-salt: demo ## REPLACE pgadmin: ## To work pgadmin service add details - admin-email: demo@demo.com - admin-password: demo - read-email: demo@demo.com - read-password: demo + admin-email: demo@demo.com ## REPLACE + admin-password: demo ## REPLACE + read-email: demo@demo.com ## REPLACE + read-password: demo ## REPLACE egov-enc-service: ## To work egov-enc service add the details - master-password: demo - master-salt: q7.fr.cr - master-initialvector: 9J&asfgrU-H2 + master-password: demo ## REPLACE if needed and store it somewhere safe + master-salt: q7.fr.cr ## REPLACE if needed and store it somewhere safe + master-initialvector: 9J&asfgrU-H2 ## REPLACE if needed and store it somewhere safe egov-notification-mail: ## To work mail notification service add respective mail details - mailsenderusername: demo@demo - mailsenderpassword: demo - git-sync: ## To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. + mailsenderusername: demo@demo ## REPLACE + mailsenderpassword: demo ## REPLACE + # Dummy key below. Replace with the user's private key below. The corresponding public key needs to be in GitHub SSH keys. + git-sync: ## REPLACE To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. ssh: | -----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t @@ -55,16 +56,16 @@ cluster-configs: known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== kibana: ## Add Kibana details namespace: es-cluster - credentials: demo + credentials: demo ##REPLACE: Combination of username and password. Generate these credentials and paste here egov-si-microservice: ## Add finance service details - si-microservice-user: demo - si-microservice-password: demo - mail-sender-password: demo + si-microservice-user: demo ##REPLACE + si-microservice-password: demo ##REPLACE + mail-sender-password: demo ##REPLACE chatbot: ## Add chatbot details - valuefirst-username: demo - valuefirst-password: demo + valuefirst-username: demo ##REPLACE + valuefirst-password: demo ##REPLACE egov-user-chatbot: ## Add user chatbot details - citizen-login-password-otp-fixed-value: "546941" + citizen-login-password-otp-fixed-value: "546941" ##REPLACE oauth2-proxy: ## To work oauth2-proxy service, create and add your github OAuth Apps details clientID: qwgethjymnbv clientSecret: 3a08079easd9d8055470475696fd3baad5292 diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 10146083b7..9ad1d5c5fd 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -1,5 +1,5 @@ global: - domain: ## Add your Domain Name Eg: site.mydomain.com + domain: ## REPLACE: Add your Domain Name Eg: site.mydomain.com setup: fullsetup cluster-configs: @@ -10,15 +10,15 @@ cluster-configs: root-ingress: cert-issuer: letsencrypt-prod configmaps: - egov-config: + egov-config: #Please have the output of the Kubernetes cluster infra provisioning step to fill in below values data: - db-host: "" ## Add db-host name eg: egov-demo.database.azure.com - db-name: "" ## Add db-name - db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "" ## Add your Domain Name - egov-services-fqdn-name: "https:///" ## Add your Domain Name + db-host: "" ## REPLACE:Add db-host name eg: egov-demo.database.azure.com + db-name: "" ## REPLACE: Add db-name. + db-url: "" ## REPLACE:example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "" ## REPLACE:Add your Domain Name + egov-services-fqdn-name: "https:///" ## REPLACE:Add your Domain Name egov-state-level-tenant-id: "pg" - s3-assets-bucket: "" ## Add s3-assets-bucket name + s3-assets-bucket: "" ## REPLACE:Add s3-assets-bucket name. Create this separately before adding it here. This is tenant specific. ## Do not Change es-host: "elasticsearch-data-v1.es-cluster" @@ -151,18 +151,20 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: filestore bucket name ## REPLACE: Add filestore bucket name. This has to be created separately. egov-idgen: idformat-from-mdms: "true" +## Below options to be configured for SMS notifications to work. Note that deployment will still go ahead +## even if these values are not filled in. egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url + sms-provider-url: "sms provider url" ## REPLACE: Add sms provider url for SMS services to work sms.provider.class: "Generic" sms.provider.contentType: "application/x-www-form-urlencoded" sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender + sms-gateway-to-use: "sms provider name" ## REPLACE: Add sms provider name + sms-sender: "sms sender" ## REPLACE: Add sms sender sms-sender-requesttype: "GET" sms-custom-config: "true" sms-extra-req-params: "mtype=N&DR=Y" @@ -194,6 +196,8 @@ chatbot: user-service-chatbot-citizen-passwrord: "123456" +## Configure MDMS GitHub repository access below. Make sure GitHub has the user's public SSH key added and user has +## access to the GitHub MDMS repository. Add corresponding private key to the corresponding egov-demo-template-secrets.yaml file. egov-mdms-service: replicas: 1 images: @@ -201,19 +205,20 @@ egov-mdms-service: mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ### Change this to Your MDMS Repo - branch: "" ### Branch need to be changed as per your env + repo: "git@github.com:egovernments/egov-mdms-data" ### REPLACE: Change this to Your MDMS Repo. Make sure the path is right and there is no .git extension at the end + branch: "" ### REPLACE: Branch need to be changed as per your env mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring +## Configure the indexer service and pass in the configs repository path. egov-indexer: heap: "-Xmx512m -Xms512m" memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "" + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -223,21 +228,21 @@ egov-persister: persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "" ### Branch need to be changed as per your env + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "" ### Branch need to be changed as per your env + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "" ### Branch need to be changed as per your env + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" @@ -324,15 +329,15 @@ dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "" + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "" + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo citizen: @@ -350,8 +355,8 @@ report: spring-datasource-tomcat-max-active: 5 initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "" + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -359,23 +364,28 @@ report: pdf-service: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ### Change this to Your Config Repo - branch: "" ### Branch need to be changed as per your env + repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo + branch: "" ### REPLACE: Change this to your preferred branch name for the repo data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" +## Below is Kafka configuration. In case of AWS, Terraform apply step would've printed all the provisioned infra. +## Please have the volume ids from that output handy to enter it here. +## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones +## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF +## variables.tf file will provision three volumes in the 3 zones above. # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: ## add respective zone - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add respective zone. + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -428,17 +438,23 @@ kafka-v2: # minInsyncReplicas: "1" # offsetsReplicationFactor: "3" + +## Below is Zookeeper configuration. In case of AWS, Terraform apply step would've printed all the provisioned infra. +## Please have the volume ids from that output handy to enter it here. +## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones +## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF +## variables.tf file will provision three volumes in the 3 zones above. # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -495,6 +511,12 @@ zookeeper-v2: # memory: 384Mi + +## Enter Elastic Search data volume ids. In case of AWS, Terraform apply step would've printed all the provisioned infra. +## Please have the volume ids from that output handy to enter it here. +## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones +## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF +## variables.tf file will provision three volumes in the 3 zones above. # es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> elasticsearch-data-v1: image: @@ -502,12 +524,12 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone esJavaOpts: "-Xmx1g -Xms1g" resources: @@ -557,6 +579,13 @@ elasticsearch-data-v1: # limits: # memory: "896Mi" + + +## Enter Elastic search master volume IDs. In case of AWS, Terraform apply step would've printed all the provisioned infra. +## Please have the volume ids from that output handy to enter it here. +## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones +## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF +## variables.tf file will provision three volumes in the 3 zones above. ### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> elasticsearch-master-v1: @@ -566,12 +595,12 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: - - volumeId: "" ## add volume id - zone: + - volumeId: "" ## REPLACE: add volume id + zone: ##REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ##REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone esJavaOpts: "-Xmx448m -Xms448m" resources: diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 620e0baab8..8d604bf201 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -1,5 +1,6 @@ # -# Variables Configuration +# Variables Configuration. Check for REPLACE to substitute custom values. Check the description of each +# tag for more information # variable "cluster_name" { @@ -12,6 +13,7 @@ variable "vpc_cidr_block" { default = "192.168.0.0/16" } + variable "network_availability_zones" { description = "Configure availability zones configuration for VPC. Leave as default for India. Recommendation is to have subnets in at least two availability zones" default = ["ap-south-1b", "ap-south-1a"] #REPLACE IF NEEDED @@ -48,6 +50,7 @@ variable "ssh_key_name" { default = "my-first-eks" #REPLACE } + variable "db_name" { description = "RDS DB name. Make sure there are no hyphens or other special characters in the DB name. Else, DB creation will fail" default = "digitdb" #REPLACE From fe4b972bcc2d6a95e1c05dbf4d31ea0025c865d5 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Sun, 14 Aug 2022 18:59:48 +0530 Subject: [PATCH 102/742] corrected the chart format --- .../business-services/egf-master/values.yaml | 22 +------------------ .../egov-user-chatbot/values.yaml | 5 ++++- 2 files changed, 5 insertions(+), 22 deletions(-) diff --git a/config-as-code/helm/charts/business-services/egf-master/values.yaml b/config-as-code/helm/charts/business-services/egf-master/values.yaml index 34ee14001f..5b6787b2a4 100644 --- a/config-as-code/helm/charts/business-services/egf-master/values.yaml +++ b/config-as-code/helm/charts/business-services/egf-master/values.yaml @@ -15,27 +15,7 @@ initContainers: enabled: true schemaTable: "egf_master_schema" image: - repository: "egf-master-db" - env: | - - name: "DB_URL" - value: {{ index .Values "db-url" | quote }} - - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - - name: "FLYWAY_USER" - valueFrom: - secretKeyRef: - name: db - key: flyway-username - - name: "FLYWAY_PASSWORD" - valueFrom: - secretKeyRef: - name: db - key: flyway-password - - name: "FLYWAY_LOCATIONS" - valueFrom: - configMapKeyRef: - name: egov-config - key: flyway-locations + repository: "egf-master-db" # Container Configs image: diff --git a/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml index 1ae7cec71a..c9d97610ff 100644 --- a/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml +++ b/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml @@ -77,7 +77,10 @@ env: | name: egov-service-host key: egov-enc-service - name: EGOV_STATE_LEVEL_TENANT_ID - value: {{ index .Values "egov-state-level-tenant-id" | quote }} + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id - name: DECRYPTION_ABAC_ENABLED value: {{ index .Values "decryption-abac-enabled" | quote }} - name: KAFKA_TOPIC_AUDIT From 9632719f76a01b74b58c63e17953f15b31976825 Mon Sep 17 00:00:00 2001 From: Nikesh Date: Tue, 16 Aug 2022 15:59:11 +0530 Subject: [PATCH 103/742] updated cluster configs templates --- config-as-code/environments/egov-demo.yaml | 2 ++ .../cluster-configs/templates/configmaps/common-configmap.yaml | 1 + .../templates/configmaps/egov-service-host-comfigmap.yaml | 2 +- .../cluster-configs/templates/secrets/git-sync-secret.yaml | 1 + config-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 5 files changed, 6 insertions(+), 2 deletions(-) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 41845b7d44..8dfb82289b 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -11,6 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: + namespace: [ egov, monitoring ] data: db-host: "" ## Add db-host name eg: egov-demo.database.azure.com db-name: "" ## Add db-name @@ -38,6 +39,7 @@ cluster-configs: tracer-errors-provideexceptionindetails: "true" egov-service-host: + namespace: [ egov, monitoring ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml b/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml index 1eef225eb4..810e2942d0 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml @@ -11,6 +11,7 @@ data: {{- range $key, $value := index $.Values "cluster-configs" "configmaps" "egov-config" "data" }} {{ $key }}: {{ $value | quote }} {{- end }} +--- {{- end }} {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml b/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml index 8885fe9174..ce048893f6 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml @@ -11,7 +11,7 @@ data: {{- range $key, $value := index $.Values "cluster-configs" "configmaps" "egov-service-host" "data" }} {{ $key }}: {{ $value | quote }} {{- end }} +--- {{- end }} {{- end }} {{- end }} ---- diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml index be35df689c..c0c8cf21a6 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml @@ -12,6 +12,7 @@ data: ssh: {{ index $.Values "cluster-configs" "secrets" "git-sync" "ssh" | b64enc | quote }} known_hosts: {{ index $.Values "cluster-configs" "secrets" "git-sync" "known-hosts" | b64enc | quote }} {{- end }} +--- {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/cluster-configs/values.yaml b/config-as-code/helm/charts/cluster-configs/values.yaml index ad5badc825..2fe516dcba 100644 --- a/config-as-code/helm/charts/cluster-configs/values.yaml +++ b/config-as-code/helm/charts/cluster-configs/values.yaml @@ -72,7 +72,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov ] + namespace: [ egov, monitoring ] name: git-creds kibana: From 63c71588f418fc99fbc15bb471f7416336083316 Mon Sep 17 00:00:00 2001 From: Sathish P Date: Wed, 17 Aug 2022 10:12:09 +0530 Subject: [PATCH 104/742] Added EGOV_STATELEVEL_TENANTID config override for workflow service - DevOps training findings (#954) --- .../helm/charts/core-services/egov-workflow-v2/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml index 2083bc3bd8..40df12c081 100644 --- a/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml +++ b/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml @@ -46,6 +46,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service + - name: EGOV_STATELEVEL_TENANTID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id - name: EGOV_MDMS_SEARCH_ENDPOINT value: "/egov-mdms-service/v1/_search" - name: EGOV_USER_HOST From dd01caefd5eb11d978da572ef5969931cb4f1b21 Mon Sep 17 00:00:00 2001 From: kapil-eGov <104757835+kapil-eGov@users.noreply.github.com> Date: Wed, 24 Aug 2022 11:08:49 +0530 Subject: [PATCH 105/742] Update the build id for vendor and vehicle (#969) --- .../Sanitation/dependancy_chart-fsm-v1.2.1.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml index da01ebc4ab..c702f6b5be 100644 --- a/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml +++ b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml @@ -140,8 +140,8 @@ modules: services: - egovio/fsm:v1.2.0-1783392e14-113 - egovio/fsm-calculator:v1.1.0-2c66d3550a-2 - - egovio/vehicle:v1.2.0-1783392e14-65 - - egovio/vendor:v1.2.0-1783392e14-61 + - egovio/vehicle:v1.2.0-180a328097-74 + - egovio/vendor:v1.2.0-a28b192446-63 - name: m_echallan #eChallan dependencies: - "core" From 0b17782275e7802751baed56399e9b44634e0caa Mon Sep 17 00:00:00 2001 From: Nikesh Date: Wed, 24 Aug 2022 15:22:02 +0530 Subject: [PATCH 106/742] DPG-664 added default configs --- .../environments/egov-demo-template.yaml | 104 +++++++++++++++++- config-as-code/environments/egov-demo.yaml | 41 +++++-- 2 files changed, 134 insertions(+), 11 deletions(-) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 9ad1d5c5fd..de7f372cd0 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -155,6 +155,9 @@ egov-filestore: egov-idgen: idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" ## Below options to be configured for SMS notifications to work. Note that deployment will still go ahead ## even if these values are not filled in. @@ -196,6 +199,31 @@ chatbot: user-service-chatbot-citizen-passwrord: "123456" +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + ## Configure MDMS GitHub repository access below. Make sure GitHub has the user's public SSH key added and user has ## access to the GitHub MDMS repository. Add corresponding private key to the corresponding egov-demo-template-secrets.yaml file. egov-mdms-service: @@ -248,11 +276,74 @@ egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - db-url: "db-url" ## Add db-url memory_limits: 512Mi heap: "-Xmx256m -Xms256m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -377,6 +468,8 @@ pdf-service: ## variables.tf file will provision three volumes in the 3 zones above. # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: @@ -396,6 +489,11 @@ kafka-v2: minInsyncReplicas: "1" offsetsReplicationFactor: "3" +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + ## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< #kafka-v2: # persistence: @@ -446,6 +544,8 @@ kafka-v2: ## variables.tf file will provision three volumes in the 3 zones above. # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 8dfb82289b..4c8beca0fb 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -183,6 +183,9 @@ egov-filestore: egov-idgen: idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url @@ -241,6 +244,7 @@ chatbot: ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" bpa-services: memory_limits: 384Mi @@ -257,9 +261,11 @@ bpa-calculator: sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" egov-pg-service: axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -345,7 +351,6 @@ pdf-service: # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - db-url: "jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo" memory_limits: 512Mi heap: "-Xmx256m -Xms256m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -470,13 +475,14 @@ logging-config: es-host: "elasticsearch-client-v1.es-cluster" es-port: "9200" -jaeger-config: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { "service_strategies": [ { "service": "tl-services", @@ -545,7 +551,7 @@ redis: playground: replicas: 1 images: - - egovio/playground:1.0 + - egovio/playground:1.3 # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> fluent-bit: @@ -557,6 +563,8 @@ fluent-bit: # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: @@ -576,8 +584,15 @@ kafka-v2: minInsyncReplicas: "1" offsetsReplicationFactor: "3" +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + ## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< #kafka-v2: +# image: +# tag: "5.4.1" # persistence: # enabled: true # azure: @@ -600,6 +615,8 @@ kafka-v2: ## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> #kafka-v2: +# image: +# tag: "5.4.1" # persistence: # enabled: true # iscsi: @@ -620,6 +637,8 @@ kafka-v2: # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: @@ -642,6 +661,8 @@ zookeeper-v2: # zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> #zookeeper-v2: +# image: +# tag: "5.4.1" # persistence: # enabled: true # azure: @@ -665,6 +686,8 @@ zookeeper-v2: # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< ## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< #zookeeper-v2: +# image: +# tag: "5.4.1" # persistence: # enabled: true # iscsi: From 6538b3529763c930032024c9143bae22ddd0bbab Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 29 Aug 2022 18:31:58 +0530 Subject: [PATCH 107/742] added backbone services tags --- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index a32f9d9afd..d36d2a1118 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -2,9 +2,9 @@ version: v2.6 modules: - name: backbone services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect + - zookeeper-v2:5.4.1 + - kafka-v2:5.4.1 + - kafka-connect:5.4.1 - kafka-connect-restart-tasks - elasticsearch-data-v1 - elasticsearch-master-v1 From b13e9f37aa6558fe17e1e21427a55472a07ceeb1 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 29 Aug 2022 18:32:37 +0530 Subject: [PATCH 108/742] Added backbone services tags --- .../DIGIT/dependancy_chart-digit-v2.7.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml index 4828a87a84..4c05b0805c 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml @@ -2,9 +2,9 @@ version: v2.7 modules: - name: backbone services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect + - zookeeper-v2:5.4.1 + - kafka-v2:5.4.1 + - kafka-connect:5.4.1 - kafka-connect-restart-tasks - elasticsearch-data-v1 - elasticsearch-master-v1 From b6b5ebe0ea4f6ce46fb9fc932718f29997963e5e Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Tue, 30 Aug 2022 13:58:40 +0530 Subject: [PATCH 109/742] adding the quickstart 2.7 chart --- .../dependancy_chart-quickstart-v2.4.yaml | 43 ----------------- .../dependancy_chart-quickstart-v2.7.yaml | 47 +++++++++++++++++++ 2 files changed, 47 insertions(+), 43 deletions(-) delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml create mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml deleted file mode 100644 index 74a28d7f5a..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.4.yaml +++ /dev/null @@ -1,43 +0,0 @@ -version: v2.4 -modules: - - name: backbone - services: - - zookeeper - - kafka - - postgres - - nginx-ingress - - redis - - s3-proxy - - name: core - dependencies: - - "backbone" - services: - - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 - - egovio/egov-enc-service:v1.1.1-19a3ba19-5 - - egovio/egov-idgen:v1.2.2-2ee9ec37-3 - - egovio/egov-indexer:v1.1.4-2ee9ec37-3 - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 - - egovio/egov-persister:v1.1.3-2ee9ec37-2 - - egovio/egov-user:v1.2.4-d1d62cdf-11 - - egovio/user-otp:v1.1.3-2ee9ec37-6 - - egovio/egov-workflow-v2:v1.1.0-42786ef - - egovio/egov-otp:v1.2.1-07a30430-2 - - egovio/egov-hrms:v1.2.2-57f79eb-1 - - egovio/egov-location:v1.1.3-2ee9ec37-1 - - zuul:v1.3.0-667cb3d3-8 - - egovio/egov-user-event:v1.1.3-a8da9ece-3 - - - name: business - dependencies: - - "core" - - name: "frontend" - services: - - egovio/employee:v1.5.2-0af363ce1-372 - - egovio/digit-ui:v1.2.0-4016cc5-315 - - name: m_PublicGrievanceRedressal #PGR - dependencies: - - "business" - - "frontend" - services: - - egovio/pgr-services-db:pgr-quickstart-86837e0a85-35 \ No newline at end of file diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml new file mode 100644 index 0000000000..bb8150f7ff --- /dev/null +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml @@ -0,0 +1,47 @@ +version: v2.4 +modules: + - name: backbone + services: + - zookeeper + - kafka + - postgres + - nginx-ingress + - redis + - s3-proxy + - name: core + dependencies: + - "backbone" + services: + - egovio/egov-accesscontrol:v1.1.3-72f8a8f87b-24 + - egovio/egov-enc-service:v1.1.2-72f8a8f87b-9 + - egovio/egov-idgen:v1.2.3-72f8a8f87b-7 + - egovio/egov-indexer:v1.1.7-f52184e6ba-25 + - egovio/egov-localization:v1.1.3-72f8a8f87b-6 + - egovio/egov-mdms-service:v1.3.2-72f8a8f87b-12 + - egovio/egov-otp:v1.2.2-72f8a8f87b-12 + - egovio/egov-persister:v1.1.4-72f8a8f87b-6 + - egovio/egov-user:v1.2.7-cc363f0584-12 + - egovio/user-otp:v1.1.5-1715164454-3 + - egovio/egov-workflow-v2:v1.2.1-df98ec3c35-2 + - egovio/egov-location:v1.1.4-72f8a8f87b-6 + - zuul:v1.3.1-96b24b0d72-39 + - egovio/egov-user-event:v1.2.0-c1e1e8ce24-21 + + - name: business + dependencies: + - "core" + services: + - egovio/egov-hrms:v1.2.5-1715164454-6 + - name: "frontend" + dependencies: + - "business" + services: + - egovio/employee:v1.8.0-2ac8314b2f-116 + - egovio/digit-ui:v1.5.0-dc44c10a7b-739 + - name: m_pgr #PGR + dependencies: + - "core" + - "business" + services: + - egovio/pgr-services:v1.1.4-c856353983-23 + \ No newline at end of file From 7ee9383451cbdcc53138b3d5a9b80bb1f9bb6ccc Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 30 Aug 2022 17:01:07 +0530 Subject: [PATCH 110/742] added birth-death-service envs --- config-as-code/environments/egov-demo.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 4c8beca0fb..f9564ef165 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -37,6 +37,8 @@ cluster-configs: spring-jpa-show-sql: "true" timezone: Asia/Kolkata tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: namespace: [ egov, monitoring ] From 48c3e7733b0262f1d042ac6d9bcc096b4d02874c Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Tue, 30 Aug 2022 17:01:59 +0530 Subject: [PATCH 111/742] Added birth-death service envs --- config-as-code/environments/egov-demo-template.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index de7f372cd0..71be8aef5d 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -37,6 +37,8 @@ cluster-configs: spring-jpa-show-sql: "true" timezone: Asia/Kolkata tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: ## Change only if you know the impact data: From 7aa8fd044f6038e08aad257f8fa1026af4ce6684 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 15 Sep 2022 10:45:43 +0530 Subject: [PATCH 112/742] Update main.tf --- infra-as-code/terraform/quickstart-aws-ec2/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/infra-as-code/terraform/quickstart-aws-ec2/main.tf b/infra-as-code/terraform/quickstart-aws-ec2/main.tf index 3e8eb0ce3a..8ddadace94 100644 --- a/infra-as-code/terraform/quickstart-aws-ec2/main.tf +++ b/infra-as-code/terraform/quickstart-aws-ec2/main.tf @@ -3,7 +3,7 @@ provider "aws" { profile = "digit-infra-aws" } module "ssh_key" { - source = "../modules/instance/aws-ec2" + source = "../modules/Instance/aws-ec2" key_name = "${var.key_name}" public_key = "${var.public_key}" } @@ -19,4 +19,4 @@ resource "aws_instance" "digit-quickstart-vm" { tags = { Name = "${var.tag}" } -} \ No newline at end of file +} From 10860b90e04118d56eca6020fa2a366c92ff1aac Mon Sep 17 00:00:00 2001 From: Karthik-egov <93192752+Karthik-egov@users.noreply.github.com> Date: Fri, 23 Sep 2022 12:27:13 +0530 Subject: [PATCH 113/742] Release fix3 (#1044) * Update egov-demo-secrets.yaml * Update egov-demo.yaml --- .../environments/egov-demo-secrets.yaml | 30 +++++++++---------- config-as-code/environments/egov-demo.yaml | 5 ---- 2 files changed, 15 insertions(+), 20 deletions(-) diff --git a/config-as-code/environments/egov-demo-secrets.yaml b/config-as-code/environments/egov-demo-secrets.yaml index 70c768068f..034cd8234d 100644 --- a/config-as-code/environments/egov-demo-secrets.yaml +++ b/config-as-code/environments/egov-demo-secrets.yaml @@ -1,19 +1,19 @@ cluster-configs: secrets: - db: // update the postgres db credentials + db: # update the postgres db credentials username: demo password: demo flywayUsername: demo flywayPassword: demo - egov-notification-sms: // To work sms notification service add the sms provider details + egov-notification-sms: # To work sms notification service add the sms provider details username: demo password: demo - egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. + egov-filestore: # To work Filestore service add the IAM user details which has access on the filestore s3 bucket. aws-key: aswedfghew aws-secret-key: xdefghgdxc - egov-location: // To work Location service add your gmap key + egov-location: # To work Location service add your gmap key gmapskey: AIzaSyAQOd09-sdfegv - egov-pg-service: // To work pg service add your respective bank details + egov-pg-service: # To work pg service add your respective bank details axis-merchant-id: demo axis-merchant-secret-key: demo axis-merchant-user: demo @@ -21,19 +21,19 @@ cluster-configs: axis-merchant-access-code: demo payu-merchant-key: demo payu-merchant-salt: demo - pgadmin: // To work pgadmin service add details + pgadmin: # To work pgadmin service add details admin-email: demo@demo.com admin-password: demo read-email: demo@demo.com read-password: demo - egov-enc-service: // To work egov-enc service add the details + egov-enc-service: # To work egov-enc service add the details master-password: demo master-salt: q7.fr.cr master-initialvector: 9J&asfgrU-H2 - egov-notification-mail: // To work mail notification service add respective mail details + egov-notification-mail: # To work mail notification service add respective mail details mailsenderusername: demo@demo mailsenderpassword: demo - git-sync: // To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. + git-sync: # To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. ssh: | -----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t @@ -53,24 +53,24 @@ cluster-configs: 1RJ4Lxm9sGFuM1T -----END RSA PRIVATE KEY----- known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - kibana: // Add Kibana details + kibana: # Add Kibana details namespace: es-cluster credentials: demo - egov-si-microservice: // Add finance service details + egov-si-microservice: # Add finance service details si-microservice-user: demo si-microservice-password: demo mail-sender-password: demo - egov-edcr-notification: // Add edcr service details + egov-edcr-notification: # Add edcr service details edcr-mail-username: demo@demo.com edcr-mail-password: demo edcr-sms-username: demo edcr-sms-password: demo - chatbot: // Add chatbot details + chatbot: # Add chatbot details valuefirst-username: demo valuefirst-password: demo - egov-user-chatbot: // Add user chatbot details + egov-user-chatbot: # Add user chatbot details citizen-login-password-otp-fixed-value: "546941" - oauth2-proxy: // To work oauth2-proxy service, create and add your github OAuth Apps details + oauth2-proxy: # To work oauth2-proxy service, create and add your github OAuth Apps details clientID: qwgethjymnbv clientSecret: 3a08079easd9d8055470475696fd3baad5292 cookieSecret: QVbnq0L8npoyfxZs96wtBg== diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index f9564ef165..060049b211 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -143,9 +143,6 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" - - -#>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -154,7 +151,6 @@ employee: ';" - citizen: custom-js-injection: | sub_filter.conf: " @@ -162,7 +158,6 @@ citizen: ';" - digit-ui: custom-js-injection: | sub_filter.conf: " From f2ac13aebddbf91c698e2e9a69c0a63ac85f8b71 Mon Sep 17 00:00:00 2001 From: Karthik-egov <93192752+Karthik-egov@users.noreply.github.com> Date: Mon, 26 Sep 2022 10:26:47 +0530 Subject: [PATCH 114/742] Configs update (#1045) * config file writer * Rename cofigs.go to deployment_configurator.go * cleared errors * enhanced script * enhanced script * fixed quickstart automation * enhanced quickstart * removed old d_chart * quickstart code fix * fullinstall automation fix * change to deploy_config * change to full installer * changed egov-demo * enhanced script * enhanced go script * enhanced go * enhanced go Co-authored-by: karthik-egov Co-authored-by: Gajendran <40357140+gajendran-egov@users.noreply.github.com> Co-authored-by: karthik-egov Co-authored-by: gajen-kaleyra --- config-as-code/environments/egov-demo.yaml | 10 +- .../templates/ingress/nginx-errors.yaml | 2 +- .../templates/ingress/root-ingress.yaml | 9 +- .../DIGIT/dependancy_chart-digit-v2.0.yaml | 144 -- .../DIGIT/dependancy_chart-digit-v2.1.yaml | 144 -- .../DIGIT/dependancy_chart-digit-v2.2.yaml | 144 -- .../DIGIT/dependancy_chart-digit-v2.3.yaml | 144 -- .../DIGIT/dependancy_chart-digit-v2.4.yaml | 145 -- .../DIGIT/dependancy_chart-digit-v2.7.yaml | 5 +- .../DIGIT/seedscript_digit-v2.5.yaml | 0 .../DIGIT/seedscript_digit-v2.6.yaml | 0 .../configs/deployment_configurator.go | 1672 +++++++++++++++++ deploy-as-code/deployer/full_installer.go | 369 ++-- deploy-as-code/deployer/go.mod | 1 + deploy-as-code/deployer/go.sum | 2 + 15 files changed, 1922 insertions(+), 869 deletions(-) delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml delete mode 100644 config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml create mode 100644 deploy-as-code/deployer/configs/deployment_configurator.go diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 060049b211..67eae32bb4 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -151,21 +151,19 @@ employee: ';" -citizen: +digit-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - - ';" -digit-ui: + ';" +citizen: custom-js-injection: | sub_filter.conf: " sub_filter '' ' + ';" -#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" diff --git a/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml b/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml index 12aa36c042..64027a7101 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml @@ -1,6 +1,6 @@ {{- with index .Values "cluster-configs" "nginx-errors" -}} {{- if .enabled }} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: diff --git a/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml index 886090eefd..1468c6ccb2 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml @@ -1,5 +1,5 @@ {{- with index .Values "cluster-configs" "root-ingress" -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -18,9 +18,12 @@ spec: http: paths: - backend: - serviceName: {{ .serviceName }} - servicePort: {{ .servicePort }} + service: + name: {{ .serviceName }} + port: + number: {{ .servicePort }} path: / + pathType: Prefix {{- if ne $.Values.global.setup "quickstart" }} tls: - hosts: diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml deleted file mode 100644 index fba9e8bf81..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.0.yaml +++ /dev/null @@ -1,144 +0,0 @@ -version: v2.0 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.1.0-582ddd0 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.0-f9375a4 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.0-f9375a4 - - egovio/egov-filestore:v1.2.0-3acc52b - - egovio/egov-idgen:v1.2.0-f9375a4 - - egovio/egov-indexer:v1.1.0-07592ae - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-location:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.0-e50b9eb - - egovio/egov-notification-mail:v1.1.0-40b5f2d - - egovio/egov-notification-sms:v1.1.0-245443e - - egovio/egov-otp:v1.2.0-f9375a4 - - egovio/egov-persister:v1.1.0-9994513 - - egovio/egov-pg-service:v1.1.0-f9375a4 - - egovio/egov-searcher:v1.1.0-59d3598 - - egovio/egov-url-shortening:v1.0.0-40cc090 - - egovio/egov-user:v1.2.1-4976757 - - egovio/user-otp:v1.1.0-2f36d3a - - egovio/egov-workflow-v2:v1.1.0-42786ef - - egovio/pdf-service:v1.1.0-09b11d9 - - egovio/report:v1.3.0-28b3c97 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - services: - - egovio/collection-services:v1.1.0-afb3913 - - egovio/billing-service:v1.1.0-4367159 - - egovio/egf-instrument:v1.1.0-87dfb2d - - egovio/egf-master:v1.1.0-9959f29 - - egovio/egov-apportion-service:v1.1.0-5553009 - - egovio/egov-hrms:v1.1.0-43cb793 - - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.0.0-5c70cea1d - - egovio/employee:v1.0.0-5c70cea1d - - egovio/digit-ui:v1.2.0-4016cc5-233 - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 - - egovio/rainmaker-pgr:v1.1.0-5058d47e - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.0.0-ecf3410a - - egovio/pt-calculator-v2:v1.1.0-63e20365 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.0.0-67e5a1bc - - egovio/sw-services:v1.0.0-a2ee0ed4 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator:v1.0.0-1aeb87df - - bpa-services:v1.0.0-b5520589 - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.0-c52ffe21 - - egovio/tl-services:v1.1.0-be11a0f5 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator:v1.0.0-ae96e930 - - firenoc-services:v1.0.0-4abf83d8 - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.0.0-d7529cf4 - - egovio/ws-services:v1.0.0-67c2139c - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.0.0-d7529cf4 - - egovio/ws-services:v1.0.0-67c2139c - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.0.0-d7529cf4 - - egovio/ws-services:v1.0.0-67c2139c - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.3.1-a8da9ece-41 - - egovio/ws-services:v1.4.0-a8da9ece-9 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-28439fcd-10 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml deleted file mode 100644 index 06b87f8f28..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.1.yaml +++ /dev/null @@ -1,144 +0,0 @@ -version: v2.1 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.1.0-582ddd0 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.0-f9375a4 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.0-f9375a4 - - egovio/egov-filestore:v1.2.0-3acc52b - - egovio/egov-idgen:v1.2.0-f9375a4 - - egovio/egov-indexer:v1.1.1-da68594-7 - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-location:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.0-e50b9eb - - egovio/egov-notification-mail:v1.1.0-40b5f2d - - egovio/egov-notification-sms:v1.1.0-245443e - - egovio/egov-otp:v1.2.0-f9375a4 - - egovio/egov-persister:v1.1.1-58f6da0-9 - - egovio/egov-pg-service:v1.1.0-f9375a4 - - egovio/egov-searcher:v1.1.0-59d3598 - - egovio/egov-url-shortening:v1.0.0-40cc090 - - egovio/egov-user:v1.2.1-4976757 - - egovio/user-otp:v1.1.0-2f36d3a - - egovio/egov-workflow-v2:v1.1.0-42786ef - - egovio/pdf-service:v1.1.0-09b11d9 - - egovio/report:v1.3.0-28b3c97 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - services: - - egovio/collection-services:v1.1.1-4f6c6f7-15 - - egovio/billing-service:v1.1.1-33b0fcf-14 - - egovio/egf-instrument:v1.1.0-005ff61 - - egovio/egf-master:v1.1.0-9959f29 - - egovio/egov-apportion-service:v1.1.2-3436cd5-4 - - egovio/egov-hrms:v1.1.0-43cb793 - - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.2.0-patch-a5a118ad6-280 - - egovio/employee:v1.2.0-a5a118ad6-291 - - egovio/digit-ui:dev-ad464d9-180 - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.0.0-51bfb264-25 - - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.1.0-c4f9b279-48 - - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.1.0-fee435c1-2 - - egovio/sw-services:v1.1.0-ae23de49-12 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator:v1.0.0-1aeb87df-1 - - bpa-services:v1.1.0-02d3e507-1 - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.1-c98f0344-4 - - egovio/tl-services:v1.1.1-8b2af30a-30 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator:v1.1.0-ad7a3c61-4 - - firenoc-services:v1.1.0-ad7a3c61-6 - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-d9a0be51-4 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml deleted file mode 100644 index ce109c453a..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.2.yaml +++ /dev/null @@ -1,144 +0,0 @@ -version: v2.2 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.1.0-582ddd0 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.0-f9375a4 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.0-f9375a4 - - egovio/egov-filestore:v1.2.1-2bf24d01-8 - - egovio/egov-idgen:v1.2.0-f9375a4 - - egovio/egov-indexer:v1.1.2-bd81e951-23 - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-location:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.0-e50b9eb - - egovio/egov-notification-mail:v1.1.0-40b5f2d - - egovio/egov-notification-sms:v1.1.0-245443e - - egovio/egov-otp:v1.2.0-27f2fa2e-1 - - egovio/egov-persister:v1.1.2-2fc5d31a-17 - - egovio/egov-pg-service:v1.2.0-109a570c-21 - - egovio/egov-searcher:v1.1.1-b6e26f5a-7 - - egovio/egov-url-shortening:v1.0.0-40cc090 - - egovio/egov-user:v1.2.1-4976757 - - egovio/user-otp:v1.1.0-2f36d3a - - egovio/egov-workflow-v2:v1.1.2-9b0951ec-48 - - egovio/pdf-service:v1.1.1-8ff2e98b-12 - - egovio/report:v1.3.0-28b3c97 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - services: - - egovio/collection-services:v1.1.2-2a911c3-89 - - egovio/billing-service:v1.2.1-6342a7f-65 - - egovio/egf-instrument:v1.1.0-005ff61 - - egovio/egf-master:v1.1.0-9959f29 - - egovio/egov-apportion-service:v1.1.3-409aa9b-9 - - egovio/egov-hrms:v1.2.0-528e4db-6 - - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.3.0-97bb648d2-715 - - egovio/employee:v1.3.0-97bb648d2-809 - - egovio/digit-ui:v1.0.0-1a04d0b-87 - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.1.0-cfabecd3-87 - - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.1.3-0f4443f3-177 - - egovio/pt-calculator-v2:v1.1.2-c8d4b111-114 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.1.0-fee435c1-2 - - egovio/sw-services:v1.1.0-ae23de49-12 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator:v1.0.0-1aeb87df-1 - - bpa-services:v1.1.1-08161234-2 - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.1-c98f0344-4 - - egovio/tl-services:v1.1.1-8b2af30a-30 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator:v1.1.1-ad52954a-10 - - firenoc-services:v1.1.1-ad52954a-20 - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.2.0-ad52954a-14 - - egovio/ws-services:v1.2.0-ad52954a-61 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-d9a0be51-4 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml deleted file mode 100644 index 066d971305..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.3.yaml +++ /dev/null @@ -1,144 +0,0 @@ -version: v2.3 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.1.0-582ddd0 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.0-f9375a4 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.0-f9375a4 - - egovio/egov-filestore:v1.2.0-3acc52b - - egovio/egov-idgen:v1.2.0-f9375a4 - - egovio/egov-indexer:v1.1.1-da68594-7 - - egovio/egov-localization:v1.1.0-f9375a4 - - egovio/egov-location:v1.1.0-f9375a4 - - egovio/egov-mdms-service:v1.3.0-e50b9eb - - egovio/egov-notification-mail:v1.1.0-40b5f2d - - egovio/egov-notification-sms:v1.1.0-245443e - - egovio/egov-otp:v1.2.0-f9375a4 - - egovio/egov-persister:v1.1.1-58f6da0-9 - - egovio/egov-pg-service:v1.1.0-f9375a4 - - egovio/egov-searcher:v1.1.0-59d3598 - - egovio/egov-url-shortening:v1.0.0-40cc090 - - egovio/egov-user:v1.2.1-4976757 - - egovio/user-otp:v1.1.0-2f36d3a - - egovio/egov-workflow-v2:v1.1.0-42786ef - - egovio/pdf-service:v1.1.0-09b11d9 - - egovio/report:v1.3.0-28b3c97 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - services: - - egovio/collection-services:v1.1.1-4f6c6f7-15 - - egovio/billing-service:v1.1.1-33b0fcf-14 - - egovio/egf-instrument:v1.1.0-005ff61 - - egovio/egf-master:v1.1.0-9959f29 - - egovio/egov-apportion-service:v1.1.2-3436cd5-4 - - egovio/egov-hrms:v1.1.0-43cb793 - - egovio/finance-collections-voucher-consumer:v1.1.0-004e14a - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.2.0-patch-6141c53a9-1070 - - egovio/employee:v1.2.0-a5a118ad6-291 - - egovio/digit-ui:dev-ad464d9-180 - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.0.0-51bfb264-25 - - egovio/rainmaker-pgr:v1.1.1-f29d2a93-3 - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.1.0-c4f9b279-48 - - egovio/pt-calculator-v2:v1.1.1-bf8471c7-22 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.1.0-fee435c1-2 - - egovio/sw-services:v1.1.0-ae23de49-12 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator - - bpa-services - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.1-c98f0344-4 - - egovio/tl-services:v1.1.1-8b2af30a-30 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator - - firenoc-services - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-d9a0be51-4 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 \ No newline at end of file diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml deleted file mode 100644 index 96634d6560..0000000000 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.4.yaml +++ /dev/null @@ -1,145 +0,0 @@ -version: v2.4 -modules: - - name: backbone - services: - - zookeeper-v2 - - kafka-v2 - - kafka-connect - - kafka-connect-restart-tasks - - elasticsearch-data-v1 - - elasticsearch-master-v1 - - kibana-v1 - - name: authn-authz - services: - - redis - - nginx-ingress - - cert-manager - - zuul:v1.3.0-667cb3d3-8 - - name: core - dependencies: - - "backbone" - - "authn-authz" - services: - - egovio/egov-accesscontrol:v1.1.2-2ee9ec37-1 - - egovio/egov-common-masters:408-14b79e9 - - egovio/egov-data-uploader:7-uploader-demand-feature-44b0170 - - egovio/egov-enc-service:v1.1.1-19a3ba19-5 - - egovio/egov-filestore:v1.2.3-2ee9ec37-4 - - egovio/egov-idgen:v1.2.2-2ee9ec37-3 - - egovio/egov-indexer:v1.1.4-2ee9ec37-3 - - egovio/egov-localization:v1.1.2-2ee9ec37-2 - - egovio/egov-location:1.1.3-2ee9ec37-1 - - egovio/egov-mdms-service:v1.3.1-2ee9ec37-3 - - egovio/egov-notification-mail:v1.1.1-19a3ba19-5 - - egovio/egov-notification-sms:v1.1.2-2ee9ec37-3 - - egovio/egov-otp:v1.2.1-07a30430-2 - - egovio/egov-persister:v1.1.3-2ee9ec37-2 - - egovio/egov-pg-service:v1.2.2-2ee9ec37-17 - - egovio/egov-searcher:v1.1.3-2ee9ec37-2 - - egovio/egov-url-shortening:v1.1.0-19a3ba19-1 - - egovio/egov-user:v1.2.4-d1d62cdf-11 - - egovio/user-otp:v1.1.3-2ee9ec37-6 - - egovio/egov-workflow-v2:v1.1.5-2ee9ec37-9 - - egovio/pdf-service:v1.1.4-a4e9bb2c-6 - - egovio/report:v1.3.2-07a30430-5 - - egovio/playground:1.0 - - name: business - dependencies: - - "core" - - "frontend" - services: - - egovio/collection-services:v1.1.4-c3cba4b-15 - - egovio/billing-service:v1.3.2-7dfa157-22 - - egovio/egf-instrument:v1.1.3-b5944f0-1 - - egovio/egf-master:v1.1.2-b5944f0-2 - - egovio/egov-apportion-service:v1.1.4-ec514d1-12 - - egovio/egov-hrms:v1.2.2-57f79eb-1 - - egovio/finance-collections-voucher-consumer:v1.1.4-665e9d7-8 - - name: "frontend" - dependencies: - - "business" - services: - - egovio/citizen:citizen-v1.5.0-c1825dd69-291 - - egovio/employee:v1.5.0-c1825dd69-292 - - egovio/digit-ui:v1.2.0-4016cc5-233 - - - name: m_pgr #PGR - dependencies: - - "business" - services: - - egovio/pgr-services:v1.1.2-a8da9ece-4 - - egovio/rainmaker-pgr:v1.1.3-22e87ed4-38 - - name: m_property-tax #PT - dependencies: - - "business" - services: - - egovio/property-services:v1.1.5-a8da9ece-26 - - egovio/pt-calculator-v2:v1.1.4-ef94c644-20 - - egovio/pt-services-v2:v1.0.0-ecf3410a - - name: m_sewerage #Sewerage - dependencies: - - "business" - services: - - egovio/sw-calculator:v1.3.1-a8da9ece-32 - - egovio/sw-services:v1.4.0-a8da9ece-8 - - name: m_bpa #BPA - dependencies: - - "core" - services: - - bpa-calculator:v1.1.0-4ee62c15-1 - - bpa-services:v1.1.3-2e687e00-7 - - name: m_trade-license #TL - dependencies: - - "frontend" - - "core" - services: - - egovio/tl-calculator:v1.1.3-0b2efd7f-3 - - egovio/tl-services:v1.1.4-a8da9ece-6 - - name: m_finance #Finance - dependencies: - - "core" - services: - - firenoc-calculator:v1.2.0-a8da9ece-3 - - firenoc-services:v1.3.0-090c647b-26 - - name: m_water-service #Water - dependencies: - - "frontend" - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.3.1-a8da9ece-41 - - name: m_fire-noc #Fnoc - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_edcr #edcr - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_chatbot #chatbot - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.3.1-a8da9ece-41 - - egovio/ws-services:v1.4.0-a8da9ece-9 - - name: m_dss #dss - dependencies: - - "core" - services: - - egovio/ws-calculator:v1.1.0-4c3c8873-6 - - egovio/ws-services:v1.1.0-28617974-28 - - name: m_fsm #fsm - dependencies: - - "core" - services: - - egovio/fsm-calculator-db:fsm-services-dev-f4dc1171-9 - - egovio/fsm-calculator:fsm-services-dev-f4dc1171-9 - - egovio/fsm-db:v1.0.1-d9a0be51-4 - - egovio/fsm:v1.0.1-28439fcd-10 - - egovio/inbox:fsm-395-913aa399-1 - - egovio/vendor-db:fsm-services-dev-581ee46a-2 - - egovio/vendor:fsm-services-dev-581ee46a-2 diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml index 4c05b0805c..17641ae966 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml @@ -28,7 +28,6 @@ modules: - egovio/egov-localization:v1.1.3-72f8a8f87b-6 - egovio/egov-location:v1.1.4-72f8a8f87b-6 - egovio/egov-mdms-service:v1.3.2-72f8a8f87b-12 - - egovio/national-dashboard-ingest:v0.0.1-762c61e743-16 - egovio/national-dashboard-kafka-pipeline:v0.0.1-762c61e743-3 - egovio/egov-notification-mail:v1.1.2-72f8a8f87b-12 - egovio/egov-notification-sms:v1.1.3-48a03ad7bb-10 @@ -142,14 +141,14 @@ modules: - egovio/fsm-calculator:v1.1.0-2c66d3550a-2 - egovio/vehicle:v1.1.0-2c66d3550a-31 - egovio/vendor:v1.1.0-2c66d3550a-9 - - name: m_echallan #eChallan + - name: m_echallan #eChallan dependencies: - "core" - "business" services: - egovio/echallan-services:v1.0.5-700b644c79-16 - egovio/echallan-calculator:v1.0.2-72f8a8f87b-14 - - name: Other #Other Services + - name: Other #Other Services dependencies: - "core" - "business" diff --git a/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml b/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.5.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/seedscript_digit-v2.6.yaml deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy-as-code/deployer/configs/deployment_configurator.go b/deploy-as-code/deployer/configs/deployment_configurator.go new file mode 100644 index 0000000000..6fd978bf19 --- /dev/null +++ b/deploy-as-code/deployer/configs/deployment_configurator.go @@ -0,0 +1,1672 @@ +package configs + +import ( + "fmt" + "io/ioutil" + "log" + "strings" + + yaml "gopkg.in/yaml.v3" +) + +var region = "ap-south-1b" + +// Quickstart kubeconfig struct +type Config struct { + APIVersion string `yaml:"apiVersion"` + Clusters []struct { + Cluster struct { + CertificateAuthorityData string `yaml:"certificate-authority-data"` + Server string `yaml:"server"` + } `yaml:"cluster"` + Name string `yaml:"name"` + } `yaml:"clusters"` + Contexts []struct { + Context struct { + Cluster string `yaml:"cluster"` + User string `yaml:"user"` + } `yaml:"context"` + Name string `yaml:"name"` + } `yaml:"contexts"` + CurrentContext string `yaml:"current-context"` + Kind string `yaml:"kind"` + Preferences struct { + } `yaml:"preferences"` + Users []struct { + Name string `yaml:"name"` + User struct { + ClientCertificateData string `yaml:"client-certificate-data"` + ClientKeyData string `yaml:"client-key-data"` + } `yaml:"user"` + } `yaml:"users"` +} + +// environment secret struct +type Secret struct { + ClusterConfigs struct { + Secrets struct { + Db struct { + Username string `yaml:"username"` + Password string `yaml:"password"` + FlywayUsername string `yaml:"flywayUsername"` + FlywayPassword string `yaml:"flywayPassword"` + } `yaml:"db"` + EgovNotificationSms struct { + Username string `yaml:"username"` + Password string `yaml:"password"` + } `yaml:"egov-notification-sms"` + EgovFilestore struct { + AwsKey string `yaml:"aws-key"` + AwsSecretKey string `yaml:"aws-secret-key"` + } `yaml:"egov-filestore"` + EgovLocation struct { + Gmapskey string `yaml:"gmapskey"` + } `yaml:"egov-location"` + EgovPgService struct { + AxisMerchantID string `yaml:"axis-merchant-id"` + AxisMerchantSecretKey string `yaml:"axis-merchant-secret-key"` + AxisMerchantUser string `yaml:"axis-merchant-user"` + AxisMerchantPwd string `yaml:"axis-merchant-pwd"` + AxisMerchantAccessCode string `yaml:"axis-merchant-access-code"` + PayuMerchantKey string `yaml:"payu-merchant-key"` + PayuMerchantSalt string `yaml:"payu-merchant-salt"` + } `yaml:"egov-pg-service"` + Pgadmin struct { + AdminEmail string `yaml:"admin-email"` + AdminPassword string `yaml:"admin-password"` + ReadEmail string `yaml:"read-email"` + ReadPassword string `yaml:"read-password"` + } `yaml:"pgadmin"` + EgovEncService struct { + MasterPassword string `yaml:"master-password"` + MasterSalt string `yaml:"master-salt"` + MasterInitialvector string `yaml:"master-initialvector"` + } `yaml:"egov-enc-service"` + EgovNotificationMail struct { + Mailsenderusername string `yaml:"mailsenderusername"` + Mailsenderpassword string `yaml:"mailsenderpassword"` + } `yaml:"egov-notification-mail"` + GitSync struct { + SSH string `yaml:"ssh"` + KnownHosts string `yaml:"known-hosts"` + } `yaml:"git-sync"` + Kibana struct { + Namespace string `yaml:"namespace"` + Credentials string `yaml:"credentials"` + } `yaml:"kibana"` + EgovSiMicroservice struct { + SiMicroserviceUser string `yaml:"si-microservice-user"` + SiMicroservicePassword string `yaml:"si-microservice-password"` + MailSenderPassword string `yaml:"mail-sender-password"` + } `yaml:"egov-si-microservice"` + EgovEdcrNotification struct { + EdcrMailUsername string `yaml:"edcr-mail-username"` + EdcrMailPassword string `yaml:"edcr-mail-password"` + EdcrSmsUsername string `yaml:"edcr-sms-username"` + EdcrSmsPassword string `yaml:"edcr-sms-password"` + } `yaml:"egov-edcr-notification"` + Chatbot struct { + ValuefirstUsername string `yaml:"valuefirst-username"` + ValuefirstPassword string `yaml:"valuefirst-password"` + } `yaml:"chatbot"` + EgovUserChatbot struct { + CitizenLoginPasswordOtpFixedValue string `yaml:"citizen-login-password-otp-fixed-value"` + } `yaml:"egov-user-chatbot"` + Oauth2Proxy struct { + ClientID string `yaml:"clientID"` + ClientSecret string `yaml:"clientSecret"` + CookieSecret string `yaml:"cookieSecret"` + } `yaml:"oauth2-proxy"` + } `yaml:"secrets"` + } `yaml:"cluster-configs"` +} + +//terrafrom struct +type Output struct { + Outputs struct { + ClusterEndpoint struct { + Value string `json:"value"` + } `json:"cluster_endpoint"` + DbInstanceEndpoint struct { + Value string `json:"value"` + } `json:"db_instance_endpoint"` + DbInstanceName struct { + Value string `json:"value"` + } `json:"db_instance_name"` + DbInstancePort struct { + Value int `json:"value"` + } `json:"db_instance_port"` + DbInstanceUsername struct { + Value string `json:"value"` + } `json:"db_instance_username"` + EsDataVolumeIds struct { + Value []string `json:"value"` + } `json:"es_data_volume_ids"` + EsMasterVolumeIds struct { + Value []string `json:"value"` + } `json:"es_master_volume_ids"` + KafkaVolIds struct { + Value []string `json:"value"` + } `json:"kafka_vol_ids"` + KubectlConfig struct { + Value string `json:"value"` + } `json:"kubectl_config"` + PrivateSubnets struct { + Value []string `json:"value"` + } `json:"private_subnets"` + PublicSubnets struct { + Value []string `json:"value"` + } `json:"public_subnets"` + VpcID struct { + Value string `json:"value"` + } `json:"vpc_id"` + ZookeeperVolumeIds struct { + Value []string `json:"value"` + } `json:"zookeeper_volume_ids"` + } `json:"outputs"` +} +type Quickstart struct { + Outputs struct { + PublicIP struct { + Value string `json:"value"` + } `json:"public_ip"` + } `json:"outputs"` + Resources []struct { + Instances []struct { + Attributes struct { + PrivateIP string `json:"private_ip"` + } `json:"attributes"` + } `json:"instances"` + } `json:"resources"` +} + +func DeployConfig(Config map[string]interface{}, kvids []string, zvids []string, esdids []string, esmids []string, modules []string, smsproceed string, fileproceed string, botproceed string, flag string) { + + file, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo.yaml") + if err != nil { + log.Printf("%v", err) + } + var data map[string]interface{} + ModData := make(map[string]interface{}) + err = yaml.Unmarshal(file, &data) + if err != nil { + log.Printf("%v", err) + } + for i := range data { + if i == "global" { + Global := data[i].(map[string]interface{}) + for j := range Global { + if j == "domain" { + Global[j] = Config["Domain"] + } + } + } + if i == "cluster-configs" { + // fmt.Println("found cluster-configs") + ClusterConfigs := data[i].(map[string]interface{}) + for j := range ClusterConfigs { + if j == "configmaps" { + // fmt.Println("found configmaps") + Configmaps := ClusterConfigs[j].(map[string]interface{}) + for k := range Configmaps { + if k == "egov-config" { + // fmt.Println("found egov-config") + EgovConfig := Configmaps[k].(map[string]interface{}) + for l := range EgovConfig { + if l == "data" { + // fmt.Println("found data") + Data := EgovConfig[l].(map[string]interface{}) + for m := range Data { + if m == "db-host" { + Host := Config["db-host"].(string) + provider := Host[:strings.IndexByte(Host, ':')] + Data[m] = provider + } + if m == "db-name" { + Data[m] = Config["db_name"] + } + if m == "db-url" { + url := fmt.Sprintf("jdbc:postgresql://%s/%s", Config["db-host"], Config["db_name"]) + Data[m] = url + } + if m == "domain" { + Data[m] = Config["Domain"] + } + if m == "egov-services-fqdn-name" { + fqdn := fmt.Sprintf("https://%s/", Config["Domain"]) + Data[m] = fqdn + } + if m == "s3-assets-bucket" { + + } + if m == "es-host" { + + } + if m == "es-indexer-host" { + + } + if m == "flyway-locations" { + + } + if m == "kafka-brokers" { + + } + if m == "kafka-infra-brokers" { + + } + if m == "logging-level-jdbc" { + + } + if m == "mobile-validation-workaround" { + + } + if m == "serializers-timezone-in-ist" { + + } + if m == "server-tomcat-max-connections" { + + } + if m == "server-tomcat-max-threads" { + + } + if m == "sms-enabled" { + + } + if m == "spring-datasource-tomcat-initialSize" { + + } + if m == "spring-datasource-tomcat-max-active" { + + } + if m == "spring-jpa-show-sql" { + + } + if m == "timezone" { + + } + if m == "tracer-errors-provideexceptionindetails" { + + } + } + } + } + } + + } + } + } + } + if i == "egov-mdms-service" || i == "egov-indexer" || i == "egov-persister" || i == "egov-data-uploader" || i == "egov-searcher" || i == "dashboard-analytics" || i == "dashboard-ingest" || i == "report" || i == "pdf-service" { + // fmt.Println("in mdms") + Service := data[i].(map[string]interface{}) + for j := range Service { + if j == "search-yaml-path" { + + } + if j == "config-schema-paths" { + + } + if j == "replicas" { + + } + if j == "mdms-path" { + + } + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "mdms-path" { + + } + if j == "persist-yml-path" { + + } + if j == "initContainers" { + // fmt.Println("in init") + InitContainers := Service[j].(map[string]interface{}) + for k := range InitContainers { + if k == "gitSync" { + // fmt.Println("in git sync") + GitSync := InitContainers[k].(map[string]interface{}) + for l := range GitSync { + if l == "branch" { + GitSync[l] = Config["BranchName"] + } + if l == "repo" { + if data[i]=="egov-mdms-service"{ + GitSync[l]=Config["mdms-branch"] + }else{ + GitSync[l]=Config["configs-branch"] + } + } + } + } + } + } + if j == "mdms-folder" { + + } + if j == "masters-config-url" { + + } + if j == "java-args" { + + } + if j == "egov-indexer-yaml-repo-path" { + + } + } + } + if i == "cert-manager" { + CertManager := data[i].(map[string]interface{}) + for j := range CertManager { + if j == "email" { + CertManager[j] = "" + } + } + } + if i == "kafka-v2" { + KafkaV2 := data[i].(map[string]interface{}) + for j := range KafkaV2 { + if j == "persistence" { + Persistence := KafkaV2[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + Volume := Aws[l].(map[string]interface{}) + for m := range Volume { + if m == "volumeId" && N == l { + Volume[m] = kvids[l] + } + if m == "zone" { + Volume[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "zookeeper-v2" { + ZookeeperV2 := data[i].(map[string]interface{}) + for j := range ZookeeperV2 { + if j == "persistence" { + Persistence := ZookeeperV2[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + Volume := Aws[l].(map[string]interface{}) + for m := range Volume { + if m == "volumeId" && N == l { + Volume[m] = zvids[l] + } + if m == "zone" { + Volume[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "elasticsearch-data-v1" { + ElasticsearchDataV1 := data[i].(map[string]interface{}) + for j := range ElasticsearchDataV1 { + if j == "persistence" { + Persistence := ElasticsearchDataV1[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + NesteM := Aws[l].(map[string]interface{}) + for m := range NesteM { + if m == "volumeId" && N == l { + NesteM[m] = esdids[l] + } + if m == "zone" { + NesteM[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "elasticsearch-master-v1" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "persistence" { + nest := NestedMap[j].(map[string]interface{}) + for k := range nest { + if k == "aws" { + Neste := nest[k].([]interface{}) + N := 0 + for l := range Neste { + NesteM := Neste[l].(map[string]interface{}) + for m := range NesteM { + if m == "volumeId" && N == l { + NesteM[m] = esmids[l] + } + if m == "zone" { + NesteM[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "employee" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "dashboard-url" { + + } + if j == "custom-js-injection" { + + } + } + } + if i == "citizen" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "custom-js-injection" { + + } + } + } + if i == "digit-ui" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "custom-js-injection" { + } + } + } + if i == "egov-filestore" && fileproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "volume" { + + } + if j == "is-bucket-fixed" { + + } + if j == "minio.url" { + + } + if j == "aws.s3.url" { + + } + if j == "is-s3-enabled" { + + } + if j == "minio-enabled" { + + } + if j == "allowed-file-formats-map" { + + } + if j == "llowed-file-formats" { + + } + if j == "filestore-url-validity" { + + } + if j == "fixed-bucketname" { + NestedMap[j] = Config["fixed-bucket"] + } + } + + } + if i == "egov-notification-sms" && smsproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "sms-provider-url" { + NestedMap[j] = Config["sms-provider-url"] + } + if j == "sms.provider.class" { + + } + if j == "sms.provider.contentType" { + + } + if j == "sms-config-map" { + + } + if j == "sms-gateway-to-use" { + NestedMap[j] = Config["sms-gateway-to-use"] + } + if j == "sms-sender" { + NestedMap[j] = Config["sms-sender"] + } + if j == "sms-sender-requesttype" { + + } + if j == "sms-custom-config" { + + } + if j == "sms-extra-req-params" { + + } + if j == "sms-sender-req-param-name" { + + } + if j == "sms-sender-username-req-param-name" { + + } + if j == "sms-sender-password-req-param-name" { + + } + if j == "sms-destination-mobile-req-param-name" { + + } + if j == "sms-message-req-param-name" { + + } + if j == "sms-error-codes" { + + } + } + ModData["egov-notification-sms"] = data["egov-notification-sms"] + } + if i == "egov-user" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "otp-validation" { + + } + if j == "citizen-otp-enabled" { + + } + if j == "employee-otp-enabled" { + + } + if j == "access-token-validity" { + + } + if j == "refresh-token-validity" { + + } + if j == "default-password-expiry" { + + } + if j == "mobile-number-validation" { + + } + if j == "roles-state-level" { + + } + if j == "zen-registration-withlogin" { + + } + if j == "citizen-otp-fixed" { + + } + if j == "citizen-otp-fixed-enabled" { + + } + if j == "egov-state-level-tenant-id" { + + } + if j == "decryption-abac-enabled" { + + } + } + } + if i == "chatbot" && botproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "kafka-topics-partition-count" { + + } + if j == "kafka-topics-replication-factor" { + + } + if j == "kafka-consumer-poll-ms" { + + } + if j == "kafka-producer-linger-ms" { + + } + if j == "contact-card-whatsapp-number" { + + } + if j == "contact-card-whatsapp-name" { + + } + if j == "valuefirst-whatsapp-number" { + + } + if j == "valuefirst-notification-assigned-templateid" { + + } + if j == "valuefirst-notification-resolved-templateid" { + + } + if j == "valuefirst-notification-rejected-templateid" { + + } + if j == "valuefirst-notification-reassigned-templateid" { + + } + if j == "valuefirst-notification-commented-templateid" { + + } + if j == "valuefirst-notification-welcome-templateid" { + + } + if j == "valuefirst-notification-root-templateid" { + + } + if j == "valuefirst-send-message-url" { + + } + if j == "user-service-chatbot-citizen-passwrord" { + + } + } + ModData["chatbot"] = data["chatbot"] + } + if i == "bpa-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "java-debug" { + + } + if j == "tracing-enabled" { + + } + if j == "egov.idgen.bpa.applicationNum.format" { + + } + } + } + if i == "bpa-calculator" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "java-debug" { + + } + if j == "tracing-enabled" { + + } + } + } + if i == "ws-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "wcid-format" { + + } + } + } + if i == "sw-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "scid-format" { + + } + } + } + if i == "egov-pg-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "axis" { + + } + } + } + if i == "report" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "tracing-enabled" { + + } + if j == "spring-datasource-tomcat-max-active" { + + } + if j == "initContainers" { + NestedM := NestedMap[j].(map[string]interface{}) + for k := range NestedM { + if k == "gitSync" { + Neste := NestedM[k].(map[string]interface{}) + for l := range Neste { + if l == "repo" { + + } + if l == "branch" { + Neste[l] = Config["BranchName"] + } + } + } + } + } + if j == "report-locationsfile-path" { + + } + } + } + if i == "pdf-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "initContainers" { + NestedM := NestedMap[j].(map[string]interface{}) + for k := range NestedM { + if k == "gitSync" { + Neste := NestedM[k].(map[string]interface{}) + for l := range Neste { + if l == "repo" { + + } + if l == "branch" { + Neste[l] = Config["BranchName"] + } + } + } + } + } + if j == "data-config-urls" { + + } + if j == "format-config-urls" { + + } + + } + } + if i == "egf-master" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "db-url" { + + } + if j == "memory_limits" { + + } + if j == "heap" { + + } + + } + } + if i == "egov-custom-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "erp-host" { + + } + } + } + if i == "egov-apportion-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "heap" { + + } + } + } + if i == "redoc" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + if j == "service_type" { + + } + } + } + if i == "redoc" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "images" { + + } + if j == "replicas" { + + } + if j == "default-backend-service" { + + } + if j == "namespace" { + + } + if j == "cert-issuer" { + + } + if j == "ssl-protocols" { + + } + if j == "ssl-ciphers" { + + } + if j == "ssl-ecdh-curve" { + + } + } + } + if i == "cert-manager" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "email" { + + } + } + } + if i == "zuul" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "custom-filter-property" { + + } + if j == "tracing-enabled" { + + } + if j == "heap" { + + } + if j == "server-tomcat-max-threads" { + + } + if j == "server-tomcat-max-connections" { + + } + if j == "egov-open-endpoints-whitelist" { + + } + if j == "egov-mixed-mode-endpoints-whitelist" { + + } + } + } + if i == "collection-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "receiptnumber-servicebased" { + + } + if j == "receipt-search-paginate" { + + } + if j == "receipt-search-defaultsize" { + + } + if j == "user-create-enabled" { + + } + } + } + if i == "collection-receipt-voucher-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "jalandhar-erp-host" { + + } + if j == "mohali-erp-host" { + + } + if j == "nayagaon-erp-host" { + + } + if j == "amritsar-erp-host" { + + } + if j == "kharar-erp-host" { + + } + if j == "zirakpur-erp-host" { + + } + } + } + if i == "finance-collections-voucher-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "erp-env-name" { + + } + if j == "erp-domain-name" { + + } + } + } + if i == "rainmaker-pgr" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "notification-sms-enabled" { + + } + if j == "notification-email-enabled" { + + } + if j == "new-complaint-enabled" { + + } + if j == "reassign-complaint-enabled" { + + } + if j == "reopen-complaint-enabled" { + + } + if j == "comment-by-employee-notif-enabled" { + + } + if j == "notification-allowed-status" { + + } + } + } + if i == "pt-services-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "pt-userevents-pay-link" { + + } + } + } + if i == "pt-calculator-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "logging-level" { + + } + } + } + if i == "tl-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "tl-application-num-format" { + + } + if j == "tl-license-num-format" { + + } + if j == "tl-userevents-pay-link" { + + } + if j == "tl-payment-topic-name" { + + } + if j == "host-link" { + + } + if j == "pdf-link" { + + } + if j == "tl-search-default-limit" { + + } + } + } + if i == "egov-hrms" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "java-args" { + + } + if j == "heap" { + + } + if j == "employee-applink" { + + } + } + } + if i == "egov-weekly-impact-notifier" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "mail-to-address" { + + } + if j == "mail-interval-in-secs" { + + } + if j == "schedule" { + + } + } + } + if i == "kafka-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "topics" { + + } + if j == "zookeeper-connect" { + + } + if j == "kafka-brokers" { + + } + } + } + if i == "logging-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "es-host" { + + } + if j == "es-port" { + + } + } + } + if i == "jaeger-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "host" { + + } + if j == "port" { + + } + if j == "sampler-type" { + + } + if j == "sampler-param" { + + } + if j == "sampling-strategies" { + + } + } + } + if i == "redis" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + } + } + if i == "playground" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + } + } + if i == "fluent-bit" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "images" { + + } + if j == "egov-services-log-topic" { + + } + if j == "egov-infra-log-topic" { + + } + } + } + if i == "egov-workflow-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "logging-level" { + + } + if j == "java-args" { + + } + if j == "heap" { + + } + if j == "workflow-statelevel" { + + } + if j == "host-link" { + + } + if j == "pdf-link" { + + } + } + } + } + ModData["global"] = data["global"] + ModData["cluster-configs"] = data["cluster-configs"] + ModData["employee"] = data["employee"] + ModData["citizen"] = data["citizen"] + ModData["digit-ui"] = data["digit-ui"] + ModData["egov-filestore"] = data["egov-filestore"] + ModData["egov-idgen"] = data["egov-idgen"] + ModData["egov-user"] = data["egov-user"] + ModData["egov-indexer"] = data["egov-indexer"] + ModData["egov-persister"] = data["egov-persister"] + ModData["egov-data-uploader"] = data["egov-data-uploader"] + ModData["egov-searcher"] = data["egov-searcher"] + ModData["report"] = data["report"] + ModData["pdf-service"] = data["pdf-service"] + ModData["egf-master"] = data["egf-master"] + ModData["egov-custom-consumer"] = data["egov-custom-consumer"] + ModData["egov-apportion-service"] = data["egov-apportion-service"] + ModData["redoc"] = data["redoc"] + ModData["nginx-ingress"] = data["nginx-ingress"] + ModData["cert-manager"] = data["cert-manager"] + ModData["zuul"] = data["zuul"] + ModData["collection-services"] = data["collection-services"] + ModData["collection-receipt-voucher-consumer"] = data["collection-receipt-voucher-consumer"] + ModData["finance-collections-voucher-consumer"] = data["finance-collections-voucher-consumer"] + ModData["egov-workflow-v2"] = data["egov-workflow-v2"] + ModData["egov-hrms"] = data["egov-hrms"] + ModData["egov-weekly-impact-notifier"] = data["egov-weekly-impact-notifier"] + ModData["kafka-config"] = data["kafka-config"] + ModData["logging-config"] = data["logging-config"] + ModData["jaeger-config"] = data["jaeger-config"] + ModData["redis"] = data["redis"] + ModData["playground"] = data["playground"] + ModData["fluent-bit"] = data["fluent-bit"] + ModData["kafka-v2"] = data["kafka-v2"] + ModData["zookeeper-v2"] = data["zookeeper-v2"] + ModData["elasticsearch-data-v1"] = data["elasticsearch-data-v1"] + ModData["elasticsearch-master-v1"] = data["elasticsearch-master-v1"] + ModData["es-curator"] = data["es-curator"] + for i := range modules { + if modules[i] == "m_pgr" { + ModData["egov-pg-service"] = data["egov-pg-service"] + ModData["rainmaker-pgr"] = data["rainmaker-pgr"] + } + if modules[i] == "m_property-tax" { + ModData["pt-services-v2"] = data["pt-services-v2"] + ModData["pt-calculator-v2"] = data["pt-calculator-v2"] + } + if modules[i] == "m_sewerage" { + ModData["sw-services"] = data["sw-services"] + } + if modules[i] == "m_bpa" { + ModData["bpa-services"] = data["bpa-services"] + ModData["bpa-calculator"] = data["bpa-calculator"] + } + if modules[i] == "m_trade-license" { + ModData["tl-services"] = data["tl-services"] + } + if modules[i] == "m_firenoc" { + + } + if modules[i] == "m_water-service" { + ModData["ws-services"] = data["ws-services"] + } + if modules[i] == "m_dss" { + ModData["dashboard-analytics"] = data["dashboard-analytics"] + ModData["dashboard-ingest"] = data["dashboard-ingest"] + } + if modules[i] == "m_fsm" { + + } + if modules[i] == "m_echallan" { + + } + if modules[i] == "m_edcr" { + + } + if modules[i] == "m_finance" { + + } + } + newfile, err := yaml.Marshal(&ModData) + if err != nil { + log.Printf("%v", err) + + } + filename := fmt.Sprintf("../../config-as-code/environments/%s.yaml", Config["file_name"]) + err = ioutil.WriteFile(filename, newfile, 0644) + if err != nil { + log.Printf("%v", err) + } +} + +//secrets config + +func SecretFile(cluster_name string,Ssh string,SecretConfig map[string]string) { + var sec Secret + secret, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo-secrets.yaml") + if err != nil { + log.Printf("%v", err) + } + err = yaml.Unmarshal(secret, &sec) + if err != nil { + log.Printf("%v", err) + } + eUsername := sec.ClusterConfigs.Secrets.Db.Username + fmt.Println(eUsername) + var Db_Username string + var Db_Password string + var Db_FlywayUsername string + var Db_FlywayPassword string + var EgovNotificationSms_Username string + var EgovNotificationSms_Password string + var EgovFilestore_AwsKey string + var EgovFilestore_AwsSecretKey string + var EgovLocation_Gmapskey string + var EgovPgService_AxisMerchantID string + var EgovPgService_AxisMerchantSecretKey string + var EgovPgService_AxisMerchantUser string + var EgovPgService_AxisMerchantPwd string + var EgovPgService_AxisMerchantAccessCode string + var EgovPgService_PayuMerchantKey string + var EgovPgService_PayuMerchantSalt string + var Pgadmin_AdminEmail string + var Pgadmin_AdminPassword string + var Pgadmin_ReadEmail string + var Pgadmin_ReadPassword string + var EgovEncService_MasterPassword string + var EgovEncService_MasterSalt string + var EgovEncService_MasterInitialvector string + var EgovNotificationMail_Mailsenderusername string + var EgovNotificationMail_Mailsenderpassword string + var Kibana_Namespace string + var Kibana_Credentials string + var EgovSiMicroservice_SiMicroserviceUser string + var EgovSiMicroservice_SiMicroservicePassword string + var EgovSiMicroservice_MailSenderPassword string + var EgovEdcrNotification_EdcrMailUsername string + var EgovEdcrNotification_EdcrMailPassword string + var EgovEdcrNotification_EdcrSmsUsername string + var EgovEdcrNotification_EdcrSmsPassword string + var Chatbot_ValuefirstUsername string + var Chatbot_ValuefirstPassword string + var EgovUserChatbot_CitizenLoginPasswordOtpFixedValue string + var Oauth2Proxy_ClientID string + var Oauth2Proxy_ClientSecret string + var Oauth2Proxy_CookieSecret string + + Username := sec.ClusterConfigs.Secrets.Db.Username + Password := sec.ClusterConfigs.Secrets.Db.Password + FlywayUsername := sec.ClusterConfigs.Secrets.Db.FlywayUsername + FlywayPassword := sec.ClusterConfigs.Secrets.Db.FlywayPassword + NotUsername := sec.ClusterConfigs.Secrets.EgovNotificationSms.Username + NotPassword := sec.ClusterConfigs.Secrets.EgovNotificationSms.Password + AwsKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey + AwsSecretKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey + Gmapskey := sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey + AxisMerchantID := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID + AxisMerchantSecretKey := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey + AxisMerchantUser := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser + AxisMerchantPwd := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd + AxisMerchantAccessCode := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode + PayuMerchantKey := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey + PayuMerchantSalt := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt + AdminEmail := sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail + AdminPassword := sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword + ReadEmail := sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail + ReadPassword := sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword + MasterPassword := sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword + MasterSalt := sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt + MasterInitialvector := sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector + Mailsenderusername := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername + Mailsenderpassword := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword + KnownHosts := sec.ClusterConfigs.Secrets.GitSync.KnownHosts + Namespace := sec.ClusterConfigs.Secrets.Kibana.Namespace + Credentials := sec.ClusterConfigs.Secrets.Kibana.Credentials + SiMicroserviceUser := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser + SiMicroservicePassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword + MailSenderPassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword + EdcrMailUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername + EdcrMailPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword + EdcrSmsUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername + EdcrSmsPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword + ValuefirstUsername := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername + ValuefirstPassword := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword + CitizenLoginPasswordOtpFixedValue := sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue + ClientID := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID + ClientSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret + CookieSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret + + fmt.Println("Enter Db_Username:") + fmt.Scanln(&Db_Username) + if Db_Username != "" { + sec.ClusterConfigs.Secrets.Db.Username = Db_Username + } else { + sec.ClusterConfigs.Secrets.Db.Username = Username + } + fmt.Println("Enter Db_Password:") + fmt.Scanln(&Db_Password) + if Db_Password != "" { + sec.ClusterConfigs.Secrets.Db.Password = Db_Password + } else { + sec.ClusterConfigs.Secrets.Db.Password = Password + } + fmt.Println("Enter Db_FlywayUsername:") + fmt.Scanln(&Db_FlywayUsername) + if Db_FlywayUsername != "" { + sec.ClusterConfigs.Secrets.Db.FlywayUsername = Db_FlywayUsername + } else { + sec.ClusterConfigs.Secrets.Db.FlywayUsername = FlywayUsername + } + fmt.Println("Enter Db_FlywayPassword:") + fmt.Scanln(&Db_FlywayPassword) + if Db_FlywayPassword != "" { + sec.ClusterConfigs.Secrets.Db.FlywayPassword = Db_FlywayPassword + } else { + sec.ClusterConfigs.Secrets.Db.FlywayPassword = FlywayPassword + } + if SecretConfig["EgovNotificationSms_Username"] != "" { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = SecretConfig[EgovNotificationSms_Username] + } else { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = NotUsername + } + fmt.Println("Enter EgovNotificationSms_Password:") + fmt.Scanln(&EgovNotificationSms_Password) + if EgovNotificationSms_Password != "" { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = EgovNotificationSms_Password + } else { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = NotPassword + } + fmt.Println("Enter EgovFilestore_AwsKey:") + fmt.Scanln(&EgovFilestore_AwsKey) + if EgovFilestore_AwsKey != "" { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = EgovFilestore_AwsKey + } else { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = AwsKey + } + fmt.Println("Enter EgovFilestore_AwsSecretKey:") + fmt.Scanln(&EgovFilestore_AwsSecretKey) + if EgovFilestore_AwsSecretKey != "" { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = EgovFilestore_AwsSecretKey + } else { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = AwsSecretKey + } + fmt.Println("Enter EgovLocation_Gmapskey:") + fmt.Scanln(&EgovLocation_Gmapskey) + if EgovLocation_Gmapskey != "" { + sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = EgovLocation_Gmapskey + } else { + sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = Gmapskey + } + fmt.Println("Enter EgovPgService_AxisMerchantID:") + fmt.Scanln(&EgovPgService_AxisMerchantID) + if EgovPgService_AxisMerchantID != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = EgovPgService_AxisMerchantID + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = AxisMerchantID + } + fmt.Println("Enter EgovPgService_AxisMerchantSecretKey:") + fmt.Scanln(&EgovPgService_AxisMerchantSecretKey) + if EgovPgService_AxisMerchantSecretKey != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = EgovPgService_AxisMerchantSecretKey + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = AxisMerchantSecretKey + } + fmt.Println("Enter EgovPgService_AxisMerchantUser:") + fmt.Scanln(&EgovPgService_AxisMerchantUser) + if EgovPgService_AxisMerchantUser != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = EgovPgService_AxisMerchantUser + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = AxisMerchantUser + } + fmt.Println("Enter EgovPgService_AxisMerchantPwd:") + fmt.Scanln(&EgovPgService_AxisMerchantPwd) + if EgovPgService_AxisMerchantPwd != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = EgovPgService_AxisMerchantPwd + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = AxisMerchantPwd + } + fmt.Println("Enter EgovPgService_AxisMerchantAccessCode:") + fmt.Scanln(&EgovPgService_AxisMerchantAccessCode) + if EgovPgService_AxisMerchantAccessCode != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = EgovPgService_AxisMerchantAccessCode + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = AxisMerchantAccessCode + } + fmt.Println("Enter EgovPgService_PayuMerchantKey:") + fmt.Scanln(&EgovPgService_PayuMerchantKey) + if EgovPgService_PayuMerchantKey != "" { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = EgovPgService_PayuMerchantKey + } else { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = PayuMerchantKey + } + fmt.Println("Enter EgovPgService_PayuMerchantSalt:") + fmt.Scanln(&EgovPgService_PayuMerchantSalt) + if EgovPgService_PayuMerchantSalt != "" { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = EgovPgService_PayuMerchantSalt + } else { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = PayuMerchantSalt + } + fmt.Println("Enter Pgadmin_AdminEmail:") + fmt.Scanln(&Pgadmin_AdminEmail) + if Pgadmin_AdminEmail != "" { + sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = Pgadmin_AdminEmail + } else { + sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = AdminEmail + } + fmt.Println("Enter Pgadmin_AdminPassword:") + fmt.Scanln(&Pgadmin_AdminPassword) + if Pgadmin_AdminPassword != "" { + sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = Pgadmin_AdminPassword + } else { + sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = AdminPassword + } + fmt.Println("Enter Pgadmin_ReadEmail:") + fmt.Scanln(&Pgadmin_ReadEmail) + if Pgadmin_ReadEmail != "" { + sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = Pgadmin_ReadEmail + } else { + sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = ReadEmail + } + fmt.Println("Enter Pgadmin_ReadPassword:") + fmt.Scanln(&Pgadmin_ReadPassword) + if Pgadmin_ReadPassword != "" { + sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = Pgadmin_ReadPassword + } else { + sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = ReadPassword + } + fmt.Println("Enter EgovEncService_MasterPassword:") + fmt.Scanln(&EgovEncService_MasterPassword) + if EgovEncService_MasterPassword != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = EgovEncService_MasterPassword + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = MasterPassword + } + fmt.Println("Enter EgovEncService_MasterSalt:") + fmt.Scanln(&EgovEncService_MasterSalt) + if EgovEncService_MasterSalt != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = EgovEncService_MasterSalt + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = MasterSalt + } + fmt.Println("Enter EgovEncService_MasterInitialvector:") + fmt.Scanln(&EgovEncService_MasterInitialvector) + if EgovEncService_MasterInitialvector != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = EgovEncService_MasterInitialvector + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = MasterInitialvector + } + fmt.Println("Enter EgovNotificationMail_Mailsenderusername:") + fmt.Scanln(&EgovNotificationMail_Mailsenderusername) + if EgovNotificationMail_Mailsenderusername != "" { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = EgovNotificationMail_Mailsenderusername + } else { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = Mailsenderusername + } + fmt.Println("Enter EgovNotificationMail_Mailsenderpassword:") + fmt.Scanln(&EgovNotificationMail_Mailsenderpassword) + if EgovNotificationMail_Mailsenderpassword != "" { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = EgovNotificationMail_Mailsenderpassword + } else { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = Mailsenderpassword + } + sec.ClusterConfigs.Secrets.GitSync.SSH = Ssh + sec.ClusterConfigs.Secrets.GitSync.KnownHosts = KnownHosts + fmt.Println("Enter Kibana_Namespace:") + fmt.Scanln(&Kibana_Namespace) + if Kibana_Namespace != "" { + sec.ClusterConfigs.Secrets.Kibana.Namespace = Kibana_Namespace + } else { + sec.ClusterConfigs.Secrets.Kibana.Namespace = Namespace + } + fmt.Println("Enter Kibana_Credentials:") + fmt.Scanln(&Kibana_Credentials) + if Kibana_Credentials != "" { + sec.ClusterConfigs.Secrets.Kibana.Credentials = Kibana_Credentials + } else { + sec.ClusterConfigs.Secrets.Kibana.Credentials = Credentials + } + fmt.Println("Enter EgovSiMicroservice_SiMicroserviceUser:") + fmt.Scanln(&EgovSiMicroservice_SiMicroserviceUser) + if EgovSiMicroservice_SiMicroserviceUser != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = EgovSiMicroservice_SiMicroserviceUser + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = SiMicroserviceUser + } + fmt.Println("Enter EgovSiMicroservice_SiMicroservicePassword:") + fmt.Scanln(&EgovSiMicroservice_SiMicroservicePassword) + if EgovSiMicroservice_SiMicroservicePassword != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = EgovSiMicroservice_SiMicroservicePassword + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = SiMicroservicePassword + } + fmt.Println("Enter EgovSiMicroservice_MailSenderPassword:") + fmt.Scanln(&EgovSiMicroservice_MailSenderPassword) + if EgovSiMicroservice_MailSenderPassword != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = EgovSiMicroservice_MailSenderPassword + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = MailSenderPassword + } + fmt.Println("Enter EgovEdcrNotification_EdcrMailUsername:") + fmt.Scanln(&EgovEdcrNotification_EdcrMailUsername) + if EgovEdcrNotification_EdcrMailUsername != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EgovEdcrNotification_EdcrMailUsername + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EdcrMailUsername + } + fmt.Println("Enter EgovEdcrNotification_EdcrMailPassword:") + fmt.Scanln(&EgovEdcrNotification_EdcrMailPassword) + if EgovEdcrNotification_EdcrMailPassword != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EgovEdcrNotification_EdcrMailPassword + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EdcrMailPassword + } + fmt.Println("Enter EgovEdcrNotification_EdcrSmsUsername:") + fmt.Scanln(&EgovEdcrNotification_EdcrSmsUsername) + if EgovEdcrNotification_EdcrSmsUsername != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EgovEdcrNotification_EdcrSmsUsername + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EdcrSmsUsername + } + fmt.Println("Enter EgovEdcrNotification_EdcrSmsPassword:") + fmt.Scanln(&EgovEdcrNotification_EdcrSmsPassword) + if EgovEdcrNotification_EdcrSmsPassword != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EgovEdcrNotification_EdcrSmsPassword + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EdcrSmsPassword + } + fmt.Println("Enter Chatbot_ValuefirstUsername:") + fmt.Scanln(&Chatbot_ValuefirstUsername) + if Chatbot_ValuefirstUsername != "" { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = Chatbot_ValuefirstUsername + } else { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = ValuefirstUsername + } + fmt.Println("Enter Chatbot_ValuefirstPassword:") + fmt.Scanln(&Chatbot_ValuefirstPassword) + if Chatbot_ValuefirstPassword != "" { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = Chatbot_ValuefirstPassword + } else { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = ValuefirstPassword + } + fmt.Println("Enter EgovUserChatbot_CitizenLoginPasswordOtpFixedValue:") + fmt.Scanln(&EgovUserChatbot_CitizenLoginPasswordOtpFixedValue) + if EgovUserChatbot_CitizenLoginPasswordOtpFixedValue != "" { + sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = EgovUserChatbot_CitizenLoginPasswordOtpFixedValue + } else { + sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = CitizenLoginPasswordOtpFixedValue + } + fmt.Println("Enter Oauth2Proxy_ClientID:") + fmt.Scanln(&Oauth2Proxy_ClientID) + if Oauth2Proxy_ClientID != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = Oauth2Proxy_ClientID + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = ClientID + } + fmt.Println("Enter Oauth2Proxy_ClientSecret:") + fmt.Scanln(&Oauth2Proxy_ClientSecret) + if Oauth2Proxy_ClientSecret != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = Oauth2Proxy_ClientSecret + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = ClientSecret + } + fmt.Println("Enter Oauth2Proxy_CookieSecret:") + fmt.Scanln(&Oauth2Proxy_CookieSecret) + if Oauth2Proxy_CookieSecret != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = Oauth2Proxy_CookieSecret + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = CookieSecret + } + secretsmar, err := yaml.Marshal(&sec) + if err != nil { + log.Printf("%v", err) + + } + secFilename := fmt.Sprintf("../../config-as-code/environments/%s-secrets.yaml", cluster_name) + err = ioutil.WriteFile(secFilename, secretsmar, 0644) + if err != nil { + log.Printf("%v", err) + } +} \ No newline at end of file diff --git a/deploy-as-code/deployer/full_installer.go b/deploy-as-code/deployer/full_installer.go index 1e7a99106b..75dd8726fd 100644 --- a/deploy-as-code/deployer/full_installer.go +++ b/deploy-as-code/deployer/full_installer.go @@ -16,17 +16,26 @@ import ( "os/exec" "strconv" "strings" - s "strings" - scp "github.com/bramvdbogaerde/go-scp" - "github.com/bramvdbogaerde/go-scp/auth" "github.com/jcelliott/lumber" "github.com/manifoldco/promptui" "golang.org/x/crypto/ssh" - "gopkg.in/yaml.v2" + yaml "gopkg.in/yaml.v3" + //"bufio" + "deployer/configs" + "encoding/json" ) +var cloudTemplate string // Which terraform template to choose +var repoDirRoot string +var selectedMod []string +var Flag string +var db_pswd string +var sshFile string +var cluster_name string +var SecretConfig map[string]string + var Reset = "\033[0m" var Red = "\033[31m" var Green = "\033[32m" @@ -70,10 +79,8 @@ func main() { var servicesToDeploy string // Modules to be deployed var number_of_worker_nodes int = 1 // No of VMs for the k8s worker nodes var optedCloud string // Desired InfraType to deploy - var cloudTemplate string // Which terraform template to choose var cloudLoginCredentials bool // Is there a valid cloud account and credentials var isProductionSetup bool = false - var cluster_name string infraType := []string{ "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", @@ -137,7 +144,7 @@ func main() { cloudTemplate = "quickstart-aws-ec2" - accessTypes := []string{"Root Admin", "Temprory Admin", "Already configuredd"} + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") @@ -164,7 +171,7 @@ func main() { cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") } else { - cloudLoginCredentials = awslogin("", "", "", "digit-infra-aws") + cloudLoginCredentials = awslogin("", "", "", "") fmt.Println("Proceeding with the existing AWS profile configured") } case cloudPlatforms[2]: @@ -175,10 +182,10 @@ func main() { var aws_access_key string var aws_secret_key string var aws_session_key string - + Flag = "aws" cloudTemplate = "sample-aws" - accessTypes := []string{"Root Admin", "Temprory Admin", "Already configuredd"} + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") @@ -205,7 +212,7 @@ func main() { cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") } else { - cloudLoginCredentials = awslogin("", "", "", "digit-infra-aws") + cloudLoginCredentials = awslogin("", "", "", "") fmt.Println("Proceeding with the existing AWS profile configured") } @@ -241,7 +248,7 @@ func main() { // fmt.Println("How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") // fmt.Scanln(&cluster_name) - repoDirRoot := "DIGIT-DevOps" + repoDirRoot = "DIGIT-DevOps" gitCmd := "" _, err := os.Stat(repoDirRoot) if os.IsNotExist(err) { @@ -251,48 +258,61 @@ func main() { } execCommand(gitCmd) - db_pswd := enterValue(nil, "What should be the database password to be created, it should be 8 char min") - if !isProductionSetup { - var sshFile string = "./digit-ssh.pem" + sshFile = "./digit-ssh.pem" var keyName string = "digit-aws-vm" - pubKey, _, err := GetKeyPair(sshFile) + // to pick public ip and private ip from terraform state if err != nil { log.Fatalf("Failed to generate SSH Key %s\n", err) } else { + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", repoDirRoot, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) - execSingleCommand(fmt.Sprintf("terraform plan -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, repoDirRoot, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) + //taking public ip and private ip from terraform.tfstate + quickState, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/quickstart-aws-ec2/terraform.tfstate") + if err != nil { + log.Printf("%v", err) + } + var quick configs.Quickstart + err = json.Unmarshal(quickState, &quick) + //publicip + ip := quick.Outputs.PublicIP.Value + //privateip + privateip := quick.Resources[0].Instances[0].Attributes.PrivateIP + createK3d(cluster_name, ip, keyName, privateip) + changePrivateIp(cluster_name, privateip) - execSingleCommand(fmt.Sprintf("terraform apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\" %s/infra-as-code/terraform/%s", pubKey, keyName, repoDirRoot, cloudTemplate)) } } else { - execSingleCommand(fmt.Sprintf("terraform init %s/infra-as-code/terraform/%s", repoDirRoot, cloudTemplate)) + db_pswd = enterValue(nil, "What should be the database password to be created, it should be 8 char min") + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) - execSingleCommand(fmt.Sprintf("terraform plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, repoDirRoot, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) - execSingleCommand(fmt.Sprintf("terraform apply -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\" %s/infra-as-code/terraform/%s", cluster_name, db_pswd, number_of_worker_nodes, repoDirRoot, cloudTemplate)) + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) + + //calling funtion to write config file + Configsfile() + //calling function to create secret file + envSecretsFile() } } - - - contextset := setClusterContext() if contextset { - deployCharts(servicesToDeploy, prepareDeploymentConfig(optedInfraType)) + deployCharts(servicesToDeploy, cluster_name) } //terraform output to a file //replace the env values with the tf output //save the kubetconfig and set the currentcontext //set dns in godaddy using the api's - fmt.Println("") endScript() } @@ -312,32 +332,42 @@ func getService(fullChart Digit, service string, set Set, svclist *list.List) { } } -func createK3d(clusterName string, publicIp string, keyName string) kubeConfig string { - - commands := []string { +// create a cluster in vm +func createK3d(clusterName string, publicIp string, keyName string, privateIp string) { + commands := []string{ "mkdir ~/kube && sudo chmod 777 ~/kube", - "ip addr | grep /'state UP/' -A2 | tail -n1 | awk /'{print $2}/' | cut -f1 -d/'///'", "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", - } + createClusterCmd := fmt.Sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) + command := fmt.Sprintf("%s&&%s&&%s", commands[0], createClusterCmd, commands[1]) + execRemoteCommand("ubuntu", publicIp, sshFile, command) + copyConfig := fmt.Sprintf("scp ubuntu@%s:%s_k3dconfig .", publicIp, clusterName) + execCommand(copyConfig) +} - //"sudo scp /home/ubuntu/"+ clusterName + "_k3dconfig ." - - execRemoteCommand(commands[0]) - privateIp = execRemoteCommand(commands[1]) - - createClusterCmd = fmt.sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) - - err, out := execRemoteCommand(createClusterCmd) - +//changes the private ip in k3dconfig +func changePrivateIp(clusterName string, privateIp string) { + path := fmt.Sprintf("%s_k3dconfig", clusterName) + file, err := ioutil.ReadFile(path) if err != nil { - log.Fatalf("Failed to create the k3d cluster %s\n", err) - return "" - } else { - - + log.Printf("%v", err) } + var con configs.Config + err = yaml.Unmarshal(file, &con) + if err != nil { + log.Printf("%v", err) + } + server := fmt.Sprintf("https://%s:6550", privateIp) + con.Clusters[0].Cluster.Server = server + newfile, err := yaml.Marshal(&con) + if err != nil { + log.Printf("%v", err) + } + err = ioutil.WriteFile("new_k3dconfig", newfile, 0644) + if err != nil { + log.Printf("%v", err) + } } @@ -397,7 +427,6 @@ func selectGovServicesToInstall() string { var versionfiles []string var modules []string - var selectedMod []string svclist := list.New() set := NewSet() var argStr string = "" @@ -423,7 +452,7 @@ func selectGovServicesToInstall() string { for _, f := range files { name := f.Name() - versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) + versionfiles = append(versionfiles, name[strings.Index(name, "-")+1:strings.Index(name, ".y")]) } var version string = "" version, _ = sel(versionfiles, "Which version of the selected product would like to install?") @@ -494,7 +523,7 @@ func prepareDeploymentConfig(installType string) string { func deployCharts(argStr string, configFile string) { - var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s%s", configFile, argStr) + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", configFile, argStr) var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) confirm := []string{"Yes", "No"} @@ -538,15 +567,13 @@ func deployCharts(argStr string, configFile string) { } -func execRemoteCommand(user string, ip string, sshFileLocation string, command string) error, output string { +func execRemoteCommand(user string, ip string, sshFileLocation string, command string) error { var err error - sshPreFix = fmt.sprintf("ssh %s@%s -i %s ", user, ip, sshFileLocation) + sshPreFix := fmt.Sprintf("ssh %s@%s -i %s \"%s\" ", user, ip, sshFileLocation, command) - command = sshPreFix + command + cmd := exec.Command("sh", "-c", sshPreFix) - cmd := exec.Command("sh", "-c", command) - - log.Println(string(Blue), " ==> "+command) + log.Println(string(Blue), " ==> "+sshPreFix) var stdoutBuf, stderrBuf bytes.Buffer cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) @@ -555,85 +582,9 @@ func execRemoteCommand(user string, ip string, sshFileLocation string, command s err = cmd.Run() if err != nil { log.Fatalf("cmd.Run() failed with %s\n", err) - return err - } else { - return cmd.Stdout - } -} - -func remoteScpFile(host string, username string, sshKeyPath string, remoteFilePath string, localFilePath string) success bool { - // Use SSH key authentication from the auth package - // we ignore the host key in this example, please change this if you use this library - - - ssh := chilkat.NewSsh() - - // Hostname may be an IP address or hostname: - hostname := "www.some-ssh-server.com" - port := 22 - - puttyKey := chilkat.NewSshKey() - ppkText := puttyKey.LoadText(sshKeyPath) - - success := puttyKey.FromPuttyPrivateKey(*ppkText) - if success != true { - fmt.Println(puttyKey.LastErrorText()) - ssh.DisposeSsh() - puttyKey.DisposeSshKey() - return false - } - - // Connect to an SSH server: - success := ssh.Connect(hostname,port) - if success != true { - fmt.Println(ssh.LastErrorText()) - ssh.DisposeSsh() - return false - } - - // Wait a max of 5 seconds when reading responses.. - ssh.SetIdleTimeoutMs(5000) - - // Authenticate using login/password: - success = ssh.AuthenticatePk("myLogin",puttyKey) - if success != true { - fmt.Println(ssh.LastErrorText()) - ssh.DisposeSsh() - return false - } - - // Once the SSH object is connected and authenticated, we use it - // in our SCP object. - scp := chilkat.NewScp() - - success = scp.UseSsh(ssh) - if success != true { - fmt.Println(scp.LastErrorText()) - ssh.DisposeSsh() - scp.DisposeScp() - return false - } - - success = scp.DownloadFile(remoteFilePath,localFilePath) - if success != true { - fmt.Println(scp.LastErrorText()) - ssh.DisposeSsh() - scp.DisposeScp() - return false - } - - fmt.Println("SCP download file success.") - - // Disconnect - ssh.Disconnect() - - ssh.DisposeSsh() - scp.DisposeScp() - - return true - + } + return err } - func execSingleCommand(command string) error { var err error @@ -663,7 +614,18 @@ func awslogin(accessKey string, secretKey string, sessionToken string, profile s } else if sessionToken != "" { awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) } else { - awslogincommand = fmt.Sprintf("aws configure list") + awsProf := "" + profile := "" + awsProf = fmt.Sprintf("aws configure list-profiles") + out, err := execCommandWithOutput(awsProf) + if err != nil { + log.Printf("%s", err) + } + profList := strings.Fields(out) + profile, _ = sel(profList, "choose the profile with right access") + awslogincommand = fmt.Sprintf("aws configure --profile %s set region \"ap-south-1\"", profile) + // execCommand(fmt.Sprintf("aws configure list")) + } log.Println(awslogincommand) @@ -787,8 +749,145 @@ func GenKeyPair() (string, string, error) { return string(public), private.String(), nil } +// below function can be used to store output of command to variable +func execCommandWithOutput(command string) (string, error) { + + parts := strings.Fields(command) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + + log.Println(string(Blue), " ==> "+command) + cmd := exec.Command(head, args...) + out, err := cmd.Output() + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + if err != nil { + log.Fatalf("%s", err) + } + return string(out), err +} + +// write configs to environment file +func Configsfile() { + Confirm := []string{"Yes", "No"} + var out configs.Output + State, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/sample-aws/terraform.tfstate") + if err != nil { + log.Printf("%v", err) + } + err = json.Unmarshal(State, &out) + Config := make(map[string]interface{}) + Domain := enterValue(nil, "Enter a valid Domain name") + BranchName := enterValue(nil, "Enter Branch name") + Kvids := out.Outputs.KafkaVolIds.Value + Zvids := out.Outputs.ZookeeperVolumeIds.Value + Esdids := out.Outputs.EsDataVolumeIds.Value + Esmvids := out.Outputs.EsMasterVolumeIds.Value + con_branch := enterValue(nil, "Enter your configs git url") + mdms_branch := enterValue(nil, "Enter your mdms git url") + Config["Domain"] = Domain + Config["BranchName"] = BranchName + Config["db-host"] = out.Outputs.DbInstanceEndpoint.Value + Config["db_name"] = out.Outputs.DbInstanceName.Value + Config["configs-branch"]= con_branch + Config["mdms-branch"]= mdms_branch + println(out.Outputs.DbInstanceName.Value) + Config["file_name"] = cluster_name + smsproceed, _ := sel(Confirm, "Do You have your sms Gateway?") + if smsproceed == "Yes" { + SmsUrl := enterValue(nil, "Enter your SMS provider url") + SmsGateway := enterValue(nil, "Enter your SMS Gateway") + SmsSender := enterValue(nil, "Enter your SMS sender") + SmsUsername := enterValue(nil, "Enter EgovNotificationSms_Username") + + Config["sms-provider-url"] = SmsUrl + Config["sms-gateway-to-use"] = SmsGateway + Config["sms-sender"] = SmsSender + + SecretConfig["EgovNotificationSms_Username"]=SmsUsername + } + fileproceed, _ := sel(Confirm, "Do You need filestore?") + if fileproceed == "Yes" { + if Flag == "aws" { + bucket := enterValue(nil, "Enter the filestore bucket name") + Config["fixed-bucket"] = bucket + } + if Flag == "sdc" { + bucket := enterValue(nil, "Enter the filestore bucket name") + Config["fixed-bucket"] = bucket + } + } + botproceed, _ := sel(Confirm, "Do You need chatbot?") + configs.DeployConfig(Config, Kvids, Zvids, Esdids, Esmvids, selectedMod, smsproceed, fileproceed, botproceed, Flag) + +} + +// write to secrets +func envSecretsFile() { + generateSsh() + ssh := "" + ssh = fmt.Sprintf("cat private.pem") + Out, err := execCommandWithOutput(ssh) + if err != nil { + log.Printf("%s", err) + } + configs.SecretFile(cluster_name, Out,SecretConfig) +} + +// generate ssh key to configs file +func generateSsh() { + // generate key + privatekey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + fmt.Printf("Cannot generate RSA keyn") + os.Exit(1) + } + publickey := &privatekey.PublicKey + + // dump private key to file + var privateKeyBytes []byte = x509.MarshalPKCS1PrivateKey(privatekey) + privateKeyBlock := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: privateKeyBytes, + } + privatePem, err := os.Create("private.pem") + if err != nil { + fmt.Printf("error when create private.pem: %s n", err) + os.Exit(1) + } + err = pem.Encode(privatePem, privateKeyBlock) + if err != nil { + fmt.Printf("error when encode private pem: %s n", err) + os.Exit(1) + } + + // dump public key to file + publicKeyBytes, err := x509.MarshalPKIXPublicKey(publickey) + if err != nil { + fmt.Printf("error when dumping publickey: %s n", err) + os.Exit(1) + } + publicKeyBlock := &pem.Block{ + Type: "PUBLIC KEY", + Bytes: publicKeyBytes, + } + publicPem, err := os.Create("public.pem") + if err != nil { + fmt.Printf("error when create public.pem: %s n", err) + os.Exit(1) + } + err = pem.Encode(publicPem, publicKeyBlock) + if err != nil { + fmt.Printf("error when encode public pem: %s n", err) + os.Exit(1) + } +} + func endScript() { fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a good day !!!") return } diff --git a/deploy-as-code/deployer/go.mod b/deploy-as-code/deployer/go.mod index 2f7f1c729a..4d7cba03c3 100644 --- a/deploy-as-code/deployer/go.mod +++ b/deploy-as-code/deployer/go.mod @@ -16,4 +16,5 @@ require ( github.com/stretchr/testify v1.4.0 // indirect golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a gopkg.in/yaml.v2 v2.2.4 + gopkg.in/yaml.v3 v3.0.1 ) diff --git a/deploy-as-code/deployer/go.sum b/deploy-as-code/deployer/go.sum index 15c105be05..7b7cdac3d4 100644 --- a/deploy-as-code/deployer/go.sum +++ b/deploy-as-code/deployer/go.sum @@ -201,4 +201,6 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= From 6f62d63d75e8301ee3a2f41161483bab01bdf412 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Mon, 3 Oct 2022 12:06:41 +0530 Subject: [PATCH 115/742] Added readme file --- infra-as-code/terraform/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 infra-as-code/terraform/README.md diff --git a/infra-as-code/terraform/README.md b/infra-as-code/terraform/README.md new file mode 100644 index 0000000000..eb082c3c6e --- /dev/null +++ b/infra-as-code/terraform/README.md @@ -0,0 +1,12 @@ +# EKS/AKS/GKE Terraform modules + +Terraform module which creates AWS EKS/ Azure AKS / Google GKE (Kubernetes) resources + +## To Launch the k8s cluster, follow the below Document: +https://core.digit.org/guides/installation-guide/production-setup + +## To Launch quick start setup, follow the below Document: +https://core.digit.org/guides/installation-guide/quick-setup + + + From 4a751032091fd0d67de345d15d6db031ab56bd95 Mon Sep 17 00:00:00 2001 From: Karthik-egov <93192752+Karthik-egov@users.noreply.github.com> Date: Mon, 10 Oct 2022 11:28:10 +0530 Subject: [PATCH 116/742] fixed the path of sops (#1059) Co-authored-by: karthik-egov --- deploy-as-code/deployer/pkg/cmd/deployer/deployer.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go index 1a7869a553..ed9124c03b 100644 --- a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -147,7 +147,9 @@ func deployClusterConfigs(index map[string]string, configDir string, envOverride defer os.RemoveAll(tmpDir) args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - if _, err := os.Stat(configDir + "/.sops.yaml"); os.IsNotExist(err) { + sopsDir:=strings.Trim(configDir, "/helm") + // fmt.Println("path too sops"+sopsDir) + if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { args = append(args, fmt.Sprintf("-f %s", envSecretFile)) } else { sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) From c3846f7bf111a8a3e6ccedc3baf1e87aa08429a7 Mon Sep 17 00:00:00 2001 From: "gajendran.c" Date: Tue, 11 Oct 2022 20:04:45 +0530 Subject: [PATCH 117/742] tomap --- .../modules/kubernetes/aws/network/main.tf | 110 +++++++++--------- 1 file changed, 58 insertions(+), 52 deletions(-) diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf index afe04caefa..c01c68bf4d 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf @@ -11,10 +11,10 @@ resource "aws_vpc" "vpc" { enable_dns_hostnames = true tags = "${ - map( - "Name", "${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - ) + tomap({ + Name = "${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + }) }" } @@ -26,13 +26,13 @@ resource "aws_subnet" "public_subnet" { vpc_id = "${aws_vpc.vpc.id}" tags = "${ - map( - "Name", "utility-${var.availability_zones[count.index]}-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "kubernetes.io/role/elb", 1, - "SubnetType", "Utility", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + Name = "utility-${var.availability_zones[count.index]}-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "kubernetes.io/role/elb" = 1 + "SubnetType" = "Utility" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -44,13 +44,13 @@ resource "aws_subnet" "private_subnet" { vpc_id = "${aws_vpc.vpc.id}" tags = "${ - map( - "Name", "${var.availability_zones[count.index]}-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "kubernetes.io/role/internal-elb", 1, - "SubnetType", "Private", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "${var.availability_zones[count.index]}-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "kubernetes.io/role/internal-elb" = 1 + "SubnetType" = "Private" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -58,11 +58,11 @@ resource "aws_internet_gateway" "internet_gateway" { vpc_id = "${aws_vpc.vpc.id}" tags = "${ - map( - "Name", "${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -75,11 +75,11 @@ resource "aws_route_table" "public_route_table" { } tags = "${ - map( - "Name", "public-${var.cluster_name}-rtb", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "public-${var.cluster_name}-rtb" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -95,11 +95,11 @@ resource "aws_eip" "eip" { depends_on = ["aws_internet_gateway.internet_gateway"] tags = "${ - map( - "Name", "eip-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "eip-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -111,11 +111,11 @@ resource "aws_nat_gateway" "nat" { depends_on = ["aws_internet_gateway.internet_gateway"] tags = "${ - map( - "Name", "nat-gw-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "nat-gw-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -129,11 +129,11 @@ resource "aws_route_table" "private_route_table" { } tags = "${ - map( - "Name", "private-${var.cluster_name}-rtb", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "private-${var.cluster_name}-rtb" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -157,7 +157,13 @@ resource "aws_security_group" "worker_nodes_sg" { cidr_blocks = ["0.0.0.0/0"] } - + tags = "${ + tomap({ + "Name" = "nodes-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) + }" } resource "aws_security_group" "master_nodes_sg" { @@ -166,11 +172,11 @@ resource "aws_security_group" "master_nodes_sg" { vpc_id = "${aws_vpc.vpc.id}" tags = "${ - map( - "Name", "masters-${var.cluster_name}", - "kubernetes.io/cluster/${var.cluster_name}", "shared", - "KubernetesCluster", "${var.cluster_name}" - ) + tomap({ + "Name" = "masters-${var.cluster_name}" + "kubernetes.io/cluster/${var.cluster_name}" = "shared" + "KubernetesCluster" = "${var.cluster_name}" + }) }" } @@ -180,9 +186,9 @@ resource "aws_security_group" "rds_db_sg" { vpc_id = "${aws_vpc.vpc.id}" tags = "${ - map( - "Name", "db-${var.cluster_name}" - ) + tomap({ + "Name" = "db-${var.cluster_name}" + }) }" } From 8e103f779d4c9ff1007256b9907295eb25eaa1ef Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 9 Nov 2022 18:51:50 +0530 Subject: [PATCH 118/742] #SM-1376 Vehicle trip issue (#1088) #SM-1376 Vehicle trip issue --- .../Sanitation/dependancy_chart-fsm-v1.2.1.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml index c702f6b5be..be5881a9b1 100644 --- a/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml +++ b/config-as-code/product-release-charts/Sanitation/dependancy_chart-fsm-v1.2.1.yaml @@ -138,7 +138,7 @@ modules: - "core" - "business" services: - - egovio/fsm:v1.2.0-1783392e14-113 + - egovio/fsm:v1.2.0-98a12c2748-224 - egovio/fsm-calculator:v1.1.0-2c66d3550a-2 - egovio/vehicle:v1.2.0-180a328097-74 - egovio/vendor:v1.2.0-a28b192446-63 From a8b2fbfd93859d598377ec06505c836506d3ddc3 Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Wed, 30 Nov 2022 14:49:40 +0530 Subject: [PATCH 119/742] added oauth2-proxy temp --- config-as-code/environments/egov-demo-template.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 71be8aef5d..9ddfb3c697 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -763,3 +763,11 @@ es-curator: jaeger-cleanup-enabled: "true" logs-to-retain: "7" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +# <<<<< oauth2-proxy <<<<<<<< +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" # Repalce with github org name + github_team = "micro-service-qa,devops" # Repalce with github teams + upstreams = [ "file:///dev/null" ] From 2153b1673b15b90d6a695fa750dff7bce3025dc1 Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Mon, 12 Dec 2022 15:29:56 +0530 Subject: [PATCH 120/742] incorporated national-dashboard services --- .../environments/egov-demo-template.yaml | 11 +++ config-as-code/environments/egov-demo.yaml | 11 +++ .../national-dashboard-ingest/Chart.yaml | 26 +++++++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../national-dashboard-ingest/values.yaml | 67 +++++++++++++++++++ .../Chart.yaml | 26 +++++++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../values.yaml | 34 ++++++++++ 12 files changed, 187 insertions(+) create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml create mode 100644 config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml diff --git a/config-as-code/environments/egov-demo-template.yaml b/config-as-code/environments/egov-demo-template.yaml index 9ddfb3c697..52f1374152 100644 --- a/config-as-code/environments/egov-demo-template.yaml +++ b/config-as-code/environments/egov-demo-template.yaml @@ -274,6 +274,17 @@ egov-searcher: repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo branch: "" ### REPLACE: Change this to your preferred branch name for the repo +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + + egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" diff --git a/config-as-code/environments/egov-demo.yaml b/config-as-code/environments/egov-demo.yaml index 67eae32bb4..52b68045f4 100644 --- a/config-as-code/environments/egov-demo.yaml +++ b/config-as-code/environments/egov-demo.yaml @@ -323,6 +323,17 @@ dashboard-ingest: branch: "UAT" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + report: heap: "-Xmx512m -Xms512m" tracing-enabled: "true" diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml b/config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml new file mode 100644 index 0000000000..bb5668544d --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: national-dashboard-ingest +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml b/config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml new file mode 100644 index 0000000000..ba5f7852bd --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml @@ -0,0 +1,67 @@ +# Common Labels +labels: + app: "national-dashboard-ingest" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "national-dashboard" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "national_dashboard_ingest_schema" + image: + repository: "national-dashboard-ingest-db" + +# Container Configs +image: + repository: "national-dashboard-ingest" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/national-dashboard/health" + readinessProbePath: "/national-dashboard/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx64m -Xms64m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-nss-ingest + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: EGOV_ES_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: es-indexer-host + - name: MODULE_INDEX_MAPPING + value: {{ index .Values "module-index-mapping" | quote }} + - name: MASTER_DATA_INDEX + value: {{ index .Values "master-data-index" | quote }} + - name: MODULE_FIELDS_MAPPING + value: {{ index .Values "module-fields-mapping" | quote }} + - name: MASTER_MODULE_FIELDS_MAPPING + value: {{ index .Values "master-module-fields-mapping" | quote }} + - name: MODULE_ALLOWED_GROUPBY_FIELDS_MAPPING + value: {{ index .Values "module-allowed-groupby-fields-mapping" | quote }} + - name: SERVER_TOMCAT_MAX_THREADS + value: {{ index .Values "server-tomcat-max-threads" | quote }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml new file mode 100644 index 0000000000..c9e29f77a9 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: national-dashboard-kafka-pipeline +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml new file mode 100644 index 0000000000..5647316367 --- /dev/null +++ b/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "national-dashboard-kafka-pipeline" + group: "rainmaker" + +# Container Configs +image: + repository: "national-dashboard-kafka-pipeline" +replicas: "3" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx512m -Xms512m" +java-args: "-Dspring.profiles.active=monitoring" +module-index-mapping: "{'PT': 'pt-national-dashboard', 'PGR': 'pgr-national-dashboard', 'WS': 'ws-national-dashboard', 'FIRENOC': 'firenoc-national-dashboard', 'TL': 'tl-national-dashboard', 'MCOLLECT': 'mcollect-national-dashboard', 'OBPS': 'obps-national-dashboard', 'COMMON': 'common-national-dashboard', 'BPA': 'bpa-national-dashboard','BIRTH':'birth-cert-national-dashboard','DEATH':'death-cert-national-dashboard'}" +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: national-dashboard-kafka-pipeline + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: MODULE_INDEX_MAPPING + value: {{ index .Values "module-index-mapping" | quote }} From cce1f0d2a66bfa43a63d89d3720c8df46b96de4a Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 15 Dec 2022 14:44:38 +0530 Subject: [PATCH 121/742] Update db-secret.yaml --- .../helm/charts/cluster-configs/templates/secrets/db-secret.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml index 7bbd2e62b0..2aee019e24 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml @@ -13,6 +13,7 @@ data: password: {{ index $.Values "cluster-configs" "secrets" "db" "password" | b64enc | quote }} flyway-username: {{ index $.Values "cluster-configs" "secrets" "db" "flywayUsername" | b64enc | quote }} flyway-password: {{ index $.Values "cluster-configs" "secrets" "db" "flywayPassword" | b64enc | quote }} +--- {{- end }} {{- end }} {{- end }} From f2f13216945b12966906b22b6c39249596b87d0e Mon Sep 17 00:00:00 2001 From: nikesh-eGov <48427967+nikesh-eGov@users.noreply.github.com> Date: Thu, 15 Dec 2022 14:57:12 +0530 Subject: [PATCH 122/742] Update db-secret.yaml --- .../charts/cluster-configs/templates/secrets/db-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml b/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml index 2aee019e24..748b0b729d 100644 --- a/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml +++ b/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml @@ -13,8 +13,8 @@ data: password: {{ index $.Values "cluster-configs" "secrets" "db" "password" | b64enc | quote }} flyway-username: {{ index $.Values "cluster-configs" "secrets" "db" "flywayUsername" | b64enc | quote }} flyway-password: {{ index $.Values "cluster-configs" "secrets" "db" "flywayPassword" | b64enc | quote }} ---- {{- end }} +--- {{- end }} {{- end }} From 464a6edb698c58bec6964f212b723dc7d1e5025f Mon Sep 17 00:00:00 2001 From: nikesh-eGov Date: Thu, 22 Dec 2022 23:20:20 +0530 Subject: [PATCH 123/742] Added sample-central-instance --- .../terraform/modules/node-pool/aws/main.tf | 125 ++++++++++++++ .../terraform/modules/node-pool/aws/output.tf | 4 + .../modules/node-pool/aws/variable.tf | 22 +++ infra-as-code/terraform/node-pool/main.tf | 19 +++ infra-as-code/terraform/node-pool/outputs.tf | 4 + .../terraform/node-pool/variables.tf | 16 ++ .../terraform/sample-central-instance/main.tf | 154 ++++++++++++++++++ .../sample-central-instance/outputs.tf | 54 ++++++ .../sample-central-instance/providers.tf | 20 +++ .../remote-state/main.tf | 27 +++ .../sample-central-instance/variables.tf | 58 +++++++ 11 files changed, 503 insertions(+) create mode 100644 infra-as-code/terraform/modules/node-pool/aws/main.tf create mode 100644 infra-as-code/terraform/modules/node-pool/aws/output.tf create mode 100644 infra-as-code/terraform/modules/node-pool/aws/variable.tf create mode 100644 infra-as-code/terraform/node-pool/main.tf create mode 100644 infra-as-code/terraform/node-pool/outputs.tf create mode 100644 infra-as-code/terraform/node-pool/variables.tf create mode 100644 infra-as-code/terraform/sample-central-instance/main.tf create mode 100644 infra-as-code/terraform/sample-central-instance/outputs.tf create mode 100644 infra-as-code/terraform/sample-central-instance/providers.tf create mode 100644 infra-as-code/terraform/sample-central-instance/remote-state/main.tf create mode 100644 infra-as-code/terraform/sample-central-instance/variables.tf diff --git a/infra-as-code/terraform/modules/node-pool/aws/main.tf b/infra-as-code/terraform/modules/node-pool/aws/main.tf new file mode 100644 index 0000000000..3877d65f39 --- /dev/null +++ b/infra-as-code/terraform/modules/node-pool/aws/main.tf @@ -0,0 +1,125 @@ +resource "aws_iam_role" "ec2_iam" { + name = "${var.node_group_name}-ec2-iam" + + assume_role_policy = < Date: Thu, 12 Jan 2023 01:24:31 +0530 Subject: [PATCH 124/742] changing the kibana-infra url to logging --- .../kibana-v1/kibana-infra-v1-values.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml b/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml index a9aba63860..853bedad58 100644 --- a/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml +++ b/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml @@ -21,12 +21,12 @@ image: replicas: "1" httpPort: 5601 elasticsearchHosts: "http://elasticsearch-data-infra-v1.es-cluster-infra:9200" -serverBasePath: "/kibana-infra" -healthCheckPath: "kibana-infra/app/kibana" +serverBasePath: "/logging" +healthCheckPath: "logging/app/kibana" healthChecks: enabled: true - livenessProbePath: "/kibana-infra/" - readinessProbePath: "/kibana-infra/" + livenessProbePath: "/logging/" + readinessProbePath: "/logging/" # Additional Container Envs env: | From 97f7a1d5ee03cdb4b8f9d0f9ddf9fae70a2bfb37 Mon Sep 17 00:00:00 2001 From: Gajendran <40357140+gajendran-egov@users.noreply.github.com> Date: Fri, 24 Feb 2023 15:37:04 +0530 Subject: [PATCH 125/742] Update variables.tf (#1246) --- infra-as-code/terraform/sample-aws/variables.tf | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 8d604bf201..044e22bbb6 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -64,3 +64,15 @@ variable "db_username" { #DO NOT fill in here. This will be asked at runtime variable "db_password" {} +variable "public_key" { + default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCrfbaDFN3FmjUoVUx4YH1eHPruFbWz6JGPfSKTwIqT75xFzU/Q6KCa3Xa6FnEOpcUKXej95pkeUnXywohojF6FrNak5p5xfGmmwC8UA9s5UxsI7flBKVnjsAbcRuxoa/AtOzg4Cizz6zQLl2JZAivZU1PwZjIJo8dcum9bjZYVHwZc3csKJ2nYgpcQrV8AWnfKtLvl5WNfNF0i5bWOieNLKiEc5DtsKYbQ6umrhhCaoGcH0S/Gy6w0PPSnnfl/AWXO7ckFtEXQbdz9Y15zeUFKgUsbklXxmC6D37BkPGu+IjCZSOttPV+PRM0Dnf0jQLvMV0UhEkguD9ALC5xikqNlFyPH5bGetWDxtLbn61tnoOIYG6lXAdk2Oe35yWWt3ZgcccWtYuRwDo0ofBwY9jWOkEcCefDyYg+S7h1VzNsbB9DsFv0vPcaxHcZK8bLdyhnz1+9rXy/flbiS5kE0O97aZ4zm4wAmqiivN2wWhUez18k2Mcs= demo@demo" + description = "ssh key" +} + +## change ssh key_name eg. digit-quickstart_your-name + +variable "key_name" { + default = "digit-quickstart" + description = "ssh key name" +} + From d2e9a4c7dc479695649eb3cc6a7e51c2e58a0f24 Mon Sep 17 00:00:00 2001 From: Gajendran <40357140+gajendran-egov@users.noreply.github.com> Date: Fri, 24 Feb 2023 15:54:58 +0530 Subject: [PATCH 126/742] Update main.tf (#1248) --- infra-as-code/terraform/sample-aws/main.tf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index 82fbe8d8f8..c858b84a9d 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,3 +1,9 @@ +provider "aws" { + region = "ap-south-1" + +} + + module "network" { source = "../modules/kubernetes/aws/network" vpc_cidr_block = "${var.vpc_cidr_block}" From 17370b3fd55ee48ec5158b730fc8cc4dcf1e73a0 Mon Sep 17 00:00:00 2001 From: aniket Date: Wed, 1 Mar 2023 17:21:24 +0530 Subject: [PATCH 127/742] changes in helm chart for kubernetes 1.22 --- .../cert-manager/templates/clusterissuer.yaml | 4 +- .../templates/crds/cert-manager-crds.yaml | 9068 ++++++++--------- .../nginx-ingress/templates/clusterrole.yaml | 2 +- .../templates/clusterrolebinding.yaml | 2 +- .../templates/controller-role.yaml | 2 +- .../templates/controller-rolebinding.yaml | 2 +- .../collection-services/values.yaml | 4 - .../charts/common/templates/_ingress.yaml | 15 +- .../egov-filestore/templates/ingress.yaml | 11 +- .../core-services/egov-filestore/values.yaml | 2 - 10 files changed, 3996 insertions(+), 5116 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index a396e5e2de..b0d2a814ba 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -1,7 +1,7 @@ {{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} apiVersion: cert-manager.io/v1alpha1 {{- else }} -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 {{- end }} kind: ClusterIssuer metadata: @@ -20,7 +20,7 @@ spec: {{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} apiVersion: cert-manager.io/v1alpha1 {{- else }} -apiVersion: cert-manager.io/v1alpha2 +apiVersion: cert-manager.io/v1 {{- end }} kind: ClusterIssuer metadata: diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml index d4344da386..4c016c7ee2 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml @@ -1,5544 +1,4422 @@ -apiVersion: apiextensions.k8s.io/v1beta1 +# Copyright 2022 The cert-manager Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: certificaterequests.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false - names: - kind: CertificateRequest - listKind: CertificateRequestList - plural: certificaterequests - shortNames: - - cr - - crs - singular: certificaterequest - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: CertificateRequest is a type to represent a Certificate Signing - Request - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertificateRequestSpec defines the desired state of CertificateRequest - type: object - required: - - csr - - issuerRef - properties: - csr: - description: Byte slice containing the PEM encoded CertificateSigningRequest - type: string - format: byte - duration: - description: Requested certificate default Duration - type: string - isCA: - description: IsCA will mark the resulting certificate as valid for signing. - This implies that the 'cert sign' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If - the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the CertificateRequest - will be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. The group field refers to the API group - of the issuer which defaults to 'cert-manager.io' if empty. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - usages: - description: Usages is the set of x509 actions that are enabled for - a given key. Defaults are ('digital signature', 'key encipherment') - if empty - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - Valid KeyUsage values are as follows: "signing", "digital signature", - "content commitment", "key encipherment", "key agreement", "data - encipherment", "cert sign", "crl sign", "encipher only", "decipher - only", "any", "server auth", "client auth", "code signing", "email - protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec - user", "timestamping", "ocsp signing", "microsoft sgc", "netscape - sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: CertificateStatus defines the observed state of CertificateRequest - and resulting signed certificate. - type: object - properties: - ca: - description: Byte slice containing the PEM encoded certificate authority - of the signed certificate. - type: string - format: byte - certificate: - description: Byte slice containing a PEM encoded signed certificate - resulting from the given certificate signing request. - type: string - format: byte - conditions: - type: array - items: - description: CertificateRequestCondition contains condition information - for a CertificateRequest. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready', 'InvalidRequest'). - type: string - failureTime: - description: FailureTime stores the time that this CertificateRequest - failed. This is used to influence garbage collection and back-off. - type: string - format: date-time - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: certificates.cert-manager.io + name: clusterissuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .spec.secretName - name: Secret - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date group: cert-manager.io - preserveUnknownFields: false names: - kind: Certificate - listKind: CertificateList - plural: certificates - shortNames: - - cert - - certs - singular: certificate - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Certificate is a type to represent a Certificate from ACME - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: CertificateSpec defines the desired state of Certificate. A - valid Certificate requires at least one of a CommonName, DNSName, or URISAN - to be valid. - type: object - required: - - issuerRef - - secretName - properties: - commonName: - description: CommonName is a common name to be used on the Certificate. - The CommonName should have a length of 64 characters or fewer to avoid - generating invalid CSRs. - type: string - dnsNames: - description: DNSNames is a list of subject alt names to be used on the - Certificate. - type: array - items: - type: string - duration: - description: Certificate default Duration - type: string - ipAddresses: - description: IPAddresses is a list of IP addresses to be used on the - Certificate - type: array - items: - type: string - isCA: - description: IsCA will mark this Certificate as valid for signing. This - implies that the 'cert sign' usage is set - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. - If the 'kind' field is not set, or set to 'Issuer', an Issuer resource - with the given name in the same namespace as the Certificate will - be used. If the 'kind' field is set to 'ClusterIssuer', a ClusterIssuer - with the provided name will be used. The 'name' field in this stanza - is required at all times. - type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - keyAlgorithm: - description: KeyAlgorithm is the private key algorithm of the corresponding - private key for this certificate. If provided, allowed values are - either "rsa" or "ecdsa" If KeyAlgorithm is specified and KeySize is - not provided, key size of 256 will be used for "ecdsa" key algorithm - and key size of 2048 will be used for "rsa" key algorithm. - type: string - enum: - - rsa - - ecdsa - keyEncoding: - description: KeyEncoding is the private key cryptography standards (PKCS) - for this certificate's private key to be encoded in. If provided, - allowed values are "pkcs1" and "pkcs8" standing for PKCS#1 and PKCS#8, - respectively. If KeyEncoding is not specified, then PKCS#1 will be - used by default. - type: string - enum: - - pkcs1 - - pkcs8 - keySize: - description: KeySize is the key bit size of the corresponding private - key for this certificate. If provided, value must be between 2048 - and 8192 inclusive when KeyAlgorithm is empty or is set to "rsa", - and value must be one of (256, 384, 521) when KeyAlgorithm is set - to "ecdsa". - type: integer - organization: - description: Organization is the organization to be used on the Certificate - type: array - items: - type: string - renewBefore: - description: Certificate renew before expiration duration - type: string - secretName: - description: SecretName is the name of the secret resource to store - this secret in - type: string - subject: - description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - type: object - properties: - countries: - description: Countries to be used on the Certificate. - type: array - items: - type: string - localities: - description: Cities to be used on the Certificate. - type: array - items: - type: string - organizationalUnits: - description: Organizational Units to be used on the Certificate. - type: array - items: - type: string - postalCodes: - description: Postal codes to be used on the Certificate. - type: array - items: - type: string - provinces: - description: State/Provinces to be used on the Certificate. - type: array - items: - type: string - serialNumber: - description: Serial number to be used on the Certificate. - type: string - streetAddresses: - description: Street addresses to be used on the Certificate. - type: array - items: - type: string - uriSANs: - description: URISANs is a list of URI Subject Alternative Names to be - set on this Certificate. - type: array - items: - type: string - usages: - description: Usages is the set of x509 actions that are enabled for - a given key. Defaults are ('digital signature', 'key encipherment') - if empty - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: - https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 - Valid KeyUsage values are as follows: "signing", "digital signature", - "content commitment", "key encipherment", "key agreement", "data - encipherment", "cert sign", "crl sign", "encipher only", "decipher - only", "any", "server auth", "client auth", "code signing", "email - protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec - user", "timestamping", "ocsp signing", "microsoft sgc", "netscape - sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: CertificateStatus defines the observed state of Certificate - type: object - properties: - conditions: - type: array - items: - description: CertificateCondition contains condition information for - an Certificate. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - lastFailureTime: - type: string - format: date-time - notAfter: - description: The expiration time of the certificate stored in the secret - named by this resource in spec.secretName. - type: string - format: date-time - version: v1alpha2 + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + categories: + - cert-manager + scope: Cluster versions: - - name: v1alpha2 - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: challenges.acme.cert-manager.io -spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.dnsName - name: Domain - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: acme.cert-manager.io - preserveUnknownFields: false - names: - kind: Challenge - listKind: ChallengeList - plural: challenges - singular: challenge - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Challenge is a type to represent a Challenge request with an ACME - server - type: object - required: - - metadata - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 type: string - metadata: - type: object - spec: + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. type: object required: - - authzURL - - dnsName - - issuerRef - - key - - token - - type - - url + - spec properties: - authzURL: - description: AuthzURL is the URL to the ACME Authorization resource - that this challenge is a part of. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - dnsName: - description: DNSName is the identifier that this challenge is for, e.g. - example.com. + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Challenge. If the Issuer does - not exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Challenge will be marked - as failed. + metadata: type: object - required: - - name - properties: - group: - type: string - kind: - type: string - name: - type: string - key: - description: Key is the ACME challenge key for this challenge - type: string - solver: - description: Solver contains the domain solving configuration that should - be used to solve this challenge resource. + spec: + description: Desired state of the ClusterIssuer resource. type: object properties: - dns01: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. type: object + required: + - privateKeySecretRef + - server properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure containing - the configuration for ACME-DNS servers - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure containing - the DNS configuration for Akamai DNS—Zone Record Management - API - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - clientTokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. type: object required: - - clientID - - clientSecretSecretRef - - resourceGroupName - - subscriptionID - - tenantID + - keyID + - keySecretRef properties: - clientID: - type: string - clientSecretSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - environment: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' type: string enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: - - project - properties: - project: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. type: string - serviceAccountSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - apiTokenSecretRef: + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. type: object required: - - name + - name properties: key: - description: The key of the secret to select from. Must - be a valid secret key. + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' type: string - enum: - - None - - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a structure - containing the DNS configuration for DigitalOcean Domains - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure containing - the configuration for RFC2136 DNS - type: object - required: - - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting RFC2136. - Required. Note: FQDN is not a valid value, only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting - RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` - are defined. Supported values are (case-insensitive): - ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or - ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If - ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG - value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure containing - the Route 53 configuration for AWS - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared credentials - file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only this - zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName - api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider - will assume using either the explicit credentials AccessKeyID/SecretAccessKey - or the inferred credentials from environment variables, - shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared credentials - file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies configuration - for a webhook DNS01 provider, including where to POST ChallengePayload - resources. + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. type: object required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed - to the webhook apiserver when challenges are processed. - This can contain arbitrary JSON data. Secret values should - not be specified in this stanza. If secret values are - needed (e.g. credentials for a DNS service), you should - use a SecretKeySelector to reference a Secret resource. - For details on the schema of this field, consult the webhook - provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when - POSTing ChallengePayload resources to the webhook apiserver. - This should be the same as the GroupName specified in - the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in - the webhook provider implementation. This will typically - be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration detailing - how to solve HTTP01 challenges within a Kubernetes cluster. Typically - this is accomplished through creating 'routes' of some description - that configure ingress controllers to direct traffic to 'solver - pods', which are responsible for responding to the ACME server's - HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver will - solve challenges by creating or modifying Ingress resources - in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object + - name properties: - class: - description: The ingress class to use when creating Ingress - resources to solve ACME challenges that use this challenge - solver. Only one of 'class' or 'name' may be specified. + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string name: - description: The name of the ingress resource that should - have ACME challenge solving routes inserted into it in - order to solve HTTP01 challenges. This is typically used - in conjunction with ingress controllers like ingress-gce, - which maintains a 1:1 mapping between external IPs and - ingress resources. + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - podTemplate: - description: Optional pod template used to configure the - ACME challenge solver pods used for HTTP01 challenges - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to - solve HTTP01 challenges. Only the 'labels' and 'annotations' - fields may be set. If labels or annotations overlap - with in-built values, the values here will override - the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to - the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the - created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 - challenge solver pod. Only the 'nodeSelector', 'affinity' - and 'tolerations' fields are supported currently. - All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling - constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - type: object + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this - field, but it may choose a node that violates - one or more of the expressions. The node - that is most preferred is the one with - the greatest sum of weights, i.e. for - each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a - sum by iterating through the elements - of this field and adding "weight" to the - sum if the node matches the corresponding - matchExpressions; the node(s) with the - highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling - term matches all objects with implicit - weight 0 (i.e. it's a no-op). A null - preferred scheduling term matches no - objects (i.e. is also a no-op). + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints type: object - required: - - preference - - weight properties: - preference: - description: A node selector term, - associated with the corresponding - weight. + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. type: object properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. type: array items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). type: object required: - - key - - operator + - preference + - weight properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - matchFields: - description: A list of node selector - requirements by node's fields. + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. type: array items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) type: object required: - - key - - operator + - podAffinityTerm + - weight properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". type: array items: type: string - weight: - description: Weight associated with - matching the corresponding nodeSelectorTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to an update), the system may or may - not try to eventually evict the pod from - its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node - selector terms. The terms are ORed. - type: array - items: - description: A null or empty node - selector term matches no objects. - The requirements of them are ANDed. - The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). type: object properties: - matchExpressions: - description: A list of node selector - requirements by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - matchFields: - description: A list of node selector - requirements by node's fields. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. type: array items: - description: A node selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) type: object required: - - key - - operator + - podAffinityTerm + - weight properties: - key: - description: The label key - that the selector applies - to. - type: string - operator: - description: Represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of - string values. If the - operator is In or NotIn, - the values array must - be non-empty. If the operator - is Exists or DoesNotExist, - the values array must - be empty. If the operator - is Gt or Lt, the values - array must have a single - element, which will be - interpreted as an integer. - This array is replaced - during a strategic merge - patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the same - node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - affinity expressions specified by this - field, but it may choose a node that violates - one or more of the expressions. The node - that is most preferred is the one with - the greatest sum of weights, i.e. for - each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a - sum by iterating through the elements - of this field and adding "weight" to the - sum if the node has pods which matches - the corresponding podAffinityTerm; the - node(s) with the highest sum are the most - preferred. - type: array - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key and - values. + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. type: object required: - - key - - operator + - topologyKey properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. Valid - operators are In, - NotIn, Exists and - DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, the - values array must - be non-empty. If the - operator is Exists - or DoesNotExist, the - values array must - be empty. This array - is replaced during - a strategic merge - patch. + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". type: array items: type: string - matchLabels: - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in - the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching the labelSelector - in the specified namespaces, - where co-located is defined - as running on a node whose value - of the label with key topologyKey - matches that of any node on - which any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to a pod label update), the system - may or may not try to eventually evict - the pod from its node. When there are - multiple elements, the lists of nodes - corresponding to each podAffinityTerm - are intersected, i.e. all terms must be - satisfied. - type: array - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this - pod should be co-located (affinity) - or not co-located (anti-affinity) with, - where co-located is defined as running - on a node whose value of the label with - key matches that of any - node on which a pod of the set of pods - is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. type: array items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running type: object required: - - key - - operator + - topologyKey properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a - map of {key,value} pairs. A - single {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); null - or empty list means "this pod's - namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling - rules (e.g. avoid putting this pod in the - same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to - schedule pods to nodes that satisfy the - anti-affinity expressions specified by - this field, but it may choose a node that - violates one or more of the expressions. - The node that is most preferred is the - one with the greatest sum of weights, - i.e. for each node that meets all of the - scheduling requirements (resource request, - requiredDuringScheduling anti-affinity - expressions, etc.), compute a sum by iterating - through the elements of this field and - adding "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with the - highest sum are the most preferred. - type: array - items: - description: The weights of all of the - matched WeightedPodAffinityTerm fields - are added per-node to find the most - preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity - term, associated with the corresponding - weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key and - values. + labelSelector: + description: A label query over a set of resources, in this case pods. type: object - required: - - key - - operator properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to a - set of values. Valid - operators are In, - NotIn, Exists and - DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, the - values array must - be non-empty. If the - operator is Exists - or DoesNotExist, the - values array must - be empty. This array - is replaced during - a strategic merge - patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is - a map of {key,value} pairs. - A single {key,value} in - the matchLabels map is equivalent - to an element of matchExpressions, - whose key field is "key", - the operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be - co-located (affinity) or not - co-located (anti-affinity) with - the pods matching the labelSelector - in the specified namespaces, - where co-located is defined - as running on a node whose value - of the label with key topologyKey - matches that of any node on - which any of the selected pods - is running. Empty topologyKey - is not allowed. - type: string - weight: - description: weight associated with - matching the corresponding podAffinityTerm, - in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements - specified by this field are not met at - scheduling time, the pod will not be scheduled - onto the node. If the anti-affinity requirements - specified by this field cease to be met - at some point during pod execution (e.g. - due to a pod label update), the system - may or may not try to eventually evict - the pod from its node. When there are - multiple elements, the lists of nodes - corresponding to each podAffinityTerm - are intersected, i.e. all terms must be - satisfied. - type: array - items: - description: Defines a set of pods (namely - those matching the labelSelector relative - to the given namespace(s)) that this - pod should be co-located (affinity) - or not co-located (anti-affinity) with, - where co-located is defined as running - on a node whose value of the label with - key matches that of any - node on which a pod of the set of pods - is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a - set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, a key, - and an operator that relates - the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the - label key that the selector - applies to. - type: string - operator: - description: operator represents - a key's relationship to - a set of values. Valid - operators are In, NotIn, - Exists and DoesNotExist. - type: string - values: - description: values is an - array of string values. - If the operator is In - or NotIn, the values array - must be non-empty. If - the operator is Exists - or DoesNotExist, the values - array must be empty. This - array is replaced during - a strategic merge patch. + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". type: array items: type: string - matchLabels: - description: matchLabels is a - map of {key,value} pairs. A - single {key,value} in the matchLabels - map is equivalent to an element - of matchExpressions, whose key - field is "key", the operator - is "In", and the values array - contains only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); null - or empty list means "this pod's - namespace" - type: array - items: + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string - topologyKey: - description: This pod should be co-located - (affinity) or not co-located (anti-affinity) - with the pods matching the labelSelector - in the specified namespaces, where - co-located is defined as running - on a node whose value of the label - with key topologyKey matches that - of any node on which any of the - selected pods is running. Empty - topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must - be true for the pod to fit on a node. Selector - which must match a node''s labels for the pod - to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached - to tolerates any taint that matches the triple - using the matching operator - . - type: object - properties: - effect: - description: Effect indicates the taint effect - to match. Empty means match all taint effects. - When specified, allowed values are NoSchedule, - PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the - toleration applies to. Empty means match - all taint keys. If the key is empty, operator - must be Exists; this combination means to - match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists - and Equal. Defaults to Equal. Exists is - equivalent to wildcard for value, so that - a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration (which - must be of effect NoExecute, otherwise this - field is ignored) tolerates the taint. By - default, it is not set, which means tolerate - the taint forever (do not evict). Zero and - negative values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the - toleration matches to. If the operator is - Exists, the value should be empty, otherwise - just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver - service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. type: object properties: - dnsNames: - description: List of DNSNames that this solver will be used - to solve. If specified and a match is found, a dnsNames selector - will take precedence over a dnsZones selector. If multiple - solvers match with the same dnsNames value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. type: array items: type: string - dnsZones: - description: List of DNSZones that this solver will be used - to solve. The most specific DNS zone match specified here - will take precedence over other DNS zone matches, so a solver - specifying sys.example.com will be selected over one specifying - example.com for the domain www.sys.example.com. If multiple - solvers match with the same dnsZones value, the solver with - the most matching labels in matchLabels will be selected. - If neither has more matches, the solver defined earlier in - the list will be selected. - type: array - items: + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the ClusterIssuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. type: string - matchLabels: - description: A label selector that is used to refine the set - of certificate's that this challenge solver will apply to. - type: object - additionalProperties: + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. type: string - token: - description: Token is the ACME challenge token for this challenge. - type: string - type: - description: Type is the type of ACME challenge this resource represents, - e.g. "dns01" or "http01" - type: string - url: - description: URL is the URL of the ACME Challenge resource for this - challenge. This can be used to lookup details about the status of - this challenge. - type: string - wildcard: - description: Wildcard will be true if this challenge is for a wildcard - identifier, for example '*.example.com' - type: boolean - status: - type: object - properties: - presented: - description: Presented will be set to true if the challenge values for - this challenge are currently 'presented'. This *does not* imply the - self check is passing. Only that the values have been 'submitted' - for the appropriate challenge mechanism (i.e. the DNS01 TXT record - has been presented, or the HTTP01 configuration has been configured). - type: boolean - processing: - description: Processing is used to denote whether this challenge should - be processed or not. This field will only be set to true by the 'scheduling' - component. It will only be set to false by the 'challenges' controller, - after the challenge has reached a final state or timed out. If this - field is set to false, the challenge controller will not take any - more action. - type: boolean - reason: - description: Reason contains human readable information on why the Challenge - is in the current state. - type: string - state: - description: State contains the current 'state' of the challenge. If - not set, the state of the challenge is unknown. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true --- -apiVersion: apiextensions.k8s.io/v1beta1 +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: clusterissuers.cert-manager.io + name: challenges.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date - group: cert-manager.io - preserveUnknownFields: false + group: acme.cert-manager.io names: - kind: ClusterIssuer - listKind: ClusterIssuerList - plural: clusterissuers - singular: clusterissuer - scope: Cluster - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + - jsonPath: .spec.dnsName + name: Domain type: string - metadata: - type: object - spec: - description: IssuerSpec is the specification of an Issuer. This includes - any configuration required for the issuer. + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME server type: object + required: + - metadata + - spec properties: - acme: - description: ACMEIssuer contains the specification for an ACME issuer + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: type: object required: - - privateKeySecretRef - - server + - authorizationURL + - dnsName + - issuerRef + - key + - solver + - token + - type + - url properties: - email: - description: Email is the email for this account + authorizationURL: + description: The URL to the ACME Authorization resource that this challenge is a part of. + type: string + dnsName: + description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. type: string - externalAccountBinding: - description: ExternalAcccountBinding is a reference to a CA external - account of the ACME server. + issuerRef: + description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. type: object required: - - keyAlgorithm - - keyID - - keySecretRef + - name properties: - keyAlgorithm: - description: keyAlgorithm is the MAC key algorithm that the - key is used for. Valid values are "HS256", "HS384" and "HS512". + group: + description: Group of the resource being referred to. type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External - Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing - a data item in a Kubernetes Secret which holds the symmetric - MAC key of the External Account Binding. The `key` is the - index string that is paired with the key data in the Secret - and should not be confused with the key data itself, or indeed - with the External Account Binding keyID above. The secret - key stored in the Secret **must** be un-padded, base64 URL - encoded data. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. + kind: + description: Kind of the resource being referred to. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: Name of the resource being referred to. type: string - server: - description: Server is the ACME server URL + key: + description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - type: array - items: - type: object - properties: - dns01: - type: object - properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure - containing the configuration for ACME-DNS servers - type: object - required: + solver: + description: Contains the domain solving configuration that should be used to solve this challenge resource. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: - accountSecretRef - host - properties: - accountSecretRef: - type: object - required: + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure - containing the DNS configuration for Akamai DNS—Zone - Record Management API - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: - accessTokenSecretRef - clientSecretSecretRef - clientTokenSecretRef - serviceConsumerDomain - properties: - accessTokenSecretRef: - type: object - required: + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientSecretSecretRef: - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - clientTokenSecretRef: - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS - type: object - required: - - clientID - - clientSecretSecretRef + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: - resourceGroupName - subscriptionID - - tenantID - properties: - clientID: - type: string - clientSecretSecretRef: - type: object - required: + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - environment: - type: string - enum: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: - AzurePublicCloud - AzureChinaCloud - AzureGermanCloud - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: - project - properties: - project: - type: string - serviceAccountSecretRef: - type: object - required: + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - apiTokenSecretRef: - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. - type: string - enum: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: - None - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a - structure containing the DNS configuration for DigitalOcean - Domains - type: object - required: + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure - containing the configuration for RFC2136 DNS - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting - RFC2136. Required. Note: FQDN is not a valid value, - only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the - DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` - and ``tsigKeyName`` are defined. Supported values - are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, - ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field - is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the - TSIG value. If ``tsigKeyName`` is defined, this - field is required. - type: object - required: + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure - containing the Route 53 configuration for AWS - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only - this zone in Route53 and will not do an lookup using - the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 - provider will assume using either the explicit credentials - AccessKeyID/SecretAccessKey or the inferred credentials - from environment variables, shared credentials file - or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies - configuration for a webhook DNS01 provider, including - where to POST ChallengePayload resources. - type: object - required: + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: - groupName - solverName - properties: - config: - description: Additional configuration that should - be passed to the webhook apiserver when challenges - are processed. This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for - a DNS service), you should use a SecretKeySelector - to reference a Secret resource. For details on the - schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used - when POSTing ChallengePayload resources to the webhook - apiserver. This should be the same as the GroupName - specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined - in the webhook provider implementation. This will - typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration - detailing how to solve HTTP01 challenges within a Kubernetes - cluster. Typically this is accomplished through creating - 'routes' of some description that configure ingress controllers - to direct traffic to 'solver pods', which are responsible - for responding to the ACME server's HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver - will solve challenges by creating or modifying Ingress - resources in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating - Ingress resources to solve ACME challenges that - use this challenge solver. Only one of 'class' or - 'name' may be specified. - type: string - name: - description: The name of the ingress resource that - should have ACME challenge solving routes inserted - into it in order to solve HTTP01 challenges. This - is typically used in conjunction with ingress controllers - like ingress-gce, which maintains a 1:1 mapping - between external IPs and ingress resources. + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: type: string - podTemplate: - description: Optional pod template used to configure - the ACME challenge solver pods used for HTTP01 challenges + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." type: object + required: + - name properties: - metadata: - description: ObjectMeta overrides for the pod - used to solve HTTP01 challenges. Only the 'labels' - and 'annotations' fields may be set. If labels - or annotations overlap with in-built values, - the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added - to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to - the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the - HTTP01 challenge solver pod. Only the 'nodeSelector', - 'affinity' and 'tolerations' fields are supported - currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling - constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node matches the - corresponding matchExpressions; - the node(s) with the highest sum - are the most preferred. - type: array - items: - description: An empty preferred - scheduling term matches all objects - with implicit weight 0 (i.e. it's - a no-op). A null preferred scheduling - term matches no objects (i.e. - is also a no-op). - type: object - required: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: - preference - weight - properties: - preference: - description: A node selector - term, associated with the - corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - weight: - description: Weight associated - with matching the corresponding - nodeSelectorTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to an update), the system - may or may not try to eventually - evict the pod from its node. - type: object - required: + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list - of node selector terms. The - terms are ORed. - type: array - items: - description: A null or empty - node selector term matches - no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of - the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the - same node, zone, etc. as some other - pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node has pods - which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: - podAffinityTerm - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to a pod label update), - the system may or may not try to - eventually evict the pod from its - node. When there are multiple elements, - the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: type: string - podAntiAffinity: - description: Describes pod anti-affinity - scheduling rules (e.g. avoid putting - this pod in the same node, zone, etc. - as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the anti-affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - anti-affinity expressions, etc.), - compute a sum by iterating through - the elements of this field and adding - "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: - podAffinityTerm - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. - type: object - required: + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: - topologyKey - properties: - labelSelector: - description: A label query - over a set of resources, - in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. - type: array - items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. - type: object - required: + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: key - is the label - key that the - selector applies - to. - type: string - operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object - additionalProperties: - type: string - namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity - requirements specified by this field - are not met at scheduling time, - the pod will not be scheduled onto - the node. If the anti-affinity requirements - specified by this field cease to - be met at some point during pod - execution (e.g. due to a pod label - update), the system may or may not - try to eventually evict the pod - from its node. When there are multiple - elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: - key - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: type: string - nodeSelector: - description: 'NodeSelector is a selector which - must be true for the pod to fit on a node. - Selector which must match a node''s labels - for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . type: object - additionalProperties: - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is - attached to tolerates any taint that matches - the triple using the - matching operator . - type: object - properties: - effect: - description: Effect indicates the taint - effect to match. Empty means match - all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that - the toleration applies to. Empty means - match all taint keys. If the key is - empty, operator must be Exists; this - combination means to match all values - and all keys. - type: string - operator: - description: Operator represents a key's - relationship to the value. Valid operators - are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration - (which must be of effect NoExecute, - otherwise this field is ignored) tolerates - the taint. By default, it is not set, - which means tolerate the taint forever - (do not evict). Zero and negative - values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value - the toleration matches to. If the - operator is Exists, the value should - be empty, otherwise just a regular - string. - type: string - serviceType: - description: Optional service type for Kubernetes - solver service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - additionalProperties: - type: string - ca: - type: object - required: - - secretName - properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - selfSigned: - type: object - vault: - type: object - required: - - auth - - path - - server - properties: - auth: - description: Vault authentication - type: object - properties: - appRole: - description: This Secret contains a AppRole and Secret - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string - kubernetes: - description: This contains a Role and Secret with a ServiceAccount - token to authenticate with vault. + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. type: object - required: - - role - - secretRef properties: - mountPath: - description: The Vault mountPath here is the mount path - to use when authenticating with Vault. For example, setting - a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` - to authenticate with Vault. If unspecified, the default - value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role - to assume. A Role binds a Kubernetes ServiceAccount with - a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes - ServiceAccount JWT used for authenticating with Vault. - Use of 'ambient credentials' is not supported. + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - tokenSecretRef: - description: This Secret contains the Vault token key - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. type: string - format: byte - path: - description: Vault URL path to the certificate role + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. type: string - server: - description: Server is the vault connection address + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. type: string - venafi: - description: VenafiIssuer describes issuer configuration details for - Venafi Cloud. + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" +spec: + group: cert-manager.io + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the CertificateRequest resource. type: object required: - - zone + - issuerRef + - request properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for Venafi Cloud + additionalProperties: + type: array + items: type: string - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. type: object required: - - credentialsRef - - url + - name properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. + group: + description: Group of the resource being referred to. type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for the Venafi TPP instance + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. + request: + description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. type: string - status: - description: IssuerStatus contains status information about an Issuer - type: object - properties: - acme: + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: Status of the CertificateRequest. This is set and managed automatically. type: object properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer + ca: + description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA + format: byte + certificate: + description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. type: string - conditions: - type: array - items: - description: IssuerCondition contains condition information for an - Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true --- -apiVersion: apiextensions.k8s.io/v1beta1 +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: issuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" spec: - additionalPrinterColumns: - - JSONPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - JSONPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date group: cert-manager.io - preserveUnknownFields: false names: kind: Issuer listKind: IssuerList plural: issuers singular: issuer + categories: + - cert-manager scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - type: object - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 type: string - metadata: - type: object - spec: - description: IssuerSpec is the specification of an Issuer. This includes - any configuration required for the issuer. + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. type: object + required: + - spec properties: - acme: - description: ACMEIssuer contains the specification for an ACME issuer + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Issuer resource. type: object - required: - - privateKeySecretRef - - server properties: - email: - description: Email is the email for this account - type: string - externalAccountBinding: - description: ExternalAcccountBinding is a reference to a CA external - account of the ACME server. + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. type: object required: - - keyAlgorithm - - keyID - - keySecretRef + - privateKeySecretRef + - server properties: - keyAlgorithm: - description: keyAlgorithm is the MAC key algorithm that the - key is used for. Valid values are "HS256", "HS384" and "HS512". + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External - Account is bound to. + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing - a data item in a Kubernetes Secret which holds the symmetric - MAC key of the External Account Binding. The `key` is the - index string that is paired with the key data in the Secret - and should not be confused with the key data itself, or indeed - with the External Account Binding keyID above. The secret - key stored in the Secret **must** be un-padded, base64 URL - encoded data. + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. type: object required: - - name + - name properties: key: - description: The key of the secret to select from. Must - be a valid secret key. + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - privateKeySecretRef: - description: PrivateKey is the name of a secret containing the private - key for this user account. - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must be a - valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' type: string - server: - description: Server is the ACME server URL - type: string - skipTLSVerify: - description: If true, skip verifying the ACME server TLS certificate - type: boolean - solvers: - description: Solvers is a list of challenge solvers that will be - used to solve ACME challenges for the matching domains. - type: array - items: - type: object - properties: - dns01: + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. type: object properties: - acmedns: - description: ACMEIssuerDNS01ProviderAcmeDNS is a structure - containing the configuration for ACME-DNS servers + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. type: object - required: - - accountSecretRef - - host properties: - accountSecretRef: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. type: object required: - - name + - accountSecretRef + - host properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: type: string - host: - type: string - akamai: - description: ACMEIssuerDNS01ProviderAkamai is a structure - containing the DNS configuration for Akamai DNS—Zone - Record Management API - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. type: object required: - - name + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: type: string - clientSecretSecretRef: + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. type: object required: - - name + - resourceGroupName + - subscriptionID properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + clientID: + description: if both this and ClientSecret are left unset MSI will be used type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in type: string - clientTokenSecretRef: + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. type: object required: - - name + - project properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + project: type: string - serviceConsumerDomain: - type: string - azuredns: - description: ACMEIssuerDNS01ProviderAzureDNS is a structure - containing the configuration for Azure DNS - type: object - required: - - clientID - - clientSecretSecretRef - - resourceGroupName - - subscriptionID - - tenantID - properties: - clientID: - type: string - clientSecretSecretRef: + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. type: object - required: - - name properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. type: string - environment: + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. type: string enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - type: string - resourceGroupName: - type: string - subscriptionID: - type: string - tenantID: - type: string - clouddns: - description: ACMEIssuerDNS01ProviderCloudDNS is a structure - containing the DNS configuration for Google Cloud DNS - type: object - required: - - project - properties: - project: - type: string - serviceAccountSecretRef: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. type: object required: - - name + - tokenSecretRef properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - cloudflare: - description: ACMEIssuerDNS01ProviderCloudflare is a structure - containing the DNS configuration for Cloudflare - type: object - required: - - email - properties: - apiKeySecretRef: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. type: object required: - - name + - nameserver properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. type: string - apiTokenSecretRef: + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. type: object required: - - name + - region properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. type: string - email: - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider - should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: ACMEIssuerDNS01ProviderDigitalOcean is a - structure containing the DNS configuration for DigitalOcean - Domains - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + region: + description: Always set the region when using AccessKeyID and SecretAccessKey type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata type: string - rfc2136: - description: ACMEIssuerDNS01ProviderRFC2136 is a structure - containing the configuration for RFC2136 DNS - type: object - required: - - nameserver - properties: - nameserver: - description: 'The IP address of the DNS supporting - RFC2136. Required. Note: FQDN is not a valid value, - only IP.' - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the - DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` - and ``tsigKeyName`` are defined. Supported values - are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, - ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. - If ``tsigSecretSecretRef`` is defined, this field - is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the - TSIG value. If ``tsigKeyName`` is defined, this - field is required. + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. type: object required: - - name + - groupName + - solverName properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. type: string - route53: - description: ACMEIssuerDNS01ProviderRoute53 is a structure - containing the Route 53 configuration for AWS + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. type: object - required: - - region properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only - this zone in Route53 and will not do an lookup using - the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID - and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 - provider will assume using either the explicit credentials - AccessKeyID/SecretAccessKey or the inferred credentials - from environment variables, shared credentials file - or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. - If not set we fall-back to using env vars, shared - credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. type: object - required: - - name properties: - key: - description: The key of the secret to select from. - Must be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string - webhook: - description: ACMEIssuerDNS01ProviderWebhook specifies - configuration for a webhook DNS01 provider, including - where to POST ChallengePayload resources. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should - be passed to the webhook apiserver when challenges - are processed. This can contain arbitrary JSON data. - Secret values should not be specified in this stanza. - If secret values are needed (e.g. credentials for - a DNS service), you should use a SecretKeySelector - to reference a Secret resource. For details on the - schema of this field, consult the webhook provider - implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used - when POSTing ChallengePayload resources to the webhook - apiserver. This should be the same as the GroupName - specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined - in the webhook provider implementation. This will - typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: ACMEChallengeSolverHTTP01 contains configuration - detailing how to solve HTTP01 challenges within a Kubernetes - cluster. Typically this is accomplished through creating - 'routes' of some description that configure ingress controllers - to direct traffic to 'solver pods', which are responsible - for responding to the ACME server's HTTP requests. - type: object - properties: - ingress: - description: The ingress based HTTP01 challenge solver - will solve challenges by creating or modifying Ingress - resources in order to route requests for '/.well-known/acme-challenge/XYZ' - to 'challenge solver' pods that are provisioned by cert-manager - for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating - Ingress resources to solve ACME challenges that - use this challenge solver. Only one of 'class' or - 'name' may be specified. - type: string - name: - description: The name of the ingress resource that - should have ACME challenge solving routes inserted - into it in order to solve HTTP01 challenges. This - is typically used in conjunction with ingress controllers - like ingress-gce, which maintains a 1:1 mapping - between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure - the ACME challenge solver pods used for HTTP01 challenges + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. type: object properties: - metadata: - description: ObjectMeta overrides for the pod - used to solve HTTP01 challenges. Only the 'labels' - and 'annotations' fields may be set. If labels - or annotations overlap with in-built values, - the values here will override the in-built values. + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. type: object properties: - annotations: - description: Annotations that should be added - to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to - the created ACME HTTP01 solver pods. + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the - HTTP01 challenge solver pod. Only the 'nodeSelector', - 'affinity' and 'tolerations' fields are supported - currently. All other fields will be ignored. + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. type: object properties: - affinity: - description: If specified, the pod's scheduling - constraints + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. type: object properties: - nodeAffinity: - description: Describes node affinity scheduling - rules for the pod. + affinity: + description: If specified, the pod's scheduling constraints type: object properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node matches the - corresponding matchExpressions; - the node(s) with the highest sum - are the most preferred. - type: array - items: - description: An empty preferred - scheduling term matches all objects - with implicit weight 0 (i.e. it's - a no-op). A null preferred scheduling - term matches no objects (i.e. - is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector - term, associated with the - corresponding weight. + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). type: object + required: + - preference + - weight properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - weight: - description: Weight associated - with matching the corresponding - nodeSelectorTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to an update), the system - may or may not try to eventually - evict the pod from its node. + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). type: object - required: - - nodeSelectorTerms properties: - nodeSelectorTerms: - description: Required. A list - of node selector terms. The - terms are ORed. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. type: array items: - description: A null or empty - node selector term matches - no objects. The requirements - of them are ANDed. The TopologySelectorTerm - type implements a subset of - the NodeSelectorTerm. + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) type: object + required: + - podAffinityTerm + - weight properties: - matchExpressions: - description: A list of node - selector requirements - by node's labels. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. - type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchFields: - description: A list of node - selector requirements - by node's fields. - type: array - items: - description: A node selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: The label - key that the selector - applies to. - type: string - operator: - description: Represents - a key's relationship - to a set of values. - Valid operators - are In, NotIn, Exists, - DoesNotExist. Gt, - and Lt. + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: type: string - values: - description: An array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. If - the operator is - Gt or Lt, the values - array must have - a single element, - which will be interpreted - as an integer. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling - rules (e.g. co-locate this pod in the - same node, zone, etc. as some other - pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - affinity expressions, etc.), compute - a sum by iterating through the elements - of this field and adding "weight" - to the sum if the node has pods - which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running type: object required: - - topologyKey + - topologyKey properties: labelSelector: - description: A label query - over a set of resources, - in this case pods. + description: A label query over a set of resources, in this case pods. type: object properties: matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object required: - - key - - operator + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator properties: key: - description: key - is the label - key that the - selector applies - to. + description: key is the label key that the selector applies to. type: string operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. type: array items: type: string matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object additionalProperties: type: string + x-kubernetes-map-type: atomic namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". type: array items: type: string topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements - specified by this field are not - met at scheduling time, the pod - will not be scheduled onto the node. - If the affinity requirements specified - by this field cease to be met at - some point during pod execution - (e.g. due to a pod label update), - the system may or may not try to - eventually evict the pod from its - node. When there are multiple elements, - the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) type: object + required: + - podAffinityTerm + - weight properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity - scheduling rules (e.g. avoid putting - this pod in the same node, zone, etc. - as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer - to schedule pods to nodes that satisfy - the anti-affinity expressions specified - by this field, but it may choose - a node that violates one or more - of the expressions. The node that - is most preferred is the one with - the greatest sum of weights, i.e. - for each node that meets all of - the scheduling requirements (resource - request, requiredDuringScheduling - anti-affinity expressions, etc.), - compute a sum by iterating through - the elements of this field and adding - "weight" to the sum if the node - has pods which matches the corresponding - podAffinityTerm; the node(s) with - the highest sum are the most preferred. - type: array - items: - description: The weights of all - of the matched WeightedPodAffinityTerm - fields are added per-node to find - the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod - affinity term, associated - with the corresponding weight. + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running type: object required: - - topologyKey + - topologyKey properties: labelSelector: - description: A label query - over a set of resources, - in this case pods. + description: A label query over a set of resources, in this case pods. type: object properties: matchExpressions: - description: matchExpressions - is a list of label - selector requirements. - The requirements are - ANDed. + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: - description: A label - selector requirement - is a selector that - contains values, - a key, and an operator - that relates the - key and values. + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. type: object required: - - key - - operator + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator properties: key: - description: key - is the label - key that the - selector applies - to. + description: key is the label key that the selector applies to. type: string operator: - description: operator - represents a - key's relationship - to a set of - values. Valid - operators are - In, NotIn, Exists - and DoesNotExist. + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: - description: values - is an array - of string values. - If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or - DoesNotExist, - the values array - must be empty. - This array is - replaced during - a strategic - merge patch. + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. type: array items: type: string matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels - map is equivalent - to an element of matchExpressions, - whose key field is - "key", the operator - is "In", and the values - array contains only - "value". The requirements - are ANDed. + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object additionalProperties: type: string + x-kubernetes-map-type: atomic namespaces: - description: namespaces - specifies which namespaces - the labelSelector applies - to (matches against); - null or empty list means - "this pod's namespace" + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". type: array items: type: string topologyKey: - description: This pod should - be co-located (affinity) - or not co-located (anti-affinity) - with the pods matching - the labelSelector in the - specified namespaces, - where co-located is defined - as running on a node whose - value of the label with - key topologyKey matches - that of any node on which - any of the selected pods - is running. Empty topologyKey - is not allowed. + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string - weight: - description: weight associated - with matching the corresponding - podAffinityTerm, in the range - 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity - requirements specified by this field - are not met at scheduling time, - the pod will not be scheduled onto - the node. If the anti-affinity requirements - specified by this field cease to - be met at some point during pod - execution (e.g. due to a pod label - update), the system may or may not - try to eventually evict the pod - from its node. When there are multiple - elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, - i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods - (namely those matching the labelSelector - relative to the given namespace(s)) - that this pod should be co-located - (affinity) or not co-located (anti-affinity) - with, where co-located is defined - as running on a node whose value - of the label with key - matches that of any node on which - a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over - a set of resources, in this - case pods. - type: object - properties: - matchExpressions: - description: matchExpressions - is a list of label selector - requirements. The requirements - are ANDed. - type: array - items: - description: A label selector - requirement is a selector - that contains values, - a key, and an operator - that relates the key - and values. - type: object - required: - - key - - operator - properties: - key: - description: key is - the label key that - the selector applies - to. - type: string - operator: - description: operator - represents a key's - relationship to - a set of values. - Valid operators - are In, NotIn, Exists - and DoesNotExist. - type: string - values: - description: values - is an array of string - values. If the operator - is In or NotIn, - the values array - must be non-empty. - If the operator - is Exists or DoesNotExist, - the values array - must be empty. This - array is replaced - during a strategic - merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels - is a map of {key,value} - pairs. A single {key,value} - in the matchLabels map - is equivalent to an element - of matchExpressions, whose - key field is "key", the - operator is "In", and - the values array contains - only "value". The requirements - are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies - which namespaces the labelSelector - applies to (matches against); - null or empty list means "this - pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should - be co-located (affinity) or - not co-located (anti-affinity) - with the pods matching the - labelSelector in the specified - namespaces, where co-located - is defined as running on a - node whose value of the label - with key topologyKey matches - that of any node on which - any of the selected pods is - running. Empty topologyKey - is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which - must be true for the pod to fit on a node. - Selector which must match a node''s labels - for the pod to be scheduled on that node. - More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is - attached to tolerates any taint that matches - the triple using the - matching operator . - type: object - properties: - effect: - description: Effect indicates the taint - effect to match. Empty means match - all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule - and NoExecute. - type: string - key: - description: Key is the taint key that - the toleration applies to. Empty means - match all taint keys. If the key is - empty, operator must be Exists; this - combination means to match all values - and all keys. - type: string - operator: - description: Operator represents a key's - relationship to the value. Valid operators - are Exists and Equal. Defaults to - Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents - the period of time the toleration - (which must be of effect NoExecute, - otherwise this field is ignored) tolerates - the taint. By default, it is not set, - which means tolerate the taint forever - (do not evict). Zero and negative - values will be treated as 0 (evict - immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value - the toleration matches to. If the - operator is Exists, the value should - be empty, otherwise just a regular - string. + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: type: string - serviceType: - description: Optional service type for Kubernetes - solver service - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate - resource that should be solved using this challenge solver. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be - used to solve. If specified and a match is found, a - dnsNames selector will take precedence over a dnsZones - selector. If multiple solvers match with the same dnsNames - value, the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string - dnsZones: - description: List of DNSZones that this solver will be - used to solve. The most specific DNS zone match specified - here will take precedence over other DNS zone matches, - so a solver specifying sys.example.com will be selected - over one specifying example.com for the domain www.sys.example.com. - If multiple solvers match with the same dnsZones value, - the solver with the most matching labels in matchLabels - will be selected. If neither has more matches, the solver - defined earlier in the list will be selected. - type: array - items: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - matchLabels: - description: A label selector that is used to refine the - set of certificate's that this challenge solver will - apply to. - type: object - additionalProperties: + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - ca: + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the Issuer. This is set and managed automatically. type: object - required: - - secretName properties: - secretName: - description: SecretName is the name of the secret used to sign Certificates - issued by this Issuer. - type: string - selfSigned: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true +--- +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: type: object - vault: + spec: + description: Desired state of the Certificate resource. type: object required: - - auth - - path - - server + - issuerRef + - secretName properties: - auth: - description: Vault authentication + additionalOutputFormats: + description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' + type: string + dnsNames: + description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. + type: array + items: + type: string + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + emailAddresses: + description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. + type: array + items: + type: string + encodeUsagesInRequest: + description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest + type: boolean + ipAddresses: + description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. + type: array + items: + type: string + isCA: + description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + keystores: + description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. type: object properties: - appRole: - description: This Secret contains a AppRole and Secret + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. type: object required: - - path - - roleId - - secretRef + - create + - passwordSecretRef properties: - path: - description: Where the authentication path is mounted in - Vault. - type: string - roleId: - type: string - secretRef: + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. type: object required: - - name + - name properties: key: - description: The key of the secret to select from. Must - be a valid secret key. + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - kubernetes: - description: This contains a Role and Secret with a ServiceAccount - token to authenticate with vault. + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. type: object required: - - role - - secretRef + - create + - passwordSecretRef properties: - mountPath: - description: The Vault mountPath here is the mount path - to use when authenticating with Vault. For example, setting - a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` - to authenticate with Vault. If unspecified, the default - value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role - to assume. A Role binds a Kubernetes ServiceAccount with - a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes - ServiceAccount JWT used for authenticating with Vault. - Use of 'ambient credentials' is not supported. + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. type: object required: - - name + - name properties: key: - description: The key of the secret to select from. Must - be a valid secret key. + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - tokenSecretRef: - description: This Secret contains the Vault token key - type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - caBundle: - description: Base64 encoded CA bundle to validate Vault server certificate. - Only used if the Server URL is using HTTPS protocol. This parameter - is ignored for plain HTTP protocol connection. If not set the - system root certificates are used to validate the TLS connection. + literalSubject: + description: LiteralSubject is an LDAP formatted string that represents the [X.509 Subject field](https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6). Use this *instead* of the Subject field if you need to ensure the correct ordering of the RDN sequence, such as when issuing certs for LDAP authentication. See https://github.com/cert-manager/cert-manager/issues/3203, https://github.com/cert-manager/cert-manager/issues/4424. This field is alpha level and is only supported by cert-manager installations where LiteralCertificateSubject feature gate is enabled on both cert-manager controller and webhook. type: string - format: byte - path: - description: Vault URL path to the certificate role + privateKey: + description: Options to control private keys used for the Certificate. + type: object + properties: + algorithm: + description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. + type: string + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. + type: string + enum: + - Never + - Always + size: + description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. + type: integer + renewBefore: + description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration type: string - server: - description: Server is the vault connection address + revisionHistoryLimit: + description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. + type: integer + format: int32 + secretName: + description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. type: string - venafi: - description: VenafiIssuer describes issuer configuration details for - Venafi Cloud. - type: object - required: - - zone - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. - Only one of TPP or Cloud may be specified. + secretTemplate: + description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. type: object - required: - - apiTokenSecretRef properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for - the Venafi Cloud API token. + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. type: object - required: - - name - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for Venafi Cloud - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration - settings. Only one of TPP or Cloud may be specified. + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). type: object - required: - - credentialsRef - - url properties: - caBundle: - description: CABundle is a PEM encoded TLS certifiate to use - to verify connections to the TPP instance. If specified, system - roots will not be used and the issuing CA for the TPP instance - must be verifiable using the provided root. If not specified, - the connection will be verified using the cert-manager system - root certificates. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing - the username and password for the TPP server. The secret must - contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - url: - description: URL is the base URL for the Venafi TPP instance + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. - All requests made to the Venafi platform will be restricted by - the named zone policy. This field is required. - type: string - status: - description: IssuerStatus contains status information about an Issuer - type: object - properties: - acme: + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: URIs is a list of URI subjectAltNames to be set on the Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: Status of the Certificate. This is set and managed automatically. type: object properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the - latest registered ACME account, in order to track changes made - to registered account associated with the Issuer + conditions: + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + type: array + items: + description: CertificateCondition contains condition information for an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `Issuing`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failedIssuanceAttempts: + description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). + type: integer + lastFailureTime: + description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. type: string - uri: - description: URI is the unique account identifier, which can also - be used to retrieve account details from the CA + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. type: string - conditions: - type: array - items: - description: IssuerCondition contains condition information for an - Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding - to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details - of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for - the condition's last transition. - type: string - status: - description: Status of the condition, one of ('True', 'False', - 'Unknown'). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, currently ('Ready'). - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer + served: true + storage: true --- -apiVersion: apiextensions.k8s.io/v1beta1 +# Source: cert-manager/templates/crds.yaml +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: orders.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.15.0" spec: - additionalPrinterColumns: - - JSONPath: .status.state - name: State - type: string - - JSONPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - JSONPath: .status.reason - name: Reason - priority: 1 - type: string - - JSONPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when - this object was created. It is not guaranteed to be set in happens-before order - across separate operations. Clients may not set this value. It is represented - in RFC3339 form and is in UTC. - name: Age - type: date group: acme.cert-manager.io - preserveUnknownFields: false names: kind: Order listKind: OrderList plural: orders singular: order + categories: + - cert-manager + - cert-manager-acme scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Order is a type to represent an Order with an ACME server - type: object - required: - - metadata - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.state + name: State type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 type: string - metadata: - type: object - spec: + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server type: object required: - - csr - - issuerRef + - metadata + - spec properties: - commonName: - description: CommonName is the common name as specified on the DER encoded - CSR. If CommonName is not specified, the first DNSName specified will - be used as the CommonName. At least one of CommonName or a DNSNames - must be set. This field must match the corresponding field on the - DER encoded CSR. + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string - csr: - description: Certificate signing request bytes in DER encoding. This - will be used when finalizing the order. This field must be set on - the order. + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string - format: byte - dnsNames: - description: DNSNames is a list of DNS names that should be included - as part of the Order validation process. If CommonName is not specified, - the first DNSName specified will be used as the CommonName. At least - one of CommonName or a DNSNames must be set. This field must match - the corresponding field on the DER encoded CSR. - type: array - items: - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer - which should be used to create this Order. If the Issuer does not - exist, processing will be retried. If the Issuer is not an 'ACME' - Issuer, an error will be returned and the Order will be marked as - failed. + metadata: + type: object + spec: type: object required: - - name + - issuerRef + - request properties: - group: + commonName: + description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. type: string - kind: + dnsNames: + description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + duration: + description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. type: string - name: + ipAddresses: + description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. type: string - status: - type: object - properties: - authorizations: - description: Authorizations contains data returned from the ACME server - on what authoriations must be completed in order to validate the DNS - names specified on the Order. - type: array - items: - description: ACMEAuthorization contains data returned from the ACME - server on an authorization that must be completed in order validate - a DNS name on an ACME Order resource. - type: object - required: - - url - properties: - challenges: - description: Challenges specifies the challenge types offered - by the ACME server. One of these challenge types will be selected - when validating the DNS name and an appropriate Challenge resource - will be created to perform the ACME challenge process. - type: array - items: - description: Challenge specifies a challenge offered by the - ACME server for an Order. An appropriate Challenge resource - can be created to perform the ACME challenge process. - type: object - required: - - token - - type + format: byte + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. + type: object + required: - url - properties: - token: - description: Token is the token that must be presented for - this challenge. This is used to compute the 'key' that - must also be presented. - type: string - type: - description: Type is the type of challenge being offered, - e.g. http-01, dns-01 - type: string - url: - description: URL is the URL of this challenge. It can be - used to retrieve additional metadata about the Challenge - from the ACME server. - type: string - identifier: - description: Identifier is the DNS name to be validated as part - of this authorization - type: string - url: - description: URL is the URL of the Authorization that must be - completed - type: string - wildcard: - description: Wildcard will be true if this authorization is for - a wildcard DNS name. If this is true, the identifier will be - the *non-wildcard* version of the DNS name. For example, if - '*.example.com' is the DNS name being validated, this field - will be 'true' and the 'identifier' field will be 'example.com'. - type: boolean - certificate: - description: Certificate is a copy of the PEM encoded certificate for - this Order. This field will be populated after the order has been - successfully finalized with the ACME server, and the order has transitioned - to the 'valid' state. - type: string - format: byte - failureTime: - description: FailureTime stores the time that this order failed. This - is used to influence garbage collection and back-off. - type: string - format: date-time - finalizeURL: - description: FinalizeURL of the Order. This is used to obtain certificates - for this order once it has been completed. - type: string - reason: - description: Reason optionally provides more information about a why - the order is in the current state. - type: string - state: - description: State contains the current state of this Order resource. - States 'success' and 'expired' are 'final' - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: URL of the Order. This will initially be empty when the - resource is first created. The Order controller will populate this - field when the Order is first processed. This field will be immutable - after it is initially set. - type: string - version: v1alpha2 - versions: - - name: v1alpha2 - served: true - storage: true ---- \ No newline at end of file + properties: + challenges: + description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. + type: string + type: + description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. + type: string + url: + description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part of this authorization + type: string + initialState: + description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL is the URL of the Authorization that must be completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. + type: string + served: true + storage: true diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml index adcc3febad..fbc332202c 100644 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml +++ b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml @@ -1,6 +1,6 @@ {{- $serviceName := include "nginx-ingress.name" . -}} {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml index 09b2608aa4..5f845145e9 100644 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml @@ -1,6 +1,6 @@ {{- $serviceName := include "nginx-ingress.name" . -}} {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml index 7526fc7e92..e289f90fab 100644 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml +++ b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml @@ -1,6 +1,6 @@ {{- $serviceName := include "nginx-ingress.name" . -}} {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml index 7fdc961f68..b90dfdb9c3 100644 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml @@ -1,6 +1,6 @@ {{- $serviceName := include "nginx-ingress.name" . -}} {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: diff --git a/config-as-code/helm/charts/business-services/collection-services/values.yaml b/config-as-code/helm/charts/business-services/collection-services/values.yaml index 6acce45b12..039c804a8d 100644 --- a/config-as-code/helm/charts/business-services/collection-services/values.yaml +++ b/config-as-code/helm/charts/business-services/collection-services/values.yaml @@ -126,10 +126,6 @@ env: | configMapKeyRef: name: egov-config key: egov-services-fqdn-name - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} {{- if index .Values "apportion-endpoint" }} - name: EGOV_APPORTION_APPORTION_ENDPOINT value: {{ index .Values "apportion-endpoint" | quote }} diff --git a/config-as-code/helm/charts/common/templates/_ingress.yaml b/config-as-code/helm/charts/common/templates/_ingress.yaml index 98fbba1acd..83fb1c6259 100755 --- a/config-as-code/helm/charts/common/templates/_ingress.yaml +++ b/config-as-code/helm/charts/common/templates/_ingress.yaml @@ -1,7 +1,7 @@ {{- define "common.ingress" -}} {{- if .Values.ingress.enabled -}} --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ template "common.name" . }} @@ -29,13 +29,18 @@ spec: paths: - backend: {{- if .Values.ingress.zuul }} - serviceName: zuul - servicePort: 8080 + service: + name: zuul + port: + number: 8080 {{ else }} - serviceName: {{ .Values.ingress.serviceName | default (include "common.name" .) }} - servicePort: {{ .Values.ingress.servicePort | default .Values.httpPort }} + service: + name: {{ .Values.ingress.serviceName | default (include "common.name" .) }} + port: + number: {{ .Values.ingress.servicePort | default .Values.httpPort }} {{- end }} path: /{{ .Values.ingress.context }} + pathType: Prefix {{- if ne .Values.global.setup "quickstart" }} tls: {{- if .Values.ingress.tls }} diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml b/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml index 471dfeb6de..c192aa3238 100644 --- a/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml +++ b/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: egov-filestore @@ -12,6 +12,9 @@ spec: http: paths: - backend: - serviceName: zuul - servicePort: 8080 - path: /{{ .Values.ingress.context }} \ No newline at end of file + service: + name: zuul + port: + number: 8080 + path: /{{ .Values.ingress.context }} + pathType: Prefix \ No newline at end of file diff --git a/config-as-code/helm/charts/core-services/egov-filestore/values.yaml b/config-as-code/helm/charts/core-services/egov-filestore/values.yaml index b0fe17b519..9e34e645a7 100644 --- a/config-as-code/helm/charts/core-services/egov-filestore/values.yaml +++ b/config-as-code/helm/charts/core-services/egov-filestore/values.yaml @@ -63,8 +63,6 @@ env: | - name: SOURCE_DISK value: "diskStorage" {{- end }} - - name: ISS3ENABLED - value: {{ index .Values "is-s3-enabled" | quote }} {{- if index .Values "is-s3-enabled" }} - name: ISS3ENABLED value: "true" From 9c231d2927cfffa068423391e64983e9d8439f54 Mon Sep 17 00:00:00 2001 From: aniket Date: Fri, 10 Mar 2023 12:09:42 +0530 Subject: [PATCH 128/742] Added ingress-nginx chart --- .../ingress-nginx/.helmignore | 22 + .../ingress-nginx/CHANGELOG.md | 460 +++++++++ .../ingress-nginx/Chart.yaml | 26 + .../backbone-services/ingress-nginx/OWNERS | 10 + .../backbone-services/ingress-nginx/README.md | 524 +++++++++++ .../ingress-nginx/README.md.gotmpl | 250 +++++ .../ingress-nginx/changelog.md.gotmpl | 9 + .../ingress-nginx/changelog/.gitkeep | 0 .../changelog/Changelog-4.5.2.md | 13 + ...ler-admission-tls-cert-manager-values.yaml | 6 + .../controller-custom-ingressclass-flags.yaml | 7 + .../ci/daemonset-customconfig-values.yaml | 14 + .../ci/daemonset-customnodeport-values.yaml | 22 + .../ci/daemonset-extra-modules.yaml | 10 + .../ci/daemonset-headers-values.yaml | 14 + .../ci/daemonset-internal-lb-values.yaml | 14 + .../ci/daemonset-nodeport-values.yaml | 10 + .../ci/daemonset-podannotations-values.yaml | 17 + ...set-tcp-udp-configMapNamespace-values.yaml | 20 + ...emonset-tcp-udp-portNamePrefix-values.yaml | 18 + .../ci/daemonset-tcp-udp-values.yaml | 16 + .../ci/daemonset-tcp-values.yaml | 14 + .../ci/deamonset-default-values.yaml | 10 + .../ci/deamonset-metrics-values.yaml | 12 + .../ci/deamonset-psp-values.yaml | 13 + .../ci/deamonset-webhook-and-psp-values.yaml | 13 + .../ci/deamonset-webhook-values.yaml | 10 + ...eployment-autoscaling-behavior-values.yaml | 14 + .../ci/deployment-autoscaling-values.yaml | 11 + .../ci/deployment-customconfig-values.yaml | 12 + .../ci/deployment-customnodeport-values.yaml | 20 + .../ci/deployment-default-values.yaml | 8 + ...modules-default-container-sec-context.yaml | 12 + ...odules-specific-container-sec-context.yaml | 12 + .../ci/deployment-extra-modules.yaml | 10 + .../ci/deployment-headers-values.yaml | 13 + .../ci/deployment-internal-lb-values.yaml | 13 + .../ci/deployment-metrics-values.yaml | 11 + .../ci/deployment-nodeport-values.yaml | 9 + .../ci/deployment-podannotations-values.yaml | 16 + .../ci/deployment-psp-values.yaml | 10 + ...ent-tcp-udp-configMapNamespace-values.yaml | 19 + ...loyment-tcp-udp-portNamePrefix-values.yaml | 17 + .../ci/deployment-tcp-udp-values.yaml | 15 + .../ci/deployment-tcp-values.yaml | 11 + .../ci/deployment-webhook-and-psp-values.yaml | 12 + .../deployment-webhook-extraEnvs-values.yaml | 12 + .../deployment-webhook-resources-values.yaml | 23 + .../ci/deployment-webhook-values.yaml | 9 + .../ingress-nginx/templates/NOTES.txt | 80 ++ .../ingress-nginx/templates/_helpers.tpl | 212 +++++ .../ingress-nginx/templates/_params.tpl | 65 ++ .../admission-webhooks/cert-manager.yaml | 63 ++ .../job-patch/clusterrole.yaml | 34 + .../job-patch/clusterrolebinding.yaml | 23 + .../job-patch/job-createSecret.yaml | 80 ++ .../job-patch/job-patchWebhook.yaml | 82 ++ .../job-patch/networkpolicy.yaml | 26 + .../admission-webhooks/job-patch/psp.yaml | 41 + .../admission-webhooks/job-patch/role.yaml | 24 + .../job-patch/rolebinding.yaml | 24 + .../job-patch/serviceaccount.yaml | 16 + .../validating-webhook.yaml | 53 ++ .../ingress-nginx/templates/clusterrole.yaml | 102 ++ .../templates/clusterrolebinding.yaml | 19 + .../controller-configmap-addheaders.yaml | 14 + .../controller-configmap-proxyheaders.yaml | 19 + .../templates/controller-configmap-tcp.yaml | 17 + .../templates/controller-configmap-udp.yaml | 17 + .../templates/controller-configmap.yaml | 29 + .../templates/controller-daemonset.yaml | 240 +++++ .../templates/controller-deployment.yaml | 243 +++++ .../templates/controller-hpa.yaml | 52 + .../templates/controller-ingressclass.yaml | 21 + .../templates/controller-keda.yaml | 42 + .../controller-poddisruptionbudget.yaml | 23 + .../templates/controller-prometheusrules.yaml | 21 + .../templates/controller-psp.yaml | 94 ++ .../templates/controller-role.yaml | 101 ++ .../templates/controller-rolebinding.yaml | 21 + .../controller-service-internal.yaml | 79 ++ .../templates/controller-service-metrics.yaml | 45 + .../templates/controller-service-webhook.yaml | 40 + .../templates/controller-service.yaml | 101 ++ .../templates/controller-serviceaccount.yaml | 18 + .../templates/controller-servicemonitor.yaml | 48 + .../controller-webhooks-networkpolicy.yaml | 19 + .../templates/default-backend-deployment.yaml | 123 +++ .../templates/default-backend-hpa.yaml | 33 + .../default-backend-poddisruptionbudget.yaml | 21 + .../templates/default-backend-psp.yaml | 38 + .../templates/default-backend-role.yaml | 22 + .../default-backend-rolebinding.yaml | 21 + .../templates/default-backend-service.yaml | 41 + .../default-backend-serviceaccount.yaml | 14 + .../templates/dh-param-secret.yaml | 10 + .../ingress-nginx/values.yaml | 889 ++++++++++++++++++ 97 files changed, 5303 insertions(+) create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/README.md create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml create mode 100644 config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore b/config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore new file mode 100644 index 0000000000..50af031725 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md b/config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md new file mode 100644 index 0000000000..7d81ac1bd6 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md @@ -0,0 +1,460 @@ +# Changelog + +This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +### 4.4.0 + +* Adding support for disabling liveness and readiness probes to the Helm chart by @njegosrailic in https://github.com/kubernetes/ingress-nginx/pull/9238 +* add:(admission-webhooks) ability to set securityContext by @ybelMekk in https://github.com/kubernetes/ingress-nginx/pull/9186 +* #7652 - Updated Helm chart to use the fullname for the electionID if not specified. by @FutureMatt in https://github.com/kubernetes/ingress-nginx/pull/9133 +* Rename controller-wehbooks-networkpolicy.yaml. by @Gacko in https://github.com/kubernetes/ingress-nginx/pull/9123 + +### 4.3.0 +- Support for Kubernetes v.1.25.0 was added and support for endpoint slices +- Support for Kubernetes v1.20.0 and v1.21.0 was removed +- [8890](https://github.com/kubernetes/ingress-nginx/pull/8890) migrate to endpointslices +- [9059](https://github.com/kubernetes/ingress-nginx/pull/9059) kubewebhookcertgen sha change after go1191 +- [9046](https://github.com/kubernetes/ingress-nginx/pull/9046) Parameterize metrics port name +- [9104](https://github.com/kubernetes/ingress-nginx/pull/9104) Fix yaml formatting error with multiple annotations + +### 4.2.1 + +- The sha of kube-webhook-certgen image & the opentelemetry image, in values file, was changed to new images built on alpine-v3.16.1 +- "[8896](https://github.com/kubernetes/ingress-nginx/pull/8896) updated to new images built today" + +### 4.2.0 + +- Support for Kubernetes v1.19.0 was removed +- "[8810](https://github.com/kubernetes/ingress-nginx/pull/8810) Prepare for v1.3.0" +- "[8808](https://github.com/kubernetes/ingress-nginx/pull/8808) revert arch var name" +- "[8805](https://github.com/kubernetes/ingress-nginx/pull/8805) Bump k8s.io/klog/v2 from 2.60.1 to 2.70.1" +- "[8803](https://github.com/kubernetes/ingress-nginx/pull/8803) Update to nginx base with alpine v3.16" +- "[8802](https://github.com/kubernetes/ingress-nginx/pull/8802) chore: start v1.3.0 release process" +- "[8798](https://github.com/kubernetes/ingress-nginx/pull/8798) Add v1.24.0 to test matrix" +- "[8796](https://github.com/kubernetes/ingress-nginx/pull/8796) fix: add MAC_OS variable for static-check" +- "[8793](https://github.com/kubernetes/ingress-nginx/pull/8793) changed to alpine-v3.16" +- "[8781](https://github.com/kubernetes/ingress-nginx/pull/8781) Bump github.com/stretchr/testify from 1.7.5 to 1.8.0" +- "[8778](https://github.com/kubernetes/ingress-nginx/pull/8778) chore: remove stable.txt from release process" +- "[8775](https://github.com/kubernetes/ingress-nginx/pull/8775) Remove stable" +- "[8773](https://github.com/kubernetes/ingress-nginx/pull/8773) Bump github/codeql-action from 2.1.14 to 2.1.15" +- "[8772](https://github.com/kubernetes/ingress-nginx/pull/8772) Bump ossf/scorecard-action from 1.1.1 to 1.1.2" +- "[8771](https://github.com/kubernetes/ingress-nginx/pull/8771) fix bullet md format" +- "[8770](https://github.com/kubernetes/ingress-nginx/pull/8770) Add condition for monitoring.coreos.com/v1 API" +- "[8769](https://github.com/kubernetes/ingress-nginx/pull/8769) Fix typos and add links to developer guide" +- "[8767](https://github.com/kubernetes/ingress-nginx/pull/8767) change v1.2.0 to v1.2.1 in deploy doc URLs" +- "[8765](https://github.com/kubernetes/ingress-nginx/pull/8765) Bump github/codeql-action from 1.0.26 to 2.1.14" +- "[8752](https://github.com/kubernetes/ingress-nginx/pull/8752) Bump github.com/spf13/cobra from 1.4.0 to 1.5.0" +- "[8751](https://github.com/kubernetes/ingress-nginx/pull/8751) Bump github.com/stretchr/testify from 1.7.2 to 1.7.5" +- "[8750](https://github.com/kubernetes/ingress-nginx/pull/8750) added announcement" +- "[8740](https://github.com/kubernetes/ingress-nginx/pull/8740) change sha e2etestrunner and echoserver" +- "[8738](https://github.com/kubernetes/ingress-nginx/pull/8738) Update docs to make it easier for noobs to follow step by step" +- "[8737](https://github.com/kubernetes/ingress-nginx/pull/8737) updated baseimage sha" +- "[8736](https://github.com/kubernetes/ingress-nginx/pull/8736) set ld-musl-path" +- "[8733](https://github.com/kubernetes/ingress-nginx/pull/8733) feat: migrate leaderelection lock to leases" +- "[8726](https://github.com/kubernetes/ingress-nginx/pull/8726) prometheus metric: upstream_latency_seconds" +- "[8720](https://github.com/kubernetes/ingress-nginx/pull/8720) Ci pin deps" +- "[8719](https://github.com/kubernetes/ingress-nginx/pull/8719) Working OpenTelemetry sidecar (base nginx image)" +- "[8714](https://github.com/kubernetes/ingress-nginx/pull/8714) Create Openssf scorecard" +- "[8708](https://github.com/kubernetes/ingress-nginx/pull/8708) Bump github.com/prometheus/common from 0.34.0 to 0.35.0" +- "[8703](https://github.com/kubernetes/ingress-nginx/pull/8703) Bump actions/dependency-review-action from 1 to 2" +- "[8701](https://github.com/kubernetes/ingress-nginx/pull/8701) Fix several typos" +- "[8699](https://github.com/kubernetes/ingress-nginx/pull/8699) fix the gosec test and a make target for it" +- "[8698](https://github.com/kubernetes/ingress-nginx/pull/8698) Bump actions/upload-artifact from 2.3.1 to 3.1.0" +- "[8697](https://github.com/kubernetes/ingress-nginx/pull/8697) Bump actions/setup-go from 2.2.0 to 3.2.0" +- "[8695](https://github.com/kubernetes/ingress-nginx/pull/8695) Bump actions/download-artifact from 2 to 3" +- "[8694](https://github.com/kubernetes/ingress-nginx/pull/8694) Bump crazy-max/ghaction-docker-buildx from 1.6.2 to 3.3.1" + +### 4.1.2 + +- "[8587](https://github.com/kubernetes/ingress-nginx/pull/8587) Add CAP_SYS_CHROOT to DS/PSP when needed" +- "[8458](https://github.com/kubernetes/ingress-nginx/pull/8458) Add portNamePreffix Helm chart parameter" +- "[8522](https://github.com/kubernetes/ingress-nginx/pull/8522) Add documentation for controller.service.loadBalancerIP in Helm chart" + +### 4.1.0 + +- "[8481](https://github.com/kubernetes/ingress-nginx/pull/8481) Fix log creation in chroot script" +- "[8479](https://github.com/kubernetes/ingress-nginx/pull/8479) changed nginx base img tag to img built with alpine3.14.6" +- "[8478](https://github.com/kubernetes/ingress-nginx/pull/8478) update base images and protobuf gomod" +- "[8468](https://github.com/kubernetes/ingress-nginx/pull/8468) Fallback to ngx.var.scheme for redirectScheme with use-forward-headers when X-Forwarded-Proto is empty" +- "[8456](https://github.com/kubernetes/ingress-nginx/pull/8456) Implement object deep inspector" +- "[8455](https://github.com/kubernetes/ingress-nginx/pull/8455) Update dependencies" +- "[8454](https://github.com/kubernetes/ingress-nginx/pull/8454) Update index.md" +- "[8447](https://github.com/kubernetes/ingress-nginx/pull/8447) typo fixing" +- "[8446](https://github.com/kubernetes/ingress-nginx/pull/8446) Fix suggested annotation-value-word-blocklist" +- "[8444](https://github.com/kubernetes/ingress-nginx/pull/8444) replace deprecated topology key in example with current one" +- "[8443](https://github.com/kubernetes/ingress-nginx/pull/8443) Add dependency review enforcement" +- "[8434](https://github.com/kubernetes/ingress-nginx/pull/8434) added new auth-tls-match-cn annotation" +- "[8426](https://github.com/kubernetes/ingress-nginx/pull/8426) Bump github.com/prometheus/common from 0.32.1 to 0.33.0" + +### 4.0.18 + +- "[8291](https://github.com/kubernetes/ingress-nginx/pull/8291) remove git tag env from cloud build" +- "[8286](https://github.com/kubernetes/ingress-nginx/pull/8286) Fix OpenTelemetry sidecar image build" +- "[8277](https://github.com/kubernetes/ingress-nginx/pull/8277) Add OpenSSF Best practices badge" +- "[8273](https://github.com/kubernetes/ingress-nginx/pull/8273) Issue#8241" +- "[8267](https://github.com/kubernetes/ingress-nginx/pull/8267) Add fsGroup value to admission-webhooks/job-patch charts" +- "[8262](https://github.com/kubernetes/ingress-nginx/pull/8262) Updated confusing error" +- "[8256](https://github.com/kubernetes/ingress-nginx/pull/8256) fix: deny locations with invalid auth-url annotation" +- "[8253](https://github.com/kubernetes/ingress-nginx/pull/8253) Add a certificate info metric" +- "[8236](https://github.com/kubernetes/ingress-nginx/pull/8236) webhook: remove useless code." +- "[8227](https://github.com/kubernetes/ingress-nginx/pull/8227) Update libraries in webhook image" +- "[8225](https://github.com/kubernetes/ingress-nginx/pull/8225) fix inconsistent-label-cardinality for prometheus metrics: nginx_ingress_controller_requests" +- "[8221](https://github.com/kubernetes/ingress-nginx/pull/8221) Do not validate ingresses with unknown ingress class in admission webhook endpoint" +- "[8210](https://github.com/kubernetes/ingress-nginx/pull/8210) Bump github.com/prometheus/client_golang from 1.11.0 to 1.12.1" +- "[8209](https://github.com/kubernetes/ingress-nginx/pull/8209) Bump google.golang.org/grpc from 1.43.0 to 1.44.0" +- "[8204](https://github.com/kubernetes/ingress-nginx/pull/8204) Add Artifact Hub lint" +- "[8203](https://github.com/kubernetes/ingress-nginx/pull/8203) Fix Indentation of example and link to cert-manager tutorial" +- "[8201](https://github.com/kubernetes/ingress-nginx/pull/8201) feat(metrics): add path and method labels to requests countera" +- "[8199](https://github.com/kubernetes/ingress-nginx/pull/8199) use functional options to reduce number of methods creating an EchoDeployment" +- "[8196](https://github.com/kubernetes/ingress-nginx/pull/8196) docs: fix inconsistent controller annotation" +- "[8191](https://github.com/kubernetes/ingress-nginx/pull/8191) Using Go install for misspell" +- "[8186](https://github.com/kubernetes/ingress-nginx/pull/8186) prometheus+grafana using servicemonitor" +- "[8185](https://github.com/kubernetes/ingress-nginx/pull/8185) Append elements on match, instead of removing for cors-annotations" +- "[8179](https://github.com/kubernetes/ingress-nginx/pull/8179) Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0" +- "[8173](https://github.com/kubernetes/ingress-nginx/pull/8173) Adding annotations to the controller service account" +- "[8163](https://github.com/kubernetes/ingress-nginx/pull/8163) Update the $req_id placeholder description" +- "[8162](https://github.com/kubernetes/ingress-nginx/pull/8162) Versioned static manifests" +- "[8159](https://github.com/kubernetes/ingress-nginx/pull/8159) Adding some geoip variables and default values" +- "[8155](https://github.com/kubernetes/ingress-nginx/pull/8155) #7271 feat: avoid-pdb-creation-when-default-backend-disabled-and-replicas-gt-1" +- "[8151](https://github.com/kubernetes/ingress-nginx/pull/8151) Automatically generate helm docs" +- "[8143](https://github.com/kubernetes/ingress-nginx/pull/8143) Allow to configure delay before controller exits" +- "[8136](https://github.com/kubernetes/ingress-nginx/pull/8136) add ingressClass option to helm chart - back compatibility with ingress.class annotations" +- "[8126](https://github.com/kubernetes/ingress-nginx/pull/8126) Example for JWT" + + +### 4.0.15 + +- [8120] https://github.com/kubernetes/ingress-nginx/pull/8120 Update go in runner and release v1.1.1 +- [8119] https://github.com/kubernetes/ingress-nginx/pull/8119 Update to go v1.17.6 +- [8118] https://github.com/kubernetes/ingress-nginx/pull/8118 Remove deprecated libraries, update other libs +- [8117] https://github.com/kubernetes/ingress-nginx/pull/8117 Fix codegen errors +- [8115] https://github.com/kubernetes/ingress-nginx/pull/8115 chart/ghaction: set the correct permission to have access to push a release +- [8098] https://github.com/kubernetes/ingress-nginx/pull/8098 generating SHA for CA only certs in backend_ssl.go + comparison of P… +- [8088] https://github.com/kubernetes/ingress-nginx/pull/8088 Fix Edit this page link to use main branch +- [8072] https://github.com/kubernetes/ingress-nginx/pull/8072 Expose GeoIP2 Continent code as variable +- [8061] https://github.com/kubernetes/ingress-nginx/pull/8061 docs(charts): using helm-docs for chart +- [8058] https://github.com/kubernetes/ingress-nginx/pull/8058 Bump github.com/spf13/cobra from 1.2.1 to 1.3.0 +- [8054] https://github.com/kubernetes/ingress-nginx/pull/8054 Bump google.golang.org/grpc from 1.41.0 to 1.43.0 +- [8051] https://github.com/kubernetes/ingress-nginx/pull/8051 align bug report with feature request regarding kind documentation +- [8046] https://github.com/kubernetes/ingress-nginx/pull/8046 Report expired certificates (#8045) +- [8044] https://github.com/kubernetes/ingress-nginx/pull/8044 remove G109 check till gosec resolves issues +- [8042] https://github.com/kubernetes/ingress-nginx/pull/8042 docs_multiple_instances_one_cluster_ticket_7543 +- [8041] https://github.com/kubernetes/ingress-nginx/pull/8041 docs: fix typo'd executable name +- [8035] https://github.com/kubernetes/ingress-nginx/pull/8035 Comment busy owners +- [8029] https://github.com/kubernetes/ingress-nginx/pull/8029 Add stream-snippet as a ConfigMap and Annotation option +- [8023] https://github.com/kubernetes/ingress-nginx/pull/8023 fix nginx compilation flags +- [8021] https://github.com/kubernetes/ingress-nginx/pull/8021 Disable default modsecurity_rules_file if modsecurity-snippet is specified +- [8019] https://github.com/kubernetes/ingress-nginx/pull/8019 Revise main documentation page +- [8018] https://github.com/kubernetes/ingress-nginx/pull/8018 Preserve order of plugin invocation +- [8015] https://github.com/kubernetes/ingress-nginx/pull/8015 Add newline indenting to admission webhook annotations +- [8014] https://github.com/kubernetes/ingress-nginx/pull/8014 Add link to example error page manifest in docs +- [8009] https://github.com/kubernetes/ingress-nginx/pull/8009 Fix spelling in documentation and top-level files +- [8008] https://github.com/kubernetes/ingress-nginx/pull/8008 Add relabelings in controller-servicemonitor.yaml +- [8003] https://github.com/kubernetes/ingress-nginx/pull/8003 Minor improvements (formatting, consistency) in install guide +- [8001] https://github.com/kubernetes/ingress-nginx/pull/8001 fix: go-grpc Dockerfile +- [7999] https://github.com/kubernetes/ingress-nginx/pull/7999 images: use k8s-staging-test-infra/gcb-docker-gcloud +- [7996] https://github.com/kubernetes/ingress-nginx/pull/7996 doc: improvement +- [7983] https://github.com/kubernetes/ingress-nginx/pull/7983 Fix a couple of misspellings in the annotations documentation. +- [7979] https://github.com/kubernetes/ingress-nginx/pull/7979 allow set annotations for admission Jobs +- [7977] https://github.com/kubernetes/ingress-nginx/pull/7977 Add ssl_reject_handshake to default server +- [7975] https://github.com/kubernetes/ingress-nginx/pull/7975 add legacy version update v0.50.0 to main changelog +- [7972] https://github.com/kubernetes/ingress-nginx/pull/7972 updated service upstream definition + +### 4.0.14 + +- [8061] https://github.com/kubernetes/ingress-nginx/pull/8061 Using helm-docs to populate values table in README.md + +### 4.0.13 + +- [8008] https://github.com/kubernetes/ingress-nginx/pull/8008 Add relabelings in controller-servicemonitor.yaml + +### 4.0.12 + +- [7978] https://github.com/kubernetes/ingress-nginx/pull/7979 Support custom annotations in admissions Jobs + +### 4.0.11 + +- [7873] https://github.com/kubernetes/ingress-nginx/pull/7873 Makes the [appProtocol](https://kubernetes.io/docs/concepts/services-networking/_print/#application-protocol) field optional. + +### 4.0.10 + +- [7964] https://github.com/kubernetes/ingress-nginx/pull/7964 Update controller version to v1.1.0 + +### 4.0.9 + +- [6992] https://github.com/kubernetes/ingress-nginx/pull/6992 Add ability to specify labels for all resources + +### 4.0.7 + +- [7923] https://github.com/kubernetes/ingress-nginx/pull/7923 Release v1.0.5 of ingress-nginx +- [7806] https://github.com/kubernetes/ingress-nginx/pull/7806 Choice option for internal/external loadbalancer type service + +### 4.0.6 + +- [7804] https://github.com/kubernetes/ingress-nginx/pull/7804 Release v1.0.4 of ingress-nginx +- [7651] https://github.com/kubernetes/ingress-nginx/pull/7651 Support ipFamilyPolicy and ipFamilies fields in Helm Chart +- [7798] https://github.com/kubernetes/ingress-nginx/pull/7798 Exoscale: use HTTP Healthcheck mode +- [7793] https://github.com/kubernetes/ingress-nginx/pull/7793 Update kube-webhook-certgen to v1.1.1 + +### 4.0.5 + +- [7740] https://github.com/kubernetes/ingress-nginx/pull/7740 Release v1.0.3 of ingress-nginx + +### 4.0.3 + +- [7707] https://github.com/kubernetes/ingress-nginx/pull/7707 Release v1.0.2 of ingress-nginx + +### 4.0.2 + +- [7681] https://github.com/kubernetes/ingress-nginx/pull/7681 Release v1.0.1 of ingress-nginx + +### 4.0.1 + +- [7535] https://github.com/kubernetes/ingress-nginx/pull/7535 Release v1.0.0 ingress-nginx + +### 3.34.0 + +- [7256] https://github.com/kubernetes/ingress-nginx/pull/7256 Add namespace field in the namespace scoped resource templates + +### 3.33.0 + +- [7164] https://github.com/kubernetes/ingress-nginx/pull/7164 Update nginx to v1.20.1 + +### 3.32.0 + +- [7117] https://github.com/kubernetes/ingress-nginx/pull/7117 Add annotations for HPA + +### 3.31.0 + +- [7137] https://github.com/kubernetes/ingress-nginx/pull/7137 Add support for custom probes + +### 3.30.0 + +- [#7092](https://github.com/kubernetes/ingress-nginx/pull/7092) Removes the possibility of using localhost in ExternalNames as endpoints + +### 3.29.0 + +- [X] [#6945](https://github.com/kubernetes/ingress-nginx/pull/7020) Add option to specify job label for ServiceMonitor + +### 3.28.0 + +- [ ] [#6900](https://github.com/kubernetes/ingress-nginx/pull/6900) Support existing PSPs + +### 3.27.0 + +- Update ingress-nginx v0.45.0 + +### 3.26.0 + +- [X] [#6979](https://github.com/kubernetes/ingress-nginx/pull/6979) Changed servicePort value for metrics + +### 3.25.0 + +- [X] [#6957](https://github.com/kubernetes/ingress-nginx/pull/6957) Add ability to specify automountServiceAccountToken + +### 3.24.0 + +- [X] [#6908](https://github.com/kubernetes/ingress-nginx/pull/6908) Add volumes to default-backend deployment + +### 3.23.0 + +- Update ingress-nginx v0.44.0 + +### 3.22.0 + +- [X] [#6802](https://github.com/kubernetes/ingress-nginx/pull/6802) Add value for configuring a custom Diffie-Hellman parameters file +- [X] [#6815](https://github.com/kubernetes/ingress-nginx/pull/6815) Allow use of numeric namespaces in helm chart + +### 3.21.0 + +- [X] [#6783](https://github.com/kubernetes/ingress-nginx/pull/6783) Add custom annotations to ScaledObject +- [X] [#6761](https://github.com/kubernetes/ingress-nginx/pull/6761) Adding quotes in the serviceAccount name in Helm values +- [X] [#6767](https://github.com/kubernetes/ingress-nginx/pull/6767) Remove ClusterRole when scope option is enabled +- [X] [#6785](https://github.com/kubernetes/ingress-nginx/pull/6785) Update kube-webhook-certgen image to v1.5.1 + +### 3.20.1 + +- Do not create KEDA in case of DaemonSets. +- Fix KEDA v2 definition + +### 3.20.0 + +- [X] [#6730](https://github.com/kubernetes/ingress-nginx/pull/6730) Do not create HPA for defaultBackend if not enabled. + +### 3.19.0 + +- Update ingress-nginx v0.43.0 + +### 3.18.0 + +- [X] [#6688](https://github.com/kubernetes/ingress-nginx/pull/6688) Allow volume-type emptyDir in controller podsecuritypolicy +- [X] [#6691](https://github.com/kubernetes/ingress-nginx/pull/6691) Improve parsing of helm parameters + +### 3.17.0 + +- Update ingress-nginx v0.42.0 + +### 3.16.1 + +- Fix chart-releaser action + +### 3.16.0 + +- [X] [#6646](https://github.com/kubernetes/ingress-nginx/pull/6646) Added LoadBalancerIP value for internal service + +### 3.15.1 + +- Fix chart-releaser action + +### 3.15.0 + +- [X] [#6586](https://github.com/kubernetes/ingress-nginx/pull/6586) Fix 'maxmindLicenseKey' location in values.yaml + +### 3.14.0 + +- [X] [#6469](https://github.com/kubernetes/ingress-nginx/pull/6469) Allow custom service names for controller and backend + +### 3.13.0 + +- [X] [#6544](https://github.com/kubernetes/ingress-nginx/pull/6544) Fix default backend HPA name variable + +### 3.12.0 + +- [X] [#6514](https://github.com/kubernetes/ingress-nginx/pull/6514) Remove helm2 support and update docs + +### 3.11.1 + +- [X] [#6505](https://github.com/kubernetes/ingress-nginx/pull/6505) Reorder HPA resource list to work with GitOps tooling + +### 3.11.0 + +- Support Keda Autoscaling + +### 3.10.1 + +- Fix regression introduced in 0.41.0 with external authentication + +### 3.10.0 + +- Fix routing regression introduced in 0.41.0 with PathType Exact + +### 3.9.0 + +- [X] [#6423](https://github.com/kubernetes/ingress-nginx/pull/6423) Add Default backend HPA autoscaling + +### 3.8.0 + +- [X] [#6395](https://github.com/kubernetes/ingress-nginx/pull/6395) Update jettech/kube-webhook-certgen image +- [X] [#6377](https://github.com/kubernetes/ingress-nginx/pull/6377) Added loadBalancerSourceRanges for internal lbs +- [X] [#6356](https://github.com/kubernetes/ingress-nginx/pull/6356) Add securitycontext settings on defaultbackend +- [X] [#6401](https://github.com/kubernetes/ingress-nginx/pull/6401) Fix controller service annotations +- [X] [#6403](https://github.com/kubernetes/ingress-nginx/pull/6403) Initial helm chart changelog + +### 3.7.1 + +- [X] [#6326](https://github.com/kubernetes/ingress-nginx/pull/6326) Fix liveness and readiness probe path in daemonset chart + +### 3.7.0 + +- [X] [#6316](https://github.com/kubernetes/ingress-nginx/pull/6316) Numerals in podAnnotations in quotes [#6315](https://github.com/kubernetes/ingress-nginx/issues/6315) + +### 3.6.0 + +- [X] [#6305](https://github.com/kubernetes/ingress-nginx/pull/6305) Add default linux nodeSelector + +### 3.5.1 + +- [X] [#6299](https://github.com/kubernetes/ingress-nginx/pull/6299) Fix helm chart release + +### 3.5.0 + +- [X] [#6260](https://github.com/kubernetes/ingress-nginx/pull/6260) Allow Helm Chart to customize admission webhook's annotations, timeoutSeconds, namespaceSelector, objectSelector and cert files locations + +### 3.4.0 + +- [X] [#6268](https://github.com/kubernetes/ingress-nginx/pull/6268) Update to 0.40.2 in helm chart #6288 + +### 3.3.1 + +- [X] [#6259](https://github.com/kubernetes/ingress-nginx/pull/6259) Release helm chart +- [X] [#6258](https://github.com/kubernetes/ingress-nginx/pull/6258) Fix chart markdown link +- [X] [#6253](https://github.com/kubernetes/ingress-nginx/pull/6253) Release v0.40.0 + +### 3.3.1 + +- [X] [#6233](https://github.com/kubernetes/ingress-nginx/pull/6233) Add admission controller e2e test + +### 3.3.0 + +- [X] [#6203](https://github.com/kubernetes/ingress-nginx/pull/6203) Refactor parsing of key values +- [X] [#6162](https://github.com/kubernetes/ingress-nginx/pull/6162) Add helm chart options to expose metrics service as NodePort +- [X] [#6180](https://github.com/kubernetes/ingress-nginx/pull/6180) Fix helm chart admissionReviewVersions regression +- [X] [#6169](https://github.com/kubernetes/ingress-nginx/pull/6169) Fix Typo in example prometheus rules + +### 3.0.0 + +- [X] [#6167](https://github.com/kubernetes/ingress-nginx/pull/6167) Update chart requirements + +### 2.16.0 + +- [X] [#6154](https://github.com/kubernetes/ingress-nginx/pull/6154) add `topologySpreadConstraint` to controller + +### 2.15.0 + +- [X] [#6087](https://github.com/kubernetes/ingress-nginx/pull/6087) Adding parameter for externalTrafficPolicy in internal controller service spec + +### 2.14.0 + +- [X] [#6104](https://github.com/kubernetes/ingress-nginx/pull/6104) Misc fixes for nginx-ingress chart for better keel and prometheus-operator integration + +### 2.13.0 + +- [X] [#6093](https://github.com/kubernetes/ingress-nginx/pull/6093) Release v0.35.0 + +### 2.13.0 + +- [X] [#6093](https://github.com/kubernetes/ingress-nginx/pull/6093) Release v0.35.0 +- [X] [#6080](https://github.com/kubernetes/ingress-nginx/pull/6080) Switch images to k8s.gcr.io after Vanity Domain Flip + +### 2.12.1 + +- [X] [#6075](https://github.com/kubernetes/ingress-nginx/pull/6075) Sync helm chart affinity examples + +### 2.12.0 + +- [X] [#6039](https://github.com/kubernetes/ingress-nginx/pull/6039) Add configurable serviceMonitor metricRelabelling and targetLabels +- [X] [#6044](https://github.com/kubernetes/ingress-nginx/pull/6044) Fix YAML linting + +### 2.11.3 + +- [X] [#6038](https://github.com/kubernetes/ingress-nginx/pull/6038) Bump chart version PATCH + +### 2.11.2 + +- [X] [#5951](https://github.com/kubernetes/ingress-nginx/pull/5951) Bump chart patch version + +### 2.11.1 + +- [X] [#5900](https://github.com/kubernetes/ingress-nginx/pull/5900) Release helm chart for v0.34.1 + +### 2.11.0 + +- [X] [#5879](https://github.com/kubernetes/ingress-nginx/pull/5879) Update helm chart for v0.34.0 +- [X] [#5671](https://github.com/kubernetes/ingress-nginx/pull/5671) Make liveness probe more fault tolerant than readiness probe + +### 2.10.0 + +- [X] [#5843](https://github.com/kubernetes/ingress-nginx/pull/5843) Update jettech/kube-webhook-certgen image + +### 2.9.1 + +- [X] [#5823](https://github.com/kubernetes/ingress-nginx/pull/5823) Add quoting to sysctls because numeric values need to be presented as strings (#5823) + +### 2.9.0 + +- [X] [#5795](https://github.com/kubernetes/ingress-nginx/pull/5795) Use fully qualified images to avoid cri-o issues + + +### TODO + +Keep building the changelog using *git log charts* checking the tag diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml new file mode 100644 index 0000000000..41b495f8be --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml @@ -0,0 +1,26 @@ +annotations: + artifacthub.io/changes: | + - "add lint on chart before release (#9570)" + - "ci: remove setup-helm step (#9404)" + - "feat(helm): Optionally use cert-manager instead admission patch (#9279)" + - "run helm release on main only and when the chart/value changes only (#9290)" + - "Update Ingress-Nginx version controller-v1.6.4" + artifacthub.io/prerelease: "false" +apiVersion: v2 +appVersion: 1.6.4 +description: Ingress controller for Kubernetes using NGINX as a reverse proxy and + load balancer +home: https://github.com/kubernetes/ingress-nginx +icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/500px-Nginx_logo.svg.png +keywords: +- ingress +- nginx +kubeVersion: '>=1.20.0-0' +maintainers: +- name: rikatz +- name: strongjz +- name: tao12345666333 +name: ingress-nginx +sources: +- https://github.com/kubernetes/ingress-nginx +version: 4.5.2 diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS b/config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS new file mode 100644 index 0000000000..6b7e049ca8 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS @@ -0,0 +1,10 @@ +# See the OWNERS docs: https://github.com/kubernetes/community/blob/master/contributors/guide/owners.md + +approvers: +- ingress-nginx-helm-maintainers + +reviewers: +- ingress-nginx-helm-reviewers + +labels: +- area/helm diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md b/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md new file mode 100644 index 0000000000..49bb38273b --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md @@ -0,0 +1,524 @@ +# ingress-nginx + +[ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer + +![Version: 4.5.2](https://img.shields.io/badge/Version-4.5.2-informational?style=flat-square) ![AppVersion: 1.6.4](https://img.shields.io/badge/AppVersion-1.6.4-informational?style=flat-square) + +To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. + +This chart bootstraps an ingress-nginx deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Chart version 3.x.x: Kubernetes v1.16+ +- Chart version 4.x.x and above: Kubernetes v1.19+ + +## Get Repo Info + +```console +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update +``` + +## Install Chart + +**Important:** only helm3 is supported + +```console +helm install [RELEASE_NAME] ingress-nginx/ingress-nginx +``` + +The command deploys ingress-nginx on the Kubernetes cluster in the default configuration. + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] [CHART] --install +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +### Upgrading With Zero Downtime in Production + +By default the ingress-nginx controller has service interruptions whenever it's pods are restarted or redeployed. In order to fix that, see the excellent blog post by Lindsay Landry from Codecademy: [Kubernetes: Nginx and Zero Downtime in Production](https://medium.com/codecademy-engineering/kubernetes-nginx-and-zero-downtime-in-production-2c910c6a5ed8). + +### Migrating from stable/nginx-ingress + +There are two main ways to migrate a release from `stable/nginx-ingress` to `ingress-nginx/ingress-nginx` chart: + +1. For Nginx Ingress controllers used for non-critical services, the easiest method is to [uninstall](#uninstall-chart) the old release and [install](#install-chart) the new one +1. For critical services in production that require zero-downtime, you will want to: + 1. [Install](#install-chart) a second Ingress controller + 1. Redirect your DNS traffic from the old controller to the new controller + 1. Log traffic from both controllers during this changeover + 1. [Uninstall](#uninstall-chart) the old controller once traffic has fully drained from it + 1. For details on all of these steps see [Upgrading With Zero Downtime in Production](#upgrading-with-zero-downtime-in-production) + +Note that there are some different and upgraded configurations between the two charts, described by Rimas Mocevicius from JFrog in the "Upgrading to ingress-nginx Helm chart" section of [Migrating from Helm chart nginx-ingress to ingress-nginx](https://rimusz.net/migrating-to-ingress-nginx). As the `ingress-nginx/ingress-nginx` chart continues to update, you will want to check current differences by running [helm configuration](#configuration) commands on both charts. + +## Configuration + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: + +```console +helm show values ingress-nginx/ingress-nginx +``` + +### PodDisruptionBudget + +Note that the PodDisruptionBudget resource will only be defined if the replicaCount is greater than one, +else it would make it impossible to evacuate a node. See [gh issue #7127](https://github.com/helm/charts/issues/7127) for more info. + +### Prometheus Metrics + +The Nginx ingress controller can export Prometheus metrics, by setting `controller.metrics.enabled` to `true`. + +You can add Prometheus annotations to the metrics service using `controller.metrics.service.annotations`. +Alternatively, if you use the Prometheus Operator, you can enable ServiceMonitor creation using `controller.metrics.serviceMonitor.enabled`. And set `controller.metrics.serviceMonitor.additionalLabels.release="prometheus"`. "release=prometheus" should match the label configured in the prometheus servicemonitor ( see `kubectl get servicemonitor prometheus-kube-prom-prometheus -oyaml -n prometheus`) + +### ingress-nginx nginx\_status page/stats server + +Previous versions of this chart had a `controller.stats.*` configuration block, which is now obsolete due to the following changes in nginx ingress controller: + +- In [0.16.1](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0161), the vts (virtual host traffic status) dashboard was removed +- In [0.23.0](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0230), the status page at port 18080 is now a unix socket webserver only available at localhost. + You can use `curl --unix-socket /tmp/nginx-status-server.sock http://localhost/nginx_status` inside the controller container to access it locally, or use the snippet from [nginx-ingress changelog](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0230) to re-enable the http server + +### ExternalDNS Service Configuration + +Add an [ExternalDNS](https://github.com/kubernetes-incubator/external-dns) annotation to the LoadBalancer service: + +```yaml +controller: + service: + annotations: + external-dns.alpha.kubernetes.io/hostname: kubernetes-example.com. +``` + +### AWS L7 ELB with SSL Termination + +Annotate the controller as shown in the [nginx-ingress l7 patch](https://github.com/kubernetes/ingress-nginx/blob/ab3a789caae65eec4ad6e3b46b19750b481b6bce/deploy/aws/l7/service-l7.yaml): + +```yaml +controller: + service: + targetPorts: + http: http + https: http + annotations: + service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:XX-XXXX-X:XXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX + service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" + service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https" + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' +``` + +### AWS route53-mapper + +To configure the LoadBalancer service with the [route53-mapper addon](https://github.com/kubernetes/kops/blob/be63d4f1a7a46daaf1c4c482527328236850f111/addons/route53-mapper/README.md), add the `domainName` annotation and `dns` label: + +```yaml +controller: + service: + labels: + dns: "route53" + annotations: + domainName: "kubernetes-example.com" +``` + +### Additional Internal Load Balancer + +This setup is useful when you need both external and internal load balancers but don't want to have multiple ingress controllers and multiple ingress objects per application. + +By default, the ingress object will point to the external load balancer address, but if correctly configured, you can make use of the internal one if the URL you are looking up resolves to the internal load balancer's URL. + +You'll need to set both the following values: + +`controller.service.internal.enabled` +`controller.service.internal.annotations` + +If one of them is missing the internal load balancer will not be deployed. Example you may have `controller.service.internal.enabled=true` but no annotations set, in this case no action will be taken. + +`controller.service.internal.annotations` varies with the cloud service you're using. + +Example for AWS: + +```yaml +controller: + service: + internal: + enabled: true + annotations: + # Create internal ELB + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +Example for GCE: + +```yaml +controller: + service: + internal: + enabled: true + annotations: + # Create internal LB. More information: https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing + # For GKE versions 1.17 and later + networking.gke.io/load-balancer-type: "Internal" + # For earlier versions + # cloud.google.com/load-balancer-type: "Internal" + + # Any other annotation can be declared here. +``` + +Example for Azure: + +```yaml +controller: + service: + annotations: + # Create internal LB + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +Example for Oracle Cloud Infrastructure: + +```yaml +controller: + service: + annotations: + # Create internal LB + service.beta.kubernetes.io/oci-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +An use case for this scenario is having a split-view DNS setup where the public zone CNAME records point to the external balancer URL while the private zone CNAME records point to the internal balancer URL. This way, you only need one ingress kubernetes object. + +Optionally you can set `controller.service.loadBalancerIP` if you need a static IP for the resulting `LoadBalancer`. + +### Ingress Admission Webhooks + +With nginx-ingress-controller version 0.25+, the nginx ingress controller pod exposes an endpoint that will integrate with the `validatingwebhookconfiguration` Kubernetes feature to prevent bad ingress from being added to the cluster. +**This feature is enabled by default since 0.31.0.** + +With nginx-ingress-controller in 0.25.* work only with kubernetes 1.14+, 0.26 fix [this issue](https://github.com/kubernetes/ingress-nginx/pull/4521) + +#### How the Chart Configures the Hooks +A validating and configuration requires the endpoint to which the request is sent to use TLS. It is possible to set up custom certificates to do this, but in most cases, a self-signed certificate is enough. The setup of this component requires some more complex orchestration when using helm. The steps are created to be idempotent and to allow turning the feature on and off without running into helm quirks. + +1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end user certificates. If the certificate already exists, the hook exits. +2. The ingress nginx controller pod is configured to use a TLS proxy container, which will load that certificate. +3. Validating and Mutating webhook configurations are created in the cluster. +4. A post-install hook reads the CA from the secret created by step 1 and patches the Validating and Mutating webhook configurations. This process will allow a custom CA provisioned by some other process to also be patched into the webhook configurations. The chosen failure policy is also patched into the webhook configurations + +#### Alternatives +It should be possible to use [cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) if a more complete solution is required. + +You can enable automatic self-signed TLS certificate provisioning via cert-manager by setting the `controller.admissionWebhooks.certManager.enable` value to true. + +Please ensure that cert-manager is correctly installed and configured. + +### Helm Error When Upgrading: spec.clusterIP: Invalid value: "" + +If you are upgrading this chart from a version between 0.31.0 and 1.2.2 then you may get an error like this: + +```console +Error: UPGRADE FAILED: Service "?????-controller" is invalid: spec.clusterIP: Invalid value: "": field is immutable +``` + +Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13646) but to resolve this you can set `xxxx.service.omitClusterIP` to `true` where `xxxx` is the service referenced in the error. + +As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered. + +## Requirements + +Kubernetes: `>=1.20.0-0` + +## Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| commonLabels | object | `{}` | | +| controller.addHeaders | object | `{}` | Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers | +| controller.admissionWebhooks.annotations | object | `{}` | | +| controller.admissionWebhooks.certManager.admissionCert.duration | string | `""` | | +| controller.admissionWebhooks.certManager.enabled | bool | `false` | | +| controller.admissionWebhooks.certManager.rootCert.duration | string | `""` | | +| controller.admissionWebhooks.certificate | string | `"/usr/local/certificates/cert"` | | +| controller.admissionWebhooks.createSecretJob.resources | object | `{}` | | +| controller.admissionWebhooks.createSecretJob.securityContext.allowPrivilegeEscalation | bool | `false` | | +| controller.admissionWebhooks.enabled | bool | `true` | | +| controller.admissionWebhooks.existingPsp | string | `""` | Use an existing PSP instead of creating one | +| controller.admissionWebhooks.extraEnvs | list | `[]` | Additional environment variables to set | +| controller.admissionWebhooks.failurePolicy | string | `"Fail"` | Admission Webhook failure policy to use | +| controller.admissionWebhooks.key | string | `"/usr/local/certificates/key"` | | +| controller.admissionWebhooks.labels | object | `{}` | Labels to be added to admission webhooks | +| controller.admissionWebhooks.namespaceSelector | object | `{}` | | +| controller.admissionWebhooks.networkPolicyEnabled | bool | `false` | | +| controller.admissionWebhooks.objectSelector | object | `{}` | | +| controller.admissionWebhooks.patch.enabled | bool | `true` | | +| controller.admissionWebhooks.patch.image.digest | string | `"sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f"` | | +| controller.admissionWebhooks.patch.image.image | string | `"ingress-nginx/kube-webhook-certgen"` | | +| controller.admissionWebhooks.patch.image.pullPolicy | string | `"IfNotPresent"` | | +| controller.admissionWebhooks.patch.image.registry | string | `"registry.k8s.io"` | | +| controller.admissionWebhooks.patch.image.tag | string | `"v20220916-gd32f8c343"` | | +| controller.admissionWebhooks.patch.labels | object | `{}` | Labels to be added to patch job resources | +| controller.admissionWebhooks.patch.nodeSelector."kubernetes.io/os" | string | `"linux"` | | +| controller.admissionWebhooks.patch.podAnnotations | object | `{}` | | +| controller.admissionWebhooks.patch.priorityClassName | string | `""` | Provide a priority class name to the webhook patching job # | +| controller.admissionWebhooks.patch.securityContext.fsGroup | int | `2000` | | +| controller.admissionWebhooks.patch.securityContext.runAsNonRoot | bool | `true` | | +| controller.admissionWebhooks.patch.securityContext.runAsUser | int | `2000` | | +| controller.admissionWebhooks.patch.tolerations | list | `[]` | | +| controller.admissionWebhooks.patchWebhookJob.resources | object | `{}` | | +| controller.admissionWebhooks.patchWebhookJob.securityContext.allowPrivilegeEscalation | bool | `false` | | +| controller.admissionWebhooks.port | int | `8443` | | +| controller.admissionWebhooks.service.annotations | object | `{}` | | +| controller.admissionWebhooks.service.externalIPs | list | `[]` | | +| controller.admissionWebhooks.service.loadBalancerSourceRanges | list | `[]` | | +| controller.admissionWebhooks.service.servicePort | int | `443` | | +| controller.admissionWebhooks.service.type | string | `"ClusterIP"` | | +| controller.affinity | object | `{}` | Affinity and anti-affinity rules for server scheduling to nodes # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity # | +| controller.allowSnippetAnnotations | bool | `true` | This configuration defines if Ingress Controller should allow users to set their own *-snippet annotations, otherwise this is forbidden / dropped when users add those annotations. Global snippets in ConfigMap are still respected | +| controller.annotations | object | `{}` | Annotations to be added to the controller Deployment or DaemonSet # | +| controller.autoscaling.annotations | object | `{}` | | +| controller.autoscaling.apiVersion | string | `"autoscaling/v2"` | | +| controller.autoscaling.behavior | object | `{}` | | +| controller.autoscaling.enabled | bool | `false` | | +| controller.autoscaling.maxReplicas | int | `11` | | +| controller.autoscaling.minReplicas | int | `1` | | +| controller.autoscaling.targetCPUUtilizationPercentage | int | `50` | | +| controller.autoscaling.targetMemoryUtilizationPercentage | int | `50` | | +| controller.autoscalingTemplate | list | `[]` | | +| controller.config | object | `{}` | Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ | +| controller.configAnnotations | object | `{}` | Annotations to be added to the controller config configuration configmap. | +| controller.configMapNamespace | string | `""` | Allows customization of the configmap / nginx-configmap namespace; defaults to $(POD_NAMESPACE) | +| controller.containerName | string | `"controller"` | Configures the controller container name | +| controller.containerPort | object | `{"http":80,"https":443}` | Configures the ports that the nginx-controller listens on | +| controller.customTemplate.configMapKey | string | `""` | | +| controller.customTemplate.configMapName | string | `""` | | +| controller.dnsConfig | object | `{}` | Optionally customize the pod dnsConfig. | +| controller.dnsPolicy | string | `"ClusterFirst"` | Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'. By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller to keep resolving names inside the k8s network, use ClusterFirstWithHostNet. | +| controller.electionID | string | `""` | Election ID to use for status update, by default it uses the controller name combined with a suffix of 'leader' | +| controller.enableMimalloc | bool | `true` | Enable mimalloc as a drop-in replacement for malloc. # ref: https://github.com/microsoft/mimalloc # | +| controller.enableTopologyAwareRouting | bool | `false` | This configuration enables Topology Aware Routing feature, used together with service annotation service.kubernetes.io/topology-aware-hints="auto" Defaults to false | +| controller.existingPsp | string | `""` | Use an existing PSP instead of creating one | +| controller.extraArgs | object | `{}` | Additional command line arguments to pass to nginx-ingress-controller E.g. to specify the default SSL certificate you can use | +| controller.extraContainers | list | `[]` | Additional containers to be added to the controller pod. See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. | +| controller.extraEnvs | list | `[]` | Additional environment variables to set | +| controller.extraInitContainers | list | `[]` | Containers, which are run before the app containers are started. | +| controller.extraModules | list | `[]` | Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module | +| controller.extraVolumeMounts | list | `[]` | Additional volumeMounts to the controller main container. | +| controller.extraVolumes | list | `[]` | Additional volumes to the controller pod. | +| controller.healthCheckHost | string | `""` | Address to bind the health check endpoint. It is better to set this option to the internal node address if the ingress nginx controller is running in the `hostNetwork: true` mode. | +| controller.healthCheckPath | string | `"/healthz"` | Path of the health check endpoint. All requests received on the port defined by the healthz-port parameter are forwarded internally to this path. | +| controller.hostNetwork | bool | `false` | Required for use with CNI based kubernetes installations (such as ones set up by kubeadm), since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920 is merged | +| controller.hostPort.enabled | bool | `false` | Enable 'hostPort' or not | +| controller.hostPort.ports.http | int | `80` | 'hostPort' http port | +| controller.hostPort.ports.https | int | `443` | 'hostPort' https port | +| controller.hostname | object | `{}` | Optionally customize the pod hostname. | +| controller.image.allowPrivilegeEscalation | bool | `true` | | +| controller.image.chroot | bool | `false` | | +| controller.image.digest | string | `"sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f"` | | +| controller.image.digestChroot | string | `"sha256:0de01e2c316c3ca7847ca13b32d077af7910d07f21a4a82f81061839764f8f81"` | | +| controller.image.image | string | `"ingress-nginx/controller"` | | +| controller.image.pullPolicy | string | `"IfNotPresent"` | | +| controller.image.registry | string | `"registry.k8s.io"` | | +| controller.image.runAsUser | int | `101` | | +| controller.image.tag | string | `"v1.6.4"` | | +| controller.ingressClass | string | `"nginx"` | For backwards compatibility with ingress.class annotation, use ingressClass. Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation | +| controller.ingressClassByName | bool | `false` | Process IngressClass per name (additionally as per spec.controller). | +| controller.ingressClassResource.controllerValue | string | `"k8s.io/ingress-nginx"` | Controller-value of the controller that is processing this ingressClass | +| controller.ingressClassResource.default | bool | `false` | Is this the default ingressClass for the cluster | +| controller.ingressClassResource.enabled | bool | `true` | Is this ingressClass enabled or not | +| controller.ingressClassResource.name | string | `"nginx"` | Name of the ingressClass | +| controller.ingressClassResource.parameters | object | `{}` | Parameters is a link to a custom resource containing additional configuration for the controller. This is optional if the controller does not require extra parameters. | +| controller.keda.apiVersion | string | `"keda.sh/v1alpha1"` | | +| controller.keda.behavior | object | `{}` | | +| controller.keda.cooldownPeriod | int | `300` | | +| controller.keda.enabled | bool | `false` | | +| controller.keda.maxReplicas | int | `11` | | +| controller.keda.minReplicas | int | `1` | | +| controller.keda.pollingInterval | int | `30` | | +| controller.keda.restoreToOriginalReplicaCount | bool | `false` | | +| controller.keda.scaledObject.annotations | object | `{}` | | +| controller.keda.triggers | list | `[]` | | +| controller.kind | string | `"Deployment"` | Use a `DaemonSet` or `Deployment` | +| controller.labels | object | `{}` | Labels to be added to the controller Deployment or DaemonSet and other resources that do not have option to specify labels # | +| controller.lifecycle | object | `{"preStop":{"exec":{"command":["/wait-shutdown"]}}}` | Improve connection draining when ingress controller pod is deleted using a lifecycle hook: With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds to 300, allowing the draining of connections up to five minutes. If the active connections end before that, the pod will terminate gracefully at that time. To effectively take advantage of this feature, the Configmap feature worker-shutdown-timeout new value is 240s instead of 10s. # | +| controller.livenessProbe.failureThreshold | int | `5` | | +| controller.livenessProbe.httpGet.path | string | `"/healthz"` | | +| controller.livenessProbe.httpGet.port | int | `10254` | | +| controller.livenessProbe.httpGet.scheme | string | `"HTTP"` | | +| controller.livenessProbe.initialDelaySeconds | int | `10` | | +| controller.livenessProbe.periodSeconds | int | `10` | | +| controller.livenessProbe.successThreshold | int | `1` | | +| controller.livenessProbe.timeoutSeconds | int | `1` | | +| controller.maxmindLicenseKey | string | `""` | Maxmind license key to download GeoLite2 Databases. # https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases | +| controller.metrics.enabled | bool | `false` | | +| controller.metrics.port | int | `10254` | | +| controller.metrics.portName | string | `"metrics"` | | +| controller.metrics.prometheusRule.additionalLabels | object | `{}` | | +| controller.metrics.prometheusRule.enabled | bool | `false` | | +| controller.metrics.prometheusRule.rules | list | `[]` | | +| controller.metrics.service.annotations | object | `{}` | | +| controller.metrics.service.externalIPs | list | `[]` | List of IP addresses at which the stats-exporter service is available # Ref: https://kubernetes.io/docs/user-guide/services/#external-ips # | +| controller.metrics.service.labels | object | `{}` | Labels to be added to the metrics service resource | +| controller.metrics.service.loadBalancerSourceRanges | list | `[]` | | +| controller.metrics.service.servicePort | int | `10254` | | +| controller.metrics.service.type | string | `"ClusterIP"` | | +| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | | +| controller.metrics.serviceMonitor.enabled | bool | `false` | | +| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | | +| controller.metrics.serviceMonitor.namespace | string | `""` | | +| controller.metrics.serviceMonitor.namespaceSelector | object | `{}` | | +| controller.metrics.serviceMonitor.relabelings | list | `[]` | | +| controller.metrics.serviceMonitor.scrapeInterval | string | `"30s"` | | +| controller.metrics.serviceMonitor.targetLabels | list | `[]` | | +| controller.minAvailable | int | `1` | Define either 'minAvailable' or 'maxUnavailable', never both. | +| controller.minReadySeconds | int | `0` | `minReadySeconds` to avoid killing pods before we are ready # | +| controller.name | string | `"controller"` | | +| controller.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for controller pod assignment # Ref: https://kubernetes.io/docs/user-guide/node-selection/ # | +| controller.opentelemetry.containerSecurityContext.allowPrivilegeEscalation | bool | `false` | | +| controller.opentelemetry.enabled | bool | `false` | | +| controller.opentelemetry.image | string | `"registry.k8s.io/ingress-nginx/opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:331b9bebd6acfcd2d3048abbdd86555f5be76b7e3d0b5af4300b04235c6056c9"` | | +| controller.podAnnotations | object | `{}` | Annotations to be added to controller pods # | +| controller.podLabels | object | `{}` | Labels to add to the pod container metadata | +| controller.podSecurityContext | object | `{}` | Security Context policies for controller pods | +| controller.priorityClassName | string | `""` | | +| controller.proxySetHeaders | object | `{}` | Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/custom-headers | +| controller.publishService | object | `{"enabled":true,"pathOverride":""}` | Allows customization of the source of the IP address or FQDN to report in the ingress status field. By default, it reads the information provided by the service. If disable, the status field reports the IP address of the node or nodes where an ingress controller pod is running. | +| controller.publishService.enabled | bool | `true` | Enable 'publishService' or not | +| controller.publishService.pathOverride | string | `""` | Allows overriding of the publish service to bind to Must be / | +| controller.readinessProbe.failureThreshold | int | `3` | | +| controller.readinessProbe.httpGet.path | string | `"/healthz"` | | +| controller.readinessProbe.httpGet.port | int | `10254` | | +| controller.readinessProbe.httpGet.scheme | string | `"HTTP"` | | +| controller.readinessProbe.initialDelaySeconds | int | `10` | | +| controller.readinessProbe.periodSeconds | int | `10` | | +| controller.readinessProbe.successThreshold | int | `1` | | +| controller.readinessProbe.timeoutSeconds | int | `1` | | +| controller.replicaCount | int | `1` | | +| controller.reportNodeInternalIp | bool | `false` | Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply | +| controller.resources.requests.cpu | string | `"100m"` | | +| controller.resources.requests.memory | string | `"90Mi"` | | +| controller.scope.enabled | bool | `false` | Enable 'scope' or not | +| controller.scope.namespace | string | `""` | Namespace to limit the controller to; defaults to $(POD_NAMESPACE) | +| controller.scope.namespaceSelector | string | `""` | When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces. | +| controller.service.annotations | object | `{}` | | +| controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | +| controller.service.enableHttp | bool | `true` | | +| controller.service.enableHttps | bool | `true` | | +| controller.service.enabled | bool | `true` | | +| controller.service.external.enabled | bool | `true` | | +| controller.service.externalIPs | list | `[]` | List of IP addresses at which the controller services are available # Ref: https://kubernetes.io/docs/user-guide/services/#external-ips # | +| controller.service.internal.annotations | object | `{}` | Annotations are mandatory for the load balancer to come up. Varies with the cloud service. | +| controller.service.internal.enabled | bool | `false` | Enables an additional internal load balancer (besides the external one). | +| controller.service.internal.loadBalancerSourceRanges | list | `[]` | Restrict access For LoadBalancer service. Defaults to 0.0.0.0/0. | +| controller.service.ipFamilies | list | `["IPv4"]` | List of IP families (e.g. IPv4, IPv6) assigned to the service. This field is usually assigned automatically based on cluster configuration and the ipFamilyPolicy field. # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/ | +| controller.service.ipFamilyPolicy | string | `"SingleStack"` | Represents the dual-stack-ness requested or required by this Service. Possible values are SingleStack, PreferDualStack or RequireDualStack. The ipFamilies and clusterIPs fields depend on the value of this field. # Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/ | +| controller.service.labels | object | `{}` | | +| controller.service.loadBalancerIP | string | `""` | Used by cloud providers to connect the resulting `LoadBalancer` to a pre-existing static IP according to https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer | +| controller.service.loadBalancerSourceRanges | list | `[]` | | +| controller.service.nodePorts.http | string | `""` | | +| controller.service.nodePorts.https | string | `""` | | +| controller.service.nodePorts.tcp | object | `{}` | | +| controller.service.nodePorts.udp | object | `{}` | | +| controller.service.ports.http | int | `80` | | +| controller.service.ports.https | int | `443` | | +| controller.service.targetPorts.http | string | `"http"` | | +| controller.service.targetPorts.https | string | `"https"` | | +| controller.service.type | string | `"LoadBalancer"` | | +| controller.shareProcessNamespace | bool | `false` | | +| controller.sysctls | object | `{}` | See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls | +| controller.tcp.annotations | object | `{}` | Annotations to be added to the tcp config configmap | +| controller.tcp.configMapNamespace | string | `""` | Allows customization of the tcp-services-configmap; defaults to $(POD_NAMESPACE) | +| controller.terminationGracePeriodSeconds | int | `300` | `terminationGracePeriodSeconds` to avoid killing pods before we are ready # wait up to five minutes for the drain of connections # | +| controller.tolerations | list | `[]` | Node tolerations for server scheduling to nodes with taints # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ # | +| controller.topologySpreadConstraints | list | `[]` | Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. # Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ # | +| controller.udp.annotations | object | `{}` | Annotations to be added to the udp config configmap | +| controller.udp.configMapNamespace | string | `""` | Allows customization of the udp-services-configmap; defaults to $(POD_NAMESPACE) | +| controller.updateStrategy | object | `{}` | The update strategy to apply to the Deployment or DaemonSet # | +| controller.watchIngressWithoutClass | bool | `false` | Process Ingress objects without ingressClass annotation/ingressClassName field Overrides value for --watch-ingress-without-class flag of the controller binary Defaults to false | +| defaultBackend.affinity | object | `{}` | | +| defaultBackend.autoscaling.annotations | object | `{}` | | +| defaultBackend.autoscaling.enabled | bool | `false` | | +| defaultBackend.autoscaling.maxReplicas | int | `2` | | +| defaultBackend.autoscaling.minReplicas | int | `1` | | +| defaultBackend.autoscaling.targetCPUUtilizationPercentage | int | `50` | | +| defaultBackend.autoscaling.targetMemoryUtilizationPercentage | int | `50` | | +| defaultBackend.containerSecurityContext | object | `{}` | Security Context policies for controller main container. See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls # | +| defaultBackend.enabled | bool | `false` | | +| defaultBackend.existingPsp | string | `""` | Use an existing PSP instead of creating one | +| defaultBackend.extraArgs | object | `{}` | | +| defaultBackend.extraEnvs | list | `[]` | Additional environment variables to set for defaultBackend pods | +| defaultBackend.extraVolumeMounts | list | `[]` | | +| defaultBackend.extraVolumes | list | `[]` | | +| defaultBackend.image.allowPrivilegeEscalation | bool | `false` | | +| defaultBackend.image.image | string | `"defaultbackend-amd64"` | | +| defaultBackend.image.pullPolicy | string | `"IfNotPresent"` | | +| defaultBackend.image.readOnlyRootFilesystem | bool | `true` | | +| defaultBackend.image.registry | string | `"registry.k8s.io"` | | +| defaultBackend.image.runAsNonRoot | bool | `true` | | +| defaultBackend.image.runAsUser | int | `65534` | | +| defaultBackend.image.tag | string | `"1.5"` | | +| defaultBackend.labels | object | `{}` | Labels to be added to the default backend resources | +| defaultBackend.livenessProbe.failureThreshold | int | `3` | | +| defaultBackend.livenessProbe.initialDelaySeconds | int | `30` | | +| defaultBackend.livenessProbe.periodSeconds | int | `10` | | +| defaultBackend.livenessProbe.successThreshold | int | `1` | | +| defaultBackend.livenessProbe.timeoutSeconds | int | `5` | | +| defaultBackend.minAvailable | int | `1` | | +| defaultBackend.minReadySeconds | int | `0` | `minReadySeconds` to avoid killing pods before we are ready # | +| defaultBackend.name | string | `"defaultbackend"` | | +| defaultBackend.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for default backend pod assignment # Ref: https://kubernetes.io/docs/user-guide/node-selection/ # | +| defaultBackend.podAnnotations | object | `{}` | Annotations to be added to default backend pods # | +| defaultBackend.podLabels | object | `{}` | Labels to add to the pod container metadata | +| defaultBackend.podSecurityContext | object | `{}` | Security Context policies for controller pods See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls # | +| defaultBackend.port | int | `8080` | | +| defaultBackend.priorityClassName | string | `""` | | +| defaultBackend.readinessProbe.failureThreshold | int | `6` | | +| defaultBackend.readinessProbe.initialDelaySeconds | int | `0` | | +| defaultBackend.readinessProbe.periodSeconds | int | `5` | | +| defaultBackend.readinessProbe.successThreshold | int | `1` | | +| defaultBackend.readinessProbe.timeoutSeconds | int | `5` | | +| defaultBackend.replicaCount | int | `1` | | +| defaultBackend.resources | object | `{}` | | +| defaultBackend.service.annotations | object | `{}` | | +| defaultBackend.service.externalIPs | list | `[]` | List of IP addresses at which the default backend service is available # Ref: https://kubernetes.io/docs/user-guide/services/#external-ips # | +| defaultBackend.service.loadBalancerSourceRanges | list | `[]` | | +| defaultBackend.service.servicePort | int | `80` | | +| defaultBackend.service.type | string | `"ClusterIP"` | | +| defaultBackend.serviceAccount.automountServiceAccountToken | bool | `true` | | +| defaultBackend.serviceAccount.create | bool | `true` | | +| defaultBackend.serviceAccount.name | string | `""` | | +| defaultBackend.tolerations | list | `[]` | Node tolerations for server scheduling to nodes with taints # Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ # | +| defaultBackend.updateStrategy | object | `{}` | The update strategy to apply to the Deployment or DaemonSet # | +| dhParam | string | `nil` | A base64-encoded Diffie-Hellman parameter. This can be generated with: `openssl dhparam 4096 2> /dev/null | base64` # Ref: https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/ssl-dh-param | +| imagePullSecrets | list | `[]` | Optional array of imagePullSecrets containing private registry credentials # Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ | +| podSecurityPolicy.enabled | bool | `false` | | +| portNamePrefix | string | `""` | Prefix for TCP and UDP ports names in ingress controller service # Some cloud providers, like Yandex Cloud may have a requirements for a port name regex to support cloud load balancer integration | +| rbac.create | bool | `true` | | +| rbac.scope | bool | `false` | | +| revisionHistoryLimit | int | `10` | Rollback limit # | +| serviceAccount.annotations | object | `{}` | Annotations for the controller service account | +| serviceAccount.automountServiceAccountToken | bool | `true` | | +| serviceAccount.create | bool | `true` | | +| serviceAccount.name | string | `""` | | +| tcp | object | `{}` | TCP service key-value pairs # Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md # | +| udp | object | `{}` | UDP service key-value pairs # Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md # | + diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl b/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl new file mode 100644 index 0000000000..78e4f38d4b --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl @@ -0,0 +1,250 @@ +{{ template "chart.header" . }} +[ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer + +{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }} + +To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. + +This chart bootstraps an ingress-nginx deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Chart version 3.x.x: Kubernetes v1.16+ +- Chart version 4.x.x and above: Kubernetes v1.19+ + +## Get Repo Info + +```console +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm repo update +``` + +## Install Chart + +**Important:** only helm3 is supported + +```console +helm install [RELEASE_NAME] ingress-nginx/ingress-nginx +``` + +The command deploys ingress-nginx on the Kubernetes cluster in the default configuration. + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] [CHART] --install +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +### Upgrading With Zero Downtime in Production + +By default the ingress-nginx controller has service interruptions whenever it's pods are restarted or redeployed. In order to fix that, see the excellent blog post by Lindsay Landry from Codecademy: [Kubernetes: Nginx and Zero Downtime in Production](https://medium.com/codecademy-engineering/kubernetes-nginx-and-zero-downtime-in-production-2c910c6a5ed8). + +### Migrating from stable/nginx-ingress + +There are two main ways to migrate a release from `stable/nginx-ingress` to `ingress-nginx/ingress-nginx` chart: + +1. For Nginx Ingress controllers used for non-critical services, the easiest method is to [uninstall](#uninstall-chart) the old release and [install](#install-chart) the new one +1. For critical services in production that require zero-downtime, you will want to: + 1. [Install](#install-chart) a second Ingress controller + 1. Redirect your DNS traffic from the old controller to the new controller + 1. Log traffic from both controllers during this changeover + 1. [Uninstall](#uninstall-chart) the old controller once traffic has fully drained from it + 1. For details on all of these steps see [Upgrading With Zero Downtime in Production](#upgrading-with-zero-downtime-in-production) + +Note that there are some different and upgraded configurations between the two charts, described by Rimas Mocevicius from JFrog in the "Upgrading to ingress-nginx Helm chart" section of [Migrating from Helm chart nginx-ingress to ingress-nginx](https://rimusz.net/migrating-to-ingress-nginx). As the `ingress-nginx/ingress-nginx` chart continues to update, you will want to check current differences by running [helm configuration](#configuration) commands on both charts. + +## Configuration + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: + +```console +helm show values ingress-nginx/ingress-nginx +``` + +### PodDisruptionBudget + +Note that the PodDisruptionBudget resource will only be defined if the replicaCount is greater than one, +else it would make it impossible to evacuate a node. See [gh issue #7127](https://github.com/helm/charts/issues/7127) for more info. + +### Prometheus Metrics + +The Nginx ingress controller can export Prometheus metrics, by setting `controller.metrics.enabled` to `true`. + +You can add Prometheus annotations to the metrics service using `controller.metrics.service.annotations`. +Alternatively, if you use the Prometheus Operator, you can enable ServiceMonitor creation using `controller.metrics.serviceMonitor.enabled`. And set `controller.metrics.serviceMonitor.additionalLabels.release="prometheus"`. "release=prometheus" should match the label configured in the prometheus servicemonitor ( see `kubectl get servicemonitor prometheus-kube-prom-prometheus -oyaml -n prometheus`) + +### ingress-nginx nginx\_status page/stats server + +Previous versions of this chart had a `controller.stats.*` configuration block, which is now obsolete due to the following changes in nginx ingress controller: + +- In [0.16.1](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0161), the vts (virtual host traffic status) dashboard was removed +- In [0.23.0](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0230), the status page at port 18080 is now a unix socket webserver only available at localhost. + You can use `curl --unix-socket /tmp/nginx-status-server.sock http://localhost/nginx_status` inside the controller container to access it locally, or use the snippet from [nginx-ingress changelog](https://github.com/kubernetes/ingress-nginx/blob/main/Changelog.md#0230) to re-enable the http server + +### ExternalDNS Service Configuration + +Add an [ExternalDNS](https://github.com/kubernetes-incubator/external-dns) annotation to the LoadBalancer service: + +```yaml +controller: + service: + annotations: + external-dns.alpha.kubernetes.io/hostname: kubernetes-example.com. +``` + +### AWS L7 ELB with SSL Termination + +Annotate the controller as shown in the [nginx-ingress l7 patch](https://github.com/kubernetes/ingress-nginx/blob/ab3a789caae65eec4ad6e3b46b19750b481b6bce/deploy/aws/l7/service-l7.yaml): + +```yaml +controller: + service: + targetPorts: + http: http + https: http + annotations: + service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:XX-XXXX-X:XXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX + service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" + service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https" + service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' +``` + +### AWS route53-mapper + +To configure the LoadBalancer service with the [route53-mapper addon](https://github.com/kubernetes/kops/blob/be63d4f1a7a46daaf1c4c482527328236850f111/addons/route53-mapper/README.md), add the `domainName` annotation and `dns` label: + +```yaml +controller: + service: + labels: + dns: "route53" + annotations: + domainName: "kubernetes-example.com" +``` + +### Additional Internal Load Balancer + +This setup is useful when you need both external and internal load balancers but don't want to have multiple ingress controllers and multiple ingress objects per application. + +By default, the ingress object will point to the external load balancer address, but if correctly configured, you can make use of the internal one if the URL you are looking up resolves to the internal load balancer's URL. + +You'll need to set both the following values: + +`controller.service.internal.enabled` +`controller.service.internal.annotations` + +If one of them is missing the internal load balancer will not be deployed. Example you may have `controller.service.internal.enabled=true` but no annotations set, in this case no action will be taken. + +`controller.service.internal.annotations` varies with the cloud service you're using. + +Example for AWS: + +```yaml +controller: + service: + internal: + enabled: true + annotations: + # Create internal ELB + service.beta.kubernetes.io/aws-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +Example for GCE: + +```yaml +controller: + service: + internal: + enabled: true + annotations: + # Create internal LB. More information: https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing + # For GKE versions 1.17 and later + networking.gke.io/load-balancer-type: "Internal" + # For earlier versions + # cloud.google.com/load-balancer-type: "Internal" + + # Any other annotation can be declared here. +``` + +Example for Azure: + +```yaml +controller: + service: + annotations: + # Create internal LB + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +Example for Oracle Cloud Infrastructure: + +```yaml +controller: + service: + annotations: + # Create internal LB + service.beta.kubernetes.io/oci-load-balancer-internal: "true" + # Any other annotation can be declared here. +``` + +An use case for this scenario is having a split-view DNS setup where the public zone CNAME records point to the external balancer URL while the private zone CNAME records point to the internal balancer URL. This way, you only need one ingress kubernetes object. + +Optionally you can set `controller.service.loadBalancerIP` if you need a static IP for the resulting `LoadBalancer`. + +### Ingress Admission Webhooks + +With nginx-ingress-controller version 0.25+, the nginx ingress controller pod exposes an endpoint that will integrate with the `validatingwebhookconfiguration` Kubernetes feature to prevent bad ingress from being added to the cluster. +**This feature is enabled by default since 0.31.0.** + +With nginx-ingress-controller in 0.25.* work only with kubernetes 1.14+, 0.26 fix [this issue](https://github.com/kubernetes/ingress-nginx/pull/4521) + +#### How the Chart Configures the Hooks +A validating and configuration requires the endpoint to which the request is sent to use TLS. It is possible to set up custom certificates to do this, but in most cases, a self-signed certificate is enough. The setup of this component requires some more complex orchestration when using helm. The steps are created to be idempotent and to allow turning the feature on and off without running into helm quirks. + +1. A pre-install hook provisions a certificate into the same namespace using a format compatible with provisioning using end user certificates. If the certificate already exists, the hook exits. +2. The ingress nginx controller pod is configured to use a TLS proxy container, which will load that certificate. +3. Validating and Mutating webhook configurations are created in the cluster. +4. A post-install hook reads the CA from the secret created by step 1 and patches the Validating and Mutating webhook configurations. This process will allow a custom CA provisioned by some other process to also be patched into the webhook configurations. The chosen failure policy is also patched into the webhook configurations + +#### Alternatives +It should be possible to use [cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) if a more complete solution is required. + +You can enable automatic self-signed TLS certificate provisioning via cert-manager by setting the `controller.admissionWebhooks.certManager.enable` value to true. + +Please ensure that cert-manager is correctly installed and configured. + +### Helm Error When Upgrading: spec.clusterIP: Invalid value: "" + +If you are upgrading this chart from a version between 0.31.0 and 1.2.2 then you may get an error like this: + +```console +Error: UPGRADE FAILED: Service "?????-controller" is invalid: spec.clusterIP: Invalid value: "": field is immutable +``` + +Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13646) but to resolve this you can set `xxxx.service.omitClusterIP` to `true` where `xxxx` is the service referenced in the error. + +As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered. + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} + +{{ template "helm-docs.versionFooter" . }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl b/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl new file mode 100644 index 0000000000..de98856708 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl @@ -0,0 +1,9 @@ +# Changelog + +This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +### {{ .NewHelmChartVersion }} +{{ with .HelmUpdates }} +{{ range . }}* {{ . }} +{{ end }}{{ end }} +**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/helm-chart-{{ .PreviousHelmChartVersion }}...helm-chart-{{ .NewHelmChartVersion }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep b/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md b/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md new file mode 100644 index 0000000000..b6d8a3b0c3 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md @@ -0,0 +1,13 @@ +# Changelog + +This file documents all notable changes to [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Helm Chart. The release numbering uses [semantic versioning](http://semver.org). + +### 4.5.2 + +* add lint on chart before release (#9570) +* ci: remove setup-helm step (#9404) +* feat(helm): Optionally use cert-manager instead admission patch (#9279) +* run helm release on main only and when the chart/value changes only (#9290) +* Update Ingress-Nginx version controller-v1.6.4 + +**Full Changelog**: https://github.com/kubernetes/ingress-nginx/compare/helm-chart-4.4.3...helm-chart-4.5.2 diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml new file mode 100644 index 0000000000..a13241cd4c --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml @@ -0,0 +1,6 @@ +controller: + admissionWebhooks: + certManager: + enabled: true + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml new file mode 100644 index 0000000000..b28a2326ee --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml @@ -0,0 +1,7 @@ +controller: + watchIngressWithoutClass: true + ingressClassResource: + name: custom-nginx + enabled: true + default: true + controllerValue: "k8s.io/custom-nginx" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml new file mode 100644 index 0000000000..4393a5bc06 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml @@ -0,0 +1,14 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + kind: DaemonSet + allowSnippetAnnotations: false + admissionWebhooks: + enabled: false + service: + type: ClusterIP + + config: + use-proxy-protocol: "true" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml new file mode 100644 index 0000000000..1d94be219b --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml @@ -0,0 +1,22 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + + service: + type: NodePort + nodePorts: + tcp: + 9000: 30090 + udp: + 9001: 30091 + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml new file mode 100644 index 0000000000..f299dbf1c8 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml @@ -0,0 +1,10 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + service: + type: ClusterIP + extraModules: + - name: opentelemetry + image: busybox diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml new file mode 100644 index 0000000000..ab7d47bd4d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml @@ -0,0 +1,14 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + addHeaders: + X-Frame-Options: deny + proxySetHeaders: + X-Forwarded-Proto: https + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml new file mode 100644 index 0000000000..0a200a7460 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml @@ -0,0 +1,14 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + internal: + enabled: true + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml new file mode 100644 index 0000000000..3b7aa2fcd2 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml @@ -0,0 +1,10 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: NodePort diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml new file mode 100644 index 0000000000..0b55306a10 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml @@ -0,0 +1,17 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + metrics: + enabled: true + service: + type: ClusterIP + podAnnotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scheme: http + prometheus.io/scrape: "true" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml new file mode 100644 index 0000000000..acd86a77ab --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml @@ -0,0 +1,20 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + tcp: + configMapNamespace: default + udp: + configMapNamespace: default + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml new file mode 100644 index 0000000000..90b0f57a58 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml @@ -0,0 +1,18 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" + +portNamePrefix: "port" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml new file mode 100644 index 0000000000..25ee64d856 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml @@ -0,0 +1,16 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml new file mode 100644 index 0000000000..380c8b4b13 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml @@ -0,0 +1,14 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml new file mode 100644 index 0000000000..82fa23e854 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml @@ -0,0 +1,10 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml new file mode 100644 index 0000000000..cb3cb54be2 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml @@ -0,0 +1,12 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + metrics: + enabled: true + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml new file mode 100644 index 0000000000..8026a6356f --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml @@ -0,0 +1,13 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +podSecurityPolicy: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml new file mode 100644 index 0000000000..fccdb134cf --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml @@ -0,0 +1,13 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: true + service: + type: ClusterIP + +podSecurityPolicy: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml new file mode 100644 index 0000000000..54d364df11 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml @@ -0,0 +1,10 @@ +controller: + kind: DaemonSet + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: true + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml new file mode 100644 index 0000000000..dca3f35f83 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml @@ -0,0 +1,14 @@ +controller: + autoscaling: + enabled: true + behavior: + scaleDown: + stabilizationWindowSeconds: 300 + policies: + - type: Pods + value: 1 + periodSeconds: 180 + admissionWebhooks: + enabled: false + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml new file mode 100644 index 0000000000..b8b3ac6862 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml @@ -0,0 +1,11 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + autoscaling: + enabled: true + admissionWebhooks: + enabled: false + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml new file mode 100644 index 0000000000..174941848e --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml @@ -0,0 +1,12 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + config: + use-proxy-protocol: "true" + allowSnippetAnnotations: false + admissionWebhooks: + enabled: false + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml new file mode 100644 index 0000000000..a564eaf931 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml @@ -0,0 +1,20 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: NodePort + nodePorts: + tcp: + 9000: 30090 + udp: + 9001: 30091 + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml new file mode 100644 index 0000000000..9f46b4e7e9 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml @@ -0,0 +1,8 @@ +# Left blank to test default values +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml new file mode 100644 index 0000000000..2310c344ee --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml @@ -0,0 +1,12 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP + containerSecurityContext: + allowPrivilegeEscalation: false + extraModules: + - name: opentelemetry + image: busybox diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml new file mode 100644 index 0000000000..bd2f011cc7 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml @@ -0,0 +1,12 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP + extraModules: + - name: opentelemetry + image: busybox + containerSecurityContext: + allowPrivilegeEscalation: false diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml new file mode 100644 index 0000000000..ec59235485 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml @@ -0,0 +1,10 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP + extraModules: + - name: opentelemetry + image: busybox diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml new file mode 100644 index 0000000000..17a11ac370 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml @@ -0,0 +1,13 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + addHeaders: + X-Frame-Options: deny + proxySetHeaders: + X-Forwarded-Proto: https + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml new file mode 100644 index 0000000000..fd8df8de5d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml @@ -0,0 +1,13 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + internal: + enabled: true + annotations: + service.beta.kubernetes.io/aws-load-balancer-internal: "true" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml new file mode 100644 index 0000000000..9209ad5a6f --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml @@ -0,0 +1,11 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + metrics: + enabled: true + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml new file mode 100644 index 0000000000..cd9b323528 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml @@ -0,0 +1,9 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: NodePort diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml new file mode 100644 index 0000000000..b48d93c46a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml @@ -0,0 +1,16 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + metrics: + enabled: true + service: + type: ClusterIP + podAnnotations: + prometheus.io/path: /metrics + prometheus.io/port: "10254" + prometheus.io/scheme: http + prometheus.io/scrape: "true" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml new file mode 100644 index 0000000000..2f332a7b20 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml @@ -0,0 +1,10 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP + +podSecurityPolicy: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml new file mode 100644 index 0000000000..c51a4e91fa --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml @@ -0,0 +1,19 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + tcp: + configMapNamespace: default + udp: + configMapNamespace: default + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml new file mode 100644 index 0000000000..56323c5eeb --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml @@ -0,0 +1,17 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" + +portNamePrefix: "port" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml new file mode 100644 index 0000000000..5b45b69dcc --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml @@ -0,0 +1,15 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: false + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + +udp: + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml new file mode 100644 index 0000000000..ac0b6e60eb --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml @@ -0,0 +1,11 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + service: + type: ClusterIP + +tcp: + 9000: "default/test:8080" + 9001: "default/test:8080" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml new file mode 100644 index 0000000000..6195bb3391 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml @@ -0,0 +1,12 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: true + service: + type: ClusterIP + +podSecurityPolicy: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml new file mode 100644 index 0000000000..95487b071f --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml @@ -0,0 +1,12 @@ +controller: + service: + type: ClusterIP + admissionWebhooks: + enabled: true + extraEnvs: + - name: FOO + value: foo + - name: TEST + value: test + patch: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml new file mode 100644 index 0000000000..49ebbb02c8 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml @@ -0,0 +1,23 @@ +controller: + service: + type: ClusterIP + admissionWebhooks: + enabled: true + createSecretJob: + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi + patchWebhookJob: + resources: + limits: + cpu: 10m + memory: 20Mi + requests: + cpu: 10m + memory: 20Mi + patch: + enabled: true diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml new file mode 100644 index 0000000000..76669a5300 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml @@ -0,0 +1,9 @@ +controller: + image: + repository: ingress-controller/controller + tag: 1.0.0-dev + digest: null + admissionWebhooks: + enabled: true + service: + type: ClusterIP diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt new file mode 100644 index 0000000000..8985c56c0c --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt @@ -0,0 +1,80 @@ +The ingress-nginx controller has been installed. + +{{- if contains "NodePort" .Values.controller.service.type }} +Get the application URL by running these commands: + +{{- if (not (empty .Values.controller.service.nodePorts.http)) }} + export HTTP_NODE_PORT={{ .Values.controller.service.nodePorts.http }} +{{- else }} + export HTTP_NODE_PORT=$(kubectl --namespace {{ .Release.Namespace }} get services -o jsonpath="{.spec.ports[0].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) +{{- end }} +{{- if (not (empty .Values.controller.service.nodePorts.https)) }} + export HTTPS_NODE_PORT={{ .Values.controller.service.nodePorts.https }} +{{- else }} + export HTTPS_NODE_PORT=$(kubectl --namespace {{ .Release.Namespace }} get services -o jsonpath="{.spec.ports[1].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) +{{- end }} + export NODE_IP=$(kubectl --namespace {{ .Release.Namespace }} get nodes -o jsonpath="{.items[0].status.addresses[1].address}") + + echo "Visit http://$NODE_IP:$HTTP_NODE_PORT to access your application via HTTP." + echo "Visit https://$NODE_IP:$HTTPS_NODE_PORT to access your application via HTTPS." +{{- else if contains "LoadBalancer" .Values.controller.service.type }} +It may take a few minutes for the LoadBalancer IP to be available. +You can watch the status by running 'kubectl --namespace {{ .Release.Namespace }} get services -o wide -w {{ include "ingress-nginx.controller.fullname" . }}' +{{- else if contains "ClusterIP" .Values.controller.service.type }} +Get the application URL by running these commands: + export POD_NAME=$(kubectl --namespace {{ .Release.Namespace }} get pods -o jsonpath="{.items[0].metadata.name}" -l "app={{ template "ingress-nginx.name" . }},component={{ .Values.controller.name }},release={{ .Release.Name }}") + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 + echo "Visit http://127.0.0.1:8080 to access your application." +{{- end }} + +An example Ingress that makes use of the controller: + +{{- $isV1 := semverCompare ">=1" .Chart.AppVersion}} + apiVersion: networking.k8s.io/v1 + kind: Ingress + metadata: + name: example + namespace: foo + {{- if eq $isV1 false }} + annotations: + kubernetes.io/ingress.class: {{ .Values.controller.ingressClass }} + {{- end }} + spec: + {{- if $isV1 }} + ingressClassName: {{ .Values.controller.ingressClassResource.name }} + {{- end }} + rules: + - host: www.example.com + http: + paths: + - pathType: Prefix + backend: + service: + name: exampleService + port: + number: 80 + path: / + # This section is only required if TLS is to be enabled for the Ingress + tls: + - hosts: + - www.example.com + secretName: example-tls + +If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: + + apiVersion: v1 + kind: Secret + metadata: + name: example-tls + namespace: foo + data: + tls.crt: + tls.key: + type: kubernetes.io/tls + +{{- if .Values.controller.headers }} +################################################################################# +###### WARNING: `controller.headers` has been deprecated! ##### +###### It has been renamed to `controller.proxySetHeaders`. ##### +################################################################################# +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl new file mode 100644 index 0000000000..7db5b2ca87 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl @@ -0,0 +1,212 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "ingress-nginx.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ingress-nginx.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "ingress-nginx.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + + +{{/* +Container SecurityContext. +*/}} +{{- define "controller.containerSecurityContext" -}} +{{- if .Values.controller.containerSecurityContext -}} +{{- toYaml .Values.controller.containerSecurityContext -}} +{{- else -}} +capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + {{- if .Values.controller.image.chroot }} + - SYS_CHROOT + {{- end }} +runAsUser: {{ .Values.controller.image.runAsUser }} +allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }} +{{- end }} +{{- end -}} + +{{/* +Get specific image +*/}} +{{- define "ingress-nginx.image" -}} +{{- if .chroot -}} +{{- printf "%s-chroot" .image -}} +{{- else -}} +{{- printf "%s" .image -}} +{{- end }} +{{- end -}} + +{{/* +Get specific image digest +*/}} +{{- define "ingress-nginx.imageDigest" -}} +{{- if .chroot -}} +{{- if .digestChroot -}} +{{- printf "@%s" .digestChroot -}} +{{- end }} +{{- else -}} +{{ if .digest -}} +{{- printf "@%s" .digest -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create a default fully qualified controller name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "ingress-nginx.controller.fullname" -}} +{{- printf "%s-%s" (include "ingress-nginx.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Construct a unique electionID. +Users can provide an override for an explicit electionID if they want via `.Values.controller.electionID` +*/}} +{{- define "ingress-nginx.controller.electionID" -}} +{{- $defElectionID := printf "%s-leader" (include "ingress-nginx.fullname" .) -}} +{{- $electionID := default $defElectionID .Values.controller.electionID -}} +{{- print $electionID -}} +{{- end -}} + +{{/* +Construct the path for the publish-service. + +By convention this will simply use the / to match the name of the +service generated. + +Users can provide an override for an explicit service they want bound via `.Values.controller.publishService.pathOverride` + +*/}} +{{- define "ingress-nginx.controller.publishServicePath" -}} +{{- $defServiceName := printf "%s/%s" "$(POD_NAMESPACE)" (include "ingress-nginx.controller.fullname" .) -}} +{{- $servicePath := default $defServiceName .Values.controller.publishService.pathOverride }} +{{- print $servicePath | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified default backend name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "ingress-nginx.defaultBackend.fullname" -}} +{{- printf "%s-%s" (include "ingress-nginx.fullname" .) .Values.defaultBackend.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "ingress-nginx.labels" -}} +helm.sh/chart: {{ include "ingress-nginx.chart" . }} +{{ include "ingress-nginx.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/part-of: {{ template "ingress-nginx.name" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.commonLabels}} +{{ toYaml .Values.commonLabels }} +{{- end }} +{{- end -}} + +{{/* +Selector labels +*/}} +{{- define "ingress-nginx.selectorLabels" -}} +app.kubernetes.io/name: {{ include "ingress-nginx.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} + +{{/* +Create the name of the controller service account to use +*/}} +{{- define "ingress-nginx.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "ingress-nginx.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the backend service account to use - only used when podsecuritypolicy is also enabled +*/}} +{{- define "ingress-nginx.defaultBackend.serviceAccountName" -}} +{{- if .Values.defaultBackend.serviceAccount.create -}} + {{ default (printf "%s-backend" (include "ingress-nginx.fullname" .)) .Values.defaultBackend.serviceAccount.name }} +{{- else -}} + {{ default "default-backend" .Values.defaultBackend.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiGroup for PodSecurityPolicy. +*/}} +{{- define "podSecurityPolicy.apiGroup" -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +{{- print "policy" -}} +{{- else -}} +{{- print "extensions" -}} +{{- end -}} +{{- end -}} + +{{/* +Check the ingress controller version tag is at most three versions behind the last release +*/}} +{{- define "isControllerTagValid" -}} +{{- if not (semverCompare ">=0.27.0-0" .Values.controller.image.tag) -}} +{{- fail "Controller container image tag should be 0.27.0 or higher" -}} +{{- end -}} +{{- end -}} + +{{/* +IngressClass parameters. +*/}} +{{- define "ingressClass.parameters" -}} + {{- if .Values.controller.ingressClassResource.parameters -}} + parameters: +{{ toYaml .Values.controller.ingressClassResource.parameters | indent 4}} + {{ end }} +{{- end -}} + +{{/* +Extra modules. +*/}} +{{- define "extraModules" -}} + +- name: {{ .name }} + image: {{ .image }} + command: ['sh', '-c', '/usr/local/bin/init_module.sh'] + {{- if (.containerSecurityContext) }} + securityContext: {{ .containerSecurityContext | toYaml | nindent 4 }} + {{- end }} + volumeMounts: + - name: {{ toYaml "modules"}} + mountPath: {{ toYaml "/modules_mount"}} + +{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl new file mode 100644 index 0000000000..a1aef01aeb --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl @@ -0,0 +1,65 @@ +{{- define "ingress-nginx.params" -}} +- /nginx-ingress-controller +{{- if .Values.defaultBackend.enabled }} +- --default-backend-service=$(POD_NAMESPACE)/{{ include "ingress-nginx.defaultBackend.fullname" . }} +{{- end }} +{{- if and .Values.controller.publishService.enabled .Values.controller.service.enabled }} +{{- if .Values.controller.service.external.enabled }} +- --publish-service={{ template "ingress-nginx.controller.publishServicePath" . }} +{{- else if .Values.controller.service.internal.enabled }} +- --publish-service={{ template "ingress-nginx.controller.publishServicePath" . }}-internal +{{- end }} +{{- end }} +- --election-id={{ include "ingress-nginx.controller.electionID" . }} +- --controller-class={{ .Values.controller.ingressClassResource.controllerValue }} +{{- if .Values.controller.ingressClass }} +- --ingress-class={{ .Values.controller.ingressClass }} +{{- end }} +- --configmap={{ default "$(POD_NAMESPACE)" .Values.controller.configMapNamespace }}/{{ include "ingress-nginx.controller.fullname" . }} +{{- if .Values.tcp }} +- --tcp-services-configmap={{ default "$(POD_NAMESPACE)" .Values.controller.tcp.configMapNamespace }}/{{ include "ingress-nginx.fullname" . }}-tcp +{{- end }} +{{- if .Values.udp }} +- --udp-services-configmap={{ default "$(POD_NAMESPACE)" .Values.controller.udp.configMapNamespace }}/{{ include "ingress-nginx.fullname" . }}-udp +{{- end }} +{{- if .Values.controller.scope.enabled }} +- --watch-namespace={{ default "$(POD_NAMESPACE)" .Values.controller.scope.namespace }} +{{- end }} +{{- if and (not .Values.controller.scope.enabled) .Values.controller.scope.namespaceSelector }} +- --watch-namespace-selector={{ default "" .Values.controller.scope.namespaceSelector }} +{{- end }} +{{- if and .Values.controller.reportNodeInternalIp .Values.controller.hostNetwork }} +- --report-node-internal-ip-address={{ .Values.controller.reportNodeInternalIp }} +{{- end }} +{{- if .Values.controller.admissionWebhooks.enabled }} +- --validating-webhook=:{{ .Values.controller.admissionWebhooks.port }} +- --validating-webhook-certificate={{ .Values.controller.admissionWebhooks.certificate }} +- --validating-webhook-key={{ .Values.controller.admissionWebhooks.key }} +{{- end }} +{{- if .Values.controller.maxmindLicenseKey }} +- --maxmind-license-key={{ .Values.controller.maxmindLicenseKey }} +{{- end }} +{{- if .Values.controller.healthCheckHost }} +- --healthz-host={{ .Values.controller.healthCheckHost }} +{{- end }} +{{- if not (eq .Values.controller.healthCheckPath "/healthz") }} +- --health-check-path={{ .Values.controller.healthCheckPath }} +{{- end }} +{{- if .Values.controller.ingressClassByName }} +- --ingress-class-by-name=true +{{- end }} +{{- if .Values.controller.watchIngressWithoutClass }} +- --watch-ingress-without-class=true +{{- end }} +{{- if .Values.controller.enableTopologyAwareRouting }} +- --enable-topology-aware-routing=true +{{- end }} +{{- range $key, $value := .Values.controller.extraArgs }} +{{- /* Accept keys without values or with false as value */}} +{{- if eq ($value | quote | len) 2 }} +- --{{ $key }} +{{- else }} +- --{{ $key }}={{ $value }} +{{- end }} +{{- end }} +{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml new file mode 100644 index 0000000000..55fab471c9 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml @@ -0,0 +1,63 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.certManager.enabled -}} +{{- if not .Values.controller.admissionWebhooks.certManager.issuerRef -}} +# Create a selfsigned Issuer, in order to create a root CA certificate for +# signing webhook serving certificates +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ include "ingress-nginx.fullname" . }}-self-signed-issuer + namespace: {{ .Release.Namespace }} +spec: + selfSigned: {} +--- +# Generate a CA Certificate used to sign certificates for the webhook +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ include "ingress-nginx.fullname" . }}-root-cert + namespace: {{ .Release.Namespace }} +spec: + secretName: {{ include "ingress-nginx.fullname" . }}-root-cert + duration: {{ .Values.controller.admissionWebhooks.certManager.rootCert.duration | default "43800h0m0s" | quote }} + issuerRef: + name: {{ include "ingress-nginx.fullname" . }}-self-signed-issuer + commonName: "ca.webhook.ingress-nginx" + isCA: true + subject: + organizations: + - ingress-nginx +--- +# Create an Issuer that uses the above generated CA certificate to issue certs +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ include "ingress-nginx.fullname" . }}-root-issuer + namespace: {{ .Release.Namespace }} +spec: + ca: + secretName: {{ include "ingress-nginx.fullname" . }}-root-cert +{{- end }} +--- +# generate a server certificate for the apiservices to use +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace }} +spec: + secretName: {{ include "ingress-nginx.fullname" . }}-admission + duration: {{ .Values.controller.admissionWebhooks.certManager.admissionCert.duration | default "8760h0m0s" | quote }} + issuerRef: + {{- if .Values.controller.admissionWebhooks.certManager.issuerRef }} + {{- toYaml .Values.controller.admissionWebhooks.certManager.issuerRef | nindent 4 }} + {{- else }} + name: {{ include "ingress-nginx.fullname" . }}-root-issuer + {{- end }} + dnsNames: + - {{ include "ingress-nginx.controller.fullname" . }}-admission + - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Release.Namespace }} + - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Release.Namespace }}.svc + subject: + organizations: + - ingress-nginx-admission +{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml new file mode 100644 index 0000000000..f9ec709745 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml @@ -0,0 +1,34 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - get + - update +{{- if .Values.podSecurityPolicy.enabled }} + - apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + {{- with .Values.controller.admissionWebhooks.existingPsp }} + - {{ . }} + {{- else }} + - {{ include "ingress-nginx.fullname" . }}-admission + {{- end }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml new file mode 100644 index 0000000000..8719532611 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "ingress-nginx.fullname" . }}-admission +subjects: + - kind: ServiceAccount + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml new file mode 100644 index 0000000000..d93433ecda --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml @@ -0,0 +1,80 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission-create + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- with .Values.controller.admissionWebhooks.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} + # Alpha feature since k8s 1.12 + ttlSecondsAfterFinished: 0 +{{- end }} + template: + metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission-create + {{- if .Values.controller.admissionWebhooks.patch.podAnnotations }} + annotations: {{ toYaml .Values.controller.admissionWebhooks.patch.podAnnotations | nindent 8 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 8 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.controller.admissionWebhooks.patch.priorityClassName }} + priorityClassName: {{ .Values.controller.admissionWebhooks.patch.priorityClassName }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} + {{- end }} + containers: + - name: create + {{- with .Values.controller.admissionWebhooks.patch.image }} + image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.controller.admissionWebhooks.patch.image.pullPolicy }} + args: + - create + - --host={{ include "ingress-nginx.controller.fullname" . }}-admission,{{ include "ingress-nginx.controller.fullname" . }}-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name={{ include "ingress-nginx.fullname" . }}-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.controller.admissionWebhooks.extraEnvs }} + {{- toYaml .Values.controller.admissionWebhooks.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.createSecretJob.securityContext }} + securityContext: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.securityContext | nindent 12 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.createSecretJob.resources }} + resources: {{ toYaml .Values.controller.admissionWebhooks.createSecretJob.resources | nindent 12 }} + {{- end }} + restartPolicy: OnFailure + serviceAccountName: {{ include "ingress-nginx.fullname" . }}-admission + {{- if .Values.controller.admissionWebhooks.patch.nodeSelector }} + nodeSelector: {{ toYaml .Values.controller.admissionWebhooks.patch.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patch.tolerations }} + tolerations: {{ toYaml .Values.controller.admissionWebhooks.patch.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patch.securityContext }} + securityContext: + {{- toYaml .Values.controller.admissionWebhooks.patch.securityContext | nindent 8 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml new file mode 100644 index 0000000000..0fa3ff9a26 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml @@ -0,0 +1,82 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission-patch + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + {{- with .Values.controller.admissionWebhooks.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Capabilities.APIVersions.Has "batch/v1alpha1" }} + # Alpha feature since k8s 1.12 + ttlSecondsAfterFinished: 0 +{{- end }} + template: + metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission-patch + {{- if .Values.controller.admissionWebhooks.patch.podAnnotations }} + annotations: {{ toYaml .Values.controller.admissionWebhooks.patch.podAnnotations | nindent 8 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 8 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.controller.admissionWebhooks.patch.priorityClassName }} + priorityClassName: {{ .Values.controller.admissionWebhooks.patch.priorityClassName }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} + {{- end }} + containers: + - name: patch + {{- with .Values.controller.admissionWebhooks.patch.image }} + image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.controller.admissionWebhooks.patch.image.pullPolicy }} + args: + - patch + - --webhook-name={{ include "ingress-nginx.fullname" . }}-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name={{ include "ingress-nginx.fullname" . }}-admission + - --patch-failure-policy={{ .Values.controller.admissionWebhooks.failurePolicy }} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.controller.admissionWebhooks.extraEnvs }} + {{- toYaml .Values.controller.admissionWebhooks.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patchWebhookJob.securityContext }} + securityContext: {{ toYaml .Values.controller.admissionWebhooks.patchWebhookJob.securityContext | nindent 12 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patchWebhookJob.resources }} + resources: {{ toYaml .Values.controller.admissionWebhooks.patchWebhookJob.resources | nindent 12 }} + {{- end }} + restartPolicy: OnFailure + serviceAccountName: {{ include "ingress-nginx.fullname" . }}-admission + {{- if .Values.controller.admissionWebhooks.patch.nodeSelector }} + nodeSelector: {{ toYaml .Values.controller.admissionWebhooks.patch.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patch.tolerations }} + tolerations: {{ toYaml .Values.controller.admissionWebhooks.patch.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.patch.securityContext }} + securityContext: + {{- toYaml .Values.controller.admissionWebhooks.patch.securityContext | nindent 8 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml new file mode 100644 index 0000000000..08b32257c9 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml @@ -0,0 +1,26 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.networkPolicyEnabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: + {{- include "ingress-nginx.labels" . | nindent 6 }} + app.kubernetes.io/component: admission-webhook + policyTypes: + - Ingress + - Egress + egress: + - {} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml new file mode 100644 index 0000000000..e19c955724 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml @@ -0,0 +1,41 @@ +{{- if (semverCompare "<1.25.0-0" .Capabilities.KubeVersion.Version) }} +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled .Values.podSecurityPolicy.enabled (empty .Values.controller.admissionWebhooks.existingPsp) -}} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + allowPrivilegeEscalation: false + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml new file mode 100644 index 0000000000..ea7c208189 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - create +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml new file mode 100644 index 0000000000..60c3f4ff0d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml @@ -0,0 +1,24 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ingress-nginx.fullname" . }}-admission +subjects: + - kind: ServiceAccount + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml new file mode 100644 index 0000000000..00be54ec5e --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.controller.admissionWebhooks.enabled .Values.controller.admissionWebhooks.patch.enabled (not .Values.controller.admissionWebhooks.certManager.enabled) -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "ingress-nginx.fullname" . }}-admission + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.patch.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml new file mode 100644 index 0000000000..f27244dc96 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml @@ -0,0 +1,53 @@ +{{- if .Values.controller.admissionWebhooks.enabled -}} +# before changing this value, check the required kubernetes version +# https://kubernetes.io/docs/reference/access-authn-authz/extensible-admission-controllers/#prerequisites +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + {{- if .Values.controller.admissionWebhooks.certManager.enabled }} + certmanager.k8s.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) | quote }} + cert-manager.io/inject-ca-from: {{ printf "%s/%s-admission" .Release.Namespace (include "ingress-nginx.fullname" .) | quote }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.annotations }} + {{- toYaml .Values.controller.admissionWebhooks.annotations | nindent 4 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: admission-webhook + {{- with .Values.controller.admissionWebhooks.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }}-admission +webhooks: + - name: validate.nginx.ingress.kubernetes.io + matchPolicy: Equivalent + rules: + - apiGroups: + - networking.k8s.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - ingresses + failurePolicy: {{ .Values.controller.admissionWebhooks.failurePolicy | default "Fail" }} + sideEffects: None + admissionReviewVersions: + - v1 + clientConfig: + service: + namespace: {{ .Release.Namespace | quote }} + name: {{ include "ingress-nginx.controller.fullname" . }}-admission + path: /networking/v1/ingresses + {{- if .Values.controller.admissionWebhooks.timeoutSeconds }} + timeoutSeconds: {{ .Values.controller.admissionWebhooks.timeoutSeconds }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.namespaceSelector }} + namespaceSelector: {{ toYaml .Values.controller.admissionWebhooks.namespaceSelector | nindent 6 }} + {{- end }} + {{- if .Values.controller.admissionWebhooks.objectSelector }} + objectSelector: {{ toYaml .Values.controller.admissionWebhooks.objectSelector | nindent 6 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml new file mode 100644 index 0000000000..51bc5002cc --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml @@ -0,0 +1,102 @@ +{{- if .Values.rbac.create }} + +{{- if and .Values.rbac.scope (not .Values.controller.scope.enabled) -}} + {{ required "Invalid configuration: 'rbac.scope' should be equal to 'controller.scope.enabled' (true/false)." (index (dict) ".") }} +{{- end }} + +{{- if not .Values.rbac.scope -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }} +rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets +{{- if not .Values.controller.scope.enabled }} + - namespaces +{{- end}} + verbs: + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch +{{- if and .Values.controller.scope.enabled .Values.controller.scope.namespace }} + - apiGroups: + - "" + resources: + - namespaces + resourceNames: + - "{{ .Values.controller.scope.namespace }}" + verbs: + - get +{{- end }} + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +{{- end }} + +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..acbbd8b10d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml @@ -0,0 +1,19 @@ +{{- if and .Values.rbac.create (not .Values.rbac.scope) -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "ingress-nginx.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "ingress-nginx.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml new file mode 100644 index 0000000000..dfd49a1267 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml @@ -0,0 +1,14 @@ +{{- if .Values.controller.addHeaders -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }}-custom-add-headers + namespace: {{ .Release.Namespace }} +data: {{ toYaml .Values.controller.addHeaders | nindent 2 }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml new file mode 100644 index 0000000000..f8d15faf96 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml @@ -0,0 +1,19 @@ +{{- if or .Values.controller.proxySetHeaders .Values.controller.headers -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }}-custom-proxy-headers + namespace: {{ .Release.Namespace }} +data: +{{- if .Values.controller.proxySetHeaders }} +{{ toYaml .Values.controller.proxySetHeaders | indent 2 }} +{{ else if and .Values.controller.headers (not .Values.controller.proxySetHeaders) }} +{{ toYaml .Values.controller.headers | indent 2 }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml new file mode 100644 index 0000000000..0f6088ea90 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml @@ -0,0 +1,17 @@ +{{- if .Values.tcp -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- if .Values.controller.tcp.annotations }} + annotations: {{ toYaml .Values.controller.tcp.annotations | nindent 4 }} +{{- end }} + name: {{ include "ingress-nginx.fullname" . }}-tcp + namespace: {{ .Release.Namespace }} +data: {{ tpl (toYaml .Values.tcp) . | nindent 2 }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml new file mode 100644 index 0000000000..3772ec5143 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml @@ -0,0 +1,17 @@ +{{- if .Values.udp -}} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- if .Values.controller.udp.annotations }} + annotations: {{ toYaml .Values.controller.udp.annotations | nindent 4 }} +{{- end }} + name: {{ include "ingress-nginx.fullname" . }}-udp + namespace: {{ .Release.Namespace }} +data: {{ tpl (toYaml .Values.udp) . | nindent 2 }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml new file mode 100644 index 0000000000..f28b26e1e5 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- if .Values.controller.configAnnotations }} + annotations: {{ toYaml .Values.controller.configAnnotations | nindent 4 }} +{{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} +data: + allow-snippet-annotations: "{{ .Values.controller.allowSnippetAnnotations }}" +{{- if .Values.controller.addHeaders }} + add-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-add-headers +{{- end }} +{{- if or .Values.controller.proxySetHeaders .Values.controller.headers }} + proxy-set-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-proxy-headers +{{- end }} +{{- if .Values.dhParam }} + ssl-dh-param: {{ printf "%s/%s" .Release.Namespace (include "ingress-nginx.controller.fullname" .) }} +{{- end }} +{{- range $key, $value := .Values.controller.config }} + {{- $key | nindent 2 }}: {{ $value | quote }} +{{- end }} + diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml new file mode 100644 index 0000000000..e6721566b9 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml @@ -0,0 +1,240 @@ +{{- if or (eq .Values.controller.kind "DaemonSet") (eq .Values.controller.kind "Both") -}} +{{- include "isControllerTagValid" . -}} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} + {{- if .Values.controller.annotations }} + annotations: {{ toYaml .Values.controller.annotations | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: controller + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + {{- if .Values.controller.updateStrategy }} + updateStrategy: {{ toYaml .Values.controller.updateStrategy | nindent 4 }} + {{- end }} + minReadySeconds: {{ .Values.controller.minReadySeconds }} + template: + metadata: + {{- if .Values.controller.podAnnotations }} + annotations: + {{- range $key, $value := .Values.controller.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "ingress-nginx.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.controller.podLabels }} + {{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- end }} + spec: + {{- if .Values.controller.dnsConfig }} + dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }} + {{- end }} + {{- if .Values.controller.hostname }} + hostname: {{ toYaml .Values.controller.hostname | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName }} + {{- end }} + {{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }} + securityContext: + {{- end }} + {{- if .Values.controller.podSecurityContext }} + {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} + {{- end }} + {{- if .Values.controller.sysctls }} + sysctls: + {{- range $sysctl, $value := .Values.controller.sysctls }} + - name: {{ $sysctl | quote }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .Values.controller.shareProcessNamespace }} + shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }} + {{- end }} + containers: + - name: {{ .Values.controller.containerName }} + {{- with .Values.controller.image }} + image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ include "ingress-nginx.image" . }}{{- end -}}:{{ .tag }}{{ include "ingress-nginx.imageDigest" . }}" + {{- end }} + imagePullPolicy: {{ .Values.controller.image.pullPolicy }} + {{- if .Values.controller.lifecycle }} + lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }} + {{- end }} + args: + {{- include "ingress-nginx.params" . | nindent 12 }} + securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }} + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.controller.enableMimalloc }} + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + {{- end }} + {{- if .Values.controller.extraEnvs }} + {{- toYaml .Values.controller.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.controller.startupProbe }} + startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }} + {{- end }} + {{- if .Values.controller.livenessProbe }} + livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }} + {{- end }} + {{- if .Values.controller.readinessProbe }} + readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }} + {{- end }} + ports: + {{- range $key, $value := .Values.controller.containerPort }} + - name: {{ $key }} + containerPort: {{ $value }} + protocol: TCP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }} + {{- end }} + {{- end }} + {{- if .Values.controller.metrics.enabled }} + - name: {{ .Values.controller.metrics.portName }} + containerPort: {{ .Values.controller.metrics.port }} + protocol: TCP + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook + containerPort: {{ .Values.controller.admissionWebhooks.port }} + protocol: TCP + {{- end }} + {{- range $key, $value := .Values.tcp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + containerPort: {{ $key }} + protocol: TCP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ $key }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.udp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + containerPort: {{ $key }} + protocol: UDP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ $key }} + {{- end }} + {{- end }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules) }} + volumeMounts: + {{- if .Values.controller.extraModules }} + - name: modules + mountPath: /modules_mount + {{- end }} + {{- if .Values.controller.customTemplate.configMapName }} + - mountPath: /etc/nginx/template + name: nginx-template-volume + readOnly: true + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook-cert + mountPath: /usr/local/certificates/ + readOnly: true + {{- end }} + {{- if .Values.controller.extraVolumeMounts }} + {{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.controller.resources }} + resources: {{ toYaml .Values.controller.resources | nindent 12 }} + {{- end }} + {{- if .Values.controller.extraContainers }} + {{ toYaml .Values.controller.extraContainers | nindent 8 }} + {{- end }} + + + {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules) }} + initContainers: + {{- if .Values.controller.extraInitContainers }} + {{ toYaml .Values.controller.extraInitContainers | nindent 8 }} + {{- end }} + {{- if .Values.controller.extraModules }} + {{- range .Values.controller.extraModules }} + - name: {{ .Name }} + image: {{ .Image }} + command: ['sh', '-c', '/usr/local/bin/init_module.sh'] + {{- if (or $.Values.controller.containerSecurityContext .containerSecurityContext) }} + securityContext: {{ .containerSecurityContext | default $.Values.controller.containerSecurityContext | toYaml | nindent 14 }} + {{- end }} + volumeMounts: + - name: modules + mountPath: /modules_mount + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.controller.hostNetwork }} + hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: {{ toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} + {{- if .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules) }} + volumes: + {{- if .Values.controller.extraModules }} + - name: modules + emptyDir: {} + {{- end }} + {{- if .Values.controller.customTemplate.configMapName }} + - name: nginx-template-volume + configMap: + name: {{ .Values.controller.customTemplate.configMapName }} + items: + - key: {{ .Values.controller.customTemplate.configMapKey }} + path: nginx.tmpl + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook-cert + secret: + secretName: {{ include "ingress-nginx.fullname" . }}-admission + {{- if .Values.controller.admissionWebhooks.certManager.enabled }} + items: + - key: tls.crt + path: cert + - key: tls.key + path: key + {{- end }} + {{- end }} + {{- if .Values.controller.extraVolumes }} + {{ toYaml .Values.controller.extraVolumes | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml new file mode 100644 index 0000000000..9f1cf70db8 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml @@ -0,0 +1,243 @@ +{{- if or (eq .Values.controller.kind "Deployment") (eq .Values.controller.kind "Both") -}} +{{- include "isControllerTagValid" . -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} + {{- if .Values.controller.annotations }} + annotations: {{ toYaml .Values.controller.annotations | nindent 4 }} + {{- end }} +spec: + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: controller + {{- if not .Values.controller.autoscaling.enabled }} + replicas: {{ .Values.controller.replicaCount }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + {{- if .Values.controller.updateStrategy }} + strategy: + {{ toYaml .Values.controller.updateStrategy | nindent 4 }} + {{- end }} + minReadySeconds: {{ .Values.controller.minReadySeconds }} + template: + metadata: + {{- if .Values.controller.podAnnotations }} + annotations: + {{- range $key, $value := .Values.controller.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + labels: + {{- include "ingress-nginx.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.controller.podLabels }} + {{- toYaml .Values.controller.podLabels | nindent 8 }} + {{- end }} + spec: + {{- if .Values.controller.dnsConfig }} + dnsConfig: {{ toYaml .Values.controller.dnsConfig | nindent 8 }} + {{- end }} + {{- if .Values.controller.hostname }} + hostname: {{ toYaml .Values.controller.hostname | nindent 8 }} + {{- end }} + dnsPolicy: {{ .Values.controller.dnsPolicy }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName | quote }} + {{- end }} + {{- if or .Values.controller.podSecurityContext .Values.controller.sysctls }} + securityContext: + {{- end }} + {{- if .Values.controller.podSecurityContext }} + {{- toYaml .Values.controller.podSecurityContext | nindent 8 }} + {{- end }} + {{- if .Values.controller.sysctls }} + sysctls: + {{- range $sysctl, $value := .Values.controller.sysctls }} + - name: {{ $sysctl | quote }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + {{- if .Values.controller.shareProcessNamespace }} + shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }} + {{- end }} + containers: + - name: {{ .Values.controller.containerName }} + {{- with .Values.controller.image }} + image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ include "ingress-nginx.image" . }}{{- end -}}:{{ .tag }}{{ include "ingress-nginx.imageDigest" . }}" + {{- end }} + imagePullPolicy: {{ .Values.controller.image.pullPolicy }} + {{- if .Values.controller.lifecycle }} + lifecycle: {{ toYaml .Values.controller.lifecycle | nindent 12 }} + {{- end }} + args: + {{- include "ingress-nginx.params" . | nindent 12 }} + securityContext: {{ include "controller.containerSecurityContext" . | nindent 12 }} + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.controller.enableMimalloc }} + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + {{- end }} + {{- if .Values.controller.extraEnvs }} + {{- toYaml .Values.controller.extraEnvs | nindent 12 }} + {{- end }} + {{- if .Values.controller.startupProbe }} + startupProbe: {{ toYaml .Values.controller.startupProbe | nindent 12 }} + {{- end }} + {{- if .Values.controller.livenessProbe }} + livenessProbe: {{ toYaml .Values.controller.livenessProbe | nindent 12 }} + {{- end }} + {{- if .Values.controller.readinessProbe }} + readinessProbe: {{ toYaml .Values.controller.readinessProbe | nindent 12 }} + {{- end }} + ports: + {{- range $key, $value := .Values.controller.containerPort }} + - name: {{ $key }} + containerPort: {{ $value }} + protocol: TCP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ index $.Values.controller.hostPort.ports $key | default $value }} + {{- end }} + {{- end }} + {{- if .Values.controller.metrics.enabled }} + - name: {{ .Values.controller.metrics.portName }} + containerPort: {{ .Values.controller.metrics.port }} + protocol: TCP + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook + containerPort: {{ .Values.controller.admissionWebhooks.port }} + protocol: TCP + {{- end }} + {{- range $key, $value := .Values.tcp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + containerPort: {{ $key }} + protocol: TCP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ $key }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.udp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + containerPort: {{ $key }} + protocol: UDP + {{- if $.Values.controller.hostPort.enabled }} + hostPort: {{ $key }} + {{- end }} + {{- end }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + volumeMounts: + {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + - name: modules + {{ if .Values.controller.image.chroot }} + mountPath: /chroot/modules_mount + {{ else }} + mountPath: /modules_mount + {{ end }} + {{- end }} + {{- if .Values.controller.customTemplate.configMapName }} + - mountPath: /etc/nginx/template + name: nginx-template-volume + readOnly: true + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook-cert + mountPath: /usr/local/certificates/ + readOnly: true + {{- end }} + {{- if .Values.controller.extraVolumeMounts }} + {{- toYaml .Values.controller.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.controller.resources }} + resources: {{ toYaml .Values.controller.resources | nindent 12 }} + {{- end }} + {{- if .Values.controller.extraContainers }} + {{ toYaml .Values.controller.extraContainers | nindent 8 }} + {{- end }} + {{- if (or .Values.controller.extraInitContainers .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + initContainers: + {{- if .Values.controller.extraInitContainers }} + {{ toYaml .Values.controller.extraInitContainers | nindent 8 }} + {{- end }} + {{- if .Values.controller.extraModules }} + {{- range .Values.controller.extraModules }} + {{ $containerSecurityContext := .containerSecurityContext | default $.Values.controller.containerSecurityContext }} + {{- include "extraModules" (dict "name" .name "image" .image "containerSecurityContext" $containerSecurityContext | nindent 8) }} + {{- end }} + {{- end }} + {{- if .Values.controller.opentelemetry.enabled}} + {{ $otelContainerSecurityContext := $.Values.controller.opentelemetry.containerSecurityContext | default $.Values.controller.containerSecurityContext }} + {{- include "extraModules" (dict "name" "opentelemetry" "image" .Values.controller.opentelemetry.image "containerSecurityContext" $otelContainerSecurityContext) | nindent 8}} + {{- end}} + {{- end }} + {{- if .Values.controller.hostNetwork }} + hostNetwork: {{ .Values.controller.hostNetwork }} + {{- end }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: {{ toYaml .Values.controller.nodeSelector | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: {{ toYaml .Values.controller.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: {{ toYaml .Values.controller.affinity | nindent 8 }} + {{- end }} + {{- if .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "ingress-nginx.serviceAccountName" . }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.admissionWebhooks.enabled .Values.controller.extraVolumes .Values.controller.extraModules .Values.controller.opentelemetry.enabled) }} + volumes: + {{- if (or .Values.controller.extraModules .Values.controller.opentelemetry.enabled)}} + - name: modules + emptyDir: {} + {{- end }} + {{- if .Values.controller.customTemplate.configMapName }} + - name: nginx-template-volume + configMap: + name: {{ .Values.controller.customTemplate.configMapName }} + items: + - key: {{ .Values.controller.customTemplate.configMapKey }} + path: nginx.tmpl + {{- end }} + {{- if .Values.controller.admissionWebhooks.enabled }} + - name: webhook-cert + secret: + secretName: {{ include "ingress-nginx.fullname" . }}-admission + {{- if .Values.controller.admissionWebhooks.certManager.enabled }} + items: + - key: tls.crt + path: cert + - key: tls.key + path: key + {{- end }} + {{- end }} + {{- if .Values.controller.extraVolumes }} + {{ toYaml .Values.controller.extraVolumes | nindent 8 }} + {{- end }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml new file mode 100644 index 0000000000..d1e78bdfc6 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.controller.autoscaling.enabled (or (eq .Values.controller.kind "Deployment") (eq .Values.controller.kind "Both")) -}} +{{- if not .Values.controller.keda.enabled }} + +apiVersion: {{ .Values.controller.autoscaling.apiVersion }} +kind: HorizontalPodAutoscaler +metadata: + annotations: + {{- with .Values.controller.autoscaling.annotations }} + {{- toYaml . | trimSuffix "\n" | nindent 4 }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "ingress-nginx.controller.fullname" . }} + minReplicas: {{ .Values.controller.autoscaling.minReplicas }} + maxReplicas: {{ .Values.controller.autoscaling.maxReplicas }} + metrics: + {{- with .Values.controller.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + target: + type: Utilization + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.controller.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: {{ . }} + {{- end }} + {{- with .Values.controller.autoscalingTemplate }} + {{- toYaml . | nindent 2 }} + {{- end }} + {{- with .Values.controller.autoscaling.behavior }} + behavior: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +{{- end }} + diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml new file mode 100644 index 0000000000..9492784a28 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml @@ -0,0 +1,21 @@ +{{- if .Values.controller.ingressClassResource.enabled -}} +# We don't support namespaced ingressClass yet +# So a ClusterRole and a ClusterRoleBinding is required +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .Values.controller.ingressClassResource.name }} +{{- if .Values.controller.ingressClassResource.default }} + annotations: + ingressclass.kubernetes.io/is-default-class: "true" +{{- end }} +spec: + controller: {{ .Values.controller.ingressClassResource.controllerValue }} + {{ template "ingressClass.parameters" . }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml new file mode 100644 index 0000000000..875157ea4e --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml @@ -0,0 +1,42 @@ +{{- if and .Values.controller.keda.enabled (or (eq .Values.controller.kind "Deployment") (eq .Values.controller.kind "Both")) -}} +# https://keda.sh/docs/ + +apiVersion: {{ .Values.controller.keda.apiVersion }} +kind: ScaledObject +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + {{- if .Values.controller.keda.scaledObject.annotations }} + annotations: {{ toYaml .Values.controller.keda.scaledObject.annotations | nindent 4 }} + {{- end }} +spec: + scaleTargetRef: +{{- if eq .Values.controller.keda.apiVersion "keda.k8s.io/v1alpha1" }} + deploymentName: {{ include "ingress-nginx.controller.fullname" . }} +{{- else if eq .Values.controller.keda.apiVersion "keda.sh/v1alpha1" }} + name: {{ include "ingress-nginx.controller.fullname" . }} +{{- end }} + pollingInterval: {{ .Values.controller.keda.pollingInterval }} + cooldownPeriod: {{ .Values.controller.keda.cooldownPeriod }} + minReplicaCount: {{ .Values.controller.keda.minReplicas }} + maxReplicaCount: {{ .Values.controller.keda.maxReplicas }} + triggers: +{{- with .Values.controller.keda.triggers }} +{{ toYaml . | indent 2 }} +{{ end }} + advanced: + restoreToOriginalReplicaCount: {{ .Values.controller.keda.restoreToOriginalReplicaCount }} +{{- if .Values.controller.keda.behavior }} + horizontalPodAutoscalerConfig: + behavior: +{{ with .Values.controller.keda.behavior -}} +{{ toYaml . | indent 8 }} +{{ end }} + +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml new file mode 100644 index 0000000000..899d3cc5df --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml @@ -0,0 +1,23 @@ +{{- if or (and .Values.controller.autoscaling.enabled (gt (.Values.controller.autoscaling.minReplicas | int) 1)) (and (not .Values.controller.autoscaling.enabled) (gt (.Values.controller.replicaCount | int) 1)) }} +apiVersion: {{ ternary "policy/v1" "policy/v1beta1" (semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version) }} +kind: PodDisruptionBudget +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.minAvailable }} + minAvailable: {{ .Values.controller.minAvailable }} + {{- else if .Values.controller.maxUnavailable }} + maxUnavailable: {{ .Values.controller.maxUnavailable }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml new file mode 100644 index 0000000000..78b5362e82 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml @@ -0,0 +1,21 @@ +{{- if and ( .Values.controller.metrics.enabled ) ( .Values.controller.metrics.prometheusRule.enabled ) ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) -}} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "ingress-nginx.controller.fullname" . }} +{{- if .Values.controller.metrics.prometheusRule.namespace }} + namespace: {{ .Values.controller.metrics.prometheusRule.namespace | quote }} +{{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.metrics.prometheusRule.additionalLabels }} + {{- toYaml .Values.controller.metrics.prometheusRule.additionalLabels | nindent 4 }} + {{- end }} +spec: +{{- if .Values.controller.metrics.prometheusRule.rules }} + groups: + - name: {{ template "ingress-nginx.name" . }} + rules: {{- toYaml .Values.controller.metrics.prometheusRule.rules | nindent 4 }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml new file mode 100644 index 0000000000..2e0499ce98 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml @@ -0,0 +1,94 @@ +{{- if (semverCompare "<1.25.0-0" .Capabilities.KubeVersion.Version) }} +{{- if and .Values.podSecurityPolicy.enabled (empty .Values.controller.existingPsp) -}} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "ingress-nginx.fullname" . }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + allowedCapabilities: + - NET_BIND_SERVICE + {{- if .Values.controller.image.chroot }} + - SYS_CHROOT + {{- end }} +{{- if .Values.controller.sysctls }} + allowedUnsafeSysctls: + {{- range $sysctl, $value := .Values.controller.sysctls }} + - {{ $sysctl }} + {{- end }} +{{- end }} + privileged: false + allowPrivilegeEscalation: true + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + #- 'projected' + - 'secret' + #- 'downwardAPI' +{{- if .Values.controller.hostNetwork }} + hostNetwork: {{ .Values.controller.hostNetwork }} +{{- end }} +{{- if or .Values.controller.hostNetwork .Values.controller.hostPort.enabled }} + hostPorts: +{{- if .Values.controller.hostNetwork }} +{{- range $key, $value := .Values.controller.containerPort }} + # {{ $key }} + - min: {{ $value }} + max: {{ $value }} +{{- end }} +{{- else if .Values.controller.hostPort.enabled }} +{{- range $key, $value := .Values.controller.hostPort.ports }} + # {{ $key }} + - min: {{ $value }} + max: {{ $value }} +{{- end }} +{{- end }} +{{- if .Values.controller.metrics.enabled }} + # metrics + - min: {{ .Values.controller.metrics.port }} + max: {{ .Values.controller.metrics.port }} +{{- end }} +{{- if .Values.controller.admissionWebhooks.enabled }} + # admission webhooks + - min: {{ .Values.controller.admissionWebhooks.port }} + max: {{ .Values.controller.admissionWebhooks.port }} +{{- end }} +{{- range $key, $value := .Values.tcp }} + # {{ $key }}-tcp + - min: {{ $key }} + max: {{ $key }} +{{- end }} +{{- range $key, $value := .Values.udp }} + # {{ $key }}-udp + - min: {{ $key }} + max: {{ $key }} +{{- end }} +{{- end }} + hostIPC: false + hostPID: false + runAsUser: + # Require the container to run without root privileges. + rule: 'MustRunAsNonRoot' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + seLinux: + rule: 'RunAsAny' +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml new file mode 100644 index 0000000000..d1aa9aac73 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml @@ -0,0 +1,101 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }} + namespace: {{ .Release.Namespace }} +rules: + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - endpoints + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - {{ include "ingress-nginx.controller.electionID" . }} + verbs: + - get + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - list + - watch + - get +{{- if .Values.podSecurityPolicy.enabled }} + - apiGroups: [{{ template "podSecurityPolicy.apiGroup" . }}] + resources: ['podsecuritypolicies'] + verbs: ['use'] + {{- with .Values.controller.existingPsp }} + resourceNames: [{{ . }}] + {{- else }} + resourceNames: [{{ include "ingress-nginx.fullname" . }}] + {{- end }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml new file mode 100644 index 0000000000..e846a1183a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml @@ -0,0 +1,21 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ingress-nginx.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "ingress-nginx.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml new file mode 100644 index 0000000000..aae3e155e4 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml @@ -0,0 +1,79 @@ +{{- if and .Values.controller.service.enabled .Values.controller.service.internal.enabled .Values.controller.service.internal.annotations}} +apiVersion: v1 +kind: Service +metadata: + annotations: + {{- range $key, $value := .Values.controller.service.internal.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.service.labels }} + {{- toYaml .Values.controller.service.labels | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }}-internal + namespace: {{ .Release.Namespace }} +spec: + type: "{{ .Values.controller.service.type }}" +{{- if .Values.controller.service.internal.loadBalancerIP }} + loadBalancerIP: {{ .Values.controller.service.internal.loadBalancerIP }} +{{- end }} +{{- if .Values.controller.service.internal.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml .Values.controller.service.internal.loadBalancerSourceRanges | nindent 4 }} +{{- end }} +{{- if .Values.controller.service.internal.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.controller.service.internal.externalTrafficPolicy }} +{{- end }} + ports: + {{- $setNodePorts := (or (eq .Values.controller.service.type "NodePort") (eq .Values.controller.service.type "LoadBalancer")) }} + {{- if .Values.controller.service.enableHttp }} + - name: http + port: {{ .Values.controller.service.ports.http }} + protocol: TCP + targetPort: {{ .Values.controller.service.targetPorts.http }} + {{- if semverCompare ">=1.20" .Capabilities.KubeVersion.Version }} + appProtocol: http + {{- end }} + {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.http))) }} + nodePort: {{ .Values.controller.service.nodePorts.http }} + {{- end }} + {{- end }} + {{- if .Values.controller.service.enableHttps }} + - name: https + port: {{ .Values.controller.service.ports.https }} + protocol: TCP + targetPort: {{ .Values.controller.service.targetPorts.https }} + {{- if semverCompare ">=1.20" .Capabilities.KubeVersion.Version }} + appProtocol: https + {{- end }} + {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.https))) }} + nodePort: {{ .Values.controller.service.nodePorts.https }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.tcp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + port: {{ $key }} + protocol: TCP + targetPort: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + {{- if $.Values.controller.service.nodePorts.tcp }} + {{- if index $.Values.controller.service.nodePorts.tcp $key }} + nodePort: {{ index $.Values.controller.service.nodePorts.tcp $key }} + {{- end }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.udp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + port: {{ $key }} + protocol: UDP + targetPort: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + {{- if $.Values.controller.service.nodePorts.udp }} + {{- if index $.Values.controller.service.nodePorts.udp $key }} + nodePort: {{ index $.Values.controller.service.nodePorts.udp $key }} + {{- end }} + {{- end }} + {{- end }} + selector: + {{- include "ingress-nginx.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: controller +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml new file mode 100644 index 0000000000..b178401c9a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml @@ -0,0 +1,45 @@ +{{- if .Values.controller.metrics.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.controller.metrics.service.annotations }} + annotations: {{ toYaml .Values.controller.metrics.service.annotations | nindent 4 }} +{{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.metrics.service.labels }} + {{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }}-metrics + namespace: {{ .Release.Namespace }} +spec: + type: {{ .Values.controller.metrics.service.type }} +{{- if .Values.controller.metrics.service.clusterIP }} + clusterIP: {{ .Values.controller.metrics.service.clusterIP }} +{{- end }} +{{- if .Values.controller.metrics.service.externalIPs }} + externalIPs: {{ toYaml .Values.controller.metrics.service.externalIPs | nindent 4 }} +{{- end }} +{{- if .Values.controller.metrics.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.controller.metrics.service.loadBalancerIP }} +{{- end }} +{{- if .Values.controller.metrics.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml .Values.controller.metrics.service.loadBalancerSourceRanges | nindent 4 }} +{{- end }} +{{- if .Values.controller.metrics.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.controller.metrics.service.externalTrafficPolicy }} +{{- end }} + ports: + - name: {{ .Values.controller.metrics.portName }} + port: {{ .Values.controller.metrics.service.servicePort }} + protocol: TCP + targetPort: {{ .Values.controller.metrics.portName }} + {{- $setNodePorts := (or (eq .Values.controller.metrics.service.type "NodePort") (eq .Values.controller.metrics.service.type "LoadBalancer")) }} + {{- if (and $setNodePorts (not (empty .Values.controller.metrics.service.nodePort))) }} + nodePort: {{ .Values.controller.metrics.service.nodePort }} + {{- end }} + selector: + {{- include "ingress-nginx.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: controller +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml new file mode 100644 index 0000000000..2aae24fcf0 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml @@ -0,0 +1,40 @@ +{{- if .Values.controller.admissionWebhooks.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.controller.admissionWebhooks.service.annotations }} + annotations: {{ toYaml .Values.controller.admissionWebhooks.service.annotations | nindent 4 }} +{{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }}-admission + namespace: {{ .Release.Namespace }} +spec: + type: {{ .Values.controller.admissionWebhooks.service.type }} +{{- if .Values.controller.admissionWebhooks.service.clusterIP }} + clusterIP: {{ .Values.controller.admissionWebhooks.service.clusterIP }} +{{- end }} +{{- if .Values.controller.admissionWebhooks.service.externalIPs }} + externalIPs: {{ toYaml .Values.controller.admissionWebhooks.service.externalIPs | nindent 4 }} +{{- end }} +{{- if .Values.controller.admissionWebhooks.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.controller.admissionWebhooks.service.loadBalancerIP }} +{{- end }} +{{- if .Values.controller.admissionWebhooks.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml .Values.controller.admissionWebhooks.service.loadBalancerSourceRanges | nindent 4 }} +{{- end }} + ports: + - name: https-webhook + port: 443 + targetPort: webhook + {{- if semverCompare ">=1.20" .Capabilities.KubeVersion.Version }} + appProtocol: https + {{- end }} + selector: + {{- include "ingress-nginx.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: controller +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml new file mode 100644 index 0000000000..2b28196de1 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml @@ -0,0 +1,101 @@ +{{- if and .Values.controller.service.enabled .Values.controller.service.external.enabled -}} +apiVersion: v1 +kind: Service +metadata: + annotations: + {{- range $key, $value := .Values.controller.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.service.labels }} + {{- toYaml .Values.controller.service.labels | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.controller.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + type: {{ .Values.controller.service.type }} +{{- if .Values.controller.service.clusterIP }} + clusterIP: {{ .Values.controller.service.clusterIP }} +{{- end }} +{{- if .Values.controller.service.externalIPs }} + externalIPs: {{ toYaml .Values.controller.service.externalIPs | nindent 4 }} +{{- end }} +{{- if .Values.controller.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.controller.service.loadBalancerIP }} +{{- end }} +{{- if .Values.controller.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml .Values.controller.service.loadBalancerSourceRanges | nindent 4 }} +{{- end }} +{{- if .Values.controller.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.controller.service.externalTrafficPolicy }} +{{- end }} +{{- if .Values.controller.service.sessionAffinity }} + sessionAffinity: {{ .Values.controller.service.sessionAffinity }} +{{- end }} +{{- if .Values.controller.service.healthCheckNodePort }} + healthCheckNodePort: {{ .Values.controller.service.healthCheckNodePort }} +{{- end }} +{{- if semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version -}} +{{- if .Values.controller.service.ipFamilyPolicy }} + ipFamilyPolicy: {{ .Values.controller.service.ipFamilyPolicy }} +{{- end }} +{{- end }} +{{- if semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version -}} +{{- if .Values.controller.service.ipFamilies }} + ipFamilies: {{ toYaml .Values.controller.service.ipFamilies | nindent 4 }} +{{- end }} +{{- end }} + ports: + {{- $setNodePorts := (or (eq .Values.controller.service.type "NodePort") (eq .Values.controller.service.type "LoadBalancer")) }} + {{- if .Values.controller.service.enableHttp }} + - name: http + port: {{ .Values.controller.service.ports.http }} + protocol: TCP + targetPort: {{ .Values.controller.service.targetPorts.http }} + {{- if and (semverCompare ">=1.20" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} + appProtocol: http + {{- end }} + {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.http))) }} + nodePort: {{ .Values.controller.service.nodePorts.http }} + {{- end }} + {{- end }} + {{- if .Values.controller.service.enableHttps }} + - name: https + port: {{ .Values.controller.service.ports.https }} + protocol: TCP + targetPort: {{ .Values.controller.service.targetPorts.https }} + {{- if and (semverCompare ">=1.20" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} + appProtocol: https + {{- end }} + {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.https))) }} + nodePort: {{ .Values.controller.service.nodePorts.https }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.tcp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + port: {{ $key }} + protocol: TCP + targetPort: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-tcp + {{- if $.Values.controller.service.nodePorts.tcp }} + {{- if index $.Values.controller.service.nodePorts.tcp $key }} + nodePort: {{ index $.Values.controller.service.nodePorts.tcp $key }} + {{- end }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.udp }} + - name: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + port: {{ $key }} + protocol: UDP + targetPort: {{ if $.Values.portNamePrefix }}{{ $.Values.portNamePrefix }}-{{ end }}{{ $key }}-udp + {{- if $.Values.controller.service.nodePorts.udp }} + {{- if index $.Values.controller.service.nodePorts.udp $key }} + nodePort: {{ index $.Values.controller.service.nodePorts.udp $key }} + {{- end }} + {{- end }} + {{- end }} + selector: + {{- include "ingress-nginx.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: controller +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml new file mode 100644 index 0000000000..e6e776d091 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml @@ -0,0 +1,18 @@ +{{- if or .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- with .Values.controller.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "ingress-nginx.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + {{- if .Values.serviceAccount.annotations }} + annotations: + {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml new file mode 100644 index 0000000000..8ab16f0b25 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled -}} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "ingress-nginx.controller.fullname" . }} +{{- if .Values.controller.metrics.serviceMonitor.namespace }} + namespace: {{ .Values.controller.metrics.serviceMonitor.namespace | quote }} +{{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: controller + {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} + {{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: {{ .Values.controller.metrics.portName }} + interval: {{ .Values.controller.metrics.serviceMonitor.scrapeInterval }} + {{- if .Values.controller.metrics.serviceMonitor.honorLabels }} + honorLabels: true + {{- end }} + {{- if .Values.controller.metrics.serviceMonitor.relabelings }} + relabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.relabelings | nindent 8 }} + {{- end }} + {{- if .Values.controller.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.metricRelabelings | nindent 8 }} + {{- end }} +{{- if .Values.controller.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.controller.metrics.serviceMonitor.jobLabel | quote }} +{{- end }} +{{- if .Values.controller.metrics.serviceMonitor.namespaceSelector }} + namespaceSelector: {{ toYaml .Values.controller.metrics.serviceMonitor.namespaceSelector | nindent 4 }} +{{- else }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} +{{- if .Values.controller.metrics.serviceMonitor.targetLabels }} + targetLabels: + {{- range .Values.controller.metrics.serviceMonitor.targetLabels }} + - {{ . }} + {{- end }} +{{- end }} + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: controller +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml new file mode 100644 index 0000000000..f74c2fbf32 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml @@ -0,0 +1,19 @@ +{{- if .Values.controller.admissionWebhooks.enabled }} +{{- if .Values.controller.admissionWebhooks.networkPolicyEnabled }} + +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ include "ingress-nginx.fullname" . }}-webhooks-allow + namespace: {{ .Release.Namespace }} +spec: + ingress: + - {} + podSelector: + matchLabels: + app.kubernetes.io/name: {{ include "ingress-nginx.name" . }} + policyTypes: + - Ingress + +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml new file mode 100644 index 0000000000..87aced49db --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml @@ -0,0 +1,123 @@ +{{- if .Values.defaultBackend.enabled -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.defaultBackend.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: default-backend +{{- if not .Values.defaultBackend.autoscaling.enabled }} + replicas: {{ .Values.defaultBackend.replicaCount }} +{{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + {{- if .Values.defaultBackend.updateStrategy }} + strategy: + {{ toYaml .Values.defaultBackend.updateStrategy | nindent 4 }} + {{- end }} + minReadySeconds: {{ .Values.defaultBackend.minReadySeconds }} + template: + metadata: + {{- if .Values.defaultBackend.podAnnotations }} + annotations: {{ toYaml .Values.defaultBackend.podAnnotations | nindent 8 }} + {{- end }} + labels: + {{- include "ingress-nginx.selectorLabels" . | nindent 8 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.defaultBackend.podLabels }} + {{- toYaml .Values.defaultBackend.podLabels | nindent 8 }} + {{- end }} + spec: + {{- if .Values.imagePullSecrets }} + imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }} + {{- end }} + {{- if .Values.defaultBackend.priorityClassName }} + priorityClassName: {{ .Values.defaultBackend.priorityClassName }} + {{- end }} + {{- if .Values.defaultBackend.podSecurityContext }} + securityContext: {{ toYaml .Values.defaultBackend.podSecurityContext | nindent 8 }} + {{- end }} + containers: + - name: {{ template "ingress-nginx.name" . }}-default-backend + {{- with .Values.defaultBackend.image }} + image: "{{- if .repository -}}{{ .repository }}{{ else }}{{ .registry }}/{{ .image }}{{- end -}}:{{ .tag }}{{- if (.digest) -}} @{{.digest}} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.defaultBackend.image.pullPolicy }} + {{- if .Values.defaultBackend.extraArgs }} + args: + {{- range $key, $value := .Values.defaultBackend.extraArgs }} + {{- /* Accept keys without values or with false as value */}} + {{- if eq ($value | quote | len) 2 }} + - --{{ $key }} + {{- else }} + - --{{ $key }}={{ $value }} + {{- end }} + {{- end }} + {{- end }} + securityContext: + capabilities: + drop: + - ALL + runAsUser: {{ .Values.defaultBackend.image.runAsUser }} + runAsNonRoot: {{ .Values.defaultBackend.image.runAsNonRoot }} + allowPrivilegeEscalation: {{ .Values.defaultBackend.image.allowPrivilegeEscalation }} + readOnlyRootFilesystem: {{ .Values.defaultBackend.image.readOnlyRootFilesystem}} + {{- if .Values.defaultBackend.extraEnvs }} + env: {{ toYaml .Values.defaultBackend.extraEnvs | nindent 12 }} + {{- end }} + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.defaultBackend.port }} + scheme: HTTP + initialDelaySeconds: {{ .Values.defaultBackend.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.defaultBackend.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.defaultBackend.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.defaultBackend.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.defaultBackend.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + path: /healthz + port: {{ .Values.defaultBackend.port }} + scheme: HTTP + initialDelaySeconds: {{ .Values.defaultBackend.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.defaultBackend.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.defaultBackend.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.defaultBackend.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.defaultBackend.readinessProbe.failureThreshold }} + ports: + - name: http + containerPort: {{ .Values.defaultBackend.port }} + protocol: TCP + {{- if .Values.defaultBackend.extraVolumeMounts }} + volumeMounts: {{- toYaml .Values.defaultBackend.extraVolumeMounts | nindent 12 }} + {{- end }} + {{- if .Values.defaultBackend.resources }} + resources: {{ toYaml .Values.defaultBackend.resources | nindent 12 }} + {{- end }} + {{- if .Values.defaultBackend.nodeSelector }} + nodeSelector: {{ toYaml .Values.defaultBackend.nodeSelector | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }} + {{- if .Values.defaultBackend.tolerations }} + tolerations: {{ toYaml .Values.defaultBackend.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.defaultBackend.affinity }} + affinity: {{ toYaml .Values.defaultBackend.affinity | nindent 8 }} + {{- end }} + terminationGracePeriodSeconds: 60 + {{- if .Values.defaultBackend.extraVolumes }} + volumes: {{ toYaml .Values.defaultBackend.extraVolumes | nindent 8 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml new file mode 100644 index 0000000000..594d26525b --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml @@ -0,0 +1,33 @@ +{{- if and .Values.defaultBackend.enabled .Values.defaultBackend.autoscaling.enabled }} +apiVersion: autoscaling/v2beta1 +kind: HorizontalPodAutoscaler +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "ingress-nginx.defaultBackend.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "ingress-nginx.defaultBackend.fullname" . }} + minReplicas: {{ .Values.defaultBackend.autoscaling.minReplicas }} + maxReplicas: {{ .Values.defaultBackend.autoscaling.maxReplicas }} + metrics: +{{- with .Values.defaultBackend.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ . }} +{{- end }} +{{- with .Values.defaultBackend.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ . }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml new file mode 100644 index 0000000000..00891cee5d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml @@ -0,0 +1,21 @@ +{{- if .Values.defaultBackend.enabled -}} +{{- if or (gt (.Values.defaultBackend.replicaCount | int) 1) (gt (.Values.defaultBackend.autoscaling.minReplicas | int) 1) }} +apiVersion: {{ ternary "policy/v1" "policy/v1beta1" (semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version) }} +kind: PodDisruptionBudget +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.defaultBackend.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + {{- include "ingress-nginx.selectorLabels" . | nindent 6 }} + app.kubernetes.io/component: default-backend + minAvailable: {{ .Values.defaultBackend.minAvailable }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml new file mode 100644 index 0000000000..c144c8fbf4 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml @@ -0,0 +1,38 @@ +{{- if (semverCompare "<1.25.0-0" .Capabilities.KubeVersion.Version) }} +{{- if and .Values.podSecurityPolicy.enabled .Values.defaultBackend.enabled (empty .Values.defaultBackend.existingPsp) -}} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "ingress-nginx.fullname" . }}-backend + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + allowPrivilegeEscalation: false + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml new file mode 100644 index 0000000000..a2b457c361 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml @@ -0,0 +1,22 @@ +{{- if and .Values.rbac.create .Values.podSecurityPolicy.enabled .Values.defaultBackend.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }}-backend + namespace: {{ .Release.Namespace }} +rules: + - apiGroups: [{{ template "podSecurityPolicy.apiGroup" . }}] + resources: ['podsecuritypolicies'] + verbs: ['use'] + {{- with .Values.defaultBackend.existingPsp }} + resourceNames: [{{ . }}] + {{- else }} + resourceNames: [{{ include "ingress-nginx.fullname" . }}-backend] + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml new file mode 100644 index 0000000000..dbaa516b95 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.rbac.create .Values.podSecurityPolicy.enabled .Values.defaultBackend.enabled -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.fullname" . }}-backend + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "ingress-nginx.fullname" . }}-backend +subjects: + - kind: ServiceAccount + name: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml new file mode 100644 index 0000000000..5f1d09a954 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml @@ -0,0 +1,41 @@ +{{- if .Values.defaultBackend.enabled -}} +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.defaultBackend.service.annotations }} + annotations: {{ toYaml .Values.defaultBackend.service.annotations | nindent 4 }} +{{- end }} + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ include "ingress-nginx.defaultBackend.fullname" . }} + namespace: {{ .Release.Namespace }} +spec: + type: {{ .Values.defaultBackend.service.type }} +{{- if .Values.defaultBackend.service.clusterIP }} + clusterIP: {{ .Values.defaultBackend.service.clusterIP }} +{{- end }} +{{- if .Values.defaultBackend.service.externalIPs }} + externalIPs: {{ toYaml .Values.defaultBackend.service.externalIPs | nindent 4 }} +{{- end }} +{{- if .Values.defaultBackend.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.defaultBackend.service.loadBalancerIP }} +{{- end }} +{{- if .Values.defaultBackend.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ toYaml .Values.defaultBackend.service.loadBalancerSourceRanges | nindent 4 }} +{{- end }} + ports: + - name: http + port: {{ .Values.defaultBackend.service.servicePort }} + protocol: TCP + targetPort: http + {{- if semverCompare ">=1.20" .Capabilities.KubeVersion.Version }} + appProtocol: http + {{- end }} + selector: + {{- include "ingress-nginx.selectorLabels" . | nindent 4 }} + app.kubernetes.io/component: default-backend +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml new file mode 100644 index 0000000000..b45a95ad25 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml @@ -0,0 +1,14 @@ +{{- if and .Values.defaultBackend.enabled .Values.defaultBackend.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + {{- include "ingress-nginx.labels" . | nindent 4 }} + app.kubernetes.io/component: default-backend + {{- with .Values.defaultBackend.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +automountServiceAccountToken: {{ .Values.defaultBackend.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml new file mode 100644 index 0000000000..12e7a4f633 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml @@ -0,0 +1,10 @@ +{{- with .Values.dhParam -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "ingress-nginx.controller.fullname" $ }} + labels: + {{- include "ingress-nginx.labels" $ | nindent 4 }} +data: + dhparam.pem: {{ . }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml new file mode 100644 index 0000000000..2692b51c97 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml @@ -0,0 +1,889 @@ +## nginx configuration +## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/index.md +## + +## Overrides for generated resource names +# See templates/_helpers.tpl +# nameOverride: +# fullnameOverride: + +## Labels to apply to all resources +## +commonLabels: {} +# scmhash: abc123 +# myLabel: aakkmd +namespace: egov + +controller: + name: controller + image: + ## Keep false as default for now! + chroot: false + registry: registry.k8s.io + image: ingress-nginx/controller + ## for backwards compatibility consider setting the full image url via the repository value below + ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail + ## repository: + tag: "v1.6.4" + digest: sha256:15be4666c53052484dd2992efacf2f50ea77a78ae8aa21ccd91af6baaa7ea22f + digestChroot: sha256:0de01e2c316c3ca7847ca13b32d077af7910d07f21a4a82f81061839764f8f81 + pullPolicy: IfNotPresent + # www-data -> uid 101 + runAsUser: 101 + allowPrivilegeEscalation: true + # -- Use an existing PSP instead of creating one + existingPsp: "" + # -- Configures the controller container name + containerName: controller + # -- Configures the ports that the nginx-controller listens on + containerPort: + http: 80 + https: 443 + # -- Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ + config: {} + # -- Annotations to be added to the controller config configuration configmap. + configAnnotations: {} + # -- Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/custom-headers + proxySetHeaders: {} + # -- Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers + addHeaders: {} + # -- Optionally customize the pod dnsConfig. + dnsConfig: {} + # -- Optionally customize the pod hostname. + hostname: {} + # -- Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'. + # By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller + # to keep resolving names inside the k8s network, use ClusterFirstWithHostNet. + dnsPolicy: ClusterFirst + # -- Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network + # Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply + reportNodeInternalIp: false + # -- Process Ingress objects without ingressClass annotation/ingressClassName field + # Overrides value for --watch-ingress-without-class flag of the controller binary + # Defaults to false + watchIngressWithoutClass: false + # -- Process IngressClass per name (additionally as per spec.controller). + ingressClassByName: false + # -- This configuration enables Topology Aware Routing feature, used together with service annotation service.kubernetes.io/topology-aware-hints="auto" + # Defaults to false + enableTopologyAwareRouting: false + # -- This configuration defines if Ingress Controller should allow users to set + # their own *-snippet annotations, otherwise this is forbidden / dropped + # when users add those annotations. + # Global snippets in ConfigMap are still respected + allowSnippetAnnotations: true + # -- Required for use with CNI based kubernetes installations (such as ones set up by kubeadm), + # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920 + # is merged + hostNetwork: false + ## Use host ports 80 and 443 + ## Disabled by default + hostPort: + # -- Enable 'hostPort' or not + enabled: false + ports: + # -- 'hostPort' http port + http: 80 + # -- 'hostPort' https port + https: 443 + # -- Election ID to use for status update, by default it uses the controller name combined with a suffix of 'leader' + electionID: "" + ## This section refers to the creation of the IngressClass resource + ## IngressClass resources are supported since k8s >= 1.18 and required since k8s >= 1.19 + ingressClassResource: + # -- Name of the ingressClass + name: nginx + # -- Is this ingressClass enabled or not + enabled: true + # -- Is this the default ingressClass for the cluster + default: false + # -- Controller-value of the controller that is processing this ingressClass + controllerValue: "k8s.io/ingress-nginx" + # -- Parameters is a link to a custom resource containing additional + # configuration for the controller. This is optional if the controller + # does not require extra parameters. + parameters: {} + # -- For backwards compatibility with ingress.class annotation, use ingressClass. + # Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation + ingressClass: nginx + # -- Labels to add to the pod container metadata + podLabels: {} + # key: value + + # -- Security Context policies for controller pods + podSecurityContext: {} + # -- See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for notes on enabling and using sysctls + sysctls: {} + # sysctls: + # "net.core.somaxconn": "8192" + + # -- Allows customization of the source of the IP address or FQDN to report + # in the ingress status field. By default, it reads the information provided + # by the service. If disable, the status field reports the IP address of the + # node or nodes where an ingress controller pod is running. + publishService: + # -- Enable 'publishService' or not + enabled: true + # -- Allows overriding of the publish service to bind to + # Must be / + pathOverride: "" + # Limit the scope of the controller to a specific namespace + scope: + # -- Enable 'scope' or not + enabled: false + # -- Namespace to limit the controller to; defaults to $(POD_NAMESPACE) + namespace: "" + # -- When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels + # only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces. + namespaceSelector: "" + # -- Allows customization of the configmap / nginx-configmap namespace; defaults to $(POD_NAMESPACE) + configMapNamespace: "" + tcp: + # -- Allows customization of the tcp-services-configmap; defaults to $(POD_NAMESPACE) + configMapNamespace: "" + # -- Annotations to be added to the tcp config configmap + annotations: {} + udp: + # -- Allows customization of the udp-services-configmap; defaults to $(POD_NAMESPACE) + configMapNamespace: "" + # -- Annotations to be added to the udp config configmap + annotations: {} + # -- Maxmind license key to download GeoLite2 Databases. + ## https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases + maxmindLicenseKey: "" + # -- Additional command line arguments to pass to nginx-ingress-controller + # E.g. to specify the default SSL certificate you can use + extraArgs: {} + ## extraArgs: + ## default-ssl-certificate: "/" + + # -- Additional environment variables to set + extraEnvs: [] + # extraEnvs: + # - name: FOO + # valueFrom: + # secretKeyRef: + # key: FOO + # name: secret-resource + + # -- Use a `DaemonSet` or `Deployment` + kind: Deployment + # -- Annotations to be added to the controller Deployment or DaemonSet + ## + annotations: {} + # keel.sh/pollSchedule: "@every 60m" + + # -- Labels to be added to the controller Deployment or DaemonSet and other resources that do not have option to specify labels + ## + labels: {} + # keel.sh/policy: patch + # keel.sh/trigger: poll + + # -- The update strategy to apply to the Deployment or DaemonSet + ## + updateStrategy: {} + # rollingUpdate: + # maxUnavailable: 1 + # type: RollingUpdate + + # -- `minReadySeconds` to avoid killing pods before we are ready + ## + minReadySeconds: 0 + # -- Node tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + # -- Affinity and anti-affinity rules for server scheduling to nodes + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## + affinity: {} + # # An example of preferred pod anti-affinity, weight is in the range 1-100 + # podAntiAffinity: + # preferredDuringSchedulingIgnoredDuringExecution: + # - weight: 100 + # podAffinityTerm: + # labelSelector: + # matchExpressions: + # - key: app.kubernetes.io/name + # operator: In + # values: + # - ingress-nginx + # - key: app.kubernetes.io/instance + # operator: In + # values: + # - ingress-nginx + # - key: app.kubernetes.io/component + # operator: In + # values: + # - controller + # topologyKey: kubernetes.io/hostname + + # # An example of required pod anti-affinity + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - labelSelector: + # matchExpressions: + # - key: app.kubernetes.io/name + # operator: In + # values: + # - ingress-nginx + # - key: app.kubernetes.io/instance + # operator: In + # values: + # - ingress-nginx + # - key: app.kubernetes.io/component + # operator: In + # values: + # - controller + # topologyKey: "kubernetes.io/hostname" + + # -- Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # labelSelector: + # matchLabels: + # app.kubernetes.io/instance: ingress-nginx-internal + + # -- `terminationGracePeriodSeconds` to avoid killing pods before we are ready + ## wait up to five minutes for the drain of connections + ## + terminationGracePeriodSeconds: 300 + # -- Node labels for controller pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: + kubernetes.io/os: linux + ## Liveness and readiness probe values + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## + ## startupProbe: + ## httpGet: + ## # should match container.healthCheckPath + ## path: "/healthz" + ## port: 10254 + ## scheme: HTTP + ## initialDelaySeconds: 5 + ## periodSeconds: 5 + ## timeoutSeconds: 2 + ## successThreshold: 1 + ## failureThreshold: 5 + livenessProbe: + httpGet: + # should match container.healthCheckPath + path: "/healthz" + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 5 + readinessProbe: + httpGet: + # should match container.healthCheckPath + path: "/healthz" + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + # -- Path of the health check endpoint. All requests received on the port defined by + # the healthz-port parameter are forwarded internally to this path. + healthCheckPath: "/healthz" + # -- Address to bind the health check endpoint. + # It is better to set this option to the internal node address + # if the ingress nginx controller is running in the `hostNetwork: true` mode. + healthCheckHost: "" + # -- Annotations to be added to controller pods + ## + podAnnotations: {} + replicaCount: 1 + # -- Define either 'minAvailable' or 'maxUnavailable', never both. + minAvailable: 1 + # -- Define either 'minAvailable' or 'maxUnavailable', never both. + # maxUnavailable: 1 + + ## Define requests resources to avoid probe issues due to CPU utilization in busy nodes + ## ref: https://github.com/kubernetes/ingress-nginx/issues/4735#issuecomment-551204903 + ## Ideally, there should be no limits. + ## https://engineering.indeedblog.com/blog/2019/12/cpu-throttling-regression-fix/ + resources: + ## limits: + ## cpu: 100m + ## memory: 90Mi + requests: + cpu: 100m + memory: 90Mi + # Mutually exclusive with keda autoscaling + autoscaling: + apiVersion: autoscaling/v2 + enabled: false + annotations: {} + minReplicas: 1 + maxReplicas: 11 + targetCPUUtilizationPercentage: 50 + targetMemoryUtilizationPercentage: 50 + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 + # periodSeconds: 60 + autoscalingTemplate: [] + # Custom or additional autoscaling metrics + # ref: https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/#support-for-custom-metrics + # - type: Pods + # pods: + # metric: + # name: nginx_ingress_controller_nginx_process_requests_total + # target: + # type: AverageValue + # averageValue: 10000m + + # Mutually exclusive with hpa autoscaling + keda: + apiVersion: "keda.sh/v1alpha1" + ## apiVersion changes with keda 1.x vs 2.x + ## 2.x = keda.sh/v1alpha1 + ## 1.x = keda.k8s.io/v1alpha1 + enabled: false + minReplicas: 1 + maxReplicas: 11 + pollingInterval: 30 + cooldownPeriod: 300 + restoreToOriginalReplicaCount: false + scaledObject: + annotations: {} + # Custom annotations for ScaledObject resource + # annotations: + # key: value + triggers: [] + # - type: prometheus + # metadata: + # serverAddress: http://:9090 + # metricName: http_requests_total + # threshold: '100' + # query: sum(rate(http_requests_total{deployment="my-deployment"}[2m])) + + behavior: {} + # scaleDown: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 1 + # periodSeconds: 180 + # scaleUp: + # stabilizationWindowSeconds: 300 + # policies: + # - type: Pods + # value: 2 + # periodSeconds: 60 + + # -- Enable mimalloc as a drop-in replacement for malloc. + ## ref: https://github.com/microsoft/mimalloc + ## + enableMimalloc: true + ## Override NGINX template + customTemplate: + configMapName: "" + configMapKey: "" + service: + enabled: true + # -- If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were + # using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http + # It allows choosing the protocol for each backend specified in the Kubernetes service. + # See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 + # Will be ignored for Kubernetes versions older than 1.20 + ## + appProtocol: true + annotations: {} + labels: {} + # clusterIP: "" + + # -- List of IP addresses at which the controller services are available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + # -- Used by cloud providers to connect the resulting `LoadBalancer` to a pre-existing static IP according to https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer + loadBalancerIP: "" + loadBalancerSourceRanges: [] + enableHttp: true + enableHttps: true + ## Set external traffic policy to: "Local" to preserve source IP on providers supporting it. + ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer + # externalTrafficPolicy: "" + + ## Must be either "None" or "ClientIP" if set. Kubernetes will default to "None". + ## Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies + # sessionAffinity: "" + + ## Specifies the health check node port (numeric port number) for the service. If healthCheckNodePort isn’t specified, + ## the service controller allocates a port from your cluster’s NodePort range. + ## Ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + # healthCheckNodePort: 0 + + # -- Represents the dual-stack-ness requested or required by this Service. Possible values are + # SingleStack, PreferDualStack or RequireDualStack. + # The ipFamilies and clusterIPs fields depend on the value of this field. + ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/ + ipFamilyPolicy: "SingleStack" + # -- List of IP families (e.g. IPv4, IPv6) assigned to the service. This field is usually assigned automatically + # based on cluster configuration and the ipFamilyPolicy field. + ## Ref: https://kubernetes.io/docs/concepts/services-networking/dual-stack/ + ipFamilies: + - IPv4 + ports: + http: 80 + https: 443 + targetPorts: + http: http + https: https + type: LoadBalancer + ## type: NodePort + ## nodePorts: + ## http: 32080 + ## https: 32443 + ## tcp: + ## 8080: 32808 + nodePorts: + http: "" + https: "" + tcp: {} + udp: {} + external: + enabled: true + internal: + # -- Enables an additional internal load balancer (besides the external one). + enabled: false + # -- Annotations are mandatory for the load balancer to come up. Varies with the cloud service. + annotations: {} + # loadBalancerIP: "" + + # -- Restrict access For LoadBalancer service. Defaults to 0.0.0.0/0. + loadBalancerSourceRanges: [] + ## Set external traffic policy to: "Local" to preserve source IP on + ## providers supporting it + ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer + # externalTrafficPolicy: "" + # shareProcessNamespace enables process namespace sharing within the pod. + # This can be used for example to signal log rotation using `kill -USR1` from a sidecar. + shareProcessNamespace: false + # -- Additional containers to be added to the controller pod. + # See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. + extraContainers: [] + # - name: my-sidecar + # image: nginx:latest + # - name: lemonldap-ng-controller + # image: lemonldapng/lemonldap-ng-controller:0.2.0 + # args: + # - /lemonldap-ng-controller + # - --alsologtostderr + # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration + # env: + # - name: POD_NAME + # valueFrom: + # fieldRef: + # fieldPath: metadata.name + # - name: POD_NAMESPACE + # valueFrom: + # fieldRef: + # fieldPath: metadata.namespace + # volumeMounts: + # - name: copy-portal-skins + # mountPath: /srv/var/lib/lemonldap-ng/portal/skins + + # -- Additional volumeMounts to the controller main container. + extraVolumeMounts: [] + # - name: copy-portal-skins + # mountPath: /var/lib/lemonldap-ng/portal/skins + + # -- Additional volumes to the controller pod. + extraVolumes: [] + # - name: copy-portal-skins + # emptyDir: {} + + # -- Containers, which are run before the app containers are started. + extraInitContainers: [] + # - name: init-myservice + # image: busybox + # command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] + + # -- Modules, which are mounted into the core nginx image. See values.yaml for a sample to add opentelemetry module + extraModules: [] + # containerSecurityContext: + # allowPrivilegeEscalation: false + # + # The image must contain a `/usr/local/bin/init_module.sh` executable, which + # will be executed as initContainers, to move its config files within the + # mounted volume. + + opentelemetry: + enabled: false + image: registry.k8s.io/ingress-nginx/opentelemetry:v20230107-helm-chart-4.4.2-2-g96b3d2165@sha256:331b9bebd6acfcd2d3048abbdd86555f5be76b7e3d0b5af4300b04235c6056c9 + containerSecurityContext: + allowPrivilegeEscalation: false + admissionWebhooks: + annotations: {} + # ignore-check.kube-linter.io/no-read-only-rootfs: "This deployment needs write access to root filesystem". + + ## Additional annotations to the admission webhooks. + ## These annotations will be added to the ValidatingWebhookConfiguration and + ## the Jobs Spec of the admission webhooks. + enabled: false + # -- Additional environment variables to set + extraEnvs: [] + # extraEnvs: + # - name: FOO + # valueFrom: + # secretKeyRef: + # key: FOO + # name: secret-resource + # -- Admission Webhook failure policy to use + failurePolicy: Fail + # timeoutSeconds: 10 + port: 8443 + certificate: "/usr/local/certificates/cert" + key: "/usr/local/certificates/key" + namespaceSelector: {} + objectSelector: {} + # -- Labels to be added to admission webhooks + labels: {} + # -- Use an existing PSP instead of creating one + existingPsp: "" + networkPolicyEnabled: false + service: + annotations: {} + # clusterIP: "" + externalIPs: [] + # loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 443 + type: ClusterIP + createSecretJob: + securityContext: + allowPrivilegeEscalation: false + resources: {} + # limits: + # cpu: 10m + # memory: 20Mi + # requests: + # cpu: 10m + # memory: 20Mi + patchWebhookJob: + securityContext: + allowPrivilegeEscalation: false + resources: {} + patch: + enabled: true + image: + registry: registry.k8s.io + image: ingress-nginx/kube-webhook-certgen + ## for backwards compatibility consider setting the full image url via the repository value below + ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail + ## repository: + tag: v20220916-gd32f8c343 + digest: sha256:39c5b2e3310dc4264d638ad28d9d1d96c4cbb2b2dcfb52368fe4e3c63f61e10f + pullPolicy: IfNotPresent + # -- Provide a priority class name to the webhook patching job + ## + priorityClassName: "" + podAnnotations: {} + nodeSelector: + kubernetes.io/os: linux + tolerations: [] + # -- Labels to be added to patch job resources + labels: {} + securityContext: + runAsNonRoot: true + runAsUser: 2000 + fsGroup: 2000 + # Use certmanager to generate webhook certs + certManager: + enabled: false + # self-signed root certificate + rootCert: + # default to be 5y + duration: "" + admissionCert: + # default to be 1y + duration: "" + # issuerRef: + # name: "issuer" + # kind: "ClusterIssuer" + metrics: + port: 10254 + portName: metrics + # if this port is changed, change healthz-port: in extraArgs: accordingly + enabled: false + service: + annotations: {} + # prometheus.io/scrape: "true" + # prometheus.io/port: "10254" + # -- Labels to be added to the metrics service resource + labels: {} + # clusterIP: "" + + # -- List of IP addresses at which the stats-exporter service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + # loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 10254 + type: ClusterIP + # externalTrafficPolicy: "" + # nodePort: "" + serviceMonitor: + enabled: false + additionalLabels: {} + ## The label to use to retrieve the job name from. + ## jobLabel: "app.kubernetes.io/name" + namespace: "" + namespaceSelector: {} + ## Default: scrape .Release.Namespace only + ## To scrape all, use the following: + ## namespaceSelector: + ## any: true + scrapeInterval: 30s + # honorLabels: true + targetLabels: [] + relabelings: [] + metricRelabelings: [] + prometheusRule: + enabled: false + additionalLabels: {} + # namespace: "" + rules: [] + # # These are just examples rules, please adapt them to your needs + # - alert: NGINXConfigFailed + # expr: count(nginx_ingress_controller_config_last_reload_successful == 0) > 0 + # for: 1s + # labels: + # severity: critical + # annotations: + # description: bad ingress config - nginx config test failed + # summary: uninstall the latest ingress changes to allow config reloads to resume + # - alert: NGINXCertificateExpiry + # expr: (avg(nginx_ingress_controller_ssl_expire_time_seconds) by (host) - time()) < 604800 + # for: 1s + # labels: + # severity: critical + # annotations: + # description: ssl certificate(s) will expire in less then a week + # summary: renew expiring certificates to avoid downtime + # - alert: NGINXTooMany500s + # expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"5.+"} ) / sum(nginx_ingress_controller_requests) ) > 5 + # for: 1m + # labels: + # severity: warning + # annotations: + # description: Too many 5XXs + # summary: More than 5% of all requests returned 5XX, this requires your attention + # - alert: NGINXTooMany400s + # expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"4.+"} ) / sum(nginx_ingress_controller_requests) ) > 5 + # for: 1m + # labels: + # severity: warning + # annotations: + # description: Too many 4XXs + # summary: More than 5% of all requests returned 4XX, this requires your attention + # -- Improve connection draining when ingress controller pod is deleted using a lifecycle hook: + # With this new hook, we increased the default terminationGracePeriodSeconds from 30 seconds + # to 300, allowing the draining of connections up to five minutes. + # If the active connections end before that, the pod will terminate gracefully at that time. + # To effectively take advantage of this feature, the Configmap feature + # worker-shutdown-timeout new value is 240s instead of 10s. + ## + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + priorityClassName: "" +# -- Rollback limit +## +revisionHistoryLimit: 10 +## Default 404 backend +## +defaultBackend: + ## + enabled: false + name: defaultbackend + image: + registry: registry.k8s.io + image: defaultbackend-amd64 + ## for backwards compatibility consider setting the full image url via the repository value below + ## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail + ## repository: + tag: "1.5" + pullPolicy: IfNotPresent + # nobody user -> uid 65534 + runAsUser: 65534 + runAsNonRoot: true + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # -- Use an existing PSP instead of creating one + existingPsp: "" + extraArgs: {} + serviceAccount: + create: true + name: "" + automountServiceAccountToken: true + # -- Additional environment variables to set for defaultBackend pods + extraEnvs: [] + port: 8080 + ## Readiness and liveness probes for default backend + ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ + ## + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + failureThreshold: 6 + initialDelaySeconds: 0 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 5 + # -- The update strategy to apply to the Deployment or DaemonSet + ## + updateStrategy: {} + # rollingUpdate: + # maxUnavailable: 1 + # type: RollingUpdate + + # -- `minReadySeconds` to avoid killing pods before we are ready + ## + minReadySeconds: 0 + # -- Node tolerations for server scheduling to nodes with taints + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal|Exists" + # value: "value" + # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" + + affinity: {} + # -- Security Context policies for controller pods + # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for + # notes on enabling and using sysctls + ## + podSecurityContext: {} + # -- Security Context policies for controller main container. + # See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for + # notes on enabling and using sysctls + ## + containerSecurityContext: {} + # -- Labels to add to the pod container metadata + podLabels: {} + # key: value + + # -- Node labels for default backend pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: + kubernetes.io/os: linux + # -- Annotations to be added to default backend pods + ## + podAnnotations: {} + replicaCount: 1 + minAvailable: 1 + resources: {} + # limits: + # cpu: 10m + # memory: 20Mi + # requests: + # cpu: 10m + # memory: 20Mi + + extraVolumeMounts: [] + ## Additional volumeMounts to the default backend container. + # - name: copy-portal-skins + # mountPath: /var/lib/lemonldap-ng/portal/skins + + extraVolumes: [] + ## Additional volumes to the default backend pod. + # - name: copy-portal-skins + # emptyDir: {} + + autoscaling: + annotations: {} + enabled: false + minReplicas: 1 + maxReplicas: 2 + targetCPUUtilizationPercentage: 50 + targetMemoryUtilizationPercentage: 50 + service: + annotations: {} + # clusterIP: "" + + # -- List of IP addresses at which the default backend service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + externalIPs: [] + # loadBalancerIP: "" + loadBalancerSourceRanges: [] + servicePort: 80 + type: ClusterIP + priorityClassName: "" + # -- Labels to be added to the default backend resources + labels: {} +## Enable RBAC as per https://github.com/kubernetes/ingress-nginx/blob/main/docs/deploy/rbac.md and https://github.com/kubernetes/ingress-nginx/issues/266 +rbac: + create: true + scope: false +## If true, create & use Pod Security Policy resources +## https://kubernetes.io/docs/concepts/policy/pod-security-policy/ +podSecurityPolicy: + enabled: false +serviceAccount: + create: true + name: "" + automountServiceAccountToken: true + # -- Annotations for the controller service account + annotations: {} +# -- Optional array of imagePullSecrets containing private registry credentials +## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ +imagePullSecrets: [] +# - name: secretName + +# -- TCP service key-value pairs +## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md +## +tcp: {} +# 8080: "default/example-tcp-svc:9000" + +# -- UDP service key-value pairs +## Ref: https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/exposing-tcp-udp-services.md +## +udp: {} +# 53: "kube-system/kube-dns:53" + +# -- Prefix for TCP and UDP ports names in ingress controller service +## Some cloud providers, like Yandex Cloud may have a requirements for a port name regex to support cloud load balancer integration +portNamePrefix: "" +# -- (string) A base64-encoded Diffie-Hellman parameter. +# This can be generated with: `openssl dhparam 4096 2> /dev/null | base64` +## Ref: https://github.com/kubernetes/ingress-nginx/tree/main/docs/examples/customization/ssl-dh-param +dhParam: From c4a2e5d62566ff8f885919fde47f57111258bcd5 Mon Sep 17 00:00:00 2001 From: aniket Date: Sun, 12 Mar 2023 18:14:36 +0530 Subject: [PATCH 129/742] Updated cert-manager chart to v1.7.3 --- .../cert-manager/.helmignore | 22 - .../backbone-services/cert-manager/Chart.yaml | 38 +- .../backbone-services/cert-manager/README.md | 220 + .../cert-manager-crds.yaml => crds/crds.yaml} | 4982 ++++++++--------- .../cert-manager/templates/NOTES.txt | 15 + .../cert-manager/templates/_helpers.tpl | 167 +- .../templates/cainjector-deployment.yaml | 102 + .../templates/cainjector-psp-clusterrole.yaml | 20 + .../cainjector-psp-clusterrolebinding.yaml | 22 + .../templates/cainjector-psp.yaml | 51 + .../templates/cainjector-rbac.yaml | 114 + .../templates/cainjector-serviceaccount.yaml | 24 + .../cert-manager/templates/clusterissuer.yaml | 30 +- .../cert-manager/templates/clusterrole.yaml | 249 - .../templates/clusterrolebinding.yaml | 119 - .../cert-manager/templates/deployment.yaml | 206 +- .../templates/psp-clusterrole.yaml | 18 + .../templates/psp-clusterrolebinding.yaml | 20 + .../cert-manager/templates/psp.yaml | 49 + .../cert-manager/templates/rbac.yaml | 547 ++ .../cert-manager/templates/role.yaml | 34 - .../cert-manager/templates/rolebinding.yaml | 41 - .../cert-manager/templates/service.yaml | 33 +- .../templates/serviceaccount.yaml | 36 +- .../templates/servicemonitor.yaml | 39 + .../templates/startupapicheck-job.yaml | 77 + .../startupapicheck-psp-clusterrole.yaml | 24 + ...tartupapicheck-psp-clusterrolebinding.yaml | 26 + .../templates/startupapicheck-psp.yaml | 51 + .../templates/startupapicheck-rbac.yaml | 48 + .../startupapicheck-serviceaccount.yaml | 24 + .../templates/webhook-config.yaml | 24 + .../templates/webhook-deployment.yaml | 153 + .../templates/webhook-mutating-webhook.yaml | 46 + .../templates/webhook-psp-clusterrole.yaml | 18 + .../webhook-psp-clusterrolebinding.yaml | 20 + .../cert-manager/templates/webhook-psp.yaml | 54 + .../cert-manager/templates/webhook-rbac.yaml | 83 + .../templates/webhook-service.yaml | 32 + .../templates/webhook-serviceaccount.yaml | 22 + .../templates/webhook-validating-webhook.yaml | 55 + .../cert-manager/values.yaml | 539 +- 42 files changed, 5243 insertions(+), 3251 deletions(-) delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/.helmignore create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/README.md rename config-as-code/helm/charts/backbone-services/cert-manager/{templates/crds/cert-manager-crds.yaml => crds/crds.yaml} (90%) create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml create mode 100644 config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/.helmignore b/config-as-code/helm/charts/backbone-services/cert-manager/.helmignore deleted file mode 100644 index 50af031725..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/.helmignore +++ /dev/null @@ -1,22 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml index 39075c33af..f88c9b091e 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml @@ -1,21 +1,19 @@ -apiVersion: v2 +annotations: + artifacthub.io/prerelease: "false" +apiVersion: v1 +appVersion: v1.7.3 +description: A Helm chart for cert-manager +home: https://github.com/jetstack/cert-manager +icon: https://raw.githubusercontent.com/jetstack/cert-manager/master/logo/logo.png +keywords: +- cert-manager +- kube-lego +- letsencrypt +- tls +maintainers: +- email: cert-manager-maintainers@googlegroups.com + name: cert-manager-maintainers name: cert-manager -description: A Helm chart for cert-manager on Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: v0.10.1 +sources: +- https://github.com/jetstack/cert-manager +version: v1.7.3 diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/README.md b/config-as-code/helm/charts/backbone-services/cert-manager/README.md new file mode 100644 index 0000000000..ca13f38158 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/README.md @@ -0,0 +1,220 @@ +# cert-manager + +cert-manager is a Kubernetes addon to automate the management and issuance of +TLS certificates from various issuing sources. + +It will ensure certificates are valid and up to date periodically, and attempt +to renew certificates at an appropriate time before expiry. + +## Prerequisites + +- Kubernetes 1.18+ + +## Installing the Chart + +Full installation instructions, including details on how to configure extra +functionality in cert-manager can be found in the [installation docs](https://cert-manager.io/docs/installation/kubernetes/). + +Before installing the chart, you must first install the cert-manager CustomResourceDefinition resources. +This is performed in a separate step to allow you to easily uninstall and reinstall cert-manager without deleting your installed custom resources. + +```bash +$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.3/cert-manager.crds.yaml +``` + +To install the chart with the release name `my-release`: + +```console +## Add the Jetstack Helm repository +$ helm repo add jetstack https://charts.jetstack.io + +## Install the cert-manager helm chart +$ helm install my-release --namespace cert-manager --version v1.7.3 jetstack/cert-manager +``` + +In order to begin issuing certificates, you will need to set up a ClusterIssuer +or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer). + +More information on the different types of issuers and how to configure them +can be found in [our documentation](https://cert-manager.io/docs/configuration/). + +For information on how to configure cert-manager to automatically provision +Certificates for Ingress resources, take a look at the +[Securing Ingresses documentation](https://cert-manager.io/docs/usage/ingress/). + +> **Tip**: List all releases using `helm list` + +## Upgrading the Chart + +Special considerations may be required when upgrading the Helm chart, and these +are documented in our full [upgrading guide](https://cert-manager.io/docs/installation/upgrading/). + +**Please check here before performing upgrades!** + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +If you want to completely uninstall cert-manager from your cluster, you will also need to +delete the previously installed CustomResourceDefinition resources: + +```console +$ kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.7.3/cert-manager.crds.yaml +``` + +## Configuration + +The following table lists the configurable parameters of the cert-manager chart and their default values. + +| Parameter | Description | Default | +| --------- | ----------- | ------- | +| `global.imagePullSecrets` | Reference to one or more secrets to be used when pulling images | `[]` | +| `global.rbac.create` | If `true`, create and use RBAC resources (includes sub-charts) | `true` | +| `global.priorityClassName`| Priority class name for cert-manager and webhook pods | `""` | +| `global.podSecurityPolicy.enabled` | If `true`, create and use PodSecurityPolicy (includes sub-charts) | `false` | +| `global.podSecurityPolicy.useAppArmor` | If `true`, use Apparmor seccomp profile in PSP | `true` | +| `global.leaderElection.namespace` | Override the namespace used to store the ConfigMap for leader election | `kube-system` | +| `global.leaderElection.leaseDuration` | The duration that non-leader candidates will wait after observing a leadership renewal until attempting to acquire leadership of a led but unrenewed leader slot. This is effectively the maximum duration that a leader can be stopped before it is replaced by another candidate | | +| `global.leaderElection.renewDeadline` | The interval between attempts by the acting master to renew a leadership slot before it stops leading. This must be less than or equal to the lease duration | | +| `global.leaderElection.retryPeriod` | The duration the clients should wait between attempting acquisition and renewal of a leadership | | +| `installCRDs` | If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED | `false` | +| `image.repository` | Image repository | `quay.io/jetstack/cert-manager-controller` | +| `image.tag` | Image tag | `v1.7.3` | +| `image.pullPolicy` | Image pull policy | `IfNotPresent` | +| `replicaCount` | Number of cert-manager replicas | `1` | +| `clusterResourceNamespace` | Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources | Same namespace as cert-manager pod | +| `featureGates` | Comma-separated list of feature gates to enable on the controller pod | `` | +| `extraArgs` | Optional flags for cert-manager | `[]` | +| `extraEnv` | Optional environment variables for cert-manager | `[]` | +| `serviceAccount.create` | If `true`, create a new service account | `true` | +| `serviceAccount.name` | Service account to be used. If not set and `serviceAccount.create` is `true`, a name is generated using the fullname template | | +| `serviceAccount.annotations` | Annotations to add to the service account | | +| `serviceAccount.automountServiceAccountToken` | Automount API credentials for the Service Account | `true` | +| `volumes` | Optional volumes for cert-manager | `[]` | +| `volumeMounts` | Optional volume mounts for cert-manager | `[]` | +| `resources` | CPU/memory resource requests/limits | `{}` | +| `securityContext` | Optional security context. The yaml block should adhere to the [SecurityContext spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) | `{}` | +| `securityContext.enabled` | Deprecated (use `securityContext`) - Enable security context | `false` | +| `containerSecurityContext` | Security context to be set on the controller component container | `{}` | +| `nodeSelector` | Node labels for pod assignment | `{}` | +| `affinity` | Node affinity for pod assignment | `{}` | +| `tolerations` | Node tolerations for pod assignment | `[]` | +| `ingressShim.defaultIssuerName` | Optional default issuer to use for ingress resources | | +| `ingressShim.defaultIssuerKind` | Optional default issuer kind to use for ingress resources | | +| `ingressShim.defaultIssuerGroup` | Optional default issuer group to use for ingress resources | | +| `prometheus.enabled` | Enable Prometheus monitoring | `true` | +| `prometheus.servicemonitor.enabled` | Enable Prometheus Operator ServiceMonitor monitoring | `false` | +| `prometheus.servicemonitor.namespace` | Define namespace where to deploy the ServiceMonitor resource | (namespace where you are deploying) | +| `prometheus.servicemonitor.prometheusInstance` | Prometheus Instance definition | `default` | +| `prometheus.servicemonitor.targetPort` | Prometheus scrape port | `9402` | +| `prometheus.servicemonitor.path` | Prometheus scrape path | `/metrics` | +| `prometheus.servicemonitor.interval` | Prometheus scrape interval | `60s` | +| `prometheus.servicemonitor.labels` | Add custom labels to ServiceMonitor | | +| `prometheus.servicemonitor.scrapeTimeout` | Prometheus scrape timeout | `30s` | +| `prometheus.servicemonitor.honorLabels` | Enable label honoring for metrics scraped by Prometheus (see [Prometheus scrape config docs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config) for details). By setting `honorLabels` to `true`, Prometheus will prefer label contents given by cert-manager on conflicts. Can be used to remove the "exported_namespace" label for example. | `false` | +| `podAnnotations` | Annotations to add to the cert-manager pod | `{}` | +| `deploymentAnnotations` | Annotations to add to the cert-manager deployment | `{}` | +| `podDnsPolicy` | Optional cert-manager pod [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-policy) | | +| `podDnsConfig` | Optional cert-manager pod [DNS configurations](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) | | +| `podLabels` | Labels to add to the cert-manager pod | `{}` | +| `serviceLabels` | Labels to add to the cert-manager controller service | `{}` | +| `serviceAnnotations` | Annotations to add to the cert-manager service | `{}` | +| `http_proxy` | Value of the `HTTP_PROXY` environment variable in the cert-manager pod | | +| `https_proxy` | Value of the `HTTPS_PROXY` environment variable in the cert-manager pod | | +| `no_proxy` | Value of the `NO_PROXY` environment variable in the cert-manager pod | | +| `webhook.replicaCount` | Number of cert-manager webhook replicas | `1` | +| `webhook.timeoutSeconds` | Seconds the API server should wait the webhook to respond before treating the call as a failure. | `10` | +| `webhook.podAnnotations` | Annotations to add to the webhook pods | `{}` | +| `webhook.podLabels` | Labels to add to the cert-manager webhook pod | `{}` | +| `webhook.serviceLabels` | Labels to add to the cert-manager webhook service | `{}` | +| `webhook.deploymentAnnotations` | Annotations to add to the webhook deployment | `{}` | +| `webhook.mutatingWebhookConfigurationAnnotations` | Annotations to add to the mutating webhook configuration | `{}` | +| `webhook.validatingWebhookConfigurationAnnotations` | Annotations to add to the validating webhook configuration | `{}` | +| `webhook.serviceAnnotations` | Annotations to add to the webhook service | `{}` | +| `webhook.config` | WebhookConfiguration YAML used to configure flags for the webhook. Generates a ConfigMap containing contents of the field. See `values.yaml` for example. | `{}` | +| `webhook.extraArgs` | Optional flags for cert-manager webhook component | `[]` | +| `webhook.serviceAccount.create` | If `true`, create a new service account for the webhook component | `true` | +| `webhook.serviceAccount.name` | Service account for the webhook component to be used. If not set and `webhook.serviceAccount.create` is `true`, a name is generated using the fullname template | | +| `webhook.serviceAccount.annotations` | Annotations to add to the service account for the webhook component | | +| `webhook.serviceAccount.automountServiceAccountToken` | Automount API credentials for the webhook Service Account | | +| `webhook.resources` | CPU/memory resource requests/limits for the webhook pods | `{}` | +| `webhook.nodeSelector` | Node labels for webhook pod assignment | `{}` | +| `webhook.affinity` | Node affinity for webhook pod assignment | `{}` | +| `webhook.tolerations` | Node tolerations for webhook pod assignment | `[]` | +| `webhook.image.repository` | Webhook image repository | `quay.io/jetstack/cert-manager-webhook` | +| `webhook.image.tag` | Webhook image tag | `v1.7.3` | +| `webhook.image.pullPolicy` | Webhook image pull policy | `IfNotPresent` | +| `webhook.securePort` | The port that the webhook should listen on for requests. | `10250` | +| `webhook.securityContext` | Security context for webhook pod assignment | `{}` | +| `webhook.containerSecurityContext` | Security context to be set on the webhook component container | `{}` | +| `webhook.hostNetwork` | If `true`, run the Webhook on the host network. | `false` | +| `webhook.serviceType` | The type of the `Service`. | `ClusterIP` | +| `webhook.loadBalancerIP` | The specific load balancer IP to use (when `serviceType` is `LoadBalancer`). | | +| `webhook.url.host` | The host to use to reach the webhook, instead of using internal cluster DNS for the service. | | +| `webhook.livenessProbe.failureThreshold` | The liveness probe failure threshold | `3` | +| `webhook.livenessProbe.initialDelaySeconds` | The liveness probe initial delay (in seconds) | `60` | +| `webhook.livenessProbe.periodSeconds` | The liveness probe period (in seconds) | `10` | +| `webhook.livenessProbe.successThreshold` | The liveness probe success threshold | `1` | +| `webhook.livenessProbe.timeoutSeconds` | The liveness probe timeout (in seconds) | `1` | +| `webhook.readinessProbe.failureThreshold` | The readiness probe failure threshold | `3` | +| `webhook.readinessProbe.initialDelaySeconds` | The readiness probe initial delay (in seconds) | `5` | +| `webhook.readinessProbe.periodSeconds` | The readiness probe period (in seconds) | `5` | +| `webhook.readinessProbe.successThreshold` | The readiness probe success threshold | `1` | +| `webhook.readinessProbe.timeoutSeconds` | The readiness probe timeout (in seconds) | `1` | +| `cainjector.enabled` | Toggles whether the cainjector component should be installed (required for the webhook component to work) | `true` | +| `cainjector.replicaCount` | Number of cert-manager cainjector replicas | `1` | +| `cainjector.podAnnotations` | Annotations to add to the cainjector pods | `{}` | +| `cainjector.podLabels` | Labels to add to the cert-manager cainjector pod | `{}` | +| `cainjector.deploymentAnnotations` | Annotations to add to the cainjector deployment | `{}` | +| `cainjector.extraArgs` | Optional flags for cert-manager cainjector component | `[]` | +| `cainjector.serviceAccount.create` | If `true`, create a new service account for the cainjector component | `true` | +| `cainjector.serviceAccount.name` | Service account for the cainjector component to be used. If not set and `cainjector.serviceAccount.create` is `true`, a name is generated using the fullname template | | +| `cainjector.serviceAccount.annotations` | Annotations to add to the service account for the cainjector component | | +| `cainjector.serviceAccount.automountServiceAccountToken` | Automount API credentials for the cainjector Service Account | `true` | +| `cainjector.resources` | CPU/memory resource requests/limits for the cainjector pods | `{}` | +| `cainjector.nodeSelector` | Node labels for cainjector pod assignment | `{}` | +| `cainjector.affinity` | Node affinity for cainjector pod assignment | `{}` | +| `cainjector.tolerations` | Node tolerations for cainjector pod assignment | `[]` | +| `cainjector.image.repository` | cainjector image repository | `quay.io/jetstack/cert-manager-cainjector` | +| `cainjector.image.tag` | cainjector image tag | `v1.7.3` | +| `cainjector.image.pullPolicy` | cainjector image pull policy | `IfNotPresent` | +| `cainjector.securityContext` | Security context for cainjector pod assignment | `{}` | +| `cainjector.containerSecurityContext` | Security context to be set on cainjector component container | `{}` | +| `startupapicheck.enabled` | Toggles whether the startupapicheck Job should be installed | `true` | +| `startupapicheck.securityContext` | Pod Security Context to be set on the startupapicheck component Pod | `{}` | +| `startupapicheck.timeout` | Timeout for 'kubectl check api' command | `1m` | +| `startupapicheck.backoffLimit` | Job backoffLimit | `4` | +| `startupapicheck.jobAnnotations` | Optional additional annotations to add to the startupapicheck Job | `{}` | +| `startupapicheck.podAnnotations` | Optional additional annotations to add to the startupapicheck Pods | `{}` | +| `startupapicheck.extraArgs` | Optional additional arguments for startupapicheck | `[]` | +| `startupapicheck.resources` | CPU/memory resource requests/limits for the startupapicheck pod | `{}` | +| `startupapicheck.nodeSelector` | Node labels for startupapicheck pod assignment | `{}` | +| `startupapicheck.affinity` | Node affinity for startupapicheck pod assignment | `{}` | +| `startupapicheck.tolerations` | Node tolerations for startupapicheck pod assignment | `[]` | +| `startupapicheck.podLabels` | Optional additional labels to add to the startupapicheck Pods | `{}` | +| `startupapicheck.image.repository` | startupapicheck image repository | `quay.io/jetstack/cert-manager-ctl` | +| `startupapicheck.image.tag` | startupapicheck image tag | `v1.7.3` | +| `startupapicheck.image.pullPolicy` | startupapicheck image pull policy | `IfNotPresent` | +| `startupapicheck.serviceAccount.create` | If `true`, create a new service account for the startupapicheck component | `true` | +| `startupapicheck.serviceAccount.name` | Service account for the startupapicheck component to be used. If not set and `startupapicheck.serviceAccount.create` is `true`, a name is generated using the fullname template | | +| `startupapicheck.serviceAccount.annotations` | Annotations to add to the service account for the startupapicheck component | | +| `startupapicheck.serviceAccount.automountServiceAccountToken` | Automount API credentials for the startupapicheck Service Account | `true` | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +$ helm install my-release -f values.yaml . +``` +> **Tip**: You can use the default [values.yaml](https://github.com/jetstack/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml) + +## Contributing + +This chart is maintained at [github.com/jetstack/cert-manager](https://github.com/jetstack/cert-manager/tree/master/deploy/charts/cert-manager). diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml similarity index 90% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml rename to config-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml index 4c016c7ee2..4b6c418a91 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/crds/cert-manager-crds.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml @@ -12,35 +12,53 @@ # See the License for the specific language governing permissions and # limitations under the License. -# Source: cert-manager/templates/crds.yaml +--- +# Source: cert-manager/templates/templates.out apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: - name: clusterissuers.cert-manager.io + name: certificaterequests.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' labels: app: 'cert-manager' app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.15.0" + app.kubernetes.io/version: "v1.7.3" spec: group: cert-manager.io names: - kind: ClusterIssuer - listKind: ClusterIssuerList - plural: clusterissuers - singular: clusterissuer + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest categories: - cert-manager - scope: Cluster + scope: Namespaced versions: - name: v1 subresources: status: {} additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string - jsonPath: .status.conditions[?(@.type=="Ready")].status name: Ready type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string - jsonPath: .status.conditions[?(@.type=="Ready")].message name: Status priority: 1 @@ -51,7 +69,7 @@ spec: type: date schema: openAPIV3Schema: - description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." type: object required: - spec @@ -65,1155 +83,279 @@ spec: metadata: type: object spec: - description: Desired state of the ClusterIssuer resource. + description: Desired state of the CertificateRequest resource. type: object + required: + - issuerRef + - request properties: - acme: - description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: object + additionalProperties: + type: array + items: + type: string + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. type: object required: - - privateKeySecretRef - - server + - name properties: - caBundle: - description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. - type: string - format: byte - disableAccountKeyGeneration: - description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. - type: boolean - email: - description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + group: + description: Group of the resource being referred to. type: string - enableDurationFeature: - description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. - type: boolean - externalAccountBinding: - description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. - type: object - required: - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - preferredChain: - description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + kind: + description: Kind of the resource being referred to. type: string - maxLength: 64 - privateKeySecretRef: - description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - server: - description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + name: + description: Name of the resource being referred to. type: string - skipTLSVerify: - description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' - type: boolean - solvers: - description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' - type: array - items: - description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. - type: object - properties: - dns01: - description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientSecretSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: if both this and ClientSecret are left unset MSI will be used - type: string - clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - rfc2136: - description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - accessKeyIDSecretRef: - description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - webhook: - description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. - type: object - additionalProperties: - type: string - parentRefs: - description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' - type: array - items: - description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." - type: object - required: - - name - properties: - group: - description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" - type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" - type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: "Name is the name of the referent. \n Support: Core" - type: string - maxLength: 253 - minLength: 1 - namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" - type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" - type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. - type: string - ingressTemplate: - description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - x-kubernetes-map-type: atomic - x-kubernetes-map-type: atomic - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . - type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. - type: object - additionalProperties: - type: string + request: + description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. + type: string + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: Status of the CertificateRequest. This is set and managed automatically. + type: object + properties: ca: - description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. - type: object - required: - - secretName - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. - type: array - items: + description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. + type: string + format: byte + certificate: + description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. + type: string + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. type: string - ocspServers: - description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. type: string - secretName: - description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. - type: string - selfSigned: - description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. - type: array - items: + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). type: string - vault: - description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true +--- +# Source: cert-manager/templates/templates.out +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.7.3" +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Certificate resource. + type: object + required: + - issuerRef + - secretName + properties: + additionalOutputFormats: + description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' + type: string + dnsNames: + description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. + type: array + items: + type: string + duration: + description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + emailAddresses: + description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. + type: array + items: + type: string + encodeUsagesInRequest: + description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest + type: boolean + ipAddresses: + description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. + type: array + items: + type: string + isCA: + description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. + type: boolean + issuerRef: + description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. type: object required: - - auth - - path - - server + - name properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' - type: string - roleId: - description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. - type: string - secretRef: - description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - kubernetes: - description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - caBundle: - description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. - type: string - format: byte - caBundleSecretRef: - description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + group: + description: Group of the resource being referred to. type: string - path: - description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + kind: + description: Kind of the resource being referred to. type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + name: + description: Name of the resource being referred to. type: string - venafi: - description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + keystores: + description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. type: object - required: - - zone properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. type: object required: - - apiTokenSecretRef + - create + - passwordSecretRef properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. type: object required: - name @@ -1224,54 +366,161 @@ spec: name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - url: - description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. type: object required: - - credentialsRef - - url + - create + - passwordSecretRef properties: - caBundle: - description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. type: object required: - name properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - url: - description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. - type: string - status: - description: Status of the ClusterIssuer. This is set and managed automatically. - type: object - properties: - acme: - description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + privateKey: + description: Options to control private keys used for the Certificate. type: object properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + algorithm: + description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. type: string - uri: - description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. + type: string + size: + description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. + type: integer + renewBefore: + description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration + type: string + revisionHistoryLimit: + description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. + type: integer + format: int32 + secretName: + description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. + type: string + secretTemplate: + description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. + type: object + properties: + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: URIs is a list of URI subjectAltNames to be set on the Certificate. + type: array + items: + type: string + usages: + description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. + type: array + items: + description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: Status of the Certificate. This is set and managed automatically. + type: object + properties: conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. type: array items: - description: IssuerCondition contains condition information for an Issuer. + description: CertificateCondition contains condition information for an Certificate. type: object required: - status @@ -1285,7 +534,7 @@ spec: description: Message is a human readable description of the details of the last transition, complementing reason. type: string observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. type: integer format: int64 reason: @@ -1299,25 +548,46 @@ spec: - "False" - Unknown type: - description: Type of the condition, known values are (`Ready`). + description: Type of the condition, known values are (`Ready`, `Issuing`). type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map + lastFailureTime: + description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. + type: string + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. + type: string + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer served: true storage: true --- -# Source: cert-manager/templates/crds.yaml +# Source: cert-manager/templates/templates.out apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: challenges.acme.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' labels: app: 'cert-manager' app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.15.0" + app.kubernetes.io/version: "v1.7.3" spec: group: acme.cert-manager.io names: @@ -1613,929 +883,1874 @@ spec: nameserver: description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. + type: object + additionalProperties: + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - accessKeyIDSecretRef: - description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - webhook: - description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. + type: string + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. + type: string + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} +--- +# Source: cert-manager/templates/templates.out +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusterissuers.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels + app.kubernetes.io/version: "v1.7.3" +spec: + group: cert-manager.io + names: + kind: ClusterIssuer + listKind: ClusterIssuerList + plural: clusterissuers + singular: clusterissuer + categories: + - cert-manager + scope: Cluster + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the ClusterIssuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. type: object required: - - groupName - - solverName + - name properties: - config: - description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. type: string - solverName: - description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - http01: - description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. type: object + required: + - name properties: - gatewayHTTPRoute: - description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. - type: object - additionalProperties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: if both this and ClientSecret are left unset MSI will be used + type: string + clientSecretSecretRef: + description: if both this and ClientID are left unset MSI will be used + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: when specifying ClientID and ClientSecret then this field is also needed + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. type: string - parentRefs: - description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' - type: array - items: - description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. type: object required: - - name + - groupName + - solverName properties: - group: - description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: "Name is the name of the referent. \n Support: Core" + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. + type: object + additionalProperties: + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string - maxLength: 253 - minLength: 1 - namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. - type: string - ingressTemplate: - description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. type: object - required: - - preference - - weight properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. type: object - required: - - key - - operator properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + matchExpressions: + description: A list of node selector requirements by node's labels. type: array items: - type: string - x-kubernetes-map-type: atomic - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. type: object + required: + - nodeSelectorTerms properties: - matchExpressions: - description: A list of node selector requirements by node's labels. + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. type: array items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. type: object - required: - - key - - operator properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + matchExpressions: + description: A list of node selector requirements by node's labels. type: array items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. type: array items: - type: string - x-kubernetes-map-type: atomic - x-kubernetes-map-type: atomic - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). type: object - required: - - podAffinityTerm - - weight properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). type: object - required: - - podAffinityTerm - - weight properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - x-kubernetes-map-type: atomic - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object - required: - - key - - operator properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. type: array items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string - x-kubernetes-map-type: atomic - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . - type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + serviceAccountName: + description: If specified, the pod's service account type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. type: object properties: - dnsNames: - description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. type: object - additionalProperties: - type: string - token: - description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. - type: string - type: - description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". - type: string - enum: - - HTTP-01 - - DNS-01 - url: - description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. - type: string - wildcard: - description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. - type: boolean - status: - type: object - properties: - presented: - description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). - type: boolean - processing: - description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. - type: boolean - reason: - description: Contains human readable information on why the Challenge is in the current state. - type: string - state: - description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - served: true - storage: true - subresources: - status: {} ---- -# Source: cert-manager/templates/crds.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificaterequests.cert-manager.io - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.15.0" -spec: - group: cert-manager.io - names: - kind: CertificateRequest - listKind: CertificateRequestList - plural: certificaterequests - shortNames: - - cr - - crs - singular: certificaterequest - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Approved")].status - name: Approved - type: string - - jsonPath: .status.conditions[?(@.type=="Denied")].status - name: Denied - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - type: string - - jsonPath: .spec.username - name: Requestor - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the CertificateRequest resource. - type: object - required: - - issuerRef - - request - properties: - duration: - description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. - type: string - extra: - description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: object - additionalProperties: - type: array - items: + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + - secretRef + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string - groups: - description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: array - items: - type: string - x-kubernetes-list-type: atomic - isCA: - description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. + format: byte + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. type: object required: - - name + - zone properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. type: string - request: - description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. - type: string - format: byte - uid: - description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: string - usages: - description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. - type: array - items: - description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - username: - description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: string status: - description: Status of the CertificateRequest. This is set and managed automatically. + description: Status of the ClusterIssuer. This is set and managed automatically. type: object properties: - ca: - description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. - type: string - format: byte - certificate: - description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. - type: string - format: byte + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. type: array items: - description: CertificateRequestCondition contains condition information for a CertificateRequest. + description: IssuerCondition contains condition information for an Issuer. type: object required: - status @@ -2548,6 +2763,10 @@ spec: message: description: Message is a human readable description of the details of the last transition, complementing reason. type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 reason: description: Reason is a brief machine readable explanation for the condition's last transition. type: string @@ -2559,29 +2778,24 @@ spec: - "False" - Unknown type: - description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + description: Type of the condition, known values are (`Ready`). type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - failureTime: - description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. - type: string - format: date-time served: true storage: true --- -# Source: cert-manager/templates/crds.yaml +# Source: cert-manager/templates/templates.out apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: issuers.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' labels: app: 'cert-manager' app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.15.0" + app.kubernetes.io/version: "v1.7.3" spec: group: cert-manager.io names: @@ -2634,10 +2848,6 @@ spec: - privateKeySecretRef - server properties: - caBundle: - description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. - type: string - format: byte disableAccountKeyGeneration: description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. type: boolean @@ -2696,7 +2906,7 @@ spec: description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' type: string skipTLSVerify: - description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. type: boolean solvers: description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' @@ -2941,20 +3151,8 @@ spec: - region properties: accessKeyID: - description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' type: string - accessKeyIDSecretRef: - description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string hostedZoneID: description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. type: string @@ -2965,7 +3163,7 @@ spec: description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata type: string secretAccessKeySecretRef: - description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials type: object required: - name @@ -3001,55 +3199,10 @@ spec: type: object properties: labels: - description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. type: object additionalProperties: type: string - parentRefs: - description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' - type: array - items: - description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). The only kind of parent resource with \"Core\" support is Gateway. This API may be extended in the future to support additional kinds of parent resources, such as HTTPRoute. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." - type: object - required: - - name - properties: - group: - description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" - type: string - default: gateway.networking.k8s.io - maxLength: 253 - pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ - kind: - description: "Kind is kind of the referent. \n Support: Core (Gateway) \n Support: Implementation-specific (Other Resources)" - type: string - default: Gateway - maxLength: 63 - minLength: 1 - pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ - name: - description: "Name is the name of the referent. \n Support: Core" - type: string - maxLength: 253 - minLength: 1 - namespace: - description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n Support: Core" - type: string - maxLength: 63 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ - port: - description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " - type: integer - format: int32 - maximum: 65535 - minimum: 1 - sectionName: - description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" - type: string - maxLength: 253 - minLength: 1 - pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ serviceType: description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. type: string @@ -3167,7 +3320,6 @@ spec: type: array items: type: string - x-kubernetes-map-type: atomic weight: description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. type: integer @@ -3227,8 +3379,6 @@ spec: type: array items: type: string - x-kubernetes-map-type: atomic - x-kubernetes-map-type: atomic podAffinity: description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). type: object @@ -3279,9 +3429,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object properties: matchExpressions: @@ -3310,9 +3459,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" type: array items: type: string @@ -3362,9 +3510,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object properties: matchExpressions: @@ -3393,9 +3540,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" type: array items: type: string @@ -3452,9 +3598,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object properties: matchExpressions: @@ -3483,9 +3628,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" type: array items: type: string @@ -3535,9 +3679,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. type: object properties: matchExpressions: @@ -3566,9 +3709,8 @@ spec: type: object additionalProperties: type: string - x-kubernetes-map-type: atomic namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" type: array items: type: string @@ -3642,372 +3784,125 @@ spec: type: array items: type: string - ocspServers: - description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. - type: string - selfSigned: - description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. - type: array - items: - type: string - vault: - description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. - type: object - required: - - auth - - path - - server - properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' - type: string - roleId: - description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. - type: string - secretRef: - description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - kubernetes: - description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - caBundle: - description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. - type: string - format: byte - caBundleSecretRef: - description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - namespace: - description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' - type: string - path: - description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' - type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. type: string - venafi: - description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. type: object required: - - zone + - auth + - path + - server properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + auth: + description: Auth configures how cert-manager authenticates with the Vault server. type: object - required: - - apiTokenSecretRef properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. type: object required: - - name + - path + - roleId + - secretRef properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. type: string - url: - description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. type: object required: - - name + - role + - secretRef properties: - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - url: - description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. - type: string - status: - description: Status of the Issuer. This is set and managed automatically. - type: object - properties: - acme: - description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. - type: object - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also be used to retrieve account details from the CA - type: string - conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. - type: array - items: - description: IssuerCondition contains condition information for an Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details of the last transition, complementing reason. - type: string - observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. - type: integer - format: int64 - reason: - description: Reason is a brief machine readable explanation for the condition's last transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`). - type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - served: true - storage: true ---- -# Source: cert-manager/templates/crds.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.cert-manager.io - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.15.0" -spec: - group: cert-manager.io - names: - kind: Certificate - listKind: CertificateList - plural: certificates - shortNames: - - cert - - certs - singular: certificate - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.secretName - name: Secret - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the Certificate resource. - type: object - required: - - issuerRef - - secretName - properties: - additionalOutputFormats: - description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. - type: array - items: - description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. - type: object - required: - - type - properties: - type: - description: Type is the name of the format type that should be written to the Certificate's target Secret. - type: string - enum: - - DER - - CombinedPEM - commonName: - description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' - type: string - dnsNames: - description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. - type: array - items: - type: string - duration: - description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration - type: string - emailAddresses: - description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. - type: array - items: - type: string - encodeUsagesInRequest: - description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest - type: boolean - ipAddresses: - description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. - type: array - items: - type: string - isCA: - description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. type: string - kind: - description: Kind of the resource being referred to. + format: byte + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' type: string - name: - description: Name of the resource being referred to. + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' type: string - keystores: - description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. type: object + required: + - zone properties: - jks: - description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. type: object required: - - create - - passwordSecretRef + - apiTokenSecretRef properties: - create: - description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority - type: boolean - passwordSecretRef: - description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. type: object required: - name @@ -4018,167 +3913,54 @@ spec: name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - pkcs12: - description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. type: object required: - - create - - passwordSecretRef + - credentialsRef + - url properties: - create: - description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority - type: boolean - passwordSecretRef: - description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. + caBundle: + description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. type: object required: - name properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string name: description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - literalSubject: - description: LiteralSubject is an LDAP formatted string that represents the [X.509 Subject field](https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6). Use this *instead* of the Subject field if you need to ensure the correct ordering of the RDN sequence, such as when issuing certs for LDAP authentication. See https://github.com/cert-manager/cert-manager/issues/3203, https://github.com/cert-manager/cert-manager/issues/4424. This field is alpha level and is only supported by cert-manager installations where LiteralCertificateSubject feature gate is enabled on both cert-manager controller and webhook. - type: string - privateKey: - description: Options to control private keys used for the Certificate. - type: object - properties: - algorithm: - description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. - type: string - enum: - - RSA - - ECDSA - - Ed25519 - encoding: - description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. - type: string - enum: - - PKCS1 - - PKCS8 - rotationPolicy: - description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. - type: string - enum: - - Never - - Always - size: - description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. - type: integer - renewBefore: - description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration - type: string - revisionHistoryLimit: - description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. - type: integer - format: int32 - secretName: - description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. - type: string - secretTemplate: - description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. - type: object - properties: - annotations: - description: Annotations is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - labels: - description: Labels is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - subject: - description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - type: object - properties: - countries: - description: Countries to be used on the Certificate. - type: array - items: - type: string - localities: - description: Cities to be used on the Certificate. - type: array - items: - type: string - organizationalUnits: - description: Organizational Units to be used on the Certificate. - type: array - items: - type: string - organizations: - description: Organizations to be used on the Certificate. - type: array - items: - type: string - postalCodes: - description: Postal codes to be used on the Certificate. - type: array - items: - type: string - provinces: - description: State/Provinces to be used on the Certificate. - type: array - items: - type: string - serialNumber: - description: Serial number to be used on the Certificate. + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. type: string - streetAddresses: - description: Street addresses to be used on the Certificate. - type: array - items: - type: string - uris: - description: URIs is a list of URI subjectAltNames to be set on the Certificate. - type: array - items: - type: string - usages: - description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. - type: array - items: - description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc status: - description: Status of the Certificate. This is set and managed automatically. + description: Status of the Issuer. This is set and managed automatically. type: object properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string conditions: - description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. type: array items: - description: CertificateCondition contains condition information for an Certificate. + description: IssuerCondition contains condition information for an Issuer. type: object required: - status @@ -4192,7 +3974,7 @@ spec: description: Message is a human readable description of the details of the last transition, complementing reason. type: string observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. type: integer format: int64 reason: @@ -4206,50 +3988,24 @@ spec: - "False" - Unknown type: - description: Type of the condition, known values are (`Ready`, `Issuing`). + description: Type of the condition, known values are (`Ready`). type: string - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - failedIssuanceAttempts: - description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). - type: integer - lastFailureTime: - description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. - type: string - format: date-time - nextPrivateKeySecretName: - description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. - type: string - notAfter: - description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. - type: string - format: date-time - notBefore: - description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. - type: string - format: date-time - renewalTime: - description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. - type: string - format: date-time - revision: - description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." - type: integer served: true storage: true --- -# Source: cert-manager/templates/crds.yaml +# Source: cert-manager/templates/templates.out apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: name: orders.acme.cert-manager.io + annotations: + cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' labels: app: 'cert-manager' app.kubernetes.io/name: 'cert-manager' app.kubernetes.io/instance: 'cert-manager' # Generated labels - app.kubernetes.io/version: "v1.15.0" + app.kubernetes.io/version: "v1.7.3" spec: group: acme.cert-manager.io names: diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt new file mode 100644 index 0000000000..1025354604 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt @@ -0,0 +1,15 @@ +cert-manager {{ .Chart.AppVersion }} has been deployed successfully! + +In order to begin issuing certificates, you will need to set up a ClusterIssuer +or Issuer resource (for example, by creating a 'letsencrypt-staging' issuer). + +More information on the different types of issuers and how to configure them +can be found in our documentation: + +https://cert-manager.io/docs/configuration/ + +For information on how to configure cert-manager to automatically provision +Certificates for Ingress resources, take a look at the `ingress-shim` +documentation: + +https://cert-manager.io/docs/usage/ingress/ diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl index c3b5dfbae6..2b6ee7f6b2 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl @@ -1,8 +1,159 @@ -{{- define "name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} \ No newline at end of file +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "cert-manager.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "cert-manager.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cert-manager.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "cert-manager.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Webhook templates +*/}} + +{{/* +Expand the name of the chart. +Manually fix the 'app' and 'name' labels to 'webhook' to maintain +compatibility with the v0.9 deployment selector. +*/}} +{{- define "webhook.name" -}} +{{- printf "webhook" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "webhook.fullname" -}} +{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 55 | trimSuffix "-" -}} +{{- printf "%s-webhook" $trimmedName | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "webhook.caRef" -}} +{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "webhook.serviceAccountName" -}} +{{- if .Values.webhook.serviceAccount.create -}} + {{ default (include "webhook.fullname" .) .Values.webhook.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.webhook.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +cainjector templates +*/}} + +{{/* +Expand the name of the chart. +Manually fix the 'app' and 'name' labels to 'cainjector' to maintain +compatibility with the v0.9 deployment selector. +*/}} +{{- define "cainjector.name" -}} +{{- printf "cainjector" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "cainjector.fullname" -}} +{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}} +{{- printf "%s-cainjector" $trimmedName | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cainjector.serviceAccountName" -}} +{{- if .Values.cainjector.serviceAccount.create -}} + {{ default (include "cainjector.fullname" .) .Values.cainjector.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.cainjector.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +startupapicheck templates +*/}} + +{{/* +Expand the name of the chart. +Manually fix the 'app' and 'name' labels to 'startupapicheck' to maintain +compatibility with the v0.9 deployment selector. +*/}} +{{- define "startupapicheck.name" -}} +{{- printf "startupapicheck" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "startupapicheck.fullname" -}} +{{- $trimmedName := printf "%s" (include "cert-manager.fullname" .) | trunc 52 | trimSuffix "-" -}} +{{- printf "%s-startupapicheck" $trimmedName | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "startupapicheck.serviceAccountName" -}} +{{- if .Values.startupapicheck.serviceAccount.create -}} + {{ default (include "startupapicheck.fullname" .) .Values.startupapicheck.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.startupapicheck.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "chartName" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Labels that should be added on each resource +*/}} +{{- define "labels" -}} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- if eq (default "helm" .Values.creator) "helm" }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +helm.sh/chart: {{ include "chartName" . }} +{{- end -}} +{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml new file mode 100644 index 0000000000..b617527bd4 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml @@ -0,0 +1,102 @@ +{{- if .Values.cainjector.enabled }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "cainjector.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} + {{- with .Values.cainjector.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.cainjector.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- with .Values.cainjector.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + template: + metadata: + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 8 }} + {{- with .Values.cainjector.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.cainjector.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "cainjector.serviceAccountName" . }} + {{- with .Values.global.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- with .Values.cainjector.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + {{- with .Values.cainjector.image }} + image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.cainjector.image.pullPolicy }} + args: + {{- if .Values.global.logLevel }} + - --v={{ .Values.global.logLevel }} + {{- end }} + {{- with .Values.global.leaderElection }} + - --leader-election-namespace={{ .namespace }} + {{- if .leaseDuration }} + - --leader-election-lease-duration={{ .leaseDuration }} + {{- end }} + {{- if .renewDeadline }} + - --leader-election-renew-deadline={{ .renewDeadline }} + {{- end }} + {{- if .retryPeriod }} + - --leader-election-retry-period={{ .retryPeriod }} + {{- end }} + {{- end }} + {{- with .Values.cainjector.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- with .Values.cainjector.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.cainjector.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.cainjector.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.cainjector.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.cainjector.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml new file mode 100644 index 0000000000..b75b9eb6f0 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml @@ -0,0 +1,20 @@ +{{- if .Values.cainjector.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "cainjector.fullname" . }}-psp + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "cainjector.fullname" . }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml new file mode 100644 index 0000000000..b287802fd5 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml @@ -0,0 +1,22 @@ +{{- if .Values.cainjector.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cainjector.fullname" . }}-psp + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cainjector.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "cainjector.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml new file mode 100644 index 0000000000..24f01da5d2 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml @@ -0,0 +1,51 @@ +{{- if .Values.cainjector.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "cainjector.fullname" . }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + {{- if .Values.global.podSecurityPolicy.useAppArmor }} + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' + {{- end }} +spec: + privileged: false + allowPrivilegeEscalation: false + allowedCapabilities: [] # default set of capabilities are implicitly allowed + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml new file mode 100644 index 0000000000..922d702abf --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml @@ -0,0 +1,114 @@ +{{- if .Values.cainjector.enabled }} +{{- if .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cainjector.fullname" . }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["get", "create", "update", "patch"] + - apiGroups: ["admissionregistration.k8s.io"] + resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiregistration.k8s.io"] + resources: ["apiservices"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["auditregistration.k8s.io"] + resources: ["auditsinks"] + verbs: ["get", "list", "watch", "update"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cainjector.fullname" . }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cainjector.fullname" . }} +subjects: + - name: {{ template "cainjector.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- +# leader election rules +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "cainjector.fullname" . }}:leaderelection + namespace: {{ .Values.global.leaderElection.namespace }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +rules: + # Used for leader election by the controller + # cert-manager-cainjector-leader-election is used by the CertificateBased injector controller + # see cmd/cainjector/start.go#L113 + # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller + # see cmd/cainjector/start.go#L137 + # See also: https://github.com/kubernetes-sigs/controller-runtime/pull/1144#discussion_r480173688 + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] + verbs: ["get", "update", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] + +--- + +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "cainjector.fullname" . }}:leaderelection + namespace: {{ .Values.global.leaderElection.namespace }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "cainjector.fullname" . }}:leaderelection +subjects: + - kind: ServiceAccount + name: {{ template "cainjector.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml new file mode 100644 index 0000000000..683ec1d866 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml @@ -0,0 +1,24 @@ +{{- if .Values.cainjector.enabled }} +{{- if .Values.cainjector.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.cainjector.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "cainjector.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + {{- with .Values.cainjector.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +{{- with .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml index b0d2a814ba..aa24f1e723 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml @@ -1,37 +1,37 @@ -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} -apiVersion: cert-manager.io/v1alpha1 -{{- else }} apiVersion: cert-manager.io/v1 -{{- end }} kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.stage.name }} spec: acme: + # The ACME server URL + server: {{ .Values.clusterIssuer.stage.acme.server }} + # Email address used for ACME registration email: {{ .Values.clusterIssuer.stage.acme.email }} + # Name of a secret used to store the ACME account private key privateKeySecretRef: - name: {{ .Values.clusterIssuer.stage.name }} - server: {{ .Values.clusterIssuer.stage.acme.server }} + name: {{ .Values.clusterIssuer.stage.acme.secretName }} + # Enable the HTTP-01 challenge provider solvers: - http01: ingress: - class: nginx + class: nginx --- -{{- if .Capabilities.APIVersions.Has "cert-manager.io/v1alpha1" }} -apiVersion: cert-manager.io/v1alpha1 -{{- else }} apiVersion: cert-manager.io/v1 -{{- end }} kind: ClusterIssuer metadata: name: {{ .Values.clusterIssuer.prod.name }} spec: acme: - email: {{ .Values.clusterIssuer.stage.acme.email }} + # The ACME server URL + server: {{ .Values.clusterIssuer.prod.acme.server }} + # Email address used for ACME registration + email: {{ .Values.clusterIssuer.prod.acme.email }} + # Name of a secret used to store the ACME account private key privateKeySecretRef: - name: {{ .Values.clusterIssuer.prod.name }} - server: {{ .Values.clusterIssuer.prod.acme.server }} + name: {{ .Values.clusterIssuer.prod.acme.secretName }} + # Enable the HTTP-01 challenge provider solvers: - http01: ingress: - class: nginx + class: nginx \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml deleted file mode 100644 index 0651b12e8c..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrole.yaml +++ /dev/null @@ -1,249 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-cainjector - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["get", "create", "update", "patch"] - - apiGroups: ["admissionregistration.k8s.io"] - resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["apiregistration.k8s.io"] - resources: ["apiservices"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["apiextensions.k8s.io"] - resources: ["customresourcedefinitions"] - verbs: ["get", "list", "watch", "update"] ---- -# Issuer controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-issuers - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["issuers", "issuers/status"] - verbs: ["update"] - - apiGroups: ["cert-manager.io"] - resources: ["issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -# ClusterIssuer controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-clusterissuers - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers", "clusterissuers/status"] - verbs: ["update"] - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -# Certificates controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-certificates - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] - verbs: ["update"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["cert-manager.io"] - resources: ["certificates/finalizers", "certificaterequests/finalizers"] - verbs: ["update"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders"] - verbs: ["create", "delete", "get", "list", "watch"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch", "create", "update", "delete"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -# Orders controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-orders - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders", "orders/status"] - verbs: ["update"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders", "challenges"] - verbs: ["get", "list", "watch"] - - apiGroups: ["cert-manager.io"] - resources: ["clusterissuers", "issuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges"] - verbs: ["create", "delete"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["acme.cert-manager.io"] - resources: ["orders/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -# Challenges controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-challenges - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - # Use to update challenge resource status - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges", "challenges/status"] - verbs: ["update"] - # Used to watch challenge resources - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges"] - verbs: ["get", "list", "watch"] - # Used to watch challenges, issuer and clusterissuer resources - - apiGroups: ["cert-manager.io"] - resources: ["issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - # Need to be able to retrieve ACME account private key to complete challenges - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] - # Used to create events - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] - # HTTP01 rules - - apiGroups: [""] - resources: ["pods", "services"] - verbs: ["get", "list", "watch", "create", "delete"] - - apiGroups: ["extensions"] - resources: ["ingresses"] - verbs: ["get", "list", "watch", "create", "delete", "update"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["acme.cert-manager.io"] - resources: ["challenges/finalizers"] - verbs: ["update"] - # DNS01 rules (duplicated above) - - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list", "watch"] ---- -# ingress-shim controller role -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-controller-ingress-shim - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests"] - verbs: ["create", "update", "delete"] - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] - verbs: ["get", "list", "watch"] - - apiGroups: ["extensions"] - resources: ["ingresses"] - verbs: ["get", "list", "watch"] - # We require these rules to support users with the OwnerReferencesPermissionEnforcement - # admission controller enabled: - # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement - - apiGroups: ["extensions"] - resources: ["ingresses/finalizers"] - verbs: ["update"] - - apiGroups: [""] - resources: ["events"] - verbs: ["create", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-view - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} - rbac.authorization.k8s.io/aggregate-to-view: "true" - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ template "name" . }}-edit - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} - rbac.authorization.k8s.io/aggregate-to-edit: "true" - rbac.authorization.k8s.io/aggregate-to-admin: "true" -rules: - - apiGroups: ["cert-manager.io"] - resources: ["certificates", "certificaterequests", "issuers"] - verbs: ["create", "delete", "deletecollection", "patch", "update"] ---- \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml deleted file mode 100644 index 3f4b6e6bd5..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,119 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-cainjector - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-cainjector -subjects: - - name: {{ template "name" . }}-cainjector - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-issuers - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-issuers -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-clusterissuers - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-clusterissuers -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-certificates - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-certificates -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-orders - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-orders -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-challenges - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-challenges -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ template "name" . }}-controller-ingress-shim - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "name" . }}-controller-ingress-shim -subjects: - - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} - kind: ServiceAccount ---- \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml index 5eecb28cc6..f72fc57c35 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml @@ -1,95 +1,169 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} + name: {{ template "cert-manager.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} + app: {{ template "cert-manager.name" . }} + app.kubernetes.io/name: {{ template "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + {{- with .Values.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} + app.kubernetes.io/name: {{ template "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- with .Values.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} template: metadata: labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} + app: {{ template "cert-manager.name" . }} + app.kubernetes.io/name: {{ template "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 8 }} + {{- with .Values.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podAnnotations }} annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if and .Values.prometheus.enabled (not .Values.prometheus.servicemonitor.enabled) }} + {{- if not .Values.podAnnotations }} + annotations: + {{- end }} prometheus.io/path: "/metrics" prometheus.io/scrape: 'true' prometheus.io/port: '9402' + {{- end }} spec: - serviceAccountName: {{ template "name" . }} + serviceAccountName: {{ template "cert-manager.serviceAccountName" . }} + {{- with .Values.global.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- $enabledDefined := gt (len (keys (pick .Values.securityContext "enabled"))) 0 }} + {{- $legacyEnabledExplicitlyOff := and $enabledDefined (not .Values.securityContext.enabled) }} + {{- if and .Values.securityContext (not $legacyEnabledExplicitlyOff) }} + securityContext: + {{- if .Values.securityContext.enabled }} + {{/* support legacy securityContext.enabled and its two parameters */}} + fsGroup: {{ default 1001 .Values.securityContext.fsGroup }} + runAsUser: {{ default 1001 .Values.securityContext.runAsUser }} + {{- else }} + {{/* this is the way forward: support an arbitrary yaml block */}} + {{- toYaml .Values.securityContext | nindent 8 }} + {{- end }} + {{- end }} + {{- with .Values.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - - name: {{ template "name" . }} - image: {{ .Values.image.repository }}:{{ .Values.image.tag }} - #image: "quay.io/jetstack/cert-manager-controller:v0.13.1" + - name: {{ .Chart.Name }} + {{- with .Values.image }} + image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" + {{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} args: - - --v=2 + {{- if .Values.global.logLevel }} + - --v={{ .Values.global.logLevel }} + {{- end }} + {{- if .Values.clusterResourceNamespace }} + - --cluster-resource-namespace={{ .Values.clusterResourceNamespace }} + {{- else }} - --cluster-resource-namespace=$(POD_NAMESPACE) - - --leader-election-namespace=kube-system - - --webhook-namespace=$(POD_NAMESPACE) - - --webhook-ca-secret=cert-manager-webhook-ca - - --webhook-serving-secret=cert-manager-webhook-tls - - --webhook-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc + {{- end }} + {{- with .Values.global.leaderElection }} + - --leader-election-namespace={{ .namespace }} + {{- if .leaseDuration }} + - --leader-election-lease-duration={{ .leaseDuration }} + {{- end }} + {{- if .renewDeadline }} + - --leader-election-renew-deadline={{ .renewDeadline }} + {{- end }} + {{- if .retryPeriod }} + - --leader-election-retry-period={{ .retryPeriod }} + {{- end }} + {{- end }} + {{- with .Values.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.ingressShim }} + {{- if .defaultIssuerName }} + - --default-issuer-name={{ .defaultIssuerName }} + {{- end }} + {{- if .defaultIssuerKind }} + - --default-issuer-kind={{ .defaultIssuerKind }} + {{- end }} + {{- if .defaultIssuerGroup }} + - --default-issuer-group={{ .defaultIssuerGroup }} + {{- end }} + {{- end }} + {{- if .Values.featureGates }} + - --feature-gates={{ .Values.featureGates }} + {{- end }} ports: - containerPort: 9402 protocol: TCP + {{- with .Values.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace + {{- with .Values.extraEnv }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.http_proxy }} + - name: HTTP_PROXY + value: {{ . }} + {{- end }} + {{- with .Values.https_proxy }} + - name: HTTPS_PROXY + value: {{ . }} + {{- end }} + {{- with .Values.no_proxy }} + - name: NO_PROXY + value: {{ . }} + {{- end }} + {{- with .Values.resources }} resources: - requests: - cpu: 10m - memory: 32Mi ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ template "name" . }}-cainjector - namespace: {{ .Values.namespace }} - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} - template: - metadata: - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} - annotations: - spec: - serviceAccountName: {{ template "name" . }}-cainjector - containers: - - name: {{ template "name" . }} - image: {{ .Values.cainjector.image.repository }}:{{ .Values.cainjector.image.tag }} - imagePullPolicy: {{ .Values.cainjector.image.pullPolicy }} - args: - - --v=2 - - --leader-election-namespace=kube-system - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - {} - ---- \ No newline at end of file + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.podDnsPolicy }} + dnsPolicy: {{ . }} + {{- end }} + {{- with .Values.podDnsConfig }} + dnsConfig: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml new file mode 100644 index 0000000000..1d40a0238c --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml @@ -0,0 +1,18 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "cert-manager.fullname" . }}-psp + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "cert-manager.fullname" . }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml new file mode 100644 index 0000000000..1da89c8d55 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-psp + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml new file mode 100644 index 0000000000..9e99f5c764 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml @@ -0,0 +1,49 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "cert-manager.fullname" . }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + {{- if .Values.global.podSecurityPolicy.useAppArmor }} + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' + {{- end }} +spec: + privileged: false + allowPrivilegeEscalation: false + allowedCapabilities: [] # default set of capabilities are implicitly allowed + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml new file mode 100644 index 0000000000..5e37f0cb1d --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml @@ -0,0 +1,547 @@ +{{- if .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "cert-manager.fullname" . }}:leaderelection + namespace: {{ .Values.global.leaderElection.namespace }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + # Used for leader election by the controller + # See also: https://github.com/kubernetes-sigs/controller-runtime/pull/1144#discussion_r480173688 + - apiGroups: [""] + resources: ["configmaps"] + resourceNames: ["cert-manager-controller"] + verbs: ["get", "update", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + resourceNames: ["cert-manager-controller"] + verbs: ["get", "update", "patch"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create"] + +--- + +# grant cert-manager permission to manage the leaderelection configmap in the +# leader election namespace +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "cert-manager.fullname" . }}:leaderelection + namespace: {{ .Values.global.leaderElection.namespace }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "cert-manager.fullname" . }}:leaderelection +subjects: + - apiGroup: "" + kind: ServiceAccount + name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + +--- + +# Issuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-issuers + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "issuers/status"] + verbs: ["update"] + - apiGroups: ["cert-manager.io"] + resources: ["issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + +--- + +# ClusterIssuer controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "clusterissuers/status"] + verbs: ["update"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + +--- + +# Certificates controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-certificates + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] + verbs: ["update"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["cert-manager.io"] + resources: ["certificates/finalizers", "certificaterequests/finalizers"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders"] + verbs: ["create", "delete", "get", "list", "watch"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch", "create", "update", "delete", "patch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + +--- + +# Orders controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-orders + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "orders/status"] + verbs: ["update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders", "challenges"] + verbs: ["get", "list", "watch"] + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["create", "delete"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["orders/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + +--- + +# Challenges controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-challenges + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + # Use to update challenge resource status + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "challenges/status"] + verbs: ["update"] + # Used to watch challenge resources + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges"] + verbs: ["get", "list", "watch"] + # Used to watch challenges, issuer and clusterissuer resources + - apiGroups: ["cert-manager.io"] + resources: ["issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + # Need to be able to retrieve ACME account private key to complete challenges + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + # Used to create events + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + # HTTP01 rules + - apiGroups: [""] + resources: ["pods", "services"] + verbs: ["get", "list", "watch", "create", "delete"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch", "create", "delete", "update"] + - apiGroups: [ "networking.x-k8s.io" ] + resources: [ "httproutes" ] + verbs: ["get", "list", "watch", "create", "delete", "update"] + # We require the ability to specify a custom hostname when we are creating + # new ingress resources. + # See: https://github.com/openshift/origin/blob/21f191775636f9acadb44fa42beeb4f75b255532/pkg/route/apiserver/admission/ingress_admission.go#L84-L148 + - apiGroups: ["route.openshift.io"] + resources: ["routes/custom-host"] + verbs: ["create"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges/finalizers"] + verbs: ["update"] + # DNS01 rules (duplicated above) + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list", "watch"] + +--- + +# ingress-shim controller role +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests"] + verbs: ["create", "update", "delete"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers", "clusterissuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "list", "watch"] + # We require these rules to support users with the OwnerReferencesPermissionEnforcement + # admission controller enabled: + # https://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/#ownerreferencespermissionenforcement + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses/finalizers"] + verbs: ["update"] + - apiGroups: ["networking.x-k8s.io"] + resources: ["gateways", "httproutes"] + verbs: ["get", "list", "watch"] + - apiGroups: ["networking.x-k8s.io"] + resources: ["gateways/finalizers", "httproutes/finalizers"] + verbs: ["update"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-issuers + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-issuers +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-certificates + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-certificates +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-orders + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-orders +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-challenges + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-challenges +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-view + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["get", "list", "watch"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["get", "list", "watch"] + + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-edit + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-edit: "true" + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates", "certificaterequests", "issuers"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] + - apiGroups: ["acme.cert-manager.io"] + resources: ["challenges", "orders"] + verbs: ["create", "delete", "deletecollection", "patch", "update"] + +--- + +# Permission to approve CertificateRequests referencing cert-manager.io Issuers and ClusterIssuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cert-manager" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["signers"] + verbs: ["approve"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cert-manager" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount + +--- + +# Permission to: +# - Update and sign CertificatSigningeRequests referencing cert-manager.io Issuers and ClusterIssuers +# - Perform SubjectAccessReviews to test whether users are able to reference Namespaced Issuers +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cert-manager" + {{- include "labels" . | nindent 4 }} +rules: + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: ["certificates.k8s.io"] + resources: ["certificatesigningrequests/status"] + verbs: ["update"] + - apiGroups: ["certificates.k8s.io"] + resources: ["signers"] + resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] + verbs: ["sign"] + - apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cert-manager" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests +subjects: + - name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml deleted file mode 100644 index 7848f120bb..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/role.yaml +++ /dev/null @@ -1,34 +0,0 @@ -# leader election rules -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "name" . }}-cainjector:leaderelection - namespace: kube-system - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} -rules: - # Used for leader election by the controller - # TODO: refine the permission to *just* the leader election configmap - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "update", "patch"] ---- -# Source: cert-manager/templates/rbac.yaml -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "name" . }}:leaderelection - namespace: kube-system - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -rules: - # Used for leader election by the controller - # TODO: refine the permission to *just* the leader election configmap - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "create", "update", "patch"] ---- \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml deleted file mode 100644 index d6993a972b..0000000000 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rolebinding.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# leader election namespace -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "name" . }}-cainjector:leaderelection - namespace: kube-system - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: cainjector - app.kubernetes.io/instance: {{ template "name" . }} - app.kubernetes.io/managed-by: Tiller - helm.sh/chart: {{ template "name" . }}-v0.13.1 -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "name" . }}-cainjector:leaderelection -subjects: - - kind: ServiceAccount - name: {{ template "name" . }}-cainjector - namespace: {{ .Values.namespace }} ---- -# leader election namespace -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "name" . }}:leaderelection - namespace: kube-system - labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "name" . }}:leaderelection -subjects: - - apiGroup: "" - kind: ServiceAccount - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} ---- \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml index b19b26abe1..8ad24ca2db 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml @@ -1,18 +1,31 @@ +{{- if .Values.prometheus.enabled }} apiVersion: v1 kind: Service metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} + name: {{ template "cert-manager.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +{{- with .Values.serviceAnnotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + {{- with .Values.serviceLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} spec: type: ClusterIP ports: - - protocol: TCP - port: 9402 - targetPort: 9402 + - protocol: TCP + port: 9402 + name: tcp-prometheus-servicemonitor + targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} selector: - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} \ No newline at end of file + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml index 09d3242af0..d549ea84d9 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml @@ -1,24 +1,22 @@ -{{- if .Values.serviceAccount.create -}} +{{- if .Values.serviceAccount.create }} apiVersion: v1 kind: ServiceAccount +{{- with .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} metadata: - name: {{ template "name" . }}-cainjector - namespace: {{ .Values.namespace }} - labels: - app: {{ template "name" . }}-cainjector - app.kubernetes.io/name: {{ template "name" . }}-cainjector - app.kubernetes.io/instance: {{ template "name" . }} ---- -# Source: cert-manager/templates/serviceaccount.yaml -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "name" . }} - namespace: {{ .Values.namespace }} + name: {{ template "cert-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + {{- with .Values.serviceAccount.annotations }} annotations: + {{- toYaml . | nindent 4 }} + {{- end }} labels: - app: {{ template "name" . }} - app.kubernetes.io/name: {{ template "name" . }} - app.kubernetes.io/instance: {{ template "name" . }} ---- -{{- end -}} + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml new file mode 100644 index 0000000000..8ea1f6321f --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.servicemonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "cert-manager.fullname" . }} +{{- if .Values.prometheus.servicemonitor.namespace }} + namespace: {{ .Values.prometheus.servicemonitor.namespace }} +{{- else }} + namespace: {{ .Release.Namespace | quote }} +{{- end }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + prometheus: {{ .Values.prometheus.servicemonitor.prometheusInstance }} + {{- with .Values.prometheus.servicemonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + jobLabel: {{ template "cert-manager.fullname" . }} + selector: + matchLabels: + app.kubernetes.io/name: {{ template "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" +{{- if .Values.prometheus.servicemonitor.namespace }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} +{{- end }} + endpoints: + - targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} + path: {{ .Values.prometheus.servicemonitor.path }} + interval: {{ .Values.prometheus.servicemonitor.interval }} + scrapeTimeout: {{ .Values.prometheus.servicemonitor.scrapeTimeout }} + honorLabels: {{ .Values.prometheus.servicemonitor.honorLabels }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml new file mode 100644 index 0000000000..66db004e12 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml @@ -0,0 +1,77 @@ +{{- if .Values.startupapicheck.enabled }} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "startupapicheck.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.jobAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + backoffLimit: {{ .Values.startupapicheck.backoffLimit }} + template: + metadata: + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 8 }} + {{- with .Values.startupapicheck.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.startupapicheck.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + restartPolicy: OnFailure + serviceAccountName: {{ template "startupapicheck.serviceAccountName" . }} + {{- with .Values.global.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- with .Values.startupapicheck.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + {{- with .Values.startupapicheck.image }} + image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.startupapicheck.image.pullPolicy }} + args: + - check + - api + - --wait={{ .Values.startupapicheck.timeout }} + {{- with .Values.startupapicheck.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.startupapicheck.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.startupapicheck.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.startupapicheck.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.startupapicheck.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.startupapicheck.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml new file mode 100644 index 0000000000..dacd4be278 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml @@ -0,0 +1,24 @@ +{{- if .Values.startupapicheck.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "startupapicheck.fullname" . }}-psp + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.rbac.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "startupapicheck.fullname" . }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml new file mode 100644 index 0000000000..d19fa84f2a --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml @@ -0,0 +1,26 @@ +{{- if .Values.startupapicheck.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "startupapicheck.fullname" . }}-psp + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.rbac.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "startupapicheck.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "startupapicheck.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml new file mode 100644 index 0000000000..f09d60d634 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml @@ -0,0 +1,51 @@ +{{- if .Values.startupapicheck.enabled }} +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "startupapicheck.fullname" . }} + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + {{- if .Values.global.podSecurityPolicy.useAppArmor }} + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' + {{- end }} + {{- with .Values.startupapicheck.rbac.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + privileged: false + allowPrivilegeEscalation: false + allowedCapabilities: [] # default set of capabilities are implicitly allowed + volumes: + - 'projected' + - 'secret' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml new file mode 100644 index 0000000000..a6be7b9cd4 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml @@ -0,0 +1,48 @@ +{{- if .Values.startupapicheck.enabled }} +{{- if .Values.global.rbac.create }} +# create certificate role +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "startupapicheck.fullname" . }}:create-cert + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.rbac.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +rules: + - apiGroups: ["cert-manager.io"] + resources: ["certificates"] + verbs: ["create"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "startupapicheck.fullname" . }}:create-cert + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.rbac.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "startupapicheck.fullname" . }}:create-cert +subjects: + - kind: ServiceAccount + name: {{ template "startupapicheck.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml new file mode 100644 index 0000000000..f632840548 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml @@ -0,0 +1,24 @@ +{{- if .Values.startupapicheck.enabled }} +{{- if .Values.startupapicheck.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.startupapicheck.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "startupapicheck.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + {{- with .Values.startupapicheck.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app: {{ include "startupapicheck.name" . }} + app.kubernetes.io/name: {{ include "startupapicheck.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "startupapicheck" + {{- include "labels" . | nindent 4 }} +{{- with .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml new file mode 100644 index 0000000000..29558e91a6 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml @@ -0,0 +1,24 @@ +{{- if .Values.webhook.config -}} + {{- if not .Values.webhook.config.apiVersion -}} + {{- fail "webhook.config.apiVersion must be set" -}} + {{- end -}} + + {{- if not .Values.webhook.config.kind -}} + {{- fail "webhook.config.kind must be set" -}} + {{- end -}} +{{- end -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" +data: + {{- if .Values.webhook.config }} + config.yaml: | + {{ .Values.webhook.config | toYaml | nindent 4 }} + {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml new file mode 100644 index 0000000000..0de1df2f06 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml @@ -0,0 +1,153 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} + {{- with .Values.webhook.deploymentAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + replicas: {{ .Values.webhook.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- with .Values.webhook.strategy }} + strategy: + {{- toYaml . | nindent 4 }} + {{- end }} + template: + metadata: + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 8 }} + {{- with .Values.webhook.podLabels }} + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "webhook.serviceAccountName" . }} + {{- with .Values.global.priorityClassName }} + priorityClassName: {{ . | quote }} + {{- end }} + {{- with .Values.webhook.securityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.webhook.hostNetwork }} + hostNetwork: true + {{- end }} + containers: + - name: {{ .Chart.Name }} + {{- with .Values.webhook.image }} + image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" + {{- end }} + imagePullPolicy: {{ .Values.webhook.image.pullPolicy }} + args: + {{- if .Values.global.logLevel }} + - --v={{ .Values.global.logLevel }} + {{- end }} + {{- if .Values.webhook.config }} + - --config=/var/cert-manager/config/config.yaml + {{- end }} + {{- $config := default .Values.webhook.config "" }} + {{ if not $config.securePort -}} + - --secure-port={{ .Values.webhook.securePort }} + {{- end }} + {{- $tlsConfig := default $config.tlsConfig "" }} + {{ if or (not $config.tlsConfig) (and (not $tlsConfig.dynamic) (not $tlsConfig.filesystem) ) -}} + - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) + - --dynamic-serving-ca-secret-name={{ template "webhook.fullname" . }}-ca + - --dynamic-serving-dns-names={{ template "webhook.fullname" . }},{{ template "webhook.fullname" . }}.{{ .Release.Namespace }},{{ template "webhook.fullname" . }}.{{ .Release.Namespace }}.svc{{ if .Values.webhook.url.host }},{{ .Values.webhook.url.host }}{{ end }} + {{- end }} + {{- with .Values.webhook.extraArgs }} + {{- toYaml . | nindent 10 }} + {{- end }} + ports: + - name: https + protocol: TCP + {{- if $config.securePort }} + containerPort: {{ $config.securePort }} + {{- else if .Values.webhook.securePort }} + containerPort: {{ .Values.webhook.securePort }} + {{- else }} + containerPort: 6443 + {{- end }} + livenessProbe: + httpGet: + path: /livez + {{- if $config.healthzPort }} + port: {{ $config.healthzPort }} + {{- else }} + port: 6080 + {{- end }} + scheme: HTTP + initialDelaySeconds: {{ .Values.webhook.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.webhook.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.webhook.livenessProbe.timeoutSeconds }} + successThreshold: {{ .Values.webhook.livenessProbe.successThreshold }} + failureThreshold: {{ .Values.webhook.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + path: /healthz + {{- if $config.healthzPort }} + port: {{ $config.healthzPort }} + {{- else }} + port: 6080 + {{- end }} + scheme: HTTP + initialDelaySeconds: {{ .Values.webhook.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.webhook.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.webhook.readinessProbe.timeoutSeconds }} + successThreshold: {{ .Values.webhook.readinessProbe.successThreshold }} + failureThreshold: {{ .Values.webhook.readinessProbe.failureThreshold }} + {{- with .Values.webhook.containerSecurityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- with .Values.webhook.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- if .Values.webhook.config }} + volumeMounts: + - name: config + mountPath: /var/cert-manager/config + {{- end }} + {{- with .Values.webhook.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.webhook.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.webhook.config }} + volumes: + - name: config + configMap: + name: {{ include "webhook.fullname" . }} + {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml new file mode 100644 index 0000000000..fb8b795f63 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml @@ -0,0 +1,46 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: {{ include "webhook.fullname" . }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} + annotations: + cert-manager.io/inject-ca-from-secret: "{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca" + {{- with .Values.webhook.mutatingWebhookConfigurationAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +webhooks: + - name: webhook.cert-manager.io + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: {{ .Values.webhook.timeoutSeconds }} + failurePolicy: Fail + # Only include 'sideEffects' field in Kubernetes 1.12+ + sideEffects: None + clientConfig: + {{- if .Values.webhook.url.host }} + url: https://{{ .Values.webhook.url.host }}/mutate + {{- else }} + service: + name: {{ template "webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + path: /mutate + {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml new file mode 100644 index 0000000000..2a8808e7dc --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml @@ -0,0 +1,18 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: {{ template "webhook.fullname" . }}-psp + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +rules: +- apiGroups: ['policy'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "webhook.fullname" . }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml new file mode 100644 index 0000000000..e8e1bb2068 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml @@ -0,0 +1,20 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "webhook.fullname" . }}-psp + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "webhook.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: {{ template "webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml new file mode 100644 index 0000000000..4d5d959df0 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml @@ -0,0 +1,54 @@ +{{- if .Values.global.podSecurityPolicy.enabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "webhook.fullname" . }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + {{- if .Values.global.podSecurityPolicy.useAppArmor }} + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' + {{- end }} +spec: + privileged: false + allowPrivilegeEscalation: false + allowedCapabilities: [] # default set of capabilities are implicitly allowed + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + hostNetwork: {{ .Values.webhook.hostNetwork }} + {{- if .Values.webhook.hostNetwork }} + hostPorts: + - max: {{ .Values.webhook.securePort }} + min: {{ .Values.webhook.securePort }} + {{- end }} + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1000 + max: 1000 +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml new file mode 100644 index 0000000000..1070333d9c --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml @@ -0,0 +1,83 @@ +{{- if .Values.global.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "webhook.fullname" . }}:dynamic-serving + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: ["secrets"] + resourceNames: + - '{{ template "webhook.fullname" . }}-ca' + verbs: ["get", "list", "watch", "update"] +# It's not possible to grant CREATE permission on a single resourceName. +- apiGroups: [""] + resources: ["secrets"] + verbs: ["create"] +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "webhook.fullname" . }}:dynamic-serving + namespace: {{ .Release.Namespace | quote }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "webhook.fullname" . }}:dynamic-serving +subjects: +- apiGroup: "" + kind: ServiceAccount + name: {{ template "webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "webhook.fullname" . }}:subjectaccessreviews + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +rules: +- apiGroups: ["authorization.k8s.io"] + resources: ["subjectaccessreviews"] + verbs: ["create"] +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "webhook.fullname" . }}:subjectaccessreviews + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "webhook.fullname" . }}:subjectaccessreviews +subjects: +- apiGroup: "" + kind: ServiceAccount + name: {{ template "webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml new file mode 100644 index 0000000000..ed0278ada7 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml @@ -0,0 +1,32 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} +{{- with .Values.webhook.serviceAnnotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} + {{- with .Values.webhook.serviceLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.webhook.serviceType }} + {{- with .Values.webhook.loadBalancerIP }} + loadBalancerIP: {{ . }} + {{- end }} + ports: + - name: https + port: 443 + protocol: TCP + targetPort: "https" + selector: + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml new file mode 100644 index 0000000000..a08d2fc9d2 --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml @@ -0,0 +1,22 @@ +{{- if .Values.webhook.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} +metadata: + name: {{ template "webhook.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + {{- with .Values.webhook.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +{{- with .Values.global.imagePullSecrets }} +imagePullSecrets: + {{- toYaml . | nindent 2 }} +{{- end }} +{{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml new file mode 100644 index 0000000000..2ca6403ecf --- /dev/null +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml @@ -0,0 +1,55 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ include "webhook.fullname" . }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} + annotations: + cert-manager.io/inject-ca-from-secret: "{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca" + {{- with .Values.webhook.validatingWebhookConfigurationAnnotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +webhooks: + - name: webhook.cert-manager.io + namespaceSelector: + matchExpressions: + - key: "cert-manager.io/disable-validation" + operator: "NotIn" + values: + - "true" + - key: "name" + operator: "NotIn" + values: + - {{ .Release.Namespace }} + rules: + - apiGroups: + - "cert-manager.io" + - "acme.cert-manager.io" + apiVersions: + - "v1" + operations: + - CREATE + - UPDATE + resources: + - "*/*" + admissionReviewVersions: ["v1"] + # This webhook only accepts v1 cert-manager resources. + # Equivalent matchPolicy ensures that non-v1 resource requests are sent to + # this webhook (after the resources have been converted to v1). + matchPolicy: Equivalent + timeoutSeconds: {{ .Values.webhook.timeoutSeconds }} + failurePolicy: Fail + sideEffects: None + clientConfig: + {{- if .Values.webhook.url.host }} + url: https://{{ .Values.webhook.url.host }}/validate + {{- else }} + service: + name: {{ template "webhook.fullname" . }} + namespace: {{ .Release.Namespace | quote }} + path: /validate + {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml index d159869e3d..d604971c04 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml @@ -1,30 +1,51 @@ + # Default values for cert-manager. # This is a YAML-formatted file. # Declare variables to be passed into your templates. name: cert-manager namespace: egov replicaCount: 1 +fullnameOverride: cert-manager -image: - repository: "quay.io/jetstack/cert-manager-controller" - pullPolicy: IfNotPresent - tag: "v0.13.1" +global: + ## Reference to one or more secrets to be used when pulling images + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + imagePullSecrets: [] + # - name: "image-pull-secret" -cainjector: - image: - repository: "quay.io/jetstack/cert-manager-cainjector" - pullPolicy: IfNotPresent - tag: "v0.13.1" + # Optional priority class to be used for the cert-manager pods + priorityClassName: "" + rbac: + create: true -imagePullSecrets: [] + podSecurityPolicy: + enabled: false + useAppArmor: true -updateStrategy: OnDelete -serviceAccount: - # Specifies whether a service account should be created - create: true - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: cert-manager + # Set the verbosity of cert-manager. Range of 0 - 6 with 6 being the most verbose. + logLevel: 2 + + leaderElection: + # Override the namespace used to store the ConfigMap for leader election + namespace: "kube-system" + + # The duration that non-leader candidates will wait after observing a + # leadership renewal until attempting to acquire leadership of a led but + # unrenewed leader slot. This is effectively the maximum duration that a + # leader can be stopped before it is replaced by another candidate. + # leaseDuration: 60s + + # The interval between attempts by the acting master to renew a leadership + # slot before it stops leading. This must be less than or equal to the + # lease duration. + # renewDeadline: 40s + + # The duration the clients should wait between attempting acquisition and + # renewal of a leadership. + # retryPeriod: 15s + +installCRDs: true clusterIssuer: @@ -32,40 +53,488 @@ clusterIssuer: name: letsencrypt-staging acme: server: https://acme-staging-v02.api.letsencrypt.org/directory - email: devops@egovernments.org + email: sre-staff@egovernments.org secretName: letsencrypt-staging prod: name: letsencrypt-prod acme: server: https://acme-v02.api.letsencrypt.org/directory - email: devops@egovernments.org + email: sre-staff@egovernments.org secretName: letsencrypt-prod -podSecurityContext: {} - # fsGroup: 2000 -securityContext: {} +strategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 0 + # maxUnavailable: 1 + +# Comma separated list of feature gates that should be enabled on the +# controller pod. +featureGates: "" + +image: + repository: quay.io/jetstack/cert-manager-controller + # You can manage a registry with + # registry: quay.io + # repository: jetstack/cert-manager-controller + + # Override the image tag to deploy by setting this variable. + # If no value is set, the chart's appVersion will be used. + # tag: canary + + # Setting a digest will override any tag + # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 + pullPolicy: IfNotPresent + +# Override the namespace used to store DNS provider credentials etc. for ClusterIssuer +# resources. By default, the same namespace as cert-manager is deployed within is +# used. This namespace will not be automatically created by the Helm chart. +clusterResourceNamespace: "" + +updateStrategy: OnDelete + + +serviceAccount: + name: cert-manager + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + # name: "" + # Optional additional annotations to add to the controller's ServiceAccount + # annotations: {} + # Automount API credentials for a Service Account. + automountServiceAccountToken: true + +# Additional command line flags to pass to cert-manager controller binary. +# To see all available flags run docker run quay.io/jetstack/cert-manager-controller: --help +extraArgs: [] + # When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted + # - --enable-certificate-owner-ref=true + # Use this flag to enabled or disable arbitrary controllers, for example, disable the CertificiateRequests approver + # - --controllers=*,-certificaterequests-approver + +extraEnv: [] +# - name: SOME_VAR +# value: 'some value' + +resources: {} + # requests: + # cpu: 10m + # memory: 32Mi + +# Pod Security Context +# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +securityContext: + runAsNonRoot: true +# legacy securityContext parameter format: if enabled is set to true, only fsGroup and runAsUser are supported +# securityContext: +# enabled: false +# fsGroup: 1001 +# runAsUser: 1001 +# to support additional securityContext parameters, omit the `enabled` parameter and simply specify the parameters +# you want to set, e.g. +# securityContext: +# fsGroup: 1000 +# runAsUser: 1000 +# runAsNonRoot: true + +# Container Security Context to be set on the controller component container +# ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +containerSecurityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true - # runAsUser: 1000 -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi + +volumes: [] + +volumeMounts: [] + +# Optional additional annotations to add to the controller Deployment +# deploymentAnnotations: {} + +# Optional additional annotations to add to the controller Pods +# podAnnotations: {} + +podLabels: {} + +# Optional annotations to add to the controller Service +# serviceAnnotations: {} + +# Optional additional labels to add to the controller Service +# serviceLabels: {} + +# Optional DNS settings, useful if you have a public and private DNS zone for +# the same domain on Route 53. What follows is an example of ensuring +# cert-manager can access an ingress or DNS TXT records at all times. +# NOTE: This requires Kubernetes 1.10 or `CustomPodDNS` feature gate enabled for +# the cluster to work. +# podDnsPolicy: "None" +# podDnsConfig: +# nameservers: +# - "1.1.1.1" +# - "8.8.8.8" nodeSelector: {} -tolerations: [] +ingressShim: {} + # defaultIssuerName: "" + # defaultIssuerKind: "" + # defaultIssuerGroup: "" + +prometheus: + enabled: true + servicemonitor: + enabled: false + prometheusInstance: default + targetPort: 9402 + path: /metrics + interval: 60s + scrapeTimeout: 30s + labels: {} + honorLabels: false +# Use these variables to configure the HTTP_PROXY environment variables +# http_proxy: "http://proxy:8080" +# https_proxy: "https://proxy:8080" +# no_proxy: 127.0.0.1,localhost + +# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core +# for example: +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: foo.bar.com/role +# operator: In +# values: +# - master affinity: {} + +# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core +# for example: +# tolerations: +# - key: foo.bar.com/role +# operator: Equal +# value: master +# effect: NoSchedule +tolerations: [] + +webhook: + replicaCount: 1 + timeoutSeconds: 10 + + # Used to configure options for the webhook pod. + # This allows setting options that'd usually be provided via flags. + # An APIVersion and Kind must be specified in your values.yaml file. + # Flags will override options that are set here. + config: + # apiVersion: webhook.config.cert-manager.io/v1alpha1 + # kind: WebhookConfiguration + + # The port that the webhook should listen on for requests. + # In GKE private clusters, by default kubernetes apiservers are allowed to + # talk to the cluster nodes only on 443 and 10250. so configuring + # securePort: 10250, will work out of the box without needing to add firewall + # rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000. + # This should be uncommented and set as a default by the chart once we graduate + # the apiVersion of WebhookConfiguration past v1alpha1. + # securePort: 10250 + + strategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 0 + # maxUnavailable: 1 + + # Pod Security Context to be set on the webhook component Pod + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + securityContext: + runAsNonRoot: true + + # Container Security Context to be set on the webhook component container + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + + # Optional additional annotations to add to the webhook Deployment + # deploymentAnnotations: {} + + # Optional additional annotations to add to the webhook Pods + # podAnnotations: {} + + # Optional additional annotations to add to the webhook Service + # serviceAnnotations: {} + + # Optional additional annotations to add to the webhook MutatingWebhookConfiguration + # mutatingWebhookConfigurationAnnotations: {} + + # Optional additional annotations to add to the webhook ValidatingWebhookConfiguration + # validatingWebhookConfigurationAnnotations: {} + + # Additional command line flags to pass to cert-manager webhook binary. + # To see all available flags run docker run quay.io/jetstack/cert-manager-webhook: --help + extraArgs: [] + # Path to a file containing a WebhookConfiguration object used to configure the webhook + # - --config= + + resources: {} + # requests: + # cpu: 10m + # memory: 32Mi + + ## Liveness and readiness probe values + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes + ## + livenessProbe: + failureThreshold: 3 + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 1 + + nodeSelector: {} + + affinity: {} + + tolerations: [] + + # Optional additional labels to add to the Webhook Pods + podLabels: {} + + # Optional additional labels to add to the Webhook Service + serviceLabels: {} + + image: + repository: quay.io/jetstack/cert-manager-webhook + # You can manage a registry with + # registry: quay.io + # repository: jetstack/cert-manager-webhook + + # Override the image tag to deploy by setting this variable. + # If no value is set, the chart's appVersion will be used. + # tag: canary + + # Setting a digest will override any tag + # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 + + pullPolicy: IfNotPresent + + serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + # name: "" + # Optional additional annotations to add to the controller's ServiceAccount + # annotations: {} + # Automount API credentials for a Service Account. + automountServiceAccountToken: true + + # The port that the webhook should listen on for requests. + # In GKE private clusters, by default kubernetes apiservers are allowed to + # talk to the cluster nodes only on 443 and 10250. so configuring + # securePort: 10250, will work out of the box without needing to add firewall + # rules or requiring NET_BIND_SERVICE capabilities to bind port numbers <1000 + securePort: 10250 + + # Specifies if the webhook should be started in hostNetwork mode. + # + # Required for use in some managed kubernetes clusters (such as AWS EKS) with custom + # CNI (such as calico), because control-plane managed by AWS cannot communicate + # with pods' IP CIDR and admission webhooks are not working + # + # Since the default port for the webhook conflicts with kubelet on the host + # network, `webhook.securePort` should be changed to an available port if + # running in hostNetwork mode. + hostNetwork: false + + # Specifies how the service should be handled. Useful if you want to expose the + # webhook to outside of the cluster. In some cases, the control plane cannot + # reach internal services. + serviceType: ClusterIP + # loadBalancerIP: + + # Overrides the mutating webhook and validating webhook so they reach the webhook + # service using the `url` field instead of a service. + url: {} + # host: + +cainjector: + enabled: true + replicaCount: 1 + + strategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: 0 + # maxUnavailable: 1 + + # Pod Security Context to be set on the cainjector component Pod + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + securityContext: + runAsNonRoot: true + + # Container Security Context to be set on the cainjector component container + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + containerSecurityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + + + # Optional additional annotations to add to the cainjector Deployment + # deploymentAnnotations: {} + + # Optional additional annotations to add to the cainjector Pods + # podAnnotations: {} + + # Additional command line flags to pass to cert-manager cainjector binary. + # To see all available flags run docker run quay.io/jetstack/cert-manager-cainjector: --help + extraArgs: [] + # Enable profiling for cainjector + # - --enable-profiling=true + + resources: {} + # requests: + # cpu: 10m + # memory: 32Mi + + nodeSelector: {} + + affinity: {} + + tolerations: [] + + # Optional additional labels to add to the CA Injector Pods + podLabels: {} + + image: + repository: quay.io/jetstack/cert-manager-cainjector + # You can manage a registry with + # registry: quay.io + # repository: jetstack/cert-manager-cainjector + + # Override the image tag to deploy by setting this variable. + # If no value is set, the chart's appVersion will be used. + # tag: canary + + # Setting a digest will override any tag + # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 + + pullPolicy: IfNotPresent + + serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + # name: "" + # Optional additional annotations to add to the controller's ServiceAccount + # annotations: {} + # Automount API credentials for a Service Account. + automountServiceAccountToken: true + +# This startupapicheck is a Helm post-install hook that waits for the webhook +# endpoints to become available. +# The check is implemented using a Kubernetes Job- if you are injecting mesh +# sidecar proxies into cert-manager pods, you probably want to ensure that they +# are not injected into this Job's pod. Otherwise the installation may time out +# due to the Job never being completed because the sidecar proxy does not exit. +# See https://github.com/jetstack/cert-manager/pull/4414 for context. +startupapicheck: + enabled: true + + # Pod Security Context to be set on the startupapicheck component Pod + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + securityContext: + runAsNonRoot: true + + # Timeout for 'kubectl check api' command + timeout: 1m + + # Job backoffLimit + backoffLimit: 4 + + # Optional additional annotations to add to the startupapicheck Job + jobAnnotations: + helm.sh/hook: post-install + helm.sh/hook-weight: "1" + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + + # Optional additional annotations to add to the startupapicheck Pods + # podAnnotations: {} + + # Additional command line flags to pass to startupapicheck binary. + # To see all available flags run docker run quay.io/jetstack/cert-manager-ctl: --help + extraArgs: [] + + resources: {} + # requests: + # cpu: 10m + # memory: 32Mi + + nodeSelector: {} + + affinity: {} + + tolerations: [] + + # Optional additional labels to add to the startupapicheck Pods + podLabels: {} + + image: + repository: quay.io/jetstack/cert-manager-ctl + # You can manage a registry with + # registry: quay.io + # repository: jetstack/cert-manager-ctl + + # Override the image tag to deploy by setting this variable. + # If no value is set, the chart's appVersion will be used. + # tag: canary + + # Setting a digest will override any tag + # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 + + pullPolicy: IfNotPresent + + rbac: + # annotations for the startup API Check job RBAC and PSP resources + annotations: + helm.sh/hook: post-install + helm.sh/hook-weight: "-5" + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + + serviceAccount: + # Specifies whether a service account should be created + create: true + + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + # name: "" + + # Optional additional annotations to add to the Job's ServiceAccount + annotations: + helm.sh/hook: post-install + helm.sh/hook-weight: "-5" + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + + # Automount API credentials for a Service Account. + automountServiceAccountToken: true From e16198f692c70ebeee392fd4cff6bdfab8894015 Mon Sep 17 00:00:00 2001 From: aniket Date: Sun, 12 Mar 2023 18:15:43 +0530 Subject: [PATCH 130/742] Changed ingress-nginx to previous name: nginx-ingress --- .../helm/charts/backbone-services/ingress-nginx/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml index 2692b51c97..47a3c40514 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml @@ -12,8 +12,8 @@ commonLabels: {} # scmhash: abc123 # myLabel: aakkmd +fullnameOverride: nginx-ingress namespace: egov - controller: name: controller image: From 7576a35e51e41c278449e9ccef8ac2d7e4748d06 Mon Sep 17 00:00:00 2001 From: aniket Date: Fri, 17 Mar 2023 15:43:03 +0530 Subject: [PATCH 131/742] changes to terraform script --- deploy-as-code/deployer/cmd/deploy.go | 5 +- .../deployer/pkg/cmd/deployer/deployer.go | 7 +- .../deployer/standalone_installer.go | 3 +- .../terraform/modules/db/aws/main.tf | 17 ++-- .../kubernetes/aws/eks-cluster/outputs.tf | 3 + .../modules/kubernetes/aws/network/main.tf | 87 ------------------- .../modules/kubernetes/aws/network/outputs.tf | 8 -- infra-as-code/terraform/sample-aws/main.tf | 17 ++-- .../terraform/sample-aws/variables.tf | 2 +- .../terraform/sample-central-instance/main.tf | 2 +- .../sample-central-instance/outputs.tf | 4 - 11 files changed, 34 insertions(+), 121 deletions(-) diff --git a/deploy-as-code/deployer/cmd/deploy.go b/deploy-as-code/deployer/cmd/deploy.go index a4f5df86e6..97d2ad9643 100644 --- a/deploy-as-code/deployer/cmd/deploy.go +++ b/deploy-as-code/deployer/cmd/deploy.go @@ -17,7 +17,7 @@ package cmd import ( "errors" - + "fmt" "deployer/pkg/cmd/deployer" "github.com/spf13/cobra" @@ -46,10 +46,11 @@ to quickly create a Cobra application.`, return nil }, Run: func(cmd *cobra.Command, args []string) { - // fmt.Println("deploy called with images: " + args[0]) options.ConfigDir = viper.GetString("helm-dir") deployer.DeployCharts(options) + fmt.Println("options.ConfigDir: " + options.ConfigDir) + }, } diff --git a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go index ed9124c03b..4008240044 100644 --- a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -146,10 +146,13 @@ func deployClusterConfigs(index map[string]string, configDir string, envOverride // Clean up folder after function exists defer os.RemoveAll(tmpDir) args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) + fmt.Println("Before Trimming"+configDir) - sopsDir:=strings.Trim(configDir, "/helm") - // fmt.Println("path too sops"+sopsDir) + sopsDir:=strings.Trim(configDir, "helm") + fmt.Println("path too sops"+sopsDir) if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { + fmt.Println("Error Condition: ") + fmt.Println(err) args = append(args, fmt.Sprintf("-f %s", envSecretFile)) } else { sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) diff --git a/deploy-as-code/deployer/standalone_installer.go b/deploy-as-code/deployer/standalone_installer.go index 93c1f87b40..6a6dc52a7b 100644 --- a/deploy-as-code/deployer/standalone_installer.go +++ b/deploy-as-code/deployer/standalone_installer.go @@ -153,7 +153,8 @@ func main() { } for _, envfile := range envfilesFromDir { filename := envfile.Name() - if !s.Contains(filename, "secrets") { + if !s.Contains(filename, "secrets") && !s.Contains(filename,".DS_Store") { + log.Println(filename) envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) } } diff --git a/infra-as-code/terraform/modules/db/aws/main.tf b/infra-as-code/terraform/modules/db/aws/main.tf index f3868d2ed4..c66b61ac92 100644 --- a/infra-as-code/terraform/modules/db/aws/main.tf +++ b/infra-as-code/terraform/modules/db/aws/main.tf @@ -3,10 +3,10 @@ resource "aws_db_subnet_group" "db_subnet_group" { subnet_ids = "${var.subnet_ids}" tags = "${ - map( - "Name", "db-subnet-group-${var.environment}", - "environment", "${var.environment}" - ) + tomap({ + "Name" = "db-subnet-group-${var.environment}", + "environment" = "${var.environment}" + }) }" } @@ -28,9 +28,10 @@ resource "aws_db_instance" "rds_postgres" { skip_final_snapshot = "true" tags = "${ - map( - "Name", "${var.environment}-db", - "environment", "${var.environment}" - ) + tomap({ + "Name" = "${var.environment}-db", + "environment" = "${var.environment}" + }) }" } + diff --git a/infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/outputs.tf b/infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/outputs.tf index b8333861fd..450807cdaa 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/outputs.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/eks-cluster/outputs.tf @@ -42,3 +42,6 @@ output "eks_cluster" { value = "${aws_eks_cluster.eks_cluster}" } +output "cluster_security_group_id" { + value = "${aws_eks_cluster.cluster.vpc_config[0].worker_security_group_id}" +} \ No newline at end of file diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf index c01c68bf4d..e6ad7b8390 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/main.tf @@ -144,42 +144,6 @@ resource "aws_route_table_association" "private" { route_table_id = "${aws_route_table.private_route_table.id}" } - -resource "aws_security_group" "worker_nodes_sg" { - name = "nodes-${var.cluster_name}" - description = "Security group for all worker nodes in the cluster" - vpc_id = "${aws_vpc.vpc.id}" - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } - - tags = "${ - tomap({ - "Name" = "nodes-${var.cluster_name}" - "kubernetes.io/cluster/${var.cluster_name}" = "shared" - "KubernetesCluster" = "${var.cluster_name}" - }) - }" -} - -resource "aws_security_group" "master_nodes_sg" { - name = "masters-${var.cluster_name}" - description = "Master nodes security group" - vpc_id = "${aws_vpc.vpc.id}" - - tags = "${ - tomap({ - "Name" = "masters-${var.cluster_name}" - "kubernetes.io/cluster/${var.cluster_name}" = "shared" - "KubernetesCluster" = "${var.cluster_name}" - }) - }" -} - resource "aws_security_group" "rds_db_sg" { name = "db-${var.cluster_name}" description = "RDS Database security group" @@ -190,55 +154,4 @@ resource "aws_security_group" "rds_db_sg" { "Name" = "db-${var.cluster_name}" }) }" -} - -resource "aws_security_group_rule" "master_nodes_egress_workers" { - description = "Allow outbound traffic to worker nodes" - from_port = 10250 - to_port = 65535 - protocol = "tcp" - security_group_id = "${aws_security_group.master_nodes_sg.id}" - source_security_group_id = "${aws_security_group.worker_nodes_sg.id}" - type = "egress" -} - -resource "aws_security_group_rule" "master_nodes_ingress_workers" { - description = "Allow worker nodes to communicate with cluster API server" - from_port = 443 - to_port = 443 - protocol = "tcp" - security_group_id = "${aws_security_group.master_nodes_sg.id}" - source_security_group_id = "${aws_security_group.worker_nodes_sg.id}" - type = "ingress" -} - - -resource "aws_security_group_rule" "worker_nodes_ingress_self" { - description = "Allow node to communicate with each other" - from_port = 0 - to_port = 65535 - protocol = "-1" - security_group_id = "${aws_security_group.worker_nodes_sg.id}" - source_security_group_id = "${aws_security_group.worker_nodes_sg.id}" - type = "ingress" -} - -resource "aws_security_group_rule" "worker_nodes_ingress_cluster" { - description = "Allow worker Kubelets and pods to receive communication from the cluster control plane" - from_port = 1025 - to_port = 65535 - protocol = "tcp" - security_group_id = "${aws_security_group.worker_nodes_sg.id}" - source_security_group_id = "${aws_security_group.master_nodes_sg.id}" - type = "ingress" -} - -resource "aws_security_group_rule" "rds_db_ingress_workers" { - description = "Allow worker nodes to communicate with RDS database" - from_port = 5432 - to_port = 5432 - protocol = "tcp" - security_group_id = "${aws_security_group.rds_db_sg.id}" - source_security_group_id = "${aws_security_group.worker_nodes_sg.id}" - type = "ingress" } \ No newline at end of file diff --git a/infra-as-code/terraform/modules/kubernetes/aws/network/outputs.tf b/infra-as-code/terraform/modules/kubernetes/aws/network/outputs.tf index 76815c40e5..2d9b8ba2bc 100644 --- a/infra-as-code/terraform/modules/kubernetes/aws/network/outputs.tf +++ b/infra-as-code/terraform/modules/kubernetes/aws/network/outputs.tf @@ -10,14 +10,6 @@ output "public_subnets" { value = aws_subnet.public_subnet.*.id } -output "master_nodes_sg_id" { - value = "${aws_security_group.master_nodes_sg.id}" -} - -output "worker_nodes_sg_id" { - value = "${aws_security_group.worker_nodes_sg.id}" -} - output "rds_db_sg_id" { value = "${aws_security_group.rds_db_sg.id}" } \ No newline at end of file diff --git a/infra-as-code/terraform/sample-aws/main.tf b/infra-as-code/terraform/sample-aws/main.tf index c858b84a9d..da778a1715 100644 --- a/infra-as-code/terraform/sample-aws/main.tf +++ b/infra-as-code/terraform/sample-aws/main.tf @@ -1,9 +1,3 @@ -provider "aws" { - region = "ap-south-1" - -} - - module "network" { source = "../modules/kubernetes/aws/network" vpc_cidr_block = "${var.vpc_cidr_block}" @@ -60,7 +54,6 @@ module "eks" { subnets = "${concat(slice(module.network.private_subnets, 0, length(var.availability_zones)))}" override_instance_types = "${var.override_instance_types}" kubelet_extra_args = "--node-labels=node.kubernetes.io/lifecycle=spot" - additional_security_group_ids = ["${module.network.worker_nodes_sg_id}"] asg_max_size = "${var.number_of_worker_nodes}" asg_desired_capacity = "${var.number_of_worker_nodes}" spot_allocation_strategy = "capacity-optimized" @@ -76,6 +69,16 @@ module "eks" { } +resource "aws_security_group_rule" "rds_db_ingress_workers" { + description = "Allow worker nodes to communicate with RDS database" + from_port = 5432 + to_port = 5432 + protocol = "tcp" + security_group_id = "${module.network.rds_db_sg_id}" + source_security_group_id = "${module.eks.cluster_security_group_id}" + type = "ingress" +} + module "es-master" { source = "../modules/storage/aws" diff --git a/infra-as-code/terraform/sample-aws/variables.tf b/infra-as-code/terraform/sample-aws/variables.tf index 044e22bbb6..6eaadf5f1c 100644 --- a/infra-as-code/terraform/sample-aws/variables.tf +++ b/infra-as-code/terraform/sample-aws/variables.tf @@ -26,7 +26,7 @@ variable "availability_zones" { variable "kubernetes_version" { description = "kubernetes version" - default = "1.20" + default = "1.22" } variable "instance_type" { diff --git a/infra-as-code/terraform/sample-central-instance/main.tf b/infra-as-code/terraform/sample-central-instance/main.tf index 41e9ce1d75..d450d4e5d6 100644 --- a/infra-as-code/terraform/sample-central-instance/main.tf +++ b/infra-as-code/terraform/sample-central-instance/main.tf @@ -140,7 +140,7 @@ module "node-group" { cluster_name = "${var.cluster_name}" node_group_name = "${each.key}-ng" kubernetes_version = "${var.kubernetes_version}" - security_groups = ["${module.network.worker_nodes_sg_id}", "${data.aws_security_group.node_sg.id}"] + security_groups = ["${data.aws_security_group.node_sg.id}"] subnet = "${concat(slice(module.network.private_subnets, 0, length(var.node_pool_zone)))}" node_group_max_size = 1 node_group_desired_size = 1 diff --git a/infra-as-code/terraform/sample-central-instance/outputs.tf b/infra-as-code/terraform/sample-central-instance/outputs.tf index 2bc4c3fd83..42d0eb05e5 100644 --- a/infra-as-code/terraform/sample-central-instance/outputs.tf +++ b/infra-as-code/terraform/sample-central-instance/outputs.tf @@ -14,10 +14,6 @@ output "master_nodes_sg_id" { value = module.network.master_nodes_sg_id } -output "worker_nodes_sg_id" { - value = module.network.worker_nodes_sg_id -} - output "cluster_endpoint" { description = "Endpoint for EKS control plane." value = module.eks.cluster_endpoint From 9802a3b54e2731ca7ec8b40ebe65b4917ed386af Mon Sep 17 00:00:00 2001 From: aniket Date: Fri, 17 Mar 2023 15:45:44 +0530 Subject: [PATCH 132/742] correction to cluster config --- config-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/cluster-configs/values.yaml b/config-as-code/helm/charts/cluster-configs/values.yaml index 2fe516dcba..ad5badc825 100644 --- a/config-as-code/helm/charts/cluster-configs/values.yaml +++ b/config-as-code/helm/charts/cluster-configs/values.yaml @@ -72,7 +72,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov, monitoring ] + namespace: [ egov ] name: git-creds kibana: From bdbdce1519e76e598a3671c03437c9c9ca5216d1 Mon Sep 17 00:00:00 2001 From: aniket Date: Fri, 17 Mar 2023 15:47:18 +0530 Subject: [PATCH 133/742] removed deprecated nginx ingress --- .../nginx-ingress/Chart.yaml | 12 - .../backbone-services/nginx-ingress/README.md | 261 ----------- .../nginx-ingress/templates/_helpers.tpl | 86 ---- .../nginx-ingress/templates/clusterrole.yaml | 59 --- .../templates/clusterrolebinding.yaml | 17 - .../templates/controller-configmap.yaml | 20 - .../templates/controller-daemonset.yaml | 218 --------- .../templates/controller-deployment.yaml | 205 --------- .../templates/controller-metrics-service.yaml | 43 -- .../templates/controller-prometheusrules.yaml | 21 - .../templates/controller-role.yaml | 90 ---- .../templates/controller-rolebinding.yaml | 18 - .../templates/controller-service.yaml | 85 ---- .../templates/controller-serviceaccount.yaml | 10 - .../templates/controller-servicemonitor.yaml | 31 -- .../templates/custom-headers.yaml | 14 - .../nginx-ingress/values.yaml | 435 ------------------ 17 files changed, 1625 deletions(-) delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/README.md delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml delete mode 100644 config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml deleted file mode 100644 index d2e4c297c1..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/Chart.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v2 -name: nginx-ingress -description: An nginx Ingress controller that uses ConfigMap to store the nginx configuration. -type: application -keywords: - - ingress - - nginx -sources: - - https://github.com/kubernetes/ingress-nginx -engine: gotpl -kubeVersion: ">=1.10.0-0" -version: 1.0.0 \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/README.md b/config-as-code/helm/charts/backbone-services/nginx-ingress/README.md deleted file mode 100644 index 2811e8257e..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/README.md +++ /dev/null @@ -1,261 +0,0 @@ -# nginx-ingress - -[nginx-ingress](https://github.com/kubernetes/ingress-nginx) is an Ingress controller that uses ConfigMap to store the nginx configuration. - -To use, add the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. - -## TL;DR; - -```console -$ helm install stable/nginx-ingress -``` - -## Introduction - -This chart bootstraps an nginx-ingress deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. - -## Prerequisites - - - Kubernetes 1.6+ - -## Installing the Chart - -To install the chart with the release name `my-release`: - -```console -$ helm install --name my-release stable/nginx-ingress -``` - -The command deploys nginx-ingress on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. - -> **Tip**: List all releases using `helm list` - -## Uninstalling the Chart - -To uninstall/delete the `my-release` deployment: - -```console -$ helm delete my-release -``` - -The command removes all the Kubernetes components associated with the chart and deletes the release. - -## Configuration - -The following table lists the configurable parameters of the nginx-ingress chart and their default values. - -Parameter | Description | Default ---- | --- | --- -`controller.name` | name of the controller component | `controller` -`controller.image.repository` | controller container image repository | `quay.io/kubernetes-ingress-controller/nginx-ingress-controller` -`controller.image.tag` | controller container image tag | `0.26.1` -`controller.image.pullPolicy` | controller container image pull policy | `IfNotPresent` -`controller.image.runAsUser` | User ID of the controller process. Value depends on the Linux distribution used inside of the container image. By default uses debian one. | `33` -`controller.containerPort.http` | The port that the controller container listens on for http connections. | `80` -`controller.containerPort.https` | The port that the controller container listens on for https connections. | `443` -`controller.config` | nginx [ConfigMap](https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/configmap.md) entries | none -`controller.hostNetwork` | If the nginx deployment / daemonset should run on the host's network namespace. Do not set this when `controller.service.externalIPs` is set and `kube-proxy` is used as there will be a port-conflict for port `80` | false -`controller.defaultBackendService` | default 404 backend service; needed only if `defaultBackend.enabled = false` | `""` -`controller.dnsPolicy` | If using `hostNetwork=true`, change to `ClusterFirstWithHostNet`. See [pod's dns policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) for details | `ClusterFirst` -`controller.reportNodeInternalIp` | If using `hostNetwork=true`, setting `reportNodeInternalIp=true`, will pass the flag `report-node-internal-ip-address` to nginx-ingress. This sets the status of all Ingress objects to the internal IP address of all nodes running the NGINX Ingress controller. -`controller.electionID` | election ID to use for the status update | `ingress-controller-leader` -`controller.extraEnvs` | any additional environment variables to set in the pods | `{}` -`controller.extraContainers` | Sidecar containers to add to the controller pod. See [LemonLDAP::NG controller](https://github.com/lemonldap-ng-controller/lemonldap-ng-controller) as example | `{}` -`controller.extraVolumeMounts` | Additional volumeMounts to the controller main container | `{}` -`controller.extraVolumes` | Additional volumes to the controller pod | `{}` -`controller.extraInitContainers` | Containers, which are run before the app containers are started | `[]` -`controller.ingressClass` | name of the ingress class to route through this controller | `nginx` -`controller.scope.enabled` | limit the scope of the ingress controller | `false` (watch all namespaces) -`controller.scope.namespace` | namespace to watch for ingress | `""` (use the release namespace) -`controller.extraArgs` | Additional controller container arguments | `{}` -`controller.kind` | install as Deployment, DaemonSet or Both | `Deployment` -`controller.deploymentAnnotations` | annotations to be added to deployment | `{}` -`controller.autoscaling.enabled` | If true, creates Horizontal Pod Autoscaler | false -`controller.autoscaling.minReplicas` | If autoscaling enabled, this field sets minimum replica count | `2` -`controller.autoscaling.maxReplicas` | If autoscaling enabled, this field sets maximum replica count | `11` -`controller.autoscaling.targetCPUUtilizationPercentage` | Target CPU utilization percentage to scale | `"50"` -`controller.autoscaling.targetMemoryUtilizationPercentage` | Target memory utilization percentage to scale | `"50"` -`controller.daemonset.useHostPort` | If `controller.kind` is `DaemonSet`, this will enable `hostPort` for TCP/80 and TCP/443 | false -`controller.daemonset.hostPorts.http` | If `controller.daemonset.useHostPort` is `true` and this is non-empty, it sets the hostPort | `"80"` -`controller.daemonset.hostPorts.https` | If `controller.daemonset.useHostPort` is `true` and this is non-empty, it sets the hostPort | `"443"` -`controller.tolerations` | node taints to tolerate (requires Kubernetes >=1.6) | `[]` -`controller.affinity` | node/pod affinities (requires Kubernetes >=1.6) | `{}` -`controller.terminationGracePeriodSeconds` | how many seconds to wait before terminating a pod | `60` -`controller.minReadySeconds` | how many seconds a pod needs to be ready before killing the next, during update | `0` -`controller.nodeSelector` | node labels for pod assignment | `{}` -`controller.podAnnotations` | annotations to be added to pods | `{}` -`controller.podLabels` | labels to add to the pod container metadata | `{}` -`controller.podSecurityContext` | Security context policies to add to the controller pod | `{}` -`controller.replicaCount` | desired number of controller pods | `1` -`controller.minAvailable` | minimum number of available controller pods for PodDisruptionBudget | `1` -`controller.resources` | controller pod resource requests & limits | `{}` -`controller.priorityClassName` | controller priorityClassName | `nil` -`controller.lifecycle` | controller pod lifecycle hooks | `{}` -`controller.service.annotations` | annotations for controller service | `{}` -`controller.service.labels` | labels for controller service | `{}` -`controller.publishService.enabled` | if true, the controller will set the endpoint records on the ingress objects to reflect those on the service | `false` -`controller.publishService.pathOverride` | override of the default publish-service name | `""` -`controller.service.enabled` | if disabled no service will be created. This is especially useful when `controller.kind` is set to `DaemonSet` and `controller.daemonset.useHostPorts` is `true` | true -`controller.service.clusterIP` | internal controller cluster service IP | `nil` -`controller.service.omitClusterIP` | (Deprecated) To omit the `clusterIP` from the controller service | `false` -`controller.service.externalIPs` | controller service external IP addresses. Do not set this when `controller.hostNetwork` is set to `true` and `kube-proxy` is used as there will be a port-conflict for port `80` | `[]` -`controller.service.externalTrafficPolicy` | If `controller.service.type` is `NodePort` or `LoadBalancer`, set this to `Local` to enable [source IP preservation](https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typenodeport) | `"Cluster"` -`controller.service.healthCheckNodePort` | If `controller.service.type` is `NodePort` or `LoadBalancer` and `controller.service.externalTrafficPolicy` is set to `Local`, set this to [the managed health-check port the kube-proxy will expose](https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typenodeport). If blank, a random port in the `NodePort` range will be assigned | `""` -`controller.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` -`controller.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` -`controller.service.enableHttp` | if port 80 should be opened for service | `true` -`controller.service.enableHttps` | if port 443 should be opened for service | `true` -`controller.service.targetPorts.http` | Sets the targetPort that maps to the Ingress' port 80 | `80` -`controller.service.targetPorts.https` | Sets the targetPort that maps to the Ingress' port 443 | `443` -`controller.service.ports.http` | Sets service http port | `80` -`controller.service.ports.https` | Sets service https port | `443` -`controller.service.type` | type of controller service to create | `LoadBalancer` -`controller.service.nodePorts.http` | If `controller.service.type` is either `NodePort` or `LoadBalancer` and this is non-empty, it sets the nodePort that maps to the Ingress' port 80 | `""` -`controller.service.nodePorts.https` | If `controller.service.type` is either `NodePort` or `LoadBalancer` and this is non-empty, it sets the nodePort that maps to the Ingress' port 443 | `""` -`controller.service.nodePorts.tcp` | Sets the nodePort for an entry referenced by its key from `tcp` | `{}` -`controller.service.nodePorts.udp` | Sets the nodePort for an entry referenced by its key from `udp` | `{}` -`controller.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 10 -`controller.livenessProbe.periodSeconds` | How often to perform the probe | 10 -`controller.livenessProbe.timeoutSeconds` | When the probe times out | 5 -`controller.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 -`controller.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 -`controller.livenessProbe.port` | The port number that the liveness probe will listen on. | 10254 -`controller.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | 10 -`controller.readinessProbe.periodSeconds` | How often to perform the probe | 10 -`controller.readinessProbe.timeoutSeconds` | When the probe times out | 1 -`controller.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 -`controller.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 -`controller.readinessProbe.port` | The port number that the readiness probe will listen on. | 10254 -`controller.metrics.enabled` | if `true`, enable Prometheus metrics | `false` -`controller.metrics.service.annotations` | annotations for Prometheus metrics service | `{}` -`controller.metrics.service.clusterIP` | cluster IP address to assign to service | `nil` -`controller.metrics.service.omitClusterIP` | (Deprecated) To omit the `clusterIP` from the metrics service | `false` -`controller.metrics.service.externalIPs` | Prometheus metrics service external IP addresses | `[]` -`controller.metrics.service.labels` | labels for metrics service | `{}` -`controller.metrics.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` -`controller.metrics.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` -`controller.metrics.service.servicePort` | Prometheus metrics service port | `9913` -`controller.metrics.service.type` | type of Prometheus metrics service to create | `ClusterIP` -`controller.metrics.serviceMonitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` -`controller.metrics.serviceMonitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` -`controller.metrics.serviceMonitor.honorLabels` | honorLabels chooses the metric's labels on collisions with target labels. | `false` -`controller.metrics.serviceMonitor.namespace` | namespace where servicemonitor resource should be created | `the same namespace as nginx ingress` -`controller.metrics.serviceMonitor.namespaceSelector` | [namespaceSelector](https://github.com/coreos/prometheus-operator/blob/v0.34.0/Documentation/api.md#namespaceselector) to configure what namespaces to scrape | `will scrape the helm release namespace only` -`controller.metrics.serviceMonitor.scrapeInterval` | interval between Prometheus scraping | `30s` -`controller.metrics.prometheusRule.enabled` | Set this to `true` to create prometheusRules for Prometheus operator | `false` -`controller.metrics.prometheusRule.additionalLabels` | Additional labels that can be used so prometheusRules will be discovered by Prometheus | `{}` -`controller.metrics.prometheusRule.namespace` | namespace where prometheusRules resource should be created | `the same namespace as nginx ingress` -`controller.metrics.prometheusRule.rules` | [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/) to be prometheus in YAML format, check values for an example. | `[]` -`controller.customTemplate.configMapName` | configMap containing a custom nginx template | `""` -`controller.customTemplate.configMapKey` | configMap key containing the nginx template | `""` -`controller.addHeaders` | configMap key:value pairs containing [custom headers](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers) added before sending response to the client | `{}` -`controller.proxySetHeaders` | configMap key:value pairs containing [custom headers](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#proxy-set-headers) added before sending request to the backends| `{}` -`controller.headers` | DEPRECATED, Use `controller.proxySetHeaders` instead. | `{}` -`controller.updateStrategy` | allows setting of RollingUpdate strategy | `{}` -`controller.configMapNamespace` | The nginx-configmap namespace name | `""` -`controller.tcp.configMapNamespace` | The tcp-services-configmap namespace name | `""` -`controller.udp.configMapNamespace` | The udp-services-configmap namespace name | `""` -`imagePullSecrets` | name of Secret resource containing private registry credentials | `nil` -`rbac.create` | if `true`, create & use RBAC resources | `true` -`podSecurityPolicy.enabled` | if `true`, create & use Pod Security Policy resources | `false` -`serviceAccount.create` | if `true`, create a service account for the controller | `true` -`serviceAccount.name` | The name of the controller service account to use. If not set and `create` is `true`, a name is generated using the fullname template. | `` -`revisionHistoryLimit` | The number of old history to retain to allow rollback. | `10` -`tcp` | TCP service key:value pairs. The value is evaluated as a template. | `{}` -`udp` | UDP service key:value pairs The value is evaluated as a template. | `{}` - -These parameters can be passed via Helm's `--set` option -```console -$ helm install stable/nginx-ingress --name my-release \ - --set controller.metrics.enabled=true -``` - -Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, - -```console -$ helm install stable/nginx-ingress --name my-release -f values.yaml -``` - -A useful trick to debug issues with ingress is to increase the logLevel -as described [here](https://github.com/kubernetes/ingress-nginx/blob/master/docs/troubleshooting.md#debug) - -```console -$ helm install stable/nginx-ingress --set controller.extraArgs.v=2 -``` -> **Tip**: You can use the default [values.yaml](values.yaml) - -## PodDisruptionBudget - -Note that the PodDisruptionBudget resource will only be defined if the replicaCount is greater than one, -else it would make it impossible to evacuate a node. See [gh issue #7127](https://github.com/helm/charts/issues/7127) for more info. - -## Prometheus Metrics - -The Nginx ingress controller can export Prometheus metrics. - -```console -$ helm install stable/nginx-ingress --name my-release \ - --set controller.metrics.enabled=true -``` - -You can add Prometheus annotations to the metrics service using `controller.metrics.service.annotations`. Alternatively, if you use the Prometheus Operator, you can enable ServiceMonitor creation using `controller.metrics.serviceMonitor.enabled`. - -## nginx-ingress nginx\_status page/stats server - -Previous versions of this chart had a `controller.stats.*` configuration block, which is now obsolete due to the following changes in nginx ingress controller: -* in [0.16.1](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0161), the vts (virtual host traffic status) dashboard was removed -* in [0.23.0](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0230), the status page at port 18080 is now a unix socket webserver only available at localhost. - You can use `curl --unix-socket /tmp/nginx-status-server.sock http://localhost/nginx_status` inside the controller container to access it locally, or use the snippet from [nginx-ingress changelog](https://github.com/kubernetes/ingress-nginx/blob/master/Changelog.md#0230) to re-enable the http server - -## ExternalDNS Service configuration - -Add an [ExternalDNS](https://github.com/kubernetes-incubator/external-dns) annotation to the LoadBalancer service: - -```yaml -controller: - service: - annotations: - external-dns.alpha.kubernetes.io/hostname: kubernetes-example.com. -``` - -## AWS L7 ELB with SSL Termination - -Annotate the controller as shown in the [nginx-ingress l7 patch](https://github.com/kubernetes/ingress-nginx/blob/master/deploy/aws/l7/service-l7.yaml): - -```yaml -controller: - service: - targetPorts: - http: http - https: http - annotations: - service.beta.kubernetes.io/aws-load-balancer-ssl-cert: arn:aws:acm:XX-XXXX-X:XXXXXXXXX:certificate/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX - service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" - service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https" - service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: '3600' -``` - -## AWS route53-mapper - -To configure the LoadBalancer service with the [route53-mapper addon](https://github.com/kubernetes/kops/tree/master/addons/route53-mapper), add the `domainName` annotation and `dns` label: - -```yaml -controller: - service: - labels: - dns: "route53" - annotations: - domainName: "kubernetes-example.com" -``` - -## Helm error when upgrading: spec.clusterIP: Invalid value: "" - -If you are upgrading this chart from a version between 0.31.0 and 1.2.2 then you may get an error like this: - -``` -Error: UPGRADE FAILED: Service "?????-controller" is invalid: spec.clusterIP: Invalid value: "": field is immutable -``` - -Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13646) but to resolve this you can set `xxxx.service.omitClusterIP` to `true` where `xxxx` is the service referenced in the error. - -As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered. If you do wish to provide a clusterIP value in your values file, ensure that it is quoted. \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl deleted file mode 100644 index da29676658..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/_helpers.tpl +++ /dev/null @@ -1,86 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "nginx-ingress.name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "nginx-ingress.fullname" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified controller name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "nginx-ingress.controller.fullname" -}} -{{- printf "%s-%s" (include "nginx-ingress.fullname" .) .Values.controller.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create the name of the controller service account to use -*/}} -{{- define "nginx-ingress.serviceAccountName" -}} -{{- if .Values.serviceAccount.create -}} - {{ default (include "nginx-ingress.fullname" .) .Values.serviceAccount.name }} -{{- else -}} - {{ default "default" .Values.serviceAccount.name }} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "deployment.apiVersion" -}} -{{- if semverCompare ">=1.9-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "apps/v1" -}} -{{- else -}} -{{- print "extensions/v1beta1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiGroup for PodSecurityPolicy. -*/}} -{{- define "podSecurityPolicy.apiGroup" -}} -{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "policy" -}} -{{- else -}} -{{- print "extensions" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for podSecurityPolicy. -*/}} -{{- define "podSecurityPolicy.apiVersion" -}} -{{- if semverCompare ">=1.10-0" .Capabilities.KubeVersion.GitVersion -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "extensions/v1beta1" -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml deleted file mode 100644 index fbc332202c..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrole.yaml +++ /dev/null @@ -1,59 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.fullname" . }} -rules: - - apiGroups: - - "" - resources: - - configmaps - - endpoints - - nodes - - pods - - secrets - verbs: - - list - - watch - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - update - - watch - - apiGroups: - - extensions - - "networking.k8s.io" # k8s 1.14+ - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - extensions - - "networking.k8s.io" # k8s 1.14+ - resources: - - ingresses/status - verbs: - - update -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml deleted file mode 100644 index 5f845145e9..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "nginx-ingress.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "nginx-ingress.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml deleted file mode 100644 index 00e200531d..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-configmap.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if or .Values.controller.config (or (or .Values.controller.proxySetHeaders .Values.controller.headers) .Values.controller.addHeaders) }} -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.controller.fullname" . }} - namespace: {{ .Values.namespace }} -data: -{{- if .Values.controller.addHeaders }} - add-headers: {{ .Values.namespace }}/custom-headers -{{- end }} -{{- if or .Values.controller.proxySetHeaders .Values.controller.headers }} - proxy-set-headers: {{ .Values.namespace }}/custom-proxy-headers -{{- end }} -{{- if .Values.controller.config }} - {{- tpl .Values.controller.config . | nindent 2 }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml deleted file mode 100644 index db38e657c5..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-daemonset.yaml +++ /dev/null @@ -1,218 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if or (eq .Values.controller.kind "DaemonSet") (eq .Values.controller.kind "Both") }} -{{- $useHostPort := .Values.controller.daemonset.useHostPort -}} -{{- $hostPorts := .Values.controller.daemonset.hostPorts -}} -apiVersion: {{ template "deployment.apiVersion" . }} -kind: DaemonSet -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.controller.fullname" . }} - namespace: {{ .Values.namespace }} - annotations: -{{ toYaml .Values.controller.deploymentAnnotations | indent 4}} -spec: - selector: - matchLabels: - app: {{ template "nginx-ingress.name" . }} - template: - metadata: - {{- if .Values.controller.podAnnotations }} - annotations: - {{- range $key, $value := .Values.controller.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - app: {{ template "nginx-ingress.name" . }} - {{- if .Values.controller.podLabels }} -{{ toYaml .Values.controller.podLabels | indent 8}} - {{- end }} - spec: -{{- if .Values.controller.dnsConfig }} - dnsConfig: -{{ toYaml .Values.controller.dnsConfig | indent 8 }} -{{- end }} - dnsPolicy: {{ .Values.controller.dnsPolicy }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} -{{- if .Values.controller.priorityClassName }} - priorityClassName: "{{ .Values.controller.priorityClassName }}" -{{- end }} - {{- if .Values.controller.podSecurityContext }} - securityContext: -{{ toYaml .Values.controller.podSecurityContext | indent 8 }} - {{- end }} - containers: - - name: {{ template "nginx-ingress.name" . }}-{{ .Values.controller.name }} - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" - imagePullPolicy: "{{ .Values.controller.image.pullPolicy }}" - {{- if .Values.controller.lifecycle }} - lifecycle: -{{ toYaml .Values.controller.lifecycle | indent 12 }} - {{- end }} - args: - - /nginx-ingress-controller - {{- if and (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) .Values.controller.publishService.enabled }} - - --publish-service={{ template "nginx-ingress.controller.publishServicePath" . }} - {{- end }} - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --election-id={{ .Values.controller.electionID }} - {{- end }} - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --ingress-class={{ .Values.controller.ingressClass }} - {{- end }} - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --configmap={{ default .Values.namespace .Values.controller.configMapNamespace }}/{{ template "nginx-ingress.controller.fullname" . }} - {{- else }} - - --nginx-configmap={{ default .Values.namespace .Values.controller.configMapNamespace }}/{{ template "nginx-ingress.controller.fullname" . }} - {{- end }} - {{- if .Values.controller.ssl.enabled }} - - --default-ssl-certificate= {{ .Values.namespace }}/{{ .Values.global.domain }}-tls-certs - {{- end }} - {{- if .Values.tcp }} - - --tcp-services-configmap={{ default .Values.namespace .Values.controller.tcp.configMapNamespace }}/{{ template "nginx-ingress.fullname" . }}-tcp - {{- end }} - {{- if .Values.udp }} - - --udp-services-configmap={{ default .Values.namespace .Values.controller.udp.configMapNamespace }}/{{ template "nginx-ingress.fullname" . }}-udp - {{- end }} - {{- if .Values.controller.scope.enabled }} - - --watch-namespace={{ default .Values.namespace .Values.controller.scope.namespace }} - {{- end }} - {{- if and (.Values.controller.reportNodeInternalIp) (.Values.controller.hostNetwork)}} - - --report-node-internal-ip-address={{ .Values.controller.reportNodeInternalIp }} - {{- end }} - {{- if .Values.controller.maxmindLicenseKey }} - - --maxmind-license-key={{ .Values.controller.maxmindLicenseKey }} - {{- end }} - {{- range $key, $value := .Values.controller.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- if (semverCompare ">=0.16.0" .Values.controller.image.tag) }} - securityContext: - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - runAsUser: {{ .Values.controller.image.runAsUser }} - allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }} - {{- end }} - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if .Values.controller.extraEnvs }} -{{ toYaml .Values.controller.extraEnvs | indent 12 }} - {{- end }} - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.controller.livenessProbe.port }} - scheme: HTTP - initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} - ports: - {{- range $key, $value := .Values.controller.containerPort }} - - name: {{ $key }} - containerPort: {{ $value }} - protocol: TCP - {{- if $useHostPort }} - hostPort: {{ index $hostPorts $key | default $value }} - {{- end }} - {{- end }} - {{- if .Values.controller.metrics.enabled }} - - name: metrics - containerPort: {{ .Values.controller.metrics.port }} - protocol: TCP - {{- end }} - {{- range $key, $value := .Values.tcp }} - - name: "{{ $key }}-tcp" - containerPort: {{ $key }} - protocol: TCP - {{- if $useHostPort }} - hostPort: {{ $key }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.udp }} - - name: "{{ $key }}-udp" - containerPort: {{ $key }} - protocol: UDP - {{- if $useHostPort }} - hostPort: {{ $key }} - {{- end }} - {{- end }} - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.controller.readinessProbe.port }} - scheme: HTTP - initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} -{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts) }} - volumeMounts: -{{- end }} -{{- if .Values.controller.customTemplate.configMapName }} - - mountPath: /etc/nginx/template - name: nginx-template-volume - readOnly: true -{{- end }} -{{- if .Values.controller.extraVolumeMounts }} -{{ toYaml .Values.controller.extraVolumeMounts | indent 12}} -{{- end }} - resources: -{{ toYaml .Values.controller.resources | indent 12 }} -{{- if .Values.controller.extraContainers }} -{{ toYaml .Values.controller.extraContainers | indent 8}} -{{- end }} -{{- if .Values.controller.extraInitContainers }} - initContainers: -{{ toYaml .Values.controller.extraInitContainers | indent 8}} -{{- end }} - hostNetwork: {{ .Values.controller.hostNetwork }} - {{- if .Values.controller.nodeSelector }} - nodeSelector: -{{ toYaml .Values.controller.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.controller.tolerations }} - tolerations: -{{ toYaml .Values.controller.tolerations | indent 8 }} - {{- end }} - {{- if .Values.controller.affinity }} - affinity: -{{ toYaml .Values.controller.affinity | indent 8 }} - {{- end }} - serviceAccountName: {{ template "nginx-ingress.serviceAccountName" . }} - terminationGracePeriodSeconds: 60 -{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.extraVolumes) }} - volumes: -{{- end }} -{{- if .Values.controller.customTemplate.configMapName }} - - name: nginx-template-volume - configMap: - name: {{ .Values.controller.customTemplate.configMapName }} - items: - - key: {{ .Values.controller.customTemplate.configMapKey }} - path: nginx.tmpl -{{- end }} -{{- if .Values.controller.extraVolumes }} -{{ toYaml .Values.controller.extraVolumes | indent 8}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml deleted file mode 100644 index a7b2c5e345..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-deployment.yaml +++ /dev/null @@ -1,205 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if or (eq .Values.controller.kind "Deployment") (eq .Values.controller.kind "Both") }} -apiVersion: {{ template "deployment.apiVersion" . }} -kind: Deployment -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.controller.fullname" . }} - namespace: {{ .Values.namespace }} - annotations: -{{ toYaml .Values.controller.deploymentAnnotations | indent 4}} -spec: - selector: - matchLabels: - app: {{ template "nginx-ingress.name" . }} -{{- if not .Values.controller.autoscaling.enabled }} - replicas: {{ .Values.controller.replicas }} -{{- end }} -{{- if eq (.Values.replicas | int) 1 }} - strategy: - rollingUpdate: - maxUnavailable: 0 -{{- end }} - template: - metadata: - {{- if .Values.controller.podAnnotations }} - annotations: - {{- range $key, $value := .Values.controller.podAnnotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} - labels: - app: {{ template "nginx-ingress.name" . }} - {{- if .Values.controller.podLabels }} -{{ toYaml .Values.controller.podLabels | indent 8 }} - {{- end }} - spec: - dnsPolicy: {{ .Values.controller.dnsPolicy }} - {{- if .Values.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.imagePullSecrets | indent 8 }} - {{- end }} -{{- if .Values.controller.priorityClassName }} - priorityClassName: "{{ .Values.controller.priorityClassName }}" -{{- end }} - {{- if .Values.controller.podSecurityContext }} - securityContext: -{{ toYaml .Values.controller.podSecurityContext | indent 8 }} - {{- end }} - containers: - - name: {{ template "nginx-ingress.name" . }}-{{ .Values.controller.name }} - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" - imagePullPolicy: "{{ .Values.controller.image.pullPolicy }}" - {{- if .Values.controller.lifecycle }} - lifecycle: -{{ toYaml .Values.controller.lifecycle | indent 12 }} - {{- end }} - args: - - /nginx-ingress-controller - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --election-id={{ .Values.controller.electionID }} - {{- end }} - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --ingress-class={{ .Values.controller.ingressClass }} - {{- end }} - {{- if (semverCompare ">=0.9.0-beta.1" .Values.controller.image.tag) }} - - --configmap={{ default .Values.namespace .Values.controller.configMapNamespace }}/{{ template "nginx-ingress.controller.fullname" . }} - {{- else }} - - --nginx-configmap={{ default .Values.namespace .Values.controller.configMapNamespace }}/{{ template "nginx-ingress.controller.fullname" . }} - {{- end }} - {{- if .Values.controller.ssl.enabled }} - - --default-ssl-certificate= {{ .Values.namespace }}/{{ .Values.global.domain }}-tls-certs - {{- end }} - {{- if .Values.tcp }} - - --tcp-services-configmap={{ default .Values.namespace .Values.controller.tcp.configMapNamespace }}/{{ template "nginx-ingress.fullname" . }}-tcp - {{- end }} - {{- if .Values.udp }} - - --udp-services-configmap={{ default .Values.namespace .Values.controller.udp.configMapNamespace }}/{{ template "nginx-ingress.fullname" . }}-udp - {{- end }} - {{- if .Values.controller.scope.enabled }} - - --watch-namespace={{ default .Values.namespace .Values.controller.scope.namespace }} - {{- end }} - {{- if and (.Values.controller.reportNodeInternalIp) (.Values.controller.hostNetwork) }} - - --report-node-internal-ip-address={{ .Values.controller.reportNodeInternalIp }} - {{- end }} - {{- range $key, $value := .Values.controller.extraArgs }} - {{- if $value }} - - --{{ $key }}={{ $value }} - {{- else }} - - --{{ $key }} - {{- end }} - {{- end }} - {{- if (semverCompare ">=0.16.0" .Values.controller.image.tag) }} - securityContext: - capabilities: - drop: - - ALL - add: - - NET_BIND_SERVICE - runAsUser: {{ .Values.controller.image.runAsUser }} - allowPrivilegeEscalation: {{ .Values.controller.image.allowPrivilegeEscalation }} - {{- end }} - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - {{- if .Values.controller.extraEnvs }} -{{ toYaml .Values.controller.extraEnvs | indent 12 }} - {{- end }} - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.controller.livenessProbe.port }} - scheme: HTTP - initialDelaySeconds: {{ .Values.controller.livenessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.controller.livenessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.controller.livenessProbe.timeoutSeconds }} - successThreshold: {{ .Values.controller.livenessProbe.successThreshold }} - failureThreshold: {{ .Values.controller.livenessProbe.failureThreshold }} - ports: - {{- range $key, $value := .Values.controller.containerPort }} - - name: {{ $key }} - containerPort: {{ $value }} - protocol: TCP - {{- end }} - {{- if .Values.controller.metrics.enabled }} - - name: metrics - containerPort: {{ .Values.controller.metrics.port }} - protocol: TCP - {{- end }} - {{- range $key, $value := .Values.tcp }} - - name: "{{ $key }}-tcp" - containerPort: {{ $key }} - protocol: TCP - {{- end }} - {{- range $key, $value := .Values.udp }} - - name: "{{ $key }}-udp" - containerPort: {{ $key }} - protocol: UDP - {{- end }} - readinessProbe: - httpGet: - path: /healthz - port: {{ .Values.controller.readinessProbe.port }} - scheme: HTTP - initialDelaySeconds: {{ .Values.controller.readinessProbe.initialDelaySeconds }} - periodSeconds: {{ .Values.controller.readinessProbe.periodSeconds }} - timeoutSeconds: {{ .Values.controller.readinessProbe.timeoutSeconds }} - successThreshold: {{ .Values.controller.readinessProbe.successThreshold }} - failureThreshold: {{ .Values.controller.readinessProbe.failureThreshold }} -{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts) }} - volumeMounts: -{{- end }} -{{- if .Values.controller.customTemplate.configMapName }} - - mountPath: /etc/nginx/template - name: nginx-template-volume - readOnly: true -{{- end }} -{{- if .Values.controller.extraVolumeMounts }} -{{ toYaml .Values.controller.extraVolumeMounts | indent 12}} -{{- end }} - resources: -{{ toYaml .Values.controller.resources | indent 12 }} -{{- if .Values.controller.extraContainers }} -{{ toYaml .Values.controller.extraContainers | indent 8}} -{{- end }} -{{- if .Values.controller.extraInitContainers }} - initContainers: -{{ toYaml .Values.controller.extraInitContainers | indent 8}} -{{- end }} - hostNetwork: {{ .Values.controller.hostNetwork }} - {{- if .Values.controller.nodeSelector }} - nodeSelector: -{{ toYaml .Values.controller.nodeSelector | indent 8 }} - {{- end }} - {{- if .Values.controller.tolerations }} - tolerations: -{{ toYaml .Values.controller.tolerations | indent 8 }} - {{- end }} - {{- if .Values.controller.affinity }} - affinity: -{{ toYaml .Values.controller.affinity | indent 8 }} - {{- end }} - serviceAccountName: {{ template "nginx-ingress.serviceAccountName" . }} - terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} -{{- if (or .Values.controller.customTemplate.configMapName .Values.controller.extraVolumeMounts .Values.controller.extraVolumes) }} - volumes: -{{- end }} -{{- if .Values.controller.customTemplate.configMapName }} - - name: nginx-template-volume - configMap: - name: {{ .Values.controller.customTemplate.configMapName }} - items: - - key: {{ .Values.controller.customTemplate.configMapKey }} - path: nginx.tmpl -{{- end }} -{{- if .Values.controller.extraVolumes }} -{{ toYaml .Values.controller.extraVolumes | indent 8}} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml deleted file mode 100644 index f73f1aaaa3..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-metrics-service.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.controller.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: -{{- if .Values.controller.metrics.service.annotations }} - annotations: - {{- range $key, $value := .Values.controller.metrics.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - labels: -{{- if .Values.controller.metrics.service.labels }} -{{ toYaml .Values.controller.metrics.service.labels | indent 4 }} -{{- end }} - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.controller.fullname" . }}-metrics - namespace: {{ .Values.namespace }} -spec: -{{- if not .Values.controller.metrics.service.omitClusterIP }} - {{- with .Values.controller.metrics.service.clusterIP }} - clusterIP: {{ if eq "-" . }}""{{ else }}{{ . | quote }}{{ end }} - {{- end }} -{{- end }} -{{- if .Values.controller.metrics.service.externalIPs }} - externalIPs: -{{ toYaml .Values.controller.metrics.service.externalIPs | indent 4 }} -{{- end }} -{{- if .Values.controller.metrics.service.loadBalancerIP }} - loadBalancerIP: "{{ .Values.controller.metrics.service.loadBalancerIP }}" -{{- end }} -{{- if .Values.controller.metrics.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.controller.metrics.service.loadBalancerSourceRanges | indent 4 }} -{{- end }} - ports: - - name: metrics - port: {{ .Values.controller.metrics.service.servicePort }} - targetPort: metrics - selector: - app: {{ template "nginx-ingress.name" . }} - type: "{{ .Values.controller.metrics.service.type }}" -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml deleted file mode 100644 index 71c5d93112..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-prometheusrules.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ $serviceName }} - {{- if .Values.controller.metrics.prometheusRule.namespace }} - namespace: {{ .Values.controller.metrics.prometheusRule.namespace }} - {{- end }} - labels: - app: {{ $serviceName }} - {{- if .Values.controller.metrics.prometheusRule.additionalLabels }} -{{ toYaml .Values.controller.metrics.prometheusRule.additionalLabels | indent 4 }} - {{- end }} -spec: - {{- with .Values.controller.metrics.prometheusRule.rules }} - groups: - - name: {{ $serviceName }} - rules: {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml deleted file mode 100644 index e289f90fab..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-role.yaml +++ /dev/null @@ -1,90 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.fullname" . }} - namespace: {{ .Values.namespace }} -rules: - - apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - apiGroups: - - "" - resources: - - configmaps - - pods - - secrets - - endpoints - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - update - - watch - - apiGroups: - - extensions - - "networking.k8s.io" # k8s 1.14+ - resources: - - ingresses - verbs: - - get - - list - - watch - - apiGroups: - - extensions - - "networking.k8s.io" # k8s 1.14+ - resources: - - ingresses/status - verbs: - - update - - apiGroups: - - "" - resources: - - configmaps - resourceNames: - - {{ .Values.controller.electionID }}-{{ .Values.controller.ingressClass }} - verbs: - - get - - update - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - apiGroups: - - "" - resources: - - endpoints - verbs: - - create - - get - - update - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch -{{- if .Values.podSecurityPolicy.enabled }} - - apiGroups: ['{{ template "podSecurityPolicy.apiGroup" . }}'] - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: [{{ template "nginx-ingress.fullname" . }}] -{{- end }} - -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml deleted file mode 100644 index b90dfdb9c3..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-rolebinding.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.fullname" . }} - namespace: {{ .Values.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "nginx-ingress.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "nginx-ingress.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end -}} diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml deleted file mode 100644 index 6d56e7196e..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-service.yaml +++ /dev/null @@ -1,85 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if .Values.controller.service.enabled }} -apiVersion: v1 -kind: Service -metadata: -{{- if .Values.controller.service.annotations }} - annotations: - {{- range $key, $value := .Values.controller.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} -{{- end }} - labels: -{{- if .Values.controller.service.labels }} -{{ toYaml .Values.controller.service.labels | indent 4 }} -{{- end }} - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.controller.fullname" . }} - namespace: {{ .Values.namespace }} -spec: -{{- if not .Values.controller.service.omitClusterIP }} - {{ with .Values.controller.service.clusterIP }}clusterIP: {{ . }}{{ end }} -{{- end }} -{{- if .Values.controller.service.externalIPs }} - externalIPs: -{{ toYaml .Values.controller.service.externalIPs | indent 4 }} -{{- end }} -{{- if .Values.controller.service.loadBalancerIP }} - loadBalancerIP: "{{ .Values.controller.service.loadBalancerIP }}" -{{- end }} -{{- if .Values.controller.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: -{{ toYaml .Values.controller.service.loadBalancerSourceRanges | indent 4 }} -{{- end }} -{{- if and (semverCompare ">=1.7-0" .Capabilities.KubeVersion.GitVersion) (.Values.controller.service.externalTrafficPolicy) }} - externalTrafficPolicy: "{{ .Values.controller.service.externalTrafficPolicy }}" -{{- end }} -{{- if and (semverCompare ">=1.7-0" .Capabilities.KubeVersion.GitVersion) (.Values.controller.service.healthCheckNodePort) }} - healthCheckNodePort: {{ .Values.controller.service.healthCheckNodePort }} -{{- end }} - ports: - {{- $setNodePorts := (or (eq .Values.controller.service.type "NodePort") (eq .Values.controller.service.type "LoadBalancer")) }} - {{- if .Values.controller.service.enableHttp }} - - name: http - port: {{ .Values.controller.service.ports.http }} - protocol: TCP - targetPort: {{ .Values.controller.service.targetPorts.http }} - {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.http))) }} - nodePort: {{ .Values.controller.service.nodePorts.http }} - {{- end }} - {{- end }} - {{- if .Values.controller.service.enableHttps }} - - name: https - port: {{ .Values.controller.service.ports.https }} - protocol: TCP - targetPort: {{ .Values.controller.service.targetPorts.https }} - {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.https))) }} - nodePort: {{ .Values.controller.service.nodePorts.https }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.tcp }} - - name: "{{ $key }}-tcp" - port: {{ $key }} - protocol: TCP - targetPort: "{{ $key }}-tcp" - {{- if $.Values.controller.service.nodePorts.tcp }} - {{- if index $.Values.controller.service.nodePorts.tcp $key }} - nodePort: {{ index $.Values.controller.service.nodePorts.tcp $key }} - {{- end }} - {{- end }} - {{- end }} - {{- range $key, $value := .Values.udp }} - - name: "{{ $key }}-udp" - port: {{ $key }} - protocol: UDP - targetPort: "{{ $key }}-udp" - {{- if $.Values.controller.service.nodePorts.udp }} - {{- if index $.Values.controller.service.nodePorts.udp $key }} - nodePort: {{ index $.Values.controller.service.nodePorts.udp $key }} - {{- end }} - {{- end }} - {{- end }} - selector: - app: {{ template "nginx-ingress.name" . }} - type: "{{ .Values.controller.service.type }}" -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml deleted file mode 100644 index 3084ac30b4..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-serviceaccount.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if or .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: {{ template "nginx-ingress.name" . }} - name: {{ template "nginx-ingress.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml deleted file mode 100644 index 62b61c3ecf..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/controller-servicemonitor.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- if and .Values.controller.metrics.enabled .Values.controller.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "nginx-ingress.controller.fullname" . }} - namespace: {{ .Values.namespace }} - labels: - app: {{ template "nginx-ingress.name" . }} - {{- if .Values.controller.metrics.serviceMonitor.additionalLabels }} -{{ toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | indent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - interval: {{ .Values.controller.metrics.serviceMonitor.scrapeInterval }} - {{- if .Values.controller.metrics.serviceMonitor.honorLabels }} - honorLabels: true - {{- end }} - {{- if .Values.controller.metrics.serviceMonitor.namespaceSelector }} - namespaceSelector: -{{ toYaml .Values.controller.metrics.serviceMonitor.namespaceSelector | indent 4 -}} - {{ else }} - namespaceSelector: - matchNames: - - {{ .Values.namespace }} - {{- end }} - selector: - matchLabels: - app: {{ template "nginx-ingress.name" . }} -{{- end }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml deleted file mode 100644 index e53eafd571..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/templates/custom-headers.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- $serviceName := include "nginx-ingress.name" . -}} -{{- with index .Values "controller" "custom-headers" }} -{{- if index . }} -apiVersion: v1 -data: -{{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} -{{- end }} -{{- end }} -{{- end }} -kind: ConfigMap -metadata: - name: custom-headers - namespace: {{ .Values.namespace }} \ No newline at end of file diff --git a/config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml b/config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml deleted file mode 100644 index 4bc22c48f0..0000000000 --- a/config-as-code/helm/charts/backbone-services/nginx-ingress/values.yaml +++ /dev/null @@ -1,435 +0,0 @@ -## nginx configuration -## Ref: https://github.com/kubernetes/ingress/blob/master/controllers/nginx/configuration.md -## -fullnameOverride: nginx-ingress -namespace: egov -controller: - name: controller - replicas: 1 - ssl: - enabled: false - image: - repository: quay.io/kubernetes-ingress-controller/nginx-ingress-controller - tag: "0.26.1" - pullPolicy: IfNotPresent - # www-data -> uid 33 - runAsUser: 33 - allowPrivilegeEscalation: true - - # Configures the ports the nginx-controller listens on - containerPort: - http: 80 - https: 443 - - # Will add custom configuration options to Nginx https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/ - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - config: | - enable-vts-status: "false" - use-gzip: "true" - proxy-read-timeout: "60" - client-max-body-size: "2m" - server-tokens: "false" - http-snippet: | - more_clear_headers Server; - ssl-ciphers: {{ index .Values "controller" "ssl-ciphers" }} - ssl-ecdh-curve: {{ index .Values "controller" "ssl-ecdh-curve" }} - ssl-protocols: {{ index .Values "controller" "ssl-protocols" }} - {{- if index .Values "controller" "proxy-protocol" }} - use-proxy-protocol: "True" - real-ip-header: "proxy_protocol" - set-real-ip-from: {{ index .Values "controller" "proxy-protocol" "lb-ip" }} - {{- end }} - - # Will add custom headers before sending traffic to backends according to https://github.com/kubernetes/ingress-nginx/tree/master/docs/examples/customization/custom-headers - proxySetHeaders: {} - - # Will add custom headers before sending response traffic to the client according to: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#add-headers - addHeaders: true - - custom-headers: - Strict-Transport-Security: "max-age=63072000; includeSubdomains; preload" - X-Frame-Options: "sameorigin" - X-Content-Type-Options: "nosniff" - X-Download-Options: "noopen" - Content-Security-Policy: "default-src 'self' https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; img-src 'self' https: data: blob:; style-src https: blob: 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' https: data: blob:; child-src 'self' https: data: blob:;" - X-XSS-Protection: "1" - Referrer-Policy: "no-referrer-when-downgrade" - - # Required for use with CNI based kubernetes installations (such as ones set up by kubeadm), - # since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920 - # is merged - hostNetwork: false - - # Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'. - # By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller - # to keep resolving names inside the k8s network, use ClusterFirstWithHostNet. - dnsPolicy: ClusterFirst - - # Bare-metal considerations via the host network https://kubernetes.github.io/ingress-nginx/deploy/baremetal/#via-the-host-network - # Ingress status was blank because there is no Service exposing the NGINX Ingress controller in a configuration using the host network, the default --publish-service flag used in standard cloud setups does not apply - reportNodeInternalIp: false - - ## Use host ports 80 and 443 - daemonset: - useHostPort: false - - hostPorts: - http: 80 - https: 443 - - ## Required only if defaultBackend.enabled = false - ## Must be / - ## - defaultBackendService: "" - - ## Election ID to use for status update - ## - electionID: ingress-controller-leader - - ## Name of the ingress class to route through this controller - ## - ingressClass: nginx - - # labels to add to the pod container metadata - podLabels: {} - # key: value - - ## Security Context policies for controller pods - ## See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for - ## notes on enabling and using sysctls - ## - podSecurityContext: {} - - ## Allows customization of the external service - ## the ingress will be bound to via DNS - publishService: - enabled: false - ## Allows overriding of the publish service to bind to - ## Must be / - ## - pathOverride: "" - - ## Limit the scope of the controller - ## - scope: - enabled: false - namespace: "" # defaults to .Release.Namespace - - ## Allows customization of the configmap / nginx-configmap namespace - ## - configMapNamespace: "" # defaults to .Release.Namespace - - ## Allows customization of the tcp-services-configmap namespace - ## - tcp: - configMapNamespace: "" # defaults to .Release.Namespace - - ## Allows customization of the udp-services-configmap namespace - ## - udp: - configMapNamespace: "" # defaults to .Release.Namespace - - ## Additional command line arguments to pass to nginx-ingress-controller - ## E.g. to specify the default SSL certificate you can use - ## extraArgs: - ## default-ssl-certificate: "/" - extraArgs: - enable-dynamic-certificates: false - enable-ssl-chain-completion: true - - ## Additional environment variables to set - extraEnvs: [] - # extraEnvs: - # - name: FOO - # valueFrom: - # secretKeyRef: - # key: FOO - # name: secret-resource - - ## DaemonSet or Deployment - ## - kind: Deployment - - ## Annotations to be added to the controller deployment - ## - deploymentAnnotations: {} - - ## Node tolerations for server scheduling to nodes with taints - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - ## - tolerations: [] - # - key: "key" - # operator: "Equal|Exists" - # value: "value" - # effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)" - - ## Affinity and anti-affinity - ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## - affinity: {} - # # An example of preferred pod anti-affinity, weight is in the range 1-100 - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 100 - # podAffinityTerm: - # labelSelector: - # matchExpressions: - # - key: app - # operator: In - # values: - # - nginx-ingress - # topologyKey: kubernetes.io/hostname - - # # An example of required pod anti-affinity - # podAntiAffinity: - # requiredDuringSchedulingIgnoredDuringExecution: - # - labelSelector: - # matchExpressions: - # - key: app - # operator: In - # values: - # - nginx-ingress - # topologyKey: "kubernetes.io/hostname" - - ## terminationGracePeriodSeconds - ## - terminationGracePeriodSeconds: 60 - - ## Node labels for controller pod assignment - ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - - ## Liveness and readiness probe values - ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes - ## - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - port: 10254 - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - port: 10254 - - ## Annotations to be added to controller pods - ## - podAnnotations: {} - - minAvailable: 1 - - resources: {} - # limits: - # cpu: 100m - # memory: 64Mi - # requests: - # cpu: 100m - # memory: 64Mi - - autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 11 - targetCPUUtilizationPercentage: 50 - targetMemoryUtilizationPercentage: 50 - - ## Override NGINX template - customTemplate: - configMapName: "" - configMapKey: "" - - service: - enabled: true - - annotations: {} - labels: {} - ## Deprecated, instead simply do not provide a clusterIP value - omitClusterIP: false - # clusterIP: "" - - ## List of IP addresses at which the controller services are available - ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips - ## - externalIPs: [] - - loadBalancerIP: "" - loadBalancerSourceRanges: [] - - enableHttp: true - enableHttps: true - - ## Set external traffic policy to: "Local" to preserve source IP on - ## providers supporting it - ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer - externalTrafficPolicy: "Local" - - healthCheckNodePort: 0 - - ports: - http: 80 - https: 443 - - targetPorts: - http: http - https: https - - type: LoadBalancer - - # type: NodePort - # nodePorts: - # http: 32080 - # https: 32443 - # tcp: - # 8080: 32808 - nodePorts: - http: "" - https: "" - tcp: {} - udp: {} - - extraContainers: [] - ## Additional containers to be added to the controller pod. - ## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example. - # - name: my-sidecar - # image: nginx:latest - # - name: lemonldap-ng-controller - # image: lemonldapng/lemonldap-ng-controller:0.2.0 - # args: - # - /lemonldap-ng-controller - # - --alsologtostderr - # - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration - # env: - # - name: POD_NAME - # valueFrom: - # fieldRef: - # fieldPath: metadata.name - # - name: POD_NAMESPACE - # valueFrom: - # fieldRef: - # fieldPath: metadata.namespace - # volumeMounts: - # - name: copy-portal-skins - # mountPath: /srv/var/lib/lemonldap-ng/portal/skins - - extraVolumeMounts: [] - ## Additional volumeMounts to the controller main container. - # - name: copy-portal-skins - # mountPath: /var/lib/lemonldap-ng/portal/skins - - extraVolumes: [] - ## Additional volumes to the controller pod. - # - name: copy-portal-skins - # emptyDir: {} - - extraInitContainers: [] - ## Containers, which are run before the app containers are started. - # - name: init-myservice - # image: busybox - # command: ['sh', '-c', 'until nslookup myservice; do echo waiting for myservice; sleep 2; done;'] - - metrics: - port: 10254 - # if this port is changed, change healthz-port: in extraArgs: accordingly - enabled: false - - service: - annotations: {} - # prometheus.io/scrape: "true" - # prometheus.io/port: "10254" - - ## Deprecated, instead simply do not provide a clusterIP value - omitClusterIP: true - # clusterIP: "" - - ## List of IP addresses at which the stats-exporter service is available - ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips - ## - externalIPs: [] - - loadBalancerIP: "" - loadBalancerSourceRanges: [] - servicePort: 9913 - type: ClusterIP - - serviceMonitor: - enabled: false - additionalLabels: {} - namespace: "" - namespaceSelector: {} - # Default: scrape .Release.Namespace only - # To scrape all, use the following: - # namespaceSelector: - # any: true - scrapeInterval: 2m - # honorLabels: true - - prometheusRule: - enabled: false - additionalLabels: {} - namespace: "monitoring" - rules: - # These are just examples rules, please adapt them to your needs - - alert: TooMany500s - expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"5.+"} ) / sum(nginx_ingress_controller_requests) ) > 10 - for: 1m - labels: - severity: critical - annotations: - description: Too many 5XXs - summary: More than 10% of the all requests did return 5XX, this require your attention - - alert: TooMany400s - expr: 100 * ( sum( nginx_ingress_controller_requests{status=~"4.+"} ) / sum(nginx_ingress_controller_requests) ) > 10 - for: 1m - labels: - severity: critical - annotations: - description: Too many 4XXs - summary: More than 10% of the all requests did return 4XX, this require your attention - - - lifecycle: - preStop: - exec: - command: - - /wait-shutdown - - priorityClassName: "" - - -## Enable RBAC as per https://github.com/kubernetes/ingress/tree/master/examples/rbac/nginx and https://github.com/kubernetes/ingress/issues/266 -rbac: - create: true - -# If true, create & use Pod Security Policy resources -# https://kubernetes.io/docs/concepts/policy/pod-security-policy/ -podSecurityPolicy: - enabled: false - -serviceAccount: - create: true - name: - -## Optional array of imagePullSecrets containing private registry credentials -## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -imagePullSecrets: [] -# - name: secretName - -# TCP service key:value pairs -# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/tcp -## -tcp: {} -# 8080: "default/example-tcp-svc:9000" - -# UDP service key:value pairs -# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/udp -## -udp: {} -# 53: "kube-system/kube-dns:53" From be506fe3469bba3674f442e993d1681c86d123f6 Mon Sep 17 00:00:00 2001 From: aniket Date: Fri, 17 Mar 2023 15:51:57 +0530 Subject: [PATCH 134/742] updated nginx ingress name in prodct release chart --- .../DIGIT/dependancy_chart-digit-v2.5.yaml | 2 +- .../DIGIT/dependancy_chart-digit-v2.6.yaml | 2 +- .../DIGIT/dependancy_chart-digit-v2.7.yaml | 2 +- .../DIGIT/dependancy_chart-quickstart-v2.7.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml index d246ed6e22..67394e9d6a 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.5.yaml @@ -12,7 +12,7 @@ modules: - name: authn-authz services: - redis - - nginx-ingress + - ingress-nginx - cert-manager - zuul:v1.3.0-667cb3d3-8 - name: core diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml index d36d2a1118..c5da24b969 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.6.yaml @@ -12,7 +12,7 @@ modules: - name: authn-authz services: - redis - - nginx-ingress + - ingress-nginx - cert-manager - zuul:v1.3.1-96b24b0d72-39 - name: core diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml index 17641ae966..e1c1f41965 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-digit-v2.7.yaml @@ -12,7 +12,7 @@ modules: - name: authn-authz services: - redis - - nginx-ingress + - ingress-nginx - cert-manager - zuul:v1.3.1-96b24b0d72-39 - name: core diff --git a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml index bb8150f7ff..39244272b1 100644 --- a/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml +++ b/config-as-code/product-release-charts/DIGIT/dependancy_chart-quickstart-v2.7.yaml @@ -5,7 +5,7 @@ modules: - zookeeper - kafka - postgres - - nginx-ingress + - ingress-nginx - redis - s3-proxy - name: core From 6a3df831f3484598f588d01841f84f7fe211b176 Mon Sep 17 00:00:00 2001 From: aniket Date: Sat, 18 Mar 2023 22:13:50 +0530 Subject: [PATCH 135/742] changed namespaces reference to Values namespace in cert manager and ingress templates --- .../templates/cainjector-deployment.yaml | 2 +- .../cert-manager/templates/cainjector-rbac.yaml | 2 +- .../templates/cainjector-serviceaccount.yaml | 2 +- .../cert-manager/templates/deployment.yaml | 2 +- .../cert-manager/templates/rbac.yaml | 16 ++++++++-------- .../cert-manager/templates/service.yaml | 2 +- .../cert-manager/templates/serviceaccount.yaml | 2 +- .../cert-manager/templates/servicemonitor.yaml | 2 +- .../templates/startupapicheck-job.yaml | 2 +- .../templates/startupapicheck-rbac.yaml | 4 ++-- .../startupapicheck-serviceaccount.yaml | 2 +- .../cert-manager/templates/webhook-config.yaml | 2 +- .../templates/webhook-deployment.yaml | 2 +- .../templates/webhook-mutating-webhook.yaml | 2 +- .../cert-manager/templates/webhook-rbac.yaml | 4 ++-- .../cert-manager/templates/webhook-service.yaml | 2 +- .../templates/webhook-serviceaccount.yaml | 2 +- .../templates/webhook-validating-webhook.yaml | 2 +- .../job-patch/clusterrolebinding.yaml | 2 +- .../job-patch/rolebinding.yaml | 2 +- .../admission-webhooks/validating-webhook.yaml | 2 +- .../templates/clusterrolebinding.yaml | 2 +- .../templates/controller-rolebinding.yaml | 2 +- .../templates/default-backend-rolebinding.yaml | 2 +- 24 files changed, 33 insertions(+), 33 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml index b617527bd4..24389b3b01 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml @@ -3,7 +3,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "cainjector.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "cainjector.name" . }} app.kubernetes.io/name: {{ include "cainjector.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml index 922d702abf..b91021a813 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml @@ -49,7 +49,7 @@ roleRef: name: {{ template "cainjector.fullname" . }} subjects: - name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml index 683ec1d866..30a4f60b96 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml @@ -5,7 +5,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.cainjector.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.cainjector.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml index f72fc57c35..b0ead32ce8 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "cert-manager.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ template "cert-manager.name" . }} app.kubernetes.io/name: {{ template "cert-manager.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml index 5e37f0cb1d..8beae2616a 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml @@ -300,7 +300,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-issuers subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -321,7 +321,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-clusterissuers subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -342,7 +342,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-certificates subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -363,7 +363,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-orders subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -384,7 +384,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-challenges subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -405,7 +405,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-ingress-shim subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -491,7 +491,7 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-approve:cert-manager-io subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount --- @@ -542,6 +542,6 @@ roleRef: name: {{ template "cert-manager.fullname" . }}-controller-certificatesigningrequests subjects: - name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} kind: ServiceAccount {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml index 8ad24ca2db..687bd21e3f 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "cert-manager.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.serviceAnnotations }} annotations: {{ toYaml . | indent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml index d549ea84d9..873ad932e5 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml @@ -8,7 +8,7 @@ imagePullSecrets: automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml index 8ea1f6321f..7abe1761e6 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml @@ -6,7 +6,7 @@ metadata: {{- if .Values.prometheus.servicemonitor.namespace }} namespace: {{ .Values.prometheus.servicemonitor.namespace }} {{- else }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} labels: app: {{ include "cert-manager.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml index 66db004e12..b5b23350df 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ include "startupapicheck.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "startupapicheck.name" . }} app.kubernetes.io/name: {{ include "startupapicheck.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml index a6be7b9cd4..f82a503f16 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml @@ -5,7 +5,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "startupapicheck.fullname" . }}:create-cert - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "startupapicheck.name" . }} app.kubernetes.io/name: {{ include "startupapicheck.name" . }} @@ -25,7 +25,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "startupapicheck.fullname" . }}:create-cert - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "startupapicheck.name" . }} app.kubernetes.io/name: {{ include "startupapicheck.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml index f632840548..981ec43460 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml @@ -5,7 +5,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.startupapicheck.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.startupapicheck.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml index 29558e91a6..1998074209 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml @@ -11,7 +11,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ include "webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "webhook.name" . }} app.kubernetes.io/name: {{ include "webhook.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml index 0de1df2f06..62650a7d45 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "webhook.name" . }} app.kubernetes.io/name: {{ include "webhook.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml index fb8b795f63..ec7483a787 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml @@ -41,6 +41,6 @@ webhooks: {{- else }} service: name: {{ template "webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} path: /mutate {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml index 1070333d9c..1cf7978992 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ template "webhook.fullname" . }}:dynamic-serving - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "webhook.name" . }} app.kubernetes.io/name: {{ include "webhook.name" . }} @@ -26,7 +26,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ template "webhook.fullname" . }}:dynamic-serving - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} labels: app: {{ include "webhook.name" . }} app.kubernetes.io/name: {{ include "webhook.name" . }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml index ed0278ada7..eea31e47fa 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.webhook.serviceAnnotations }} annotations: {{ toYaml . | indent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml index a08d2fc9d2..67af6e20c6 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml @@ -4,7 +4,7 @@ kind: ServiceAccount automountServiceAccountToken: {{ .Values.webhook.serviceAccount.automountServiceAccountToken }} metadata: name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- with .Values.webhook.serviceAccount.annotations }} annotations: {{- toYaml . | nindent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml index 2ca6403ecf..6d4eb26e0a 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml @@ -50,6 +50,6 @@ webhooks: {{- else }} service: name: {{ template "webhook.fullname" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} path: /validate {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml index 8719532611..10cb8dffad 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml @@ -19,5 +19,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml index 60c3f4ff0d..dfd8f13123 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml @@ -20,5 +20,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml index f27244dc96..a2491a062a 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml @@ -38,7 +38,7 @@ webhooks: - v1 clientConfig: service: - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} name: {{ include "ingress-nginx.controller.fullname" . }}-admission path: /networking/v1/ingresses {{- if .Values.controller.admissionWebhooks.timeoutSeconds }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml index acbbd8b10d..4b2f10de20 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml @@ -15,5 +15,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "ingress-nginx.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml index e846a1183a..3351826cf9 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml @@ -17,5 +17,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "ingress-nginx.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml index dbaa516b95..e7e65f6109 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml @@ -17,5 +17,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }} - namespace: {{ .Release.Namespace | quote }} + namespace: {{ .Values.namespace }} {{- end }} From 253774f2035de676c75e1aac18eec60c4ea5d946 Mon Sep 17 00:00:00 2001 From: aniket Date: Mon, 20 Mar 2023 14:09:52 +0530 Subject: [PATCH 136/742] updated namespace in ingress and cert-manager --- .../cert-manager/templates/_helpers.tpl | 2 +- .../templates/cainjector-psp-clusterrolebinding.yaml | 2 +- .../cert-manager/templates/cainjector-rbac.yaml | 2 +- .../templates/psp-clusterrolebinding.yaml | 2 +- .../cert-manager/templates/rbac.yaml | 2 +- .../cert-manager/templates/servicemonitor.yaml | 2 +- .../startupapicheck-psp-clusterrolebinding.yaml | 2 +- .../cert-manager/templates/startupapicheck-rbac.yaml | 2 +- .../cert-manager/templates/webhook-deployment.yaml | 2 +- .../templates/webhook-mutating-webhook.yaml | 2 +- .../templates/webhook-psp-clusterrolebinding.yaml | 2 +- .../cert-manager/templates/webhook-rbac.yaml | 4 ++-- .../templates/webhook-validating-webhook.yaml | 4 ++-- .../ingress-nginx/templates/NOTES.txt | 12 ++++++------ .../templates/admission-webhooks/cert-manager.yaml | 12 ++++++------ .../job-patch/job-createSecret.yaml | 2 +- .../job-patch/job-patchWebhook.yaml | 2 +- .../admission-webhooks/job-patch/networkpolicy.yaml | 2 +- .../templates/admission-webhooks/job-patch/role.yaml | 2 +- .../admission-webhooks/job-patch/rolebinding.yaml | 2 +- .../admission-webhooks/job-patch/serviceaccount.yaml | 2 +- .../templates/controller-configmap-addheaders.yaml | 2 +- .../templates/controller-configmap-proxyheaders.yaml | 2 +- .../templates/controller-configmap-tcp.yaml | 2 +- .../templates/controller-configmap-udp.yaml | 2 +- .../templates/controller-configmap.yaml | 6 +++--- .../templates/controller-daemonset.yaml | 2 +- .../templates/controller-deployment.yaml | 2 +- .../ingress-nginx/templates/controller-hpa.yaml | 2 +- .../templates/controller-poddisruptionbudget.yaml | 2 +- .../ingress-nginx/templates/controller-role.yaml | 2 +- .../templates/controller-rolebinding.yaml | 2 +- .../templates/controller-service-internal.yaml | 2 +- .../templates/controller-service-metrics.yaml | 2 +- .../templates/controller-service-webhook.yaml | 2 +- .../ingress-nginx/templates/controller-service.yaml | 2 +- .../templates/controller-serviceaccount.yaml | 2 +- .../templates/controller-servicemonitor.yaml | 2 +- .../templates/controller-webhooks-networkpolicy.yaml | 2 +- .../templates/default-backend-deployment.yaml | 2 +- .../ingress-nginx/templates/default-backend-hpa.yaml | 2 +- .../default-backend-poddisruptionbudget.yaml | 2 +- .../templates/default-backend-role.yaml | 2 +- .../templates/default-backend-rolebinding.yaml | 2 +- .../templates/default-backend-service.yaml | 2 +- .../templates/default-backend-serviceaccount.yaml | 2 +- 46 files changed, 60 insertions(+), 60 deletions(-) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl index 2b6ee7f6b2..2d930e5532 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl @@ -58,7 +58,7 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- define "webhook.caRef" -}} -{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca +{{ .Values.namespace }}/{{ template "webhook.fullname" . }}-ca {{- end -}} {{/* diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml index b287802fd5..ce4f278f60 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml @@ -17,6 +17,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml index b91021a813..a3b10485de 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml @@ -109,6 +109,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml index 1da89c8d55..c84b26b306 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml @@ -16,5 +16,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml index 8beae2616a..1a8a73e43c 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml @@ -51,7 +51,7 @@ subjects: - apiGroup: "" kind: ServiceAccount name: {{ template "cert-manager.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} --- diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml index 7abe1761e6..249bcededa 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml @@ -28,7 +28,7 @@ spec: {{- if .Values.prometheus.servicemonitor.namespace }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Values.namespace }} {{- end }} endpoints: - targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml index d19fa84f2a..92fb51d204 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml @@ -21,6 +21,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml index f82a503f16..1c512863f7 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml @@ -43,6 +43,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "startupapicheck.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml index 62650a7d45..1ceacde40f 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml @@ -72,7 +72,7 @@ spec: {{ if or (not $config.tlsConfig) (and (not $tlsConfig.dynamic) (not $tlsConfig.filesystem) ) -}} - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) - --dynamic-serving-ca-secret-name={{ template "webhook.fullname" . }}-ca - - --dynamic-serving-dns-names={{ template "webhook.fullname" . }},{{ template "webhook.fullname" . }}.{{ .Release.Namespace }},{{ template "webhook.fullname" . }}.{{ .Release.Namespace }}.svc{{ if .Values.webhook.url.host }},{{ .Values.webhook.url.host }}{{ end }} + - --dynamic-serving-dns-names={{ template "webhook.fullname" . }},{{ template "webhook.fullname" . }}.{{ .Values.namespace }},{{ template "webhook.fullname" . }}.{{ .Values.namespace }}.svc{{ if .Values.webhook.url.host }},{{ .Values.webhook.url.host }}{{ end }} {{- end }} {{- with .Values.webhook.extraArgs }} {{- toYaml . | nindent 10 }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml index ec7483a787..bf26b33c23 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/component: "webhook" {{- include "labels" . | nindent 4 }} annotations: - cert-manager.io/inject-ca-from-secret: "{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca" + cert-manager.io/inject-ca-from-secret: "{{ .Values.namespace }}/{{ template "webhook.fullname" . }}-ca" {{- with .Values.webhook.mutatingWebhookConfigurationAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml index e8e1bb2068..e402382035 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml @@ -16,5 +16,5 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml index 1cf7978992..37cecd88b2 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml @@ -41,7 +41,7 @@ subjects: - apiGroup: "" kind: ServiceAccount name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} --- @@ -79,5 +79,5 @@ subjects: - apiGroup: "" kind: ServiceAccount name: {{ template "webhook.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml index 6d4eb26e0a..5d0e348413 100644 --- a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml @@ -9,7 +9,7 @@ metadata: app.kubernetes.io/component: "webhook" {{- include "labels" . | nindent 4 }} annotations: - cert-manager.io/inject-ca-from-secret: "{{ .Release.Namespace }}/{{ template "webhook.fullname" . }}-ca" + cert-manager.io/inject-ca-from-secret: "{{ .Values.namespace }}/{{ template "webhook.fullname" . }}-ca" {{- with .Values.webhook.validatingWebhookConfigurationAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} @@ -24,7 +24,7 @@ webhooks: - key: "name" operator: "NotIn" values: - - {{ .Release.Namespace }} + - {{ .Values.namespace }} rules: - apiGroups: - "cert-manager.io" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt index 8985c56c0c..09e4bb3f2d 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt @@ -6,24 +6,24 @@ Get the application URL by running these commands: {{- if (not (empty .Values.controller.service.nodePorts.http)) }} export HTTP_NODE_PORT={{ .Values.controller.service.nodePorts.http }} {{- else }} - export HTTP_NODE_PORT=$(kubectl --namespace {{ .Release.Namespace }} get services -o jsonpath="{.spec.ports[0].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) + export HTTP_NODE_PORT=$(kubectl --namespace {{ .Values.namespace }} get services -o jsonpath="{.spec.ports[0].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) {{- end }} {{- if (not (empty .Values.controller.service.nodePorts.https)) }} export HTTPS_NODE_PORT={{ .Values.controller.service.nodePorts.https }} {{- else }} - export HTTPS_NODE_PORT=$(kubectl --namespace {{ .Release.Namespace }} get services -o jsonpath="{.spec.ports[1].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) + export HTTPS_NODE_PORT=$(kubectl --namespace {{ .Values.namespace }} get services -o jsonpath="{.spec.ports[1].nodePort}" {{ include "ingress-nginx.controller.fullname" . }}) {{- end }} - export NODE_IP=$(kubectl --namespace {{ .Release.Namespace }} get nodes -o jsonpath="{.items[0].status.addresses[1].address}") + export NODE_IP=$(kubectl --namespace {{ .Values.namespace }} get nodes -o jsonpath="{.items[0].status.addresses[1].address}") echo "Visit http://$NODE_IP:$HTTP_NODE_PORT to access your application via HTTP." echo "Visit https://$NODE_IP:$HTTPS_NODE_PORT to access your application via HTTPS." {{- else if contains "LoadBalancer" .Values.controller.service.type }} It may take a few minutes for the LoadBalancer IP to be available. -You can watch the status by running 'kubectl --namespace {{ .Release.Namespace }} get services -o wide -w {{ include "ingress-nginx.controller.fullname" . }}' +You can watch the status by running 'kubectl --namespace {{ .Values.namespace }} get services -o wide -w {{ include "ingress-nginx.controller.fullname" . }}' {{- else if contains "ClusterIP" .Values.controller.service.type }} Get the application URL by running these commands: - export POD_NAME=$(kubectl --namespace {{ .Release.Namespace }} get pods -o jsonpath="{.items[0].metadata.name}" -l "app={{ template "ingress-nginx.name" . }},component={{ .Values.controller.name }},release={{ .Release.Name }}") - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 + export POD_NAME=$(kubectl --namespace {{ .Values.namespace }} get pods -o jsonpath="{.items[0].metadata.name}" -l "app={{ template "ingress-nginx.name" . }},component={{ .Values.controller.name }},release={{ .Release.Name }}") + kubectl --namespace {{ .Values.namespace }} port-forward $POD_NAME 8080:80 echo "Visit http://127.0.0.1:8080 to access your application." {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml index 55fab471c9..372b89d00f 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml @@ -6,7 +6,7 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: {{ include "ingress-nginx.fullname" . }}-self-signed-issuer - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: selfSigned: {} --- @@ -15,7 +15,7 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "ingress-nginx.fullname" . }}-root-cert - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: secretName: {{ include "ingress-nginx.fullname" . }}-root-cert duration: {{ .Values.controller.admissionWebhooks.certManager.rootCert.duration | default "43800h0m0s" | quote }} @@ -32,7 +32,7 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: {{ include "ingress-nginx.fullname" . }}-root-issuer - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: ca: secretName: {{ include "ingress-nginx.fullname" . }}-root-cert @@ -43,7 +43,7 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: secretName: {{ include "ingress-nginx.fullname" . }}-admission duration: {{ .Values.controller.admissionWebhooks.certManager.admissionCert.duration | default "8760h0m0s" | quote }} @@ -55,8 +55,8 @@ spec: {{- end }} dnsNames: - {{ include "ingress-nginx.controller.fullname" . }}-admission - - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Release.Namespace }} - - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Release.Namespace }}.svc + - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Values.namespace }} + - {{ include "ingress-nginx.controller.fullname" . }}-admission.{{ .Values.namespace }}.svc subject: organizations: - ingress-nginx-admission diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml index d93433ecda..ab5325dda5 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ include "ingress-nginx.fullname" . }}-admission-create - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": pre-install,pre-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml index 0fa3ff9a26..d0fb2d9e72 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml @@ -3,7 +3,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ include "ingress-nginx.fullname" . }}-admission-patch - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml index 08b32257c9..4df88506f7 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml index ea7c208189..9fdef2b515 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml index dfd8f13123..2bb21c39b8 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml @@ -3,7 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml index 00be54ec5e..5cb16dadca 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "ingress-nginx.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} annotations: "helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml index dfd49a1267..93f396ce8c 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml @@ -9,6 +9,6 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-custom-add-headers - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} data: {{ toYaml .Values.controller.addHeaders | nindent 2 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml index f8d15faf96..38af7af82e 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-custom-proxy-headers - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} data: {{- if .Values.controller.proxySetHeaders }} {{ toYaml .Values.controller.proxySetHeaders | indent 2 }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml index 0f6088ea90..469440c35b 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml @@ -12,6 +12,6 @@ metadata: annotations: {{ toYaml .Values.controller.tcp.annotations | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-tcp - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} data: {{ tpl (toYaml .Values.tcp) . | nindent 2 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml index 3772ec5143..53722e45cc 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml @@ -12,6 +12,6 @@ metadata: annotations: {{ toYaml .Values.controller.udp.annotations | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-udp - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} data: {{ tpl (toYaml .Values.udp) . | nindent 2 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml index f28b26e1e5..a7936282c5 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml @@ -11,14 +11,14 @@ metadata: annotations: {{ toYaml .Values.controller.configAnnotations | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} data: allow-snippet-annotations: "{{ .Values.controller.allowSnippetAnnotations }}" {{- if .Values.controller.addHeaders }} - add-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-add-headers + add-headers: {{ .Values.namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-add-headers {{- end }} {{- if or .Values.controller.proxySetHeaders .Values.controller.headers }} - proxy-set-headers: {{ .Release.Namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-proxy-headers + proxy-set-headers: {{ .Values.namespace }}/{{ include "ingress-nginx.fullname" . }}-custom-proxy-headers {{- end }} {{- if .Values.dhParam }} ssl-dh-param: {{ printf "%s/%s" .Release.Namespace (include "ingress-nginx.controller.fullname" .) }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml index e6721566b9..138fb05362 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml @@ -10,7 +10,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- if .Values.controller.annotations }} annotations: {{ toYaml .Values.controller.annotations | nindent 4 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml index 9f1cf70db8..eacb1fd30d 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml @@ -10,7 +10,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- if .Values.controller.annotations }} annotations: {{ toYaml .Values.controller.annotations | nindent 4 }} {{- end }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml index d1e78bdfc6..44888f0dfb 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml @@ -15,7 +15,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml index 899d3cc5df..251b332741 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: selector: matchLabels: diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml index d1aa9aac73..3b4ec4a66e 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} rules: - apiGroups: - "" diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml index 3351826cf9..29b56b5ce2 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml index aae3e155e4..e69c1e6753 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml .Values.controller.service.labels | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }}-internal - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: type: "{{ .Values.controller.service.type }}" {{- if .Values.controller.service.internal.loadBalancerIP }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml index b178401c9a..3885b8071f 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml @@ -12,7 +12,7 @@ metadata: {{- toYaml .Values.controller.metrics.service.labels | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }}-metrics - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: type: {{ .Values.controller.metrics.service.type }} {{- if .Values.controller.metrics.service.clusterIP }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml index 2aae24fcf0..0519af0ae1 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml @@ -12,7 +12,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }}-admission - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: type: {{ .Values.controller.admissionWebhooks.service.type }} {{- if .Values.controller.admissionWebhooks.service.clusterIP }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml index 2b28196de1..2ca541a4a3 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml @@ -13,7 +13,7 @@ metadata: {{- toYaml .Values.controller.service.labels | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.controller.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: type: {{ .Values.controller.service.type }} {{- if .Values.controller.service.clusterIP }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml index e6e776d091..6e80888d6b 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "ingress-nginx.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} {{- if .Values.serviceAccount.annotations }} annotations: {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml index 8ab16f0b25..65335cb65b 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml @@ -33,7 +33,7 @@ spec: {{- else }} namespaceSelector: matchNames: - - {{ .Release.Namespace }} + - {{ .Values.namespace }} {{- end }} {{- if .Values.controller.metrics.serviceMonitor.targetLabels }} targetLabels: diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml index f74c2fbf32..7b228a9a8e 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml @@ -5,7 +5,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: {{ include "ingress-nginx.fullname" . }}-webhooks-allow - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: ingress: - {} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml index 87aced49db..5fa4ae5bcc 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.defaultBackend.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: selector: matchLabels: diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml index 594d26525b..c4c76bd422 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "ingress-nginx.defaultBackend.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml index 00891cee5d..95698405ea 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml @@ -10,7 +10,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.defaultBackend.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: selector: matchLabels: diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml index a2b457c361..153826aa02 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-backend - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} rules: - apiGroups: [{{ template "podSecurityPolicy.apiGroup" . }}] resources: ['podsecuritypolicies'] diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml index e7e65f6109..1a90b752d6 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml @@ -9,7 +9,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.fullname" . }}-backend - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml index 5f1d09a954..57b8fc7151 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml @@ -12,7 +12,7 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ include "ingress-nginx.defaultBackend.fullname" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} spec: type: {{ .Values.defaultBackend.service.type }} {{- if .Values.defaultBackend.service.clusterIP }} diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml index b45a95ad25..fbeff33aa0 100644 --- a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml +++ b/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml @@ -9,6 +9,6 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} name: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} + namespace: {{ .Values.namespace }} automountServiceAccountToken: {{ .Values.defaultBackend.serviceAccount.automountServiceAccountToken }} {{- end }} From 9d8bcd7a6e30574c6f06727af8629b65a8eb5467 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov Date: Wed, 29 Mar 2023 10:05:01 +0530 Subject: [PATCH 137/742] unified dev env files --- config-as-code/.sops.yaml | 8 + .../environments/unified-dev-secrets.yaml | 126 ++++ config-as-code/environments/unified-dev.yaml | 676 ++++++++++++++++++ .../helm/charts/frontend/digit-ui/values.yaml | 1 + .../fsm-calculator/values.yaml | 1 + .../charts/municipal-services/fsm/values.yaml | 1 + .../municipal-services/inbox/values.yaml | 1 + .../municipal-services/vehicle/values.yaml | 1 + .../municipal-services/vendor/values.yaml | 1 + .../deployer/pkg/cmd/deployer/deployer.go | 6 +- 10 files changed, 819 insertions(+), 3 deletions(-) create mode 100644 config-as-code/.sops.yaml create mode 100644 config-as-code/environments/unified-dev-secrets.yaml create mode 100644 config-as-code/environments/unified-dev.yaml diff --git a/config-as-code/.sops.yaml b/config-as-code/.sops.yaml new file mode 100644 index 0000000000..ea5826ded4 --- /dev/null +++ b/config-as-code/.sops.yaml @@ -0,0 +1,8 @@ +# creation rules are evaluated sequentially, the first match wins +creation_rules: + # upon creation of a file that matches the pattern *dev.yaml, + # KMS set A is used + # eGOV Internal ------------------------------------------------------------------------------------------------------------- # + - path_regex: environments/unified-ci\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' + pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' \ No newline at end of file diff --git a/config-as-code/environments/unified-dev-secrets.yaml b/config-as-code/environments/unified-dev-secrets.yaml new file mode 100644 index 0000000000..953b1c6c99 --- /dev/null +++ b/config-as-code/environments/unified-dev-secrets.yaml @@ -0,0 +1,126 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:YGPi3XdkNWkQsw==,iv:tfcvwdgdg8FWOL8o5recsC2gOZrrx4VrhRUcf1ioIqs=,tag:2JCEfBFHRtS94YkvU3x94g==,type:str] + password: ENC[AES256_GCM,data:ZXFi9K2olvPVD9ziJg==,iv:J8cgCSg5FEHKqOUBnNXLQes/kwDGPGDb2Cv9OJnhYP4=,tag:jd8fxNbB1+6ZWRIX/gj60Q==,type:str] + flywayUsername: ENC[AES256_GCM,data:gxBsXq3UTfK9PQ==,iv:2d/2TSULYpnla/jpQbUC11WKi74WDyfVZcGaBiTuqnU=,tag:oRhcHIlaeptv4jvMJHhCrw==,type:str] + flywayPassword: ENC[AES256_GCM,data:v/g66SmMniNtO3IXTg==,iv:V/yYwDhJk74mUPDaJoy1Zg059KOYG9qrGd2/b6jPMAE=,tag:RdtxgfbTeIwU9w428Dl7ag==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:kd7VkchkkA==,iv:/G1T1C22KriGHSc++Yo7Um0HR3pcZh2v5Rk0ZZrv8BE=,tag:jQv1XpjbKbqifVluZpgmRw==,type:str] + password: ENC[AES256_GCM,data:wZQyhnBpzDA=,iv:1xIh2O24F138H+v/I3tN+GRdIHNdIot+qyxCONe6U1I=,tag:qapsx/kdZt6asAA+VxYrDw==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:78lM4cOd0Bdc/bUIHFbaj4vbs/g=,iv:0r2Z0uPMLFWc6gdppr0u1jV1t/CLkQnXJA1MXf2t69s=,tag:d17VdYT7EdbjZgpnrbOo4w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ih+8SFHIq6aDqGEySzeyoctz73NGmFa1+DBMvKVz5a/g0P+T0zt6hg==,iv:Zer24kg7rykvxFwM7Ii+IGunupUdkZZzc07Y21edEQY=,tag:Dgq7hv9KUDxTmxdDezgpxA==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:feyIY3Q93CjJ6bNRNzJF,iv:Sff05zcAl9EtIyVbrEnzpIBjDXZePZFBrzYkKdsQQgM=,tag:caYjxW/F+6vjEjHRNa8cjg==,type:str] + account-key: ENC[AES256_GCM,data:IBGZWYcovLCbDlWgLM5MLHQxDk2FOrXKUulEmTDELPb/hNrG1VJFQxRU7hnQaihkPPs+pbzz1DmiYK+M1wtmamruNyBZ6lph/k2zii9ByHM1MF+piUwyQw==,iv:DBbZ7YPabuTdDZQpBnFS4sVCksnW7+6Pmaq5xHUoqBg=,tag:iM47xwQ2xSwgXnxW7thX8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:HJd5Mfb/giZrSq5EuCY6zHOEf1NE9lNvOQpEHnyJ3GKGQqvj90gN,iv:mUzoWBiMx+Aks/7sx/Tt3f5IdDRGI+R+AbPibQ4w7o8=,tag:YmUrOP53wj+gU9lpJNEQrQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:ch3vmQxWjKKYEHqFA91Ikg==,iv:pcqAmGgtw9pkwa9WeJx0WCv6M2+vF/kQN3ookk7gRC4=,tag:vxcuYdLo1b5eq6FFA8Kthw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:CHdNUQ/5+fyumT8os9qHA4UBAfL8oYEXNwfZ/KB1F24=,iv:CodzoLta5LeEfBazt0nPHN7BsdFieLMRQXfHT6Jee0o=,tag:4v0Fk95h8hXHYV9wDHZo1A==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:uV/drc+lfbBRlaPjU407,iv:iyzeRshKPQ2RAN64bzKAYahbo8eucnLCZyWukUxtyFc=,tag:jt1vN2cB1I8SOfVJCJlVCA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:U2Q2uVKgn+CAT5o=,iv:P0qg061JAHl+lN/AGoWnUhI9uCHDZ7V70N/pfQJb/J0=,tag:HyrTwzbUY6Y19Xyspev0uQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:IL8fNfa/Row=,iv:LKQY22K7keqduBNy/LC+5qW2xJMOkMzcINLjNQ944Jo=,tag:COif+D0/wmr1eTBdOUBKUg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:ui5SYi3f,iv:5hNAHfELEHMsiRpXRACdh49Z/JxJn1jr0V1uj6DBVSg=,tag:fjvRcW/Q3jEJzgQgzHgRWg==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:liTlKez64go=,iv:oRxigBvmA+UUgX3oSnf2Kfg9oE+yvgEPBhpFuxrSpms=,tag:/u+Wa5m70MQZ/+Ey272Ayg==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:BmLUpgPP1spV8/2gszEX4pTxp0b5QvNPk0o=,iv:kVF6J3kbfcBao9iNNkizQwjCs1cA4Et9NFjqDHxY3W4=,tag:RLSKLlIS4ZXXLLz9OsHuHA==,type:str] + admin-password: ENC[AES256_GCM,data:HoPm7SB2nLheu6nr,iv:9J7oRlM5Aly/9074NqvhWQUeMdZtDrzKtk+8UDrDDBk=,tag:dLEAln2+jX5uJ/3rs+5Ang==,type:str] + read-email: ENC[AES256_GCM,data:+YvXu0nGYcdAqW10izH5n64CsHnnd2P3Qg==,iv:ElF93IF8rszx/Nmz2Biw4USlWyiNBeeCXKC0uXB3uzA=,tag:eZfwyjujY22qBYx6V+GGQA==,type:str] + read-password: ENC[AES256_GCM,data:1pDnVIXCAnrtQbLb,iv:plxbsbdJjkZpy1oUoU7xu/BqyMXafcuMYKjp2onhLuw=,tag:mxYpjDdTBYQ1K9uNcX40CA==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:Zx+lA/ybTERW4A2HA1I7aA==,iv:g/mqLJud4dezlFoMbTm4sO9gwH98/hXHTUXyLPvKZIA=,tag:VVTZ48ndRYQNAmclNx71QA==,type:str] + master-salt: ENC[AES256_GCM,data:8f+XlgAa9Dw=,iv:lk1A0B3Vpnc63wyd8w/Yt7J5KwMLLCTIqwNmg1shbtI=,tag:lJTEW42vKk5cWMT7T8qCNA==,type:str] + master-initialvector: ENC[AES256_GCM,data:rZYmjXcO4cPhfRBg,iv:tJF0RD4iwZkoSmEP408hCObZWo2BupqdXG8Fy+IqOvI=,tag:93uTcY2glt9vKWBwC7zlWw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:pXpYI4z48CLHirR0k0PbX8Aln9OmDUKCxLEz7vyL5sFo,iv:cDk+DrIp3zEOE10yG+HFNwWL9pLpJLA2dqq+vpVYu+Q=,tag:Y1ilIlMur4vDEdvdiYglIA==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:CtVr1xAOYXM=,iv:DhkFfmlQCl+CXU7FzwYN9rVyGwdZ7IHd3fM6Yil4xuU=,tag:LvMezOswNmnVQJ9WTHZKUw==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:dLv7d6a5lYWpRFRHweJG9r9fEY1fsTrZWkBOYu+yKDbfalA5+mbRQ2EPDtHspvEexKYFnQjtwyJqtvFe0JASuUdG7WI9bqZKxmjvFR2cLgutsThvQQ894Fsr3eTJnwSx/6Bt5eZwR4DqiZZ8wa71/kCmqMmXM9T4K0E52AyUrZ0ZEQnt70vkcb0AjxylrW0VW7VyWcmIU/ZnJbSNxs8Rn02yL7fvMlmoS94QdvCjHJnzAUwkrXf7I9jcZLP9IEp0MBAO4PBu9fPxzAIyS5+ijIhn1IYf4JMv+HQ65cRI9C5gkxXUaAQNPlu9+dDCs29Yjdku0WLGInyL4ilrQ5Ld5oJySlv5UErnuxZn8juNiY4h/sF+4PiijwUWmpsFTSja/tRyXdTHIOO9n2uKtXzo8VqYn4ciZ/Q1ogjoYsJF3m+74gysPD7f+Zc5Ib2/XCEqoYeVZlCLm+E9+ANiaqr3gkxQ6SIP/31mxw9jhX58znSWnOAcuMyMA7L1LVdKeNT4Pc3kPw538QS+tGQr2iTKdQOoybokFB678iu/8+WBcV3miN56BBNHUYE/OjoYPNHaPMvTGOaFJd7gHQa+DN59ltXIaAo2rvbzuK0l1lCduM+WbSaeZ3gnhhLfA2yCeASF/4lpxFeFJkdZmCGRyiyJs1RVHbhzD1tmzLUmbOUhyB34aVUFOkVKBWQIn0T7xf6Z+7BLgcijUBcQENSMQXh3sBIC3O535QAc1XHrEnT58/pI/Q2x2m7zar6/q6tyOTOOR+dGOSYpSItVZ4+rqpJw9Ynvk+bTiJJEywQbnk0TwyyGScQx+IC+j0Pf286BdxdJGUhicRUesnb5YIhCfl2XZ+rIa00gaaa+qan127oCFYyzO5XMnONu8HkirNtwWxJFo4Q/R+sjwbkbM+gioyEwdhgoM6IpvJNxKgy1fCVYhkdWF2+jCTJMP2nWNiP343XzoaUx08XNclOvgqBGnRp4subEWiQu1LkFaTwfOY+5KQuWQOlmMwDlUmBI6KZLzpWn/0EXGj9P4GpB087tyMICizwxeT3I6jMmcAS3WJUzLv4kT1/mgZQKIzQmfhqlCpkKpKeEAfI6Jw1Os+UTUvs+FLh9bXgdXUkFWbuj1+PggEfJETkeDskAJifYJvlI9QcDniQwm/uJnYNl7pgUcruoK+5QuGesTAghCHW7k9EY0dVRwD32BGEo2mwGwucDxGcQGwNF/IKQ5jY+ckUu93lgZ/uqIzvgbUMHd0cuEQ7l6KN1/sLUzUHXVH/K1fjBvqM83rfY874W1lxLsiio7dFBkFVpbgswy+VpVXL36XA1dZA3+S5K5kbsHxCdABv4UtHX7bcoU2lfwpZ/A9ggcwhZ9js9UG1hxario2egn6277FrMfqKa4Y+x+DsnMJYpU9o61ynIt9DxFtR2h+rAeMeRHZ5qkt6d4o2xPippCR2NhF5DVTT6ytZqokjaDm8mws/iLLH8fvIC0dPqS6XAzaRjrMAXUyLQkDz9z5JTOxjNoMujouR7YsFKr52zHcXN5ogbiCUYcHrNCRd8qgF6d+4XcXsSxPG6uJf1j6Ytp7OQDyHSxowcScM9jA++cw2cyQXgNt6FSPSYX+60UxqjLdHPJlOM+dPL2FnxfVEkZmate2TYbQMtZzoJI2djfXmG8IR2tfuWM3t6SqRfvSIewTo6RJcziTa6xQMsQBhwch8GN4kJPrzLNtWfjAvRihKdEX8USHKSqKvJFGvGDW8YVsCHUXUWhAC/2RvDYjdtFLhhg/NnCA/yu+lgu562E8aa9XsIyLUu/lvqbDbi4uFgjcPyXs92bp8oVAeWTzZbsLKxEUEYynBHcIqmjC21/wVFp5itNK7+uL8sOS5KBF+zJQDO8WqDwhHnrj5SRqr0EPfW+zWBRnbNZORxkEF4PigMqDwA1IIT0a+TyANTnLf2U3Jo2CqYd0Ou+DCWilDL9v4QEnaLA/4W7jxvln7vkpQALdcYwR0IoF1krvmJADLw6iHk0nv0eSazfi0uqgiXGIipoToQGtGRI//FD8t+C2vEHs/rfFKgu8ZkvApy0LXncWah6GcVc/ezwoDGIBz7A5OKTen4KD4+lG0U6tjDux6iT/MFeijhz3QcYE0LhnsYSltp6smcEsIqZmQOIwA5RnZAvlqqBp7ps7fu/Od9xyw2upogkxuOksnyeTHnazcTa1zGBgu1CM+p0gMT9VcAj4A0OZZS1isRokHHxqGNH1EMyv0vrjld0gCEHNP9+Xu41UFctjEv8C/Iepyt+NVcD1spI+hGqc2zA36pHgqOwYK+D1LGKFROVOKZsS4A8HJ+HDoT9bdeAN/y1HlzPTR8OYMN2s99saTD72tYvp6+59duVxPDtmmM8LU/hSrSoLUOwk9pPlJB2fY4F7SaeLUiyLae1LIiHxH/E4ZyyeBYfO0EVl7rEt3NGZPbDp6s+Z4kLrafPiVRQC2fXgWpeTu38p4h420BQtpu+JfEvPKWvRQjguZDxveuRKFYIO+TaVdNDk0FvqGEFsXHOm9z/V2oYSCtyxoyX3a6C6AL/2v03us+5d5F5IW4QDeYwaIAE1FX1+cTJ+bKLieNmxLApwz5HaPbFo1CE2iJSwPNVqaMZF6l+9CFAH9D/RPsCBomB2VIdnYsdnVjRWNKOYbRM49fon2lCpZ4YEUySWkFTJSCLz7JQHE9yuCkcK6T6iIdJgiFiAPEFxF+Fzk9bd9+jYggpc7LMDqbicOKzM+vJ/PQAgrIFpIFjrCVOUmNFufQvaaStL+OcooEej8TRLx6k6DDmz7j/1SjrBr2+T2+Q4ThOmMQrNOBp7my/PDRn+YREXuNocVv+9Ey0lK1SipUDSgOIewsdQXRcfr4qtkRWGOgSdUSU1ccQeIjkyIxTuCFtfTs0mvPXtoICmK4agHXOsLfeFQPrQBdlhiO9LhSQzqDQjSyUd8/P+oEQkHFBjQll1eSpWX0XL7HzakTK5SG0JYnNr9J2O+z0z0U3Pc7ZK/9tA2kBkAzWWtC7A7d9aFTRepDcGj/bJEvhpSk2oa1xDn7LdQf9Fc0dS3rvnlQGH0dXHuVAZvYiDBnouPyD2vYKoEb3D7K0RCpdRxBLKKc4wfRgVYYAgX83KkmajO7Dl7iVPF5HuhaN3I0mVnV2FY0P6mEpiOtxUZ931l2KG+RYsmAlcUGF4QkNZjAxM+edV2XceIGX+6/bRJSW5a3tO8yq82/cOKxWdoa8MLmP716jDMPt5ujMOmsP51Ex5aRPQYQWNwwoVHYSQojp7ITu0wQv5WclvYwSWKKk6Ud9qGFBKQw7PFsvbBfo85Kf1eCANQoSoXevYAKQF7NWj5qfmCJcLecNOsntTqr9XW4GqvlzbyRqCuMOyuW/B5lLdqQHvNlE7BkmQ9yuileG3PIA1MVKsuOh4lp0jCPimh5rLBrTF0k8Yj8Syv5VCMHWdvuKExF5lB2SPnFpp3ExxHxIaXGuS9Ho8hAMfvdd6o8c+UikcYlfk8QxcIKnEnNHemjjwvL+IzShXnCForKFqWqsr0a/M0Gl7QHVLz1atmTjZkv5h4TAK2IjpBjyK2+Gq6RbpxPf9PmNXeK/1DTS/VDIqEUrCB/MaV3dbgVw/CExDguImGT3oHqjof359Hx3Oho47zcnJIAFcXdZnTvekhjjCsYMX29TbB3aZPIcXrjjne0k2OY6PhGY65eLuVzaHDaSSkqILR/o90+gDn4QjLiLbjuyqAayLrnpzvPG++ap4TpC1gJ1/OOT98yg4FmPWB78h7A/nQUxWyt/YKJO+Zsk08sl4XaB6xRnWtm7s+9gxTWyPbvESrpyCvuflex9rcPuh0F49led516GhcAGDh7Xtpk4VwsVqVTG6GuUM9VEsAHpM7npgEBP9vPEdER0UW+rNri44j8Qx8g6oeyGqa6X4i6aletcOs2hsc2oXRtc5Gj+J3U9eutSATgaKGXCzvloSKKARf3aFoFbhHQRv7O5Z5wwrOpTqez5lIUChHgdZhiArPDKI35fHgvmqwY62pbH3Pkeba3ZuY33TWrJsEtdXjDHhEfSQom4suUrYXAzRoWgjlJm9RXreivQPlQ7+GooUcWNtML6VsMUOqvjURF1t7CGUKk6fSXkjqIEdgrxkTueL+TW0AG2fjbEJ4fWjnrxeZy+IyDD+mcWn2WmvkOZwAE7DaZpNNZTZKNVVt8ya/7oSfcwKo/jOaDkgRR1KOaM09APZe0bwB9u04FAd8dQm/JOqo0Kq5xbMBNF45heU95ZM6QDGn+P8FiZNxTm8tSFEjwZ43JFwheFsml4qSiWlLVchaR7Jl3+mzah+4w5+BlC2cW,iv:heHyf5LdsEZGhj2OhOKLUteBzQF1DrMLVIIEmL3Z53E=,tag:7PGFouJv2UPLK0e96XHHOw==,type:str] + known-hosts: ENC[AES256_GCM,data:EaZ+sDdisnHrFNbjMrHpiVU4wwSAoKs47DWH93k/+jK0SuIkXPf6RjH8TabIGT1UxhrBFYPM5bJOsqpzb6If8YJTZ5tauLKbEaHdntwQZ7Pb5ya1JMKBC0PQIqGryu6H9rnEskauY1l+pQU9TBe6Ioh64gar/FMqTVrEW6ftvXR/gKj8EK5xGZVLecYjOFoPvoA4y+rRCUCN/kie1sD6mFlGHOg5cMjFA8A/gpwbQw5G8+EXKSk6jY+B+oJBGW/h+6U5aTp4MIpmSwEgMOSrH/qFDnBSbOSn+9fRSbaHktrnDhD7EsK5aMYmdNBPMO284IKWUWbcNpI6ML3RMQByZqlo6aBH4S8B6uGb1cg1ZSuL5ZuuhxCQ4fDNL7Kw8WNahgeg60CK1b7i5xMpa0WsM3UirFkzUxR4CWoHI76YpJ61LijFKaWeUbCmhGBLOHXbR0pm1yYlruJuI+vApH+Zlgy/X2w1fWPWBkLp5ztGZuwkkpy9Yg6i4ZwsYEbu9OPl378DmRdggg==,iv:bm6PvBBbTGYjYvjtMGwc9xoYDq0kFi73Ouo6pJjwJgA=,tag:HocIhN7LqZcIwTCMQl/ksA==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:UN5ID/37qR3U,iv:lODAmw7ghL0mLg/Utzy3pPWnfikpwXtKNHyVwnrvHxw=,tag:OflBOn4ymY9NCQQfNisUFQ==,type:str] + si-microservice-password: ENC[AES256_GCM,data:XRZQmldlm5FRpdAoHQ==,iv:L13x5PbrxM7WTsO1CNHtgo69Tv8DoXeTPiKP/2BlvD0=,tag:eJ8+QzDwk6WBhYqdtpDmBA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:fbLLDOecmeNesf35CKa8H1U=,iv:ZKrlzRzZwcEXnX/Ucf52oixqBNZ0GvdOqP08elD6h9E=,tag:vU2ENJ+8MmbSqBNdhLLvQQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:9HmCUkbjb1/TyRTpspHLmsqaew63YXxEk18Qig==,iv:hG+1jhRq4KldrDYvT4iv9cOk8CLyGBMbyX3utWkyJD8=,tag:D/gFTBJ6aRA4OzsNX0swpw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:FMQz6Om4zHy/HxaGBx0GtA==,iv:JrOtYw+UKo74G9NRLKTQ9cgbcVOtqolatYlHGqGhMog=,tag:n0aeYOAkqSCcRzk1sterdA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:S58qWvz9Ww==,iv:7VlD/WVjGf4po93IBtNCtgg8MEMmqIg40gxvjzuzvY4=,tag:fZyknrSuzfwG6MVITrudFQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:iq/UhnT4GQ==,iv:j3C1NZmf4pmhVF+W7XkvXupwvOGMjGAsIcV+FEEf0Fk=,tag:rc7mgWCXE15FeXfRXVq2Og==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:HZ/Sne0q3gsSNH5Bdq4y,iv:49ImMzcca9a1WgqEGcGLZgp7NLsWcn9x4DVt2gMToFU=,tag:KXxJ6csSzvspGfVfTN5s2Q==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:tOYN7+Ma0ebDvrLiBfWeQPHFf12aTEqPtvgKlLN8Sdc=,iv:nzExrt2wKi9ArVT5gCeOXtkln65olEkvZ7vAVEV7Wpc=,tag:XVH0l2Rh+An+WycS+lY82w==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:HYhaa1EK,iv:LipWRiwoDZmeWbNayXV/7Y52ZqVi0wKZNQJvhqtLKzA=,tag:lrB9ifGDW9agHzD5dE8DqQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:HJLeAFljf/Y=,iv:/2umeIpJOcuQ47hb1G51Ky6XPTzlMqy2yYWHhgAkaIc=,tag:n+U6akVW+wYXXUeuarb75A==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:NtKRZNAQ2hYJhxU=,iv:ojhF1m4F3BVeMokATjdFD9zMRKqedptFzKDtN79m1eQ=,tag:Zpbb6VKFe1nl0DHF1hhNew==,type:str] + valuefirst-password: ENC[AES256_GCM,data:xCeGWg0t4xI6,iv:LsB9V3vbw/ninAucmpZJOYUKBQz0RD5/ClMe/1thU8E=,tag:fOoO706kdrkpZ8O67mm+8A==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:ASxOQS8D,iv:rdKh7F2rEjRKYC/SeGeKpOCuVCkbPj4nDWT3eOU15r8=,tag:DtczvcCK0G8mpQufIX4rKQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:GtnecHQEp3oCcD1JeMeH9w+Yogk=,iv:RxDCAak2rthAOamF9YCWAZ2Zz3uNYbjKUD2xxGGwlgg=,tag:MIfh151jkr1F2ZoWl2coqw==,type:str] + clientSecret: ENC[AES256_GCM,data:LykqD/ePgUmPx1xTWD8H2FcUOdQPBmBADgjZPNUMVj+unwDohlxdsw==,iv:w9bN8YCBCuctJ3h+hsO/MbNkmnEYghlgAfESWEmi1/Q=,tag:0EqEu74TC3GPIFE3qhgMKg==,type:str] + cookieSecret: ENC[AES256_GCM,data:+FccvrDdaljeukCBcLEDNkwiEvckpj6P,iv:HrcWg2U1mLxphiAON3r1Q1a1N/umHU9gH9qpMu/67JE=,tag:ALqaMZ8hcfhJuhLV+s+Vkg==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:d69TQNOIVOUWkRpk/twyV7Kf66M=,iv:J7WLDYpkq5RG8cxYQl8tuWNaM+4bcN1eJ1EUtwLjoxA=,tag:uj3/TTszoB/esy5ywEpKRw==,type:str] + secretkey: ENC[AES256_GCM,data:jcsU/OXE1dyY7aon27ET44udoSH7Ts/POWleNeNYrIYFgcwyQXFf4g==,iv:acfGuRKBPqRm+vmivsi2YsbhJq4Tz65CAM/XMuYjQKk=,tag:3zViv4aCfT7nhQFN7GxCTw==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:8A8=,iv:7WGiqKM3ys8uJBBdbHTS8JSSooI+TMr8Mf/AWS8cmW4=,tag:ALrCihNYh69GIpbQzBeE6g==,type:str] + route: + receiver: ENC[AES256_GCM,data:2rdaUSNAM6ImJmDqhxMT8Bh1Aw==,iv:sTu/T4DhIAnToTekU0TiFJ9pkNODWJvvZk0kBzdsjM8=,tag:rJGnBS7OIxHQyV4VBjL8Aw==,type:str] + group_by: + - ENC[AES256_GCM,data:2AWijuRQO52E,iv:rReOSv1dQxI/nAK0K5Hk8tRP3tgk2PKzJv7sNfpQ1eg=,tag:OcXeD0CUbYKB+GXr40fjfw==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:0ooBdOa9NyoLqshBrjhJ5KibEg==,iv:iH49JhLKPd0vVwiy+bVX9UjdAkunTqW8oqnwf1G7Aqc=,tag:jb/QBapOMj5YfVvpHmnbWw==,type:str] + match: + alertname: ENC[AES256_GCM,data:yBu7hqwVaK8=,iv:8lpmsEGXiwNEDxa4zzkK0Bz2dBV4ILqJLdI0B/mmGHU=,tag:i5P3j4lwL70AlCK0IWVETg==,type:str] + group_wait: ENC[AES256_GCM,data:6tuh,iv:EtcLHEnb+ck/pjkTgiNi73B7J8J9MhF3vCDt+GdApD0=,tag:BE2e9T+yMcFh5OjAvs8xBA==,type:str] + group_interval: ENC[AES256_GCM,data:9ec=,iv:PZ9vjKq+nsN6iHA4b+KLW2NYTE0YoU24d5d27q1WEL0=,tag:+dEOdnx/zphDGSXhTfXD/g==,type:str] + repeat_interval: ENC[AES256_GCM,data:2SiN,iv:bcQ2JjP5tbXWdTWNaZWFt993vbjeuZ5RdhFAFpsaNt8=,tag:Tx9SlpyuIFEI+DUNX6dPMw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:kd7LAYtalDgnJ5Uz9Y2rRjkjeA==,iv:j5vjTikySVJiK6lGsIAli1BgLBqMVu7+CNGSwn1Zkfk=,tag:6Hmayt8SZavqwuTwDWuUlA==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:R1VSTA==,iv:kzbc0NK1YQb3HUV6tOltFRUnDSHngCSi3HQp6m52f9w=,tag:3hvqsGFyo7R6ywc/A4ozyw==,type:bool] + api_url: ENC[AES256_GCM,data:ZEm/251csKWBYgsVNY2ubwDj628dlbGhN6bTVQ5WzNa9cwEQUI2cAE4mJdJEIi/AcaLd8tSa/oqRXs2lxKJv3tyNBLaBnijUe5g5TvicBQ==,iv:PTAAnm1hV3A56j77gxVj8uqT0fKU2RG9BC2AQEQ84yE=,tag:jt7GuvYBNnb6Cuo8wvKC1w==,type:str] + channel: ENC[AES256_GCM,data:8gI3Fo3Yjus96uLIt8XtyTIBb8Ev4Q==,iv:N0BGGZuzA0ORA6T7KaNa1qKjTmUWR35FjkbAiXgkIGE=,tag:aEvBur7Xalz06ZbUyQPrqQ==,type:str] + username: ENC[AES256_GCM,data:Zn9hbZD5OrAym+Bt,iv:rXDBgvlR0JjDUeFMYTb7fPDjU8b6bEbswPVShVk4Kyk=,tag:bOeFM9ltjNK7tKObpUWWjw==,type:str] + title: ENC[AES256_GCM,data:KQkpp3tD18tMzhS83WYvPRICPrGM26W55wXVSwyN8vaabyFUFkU=,iv:ogXHISNx+B4o/o0fAPT1ohNbDyoAdIokwSYwPPKAIOM=,tag:EX/baz/hgmqBZlsjDgDclg==,type:str] + text: ENC[AES256_GCM,data:pboNRVp+4UWJLwP0OzoTfphtemjbgIrpprbYniMhiQzP0Uwauw==,iv:6eEO9u/ghU0NR/OVHlre2cAQGY2RujjkJCV4P2mTFok=,tag:i38P0/gweKZTj8u6uUReDA==,type:str] + templates: + - ENC[AES256_GCM,data:Xow+h9y6a2bs54/u56nxKFNgprTg4UiPzlI7EmsLCfU3267NE6tSvPZEJ4OCwTGAJO7h+cgma/aCttKGp+Er4LQU1Jfa9xU=,iv:JbG9MHYZaypOUP8xWI4eOOQ6RuXCRv65F6FJ5ozocS8=,tag:EKfFNZ8n9zI51XK3a5HFig==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e + created_at: "2023-03-01T12:12:16Z" + enc: AQICAHhswFwv5rJMVR0x2V05/8AtIG12GA7fukIP1fl7KP4HVAHEQMi2iapIDmux/t1KKVa+AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMGLGR9RK9fqIR3U68AgEQgDv4Q1SmwI3wLb9dvsqSlNUv/6hVuJV4px1lksPiuaz8e2sF4OqUzc4fC6MHf1j3kjQtjIGLBnm80CvZig== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-03-01T12:12:17Z" + mac: ENC[AES256_GCM,data:dR8J2pNAZh+xF5Mx96L0FkhjCVncU6IZn37NV0H/p7pStzYouUlnXIGRjnRP0OOMlWq2j9+wKdQeiE3roPq9i7eHuJJNueqVpy7sn4dbF5f1i00AsKaS4Nkv65XafIk1Abx0QsXiL2t8OxSODXlqFL42Dx7U+HxVthflLD9EYEo=,iv:QlH7jVGcygez1OhR+6nej2ucSCvC0/urcGIcFEBeXgE=,tag:lO96iLvh2d77V9JyDEYs3Q==,type:str] + pgp: + - created_at: "2023-03-01T12:12:16Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA3QBUEHknBKFAQv/XRJrxyQKWMhMJu5q23nh0bgimNnJa+h66X0hyac6AQEa + t6XoRtqqrl4hrkST51UAqp2mPPUb38UWHXUyKU6DP/lBA95WWivaw1RkLWzMWyZZ + j1ov1tqEH9j8FT88pxAmPHRvgLIlQcM/KDbrrpBy/beql7XOFN15sOa0e3BZq/6j + tWIxkk58x9G9EGeIHLCBVGTOwrC53BFu2ymjb+IumQoY0yvYEqQFZFhUYMI5s2/p + 0Cpb1etLrt726DL9xvpGYzbsrqO22Pwy4vbH3frmhsyzS8kCOy8uVJy/JIakZdie + t2ocZxy3QNp9nH2sOtfMpFOMv8EzNoGBHYmLPeoATf06783zig8odweoTFUlbbrJ + Vjv0FJUVpV0QJpPEVaQyhRvv63g2jKwc08Bfm+P+sHbdqNMS5r48dgd4QYQ1XzcL + GYEIwweIq9/QH3xY91qw6yfUvR0i61mUUNiahtmdvBH6Q1hQCvJC6v0qL92fyrDs + eQPmwtkS2vyjq28FaP+N1GgBCQIQ0WIh9mD3Z5JHSorlz6DVha/440HV+HSUluoQ + QPscZ6LVwSa5hZtPnQ48Hg7XfFcSk0e2o690WcFaxdPpvGzcxO6FdAbzJGML+tAl + B1lc87PfKIyjJBCokWw9OiZkSS/wG3O/Zw== + =rrj6 + -----END PGP MESSAGE----- + fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/config-as-code/environments/unified-dev.yaml b/config-as-code/environments/unified-dev.yaml new file mode 100644 index 0000000000..56f9eff21d --- /dev/null +++ b/config-as-code/environments/unified-dev.yaml @@ -0,0 +1,676 @@ +global: + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + memory: "2Gi" + limits: + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/config-as-code/helm/charts/frontend/digit-ui/values.yaml b/config-as-code/helm/charts/frontend/digit-ui/values.yaml index bfd42ede4a..348dc2ce79 100644 --- a/config-as-code/helm/charts/frontend/digit-ui/values.yaml +++ b/config-as-code/helm/charts/frontend/digit-ui/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "digit-ui" diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml b/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml index b13e7da9e2..a05754d8a1 100644 --- a/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml +++ b/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "fsm-calculator" diff --git a/config-as-code/helm/charts/municipal-services/fsm/values.yaml b/config-as-code/helm/charts/municipal-services/fsm/values.yaml index 62fb484fb2..45c777989d 100644 --- a/config-as-code/helm/charts/municipal-services/fsm/values.yaml +++ b/config-as-code/helm/charts/municipal-services/fsm/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "fsm" diff --git a/config-as-code/helm/charts/municipal-services/inbox/values.yaml b/config-as-code/helm/charts/municipal-services/inbox/values.yaml index bff4923364..26ce04c2dc 100644 --- a/config-as-code/helm/charts/municipal-services/inbox/values.yaml +++ b/config-as-code/helm/charts/municipal-services/inbox/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "inbox" diff --git a/config-as-code/helm/charts/municipal-services/vehicle/values.yaml b/config-as-code/helm/charts/municipal-services/vehicle/values.yaml index 274a08b4cb..efbafea07b 100644 --- a/config-as-code/helm/charts/municipal-services/vehicle/values.yaml +++ b/config-as-code/helm/charts/municipal-services/vehicle/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "vehicle" diff --git a/config-as-code/helm/charts/municipal-services/vendor/values.yaml b/config-as-code/helm/charts/municipal-services/vendor/values.yaml index 08d626bafe..cd96632f6d 100644 --- a/config-as-code/helm/charts/municipal-services/vendor/values.yaml +++ b/config-as-code/helm/charts/municipal-services/vendor/values.yaml @@ -1,3 +1,4 @@ +namespace : sanitation # Common Labels labels: app: "vendor" diff --git a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go index 4008240044..b3c011b8d9 100644 --- a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -146,10 +146,10 @@ func deployClusterConfigs(index map[string]string, configDir string, envOverride // Clean up folder after function exists defer os.RemoveAll(tmpDir) args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - fmt.Println("Before Trimming"+configDir) + fmt.Println("Before Trimming" + configDir) - sopsDir:=strings.Trim(configDir, "helm") - fmt.Println("path too sops"+sopsDir) + sopsDir := strings.Trim(configDir, "/helm") + fmt.Println("path too sops" + sopsDir) if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { fmt.Println("Error Condition: ") fmt.Println(err) From b041b35f42e61a53abc905c28bc5e40248136d56 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 30 Mar 2023 16:58:03 +0530 Subject: [PATCH 138/742] Update values.yaml --- config-as-code/helm/charts/common/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-as-code/helm/charts/common/values.yaml b/config-as-code/helm/charts/common/values.yaml index 5d47e1b95c..c428a639ba 100755 --- a/config-as-code/helm/charts/common/values.yaml +++ b/config-as-code/helm/charts/common/values.yaml @@ -109,7 +109,7 @@ lifecycle: - -c - "sleep 10" -memory_limits: "512Mi" +memory_limits: "256Mi" resources: | {{- if eq .Values.appType "java-spring" -}} requests: From 1461693198e3341d0ac559e6a7ac2b7b13397e1b Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 30 Mar 2023 17:28:56 +0530 Subject: [PATCH 139/742] Update unified-dev.yaml updated memory limits and heap size --- config-as-code/environments/unified-dev.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config-as-code/environments/unified-dev.yaml b/config-as-code/environments/unified-dev.yaml index 56f9eff21d..6213be0a57 100644 --- a/config-as-code/environments/unified-dev.yaml +++ b/config-as-code/environments/unified-dev.yaml @@ -357,15 +357,15 @@ pdf-service: # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" + memory_limits: 300Mi + heap: "-Xmx128m -Xms128m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m + memory_limits: 256Mi + heap: -Xmx128m -Xms128m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: From 6116e3ca560bfdbe7960fda17eb846418e8c957f Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 30 Mar 2023 17:38:40 +0530 Subject: [PATCH 140/742] Update unified-dev.yaml --- config-as-code/environments/unified-dev.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/config-as-code/environments/unified-dev.yaml b/config-as-code/environments/unified-dev.yaml index 6213be0a57..e53a64da70 100644 --- a/config-as-code/environments/unified-dev.yaml +++ b/config-as-code/environments/unified-dev.yaml @@ -635,12 +635,12 @@ elasticsearch-data-v1: - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 zone: ap-south-1b ## add your respective zone eg. ap-south-1a - esJavaOpts: "-Xmx1g -Xms1g" + esJavaOpts: "-Xmx550m -Xms550m" resources: requests: - memory: "2Gi" + memory: "1Gi" limits: - memory: "2Gi" + memory: "1Gi" ### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> From 400d9f1ca61bb60bf6fe612c869f872facb19020 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 4 Apr 2023 14:25:02 +0530 Subject: [PATCH 141/742] Update .sops.yaml --- config-as-code/.sops.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config-as-code/.sops.yaml b/config-as-code/.sops.yaml index ea5826ded4..ad9e053c6b 100644 --- a/config-as-code/.sops.yaml +++ b/config-as-code/.sops.yaml @@ -3,6 +3,6 @@ creation_rules: # upon creation of a file that matches the pattern *dev.yaml, # KMS set A is used # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/unified-ci\-secrets\.yaml$ + - path_regex: environments/unified-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' - pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' \ No newline at end of file + pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' From beb5e3844e310c47885fb6837252dfdeac678d19 Mon Sep 17 00:00:00 2001 From: Gowtham-egov <112694085+Gowtham-egov@users.noreply.github.com> Date: Tue, 4 Apr 2023 14:57:50 +0530 Subject: [PATCH 142/742] added pgadmin and playground pods in unified dev (#1384) --- config-as-code/environments/unified-dev.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/config-as-code/environments/unified-dev.yaml b/config-as-code/environments/unified-dev.yaml index e53a64da70..a2b8c7263f 100644 --- a/config-as-code/environments/unified-dev.yaml +++ b/config-as-code/environments/unified-dev.yaml @@ -665,6 +665,22 @@ elasticsearch-master-v1: limits: memory: "896Mi" + +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "dev_readonly" + + +playground: + replicas: 1 + images: + - egovio/playground:v2 + + es-curator: schedule: "45 18 * * *" images: From 4e0c1c837e03fbd6e02e69bfb4eae394a1e7d69a Mon Sep 17 00:00:00 2001 From: Gowtham-egov Date: Wed, 5 Apr 2023 17:35:43 +0530 Subject: [PATCH 143/742] updated db-host in pgadmin unified dev --- config-as-code/environments/unified-dev-secrets.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/config-as-code/environments/unified-dev-secrets.yaml b/config-as-code/environments/unified-dev-secrets.yaml index 953b1c6c99..c9f7e32cc2 100644 --- a/config-as-code/environments/unified-dev-secrets.yaml +++ b/config-as-code/environments/unified-dev-secrets.yaml @@ -26,9 +26,9 @@ cluster-configs: payu-merchant-salt: ENC[AES256_GCM,data:liTlKez64go=,iv:oRxigBvmA+UUgX3oSnf2Kfg9oE+yvgEPBhpFuxrSpms=,tag:/u+Wa5m70MQZ/+Ey272Ayg==,type:str] pgadmin: admin-email: ENC[AES256_GCM,data:BmLUpgPP1spV8/2gszEX4pTxp0b5QvNPk0o=,iv:kVF6J3kbfcBao9iNNkizQwjCs1cA4Et9NFjqDHxY3W4=,tag:RLSKLlIS4ZXXLLz9OsHuHA==,type:str] - admin-password: ENC[AES256_GCM,data:HoPm7SB2nLheu6nr,iv:9J7oRlM5Aly/9074NqvhWQUeMdZtDrzKtk+8UDrDDBk=,tag:dLEAln2+jX5uJ/3rs+5Ang==,type:str] + admin-password: ENC[AES256_GCM,data:UqSyE3x0DO4Rp1uneg==,iv:4CV/nCQMZtOZf9LK3EsuavXf2riZhR60C8H9LfqNpzc=,tag:4W4GMDnoXpuZFrN1W31LdA==,type:str] read-email: ENC[AES256_GCM,data:+YvXu0nGYcdAqW10izH5n64CsHnnd2P3Qg==,iv:ElF93IF8rszx/Nmz2Biw4USlWyiNBeeCXKC0uXB3uzA=,tag:eZfwyjujY22qBYx6V+GGQA==,type:str] - read-password: ENC[AES256_GCM,data:1pDnVIXCAnrtQbLb,iv:plxbsbdJjkZpy1oUoU7xu/BqyMXafcuMYKjp2onhLuw=,tag:mxYpjDdTBYQ1K9uNcX40CA==,type:str] + read-password: ENC[AES256_GCM,data:iDlimiFWZOPX53ZMLA==,iv:opHgN89ZqY8gHwm143OKZ4fhJFGpXhykHg2rve/B02o=,tag:yJx2hAorriXcmb+tlm8+MA==,type:str] egov-enc-service: master-password: ENC[AES256_GCM,data:Zx+lA/ybTERW4A2HA1I7aA==,iv:g/mqLJud4dezlFoMbTm4sO9gwH98/hXHTUXyLPvKZIA=,tag:VVTZ48ndRYQNAmclNx71QA==,type:str] master-salt: ENC[AES256_GCM,data:8f+XlgAa9Dw=,iv:lk1A0B3Vpnc63wyd8w/Yt7J5KwMLLCTIqwNmg1shbtI=,tag:lJTEW42vKk5cWMT7T8qCNA==,type:str] @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-03-01T12:12:17Z" - mac: ENC[AES256_GCM,data:dR8J2pNAZh+xF5Mx96L0FkhjCVncU6IZn37NV0H/p7pStzYouUlnXIGRjnRP0OOMlWq2j9+wKdQeiE3roPq9i7eHuJJNueqVpy7sn4dbF5f1i00AsKaS4Nkv65XafIk1Abx0QsXiL2t8OxSODXlqFL42Dx7U+HxVthflLD9EYEo=,iv:QlH7jVGcygez1OhR+6nej2ucSCvC0/urcGIcFEBeXgE=,tag:lO96iLvh2d77V9JyDEYs3Q==,type:str] + lastmodified: "2023-04-05T04:47:59Z" + mac: ENC[AES256_GCM,data:pYygZpzP/p+5Q8xja69Kz+2Q6BW7fG572RRb+I9FBZ48T7OPNr3Z1pUFKeKIpFyQH8Tr3GkbWB8bRn9N0y4sSEdGo19+8Q50N0AntYc5D79SwD8xlrYHNWFv+Z0l3q4PlRKdhTZ5jYjiFulkGJ5IjxH0xkjs4HO97xIQ87Ob1m0=,iv:XWbBRhPCw/BwRxIaBLYeVq43y5QNi3NiPy832ZBCR98=,tag:yI1/5v4+q+vUMvhMhOQ9dg==,type:str] pgp: - created_at: "2023-03-01T12:12:16Z" enc: | From 779058e28a64aa74ed903448c2dce6ca365477f8 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 10 Apr 2023 15:15:09 +0530 Subject: [PATCH 144/742] Update deployer.go --- deploy-as-code/deployer/pkg/cmd/deployer/deployer.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go index b3c011b8d9..796376f714 100644 --- a/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go +++ b/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -148,7 +148,7 @@ func deployClusterConfigs(index map[string]string, configDir string, envOverride args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) fmt.Println("Before Trimming" + configDir) - sopsDir := strings.Trim(configDir, "/helm") + sopsDir := strings.Trim(configDir, "helm") fmt.Println("path too sops" + sopsDir) if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { fmt.Println("Error Condition: ") From 02ffd925ce80126ee8f8aac4b15a5f6226bf0912 Mon Sep 17 00:00:00 2001 From: Shashwat Mishra Date: Tue, 11 Apr 2023 10:50:03 +0530 Subject: [PATCH 145/742] [DEVOPS] Corrected folder structure in devops repo --- .../backbone-services/cert-manager/Chart.yaml | 0 .../backbone-services/cert-manager/README.md | 0 .../cert-manager/crds/crds.yaml | 0 .../cert-manager/templates/NOTES.txt | 0 .../cert-manager/templates/_helpers.tpl | 0 .../templates/cainjector-deployment.yaml | 0 .../templates/cainjector-psp-clusterrole.yaml | 0 .../cainjector-psp-clusterrolebinding.yaml | 0 .../templates/cainjector-psp.yaml | 0 .../templates/cainjector-rbac.yaml | 0 .../templates/cainjector-serviceaccount.yaml | 0 .../cert-manager/templates/clusterissuer.yaml | 0 .../cert-manager/templates/deployment.yaml | 0 .../templates/psp-clusterrole.yaml | 0 .../templates/psp-clusterrolebinding.yaml | 0 .../cert-manager/templates/psp.yaml | 0 .../cert-manager/templates/rbac.yaml | 0 .../cert-manager/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../templates/startupapicheck-job.yaml | 0 .../startupapicheck-psp-clusterrole.yaml | 0 ...tartupapicheck-psp-clusterrolebinding.yaml | 0 .../templates/startupapicheck-psp.yaml | 0 .../templates/startupapicheck-rbac.yaml | 0 .../startupapicheck-serviceaccount.yaml | 0 .../templates/webhook-config.yaml | 0 .../templates/webhook-deployment.yaml | 0 .../templates/webhook-mutating-webhook.yaml | 0 .../templates/webhook-psp-clusterrole.yaml | 0 .../webhook-psp-clusterrolebinding.yaml | 0 .../cert-manager/templates/webhook-psp.yaml | 0 .../cert-manager/templates/webhook-rbac.yaml | 0 .../templates/webhook-service.yaml | 0 .../templates/webhook-serviceaccount.yaml | 0 .../templates/webhook-validating-webhook.yaml | 0 .../cert-manager/values.yaml | 0 .../cluster-autoscaler/.helmignore | 0 .../cluster-autoscaler/Chart.yaml | 0 .../cluster-autoscaler/OWNERS | 0 .../cluster-autoscaler/README.md | 0 .../cluster-autoscaler/requirements.lock | 0 .../cluster-autoscaler/templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/deployment.yaml | 0 .../cluster-autoscaler/templates/pdb.yaml | 0 .../templates/podsecuritypolicy.yaml | 0 .../priority-expander-configmap.yaml | 0 .../cluster-autoscaler/templates/role.yaml | 0 .../templates/rolebinding.yaml | 0 .../cluster-autoscaler/templates/secret.yaml | 0 .../cluster-autoscaler/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../cluster-autoscaler/values.yaml | 0 .../elasticsearch/Chart.yaml | 0 .../elasticsearch-data-infra-v1-values.yaml | 0 .../elasticsearch-data-v1-values.yaml | 0 .../elasticsearch-master-infra-v1-values.yaml | 0 .../elasticsearch-master-v1-values.yaml | 0 .../elasticsearch/templates/_helpers.tpl | 0 .../templates/headless-service.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../elasticsearch/templates/service.yaml | 0 .../elasticsearch/templates/statefulset.yaml | 0 .../backbone-services/es-curator/Chart.yaml | 0 .../es-curator/es-curator-infra-values.yaml | 0 .../es-curator/templates/_helpers.tpl | 0 .../es-curator/templates/configmap.yaml | 0 .../es-curator/templates/cronjob.yaml | 0 .../backbone-services/fluent-bit/Chart.yaml | 0 .../fluent-bit/templates/_helpers.tpl | 0 .../fluent-bit/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../fluent-bit/templates/configmap.yaml | 0 .../fluent-bit/templates/daemonset.yaml | 0 .../fluent-bit/templates/serviceaccount.yaml | 0 .../backbone-services/fluent-bit/values.yaml | 0 .../backbone-services/grafana/Chart.yaml | 0 .../grafana/templates/configmap.yaml | 0 .../grafana/templates/deployment.yaml | 0 .../grafana/templates/ingress.yaml | 0 .../grafana/templates/service.yaml | 0 .../backbone-services/grafana/values.yaml | 0 .../ingress-nginx/.helmignore | 0 .../ingress-nginx/CHANGELOG.md | 0 .../ingress-nginx/Chart.yaml | 0 .../backbone-services/ingress-nginx/OWNERS | 0 .../backbone-services/ingress-nginx/README.md | 0 .../ingress-nginx/README.md.gotmpl | 0 .../ingress-nginx/changelog.md.gotmpl | 0 .../ingress-nginx/changelog/.gitkeep | 0 .../changelog/Changelog-4.5.2.md | 0 ...ler-admission-tls-cert-manager-values.yaml | 0 .../controller-custom-ingressclass-flags.yaml | 0 .../ci/daemonset-customconfig-values.yaml | 0 .../ci/daemonset-customnodeport-values.yaml | 0 .../ci/daemonset-extra-modules.yaml | 0 .../ci/daemonset-headers-values.yaml | 0 .../ci/daemonset-internal-lb-values.yaml | 0 .../ci/daemonset-nodeport-values.yaml | 0 .../ci/daemonset-podannotations-values.yaml | 0 ...set-tcp-udp-configMapNamespace-values.yaml | 0 ...emonset-tcp-udp-portNamePrefix-values.yaml | 0 .../ci/daemonset-tcp-udp-values.yaml | 0 .../ci/daemonset-tcp-values.yaml | 0 .../ci/deamonset-default-values.yaml | 0 .../ci/deamonset-metrics-values.yaml | 0 .../ci/deamonset-psp-values.yaml | 0 .../ci/deamonset-webhook-and-psp-values.yaml | 0 .../ci/deamonset-webhook-values.yaml | 0 ...eployment-autoscaling-behavior-values.yaml | 0 .../ci/deployment-autoscaling-values.yaml | 0 .../ci/deployment-customconfig-values.yaml | 0 .../ci/deployment-customnodeport-values.yaml | 0 .../ci/deployment-default-values.yaml | 0 ...modules-default-container-sec-context.yaml | 0 ...odules-specific-container-sec-context.yaml | 0 .../ci/deployment-extra-modules.yaml | 0 .../ci/deployment-headers-values.yaml | 0 .../ci/deployment-internal-lb-values.yaml | 0 .../ci/deployment-metrics-values.yaml | 0 .../ci/deployment-nodeport-values.yaml | 0 .../ci/deployment-podannotations-values.yaml | 0 .../ci/deployment-psp-values.yaml | 0 ...ent-tcp-udp-configMapNamespace-values.yaml | 0 ...loyment-tcp-udp-portNamePrefix-values.yaml | 0 .../ci/deployment-tcp-udp-values.yaml | 0 .../ci/deployment-tcp-values.yaml | 0 .../ci/deployment-webhook-and-psp-values.yaml | 0 .../deployment-webhook-extraEnvs-values.yaml | 0 .../deployment-webhook-resources-values.yaml | 0 .../ci/deployment-webhook-values.yaml | 0 .../ingress-nginx/templates/NOTES.txt | 0 .../ingress-nginx/templates/_helpers.tpl | 0 .../ingress-nginx/templates/_params.tpl | 0 .../admission-webhooks/cert-manager.yaml | 0 .../job-patch/clusterrole.yaml | 0 .../job-patch/clusterrolebinding.yaml | 0 .../job-patch/job-createSecret.yaml | 0 .../job-patch/job-patchWebhook.yaml | 0 .../job-patch/networkpolicy.yaml | 0 .../admission-webhooks/job-patch/psp.yaml | 0 .../admission-webhooks/job-patch/role.yaml | 0 .../job-patch/rolebinding.yaml | 0 .../job-patch/serviceaccount.yaml | 0 .../validating-webhook.yaml | 0 .../ingress-nginx/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../controller-configmap-addheaders.yaml | 0 .../controller-configmap-proxyheaders.yaml | 0 .../templates/controller-configmap-tcp.yaml | 0 .../templates/controller-configmap-udp.yaml | 0 .../templates/controller-configmap.yaml | 0 .../templates/controller-daemonset.yaml | 0 .../templates/controller-deployment.yaml | 0 .../templates/controller-hpa.yaml | 0 .../templates/controller-ingressclass.yaml | 0 .../templates/controller-keda.yaml | 0 .../controller-poddisruptionbudget.yaml | 0 .../templates/controller-prometheusrules.yaml | 0 .../templates/controller-psp.yaml | 0 .../templates/controller-role.yaml | 0 .../templates/controller-rolebinding.yaml | 0 .../controller-service-internal.yaml | 0 .../templates/controller-service-metrics.yaml | 0 .../templates/controller-service-webhook.yaml | 0 .../templates/controller-service.yaml | 0 .../templates/controller-serviceaccount.yaml | 0 .../templates/controller-servicemonitor.yaml | 0 .../controller-webhooks-networkpolicy.yaml | 0 .../templates/default-backend-deployment.yaml | 0 .../templates/default-backend-hpa.yaml | 0 .../default-backend-poddisruptionbudget.yaml | 0 .../templates/default-backend-psp.yaml | 0 .../templates/default-backend-role.yaml | 0 .../default-backend-rolebinding.yaml | 0 .../templates/default-backend-service.yaml | 0 .../default-backend-serviceaccount.yaml | 0 .../templates/dh-param-secret.yaml | 0 .../ingress-nginx/values.yaml | 0 .../backbone-services/jaeger/Chart.yaml | 0 .../jaeger/templates/_helpers.tpl | 0 .../jaeger/templates/agent-ds.yaml | 0 .../jaeger/templates/agent-svc.yaml | 0 .../jaeger/templates/collector-configmap.yaml | 0 .../jaeger/templates/collector-deploy.yaml | 0 .../jaeger/templates/collector-hpa.yaml | 0 .../jaeger/templates/collector-svc.yaml | 0 .../jaeger/templates/query-configmap.yaml | 0 .../jaeger/templates/query-deploy.yaml | 0 .../jaeger/templates/query-ing.yaml | 0 .../jaeger/templates/query-svc.yaml | 0 .../jaeger/templates/spark-cronjob.yaml | 0 .../backbone-services/jaeger/values.yaml | 0 .../backbone-services/jenkins/.helmignore | 0 .../backbone-services/jenkins/CHANGELOG.md | 0 .../backbone-services/jenkins/Chart.yaml | 0 .../charts/backbone-services/jenkins/OWNERS | 0 .../backbone-services/jenkins/README.md | 0 .../jenkins/templates/NOTES.txt | 0 .../jenkins/templates/_helpers.tpl | 0 .../jenkins/templates/config.yaml | 0 .../jenkins/templates/deprecation.yaml | 0 .../jenkins/templates/home-pv.yaml | 0 .../jenkins/templates/home-pvc.yaml | 0 .../jenkins/templates/jcasc-config.yaml | 0 .../jenkins/templates/jenkins-agent-svc.yaml | 0 .../templates/jenkins-backup-cronjob.yaml | 0 .../templates/jenkins-backup-rbac.yaml | 0 .../jenkins-master-alerting-rules.yaml | 0 .../jenkins-master-backendconfig.yaml | 0 .../templates/jenkins-master-deployment.yaml | 0 .../templates/jenkins-master-ingress.yaml | 0 .../jenkins-master-networkpolicy.yaml | 0 .../templates/jenkins-master-route.yaml | 0 .../jenkins-master-servicemonitor.yaml | 0 .../jenkins/templates/jenkins-master-svc.yaml | 0 .../jenkins/templates/jobs.yaml | 0 .../jenkins/templates/rbac.yaml | 0 .../jenkins/templates/secret-https-jks.yaml | 0 .../jenkins/templates/secret.yaml | 0 .../templates/service-account-agent.yaml | 0 .../jenkins/templates/service-account.yaml | 0 .../backbone-services/jenkins/values.yaml | 0 .../kafka-connect-restart-tasks/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../kafka-connect-restart-tasks/values.yaml | 0 .../kafka-connect/Chart.yaml | 0 .../kafka-connect-infra-values.yaml | 0 .../kafka-connect/templates/deployment.yaml | 0 .../kafka-connect/templates/service.yaml | 0 .../kafka-connect/values.yaml | 0 .../backbone-services/kafka-v2/Chart.yaml | 0 .../kafka-v2/kafka-v2-infra-values.yaml | 0 .../kafka-v2/templates/_helpers.tpl | 0 .../kafka-v2/templates/headless-service.yaml | 0 .../kafka-v2/templates/persistentvolume.yaml | 0 .../kafka-v2/templates/service.yaml | 0 .../kafka-v2/templates/statefulset.yaml | 0 .../backbone-services/kafka-v2/values.yaml | 0 .../backbone-services/kafka/.helmignore | 0 .../charts/backbone-services/kafka/Chart.yaml | 0 .../charts/backbone-services/kafka/README.md | 0 .../kafka/templates/_helpers.tpl | 0 .../backbone-services/kafka/templates/pv.yaml | 0 .../kafka/templates/pvc.yaml | 0 .../kafka/templates/scripts-configmap.yaml | 0 .../kafka/templates/statefulset.yaml | 0 .../kafka/templates/svc-headless.yaml | 0 .../kafka/templates/svc.yaml | 0 .../backbone-services/kafka/values.yaml | 0 .../kaniko-cache-warmer/Chart.yaml | 0 .../templates/cronjob.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/persistentvolumeclaim.yaml | 0 .../kaniko-cache-warmer/values.yaml | 0 .../backbone-services/kibana-v1/Chart.yaml | 0 .../kibana-v1/kibana-infra-v1-values.yaml | 0 .../kibana-v1/templates/deployment.yaml | 0 .../kibana-v1/templates/ingress.yaml | 0 .../kibana-v1/templates/service.yaml | 0 .../backbone-services/kibana-v1/values.yaml | 0 .../kube-state-metrics/.helmignore | 0 .../kube-state-metrics/Chart.yaml | 0 .../kube-state-metrics/OWNERS | 0 .../kube-state-metrics/README.md | 0 .../kube-state-metrics/templates/NOTES.txt | 0 .../kube-state-metrics/templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/deployment.yaml | 0 .../kube-state-metrics/templates/pdb.yaml | 0 .../templates/podsecuritypolicy.yaml | 0 .../templates/psp-clusterrole.yaml | 0 .../templates/psp-clusterrolebinding.yaml | 0 .../kube-state-metrics/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../templates/stsdiscovery-role.yaml | 0 .../templates/stsdiscovery-rolebinding.yaml | 0 .../kube-state-metrics/values.yaml | 0 .../backbone-services/kuberhealthy/Chart.yaml | 0 .../backbone-services/kuberhealthy/NOTES.txt | 0 .../backbone-services/kuberhealthy/README.md | 0 .../kuberhealthy/crds/khcheck.yaml | 0 .../kuberhealthy/crds/khstate.yaml | 0 .../kuberhealthy/templates/_helpers.tpl | 0 .../kuberhealthy/templates/check-reaper.yaml | 0 .../kuberhealthy/templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../kuberhealthy/templates/configmap.yaml | 0 .../kuberhealthy/templates/deployment.yaml | 0 .../templates/khcheck-daemonset.yaml | 0 .../templates/khcheck-db-connections.yaml | 0 .../khcheck-db-es-collections-sync.yaml | 0 .../templates/khcheck-db-es-pgr-sync.yaml | 0 .../templates/khcheck-db-es-pt-sync.yaml | 0 .../templates/khcheck-db-es-tl-sync.yaml | 0 .../kuberhealthy/templates/khcheck-db.yaml | 0 .../templates/khcheck-deployment.yaml | 0 .../kuberhealthy/templates/khcheck-dns.yaml | 0 .../kuberhealthy/templates/khcheck-kafka.yaml | 0 .../templates/khcheck-pod-restarts.yaml | 0 .../templates/khcheck-pod-status.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../kuberhealthy/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../templates/servicemonitor.yaml | 0 .../kuberhealthy/values.yaml | 0 .../backbone-services/minio/.helmignore | 0 .../charts/backbone-services/minio/Chart.yaml | 0 .../minio/templates/_helpers.tpl | 0 .../templates/deployment-standalone.yaml | 0 .../minio/templates/ingress.yaml | 0 .../minio/templates/persistentvolume.yaml | 0 .../minio/templates/pv-standalone.yaml | 0 .../minio/templates/pvc-standalone.yaml | 0 .../minio/templates/service.yaml | 0 .../minio/templates/statefulset.yaml | 0 .../minio/templates/svc-headless.yaml | 0 .../backbone-services/minio/values.yaml | 0 .../nginx-errors/.helmignore | 0 .../backbone-services/nginx-errors/Chart.yaml | 0 .../nginx-errors/templates/NOTES.txt | 0 .../nginx-errors/templates/_helpers.tpl | 0 .../nginx-errors/templates/deployment.yaml | 0 .../nginx-errors/templates/service.yaml | 0 .../templates/tests/test-connection.yaml | 0 .../nginx-errors/values.yaml | 0 .../oauth2-proxy/.helmignore | 0 .../backbone-services/oauth2-proxy/Chart.yaml | 0 .../oauth2-proxy/templates/configmap.yaml | 0 .../oauth2-proxy/templates/deployment.yaml | 0 .../oauth2-proxy/templates/ingress.yaml | 0 .../oauth2-proxy/templates/service.yaml | 0 .../oauth2-proxy/values.yaml | 0 .../backbone-services/pgadmin/Chart.yaml | 0 .../pgadmin/templates/deployment.yaml | 0 .../pgadmin/templates/ingress.yaml | 0 .../pgadmin/templates/service.yaml | 0 .../backbone-services/pgadmin/values.yaml | 0 .../backbone-services/playground/Chart.yaml | 0 .../backbone-services/playground/README.md | 0 .../playground/templates/deployment.yaml | 0 .../backbone-services/playground/values.yaml | 0 .../backbone-services/postgres/Chart.yaml | 0 .../postgres/templates/deployment.yaml | 0 .../postgres/templates/pv.yaml | 0 .../postgres/templates/pvc.yaml | 0 .../postgres/templates/service.yaml | 0 .../backbone-services/postgres/values.yaml | 0 .../prometheus-kafka-exporter/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../templates/servicemonitor.yaml | 0 .../prometheus-kafka-exporter/values.yaml | 0 .../prometheus-operator/.helmignore | 0 .../prometheus-operator/CONTRIBUTING.md | 0 .../prometheus-operator/Chart.yaml | 0 .../prometheus-operator/OWNERS | 0 .../prometheus-operator/README.md | 0 .../crds/crd-alertmanager.yaml | 0 .../crds/crd-podmonitor.yaml | 0 .../crds/crd-prometheus.yaml | 0 .../crds/crd-prometheusrules.yaml | 0 .../crds/crd-servicemonitor.yaml | 0 .../crds/crd-thanosrulers.yaml | 0 .../prometheus-operator/hack/README.md | 0 .../hack/minikube/README.md | 0 .../prometheus-operator/hack/minikube/cmd.sh | 0 .../hack/minikube/values.yaml | 0 .../prometheus-operator/hack/requirements.txt | 0 .../hack/sync_grafana_dashboards.py | 0 .../hack/sync_prometheus_rules.py | 0 .../prometheus-operator/requirements.lock | 0 .../prometheus-operator/requirements.yaml | 0 .../prometheus-operator/templates/NOTES.txt | 0 .../templates/_helpers.tpl | 0 .../templates/alertmanager/alertmanager.yaml | 0 .../templates/alertmanager/ingress.yaml | 0 .../alertmanager/ingressperreplica.yaml | 0 .../alertmanager/podDisruptionBudget.yaml | 0 .../templates/alertmanager/psp-role.yaml | 0 .../alertmanager/psp-rolebinding.yaml | 0 .../templates/alertmanager/psp.yaml | 0 .../templates/alertmanager/secret.yaml | 0 .../templates/alertmanager/service.yaml | 0 .../alertmanager/serviceaccount.yaml | 0 .../alertmanager/servicemonitor.yaml | 0 .../alertmanager/serviceperreplica.yaml | 0 .../alertmanager/templatefiles-configmap.yaml | 0 .../templates/exporters/core-dns/service.yaml | 0 .../exporters/core-dns/servicemonitor.yaml | 0 .../kube-api-server/servicemonitor.yaml | 0 .../kube-controller-manager/endpoints.yaml | 0 .../kube-controller-manager/service.yaml | 0 .../servicemonitor.yaml | 0 .../templates/exporters/kube-dns/service.yaml | 0 .../exporters/kube-dns/servicemonitor.yaml | 0 .../exporters/kube-etcd/endpoints.yaml | 0 .../exporters/kube-etcd/service.yaml | 0 .../exporters/kube-etcd/servicemonitor.yaml | 0 .../exporters/kube-proxy/endpoints.yaml | 0 .../exporters/kube-proxy/service.yaml | 0 .../exporters/kube-proxy/servicemonitor.yaml | 0 .../exporters/kube-scheduler/endpoints.yaml | 0 .../exporters/kube-scheduler/service.yaml | 0 .../kube-scheduler/servicemonitor.yaml | 0 .../kube-state-metrics/serviceMonitor.yaml | 0 .../exporters/kubelet/servicemonitor.yaml | 0 .../node-exporter/servicemonitor.yaml | 0 .../templates/operator/cleanup-crds.yaml | 0 .../templates/operator/clusterrole.yaml | 0 .../operator/clusterrolebinding.yaml | 0 .../templates/operator/crds.yaml | 0 .../templates/operator/deployment.yaml | 0 .../templates/operator/psp-clusterrole.yaml | 0 .../operator/psp-clusterrolebinding.yaml | 0 .../templates/operator/psp.yaml | 0 .../templates/operator/service.yaml | 0 .../templates/operator/serviceaccount.yaml | 0 .../templates/operator/servicemonitor.yaml | 0 .../additionalAlertRelabelConfigs.yaml | 0 .../additionalAlertmanagerConfigs.yaml | 0 .../prometheus/additionalPrometheusRules.yaml | 0 .../prometheus/additionalScrapeConfigs.yaml | 0 .../templates/prometheus/clusterrole.yaml | 0 .../prometheus/clusterrolebinding.yaml | 0 .../templates/prometheus/ingress.yaml | 0 .../prometheus/ingressperreplica.yaml | 0 .../prometheus/podDisruptionBudget.yaml | 0 .../templates/prometheus/podmonitors.yaml | 0 .../templates/prometheus/prometheus.yaml | 0 .../templates/prometheus/psp-clusterrole.yaml | 0 .../prometheus/psp-clusterrolebinding.yaml | 0 .../templates/prometheus/psp.yaml | 0 .../rules-1.14/alertmanager.rules.yaml | 0 .../templates/prometheus/rules-1.14/etcd.yaml | 0 .../prometheus/rules-1.14/general.rules.yaml | 0 .../prometheus/rules-1.14/k8s.rules.yaml | 0 .../rules-1.14/kube-apiserver-slos.yaml | 0 .../rules-1.14/kube-apiserver.rules.yaml | 0 .../kube-prometheus-general.rules.yaml | 0 .../kube-prometheus-node-recording.rules.yaml | 0 .../rules-1.14/kube-scheduler.rules.yaml | 0 .../rules-1.14/kube-state-metrics.yaml | 0 .../prometheus/rules-1.14/kubelet.rules.yaml | 0 .../rules-1.14/kubernetes-apps.yaml | 0 .../rules-1.14/kubernetes-resources.yaml | 0 .../rules-1.14/kubernetes-storage.yaml | 0 .../kubernetes-system-apiserver.yaml | 0 .../kubernetes-system-controller-manager.yaml | 0 .../rules-1.14/kubernetes-system-kubelet.yaml | 0 .../kubernetes-system-scheduler.yaml | 0 .../rules-1.14/kubernetes-system.yaml | 0 .../rules-1.14/node-exporter.rules.yaml | 0 .../prometheus/rules-1.14/node-exporter.yaml | 0 .../prometheus/rules-1.14/node-network.yaml | 0 .../prometheus/rules-1.14/node.rules.yaml | 0 .../rules-1.14/prometheus-operator.yaml | 0 .../prometheus/rules-1.14/prometheus.yaml | 0 .../prometheus/rules/alertmanager.rules.yaml | 0 .../templates/prometheus/rules/etcd.yaml | 0 .../prometheus/rules/general.rules.yaml | 0 .../templates/prometheus/rules/k8s.rules.yaml | 0 .../rules/kube-apiserver.rules.yaml | 0 .../kube-prometheus-node-alerting.rules.yaml | 0 .../kube-prometheus-node-recording.rules.yaml | 0 .../rules/kube-scheduler.rules.yaml | 0 .../prometheus/rules/kubernetes-absent.yaml | 0 .../prometheus/rules/kubernetes-apps.yaml | 0 .../rules/kubernetes-resources.yaml | 0 .../prometheus/rules/kubernetes-storage.yaml | 0 .../prometheus/rules/kubernetes-system.yaml | 0 .../prometheus/rules/node-network.yaml | 0 .../templates/prometheus/rules/node-time.yaml | 0 .../prometheus/rules/node.rules.yaml | 0 .../prometheus/rules/prometheus-operator.yaml | 0 .../prometheus/rules/prometheus.rules.yaml | 0 .../templates/prometheus/service.yaml | 0 .../templates/prometheus/serviceaccount.yaml | 0 .../templates/prometheus/servicemonitor.yaml | 0 .../templates/prometheus/servicemonitors.yaml | 0 .../prometheus/serviceperreplica.yaml | 0 .../prometheus-operator/values.yaml | 0 .../charts/backbone-services/redis/Chart.yaml | 0 .../redis/templates/deployment.yaml | 0 .../redis/templates/service.yaml | 0 .../backbone-services/redis/values.yaml | 0 .../charts/backbone-services/redoc/Chart.yaml | 0 .../redoc/templates/deployment.yaml | 0 .../redoc/templates/ingress.yaml | 0 .../redoc/templates/service.yaml | 0 .../backbone-services/redoc/values.yaml | 0 .../backbone-services/s3-proxy/Chart.yaml | 0 .../s3-proxy/templates/ingress.yaml | 0 .../s3-proxy/templates/service.yaml | 0 .../backbone-services/s3-proxy/values.yaml | 0 .../spot-termination-handler/Chart.yaml | 0 .../templates/_helpers.tpl | 0 .../templates/clusterrole.yaml | 0 .../templates/clusterrolebinding.yaml | 0 .../templates/daemonset.yaml | 0 .../templates/serviceaccount.yaml | 0 .../spot-termination-handler/values.yaml | 0 .../backbone-services/zookeeper-v2/Chart.yaml | 0 .../backbone-services/zookeeper-v2/README.md | 0 .../zookeeper-v2/templates/_helpers.tpl | 0 .../templates/headless-service.yaml | 0 .../templates/persistentvolume.yaml | 0 .../templates/poddisruptionbudget.yaml | 0 .../zookeeper-v2/templates/service.yaml | 0 .../zookeeper-v2/templates/statefulset.yaml | 0 .../zookeeper-v2/values.yaml | 0 .../backbone-services/zookeeper/.helmignore | 0 .../backbone-services/zookeeper/Chart.yaml | 0 .../backbone-services/zookeeper/README.md | 0 .../zookeeper/templates/_helpers.tpl | 0 .../zookeeper/templates/pv.yaml | 0 .../zookeeper/templates/pvc.yaml | 0 .../zookeeper/templates/statefulset.yaml | 0 .../zookeeper/templates/svc-headless.yaml | 0 .../zookeeper/templates/svc.yaml | 0 .../backbone-services/zookeeper/values.yaml | 0 .../billing-service/Chart.yaml | 0 .../billing-service/templates/deployment.yaml | 0 .../billing-service/templates/ingress.yaml | 0 .../billing-service/templates/service.yaml | 0 .../billing-service/values.yaml | 0 .../collection-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../collection-services/values.yaml | 0 .../dashboard-analytics/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../dashboard-analytics/values.yaml | 0 .../dashboard-ingest/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../dashboard-ingest/templates/ingress.yaml | 0 .../dashboard-ingest/templates/service.yaml | 0 .../dashboard-ingest/values.yaml | 0 .../egf-account-details-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egf-account-details-consumer/values.yaml | 0 .../egf-instrument/Chart.yaml | 0 .../egf-instrument/templates/deployment.yaml | 0 .../egf-instrument/templates/ingress.yaml | 0 .../egf-instrument/templates/service.yaml | 0 .../egf-instrument/values.yaml | 0 .../business-services/egf-master/Chart.yaml | 0 .../egf-master/templates/deployment.yaml | 0 .../egf-master/templates/ingress.yaml | 0 .../egf-master/templates/service.yaml | 0 .../business-services/egf-master/values.yaml | 0 .../business-services/egf-masters/Chart.yaml | 0 .../egf-masters/templates/deployment.yaml | 0 .../egf-masters/templates/service.yaml | 0 .../business-services/egf-masters/values.yaml | 0 .../egf-voucher-indexer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egf-voucher-indexer/values.yaml | 0 .../egov-apportion-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yml | 0 .../templates/service.yaml | 0 .../egov-apportion-service/values.yaml | 0 .../business-services/egov-edcr/Chart.yaml | 0 .../egov-edcr/templates/deployment.yaml | 0 .../egov-edcr/templates/ingress.yaml | 0 .../templates/override-configmap.yaml | 0 .../egov-edcr/templates/service.yaml | 0 .../business-services/egov-edcr/values.yaml | 0 .../business-services/egov-finance/Chart.yaml | 0 .../egov-finance/templates/deployment.yaml | 0 .../egov-finance/templates/ingress.yaml | 0 .../templates/override-configmap.yaml | 0 .../egov-finance/templates/service.yaml | 0 .../egov-finance/values.yaml | 0 .../business-services/egov-hrms/Chart.yaml | 0 .../egov-hrms/templates/deployment.yaml | 0 .../egov-hrms/templates/ingress.yaml | 0 .../egov-hrms/templates/service.yaml | 0 .../business-services/egov-hrms/values.yaml | 0 .../Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../values.yaml | 0 .../charts/business-services/mysql/Chart.yaml | 0 .../mysql/templates/deployment.yaml | 0 .../business-services/mysql/templates/pv.yaml | 0 .../mysql/templates/pvc.yaml | 0 .../mysql/templates/service.yaml | 0 .../business-services/mysql/values.yaml | 0 .../business-services/wordpress/Chart.yaml | 0 .../wordpress/templates/deployment.yaml | 0 .../wordpress/templates/ingress.yaml | 0 .../wordpress/templates/pv.yaml | 0 .../wordpress/templates/pvc.yaml | 0 .../wordpress/templates/service.yaml | 0 .../business-services/wordpress/values.yaml | 0 .../helm/charts/cluster-configs/Chart.yaml | 0 .../templates/0-namespaces/0-namespaces.yaml | 0 .../configmaps/common-configmap.yaml | 0 .../egov-service-host-comfigmap.yaml | 0 .../configmaps/egov-user-chatbot.yaml | 0 .../templates/ingress/nginx-errors.yaml | 0 .../templates/ingress/root-ingress.yaml | 0 .../templates/rbac/clusterroles.yaml | 0 .../rbac/read-clusterrolebinding.yaml | 0 .../templates/rbac/rolebindings.yaml | 0 .../secrets/alertmanager-secret.yaml | 0 .../secrets/case-management-secret.yaml | 0 .../templates/secrets/chatbot-secret.yaml | 0 .../templates/secrets/covid-chatbot.yaml | 0 .../templates/secrets/db-secret.yaml | 0 .../egov-edcr-bank-gateway-secret-.yaml | 0 .../egov-edcr-notification-secret.yaml | 0 .../secrets/egov-enc-service-secret.yaml | 0 .../secrets/egov-filestore-secret.yaml | 0 .../secrets/egov-location-secret.yaml | 0 .../egov-notification-mail-secret.yaml | 0 .../secrets/egov-notification-sms-secret.yaml | 0 .../secrets/egov-pg-service-secret.yaml | 0 .../secrets/egov-si-microservice-secret.yaml | 0 .../templates/secrets/git-sync-secret.yaml | 0 ...me-isolation-notification-mail-secret.yaml | 0 .../secrets/ispirit-ecurfew-secret.yaml | 0 .../secrets/jenkins-kubeconfigs.yaml | 0 .../templates/secrets/jenkins-secret.yaml | 0 .../secrets/kibana-infra-secret.yaml | 0 .../templates/secrets/kibana-secret.yaml | 0 .../templates/secrets/minio-secret.yaml | 0 .../templates/secrets/mysql-secret.yaml | 0 .../secrets/oauth2-proxy-secret.yaml | 0 .../templates/secrets/pgadmin-secret.yaml | 0 .../templates/secrets/wordpress-secret.yaml | 0 .../templates/services/db-endpoints.yaml | 0 .../templates/services/db-service.yaml | 0 .../helm/charts/cluster-configs/values.yaml | 0 .../helm/charts/common/.helmignore | 42 +- .../helm/charts/common/Chart.yaml | 8 +- .../helm/charts/common/README.md | 0 .../charts/common/templates/_cronjob.yaml | 0 .../charts/common/templates/_deployment.yaml | 324 +++++------ .../helm/charts/common/templates/_helpers.tpl | 50 +- .../charts/common/templates/_ingress.yaml | 122 ++-- .../charts/common/templates/_service.yaml | 56 +- .../common/templates/_servicemonitor.yaml | 0 .../helm/charts/common/values.yaml | 534 +++++++++--------- .../charts/core-services/chatbot/Chart.yaml | 0 .../core-services/chatbot/chatbot-values.yaml | 0 .../home-isolation-chatbot-values.yaml | 0 .../core-services/chatbot/requirements.lock | 0 .../chatbot/templates/deployment.yaml | 0 .../chatbot/templates/ingress.yaml | 0 .../chatbot/templates/service.yaml | 0 .../egov-accesscontrol/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-accesscontrol/templates/ingress.yaml | 0 .../egov-accesscontrol/templates/service.yaml | 0 .../egov-accesscontrol/values.yaml | 0 .../egov-common-masters/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-common-masters/values.yaml | 0 .../egov-data-uploader/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-data-uploader/templates/ingress.yaml | 0 .../egov-data-uploader/templates/service.yaml | 0 .../egov-data-uploader/values.yaml | 0 .../egov-document-uploader/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-document-uploader/values.yaml | 0 .../core-services/egov-enc-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-enc-service/templates/ingress.yml | 0 .../egov-enc-service/templates/service.yaml | 0 .../egov-enc-service/values.yaml | 0 .../core-services/egov-filestore/Chart.yaml | 0 .../egov-filestore/templates/deployment.yaml | 0 .../egov-filestore/templates/ingress.yaml | 0 .../templates/persistentvolume.yaml | 0 .../egov-filestore/templates/pvc.yaml | 0 .../egov-filestore/templates/service.yaml | 0 .../core-services/egov-filestore/values.yaml | 0 .../core-services/egov-idgen/Chart.yaml | 0 .../egov-idgen/templates/deployment.yaml | 0 .../egov-idgen/templates/ingress.yaml | 0 .../egov-idgen/templates/service.yaml | 0 .../core-services/egov-idgen/values.yaml | 0 .../egov-index-custom-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-index-custom-consumer/values.yaml | 0 .../core-services/egov-indexer/Chart.yaml | 0 .../egov-indexer/templates/deployment.yaml | 0 .../egov-indexer/templates/ingress.yaml | 0 .../egov-indexer/templates/service.yaml | 0 .../core-services/egov-indexer/values.yaml | 0 .../egov-localization/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-localization/templates/ingress.yaml | 0 .../egov-localization/templates/service.yaml | 0 .../egov-localization/values.yaml | 0 .../core-services/egov-location/Chart.yaml | 0 .../egov-location/templates/deployment.yaml | 0 .../egov-location/templates/ingress.yaml | 0 .../egov-location/templates/service.yaml | 0 .../core-services/egov-location/values.yaml | 0 .../egov-mdms-service/Chart.yaml | 0 .../ispirit-mdms-service-values.yaml | 0 .../templates/deployment.yaml | 0 .../egov-mdms-service/templates/ingress.yaml | 0 .../egov-mdms-service/templates/service.yaml | 0 .../egov-mdms-service/tenant-a-mdms-data.yaml | 0 .../egov-mdms-service/tenant-b-mdms-data.yaml | 0 .../egov-mdms-service/values.yaml | 0 .../egov-notification-mail/Chart.yaml | 0 .../home-isolation-email-values.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-notification-mail/values.yaml | 0 .../egov-notification-sms/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-notification-sms/values.yaml | 0 .../charts/core-services/egov-otp/Chart.yaml | 0 .../egov-otp/templates/deployment.yaml | 0 .../egov-otp/templates/ingress.yaml | 0 .../egov-otp/templates/service.yaml | 0 .../charts/core-services/egov-otp/values.yaml | 0 .../charts/core-services/egov-pdf/Chart.yaml | 0 .../egov-pdf/templates/deployment.yaml | 0 .../egov-pdf/templates/ingress.yaml | 0 .../egov-pdf/templates/service.yaml | 0 .../charts/core-services/egov-pdf/values.yaml | 0 .../core-services/egov-persister/Chart.yaml | 0 .../egov-persister/templates/deployment.yaml | 0 .../egov-persister/templates/service.yaml | 0 .../core-services/egov-persister/values.yaml | 0 .../core-services/egov-pg-service/Chart.yaml | 0 .../egov-pg-service/templates/deployment.yaml | 0 .../egov-pg-service/templates/ingress.yaml | 0 .../egov-pg-service/templates/service.yaml | 0 .../core-services/egov-pg-service/values.yaml | 0 .../core-services/egov-searcher/Chart.yaml | 0 .../egov-searcher/templates/deployment.yaml | 0 .../egov-searcher/templates/ingress.yaml | 0 .../egov-searcher/templates/service.yaml | 0 .../core-services/egov-searcher/values.yaml | 0 .../egov-telemetry-kafka-streams/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../egov-telemetry-kafka-streams/values.yaml | 0 .../egov-url-shortening/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-url-shortening/values.yaml | 0 .../egov-user-chatbot/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-user-chatbot/templates/service.yaml | 0 .../egov-user-chatbot/values.yaml | 0 .../charts/core-services/egov-user/Chart.yaml | 0 .../egov-user/egov-user-enc-values.yaml | 0 .../egov-user/egov-user-values.yaml | 0 .../egov-user/templates/deployment.yaml | 0 .../egov-user/templates/ingress.yaml | 0 .../egov-user/templates/service.yaml | 0 .../core-services/egov-workflow-v2/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../egov-workflow-v2/templates/ingress.yaml | 0 .../egov-workflow-v2/templates/service.yaml | 0 .../egov-workflow-v2/values.yaml | 0 .../core-services/egov-workflow/Chart.yaml | 0 .../egov-workflow/templates/deployment.yaml | 0 .../egov-workflow/templates/service.yaml | 0 .../core-services/egov-workflow/values.yaml | 0 .../core-services/internal-gateway/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../internal-gateway/templates/role.yaml | 0 .../templates/rolebinding.yaml | 0 .../internal-gateway/templates/service.yaml | 0 .../templates/serviceaccount.yaml | 0 .../internal-gateway/values.yaml | 0 .../charts/core-services/mailbot/Chart.yaml | 0 .../core-services/mailbot/requirements.lock | 0 .../mailbot/templates/deployment.yaml | 0 .../mailbot/templates/ingress.yaml | 0 .../mailbot/templates/service.yaml | 0 .../charts/core-services/mailbot/values.yaml | 0 .../national-dashboard-ingest/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../national-dashboard-ingest/values.yaml | 0 .../Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../values.yaml | 0 .../core-services/nlp-engine/Chart.yaml | 0 .../nlp-engine/templates/deployment.yaml | 0 .../nlp-engine/templates/ingress.yaml | 0 .../nlp-engine/templates/service.yaml | 0 .../core-services/nlp-engine/values.yaml | 0 .../core-services/pdf-service/Chart.yaml | 0 .../pdf-service/templates/deployment.yaml | 0 .../pdf-service/templates/ingress.yaml | 0 .../pdf-service/templates/service.yaml | 0 .../core-services/pdf-service/values.yaml | 0 .../charts/core-services/report/Chart.yaml | 0 .../report/templates/deployment.yaml | 0 .../report/templates/ingress.yaml | 0 .../report/templates/service.yaml | 0 .../charts/core-services/report/values.yaml | 0 .../charts/core-services/telemetry/Chart.yaml | 0 .../telemetry/templates/deployment.yaml | 0 .../telemetry/templates/ingress.yaml | 0 .../telemetry/templates/service.yaml | 0 .../core-services/telemetry/values.yaml | 0 .../charts/core-services/user-otp/Chart.yaml | 0 .../user-otp/templates/deployment.yaml | 0 .../user-otp/templates/ingress.yaml | 0 .../user-otp/templates/service.yaml | 0 .../charts/core-services/user-otp/values.yaml | 0 .../core-services/xstate-chatbot/Chart.yaml | 0 .../xstate-chatbot/covid-chatbot-values.yaml | 0 .../xstate-chatbot/templates/deployment.yaml | 0 .../xstate-chatbot/templates/ingress.yaml | 0 .../xstate-chatbot/templates/service.yaml | 0 .../core-services/xstate-chatbot/values.yaml | 0 .../helm/charts/core-services/zuul/Chart.yaml | 0 .../zuul/templates/deployment.yaml | 0 .../core-services/zuul/templates/role.yaml | 0 .../zuul/templates/rolebinding.yaml | 0 .../core-services/zuul/templates/service.yaml | 0 .../zuul/templates/serviceaccount.yaml | 0 .../charts/core-services/zuul/values.yaml | 0 .../helm/charts/frontend/citizen/Chart.yaml | 0 .../citizen/templates/deployment.yaml | 0 .../frontend/citizen/templates/ingress.yaml | 0 .../frontend/citizen/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/citizen/values.yaml | 0 .../charts/frontend/common-screen/Chart.yaml | 0 .../common-screen/templates/deployment.yaml | 0 .../common-screen/templates/ingress.yaml | 0 .../common-screen/templates/service.yaml | 0 .../charts/frontend/common-screen/values.yaml | 0 .../helm/charts/frontend/digit-ui/Chart.yaml | 0 .../digit-ui/templates/deployment.yaml | 0 .../frontend/digit-ui/templates/ingress.yaml | 0 .../frontend/digit-ui/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/digit-ui/values.yaml | 0 .../charts/frontend/dss-dashboard/Chart.yaml | 0 .../dss-dashboard/templates/deployment.yaml | 0 .../dss-dashboard/templates/ingress.yaml | 0 .../dss-dashboard/templates/service.yaml | 0 .../charts/frontend/dss-dashboard/values.yaml | 0 .../charts/frontend/employee-mcs/Chart.yaml | 0 .../employee-mcs/templates/deployment.yaml | 0 .../employee-mcs/templates/ingress.yaml | 0 .../employee-mcs/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../charts/frontend/employee-mcs/values.yaml | 0 .../frontend/employee-tradelicence/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/service.yaml | 0 .../employee-tradelicence/values.yaml | 0 .../helm/charts/frontend/employee/Chart.yaml | 0 .../employee/templates/deployment.yaml | 0 .../frontend/employee/templates/ingress.yaml | 0 .../frontend/employee/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../helm/charts/frontend/employee/values.yaml | 0 .../helm/charts/frontend/hrms-web/Chart.yaml | 0 .../hrms-web/templates/deployment.yaml | 0 .../frontend/hrms-web/templates/service.yaml | 0 .../helm/charts/frontend/hrms-web/values.yaml | 0 .../rainmaker-custom-service/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress-open.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../rainmaker-custom-service/values.yaml | 0 .../charts/frontend/react-pgr-web/Chart.yaml | 0 .../react-pgr-web/templates/deployment.yaml | 0 .../react-pgr-web/templates/service.yaml | 0 .../charts/frontend/react-pgr-web/values.yaml | 0 .../helm/charts/frontend/ui-app/Chart.yaml | 0 .../frontend/ui-app/templates/deployment.yaml | 0 .../frontend/ui-app/templates/service.yaml | 0 .../helm/charts/frontend/ui-app/values.yaml | 0 .../charts/frontend/ui-dashboard/Chart.yaml | 0 .../ui-dashboard/templates/deployment.yaml | 0 .../ui-dashboard/templates/ingress.yaml | 0 .../ui-dashboard/templates/service.yaml | 0 .../charts/frontend/ui-dashboard/values.yaml | 0 .../frontend/ui-localisation/Chart.yaml | 0 .../ui-localisation/templates/deployment.yaml | 0 .../ui-localisation/templates/ingress.yaml | 0 .../ui-localisation/templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../frontend/ui-localisation/values.yaml | 0 .../charts/frontend/ui-uploader/Chart.yaml | 0 .../ui-uploader/templates/deployment.yaml | 0 .../ui-uploader/templates/service.yaml | 0 .../charts/frontend/ui-uploader/values.yaml | 0 .../bpa-calculator/Chart.yaml | 0 .../bpa-calculator/templates/deployment.yaml | 0 .../bpa-calculator/templates/ingress.yaml | 0 .../bpa-calculator/templates/service.yaml | 0 .../bpa-calculator/values.yaml | 0 .../bpa-services/Chart.yaml | 0 .../bpa-services/templates/deployment.yaml | 0 .../bpa-services/templates/ingress.yaml | 0 .../bpa-services/templates/service.yaml | 0 .../bpa-services/values.yaml | 0 .../echallan-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../echallan-calculator/values.yaml | 0 .../echallan-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../echallan-services/templates/ingress.yaml | 0 .../echallan-services/templates/service.yaml | 0 .../echallan-services/values.yaml | 0 .../egov-user-event/Chart.yaml | 0 .../egov-user-event/templates/deployment.yaml | 0 .../egov-user-event/templates/ingress.yaml | 0 .../egov-user-event/templates/service.yaml | 0 .../egov-user-event/values.yaml | 0 .../firenoc-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../firenoc-calculator/templates/ingress.yaml | 0 .../firenoc-calculator/templates/service.yaml | 0 .../firenoc-calculator/values.yaml | 0 .../firenoc-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../firenoc-services/templates/ingress.yaml | 0 .../firenoc-services/templates/service.yaml | 0 .../firenoc-services/values.yaml | 0 .../fsm-calculator/Chart.yaml | 0 .../fsm-calculator/templates/deployment.yaml | 0 .../fsm-calculator/templates/ingress.yaml | 0 .../fsm-calculator/templates/service.yaml | 0 .../fsm-calculator/values.yaml | 0 .../charts/municipal-services/fsm/Chart.yaml | 0 .../fsm/templates/deployment.yaml | 0 .../fsm/templates/ingress.yaml | 0 .../fsm/templates/service.yaml | 0 .../charts/municipal-services/fsm/values.yaml | 0 .../municipal-services/inbox/Chart.yaml | 0 .../inbox/templates/deployment.yaml | 0 .../inbox/templates/ingress.yaml | 0 .../inbox/templates/service.yaml | 0 .../municipal-services/inbox/values.yaml | 0 .../land-services/Chart.yaml | 0 .../land-services/templates/deployment.yaml | 0 .../land-services/templates/ingress.yaml | 0 .../land-services/templates/service.yaml | 0 .../land-services/values.yaml | 0 .../noc-services/Chart.yaml | 0 .../noc-services/templates/deployment.yaml | 0 .../noc-services/templates/ingress.yaml | 0 .../noc-services/templates/service.yaml | 0 .../noc-services/values.yaml | 0 .../pgr-services/Chart.yaml | 0 .../pgr-services/templates/deployment.yaml | 0 .../pgr-services/templates/ingress.yaml | 0 .../pgr-services/templates/service.yaml | 0 .../pgr-services/values.yaml | 0 .../property-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../property-services/templates/ingress.yaml | 0 .../property-services/templates/service.yaml | 0 .../property-services/values.yaml | 0 .../pt-calculator-v2/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../pt-calculator-v2/templates/ingress.yaml | 0 .../pt-calculator-v2/templates/service.yaml | 0 .../pt-calculator-v2/values.yaml | 0 .../pt-services-v2/Chart.yaml | 0 .../pt-services-v2/templates/deployment.yaml | 0 .../pt-services-v2/templates/ingress.yaml | 0 .../pt-services-v2/templates/service.yaml | 0 .../pt-services-v2/values.yaml | 0 .../rainmaker-pgr/Chart.yaml | 0 .../rainmaker-pgr/templates/deployment.yaml | 0 .../rainmaker-pgr/templates/ingress.yaml | 0 .../rainmaker-pgr/templates/service.yaml | 0 .../rainmaker-pgr/values.yaml | 0 .../sw-calculator/Chart.yaml | 0 .../sw-calculator/templates/deployment.yaml | 0 .../sw-calculator/templates/ingress.yaml | 0 .../sw-calculator/templates/service.yaml | 0 .../sw-calculator/values.yaml | 0 .../municipal-services/sw-services/Chart.yaml | 0 .../sw-services/templates/deployment.yaml | 0 .../sw-services/templates/ingress.yaml | 0 .../sw-services/templates/service.yaml | 0 .../sw-services/values.yaml | 0 .../tl-calculator/Chart.yaml | 0 .../tl-calculator/templates/deployment.yaml | 0 .../tl-calculator/templates/ingress.yaml | 0 .../tl-calculator/templates/service.yaml | 0 .../tl-calculator/values.yaml | 0 .../municipal-services/tl-services/Chart.yaml | 0 .../tl-services/templates/deployment.yaml | 0 .../tl-services/templates/ingress.yaml | 0 .../tl-services/templates/service.yaml | 0 .../tl-services/values.yaml | 0 .../turn-io-adapter/Chart.yaml | 0 .../turn-io-adapter/templates/deployment.yaml | 0 .../turn-io-adapter/templates/ingress.yaml | 0 .../turn-io-adapter/templates/service.yaml | 0 .../turn-io-adapter/values.yaml | 0 .../municipal-services/vehicle/Chart.yaml | 0 .../vehicle/templates/deployment.yaml | 0 .../vehicle/templates/ingress.yaml | 0 .../vehicle/templates/service.yaml | 0 .../municipal-services/vehicle/values.yaml | 0 .../municipal-services/vendor/Chart.yaml | 0 .../vendor/templates/deployment.yaml | 0 .../vendor/templates/ingress.yaml | 0 .../vendor/templates/service.yaml | 0 .../municipal-services/vendor/values.yaml | 0 .../ws-calculator/Chart.yaml | 0 .../ws-calculator/templates/deployment.yaml | 0 .../ws-calculator/templates/ingress.yaml | 0 .../ws-calculator/templates/service.yaml | 0 .../ws-calculator/values.yaml | 0 .../municipal-services/ws-services/Chart.yaml | 0 .../ws-services/templates/deployment.yaml | 0 .../ws-services/templates/ingress.yaml | 0 .../ws-services/templates/service.yaml | 0 .../ws-services/values.yaml | 0 .../utilities/case-management/Chart.yaml | 0 .../case-management/templates/deployment.yaml | 0 .../case-management/templates/ingress.yaml | 0 .../case-management/templates/service.yaml | 0 .../utilities/case-management/values.yaml | 0 .../utilities/cova-dgr-fetch/Chart.yaml | 0 .../cova-dgr-fetch/templates/cronjob.yaml | 0 .../utilities/cova-dgr-fetch/values.yaml | 0 .../charts/utilities/data-upload/Chart.yaml | 0 .../data-upload/templates/deployment.yaml | 0 .../data-upload/templates/ingress.yaml | 0 .../data-upload/templates/service.yaml | 0 .../charts/utilities/data-upload/values.yaml | 0 .../utilities/egov-custom-consumer/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../egov-custom-consumer/values.yaml | 0 .../egov-weekly-impact-notifier/Chart.yaml | 50 +- .../templates/cronjob.yaml | 0 .../egov-weekly-impact-notifier/values.yaml | 100 ++-- .../charts/utilities/mailbot-cron/Chart.yaml | 0 .../mailbot-cron}/templates/cronjob.yaml | 2 +- .../charts/utilities/mailbot-cron/values.yaml | 0 .../helm}/environments/ci-demo-secrets.yaml | 0 .../helm}/environments/ci-demo.yaml | 0 .../helm}/environments/egov-demo-secrets.yaml | 0 .../egov-demo-template-secrets.yaml | 0 .../environments/egov-demo-template.yaml | 0 .../helm}/environments/egov-demo.yaml | 0 .../quickstart-config-secrets.yaml | 0 .../helm}/environments/quickstart-config.yaml | 0 .../environments/unified-dev-secrets.yaml | 0 .../helm}/environments/unified-dev.yaml | 0 1085 files changed, 644 insertions(+), 644 deletions(-) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/crds/crds.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cert-manager/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/OWNERS (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/requirements.lock (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/cluster-autoscaler/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/es-curator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/es-curator/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/es-curator/templates/configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/es-curator/templates/cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/fluent-bit/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/templates/configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/grafana/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/OWNERS (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/ingress-nginx/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/query-ing.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/query-svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jaeger/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/CHANGELOG.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/OWNERS (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/config.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/deprecation.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/home-pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/jobs.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/rbac.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/templates/service-account.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/jenkins/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-connect/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka-v2/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/svc-headless.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/templates/svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kafka/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kibana-v1/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/OWNERS (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kube-state-metrics/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/kuberhealthy/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/pv-standalone.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/templates/svc-headless.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/minio/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/nginx-errors/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/oauth2-proxy/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/pgadmin/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/pgadmin/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/pgadmin/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/pgadmin/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/pgadmin/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/playground/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/playground/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/playground/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/playground/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/templates/pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/postgres/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/OWNERS (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/requirements.lock (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/requirements.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/prometheus-operator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redis/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redis/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redis/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redis/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redoc/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redoc/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redoc/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redoc/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/redoc/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/s3-proxy/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/s3-proxy/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/s3-proxy/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/spot-termination-handler/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper-v2/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/.helmignore (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/README.md (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/templates/svc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/backbone-services/zookeeper/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/billing-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/billing-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/billing-service/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/billing-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/billing-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/collection-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/collection-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/collection-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/collection-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/collection-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-analytics/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-analytics/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-analytics/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-ingest/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-ingest/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/dashboard-ingest/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-account-details-consumer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-account-details-consumer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-instrument/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-instrument/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-instrument/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-instrument/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-instrument/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-master/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-master/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-master/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-master/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-master/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-masters/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-masters/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-masters/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-masters/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-voucher-indexer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egf-voucher-indexer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-apportion-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-apportion-service/templates/ingress.yml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-apportion-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-apportion-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-edcr/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/templates/override-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-finance/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-hrms/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-hrms/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-hrms/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-hrms/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/egov-hrms/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/templates/pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/mysql/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/templates/pv.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/business-services/wordpress/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/db-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/services/db-endpoints.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/templates/services/db-service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/cluster-configs/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/common/.helmignore (94%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/Chart.yaml (96%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/README.md (100%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_deployment.yaml (97%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_helpers.tpl (97%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_ingress.yaml (96%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_service.yaml (96%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/common/templates/_servicemonitor.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/common/values.yaml (96%) mode change 100755 => 100644 rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/chatbot-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/requirements.lock (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/chatbot/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-accesscontrol/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-accesscontrol/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-accesscontrol/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-common-masters/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-common-masters/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-common-masters/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-common-masters/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-common-masters/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-data-uploader/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-data-uploader/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-data-uploader/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-document-uploader/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-document-uploader/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-document-uploader/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-enc-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-enc-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-enc-service/templates/ingress.yml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-enc-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-enc-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/templates/pvc.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-filestore/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-idgen/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-idgen/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-idgen/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-idgen/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-idgen/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-index-custom-consumer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-indexer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-indexer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-indexer/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-indexer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-indexer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-localization/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-localization/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-localization/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-localization/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-localization/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-location/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-location/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-location/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-location/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-location/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-mdms-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-mail/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-mail/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-mail/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-sms/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-sms/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-notification-sms/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-otp/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-otp/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-otp/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-otp/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-otp/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pdf/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pdf/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pdf/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pdf/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pdf/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-persister/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-persister/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-persister/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-persister/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pg-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pg-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pg-service/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pg-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-pg-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-searcher/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-searcher/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-searcher/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-searcher/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-searcher/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-url-shortening/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-url-shortening/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-url-shortening/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user-chatbot/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user-chatbot/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user-chatbot/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/egov-user-enc-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/egov-user-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-user/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow-v2/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow-v2/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow-v2/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/egov-workflow/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/templates/role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/internal-gateway/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/requirements.lock (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/mailbot/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-ingest/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-ingest/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/nlp-engine/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/nlp-engine/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/nlp-engine/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/nlp-engine/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/nlp-engine/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/pdf-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/pdf-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/pdf-service/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/pdf-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/pdf-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/report/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/report/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/report/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/report/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/report/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/telemetry/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/telemetry/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/telemetry/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/telemetry/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/telemetry/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/user-otp/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/user-otp/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/user-otp/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/user-otp/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/user-otp/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/xstate-chatbot/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/templates/role.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/templates/rolebinding.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/templates/serviceaccount.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/core-services/zuul/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/citizen/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/common-screen/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/common-screen/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/common-screen/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/common-screen/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/common-screen/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/digit-ui/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/dss-dashboard/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/dss-dashboard/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/dss-dashboard/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/dss-dashboard/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/dss-dashboard/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-mcs/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-tradelicence/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-tradelicence/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee-tradelicence/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/employee/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/hrms-web/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/hrms-web/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/hrms-web/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/hrms-web/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/rainmaker-custom-service/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/react-pgr-web/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/react-pgr-web/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/react-pgr-web/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/react-pgr-web/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-app/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-app/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-app/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-app/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-dashboard/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-dashboard/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-dashboard/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-dashboard/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-dashboard/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-localisation/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-uploader/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-uploader/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-uploader/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/frontend/ui-uploader/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/bpa-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/echallan-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/egov-user-event/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/egov-user-event/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/egov-user-event/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/firenoc-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/fsm/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/inbox/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/inbox/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/inbox/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/inbox/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/inbox/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/land-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/land-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/land-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/land-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/land-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/noc-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/noc-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/noc-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/noc-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/noc-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pgr-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pgr-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pgr-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pgr-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pgr-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/property-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/property-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/property-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/property-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/property-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-calculator-v2/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-services-v2/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-services-v2/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/pt-services-v2/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/rainmaker-pgr/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/sw-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/tl-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/turn-io-adapter/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/turn-io-adapter/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vehicle/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vehicle/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vehicle/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vehicle/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vehicle/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vendor/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vendor/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vendor/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vendor/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/vendor/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-calculator/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-calculator/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-calculator/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-services/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-services/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-services/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-services/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/municipal-services/ws-services/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/case-management/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/case-management/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/case-management/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/case-management/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/case-management/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/cova-dgr-fetch/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/cova-dgr-fetch/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/data-upload/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/data-upload/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/data-upload/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/data-upload/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/data-upload/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-custom-consumer/Chart.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-custom-consumer/templates/service.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-custom-consumer/values.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml (97%) rename {config-as-code/helm/charts/utilities/mailbot-cron => deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier}/templates/cronjob.yaml (100%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml (97%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/mailbot-cron/Chart.yaml (100%) rename {config-as-code/helm/charts/utilities/egov-weekly-impact-notifier => deploy-as-code/helm/charts/utilities/mailbot-cron}/templates/cronjob.yaml (98%) rename {config-as-code => deploy-as-code}/helm/charts/utilities/mailbot-cron/values.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/ci-demo-secrets.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/ci-demo.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/egov-demo-secrets.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/egov-demo-template-secrets.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/egov-demo-template.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/egov-demo.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/quickstart-config-secrets.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/quickstart-config.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/unified-dev-secrets.yaml (100%) rename {config-as-code => deploy-as-code/helm}/environments/unified-dev.yaml (100%) diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/README.md b/deploy-as-code/helm/charts/backbone-services/cert-manager/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/README.md rename to deploy-as-code/helm/charts/backbone-services/cert-manager/README.md diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/clusterissuer.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cert-manager/values.yaml rename to deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/OWNERS diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/README.md diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/requirements.lock diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/pdb.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/podsecuritypolicy.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/priority-expander-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/role.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/secret.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/templates/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml b/deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml rename to deploy-as-code/helm/charts/backbone-services/cluster-autoscaler/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/headless-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/es-curator/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/es-curator/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/es-curator/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml rename to deploy-as-code/helm/charts/backbone-services/es-curator/es-curator-infra-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/es-curator/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/es-curator/templates/configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml rename to deploy-as-code/helm/charts/backbone-services/es-curator/templates/cronjob.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/fluent-bit/values.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/fluent-bit/values.yaml rename to deploy-as-code/helm/charts/backbone-services/fluent-bit/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/templates/configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/grafana/values.yaml b/deploy-as-code/helm/charts/backbone-services/grafana/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/grafana/values.yaml rename to deploy-as-code/helm/charts/backbone-services/grafana/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/CHANGELOG.md diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/OWNERS diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/README.md rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/README.md diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/README.md.gotmpl diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog.md.gotmpl diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog/.gitkeep diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/changelog/Changelog-4.5.2.md diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-admission-tls-cert-manager-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/controller-custom-ingressclass-flags.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customconfig-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-customnodeport-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-extra-modules.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-headers-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-internal-lb-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-nodeport-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-podannotations-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-configMapNamespace-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-portNamePrefix-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-udp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/daemonset-tcp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-default-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-metrics-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-psp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-and-psp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deamonset-webhook-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-behavior-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-autoscaling-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customconfig-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-customnodeport-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-default-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-default-container-sec-context.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules-specific-container-sec-context.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-extra-modules.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-headers-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-internal-lb-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-metrics-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-nodeport-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-podannotations-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-psp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-configMapNamespace-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-portNamePrefix-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-udp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-tcp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-and-psp-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-extraEnvs-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-resources-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/ci/deployment-webhook-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/_params.tpl diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/cert-manager.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-createSecret.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/job-patchWebhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/networkpolicy.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/role.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/job-patch/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/admission-webhooks/validating-webhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-addheaders.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-proxyheaders.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-tcp.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap-udp.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-daemonset.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-hpa.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-ingressclass.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-keda.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-poddisruptionbudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-prometheusrules.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-role.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-internal.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-metrics.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service-webhook.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-webhooks-networkpolicy.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-hpa.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-poddisruptionbudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-role.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/default-backend-serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/dh-param-secret.yaml diff --git a/config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml rename to deploy-as-code/helm/charts/backbone-services/ingress-nginx/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-ds.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/agent-svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-deploy.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-hpa.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/collector-svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-ing.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml diff --git a/config-as-code/helm/charts/backbone-services/jaeger/values.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jaeger/values.yaml rename to deploy-as-code/helm/charts/backbone-services/jaeger/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/.helmignore b/deploy-as-code/helm/charts/backbone-services/jenkins/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/.helmignore rename to deploy-as-code/helm/charts/backbone-services/jenkins/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md b/deploy-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md rename to deploy-as-code/helm/charts/backbone-services/jenkins/CHANGELOG.md diff --git a/config-as-code/helm/charts/backbone-services/jenkins/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/OWNERS b/deploy-as-code/helm/charts/backbone-services/jenkins/OWNERS similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/OWNERS rename to deploy-as-code/helm/charts/backbone-services/jenkins/OWNERS diff --git a/config-as-code/helm/charts/backbone-services/jenkins/README.md b/deploy-as-code/helm/charts/backbone-services/jenkins/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/README.md rename to deploy-as-code/helm/charts/backbone-services/jenkins/README.md diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/config.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/deprecation.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pv.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/home-pvc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jcasc-config.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-agent-svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-cronjob.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-backup-rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-alerting-rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-backendconfig.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-networkpolicy.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-route.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jenkins-master-svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/jobs.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/rbac.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret-https-jks.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/secret.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account-agent.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/templates/service-account.yaml diff --git a/config-as-code/helm/charts/backbone-services/jenkins/values.yaml b/deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/jenkins/values.yaml rename to deploy-as-code/helm/charts/backbone-services/jenkins/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/templates/cronjob.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect-restart-tasks/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect/kafka-connect-infra-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-connect/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-connect/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/kafka-v2-infra-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/headless-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka-v2/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka-v2/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka-v2/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/.helmignore b/deploy-as-code/helm/charts/backbone-services/kafka/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/.helmignore rename to deploy-as-code/helm/charts/backbone-services/kafka/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/kafka/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/README.md b/deploy-as-code/helm/charts/backbone-services/kafka/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/README.md rename to deploy-as-code/helm/charts/backbone-services/kafka/README.md diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/pv.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/pvc.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/scripts-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/svc-headless.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/templates/svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/kafka/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kafka/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kafka/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml rename to deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/cronjob.yaml diff --git a/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml b/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml rename to deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/templates/persistentvolumeclaim.yaml diff --git a/config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml b/deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kaniko-cache-warmer/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/kibana-infra-v1-values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kibana-v1/values.yaml b/deploy-as-code/helm/charts/backbone-services/kibana-v1/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kibana-v1/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kibana-v1/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/OWNERS diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/README.md b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/README.md rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/README.md diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/pdb.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-role.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/stsdiscovery-rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kube-state-metrics/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/README.md b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/README.md rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/README.md diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khcheck.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/crds/khstate.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/check-reaper.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-daemonset.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-connections.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-collections-sync.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pgr-sync.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-pt-sync.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db-es-tl-sync.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-db.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-dns.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-kafka.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-restarts.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/khcheck-pod-status.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/poddisruptionbudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/templates/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml b/deploy-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml rename to deploy-as-code/helm/charts/backbone-services/kuberhealthy/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/.helmignore b/deploy-as-code/helm/charts/backbone-services/minio/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/.helmignore rename to deploy-as-code/helm/charts/backbone-services/minio/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/minio/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/minio/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/minio/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/deployment-standalone.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/pv-standalone.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/pvc-standalone.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml b/deploy-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/templates/svc-headless.yaml diff --git a/config-as-code/helm/charts/backbone-services/minio/values.yaml b/deploy-as-code/helm/charts/backbone-services/minio/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/minio/values.yaml rename to deploy-as-code/helm/charts/backbone-services/minio/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/.helmignore b/deploy-as-code/helm/charts/backbone-services/nginx-errors/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/.helmignore rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml b/deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/templates/tests/test-connection.yaml diff --git a/config-as-code/helm/charts/backbone-services/nginx-errors/values.yaml b/deploy-as-code/helm/charts/backbone-services/nginx-errors/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/nginx-errors/values.yaml rename to deploy-as-code/helm/charts/backbone-services/nginx-errors/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml b/deploy-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml rename to deploy-as-code/helm/charts/backbone-services/oauth2-proxy/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/pgadmin/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/pgadmin/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/pgadmin/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/pgadmin/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/pgadmin/values.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/pgadmin/values.yaml rename to deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/playground/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/playground/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/playground/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/playground/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/playground/README.md b/deploy-as-code/helm/charts/backbone-services/playground/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/playground/README.md rename to deploy-as-code/helm/charts/backbone-services/playground/README.md diff --git a/config-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/playground/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/playground/values.yaml b/deploy-as-code/helm/charts/backbone-services/playground/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/playground/values.yaml rename to deploy-as-code/helm/charts/backbone-services/playground/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/templates/pv.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/postgres/values.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/postgres/values.yaml rename to deploy-as-code/helm/charts/backbone-services/postgres/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/templates/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-kafka-exporter/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/CONTRIBUTING.md diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/OWNERS diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/README.md b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/README.md rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/README.md diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/README.md diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/README.md diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/cmd.sh diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/minikube/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/requirements.txt diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_grafana_dashboards.py diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/hack/sync_prometheus_rules.py diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/NOTES.txt diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/templatefiles-configmap.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/core-dns/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-api-server/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/endpoints.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-controller-manager/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-dns/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/endpoints.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-etcd/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/endpoints.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-proxy/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/endpoints.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-scheduler/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kube-state-metrics/serviceMonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/kubelet/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/exporters/node-exporter/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/cleanup-crds.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/crds.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertRelabelConfigs.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/etcd.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/general.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/k8s.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver-slos.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-apiserver.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-general.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-prometheus-node-recording.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-scheduler.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kube-state-metrics.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubelet.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-apps.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-resources.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-apiserver.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-controller-manager.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-kubelet.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system-scheduler.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-system.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-exporter.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node-network.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/node.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus-operator.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/prometheus.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml diff --git a/config-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml rename to deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/redis/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/redis/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redis/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/redis/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/redis/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/redis/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/redis/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redis/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/redis/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/redis/values.yaml b/deploy-as-code/helm/charts/backbone-services/redis/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redis/values.yaml rename to deploy-as-code/helm/charts/backbone-services/redis/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/redoc/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/redoc/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redoc/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/redoc/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml rename to deploy-as-code/helm/charts/backbone-services/redoc/templates/deployment.yaml diff --git a/config-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/redoc/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/redoc/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/redoc/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redoc/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/redoc/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/redoc/values.yaml b/deploy-as-code/helm/charts/backbone-services/redoc/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/redoc/values.yaml rename to deploy-as-code/helm/charts/backbone-services/redoc/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/s3-proxy/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml rename to deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/s3-proxy/values.yaml rename to deploy-as-code/helm/charts/backbone-services/s3-proxy/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrole.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/daemonset.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml b/deploy-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml rename to deploy-as-code/helm/charts/backbone-services/spot-termination-handler/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/README.md b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/README.md rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/README.md diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/headless-service.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/poddisruptionbudget.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/service.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper-v2/values.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/.helmignore b/deploy-as-code/helm/charts/backbone-services/zookeeper/.helmignore similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/.helmignore rename to deploy-as-code/helm/charts/backbone-services/zookeeper/.helmignore diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/Chart.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/README.md b/deploy-as-code/helm/charts/backbone-services/zookeeper/README.md similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/README.md rename to deploy-as-code/helm/charts/backbone-services/zookeeper/README.md diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/_helpers.tpl diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/pv.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/pvc.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/statefulset.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/svc-headless.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/templates/svc.yaml diff --git a/config-as-code/helm/charts/backbone-services/zookeeper/values.yaml b/deploy-as-code/helm/charts/backbone-services/zookeeper/values.yaml similarity index 100% rename from config-as-code/helm/charts/backbone-services/zookeeper/values.yaml rename to deploy-as-code/helm/charts/backbone-services/zookeeper/values.yaml diff --git a/config-as-code/helm/charts/business-services/billing-service/Chart.yaml b/deploy-as-code/helm/charts/business-services/billing-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/billing-service/Chart.yaml rename to deploy-as-code/helm/charts/business-services/billing-service/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/billing-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/billing-service/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/billing-service/templates/service.yaml b/deploy-as-code/helm/charts/business-services/billing-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/billing-service/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/billing-service/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/billing-service/values.yaml b/deploy-as-code/helm/charts/business-services/billing-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/billing-service/values.yaml rename to deploy-as-code/helm/charts/business-services/billing-service/values.yaml diff --git a/config-as-code/helm/charts/business-services/collection-services/Chart.yaml b/deploy-as-code/helm/charts/business-services/collection-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/collection-services/Chart.yaml rename to deploy-as-code/helm/charts/business-services/collection-services/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/collection-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/collection-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/collection-services/templates/service.yaml b/deploy-as-code/helm/charts/business-services/collection-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/collection-services/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/collection-services/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/collection-services/values.yaml b/deploy-as-code/helm/charts/business-services/collection-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/collection-services/values.yaml rename to deploy-as-code/helm/charts/business-services/collection-services/values.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-analytics/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-analytics/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-analytics/values.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-analytics/values.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml b/deploy-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-ingest/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml b/deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-ingest/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/dashboard-ingest/values.yaml b/deploy-as-code/helm/charts/business-services/dashboard-ingest/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/dashboard-ingest/values.yaml rename to deploy-as-code/helm/charts/business-services/dashboard-ingest/values.yaml diff --git a/config-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml b/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egf-account-details-consumer/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egf-account-details-consumer/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml b/deploy-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml rename to deploy-as-code/helm/charts/business-services/egf-account-details-consumer/values.yaml diff --git a/config-as-code/helm/charts/business-services/egf-instrument/Chart.yaml b/deploy-as-code/helm/charts/business-services/egf-instrument/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-instrument/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egf-instrument/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egf-instrument/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/egf-instrument/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egf-instrument/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egf-instrument/values.yaml b/deploy-as-code/helm/charts/business-services/egf-instrument/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-instrument/values.yaml rename to deploy-as-code/helm/charts/business-services/egf-instrument/values.yaml diff --git a/config-as-code/helm/charts/business-services/egf-master/Chart.yaml b/deploy-as-code/helm/charts/business-services/egf-master/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-master/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egf-master/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egf-master/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/egf-master/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/egf-master/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egf-master/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-master/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egf-master/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egf-master/values.yaml b/deploy-as-code/helm/charts/business-services/egf-master/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-master/values.yaml rename to deploy-as-code/helm/charts/business-services/egf-master/values.yaml diff --git a/config-as-code/helm/charts/business-services/egf-masters/Chart.yaml b/deploy-as-code/helm/charts/business-services/egf-masters/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-masters/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egf-masters/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egf-masters/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egf-masters/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egf-masters/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-masters/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egf-masters/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egf-masters/values.yaml b/deploy-as-code/helm/charts/business-services/egf-masters/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-masters/values.yaml rename to deploy-as-code/helm/charts/business-services/egf-masters/values.yaml diff --git a/config-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml b/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egf-voucher-indexer/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egf-voucher-indexer/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml b/deploy-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml rename to deploy-as-code/helm/charts/business-services/egf-voucher-indexer/values.yaml diff --git a/config-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml b/deploy-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egov-apportion-service/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml b/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml rename to deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/ingress.yml diff --git a/config-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egov-apportion-service/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egov-apportion-service/values.yaml b/deploy-as-code/helm/charts/business-services/egov-apportion-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-apportion-service/values.yaml rename to deploy-as-code/helm/charts/business-services/egov-apportion-service/values.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/Chart.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/templates/override-configmap.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egov-edcr/values.yaml b/deploy-as-code/helm/charts/business-services/egov-edcr/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-edcr/values.yaml rename to deploy-as-code/helm/charts/business-services/egov-edcr/values.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/Chart.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/templates/override-configmap.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egov-finance/values.yaml b/deploy-as-code/helm/charts/business-services/egov-finance/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-finance/values.yaml rename to deploy-as-code/helm/charts/business-services/egov-finance/values.yaml diff --git a/config-as-code/helm/charts/business-services/egov-hrms/Chart.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-hrms/Chart.yaml rename to deploy-as-code/helm/charts/business-services/egov-hrms/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/egov-hrms/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/egov-hrms/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/egov-hrms/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/egov-hrms/values.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/egov-hrms/values.yaml rename to deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml diff --git a/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml b/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml rename to deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml b/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml b/deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml rename to deploy-as-code/helm/charts/business-services/finance-collections-voucher-consumer/values.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/Chart.yaml b/deploy-as-code/helm/charts/business-services/mysql/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/Chart.yaml rename to deploy-as-code/helm/charts/business-services/mysql/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/mysql/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/mysql/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/templates/pv.yaml b/deploy-as-code/helm/charts/business-services/mysql/templates/pv.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/templates/pv.yaml rename to deploy-as-code/helm/charts/business-services/mysql/templates/pv.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/templates/pvc.yaml b/deploy-as-code/helm/charts/business-services/mysql/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/templates/pvc.yaml rename to deploy-as-code/helm/charts/business-services/mysql/templates/pvc.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/templates/service.yaml b/deploy-as-code/helm/charts/business-services/mysql/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/mysql/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/mysql/values.yaml b/deploy-as-code/helm/charts/business-services/mysql/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/mysql/values.yaml rename to deploy-as-code/helm/charts/business-services/mysql/values.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/Chart.yaml b/deploy-as-code/helm/charts/business-services/wordpress/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/Chart.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/Chart.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml b/deploy-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/templates/deployment.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml b/deploy-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/templates/ingress.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/templates/pv.yaml b/deploy-as-code/helm/charts/business-services/wordpress/templates/pv.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/templates/pv.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/templates/pv.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml b/deploy-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/templates/pvc.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/templates/service.yaml b/deploy-as-code/helm/charts/business-services/wordpress/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/templates/service.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/templates/service.yaml diff --git a/config-as-code/helm/charts/business-services/wordpress/values.yaml b/deploy-as-code/helm/charts/business-services/wordpress/values.yaml similarity index 100% rename from config-as-code/helm/charts/business-services/wordpress/values.yaml rename to deploy-as-code/helm/charts/business-services/wordpress/values.yaml diff --git a/config-as-code/helm/charts/cluster-configs/Chart.yaml b/deploy-as-code/helm/charts/cluster-configs/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/Chart.yaml rename to deploy-as-code/helm/charts/cluster-configs/Chart.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/0-namespaces/0-namespaces.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/configmaps/common-configmap.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-service-host-comfigmap.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/configmaps/egov-user-chatbot.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/ingress/nginx-errors.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/rbac/clusterroles.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/rbac/read-clusterrolebinding.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/rbac/rolebindings.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/alertmanager-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/case-management-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/chatbot-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/covid-chatbot.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-bank-gateway-secret-.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-edcr-notification-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-enc-service-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-location-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-mail-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-notification-sms-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-pg-service-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-si-microservice-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/home-isolation-notification-mail-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/ispirit-ecurfew-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-kubeconfigs.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/jenkins-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-infra-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/kibana-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/minio-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/mysql-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/oauth2-proxy-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/pgadmin-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/wordpress-secret.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/services/db-endpoints.yaml diff --git a/config-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml rename to deploy-as-code/helm/charts/cluster-configs/templates/services/db-service.yaml diff --git a/config-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml similarity index 100% rename from config-as-code/helm/charts/cluster-configs/values.yaml rename to deploy-as-code/helm/charts/cluster-configs/values.yaml diff --git a/config-as-code/helm/charts/common/.helmignore b/deploy-as-code/helm/charts/common/.helmignore old mode 100755 new mode 100644 similarity index 94% rename from config-as-code/helm/charts/common/.helmignore rename to deploy-as-code/helm/charts/common/.helmignore index daebc7da77..f0c1319444 --- a/config-as-code/helm/charts/common/.helmignore +++ b/deploy-as-code/helm/charts/common/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/config-as-code/helm/charts/common/Chart.yaml b/deploy-as-code/helm/charts/common/Chart.yaml old mode 100755 new mode 100644 similarity index 96% rename from config-as-code/helm/charts/common/Chart.yaml rename to deploy-as-code/helm/charts/common/Chart.yaml index b3ba1e723b..27744c93fa --- a/config-as-code/helm/charts/common/Chart.yaml +++ b/deploy-as-code/helm/charts/common/Chart.yaml @@ -1,5 +1,5 @@ -apiVersion: v1 -description: base chartbuilding components and helpers -name: common -version: 0.0.5 +apiVersion: v1 +description: base chartbuilding components and helpers +name: common +version: 0.0.5 appVersion: 0.0.5 \ No newline at end of file diff --git a/config-as-code/helm/charts/common/README.md b/deploy-as-code/helm/charts/common/README.md old mode 100755 new mode 100644 similarity index 100% rename from config-as-code/helm/charts/common/README.md rename to deploy-as-code/helm/charts/common/README.md diff --git a/config-as-code/helm/charts/common/templates/_cronjob.yaml b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/common/templates/_cronjob.yaml rename to deploy-as-code/helm/charts/common/templates/_cronjob.yaml diff --git a/config-as-code/helm/charts/common/templates/_deployment.yaml b/deploy-as-code/helm/charts/common/templates/_deployment.yaml old mode 100755 new mode 100644 similarity index 97% rename from config-as-code/helm/charts/common/templates/_deployment.yaml rename to deploy-as-code/helm/charts/common/templates/_deployment.yaml index d0ea31efa2..9b45e7e4a7 --- a/config-as-code/helm/charts/common/templates/_deployment.yaml +++ b/deploy-as-code/helm/charts/common/templates/_deployment.yaml @@ -1,162 +1,162 @@ -{{- define "common.deployment" -}} -{{- if .Capabilities.APIVersions.Has "apps/v1" }} -apiVersion: apps/v1 -{{- else }} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Deployment -metadata: - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} - labels: -{{- include "common.labels" . | nindent 4 }} -spec: -{{- if .Capabilities.APIVersions.Has "apps/v1" }} - selector: - matchLabels: - {{- include "common.labels" . | nindent 6 }} -{{- end }} -{{- $persistence := .Values.persistence | default dict -}} -{{- if and (not (hasKey $persistence "enabled")) (eq (.Values.replicas | int) 1) }} - strategy: - rollingUpdate: - maxUnavailable: 0 -{{- end }} - replicas: {{ .Values.replicas }} - template: - metadata: - annotations: - {{- if not .Values.disableAnnotationTimestamp }} - deployment-timestamp: "{{ date "20060102150405" .Release.Time }}" - {{- end }} - {{- if .Values.additionalAnnotations }} - {{- tpl .Values.additionalAnnotations . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels" . | nindent 8 }} - spec: - {{- if .Values.initContainers.gitSync.enabled }} - securityContext: - fsGroup: 65533 # to make SSH key readable - {{- end }} - {{- if or .Values.initContainers.gitSync.enabled .Values.extraVolumes }} - volumes: - {{- if .Values.initContainers.gitSync.enabled }} - - name: git-secret - secret: - secretName: git-creds - defaultMode: 288 # = mode 0440 - - name: workdir - emptyDir: {} - {{- end }} - {{- with .Values.extraVolumes }} - {{- tpl . $ | nindent 6 }} - {{- end }} - {{- end }} - {{- if .Values.affinity.preferSpreadAcrossAZ }} - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: "failure-domain.beta.kubernetes.io/zone" - labelSelector: - matchLabels: - {{- include "common.labels" . | nindent 18 }} - {{- end }} - {{- if .Values.serviceAccount }} - serviceAccountName: {{ .Values.serviceAccount }} - {{- end }} - initContainers: - {{- with .Values.initContainers.extraInitContainers }} - {{- tpl . $ | nindent 8 }} - {{- end }} - {{- if .Values.initContainers.dbMigration.enabled }} - {{ with .Values.initContainers.dbMigration}} - - name: "db-migration" - image: {{ template "common.image" (dict "Values" $.Values "repository" .image.repository "tag" .image.tag) }} - imagePullPolicy: {{ .image.pullPolicy }} - {{- end }} - {{- if .Values.initContainers.dbMigration.env }} - env: - {{- tpl .Values.initContainers.dbMigration.env . | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.initContainers.gitSync.enabled }} - {{ with .Values.initContainers.gitSync }} - - name: "git-sync" - image: {{ template "common.image" (dict "Values" $.Values "repository" .image.repository "tag" .image.tag) }} - imagePullPolicy: {{ .image.pullPolicy }} - {{- end }} - securityContext: - runAsUser: 65533 # git-sync user - volumeMounts: - - name: git-secret - mountPath: /etc/git-secret - - name: workdir - mountPath: "/work-dir" - {{- if .Values.initContainers.gitSync.env }} - env: - {{- tpl .Values.initContainers.gitSync.env . | nindent 12 }} - {{- end }} - {{- end }} - containers: - {{- with .Values.extraContainers }} - {{- tpl . $ | nindent 8 }} - {{- end }} - - name: {{ template "common.name" . }} - image: {{ template "common.image" (dict "Values" $.Values "repository" .Values.image.repository "tag" .Values.image.tag) }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if .Values.args }} - args: - {{- tpl .Values.args . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.httpPort }} - protocol: TCP - {{- if .Values.healthChecks.enabled }} - readinessProbe: - {{- tpl .Values.healthChecks.readinessProbe . | nindent 12 }} - livenessProbe: - {{- tpl .Values.healthChecks.livenessProbe . | nindent 12 }} - {{- end }} - {{- if .Values.lifecycle }} - lifecycle: - {{- toYaml .Values.lifecycle | nindent 12 }} - {{- end }} - {{- if or .Values.initContainers.gitSync.enabled .Values.extraVolumeMounts }} - volumeMounts: - {{- if .Values.initContainers.gitSync.enabled }} - - name: workdir - mountPath: "/work-dir" - {{- end }} - {{- with .Values.extraVolumeMounts }} - {{- tpl . $ | nindent 10 }} - {{- end }} - {{- end }} - {{- if or .Values.env (eq .Values.appType "java-spring") (index .Values "global" "tracing-enabled") }} - env: - {{- if .Values.env }} - {{- tpl .Values.env . | nindent 12 }} - {{- end -}} - {{- if eq .Values.appType "java-spring" }} - {{- tpl .Values.extraEnv.java . | nindent 12 }} - {{- end -}} - {{- if or (index .Values "global" "tracing-enabled") (index .Values "tracing-enabled") }} - {{- tpl .Values.extraEnv.jaeger . | nindent 12 }} - {{- end }} - {{- end }} - {{- if .Values.resources }} - resources: - {{- tpl .Values.resources . | nindent 12 }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: -{{ toYaml . | indent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: -{{ toYaml . | indent 8 }} - {{- end }} -{{- end -}} +{{- define "common.deployment" -}} +{{- if .Capabilities.APIVersions.Has "apps/v1" }} +apiVersion: apps/v1 +{{- else }} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Deployment +metadata: + name: {{ template "common.name" . }} + namespace: {{ .Values.namespace }} + labels: +{{- include "common.labels" . | nindent 4 }} +spec: +{{- if .Capabilities.APIVersions.Has "apps/v1" }} + selector: + matchLabels: + {{- include "common.labels" . | nindent 6 }} +{{- end }} +{{- $persistence := .Values.persistence | default dict -}} +{{- if and (not (hasKey $persistence "enabled")) (eq (.Values.replicas | int) 1) }} + strategy: + rollingUpdate: + maxUnavailable: 0 +{{- end }} + replicas: {{ .Values.replicas }} + template: + metadata: + annotations: + {{- if not .Values.disableAnnotationTimestamp }} + deployment-timestamp: "{{ date "20060102150405" .Release.Time }}" + {{- end }} + {{- if .Values.additionalAnnotations }} + {{- tpl .Values.additionalAnnotations . | nindent 8 }} + {{- end }} + labels: + {{- include "common.labels" . | nindent 8 }} + spec: + {{- if .Values.initContainers.gitSync.enabled }} + securityContext: + fsGroup: 65533 # to make SSH key readable + {{- end }} + {{- if or .Values.initContainers.gitSync.enabled .Values.extraVolumes }} + volumes: + {{- if .Values.initContainers.gitSync.enabled }} + - name: git-secret + secret: + secretName: git-creds + defaultMode: 288 # = mode 0440 + - name: workdir + emptyDir: {} + {{- end }} + {{- with .Values.extraVolumes }} + {{- tpl . $ | nindent 6 }} + {{- end }} + {{- end }} + {{- if .Values.affinity.preferSpreadAcrossAZ }} + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + topologyKey: "failure-domain.beta.kubernetes.io/zone" + labelSelector: + matchLabels: + {{- include "common.labels" . | nindent 18 }} + {{- end }} + {{- if .Values.serviceAccount }} + serviceAccountName: {{ .Values.serviceAccount }} + {{- end }} + initContainers: + {{- with .Values.initContainers.extraInitContainers }} + {{- tpl . $ | nindent 8 }} + {{- end }} + {{- if .Values.initContainers.dbMigration.enabled }} + {{ with .Values.initContainers.dbMigration}} + - name: "db-migration" + image: {{ template "common.image" (dict "Values" $.Values "repository" .image.repository "tag" .image.tag) }} + imagePullPolicy: {{ .image.pullPolicy }} + {{- end }} + {{- if .Values.initContainers.dbMigration.env }} + env: + {{- tpl .Values.initContainers.dbMigration.env . | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.initContainers.gitSync.enabled }} + {{ with .Values.initContainers.gitSync }} + - name: "git-sync" + image: {{ template "common.image" (dict "Values" $.Values "repository" .image.repository "tag" .image.tag) }} + imagePullPolicy: {{ .image.pullPolicy }} + {{- end }} + securityContext: + runAsUser: 65533 # git-sync user + volumeMounts: + - name: git-secret + mountPath: /etc/git-secret + - name: workdir + mountPath: "/work-dir" + {{- if .Values.initContainers.gitSync.env }} + env: + {{- tpl .Values.initContainers.gitSync.env . | nindent 12 }} + {{- end }} + {{- end }} + containers: + {{- with .Values.extraContainers }} + {{- tpl . $ | nindent 8 }} + {{- end }} + - name: {{ template "common.name" . }} + image: {{ template "common.image" (dict "Values" $.Values "repository" .Values.image.repository "tag" .Values.image.tag) }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.args }} + args: + {{- tpl .Values.args . | nindent 12 }} + {{- end }} + ports: + - name: http + containerPort: {{ .Values.httpPort }} + protocol: TCP + {{- if .Values.healthChecks.enabled }} + readinessProbe: + {{- tpl .Values.healthChecks.readinessProbe . | nindent 12 }} + livenessProbe: + {{- tpl .Values.healthChecks.livenessProbe . | nindent 12 }} + {{- end }} + {{- if .Values.lifecycle }} + lifecycle: + {{- toYaml .Values.lifecycle | nindent 12 }} + {{- end }} + {{- if or .Values.initContainers.gitSync.enabled .Values.extraVolumeMounts }} + volumeMounts: + {{- if .Values.initContainers.gitSync.enabled }} + - name: workdir + mountPath: "/work-dir" + {{- end }} + {{- with .Values.extraVolumeMounts }} + {{- tpl . $ | nindent 10 }} + {{- end }} + {{- end }} + {{- if or .Values.env (eq .Values.appType "java-spring") (index .Values "global" "tracing-enabled") }} + env: + {{- if .Values.env }} + {{- tpl .Values.env . | nindent 12 }} + {{- end -}} + {{- if eq .Values.appType "java-spring" }} + {{- tpl .Values.extraEnv.java . | nindent 12 }} + {{- end -}} + {{- if or (index .Values "global" "tracing-enabled") (index .Values "tracing-enabled") }} + {{- tpl .Values.extraEnv.jaeger . | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.resources }} + resources: + {{- tpl .Values.resources . | nindent 12 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} +{{- end -}} diff --git a/config-as-code/helm/charts/common/templates/_helpers.tpl b/deploy-as-code/helm/charts/common/templates/_helpers.tpl old mode 100755 new mode 100644 similarity index 97% rename from config-as-code/helm/charts/common/templates/_helpers.tpl rename to deploy-as-code/helm/charts/common/templates/_helpers.tpl index 7f90def5fb..7b3d29ad67 --- a/config-as-code/helm/charts/common/templates/_helpers.tpl +++ b/deploy-as-code/helm/charts/common/templates/_helpers.tpl @@ -1,26 +1,26 @@ -{{- define "common.name" -}} -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseCommonValues := .Values.common | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseCommonValues .Values $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- default .Chart.Name .Values.name -}} -{{- end }} -{{- end }} - -{{- define "common.labels" -}} -app: {{ template "common.name" . }} -{{- if .Values.labels.group }} -group: {{ .Values.labels.group }} -{{- end }} -{{- range $key, $val := .Values.additionalLabels }} -{{ $key }}: {{ $val | quote }} -{{- end }} -{{- end }} - -{{- define "common.image" -}} -{{- if contains "/" .repository -}} -{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} -{{- else -}} -{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} -{{- end -}} +{{- define "common.name" -}} +{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} +{{- $baseCommonValues := .Values.common | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseCommonValues .Values $envOverrides) -}} +{{- with mustMergeOverwrite . $values -}} +{{- default .Chart.Name .Values.name -}} +{{- end }} +{{- end }} + +{{- define "common.labels" -}} +app: {{ template "common.name" . }} +{{- if .Values.labels.group }} +group: {{ .Values.labels.group }} +{{- end }} +{{- range $key, $val := .Values.additionalLabels }} +{{ $key }}: {{ $val | quote }} +{{- end }} +{{- end }} + +{{- define "common.image" -}} +{{- if contains "/" .repository -}} +{{- printf "%s:%s" .repository ( required "Tag is mandatory" .tag ) -}} +{{- else -}} +{{- printf "%s/%s:%s" $.Values.global.containerRegistry .repository ( required "Tag is mandatory" .tag ) -}} +{{- end -}} {{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/common/templates/_ingress.yaml b/deploy-as-code/helm/charts/common/templates/_ingress.yaml old mode 100755 new mode 100644 similarity index 96% rename from config-as-code/helm/charts/common/templates/_ingress.yaml rename to deploy-as-code/helm/charts/common/templates/_ingress.yaml index 83fb1c6259..a47a9f4113 --- a/config-as-code/helm/charts/common/templates/_ingress.yaml +++ b/deploy-as-code/helm/charts/common/templates/_ingress.yaml @@ -1,61 +1,61 @@ -{{- define "common.ingress" -}} -{{- if .Values.ingress.enabled -}} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} - annotations: -{{- toYaml .Values.ingress.annotations | nindent 4 }} -{{- if .Values.ingress.waf.enabled }} -{{- toYaml .Values.ingress.waf.annotations | nindent 4 }} -{{- end }} -{{- if .Values.ingress.additionalAnnotations }} - {{- tpl .Values.ingress.additionalAnnotations . | nindent 4 }} -{{- end }} - labels: -{{- include "common.labels" . | nindent 4 }} -spec: - rules: -{{- if .Values.ingress.host }} - {{- tpl .Values.ingress.host . | nindent 2 }} -{{- else if .Values.ingress.hostName }} - - host: {{ .Values.ingress.hostName }} -{{- else }} - - host: {{ .Values.global.domain }} -{{- end }} - http: - paths: - - backend: -{{- if .Values.ingress.zuul }} - service: - name: zuul - port: - number: 8080 -{{ else }} - service: - name: {{ .Values.ingress.serviceName | default (include "common.name" .) }} - port: - number: {{ .Values.ingress.servicePort | default .Values.httpPort }} -{{- end }} - path: /{{ .Values.ingress.context }} - pathType: Prefix -{{- if ne .Values.global.setup "quickstart" }} - tls: -{{- if .Values.ingress.tls }} - {{- tpl .Values.ingress.tls . | nindent 2 }} -{{- else }} -{{- if .Values.ingress.hostName }} - - hosts: - - {{ .Values.ingress.hostName }} - secretName: {{ .Values.ingress.hostName }}-tls-certs -{{- else }} - - hosts: - - {{ .Values.global.domain }} - secretName: {{ .Values.global.domain }}-tls-certs -{{- end }} -{{- end }} -{{- end }} -{{- end -}} -{{- end -}} +{{- define "common.ingress" -}} +{{- if .Values.ingress.enabled -}} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ template "common.name" . }} + namespace: {{ .Values.namespace }} + annotations: +{{- toYaml .Values.ingress.annotations | nindent 4 }} +{{- if .Values.ingress.waf.enabled }} +{{- toYaml .Values.ingress.waf.annotations | nindent 4 }} +{{- end }} +{{- if .Values.ingress.additionalAnnotations }} + {{- tpl .Values.ingress.additionalAnnotations . | nindent 4 }} +{{- end }} + labels: +{{- include "common.labels" . | nindent 4 }} +spec: + rules: +{{- if .Values.ingress.host }} + {{- tpl .Values.ingress.host . | nindent 2 }} +{{- else if .Values.ingress.hostName }} + - host: {{ .Values.ingress.hostName }} +{{- else }} + - host: {{ .Values.global.domain }} +{{- end }} + http: + paths: + - backend: +{{- if .Values.ingress.zuul }} + service: + name: zuul + port: + number: 8080 +{{ else }} + service: + name: {{ .Values.ingress.serviceName | default (include "common.name" .) }} + port: + number: {{ .Values.ingress.servicePort | default .Values.httpPort }} +{{- end }} + path: /{{ .Values.ingress.context }} + pathType: Prefix +{{- if ne .Values.global.setup "quickstart" }} + tls: +{{- if .Values.ingress.tls }} + {{- tpl .Values.ingress.tls . | nindent 2 }} +{{- else }} +{{- if .Values.ingress.hostName }} + - hosts: + - {{ .Values.ingress.hostName }} + secretName: {{ .Values.ingress.hostName }}-tls-certs +{{- else }} + - hosts: + - {{ .Values.global.domain }} + secretName: {{ .Values.global.domain }}-tls-certs +{{- end }} +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} diff --git a/config-as-code/helm/charts/common/templates/_service.yaml b/deploy-as-code/helm/charts/common/templates/_service.yaml old mode 100755 new mode 100644 similarity index 96% rename from config-as-code/helm/charts/common/templates/_service.yaml rename to deploy-as-code/helm/charts/common/templates/_service.yaml index 2c5719d264..d4d57912cd --- a/config-as-code/helm/charts/common/templates/_service.yaml +++ b/deploy-as-code/helm/charts/common/templates/_service.yaml @@ -1,29 +1,29 @@ -{{- define "common.service" -}} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} - annotations: -{{- if .Values.metrics }} - prometheus.io/path: {{ .Values.metrics.path | quote }} - prometheus.io/port: {{ .Values.metrics.port | quote }} - prometheus.io/scrape: "true" -{{- end }} -{{- if .Values.ingress.zuul }} - zuul/route-path: {{ .Values.ingress.context }} -{{- end }} -{{- if and .Values.service .Values.service.additionalAnnotations}} - {{- tpl .Values.service.additionalAnnotations . | nindent 4 }} -{{- end }} - labels: -{{- include "common.labels" . | nindent 4 }} -spec: - selector: -{{- include "common.labels" . | nindent 4 }} - ports: - - name: http - port: {{ .Values.httpPort }} - targetPort: {{ .Values.httpPort }} +{{- define "common.service" -}} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "common.name" . }} + namespace: {{ .Values.namespace }} + annotations: +{{- if .Values.metrics }} + prometheus.io/path: {{ .Values.metrics.path | quote }} + prometheus.io/port: {{ .Values.metrics.port | quote }} + prometheus.io/scrape: "true" +{{- end }} +{{- if .Values.ingress.zuul }} + zuul/route-path: {{ .Values.ingress.context }} +{{- end }} +{{- if and .Values.service .Values.service.additionalAnnotations}} + {{- tpl .Values.service.additionalAnnotations . | nindent 4 }} +{{- end }} + labels: +{{- include "common.labels" . | nindent 4 }} +spec: + selector: +{{- include "common.labels" . | nindent 4 }} + ports: + - name: http + port: {{ .Values.httpPort }} + targetPort: {{ .Values.httpPort }} {{- end -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/common/templates/_servicemonitor.yaml b/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml similarity index 100% rename from config-as-code/helm/charts/common/templates/_servicemonitor.yaml rename to deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml diff --git a/config-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml old mode 100755 new mode 100644 similarity index 96% rename from config-as-code/helm/charts/common/values.yaml rename to deploy-as-code/helm/charts/common/values.yaml index c428a639ba..a533ee541a --- a/config-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -1,267 +1,267 @@ -# Default values for commons. -# This is a YAML-formatted file. -# Declare name/value pairs to be passed into your templates. -global: - containerRegistry: egovio - -namespace: egov -replicas: 1 -httpPort: 8080 -appType: "" - -ingress: - enabled: false - zuul: false - annotations: - kubernetes.io/ingress.class: "nginx" - nginx.ingress.kubernetes.io/use-regex: "true" - waf: - enabled: true - annotations: - nginx.ingress.kubernetes.io/lua-resty-waf: "active" - nginx.ingress.kubernetes.io/lua-resty-waf-debug: "true" - nginx.ingress.kubernetes.io/lua-resty-waf-score-threshold: "10" - nginx.ingress.kubernetes.io/lua-resty-waf-allow-unknown-content-types: "true" - nginx.ingress.kubernetes.io/lua-resty-waf-process-multipart-body: "false" - -image: - pullPolicy: IfNotPresent - -affinity: - preferSpreadAcrossAZ: true - -initContainers: - dbMigration: - enabled: false - image: - pullPolicy: IfNotPresent - tag: latest - env: | - - name: "DB_URL" - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - - name: "FLYWAY_USER" - valueFrom: - secretKeyRef: - name: db - key: flyway-username - - name: "FLYWAY_PASSWORD" - valueFrom: - secretKeyRef: - name: db - key: flyway-password - - name: "FLYWAY_LOCATIONS" - valueFrom: - configMapKeyRef: - name: egov-config - key: flyway-locations - - gitSync: - enabled: false - image: - repository: k8s.gcr.io/git-sync - tag: v3.1.1 - pullPolicy: IfNotPresent - env: | - - name: "GIT_SYNC_REPO" - value: "{{ .Values.initContainers.gitSync.repo }}" - - name: "GIT_SYNC_BRANCH" - value: "{{ .Values.initContainers.gitSync.branch }}" - - name: "GIT_SYNC_DEPTH" - value: "1" - - name: "GIT_SYNC_ONE_TIME" - value: "true" - - name: "GIT_SYNC_SSH" - value: "true" - - name: "GIT_SYNC_ROOT" - value: "/work-dir" - -healthChecks: - enabled: false - livenessProbe: | - httpGet: - path: "{{ .Values.healthChecks.livenessProbePath }}" - port: {{ .Values.httpPort }} - initialDelaySeconds: 30 - timeoutSeconds: 3 - periodSeconds: 60 - successThreshold: 1 - failureThreshold: 5 - readinessProbe: | - httpGet: - path: "{{ .Values.healthChecks.readinessProbePath }}" - port: {{ .Values.httpPort }} - initialDelaySeconds: 30 - timeoutSeconds: 3 - periodSeconds: 30 - successThreshold: 1 - failureThreshold: 5 - -lifecycle: - preStop: - exec: - command: - - sh - - -c - - "sleep 10" - -memory_limits: "256Mi" -resources: | - {{- if eq .Values.appType "java-spring" -}} - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} - {{- end -}} -## Allows specification of additional environment variables -extraEnv: - java: | - - name: SPRING_DATASOURCE_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: FLYWAY_ENABLED - value: "false" - - name: SPRING_FLYWAY_ENABLED - value: "false" - - name: MANAGEMENT_ENDPOINTS_WEB_BASE_PATH - value: "/" - - name: APP_TIMEZONE - valueFrom: - configMapKeyRef: - name: egov-config - key: timezone - - name: FLYWAY_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - - name: SPRING_DATASOURCE_USERNAME - valueFrom: - secretKeyRef: - name: db - key: username - - name: SPRING_DATASOURCE_PASSWORD - valueFrom: - secretKeyRef: - name: db - key: password - - name: SPRING_DATASOURCE_TOMCAT_INITIAL_SIZE - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-initialSize - - name: SERVER_TOMCAT_MAX_THREADS - {{- if index .Values "server-tomcat-max-threads" }} - value: {{ index .Values "server-tomcat-max-threads" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: server-tomcat-max-threads - {{- end }} - - name: SERVER_TOMCAT_MAX_CONNECTIONS - {{- if index .Values "server-tomcat-max-connections" }} - value: {{ index .Values "server-tomcat-max-connections" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: server-tomcat-max-connections - {{- end }} - - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE - {{- if index .Values "spring-datasource-tomcat-max-active" }} - value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-max-active - {{- end }} - - name: SPRING_DATASOURCE_HIKARI_MAXIMUM-POOL-SIZE - {{- if index .Values "spring-datasource-tomcat-max-active" }} - value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-datasource-tomcat-max-active - {{- end }} - - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: SPRING_JPA_SHOW_SQL - valueFrom: - configMapKeyRef: - name: egov-config - key: spring-jpa-show-sql - jaeger: | - - name: JAEGER_SERVICE_NAME - value: {{ template "common.name" . }} - - name: JAEGER_SAMPLER_TYPE - value: remote - - name: JAEGER_AGENT_HOST - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: JAEGER_AGENT_PORT - value: "6831" - - name: JAEGER_SAMPLER_MANAGER_HOST_PORT - value: "$(JAEGER_AGENT_HOST):5778" - - name: TRACER_OPENTRACING_ENABLED - value: "true" -## Additional init containers -extraInitContainers: | - -## Additional sidecar containers -extraContainers: | - -## Add additional volumes and mounts, e. g. for custom themes -extraVolumes: | -extraVolumeMounts: | - -additionalLabels: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - additionalAnnotations: {} - -serviceMonitor: - honorLabels: true - # interval: 2m - -cron: - namespace: egov - concurrencyPolicy: Forbid - restartPolicy: OnFailure - httpPort: 8080 - ## Additional sidecar containers - extraContainers: | - - ## Add additional volumes and mounts - extraVolumes: | - - ## Add additional mounts - extraVolumeMounts: | +# Default values for commons. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +global: + containerRegistry: egovio + +namespace: egov +replicas: 1 +httpPort: 8080 +appType: "" + +ingress: + enabled: false + zuul: false + annotations: + kubernetes.io/ingress.class: "nginx" + nginx.ingress.kubernetes.io/use-regex: "true" + waf: + enabled: true + annotations: + nginx.ingress.kubernetes.io/lua-resty-waf: "active" + nginx.ingress.kubernetes.io/lua-resty-waf-debug: "true" + nginx.ingress.kubernetes.io/lua-resty-waf-score-threshold: "10" + nginx.ingress.kubernetes.io/lua-resty-waf-allow-unknown-content-types: "true" + nginx.ingress.kubernetes.io/lua-resty-waf-process-multipart-body: "false" + +image: + pullPolicy: IfNotPresent + +affinity: + preferSpreadAcrossAZ: true + +initContainers: + dbMigration: + enabled: false + image: + pullPolicy: IfNotPresent + tag: latest + env: | + - name: "DB_URL" + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: "SCHEMA_TABLE" + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + - name: "FLYWAY_USER" + valueFrom: + secretKeyRef: + name: db + key: flyway-username + - name: "FLYWAY_PASSWORD" + valueFrom: + secretKeyRef: + name: db + key: flyway-password + - name: "FLYWAY_LOCATIONS" + valueFrom: + configMapKeyRef: + name: egov-config + key: flyway-locations + + gitSync: + enabled: false + image: + repository: k8s.gcr.io/git-sync + tag: v3.1.1 + pullPolicy: IfNotPresent + env: | + - name: "GIT_SYNC_REPO" + value: "{{ .Values.initContainers.gitSync.repo }}" + - name: "GIT_SYNC_BRANCH" + value: "{{ .Values.initContainers.gitSync.branch }}" + - name: "GIT_SYNC_DEPTH" + value: "1" + - name: "GIT_SYNC_ONE_TIME" + value: "true" + - name: "GIT_SYNC_SSH" + value: "true" + - name: "GIT_SYNC_ROOT" + value: "/work-dir" + +healthChecks: + enabled: false + livenessProbe: | + httpGet: + path: "{{ .Values.healthChecks.livenessProbePath }}" + port: {{ .Values.httpPort }} + initialDelaySeconds: 30 + timeoutSeconds: 3 + periodSeconds: 60 + successThreshold: 1 + failureThreshold: 5 + readinessProbe: | + httpGet: + path: "{{ .Values.healthChecks.readinessProbePath }}" + port: {{ .Values.httpPort }} + initialDelaySeconds: 30 + timeoutSeconds: 3 + periodSeconds: 30 + successThreshold: 1 + failureThreshold: 5 + +lifecycle: + preStop: + exec: + command: + - sh + - -c + - "sleep 10" + +memory_limits: "256Mi" +resources: | + {{- if eq .Values.appType "java-spring" -}} + requests: + memory: {{ .Values.memory_limits | quote }} + limits: + memory: {{ .Values.memory_limits | quote }} + {{- end -}} +## Allows specification of additional environment variables +extraEnv: + java: | + - name: SPRING_DATASOURCE_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: FLYWAY_ENABLED + value: "false" + - name: SPRING_FLYWAY_ENABLED + value: "false" + - name: MANAGEMENT_ENDPOINTS_WEB_BASE_PATH + value: "/" + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + - name: FLYWAY_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + - name: SPRING_DATASOURCE_USERNAME + valueFrom: + secretKeyRef: + name: db + key: username + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: SPRING_DATASOURCE_TOMCAT_INITIAL_SIZE + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-initialSize + - name: SERVER_TOMCAT_MAX_THREADS + {{- if index .Values "server-tomcat-max-threads" }} + value: {{ index .Values "server-tomcat-max-threads" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: server-tomcat-max-threads + {{- end }} + - name: SERVER_TOMCAT_MAX_CONNECTIONS + {{- if index .Values "server-tomcat-max-connections" }} + value: {{ index .Values "server-tomcat-max-connections" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: server-tomcat-max-connections + {{- end }} + - name: SPRING_DATASOURCE_TOMCAT_MAX_ACTIVE + {{- if index .Values "spring-datasource-tomcat-max-active" }} + value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-max-active + {{- end }} + - name: SPRING_DATASOURCE_HIKARI_MAXIMUM-POOL-SIZE + {{- if index .Values "spring-datasource-tomcat-max-active" }} + value: {{ index .Values "spring-datasource-tomcat-max-active" | quote }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-datasource-tomcat-max-active + {{- end }} + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: SPRING_KAFKA_BOOTSTRAP_SERVERS + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: SPRING_JPA_SHOW_SQL + valueFrom: + configMapKeyRef: + name: egov-config + key: spring-jpa-show-sql + jaeger: | + - name: JAEGER_SERVICE_NAME + value: {{ template "common.name" . }} + - name: JAEGER_SAMPLER_TYPE + value: remote + - name: JAEGER_AGENT_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: JAEGER_AGENT_PORT + value: "6831" + - name: JAEGER_SAMPLER_MANAGER_HOST_PORT + value: "$(JAEGER_AGENT_HOST):5778" + - name: TRACER_OPENTRACING_ENABLED + value: "true" +## Additional init containers +extraInitContainers: | + +## Additional sidecar containers +extraContainers: | + +## Add additional volumes and mounts, e. g. for custom themes +extraVolumes: | +extraVolumeMounts: | + +additionalLabels: {} + +podSecurityContext: {} + # fsGroup: 2000 + +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +service: + additionalAnnotations: {} + +serviceMonitor: + honorLabels: true + # interval: 2m + +cron: + namespace: egov + concurrencyPolicy: Forbid + restartPolicy: OnFailure + httpPort: 8080 + ## Additional sidecar containers + extraContainers: | + + ## Add additional volumes and mounts + extraVolumes: | + + ## Add additional mounts + extraVolumeMounts: | diff --git a/config-as-code/helm/charts/core-services/chatbot/Chart.yaml b/deploy-as-code/helm/charts/core-services/chatbot/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/Chart.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml diff --git a/config-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml diff --git a/config-as-code/helm/charts/core-services/chatbot/requirements.lock b/deploy-as-code/helm/charts/core-services/chatbot/requirements.lock similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/requirements.lock rename to deploy-as-code/helm/charts/core-services/chatbot/requirements.lock diff --git a/config-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/chatbot/templates/service.yaml b/deploy-as-code/helm/charts/core-services/chatbot/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/chatbot/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/chatbot/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-accesscontrol/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-common-masters/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-common-masters/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-common-masters/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-common-masters/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-common-masters/values.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-common-masters/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-data-uploader/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-data-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-data-uploader/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-document-uploader/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-document-uploader/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-enc-service/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-enc-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml rename to deploy-as-code/helm/charts/core-services/egov-enc-service/templates/ingress.yml diff --git a/config-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-enc-service/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-enc-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-enc-service/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/templates/persistentvolume.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/templates/pvc.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-filestore/values.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-filestore/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-idgen/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-idgen/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-idgen/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-idgen/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-idgen/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-idgen/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-idgen/values.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-idgen/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-indexer/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-indexer/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-indexer/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-indexer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-indexer/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-indexer/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-indexer/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-localization/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-localization/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-localization/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-localization/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-localization/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-localization/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-localization/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-localization/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-localization/values.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-localization/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-localization/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-location/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-location/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-location/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-location/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-location/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-location/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-location/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-location/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-location/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-location/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-location/values.yaml b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-location/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-location/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml diff --git a/config-as-code/helm/charts/core-services/egov-mdms-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-mdms-service/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-mail/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-mail/home-isolation-email-values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-mail/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-mail/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-sms/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-notification-sms/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-notification-sms/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-otp/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-otp/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-otp/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-otp/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-otp/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-otp/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-otp/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-otp/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-otp/values.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-otp/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-otp/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pdf/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pdf/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-pdf/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-pdf/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-pdf/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-pdf/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pdf/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pdf/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-persister/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-persister/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-persister/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-persister/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-persister/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-persister/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-persister/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-persister/values.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-persister/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-persister/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-pg-service/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-pg-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-pg-service/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-pg-service/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-pg-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-pg-service/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-searcher/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-searcher/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-searcher/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-searcher/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-searcher/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-searcher/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-searcher/values.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-searcher/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-url-shortening/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-url-shortening/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-user-chatbot/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-user/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-user/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-user/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-user/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-user/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow-v2/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow/Chart.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/egov-workflow/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/egov-workflow/values.yaml rename to deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/Chart.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/Chart.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/templates/role.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/templates/rolebinding.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/core-services/internal-gateway/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/internal-gateway/values.yaml rename to deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml diff --git a/config-as-code/helm/charts/core-services/mailbot/Chart.yaml b/deploy-as-code/helm/charts/core-services/mailbot/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/Chart.yaml rename to deploy-as-code/helm/charts/core-services/mailbot/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/mailbot/requirements.lock b/deploy-as-code/helm/charts/core-services/mailbot/requirements.lock similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/requirements.lock rename to deploy-as-code/helm/charts/core-services/mailbot/requirements.lock diff --git a/config-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/mailbot/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/mailbot/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/mailbot/templates/service.yaml b/deploy-as-code/helm/charts/core-services/mailbot/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/mailbot/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/mailbot/values.yaml b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/mailbot/values.yaml rename to deploy-as-code/helm/charts/core-services/mailbot/values.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-ingest/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml rename to deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml diff --git a/config-as-code/helm/charts/core-services/nlp-engine/Chart.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/nlp-engine/Chart.yaml rename to deploy-as-code/helm/charts/core-services/nlp-engine/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/nlp-engine/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/nlp-engine/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/nlp-engine/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/nlp-engine/values.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/nlp-engine/values.yaml rename to deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml diff --git a/config-as-code/helm/charts/core-services/pdf-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/pdf-service/Chart.yaml rename to deploy-as-code/helm/charts/core-services/pdf-service/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/pdf-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/pdf-service/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/pdf-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/pdf-service/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/pdf-service/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/pdf-service/values.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/pdf-service/values.yaml rename to deploy-as-code/helm/charts/core-services/pdf-service/values.yaml diff --git a/config-as-code/helm/charts/core-services/report/Chart.yaml b/deploy-as-code/helm/charts/core-services/report/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/report/Chart.yaml rename to deploy-as-code/helm/charts/core-services/report/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/report/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/report/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/report/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/report/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/report/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/report/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/report/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/report/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/report/templates/service.yaml b/deploy-as-code/helm/charts/core-services/report/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/report/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/report/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/report/values.yaml b/deploy-as-code/helm/charts/core-services/report/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/report/values.yaml rename to deploy-as-code/helm/charts/core-services/report/values.yaml diff --git a/config-as-code/helm/charts/core-services/telemetry/Chart.yaml b/deploy-as-code/helm/charts/core-services/telemetry/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/telemetry/Chart.yaml rename to deploy-as-code/helm/charts/core-services/telemetry/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/telemetry/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/telemetry/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/telemetry/templates/service.yaml b/deploy-as-code/helm/charts/core-services/telemetry/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/telemetry/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/telemetry/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/telemetry/values.yaml b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/telemetry/values.yaml rename to deploy-as-code/helm/charts/core-services/telemetry/values.yaml diff --git a/config-as-code/helm/charts/core-services/user-otp/Chart.yaml b/deploy-as-code/helm/charts/core-services/user-otp/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/user-otp/Chart.yaml rename to deploy-as-code/helm/charts/core-services/user-otp/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/user-otp/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/user-otp/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/user-otp/templates/service.yaml b/deploy-as-code/helm/charts/core-services/user-otp/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/user-otp/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/user-otp/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/user-otp/values.yaml b/deploy-as-code/helm/charts/core-services/user-otp/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/user-otp/values.yaml rename to deploy-as-code/helm/charts/core-services/user-otp/values.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/covid-chatbot-values.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/ingress.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/xstate-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/xstate-chatbot/values.yaml rename to deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/Chart.yaml b/deploy-as-code/helm/charts/core-services/zuul/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/Chart.yaml rename to deploy-as-code/helm/charts/core-services/zuul/Chart.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/deployment.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/templates/role.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/templates/role.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/templates/service.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/service.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/serviceaccount.yaml diff --git a/config-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml similarity index 100% rename from config-as-code/helm/charts/core-services/zuul/values.yaml rename to deploy-as-code/helm/charts/core-services/zuul/values.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/Chart.yaml b/deploy-as-code/helm/charts/frontend/citizen/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/Chart.yaml rename to deploy-as-code/helm/charts/frontend/citizen/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/citizen/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/citizen/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/citizen/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/citizen/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/templates/service.yaml b/deploy-as-code/helm/charts/frontend/citizen/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/citizen/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/citizen/templates/subfilter-injection-configmap.yaml diff --git a/config-as-code/helm/charts/frontend/citizen/values.yaml b/deploy-as-code/helm/charts/frontend/citizen/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/citizen/values.yaml rename to deploy-as-code/helm/charts/frontend/citizen/values.yaml diff --git a/config-as-code/helm/charts/frontend/common-screen/Chart.yaml b/deploy-as-code/helm/charts/frontend/common-screen/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/common-screen/Chart.yaml rename to deploy-as-code/helm/charts/frontend/common-screen/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/common-screen/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/common-screen/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/common-screen/templates/service.yaml b/deploy-as-code/helm/charts/frontend/common-screen/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/common-screen/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/common-screen/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/common-screen/values.yaml b/deploy-as-code/helm/charts/frontend/common-screen/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/common-screen/values.yaml rename to deploy-as-code/helm/charts/frontend/common-screen/values.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/Chart.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/Chart.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/templates/service.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/templates/subfilter-injection-configmap.yaml diff --git a/config-as-code/helm/charts/frontend/digit-ui/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/digit-ui/values.yaml rename to deploy-as-code/helm/charts/frontend/digit-ui/values.yaml diff --git a/config-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml b/deploy-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml rename to deploy-as-code/helm/charts/frontend/dss-dashboard/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/dss-dashboard/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/dss-dashboard/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml b/deploy-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/dss-dashboard/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/dss-dashboard/values.yaml b/deploy-as-code/helm/charts/frontend/dss-dashboard/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/dss-dashboard/values.yaml rename to deploy-as-code/helm/charts/frontend/dss-dashboard/values.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/Chart.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/Chart.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/templates/subfilter-injection-configmap.yaml diff --git a/config-as-code/helm/charts/frontend/employee-mcs/values.yaml b/deploy-as-code/helm/charts/frontend/employee-mcs/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-mcs/values.yaml rename to deploy-as-code/helm/charts/frontend/employee-mcs/values.yaml diff --git a/config-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml b/deploy-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml rename to deploy-as-code/helm/charts/frontend/employee-tradelicence/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml b/deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/employee-tradelicence/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/employee-tradelicence/values.yaml b/deploy-as-code/helm/charts/frontend/employee-tradelicence/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee-tradelicence/values.yaml rename to deploy-as-code/helm/charts/frontend/employee-tradelicence/values.yaml diff --git a/config-as-code/helm/charts/frontend/employee/Chart.yaml b/deploy-as-code/helm/charts/frontend/employee/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/Chart.yaml rename to deploy-as-code/helm/charts/frontend/employee/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/employee/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/employee/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/employee/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/employee/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/employee/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/employee/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/employee/templates/service.yaml b/deploy-as-code/helm/charts/frontend/employee/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/employee/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/employee/templates/subfilter-injection-configmap.yaml diff --git a/config-as-code/helm/charts/frontend/employee/values.yaml b/deploy-as-code/helm/charts/frontend/employee/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/employee/values.yaml rename to deploy-as-code/helm/charts/frontend/employee/values.yaml diff --git a/config-as-code/helm/charts/frontend/hrms-web/Chart.yaml b/deploy-as-code/helm/charts/frontend/hrms-web/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/hrms-web/Chart.yaml rename to deploy-as-code/helm/charts/frontend/hrms-web/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/hrms-web/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/hrms-web/templates/service.yaml b/deploy-as-code/helm/charts/frontend/hrms-web/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/hrms-web/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/hrms-web/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/hrms-web/values.yaml b/deploy-as-code/helm/charts/frontend/hrms-web/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/hrms-web/values.yaml rename to deploy-as-code/helm/charts/frontend/hrms-web/values.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress-open.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml b/deploy-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml rename to deploy-as-code/helm/charts/frontend/rainmaker-custom-service/values.yaml diff --git a/config-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml b/deploy-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml rename to deploy-as-code/helm/charts/frontend/react-pgr-web/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/react-pgr-web/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml b/deploy-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/react-pgr-web/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/react-pgr-web/values.yaml b/deploy-as-code/helm/charts/frontend/react-pgr-web/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/react-pgr-web/values.yaml rename to deploy-as-code/helm/charts/frontend/react-pgr-web/values.yaml diff --git a/config-as-code/helm/charts/frontend/ui-app/Chart.yaml b/deploy-as-code/helm/charts/frontend/ui-app/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-app/Chart.yaml rename to deploy-as-code/helm/charts/frontend/ui-app/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/ui-app/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/ui-app/templates/service.yaml b/deploy-as-code/helm/charts/frontend/ui-app/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-app/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/ui-app/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/ui-app/values.yaml b/deploy-as-code/helm/charts/frontend/ui-app/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-app/values.yaml rename to deploy-as-code/helm/charts/frontend/ui-app/values.yaml diff --git a/config-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml b/deploy-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml rename to deploy-as-code/helm/charts/frontend/ui-dashboard/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/ui-dashboard/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/ui-dashboard/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml b/deploy-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/ui-dashboard/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/ui-dashboard/values.yaml b/deploy-as-code/helm/charts/frontend/ui-dashboard/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-dashboard/values.yaml rename to deploy-as-code/helm/charts/frontend/ui-dashboard/values.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/Chart.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/Chart.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/templates/ingress.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/templates/subfilter-injection-configmap.yaml diff --git a/config-as-code/helm/charts/frontend/ui-localisation/values.yaml b/deploy-as-code/helm/charts/frontend/ui-localisation/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-localisation/values.yaml rename to deploy-as-code/helm/charts/frontend/ui-localisation/values.yaml diff --git a/config-as-code/helm/charts/frontend/ui-uploader/Chart.yaml b/deploy-as-code/helm/charts/frontend/ui-uploader/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-uploader/Chart.yaml rename to deploy-as-code/helm/charts/frontend/ui-uploader/Chart.yaml diff --git a/config-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/ui-uploader/templates/deployment.yaml diff --git a/config-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml b/deploy-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/ui-uploader/templates/service.yaml diff --git a/config-as-code/helm/charts/frontend/ui-uploader/values.yaml b/deploy-as-code/helm/charts/frontend/ui-uploader/values.yaml similarity index 100% rename from config-as-code/helm/charts/frontend/ui-uploader/values.yaml rename to deploy-as-code/helm/charts/frontend/ui-uploader/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/bpa-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/bpa-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/echallan-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/echallan-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/egov-user-event/values.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/egov-user-event/values.yaml rename to deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/firenoc-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/firenoc-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/fsm/values.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/fsm/values.yaml rename to deploy-as-code/helm/charts/municipal-services/fsm/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/inbox/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/inbox/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/inbox/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/inbox/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/inbox/values.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/inbox/values.yaml rename to deploy-as-code/helm/charts/municipal-services/inbox/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/land-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/land-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/land-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/land-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/land-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/land-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/land-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/land-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/noc-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/noc-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/noc-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/noc-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/pgr-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pgr-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/property-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/property-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/property-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/property-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/property-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/property-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/property-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml b/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml b/deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml rename to deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml b/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml rename to deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/sw-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/sw-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/tl-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/tl-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml rename to deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/vehicle/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vehicle/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/vehicle/values.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vehicle/values.yaml rename to deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/vendor/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vendor/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/vendor/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vendor/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/vendor/values.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/vendor/values.yaml rename to deploy-as-code/helm/charts/municipal-services/vendor/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-calculator/values.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-services/Chart.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml diff --git a/config-as-code/helm/charts/municipal-services/ws-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml similarity index 100% rename from config-as-code/helm/charts/municipal-services/ws-services/values.yaml rename to deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml diff --git a/config-as-code/helm/charts/utilities/case-management/Chart.yaml b/deploy-as-code/helm/charts/utilities/case-management/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/case-management/Chart.yaml rename to deploy-as-code/helm/charts/utilities/case-management/Chart.yaml diff --git a/config-as-code/helm/charts/utilities/case-management/templates/deployment.yaml b/deploy-as-code/helm/charts/utilities/case-management/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/case-management/templates/deployment.yaml rename to deploy-as-code/helm/charts/utilities/case-management/templates/deployment.yaml diff --git a/config-as-code/helm/charts/utilities/case-management/templates/ingress.yaml b/deploy-as-code/helm/charts/utilities/case-management/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/case-management/templates/ingress.yaml rename to deploy-as-code/helm/charts/utilities/case-management/templates/ingress.yaml diff --git a/config-as-code/helm/charts/utilities/case-management/templates/service.yaml b/deploy-as-code/helm/charts/utilities/case-management/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/case-management/templates/service.yaml rename to deploy-as-code/helm/charts/utilities/case-management/templates/service.yaml diff --git a/config-as-code/helm/charts/utilities/case-management/values.yaml b/deploy-as-code/helm/charts/utilities/case-management/values.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/case-management/values.yaml rename to deploy-as-code/helm/charts/utilities/case-management/values.yaml diff --git a/config-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml b/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml rename to deploy-as-code/helm/charts/utilities/cova-dgr-fetch/Chart.yaml diff --git a/config-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml b/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml rename to deploy-as-code/helm/charts/utilities/cova-dgr-fetch/templates/cronjob.yaml diff --git a/config-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml b/deploy-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml rename to deploy-as-code/helm/charts/utilities/cova-dgr-fetch/values.yaml diff --git a/config-as-code/helm/charts/utilities/data-upload/Chart.yaml b/deploy-as-code/helm/charts/utilities/data-upload/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/data-upload/Chart.yaml rename to deploy-as-code/helm/charts/utilities/data-upload/Chart.yaml diff --git a/config-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml b/deploy-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml rename to deploy-as-code/helm/charts/utilities/data-upload/templates/deployment.yaml diff --git a/config-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml b/deploy-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml rename to deploy-as-code/helm/charts/utilities/data-upload/templates/ingress.yaml diff --git a/config-as-code/helm/charts/utilities/data-upload/templates/service.yaml b/deploy-as-code/helm/charts/utilities/data-upload/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/data-upload/templates/service.yaml rename to deploy-as-code/helm/charts/utilities/data-upload/templates/service.yaml diff --git a/config-as-code/helm/charts/utilities/data-upload/values.yaml b/deploy-as-code/helm/charts/utilities/data-upload/values.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/data-upload/values.yaml rename to deploy-as-code/helm/charts/utilities/data-upload/values.yaml diff --git a/config-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml b/deploy-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml rename to deploy-as-code/helm/charts/utilities/egov-custom-consumer/Chart.yaml diff --git a/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml b/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml rename to deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/deployment.yaml diff --git a/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml b/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml rename to deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/ingress.yaml diff --git a/config-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml b/deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml rename to deploy-as-code/helm/charts/utilities/egov-custom-consumer/templates/service.yaml diff --git a/config-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml b/deploy-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml rename to deploy-as-code/helm/charts/utilities/egov-custom-consumer/values.yaml diff --git a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml b/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml similarity index 97% rename from config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml rename to deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml index 7abe6dd571..475cd4bea2 100644 --- a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml +++ b/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/Chart.yaml @@ -1,26 +1,26 @@ -apiVersion: v2 -name: egov-weekly-impact-notifier -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 +apiVersion: v2 +name: egov-weekly-impact-notifier +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 repository: file://../../common \ No newline at end of file diff --git a/config-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml b/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml rename to deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml diff --git a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml b/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml similarity index 97% rename from config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml rename to deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml index 862cd9383c..c45ed088e2 100644 --- a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml +++ b/deploy-as-code/helm/charts/utilities/egov-weekly-impact-notifier/values.yaml @@ -1,50 +1,50 @@ -# Common Labels -labels: - app: "egov-weekly-impact-notifier" - group: "egov-weekly-impact-notifier" - -cron: - schedule: "45 18 * * *" - -# Container Configs -image: - repository: "egov-weekly-impact-notifier" - - -# Additional Container Envs -env: | - - name: SPRING_KAFKA_BOOTSTRAP_SERVERS - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: SPRING_KAFKA_CONSUMER_VALUE_DESERIALIZER - value: org.egov.tracer.kafka.deserializer.HashMapDeserializer - - name: SPRING_KAFKA_CONSUMER_KEY_DESERIALIZER - value: org.apache.kafka.common.serialization.StringDeserializer - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: "egov-weekly-impact-notifier" - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: EGOV_IMPACT_EMAILER_INTERVAL_IN_SECS - value: {{ index .Values "mail-interval-in-secs" | quote }} - - name: EGOV_IMPACT_EMAILER_EMAIL_TO_ADDRESS - value: {{ index .Values "mail-to-address" | quote }} - - name: EGOV_IMPACT_EMAILER_EMAIL_SUBJECT - value: {{ index .Values "impact-emailer-email-subject" | quote }} - - name: EGOV_SEARCHER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-searcher - - name: EGOV_SEARCHER_ENDPOINT - value: "/egov-searcher/{moduleName}/{searchName}/_get" - - name: EGOV_CORE_NOTIFICATION_EMAIL_TOPIC - value: "egov.core.notification.email" -resources: | - requests: - memory: {{ .Values.memory_limits | quote }} - limits: - memory: {{ .Values.memory_limits | quote }} +# Common Labels +labels: + app: "egov-weekly-impact-notifier" + group: "egov-weekly-impact-notifier" + +cron: + schedule: "45 18 * * *" + +# Container Configs +image: + repository: "egov-weekly-impact-notifier" + + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_BOOTSTRAP_SERVERS + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: SPRING_KAFKA_CONSUMER_VALUE_DESERIALIZER + value: org.egov.tracer.kafka.deserializer.HashMapDeserializer + - name: SPRING_KAFKA_CONSUMER_KEY_DESERIALIZER + value: org.apache.kafka.common.serialization.StringDeserializer + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "egov-weekly-impact-notifier" + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: EGOV_IMPACT_EMAILER_INTERVAL_IN_SECS + value: {{ index .Values "mail-interval-in-secs" | quote }} + - name: EGOV_IMPACT_EMAILER_EMAIL_TO_ADDRESS + value: {{ index .Values "mail-to-address" | quote }} + - name: EGOV_IMPACT_EMAILER_EMAIL_SUBJECT + value: {{ index .Values "impact-emailer-email-subject" | quote }} + - name: EGOV_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher + - name: EGOV_SEARCHER_ENDPOINT + value: "/egov-searcher/{moduleName}/{searchName}/_get" + - name: EGOV_CORE_NOTIFICATION_EMAIL_TOPIC + value: "egov.core.notification.email" +resources: | + requests: + memory: {{ .Values.memory_limits | quote }} + limits: + memory: {{ .Values.memory_limits | quote }} diff --git a/config-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml b/deploy-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml rename to deploy-as-code/helm/charts/utilities/mailbot-cron/Chart.yaml diff --git a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml b/deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml similarity index 98% rename from config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml rename to deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml index cb900dac32..74d9de7ea4 100644 --- a/config-as-code/helm/charts/utilities/egov-weekly-impact-notifier/templates/cronjob.yaml +++ b/deploy-as-code/helm/charts/utilities/mailbot-cron/templates/cronjob.yaml @@ -1,2 +1,2 @@ -# cronjob.yaml +# cronjob.yaml {{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/config-as-code/helm/charts/utilities/mailbot-cron/values.yaml b/deploy-as-code/helm/charts/utilities/mailbot-cron/values.yaml similarity index 100% rename from config-as-code/helm/charts/utilities/mailbot-cron/values.yaml rename to deploy-as-code/helm/charts/utilities/mailbot-cron/values.yaml diff --git a/config-as-code/environments/ci-demo-secrets.yaml b/deploy-as-code/helm/environments/ci-demo-secrets.yaml similarity index 100% rename from config-as-code/environments/ci-demo-secrets.yaml rename to deploy-as-code/helm/environments/ci-demo-secrets.yaml diff --git a/config-as-code/environments/ci-demo.yaml b/deploy-as-code/helm/environments/ci-demo.yaml similarity index 100% rename from config-as-code/environments/ci-demo.yaml rename to deploy-as-code/helm/environments/ci-demo.yaml diff --git a/config-as-code/environments/egov-demo-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-secrets.yaml similarity index 100% rename from config-as-code/environments/egov-demo-secrets.yaml rename to deploy-as-code/helm/environments/egov-demo-secrets.yaml diff --git a/config-as-code/environments/egov-demo-template-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml similarity index 100% rename from config-as-code/environments/egov-demo-template-secrets.yaml rename to deploy-as-code/helm/environments/egov-demo-template-secrets.yaml diff --git a/config-as-code/environments/egov-demo-template.yaml b/deploy-as-code/helm/environments/egov-demo-template.yaml similarity index 100% rename from config-as-code/environments/egov-demo-template.yaml rename to deploy-as-code/helm/environments/egov-demo-template.yaml diff --git a/config-as-code/environments/egov-demo.yaml b/deploy-as-code/helm/environments/egov-demo.yaml similarity index 100% rename from config-as-code/environments/egov-demo.yaml rename to deploy-as-code/helm/environments/egov-demo.yaml diff --git a/config-as-code/environments/quickstart-config-secrets.yaml b/deploy-as-code/helm/environments/quickstart-config-secrets.yaml similarity index 100% rename from config-as-code/environments/quickstart-config-secrets.yaml rename to deploy-as-code/helm/environments/quickstart-config-secrets.yaml diff --git a/config-as-code/environments/quickstart-config.yaml b/deploy-as-code/helm/environments/quickstart-config.yaml similarity index 100% rename from config-as-code/environments/quickstart-config.yaml rename to deploy-as-code/helm/environments/quickstart-config.yaml diff --git a/config-as-code/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml similarity index 100% rename from config-as-code/environments/unified-dev-secrets.yaml rename to deploy-as-code/helm/environments/unified-dev-secrets.yaml diff --git a/config-as-code/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml similarity index 100% rename from config-as-code/environments/unified-dev.yaml rename to deploy-as-code/helm/environments/unified-dev.yaml From faaa9a26de9e1c8bd7aae6aeb176ca37baf5f567 Mon Sep 17 00:00:00 2001 From: talele08 Date: Tue, 11 Apr 2023 11:44:47 +0530 Subject: [PATCH 146/742] changes the kms key (#1440) --- .../environments/unified-dev-secrets.yaml | 164 +++++++++--------- 1 file changed, 82 insertions(+), 82 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml index c9f7e32cc2..ca5df11ecc 100644 --- a/deploy-as-code/helm/environments/unified-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-dev-secrets.yaml @@ -1,125 +1,125 @@ cluster-configs: secrets: db: - username: ENC[AES256_GCM,data:YGPi3XdkNWkQsw==,iv:tfcvwdgdg8FWOL8o5recsC2gOZrrx4VrhRUcf1ioIqs=,tag:2JCEfBFHRtS94YkvU3x94g==,type:str] - password: ENC[AES256_GCM,data:ZXFi9K2olvPVD9ziJg==,iv:J8cgCSg5FEHKqOUBnNXLQes/kwDGPGDb2Cv9OJnhYP4=,tag:jd8fxNbB1+6ZWRIX/gj60Q==,type:str] - flywayUsername: ENC[AES256_GCM,data:gxBsXq3UTfK9PQ==,iv:2d/2TSULYpnla/jpQbUC11WKi74WDyfVZcGaBiTuqnU=,tag:oRhcHIlaeptv4jvMJHhCrw==,type:str] - flywayPassword: ENC[AES256_GCM,data:v/g66SmMniNtO3IXTg==,iv:V/yYwDhJk74mUPDaJoy1Zg059KOYG9qrGd2/b6jPMAE=,tag:RdtxgfbTeIwU9w428Dl7ag==,type:str] + username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] + password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] + flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] + flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] egov-notification-sms: - username: ENC[AES256_GCM,data:kd7VkchkkA==,iv:/G1T1C22KriGHSc++Yo7Um0HR3pcZh2v5Rk0ZZrv8BE=,tag:jQv1XpjbKbqifVluZpgmRw==,type:str] - password: ENC[AES256_GCM,data:wZQyhnBpzDA=,iv:1xIh2O24F138H+v/I3tN+GRdIHNdIot+qyxCONe6U1I=,tag:qapsx/kdZt6asAA+VxYrDw==,type:str] + username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] + password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:78lM4cOd0Bdc/bUIHFbaj4vbs/g=,iv:0r2Z0uPMLFWc6gdppr0u1jV1t/CLkQnXJA1MXf2t69s=,tag:d17VdYT7EdbjZgpnrbOo4w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ih+8SFHIq6aDqGEySzeyoctz73NGmFa1+DBMvKVz5a/g0P+T0zt6hg==,iv:Zer24kg7rykvxFwM7Ii+IGunupUdkZZzc07Y21edEQY=,tag:Dgq7hv9KUDxTmxdDezgpxA==,type:str] + aws-key: ENC[AES256_GCM,data:BbAOdX4eraGZG8XEeUk52JdTCzs=,iv:dY4wElIQE/w6OhExzH0NsZfubeL5+SQpu0oAd8T56/k=,tag:oHB9nkvpkyUwaoa9DH0OCg==,type:str] + aws-secret-key: ENC[AES256_GCM,data:N3BgZRp7Y07WU5Laufl7x9EuRYhbzZc2/NHtZWepl8MCv1c/Go/mPg==,iv:1Z1gd885HzpFxkA8Y78gZd4J2cxdwp6a4QZwQlukSgg=,tag:EGbJhJQJ1fT8VeliD363dg==,type:str] egov-filestore-azure: - account-name: ENC[AES256_GCM,data:feyIY3Q93CjJ6bNRNzJF,iv:Sff05zcAl9EtIyVbrEnzpIBjDXZePZFBrzYkKdsQQgM=,tag:caYjxW/F+6vjEjHRNa8cjg==,type:str] - account-key: ENC[AES256_GCM,data:IBGZWYcovLCbDlWgLM5MLHQxDk2FOrXKUulEmTDELPb/hNrG1VJFQxRU7hnQaihkPPs+pbzz1DmiYK+M1wtmamruNyBZ6lph/k2zii9ByHM1MF+piUwyQw==,iv:DBbZ7YPabuTdDZQpBnFS4sVCksnW7+6Pmaq5xHUoqBg=,tag:iM47xwQ2xSwgXnxW7thX8A==,type:str] + account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] + account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] egov-location: - gmapskey: ENC[AES256_GCM,data:HJd5Mfb/giZrSq5EuCY6zHOEf1NE9lNvOQpEHnyJ3GKGQqvj90gN,iv:mUzoWBiMx+Aks/7sx/Tt3f5IdDRGI+R+AbPibQ4w7o8=,tag:YmUrOP53wj+gU9lpJNEQrQ==,type:str] + gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:ch3vmQxWjKKYEHqFA91Ikg==,iv:pcqAmGgtw9pkwa9WeJx0WCv6M2+vF/kQN3ookk7gRC4=,tag:vxcuYdLo1b5eq6FFA8Kthw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:CHdNUQ/5+fyumT8os9qHA4UBAfL8oYEXNwfZ/KB1F24=,iv:CodzoLta5LeEfBazt0nPHN7BsdFieLMRQXfHT6Jee0o=,tag:4v0Fk95h8hXHYV9wDHZo1A==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:uV/drc+lfbBRlaPjU407,iv:iyzeRshKPQ2RAN64bzKAYahbo8eucnLCZyWukUxtyFc=,tag:jt1vN2cB1I8SOfVJCJlVCA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:U2Q2uVKgn+CAT5o=,iv:P0qg061JAHl+lN/AGoWnUhI9uCHDZ7V70N/pfQJb/J0=,tag:HyrTwzbUY6Y19Xyspev0uQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:IL8fNfa/Row=,iv:LKQY22K7keqduBNy/LC+5qW2xJMOkMzcINLjNQ944Jo=,tag:COif+D0/wmr1eTBdOUBKUg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:ui5SYi3f,iv:5hNAHfELEHMsiRpXRACdh49Z/JxJn1jr0V1uj6DBVSg=,tag:fjvRcW/Q3jEJzgQgzHgRWg==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:liTlKez64go=,iv:oRxigBvmA+UUgX3oSnf2Kfg9oE+yvgEPBhpFuxrSpms=,tag:/u+Wa5m70MQZ/+Ey272Ayg==,type:str] + axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] pgadmin: - admin-email: ENC[AES256_GCM,data:BmLUpgPP1spV8/2gszEX4pTxp0b5QvNPk0o=,iv:kVF6J3kbfcBao9iNNkizQwjCs1cA4Et9NFjqDHxY3W4=,tag:RLSKLlIS4ZXXLLz9OsHuHA==,type:str] - admin-password: ENC[AES256_GCM,data:UqSyE3x0DO4Rp1uneg==,iv:4CV/nCQMZtOZf9LK3EsuavXf2riZhR60C8H9LfqNpzc=,tag:4W4GMDnoXpuZFrN1W31LdA==,type:str] - read-email: ENC[AES256_GCM,data:+YvXu0nGYcdAqW10izH5n64CsHnnd2P3Qg==,iv:ElF93IF8rszx/Nmz2Biw4USlWyiNBeeCXKC0uXB3uzA=,tag:eZfwyjujY22qBYx6V+GGQA==,type:str] - read-password: ENC[AES256_GCM,data:iDlimiFWZOPX53ZMLA==,iv:opHgN89ZqY8gHwm143OKZ4fhJFGpXhykHg2rve/B02o=,tag:yJx2hAorriXcmb+tlm8+MA==,type:str] + admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] + admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] + read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] + read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] egov-enc-service: - master-password: ENC[AES256_GCM,data:Zx+lA/ybTERW4A2HA1I7aA==,iv:g/mqLJud4dezlFoMbTm4sO9gwH98/hXHTUXyLPvKZIA=,tag:VVTZ48ndRYQNAmclNx71QA==,type:str] - master-salt: ENC[AES256_GCM,data:8f+XlgAa9Dw=,iv:lk1A0B3Vpnc63wyd8w/Yt7J5KwMLLCTIqwNmg1shbtI=,tag:lJTEW42vKk5cWMT7T8qCNA==,type:str] - master-initialvector: ENC[AES256_GCM,data:rZYmjXcO4cPhfRBg,iv:tJF0RD4iwZkoSmEP408hCObZWo2BupqdXG8Fy+IqOvI=,tag:93uTcY2glt9vKWBwC7zlWw==,type:str] + master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] + master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] + master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:pXpYI4z48CLHirR0k0PbX8Aln9OmDUKCxLEz7vyL5sFo,iv:cDk+DrIp3zEOE10yG+HFNwWL9pLpJLA2dqq+vpVYu+Q=,tag:Y1ilIlMur4vDEdvdiYglIA==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:CtVr1xAOYXM=,iv:DhkFfmlQCl+CXU7FzwYN9rVyGwdZ7IHd3fM6Yil4xuU=,tag:LvMezOswNmnVQJ9WTHZKUw==,type:str] + mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] git-sync: - ssh: ENC[AES256_GCM,data:dLv7d6a5lYWpRFRHweJG9r9fEY1fsTrZWkBOYu+yKDbfalA5+mbRQ2EPDtHspvEexKYFnQjtwyJqtvFe0JASuUdG7WI9bqZKxmjvFR2cLgutsThvQQ894Fsr3eTJnwSx/6Bt5eZwR4DqiZZ8wa71/kCmqMmXM9T4K0E52AyUrZ0ZEQnt70vkcb0AjxylrW0VW7VyWcmIU/ZnJbSNxs8Rn02yL7fvMlmoS94QdvCjHJnzAUwkrXf7I9jcZLP9IEp0MBAO4PBu9fPxzAIyS5+ijIhn1IYf4JMv+HQ65cRI9C5gkxXUaAQNPlu9+dDCs29Yjdku0WLGInyL4ilrQ5Ld5oJySlv5UErnuxZn8juNiY4h/sF+4PiijwUWmpsFTSja/tRyXdTHIOO9n2uKtXzo8VqYn4ciZ/Q1ogjoYsJF3m+74gysPD7f+Zc5Ib2/XCEqoYeVZlCLm+E9+ANiaqr3gkxQ6SIP/31mxw9jhX58znSWnOAcuMyMA7L1LVdKeNT4Pc3kPw538QS+tGQr2iTKdQOoybokFB678iu/8+WBcV3miN56BBNHUYE/OjoYPNHaPMvTGOaFJd7gHQa+DN59ltXIaAo2rvbzuK0l1lCduM+WbSaeZ3gnhhLfA2yCeASF/4lpxFeFJkdZmCGRyiyJs1RVHbhzD1tmzLUmbOUhyB34aVUFOkVKBWQIn0T7xf6Z+7BLgcijUBcQENSMQXh3sBIC3O535QAc1XHrEnT58/pI/Q2x2m7zar6/q6tyOTOOR+dGOSYpSItVZ4+rqpJw9Ynvk+bTiJJEywQbnk0TwyyGScQx+IC+j0Pf286BdxdJGUhicRUesnb5YIhCfl2XZ+rIa00gaaa+qan127oCFYyzO5XMnONu8HkirNtwWxJFo4Q/R+sjwbkbM+gioyEwdhgoM6IpvJNxKgy1fCVYhkdWF2+jCTJMP2nWNiP343XzoaUx08XNclOvgqBGnRp4subEWiQu1LkFaTwfOY+5KQuWQOlmMwDlUmBI6KZLzpWn/0EXGj9P4GpB087tyMICizwxeT3I6jMmcAS3WJUzLv4kT1/mgZQKIzQmfhqlCpkKpKeEAfI6Jw1Os+UTUvs+FLh9bXgdXUkFWbuj1+PggEfJETkeDskAJifYJvlI9QcDniQwm/uJnYNl7pgUcruoK+5QuGesTAghCHW7k9EY0dVRwD32BGEo2mwGwucDxGcQGwNF/IKQ5jY+ckUu93lgZ/uqIzvgbUMHd0cuEQ7l6KN1/sLUzUHXVH/K1fjBvqM83rfY874W1lxLsiio7dFBkFVpbgswy+VpVXL36XA1dZA3+S5K5kbsHxCdABv4UtHX7bcoU2lfwpZ/A9ggcwhZ9js9UG1hxario2egn6277FrMfqKa4Y+x+DsnMJYpU9o61ynIt9DxFtR2h+rAeMeRHZ5qkt6d4o2xPippCR2NhF5DVTT6ytZqokjaDm8mws/iLLH8fvIC0dPqS6XAzaRjrMAXUyLQkDz9z5JTOxjNoMujouR7YsFKr52zHcXN5ogbiCUYcHrNCRd8qgF6d+4XcXsSxPG6uJf1j6Ytp7OQDyHSxowcScM9jA++cw2cyQXgNt6FSPSYX+60UxqjLdHPJlOM+dPL2FnxfVEkZmate2TYbQMtZzoJI2djfXmG8IR2tfuWM3t6SqRfvSIewTo6RJcziTa6xQMsQBhwch8GN4kJPrzLNtWfjAvRihKdEX8USHKSqKvJFGvGDW8YVsCHUXUWhAC/2RvDYjdtFLhhg/NnCA/yu+lgu562E8aa9XsIyLUu/lvqbDbi4uFgjcPyXs92bp8oVAeWTzZbsLKxEUEYynBHcIqmjC21/wVFp5itNK7+uL8sOS5KBF+zJQDO8WqDwhHnrj5SRqr0EPfW+zWBRnbNZORxkEF4PigMqDwA1IIT0a+TyANTnLf2U3Jo2CqYd0Ou+DCWilDL9v4QEnaLA/4W7jxvln7vkpQALdcYwR0IoF1krvmJADLw6iHk0nv0eSazfi0uqgiXGIipoToQGtGRI//FD8t+C2vEHs/rfFKgu8ZkvApy0LXncWah6GcVc/ezwoDGIBz7A5OKTen4KD4+lG0U6tjDux6iT/MFeijhz3QcYE0LhnsYSltp6smcEsIqZmQOIwA5RnZAvlqqBp7ps7fu/Od9xyw2upogkxuOksnyeTHnazcTa1zGBgu1CM+p0gMT9VcAj4A0OZZS1isRokHHxqGNH1EMyv0vrjld0gCEHNP9+Xu41UFctjEv8C/Iepyt+NVcD1spI+hGqc2zA36pHgqOwYK+D1LGKFROVOKZsS4A8HJ+HDoT9bdeAN/y1HlzPTR8OYMN2s99saTD72tYvp6+59duVxPDtmmM8LU/hSrSoLUOwk9pPlJB2fY4F7SaeLUiyLae1LIiHxH/E4ZyyeBYfO0EVl7rEt3NGZPbDp6s+Z4kLrafPiVRQC2fXgWpeTu38p4h420BQtpu+JfEvPKWvRQjguZDxveuRKFYIO+TaVdNDk0FvqGEFsXHOm9z/V2oYSCtyxoyX3a6C6AL/2v03us+5d5F5IW4QDeYwaIAE1FX1+cTJ+bKLieNmxLApwz5HaPbFo1CE2iJSwPNVqaMZF6l+9CFAH9D/RPsCBomB2VIdnYsdnVjRWNKOYbRM49fon2lCpZ4YEUySWkFTJSCLz7JQHE9yuCkcK6T6iIdJgiFiAPEFxF+Fzk9bd9+jYggpc7LMDqbicOKzM+vJ/PQAgrIFpIFjrCVOUmNFufQvaaStL+OcooEej8TRLx6k6DDmz7j/1SjrBr2+T2+Q4ThOmMQrNOBp7my/PDRn+YREXuNocVv+9Ey0lK1SipUDSgOIewsdQXRcfr4qtkRWGOgSdUSU1ccQeIjkyIxTuCFtfTs0mvPXtoICmK4agHXOsLfeFQPrQBdlhiO9LhSQzqDQjSyUd8/P+oEQkHFBjQll1eSpWX0XL7HzakTK5SG0JYnNr9J2O+z0z0U3Pc7ZK/9tA2kBkAzWWtC7A7d9aFTRepDcGj/bJEvhpSk2oa1xDn7LdQf9Fc0dS3rvnlQGH0dXHuVAZvYiDBnouPyD2vYKoEb3D7K0RCpdRxBLKKc4wfRgVYYAgX83KkmajO7Dl7iVPF5HuhaN3I0mVnV2FY0P6mEpiOtxUZ931l2KG+RYsmAlcUGF4QkNZjAxM+edV2XceIGX+6/bRJSW5a3tO8yq82/cOKxWdoa8MLmP716jDMPt5ujMOmsP51Ex5aRPQYQWNwwoVHYSQojp7ITu0wQv5WclvYwSWKKk6Ud9qGFBKQw7PFsvbBfo85Kf1eCANQoSoXevYAKQF7NWj5qfmCJcLecNOsntTqr9XW4GqvlzbyRqCuMOyuW/B5lLdqQHvNlE7BkmQ9yuileG3PIA1MVKsuOh4lp0jCPimh5rLBrTF0k8Yj8Syv5VCMHWdvuKExF5lB2SPnFpp3ExxHxIaXGuS9Ho8hAMfvdd6o8c+UikcYlfk8QxcIKnEnNHemjjwvL+IzShXnCForKFqWqsr0a/M0Gl7QHVLz1atmTjZkv5h4TAK2IjpBjyK2+Gq6RbpxPf9PmNXeK/1DTS/VDIqEUrCB/MaV3dbgVw/CExDguImGT3oHqjof359Hx3Oho47zcnJIAFcXdZnTvekhjjCsYMX29TbB3aZPIcXrjjne0k2OY6PhGY65eLuVzaHDaSSkqILR/o90+gDn4QjLiLbjuyqAayLrnpzvPG++ap4TpC1gJ1/OOT98yg4FmPWB78h7A/nQUxWyt/YKJO+Zsk08sl4XaB6xRnWtm7s+9gxTWyPbvESrpyCvuflex9rcPuh0F49led516GhcAGDh7Xtpk4VwsVqVTG6GuUM9VEsAHpM7npgEBP9vPEdER0UW+rNri44j8Qx8g6oeyGqa6X4i6aletcOs2hsc2oXRtc5Gj+J3U9eutSATgaKGXCzvloSKKARf3aFoFbhHQRv7O5Z5wwrOpTqez5lIUChHgdZhiArPDKI35fHgvmqwY62pbH3Pkeba3ZuY33TWrJsEtdXjDHhEfSQom4suUrYXAzRoWgjlJm9RXreivQPlQ7+GooUcWNtML6VsMUOqvjURF1t7CGUKk6fSXkjqIEdgrxkTueL+TW0AG2fjbEJ4fWjnrxeZy+IyDD+mcWn2WmvkOZwAE7DaZpNNZTZKNVVt8ya/7oSfcwKo/jOaDkgRR1KOaM09APZe0bwB9u04FAd8dQm/JOqo0Kq5xbMBNF45heU95ZM6QDGn+P8FiZNxTm8tSFEjwZ43JFwheFsml4qSiWlLVchaR7Jl3+mzah+4w5+BlC2cW,iv:heHyf5LdsEZGhj2OhOKLUteBzQF1DrMLVIIEmL3Z53E=,tag:7PGFouJv2UPLK0e96XHHOw==,type:str] - known-hosts: ENC[AES256_GCM,data:EaZ+sDdisnHrFNbjMrHpiVU4wwSAoKs47DWH93k/+jK0SuIkXPf6RjH8TabIGT1UxhrBFYPM5bJOsqpzb6If8YJTZ5tauLKbEaHdntwQZ7Pb5ya1JMKBC0PQIqGryu6H9rnEskauY1l+pQU9TBe6Ioh64gar/FMqTVrEW6ftvXR/gKj8EK5xGZVLecYjOFoPvoA4y+rRCUCN/kie1sD6mFlGHOg5cMjFA8A/gpwbQw5G8+EXKSk6jY+B+oJBGW/h+6U5aTp4MIpmSwEgMOSrH/qFDnBSbOSn+9fRSbaHktrnDhD7EsK5aMYmdNBPMO284IKWUWbcNpI6ML3RMQByZqlo6aBH4S8B6uGb1cg1ZSuL5ZuuhxCQ4fDNL7Kw8WNahgeg60CK1b7i5xMpa0WsM3UirFkzUxR4CWoHI76YpJ61LijFKaWeUbCmhGBLOHXbR0pm1yYlruJuI+vApH+Zlgy/X2w1fWPWBkLp5ztGZuwkkpy9Yg6i4ZwsYEbu9OPl378DmRdggg==,iv:bm6PvBBbTGYjYvjtMGwc9xoYDq0kFi73Ouo6pJjwJgA=,tag:HocIhN7LqZcIwTCMQl/ksA==,type:str] + ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] + known-hosts: ENC[AES256_GCM,data:P3LuwoI45GuJIv9kb/I8iuqICsqoBXBKczS7fr6JXNi+XY+BHaIuTVNENPutPzMEmc/OTyVEAl4XU0D6Sfs486ovm6g1j+Ly0WRXi4wcPQvkLMh8/3kJ8GfnS8EN7bG3caIRyhVyblpjHbGTuSlwnRQc4aNfAtrfaDbyJz0Q2SET4ai70imCVgvy7Ff9lFzJX7N0yITDhadI9w9cWzq1OgA/LC0vzlWNmOZbTaywM/fW/Nd9lhE02bTAXz63wYUYwgvwTDMcJvUSECaQ6hzMvkgPQfExKIFZyIEC0Id1dS9w5QqeT8Y4Xq1504YtJ0h+uU1od+TBLkFJmxX6pnRoK90ckF5lem9LJTL6rE/B4YeYVlAlcBzKP6l2h+XxtS/DjnGX9F3cwg+FPiiEcAGF/dAWPmAmn6CQvDkmZw9xcvE1JZjembwsZjbJiKByspMujxlnT8gwKciAMLrwezh7/Hvm1iAFMnW9sG9gf8/HiD93fk3w+pkpaKJz+zBx6ZpPN0H7cQdXrQ==,iv:PAbWS8I6kKn1LNalxzNZSnnwubM4fd3bDs/E3S1VQS4=,tag:Yg1nKXVyOJlQIACranCQKQ==,type:str] egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:UN5ID/37qR3U,iv:lODAmw7ghL0mLg/Utzy3pPWnfikpwXtKNHyVwnrvHxw=,tag:OflBOn4ymY9NCQQfNisUFQ==,type:str] - si-microservice-password: ENC[AES256_GCM,data:XRZQmldlm5FRpdAoHQ==,iv:L13x5PbrxM7WTsO1CNHtgo69Tv8DoXeTPiKP/2BlvD0=,tag:eJ8+QzDwk6WBhYqdtpDmBA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:fbLLDOecmeNesf35CKa8H1U=,iv:ZKrlzRzZwcEXnX/Ucf52oixqBNZ0GvdOqP08elD6h9E=,tag:vU2ENJ+8MmbSqBNdhLLvQQ==,type:str] + si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] + si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:9HmCUkbjb1/TyRTpspHLmsqaew63YXxEk18Qig==,iv:hG+1jhRq4KldrDYvT4iv9cOk8CLyGBMbyX3utWkyJD8=,tag:D/gFTBJ6aRA4OzsNX0swpw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:FMQz6Om4zHy/HxaGBx0GtA==,iv:JrOtYw+UKo74G9NRLKTQ9cgbcVOtqolatYlHGqGhMog=,tag:n0aeYOAkqSCcRzk1sterdA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:S58qWvz9Ww==,iv:7VlD/WVjGf4po93IBtNCtgg8MEMmqIg40gxvjzuzvY4=,tag:fZyknrSuzfwG6MVITrudFQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iq/UhnT4GQ==,iv:j3C1NZmf4pmhVF+W7XkvXupwvOGMjGAsIcV+FEEf0Fk=,tag:rc7mgWCXE15FeXfRXVq2Og==,type:str] + edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:HZ/Sne0q3gsSNH5Bdq4y,iv:49ImMzcca9a1WgqEGcGLZgp7NLsWcn9x4DVt2gMToFU=,tag:KXxJ6csSzvspGfVfTN5s2Q==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:tOYN7+Ma0ebDvrLiBfWeQPHFf12aTEqPtvgKlLN8Sdc=,iv:nzExrt2wKi9ArVT5gCeOXtkln65olEkvZ7vAVEV7Wpc=,tag:XVH0l2Rh+An+WycS+lY82w==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:HYhaa1EK,iv:LipWRiwoDZmeWbNayXV/7Y52ZqVi0wKZNQJvhqtLKzA=,tag:lrB9ifGDW9agHzD5dE8DqQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:HJLeAFljf/Y=,iv:/2umeIpJOcuQ47hb1G51Ky6XPTzlMqy2yYWHhgAkaIc=,tag:n+U6akVW+wYXXUeuarb75A==,type:str] + edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] chatbot: - valuefirst-username: ENC[AES256_GCM,data:NtKRZNAQ2hYJhxU=,iv:ojhF1m4F3BVeMokATjdFD9zMRKqedptFzKDtN79m1eQ=,tag:Zpbb6VKFe1nl0DHF1hhNew==,type:str] - valuefirst-password: ENC[AES256_GCM,data:xCeGWg0t4xI6,iv:LsB9V3vbw/ninAucmpZJOYUKBQz0RD5/ClMe/1thU8E=,tag:fOoO706kdrkpZ8O67mm+8A==,type:str] + valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] + valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:ASxOQS8D,iv:rdKh7F2rEjRKYC/SeGeKpOCuVCkbPj4nDWT3eOU15r8=,tag:DtczvcCK0G8mpQufIX4rKQ==,type:str] + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:GtnecHQEp3oCcD1JeMeH9w+Yogk=,iv:RxDCAak2rthAOamF9YCWAZ2Zz3uNYbjKUD2xxGGwlgg=,tag:MIfh151jkr1F2ZoWl2coqw==,type:str] - clientSecret: ENC[AES256_GCM,data:LykqD/ePgUmPx1xTWD8H2FcUOdQPBmBADgjZPNUMVj+unwDohlxdsw==,iv:w9bN8YCBCuctJ3h+hsO/MbNkmnEYghlgAfESWEmi1/Q=,tag:0EqEu74TC3GPIFE3qhgMKg==,type:str] - cookieSecret: ENC[AES256_GCM,data:+FccvrDdaljeukCBcLEDNkwiEvckpj6P,iv:HrcWg2U1mLxphiAON3r1Q1a1N/umHU9gH9qpMu/67JE=,tag:ALqaMZ8hcfhJuhLV+s+Vkg==,type:str] + clientID: ENC[AES256_GCM,data:yT/F7cLsWHtG89VVI7qbAmVXTxk=,iv:+/+Pp4VFN3ZCGR9XKbZNrzJPsV8lz+19fBwrC3Tvo1c=,tag:lgXlThijLj1Rwo/vBajz7Q==,type:str] + clientSecret: ENC[AES256_GCM,data:XqWk57Zv3fexIKJhWSxd7vDMAqlqDZnk2i43ctrGpcPpvVzmuPZH5Q==,iv:Lc/CBENbYMdMbPU3neUrbEnLZJaaKRUe0k3SwXSSSlo=,tag:IXiiFifxjD2B3/O6J+1PeA==,type:str] + cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] minio: - accesskey: ENC[AES256_GCM,data:d69TQNOIVOUWkRpk/twyV7Kf66M=,iv:J7WLDYpkq5RG8cxYQl8tuWNaM+4bcN1eJ1EUtwLjoxA=,tag:uj3/TTszoB/esy5ywEpKRw==,type:str] - secretkey: ENC[AES256_GCM,data:jcsU/OXE1dyY7aon27ET44udoSH7Ts/POWleNeNYrIYFgcwyQXFf4g==,iv:acfGuRKBPqRm+vmivsi2YsbhJq4Tz65CAM/XMuYjQKk=,tag:3zViv4aCfT7nhQFN7GxCTw==,type:str] + accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] + secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] alertmanager: config: global: - resolve_timeout: ENC[AES256_GCM,data:8A8=,iv:7WGiqKM3ys8uJBBdbHTS8JSSooI+TMr8Mf/AWS8cmW4=,tag:ALrCihNYh69GIpbQzBeE6g==,type:str] + resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] route: - receiver: ENC[AES256_GCM,data:2rdaUSNAM6ImJmDqhxMT8Bh1Aw==,iv:sTu/T4DhIAnToTekU0TiFJ9pkNODWJvvZk0kBzdsjM8=,tag:rJGnBS7OIxHQyV4VBjL8Aw==,type:str] + receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] group_by: - - ENC[AES256_GCM,data:2AWijuRQO52E,iv:rReOSv1dQxI/nAK0K5Hk8tRP3tgk2PKzJv7sNfpQ1eg=,tag:OcXeD0CUbYKB+GXr40fjfw==,type:str] + - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] routes: - - receiver: ENC[AES256_GCM,data:0ooBdOa9NyoLqshBrjhJ5KibEg==,iv:iH49JhLKPd0vVwiy+bVX9UjdAkunTqW8oqnwf1G7Aqc=,tag:jb/QBapOMj5YfVvpHmnbWw==,type:str] + - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] match: - alertname: ENC[AES256_GCM,data:yBu7hqwVaK8=,iv:8lpmsEGXiwNEDxa4zzkK0Bz2dBV4ILqJLdI0B/mmGHU=,tag:i5P3j4lwL70AlCK0IWVETg==,type:str] - group_wait: ENC[AES256_GCM,data:6tuh,iv:EtcLHEnb+ck/pjkTgiNi73B7J8J9MhF3vCDt+GdApD0=,tag:BE2e9T+yMcFh5OjAvs8xBA==,type:str] - group_interval: ENC[AES256_GCM,data:9ec=,iv:PZ9vjKq+nsN6iHA4b+KLW2NYTE0YoU24d5d27q1WEL0=,tag:+dEOdnx/zphDGSXhTfXD/g==,type:str] - repeat_interval: ENC[AES256_GCM,data:2SiN,iv:bcQ2JjP5tbXWdTWNaZWFt993vbjeuZ5RdhFAFpsaNt8=,tag:Tx9SlpyuIFEI+DUNX6dPMw==,type:str] + alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] + group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] + group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] + repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] receivers: - - name: ENC[AES256_GCM,data:kd7LAYtalDgnJ5Uz9Y2rRjkjeA==,iv:j5vjTikySVJiK6lGsIAli1BgLBqMVu7+CNGSwn1Zkfk=,tag:6Hmayt8SZavqwuTwDWuUlA==,type:str] + - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] slack_configs: - - send_resolved: ENC[AES256_GCM,data:R1VSTA==,iv:kzbc0NK1YQb3HUV6tOltFRUnDSHngCSi3HQp6m52f9w=,tag:3hvqsGFyo7R6ywc/A4ozyw==,type:bool] - api_url: ENC[AES256_GCM,data:ZEm/251csKWBYgsVNY2ubwDj628dlbGhN6bTVQ5WzNa9cwEQUI2cAE4mJdJEIi/AcaLd8tSa/oqRXs2lxKJv3tyNBLaBnijUe5g5TvicBQ==,iv:PTAAnm1hV3A56j77gxVj8uqT0fKU2RG9BC2AQEQ84yE=,tag:jt7GuvYBNnb6Cuo8wvKC1w==,type:str] - channel: ENC[AES256_GCM,data:8gI3Fo3Yjus96uLIt8XtyTIBb8Ev4Q==,iv:N0BGGZuzA0ORA6T7KaNa1qKjTmUWR35FjkbAiXgkIGE=,tag:aEvBur7Xalz06ZbUyQPrqQ==,type:str] - username: ENC[AES256_GCM,data:Zn9hbZD5OrAym+Bt,iv:rXDBgvlR0JjDUeFMYTb7fPDjU8b6bEbswPVShVk4Kyk=,tag:bOeFM9ltjNK7tKObpUWWjw==,type:str] - title: ENC[AES256_GCM,data:KQkpp3tD18tMzhS83WYvPRICPrGM26W55wXVSwyN8vaabyFUFkU=,iv:ogXHISNx+B4o/o0fAPT1ohNbDyoAdIokwSYwPPKAIOM=,tag:EX/baz/hgmqBZlsjDgDclg==,type:str] - text: ENC[AES256_GCM,data:pboNRVp+4UWJLwP0OzoTfphtemjbgIrpprbYniMhiQzP0Uwauw==,iv:6eEO9u/ghU0NR/OVHlre2cAQGY2RujjkJCV4P2mTFok=,tag:i38P0/gweKZTj8u6uUReDA==,type:str] + - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] + api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] + channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] + username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] + title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] + text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] templates: - - ENC[AES256_GCM,data:Xow+h9y6a2bs54/u56nxKFNgprTg4UiPzlI7EmsLCfU3267NE6tSvPZEJ4OCwTGAJO7h+cgma/aCttKGp+Er4LQU1Jfa9xU=,iv:JbG9MHYZaypOUP8xWI4eOOQ6RuXCRv65F6FJ5ozocS8=,tag:EKfFNZ8n9zI51XK3a5HFig==,type:str] + - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e - created_at: "2023-03-01T12:12:16Z" - enc: AQICAHhswFwv5rJMVR0x2V05/8AtIG12GA7fukIP1fl7KP4HVAHEQMi2iapIDmux/t1KKVa+AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMGLGR9RK9fqIR3U68AgEQgDv4Q1SmwI3wLb9dvsqSlNUv/6hVuJV4px1lksPiuaz8e2sF4OqUzc4fC6MHf1j3kjQtjIGLBnm80CvZig== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-04-11T06:12:24Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== aws_profile: "" gcp_kms: [] azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-04-05T04:47:59Z" - mac: ENC[AES256_GCM,data:pYygZpzP/p+5Q8xja69Kz+2Q6BW7fG572RRb+I9FBZ48T7OPNr3Z1pUFKeKIpFyQH8Tr3GkbWB8bRn9N0y4sSEdGo19+8Q50N0AntYc5D79SwD8xlrYHNWFv+Z0l3q4PlRKdhTZ5jYjiFulkGJ5IjxH0xkjs4HO97xIQ87Ob1m0=,iv:XWbBRhPCw/BwRxIaBLYeVq43y5QNi3NiPy832ZBCR98=,tag:yI1/5v4+q+vUMvhMhOQ9dg==,type:str] + lastmodified: "2023-04-11T06:12:26Z" + mac: ENC[AES256_GCM,data:Grb+TrGQK5K3xSgc7+XEfSSexOw6EEAKQ/bpRVCxSzuex6vRynPq0bdXIXu6CTws7qHHcrSgTiIFx8lJBVjbyigvgckMlSwVI2wav/zsJf6X1SzxX3I15WwVJ1BpWa7mIJojXEZKMAxGbttfaVTz36PkFRn45bQ4CBkgHK72a/E=,iv:FzorNtG1EC963ppohlXZ26mjyzUcbyfxrXfwsJ0jAF8=,tag:e8m0iQyJnLP1ygZmfxjN6A==,type:str] pgp: - - created_at: "2023-03-01T12:12:16Z" + - created_at: "2023-04-11T06:12:24Z" enc: | -----BEGIN PGP MESSAGE----- - hQGMA3QBUEHknBKFAQv/XRJrxyQKWMhMJu5q23nh0bgimNnJa+h66X0hyac6AQEa - t6XoRtqqrl4hrkST51UAqp2mPPUb38UWHXUyKU6DP/lBA95WWivaw1RkLWzMWyZZ - j1ov1tqEH9j8FT88pxAmPHRvgLIlQcM/KDbrrpBy/beql7XOFN15sOa0e3BZq/6j - tWIxkk58x9G9EGeIHLCBVGTOwrC53BFu2ymjb+IumQoY0yvYEqQFZFhUYMI5s2/p - 0Cpb1etLrt726DL9xvpGYzbsrqO22Pwy4vbH3frmhsyzS8kCOy8uVJy/JIakZdie - t2ocZxy3QNp9nH2sOtfMpFOMv8EzNoGBHYmLPeoATf06783zig8odweoTFUlbbrJ - Vjv0FJUVpV0QJpPEVaQyhRvv63g2jKwc08Bfm+P+sHbdqNMS5r48dgd4QYQ1XzcL - GYEIwweIq9/QH3xY91qw6yfUvR0i61mUUNiahtmdvBH6Q1hQCvJC6v0qL92fyrDs - eQPmwtkS2vyjq28FaP+N1GgBCQIQ0WIh9mD3Z5JHSorlz6DVha/440HV+HSUluoQ - QPscZ6LVwSa5hZtPnQ48Hg7XfFcSk0e2o690WcFaxdPpvGzcxO6FdAbzJGML+tAl - B1lc87PfKIyjJBCokWw9OiZkSS/wG3O/Zw== - =rrj6 + hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 + L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo + HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 + vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 + HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd + 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc + kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 + 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE + igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L + MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ + LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== + =NBp6 -----END PGP MESSAGE----- fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F unencrypted_suffix: _unencrypted From f3897921149e72f6f7c896b6c6eba424d1ef13eb Mon Sep 17 00:00:00 2001 From: talele08 Date: Tue, 11 Apr 2023 11:53:19 +0530 Subject: [PATCH 147/742] updated known-host (#1441) --- deploy-as-code/helm/environments/unified-dev-secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml index ca5df11ecc..eaf232c97d 100644 --- a/deploy-as-code/helm/environments/unified-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-dev-secrets.yaml @@ -38,7 +38,7 @@ cluster-configs: mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] git-sync: ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] - known-hosts: ENC[AES256_GCM,data:P3LuwoI45GuJIv9kb/I8iuqICsqoBXBKczS7fr6JXNi+XY+BHaIuTVNENPutPzMEmc/OTyVEAl4XU0D6Sfs486ovm6g1j+Ly0WRXi4wcPQvkLMh8/3kJ8GfnS8EN7bG3caIRyhVyblpjHbGTuSlwnRQc4aNfAtrfaDbyJz0Q2SET4ai70imCVgvy7Ff9lFzJX7N0yITDhadI9w9cWzq1OgA/LC0vzlWNmOZbTaywM/fW/Nd9lhE02bTAXz63wYUYwgvwTDMcJvUSECaQ6hzMvkgPQfExKIFZyIEC0Id1dS9w5QqeT8Y4Xq1504YtJ0h+uU1od+TBLkFJmxX6pnRoK90ckF5lem9LJTL6rE/B4YeYVlAlcBzKP6l2h+XxtS/DjnGX9F3cwg+FPiiEcAGF/dAWPmAmn6CQvDkmZw9xcvE1JZjembwsZjbJiKByspMujxlnT8gwKciAMLrwezh7/Hvm1iAFMnW9sG9gf8/HiD93fk3w+pkpaKJz+zBx6ZpPN0H7cQdXrQ==,iv:PAbWS8I6kKn1LNalxzNZSnnwubM4fd3bDs/E3S1VQS4=,tag:Yg1nKXVyOJlQIACranCQKQ==,type:str] + known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] egov-si-microservice: si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-04-11T06:12:26Z" - mac: ENC[AES256_GCM,data:Grb+TrGQK5K3xSgc7+XEfSSexOw6EEAKQ/bpRVCxSzuex6vRynPq0bdXIXu6CTws7qHHcrSgTiIFx8lJBVjbyigvgckMlSwVI2wav/zsJf6X1SzxX3I15WwVJ1BpWa7mIJojXEZKMAxGbttfaVTz36PkFRn45bQ4CBkgHK72a/E=,iv:FzorNtG1EC963ppohlXZ26mjyzUcbyfxrXfwsJ0jAF8=,tag:e8m0iQyJnLP1ygZmfxjN6A==,type:str] + lastmodified: "2023-04-11T06:22:14Z" + mac: ENC[AES256_GCM,data:ja9HWlgWrIJ0z4ujxZbnDo2yMHn71oJ8J4N+vK5AEwvlfOcRyVWHpoFafGhXFx3v8wt5ld0uAK62PhJSuGJ+Cp3JROycj8jnhPLJwLRB9hF7U2c8zUjlvoM0ByartA47AjH5Kf1bNzcUIcWUoN3LS9uZttSpfORKhwl7I/qmVP4=,iv:SbYRWPWpYBwNTp+UyuTUMGmZa55MBYmdejGj+IMV2Ik=,tag:NpUjOB7JV9VSQLYGdFyHQQ==,type:str] pgp: - created_at: "2023-04-11T06:12:24Z" enc: | From 7239e04db784356857dddabbcdda243085e930c4 Mon Sep 17 00:00:00 2001 From: Shashwat Mishra Date: Tue, 11 Apr 2023 12:52:26 +0530 Subject: [PATCH 148/742] [DEVOPS] Updated namespace for services --- .../helm/environments/unified-dev.yaml | 75 ++++++++++--------- 1 file changed, 40 insertions(+), 35 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a2b8c7263f..c4c0f0c5a1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -45,8 +45,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -63,25 +63,24 @@ cluster-configs: egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" egov-searcher: "http://egov-searcher:8080/" egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -99,10 +98,10 @@ cluster-configs: pt-property: "http://pt-property:8080/" pt-workflow: "http://pt-workflow:8080/" pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-calculator: "http://pt-calculator.urban:8080/" + pt-calculator-v2: "http://pt-calculator-v2.urban:8080/" pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" + property-services: "http://property-services.urban:8080/" pgr-master: "http://pgr-master:8080/" pgr-rest: "http://pgr-rest:8080/" pdf-service: "http://pdf-service.egov:8080/" @@ -115,33 +114,33 @@ cluster-configs: tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" + firenoc-services: "http://firenoc-services.urban:8080/" + firenoc-calculator: "http://firenoc-calculator.urban:8080/" + egov-apportion-service: "http://egov-apportion-service.egov:8080/" + bpa-services: "http://bpa-services.urban:8080/" + bpa-calculator: "http://bpa-calculator.urban:8080/" + rainmaker-pgr: "http://rainmaker-pgr.urban:8080/" + ws-calculator: "http://ws-calculator.urban:8080/" + ws-services: "http://ws-services.urban:8080/" + sw-services: "http://sw-services.urban:8080/" + sw-calculator: "http://sw-calculator.urban:8080/" + land-services: "http://land-services.urban:8080/" + noc-services: "http://noc-services.urban:8080/" minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" + zuul: "http://zuul.egov:8080/" + egov-url-shortening: "http://egov-url-shortening.egov:8080/" fsm-calculator: "http://fsm-calculator.sanitation:8080/" fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ + echallan-calculator: http://echallan-calculator.urban:8080/ + echallan-services: http://echallan-services.urban:8080/ inbox: "http://inbox.sanitation:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" + pgr-services: "http://pgr-services.urban:8080/" + birth-death-services: "http://birth-death-services.urban:8080/" egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" @@ -432,13 +431,18 @@ rainmaker-pgr: comment-by-employee-notif-enabled: "false" notification-allowed-status: "open,assigned,rejected,resolved" +property-services: + namespace: urban + pt-services-v2: pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" pt-calculator-v2: + namespace: urban logging-level: "DEBUG" tl-services: + namespace: urban heap: "-Xmx128m -Xms64m" memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring @@ -451,6 +455,7 @@ tl-services: tl-search-default-limit: "100" egov-workflow-v2: + namespace: egov logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" From b1819a1b64304d5fe0cd6ec1809a3c8df3834393 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Tue, 11 Apr 2023 15:51:05 +0530 Subject: [PATCH 149/742] Adding property-services replicas --- deploy-as-code/helm/environments/unified-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index c4c0f0c5a1..bd3e8654f4 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -432,6 +432,7 @@ rainmaker-pgr: notification-allowed-status: "open,assigned,rejected,resolved" property-services: + replicas: 1 namespace: urban pt-services-v2: From fcf2fe16f775c9163afd42b45e9abc32a1e7ce89 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Wed, 12 Apr 2023 12:15:22 +0530 Subject: [PATCH 150/742] Remove indentation --- .../helm/environments/unified-dev.yaml | 286 +++++++++--------- 1 file changed, 140 insertions(+), 146 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index bd3e8654f4..a9a78b04b3 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -3,145 +3,146 @@ global: setup: fullsetup cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring, sanitation ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pb" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator.urban:8080/" - pt-calculator-v2: "http://pt-calculator-v2.urban:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.urban:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services.urban:8080/" - firenoc-calculator: "http://firenoc-calculator.urban:8080/" - egov-apportion-service: "http://egov-apportion-service.egov:8080/" - bpa-services: "http://bpa-services.urban:8080/" - bpa-calculator: "http://bpa-calculator.urban:8080/" - rainmaker-pgr: "http://rainmaker-pgr.urban:8080/" - ws-calculator: "http://ws-calculator.urban:8080/" - ws-services: "http://ws-services.urban:8080/" - sw-services: "http://sw-services.urban:8080/" - sw-calculator: "http://sw-calculator.urban:8080/" - land-services: "http://land-services.urban:8080/" - noc-services: "http://noc-services.urban:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul.egov:8080/" - egov-url-shortening: "http://egov-url-shortening.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.urban:8080/ - echallan-services: http://echallan-services.urban:8080/ - inbox: "http://inbox.sanitation:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.urban:8080/" - birth-death-services: "http://birth-death-services.urban:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -431,19 +432,13 @@ rainmaker-pgr: comment-by-employee-notif-enabled: "false" notification-allowed-status: "open,assigned,rejected,resolved" -property-services: - replicas: 1 - namespace: urban - pt-services-v2: pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" pt-calculator-v2: - namespace: urban logging-level: "DEBUG" tl-services: - namespace: urban heap: "-Xmx128m -Xms64m" memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring @@ -456,7 +451,6 @@ tl-services: tl-search-default-limit: "100" egov-workflow-v2: - namespace: egov logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" @@ -695,4 +689,4 @@ es-curator: logs-cleanup-enabled: "true" jaeger-cleanup-enabled: "true" logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file From 31952a2af9dec260561d65e7013cc93f0a590113 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Thu, 13 Apr 2023 12:08:22 +0530 Subject: [PATCH 151/742] Adding idgen format to propery-services --- deploy-as-code/helm/environments/unified-dev.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a9a78b04b3..3dc3f0ef2d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -432,6 +432,15 @@ rainmaker-pgr: comment-by-employee-notif-enabled: "false" notification-allowed-status: "open,assigned,rejected,resolved" +property-services: + replicas: 1 + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + pt-services-v2: pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" From 6882c6c3e32ef09d6a36f0384629a5d7c8568e67 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Thu, 13 Apr 2023 12:46:37 +0530 Subject: [PATCH 152/742] updating memory limit for property services --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 3dc3f0ef2d..889b05b41b 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -434,6 +434,8 @@ rainmaker-pgr: property-services: replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" From 6af9b54a9de94caf6f43b81655a1607b3eb58340 Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:00:58 +0530 Subject: [PATCH 153/742] changed memory for collection services to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 889b05b41b..0ee79c551e 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -409,6 +409,8 @@ collection-services: receipt-search-paginate: "true" receipt-search-defaultsize: 30 user-create-enabled: "true" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi collection-receipt-voucher-consumer: jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" From 4c0145e3d4611dc9f53b310c0c8ef8dbc38659ff Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:10:36 +0530 Subject: [PATCH 154/742] changed memory limit for filestore to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 0ee79c551e..41d5fb8d3d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -175,6 +175,8 @@ egov-filestore: allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 fixed-bucketname: filestore bucket name ## Add filestore bucket name + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-idgen: idformat-from-mdms: "true" From 203f52765480b8884da56ea87a601a571e168a04 Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:17:51 +0530 Subject: [PATCH 155/742] changed memory limit for hrms to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 41d5fb8d3d..a9c5a27da7 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -475,8 +475,9 @@ egov-workflow-v2: egov-hrms: java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-weekly-impact-notifier: From cbf92331573178028a24d07bdb569d00095745cb Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:25:26 +0530 Subject: [PATCH 156/742] changed memory limit of mdms to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a9c5a27da7..e231e2b175 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -277,6 +277,8 @@ egov-mdms-service: mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" From bfead7cbf74c307cd053730716e8b23a3b4a814a Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:28:30 +0530 Subject: [PATCH 157/742] changed persister memory limit to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e231e2b175..1613997535 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -291,6 +291,8 @@ egov-indexer: egov-persister: replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" From 63ad5626d499099e451e7559a29b03afc85b19de Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:34:39 +0530 Subject: [PATCH 158/742] changed memory limit of pg-service to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 1613997535..94a13e70c7 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -263,6 +263,8 @@ sw-services: egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: From 3a4512285bec5a5637ccc8235d352750f6699f2f Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Thu, 13 Apr 2023 16:42:25 +0530 Subject: [PATCH 159/742] changed finance-collections-voucher-consumer memory limit to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 94a13e70c7..ac8ddbf10f 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -431,6 +431,8 @@ collection-receipt-voucher-consumer: finance-collections-voucher-consumer: erp-env-name: "qa" erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi # rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rainmaker-pgr: From bc5b8f93492af7f3097d3de14359ca96b0d71843 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Fri, 14 Apr 2023 10:53:02 +0530 Subject: [PATCH 160/742] Updating localization memory --- deploy-as-code/helm/environments/unified-dev.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ac8ddbf10f..7d2aa56a49 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -303,6 +303,11 @@ egov-persister: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UAT" ##### Change repo branch with Your fork Repo branch +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-data-uploader: initContainers: gitSync: From 58d7f7c043feb0aceb7cdff1a5432534a8407283 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Sat, 15 Apr 2023 14:11:23 +0530 Subject: [PATCH 161/742] Enable decryption in user service --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 7d2aa56a49..824aa982f5 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -216,7 +216,7 @@ egov-user: citizen-otp-fixed: "123456" citizen-otp-fixed-enabled: "true" egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" + decryption-abac-enabled: "true" chatbot: kafka-topics-partition-count: 3 From c211430367eaf1132f366f8befdb9a15a77d4423 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Sat, 15 Apr 2023 14:49:30 +0530 Subject: [PATCH 162/742] Adding enc-service state-level-tenant-id --- deploy-as-code/helm/environments/unified-dev.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 824aa982f5..883b94d196 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -596,6 +596,9 @@ fluent-bit: egov-infra-log-topic: "egov-infra-logs" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-enc-service: + state-level-tenant-id: "pb" + # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: image: From 2da408100ea5e1386c0994178adcba93972c5707 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Sat, 15 Apr 2023 14:56:47 +0530 Subject: [PATCH 163/742] updating enc-service memory --- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 883b94d196..b1ed8690fe 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -597,6 +597,8 @@ fluent-bit: # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From d7dcad80ac980c210fac5b36ac325bfccd62eb86 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Sat, 15 Apr 2023 15:24:51 +0530 Subject: [PATCH 164/742] update url-shortening --- deploy-as-code/helm/environments/unified-dev.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index b1ed8690fe..35cdb79b70 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -178,6 +178,13 @@ egov-filestore: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi +egov-url-shortening: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "5" + egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring From bdc47b282c713841f844cacb81af8b01b95de4e3 Mon Sep 17 00:00:00 2001 From: shubhang-egov Date: Mon, 17 Apr 2023 12:32:18 +0530 Subject: [PATCH 165/742] changed workflow service memory limit to 512 --- deploy-as-code/helm/environments/unified-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ac8ddbf10f..cbb5ba5666 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -477,6 +477,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" From cd4b21f974499c5c108e957940e83ea89f86b055 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov Date: Wed, 19 Apr 2023 15:02:39 +0530 Subject: [PATCH 166/742] namespace seperation --- .../sanitation/fsm-calculator/Chart.yaml | 26 ++++ .../fsm-calculator/templates/deployment.yaml | 2 + .../fsm-calculator/templates/ingress.yaml | 2 + .../fsm-calculator/templates/service.yaml | 2 + .../sanitation/fsm-calculator/values.yaml | 76 ++++++++++ .../helm/charts/sanitation/fsm/Chart.yaml | 26 ++++ .../sanitation/fsm/templates/deployment.yaml | 2 + .../sanitation/fsm/templates/ingress.yaml | 2 + .../sanitation/fsm/templates/service.yaml | 2 + .../helm/charts/sanitation/fsm/values.yaml | 138 ++++++++++++++++++ .../helm/charts/sanitation/vehicle/Chart.yaml | 26 ++++ .../vehicle/templates/deployment.yaml | 2 + .../sanitation/vehicle/templates/ingress.yaml | 2 + .../sanitation/vehicle/templates/service.yaml | 2 + .../charts/sanitation/vehicle/values.yaml | 95 ++++++++++++ .../helm/charts/sanitation/vendor/Chart.yaml | 26 ++++ .../vendor/templates/deployment.yaml | 2 + .../sanitation/vendor/templates/ingress.yaml | 2 + .../sanitation/vendor/templates/service.yaml | 2 + .../helm/charts/sanitation/vendor/values.yaml | 84 +++++++++++ 20 files changed, 521 insertions(+) create mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/fsm/values.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vehicle/values.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vendor/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vendor/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/vendor/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/Chart.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/Chart.yaml new file mode 100644 index 0000000000..63eef01da4 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: fsm-calculator +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml new file mode 100644 index 0000000000..a05754d8a1 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml @@ -0,0 +1,76 @@ +namespace : sanitation +# Common Labels +labels: + app: "fsm-calculator" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "fsm-calculator" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "fsm-calculator_schema" + image: + repository: "fsm-calculator-db" + +# Container Configs +image: + repository: "fsm-calculator" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/fsm-calculator/health" + readinessProbePath: "/fsm-calculator/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXTPATH + value: /fsm-calculator + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: fsm-calculator + - name: PERSISTER_SAVE_BILLING_SLAB_TOPIC + value: save-fsm-billing-slab + - name: PERSISTER_UPDATE_BILLING_SLAB_TOPIC + value: update-fsm-billing-slab + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_BILLINGSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: billing-service + - name: EGOV_FSM_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: fsm + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/sanitation/fsm/Chart.yaml b/deploy-as-code/helm/charts/sanitation/fsm/Chart.yaml new file mode 100644 index 0000000000..f691afbdff --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: fsm +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/fsm/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/fsm/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/fsm/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/fsm/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/fsm/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/fsm/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml new file mode 100644 index 0000000000..45c777989d --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -0,0 +1,138 @@ +namespace : sanitation +# Common Labels +labels: + app: "fsm" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "fsm" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "fsm_schema" + image: + repository: "fsm-db" + +# Container Configs +image: + repository: "fsm" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/fsm/health" + readinessProbePath: "/fsm/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" +egov.idgen.fsm.applicationNum.format: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_BILLINGSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: billing-service + - name: EGOV_COLLECTION_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: collection-services + - name: EGOV_FSM_CALCULATOR_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: fsm-calculator + - name: EGOV_VEHICLE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: vehicle + - name: EGOV_VENDOR_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: vendor + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: WORKFLOW_CONTEXT_PATH + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKFLOW_TRANSITION_PATH + value: "egov-workflow-v2/egov-wf/process/_transition" + - name: EGOV_IDGEN_FSM_APPLICATIONNUM_FORMAT + value: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-fsm-service + - name: PERSISTER_SAVE_FSM_TOPIC + value: save-fsm-application + - name: PERSISTER_UPDATE_FSM_TOPIC + value: update-fsm-application + - name: PERSISTER_UPDATE_FSM_WORKFLOW_TOPIC + value: update-fsm-workflow-application + - name: PERSISTER_UPDATE_FSM_ADHOC_TOPIC + value: update-fsm-adhoc-application + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/Chart.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/Chart.yaml new file mode 100644 index 0000000000..04364c9c08 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vehicle/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: vehicle +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vehicle/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vehicle/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vehicle/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml new file mode 100644 index 0000000000..efbafea07b --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml @@ -0,0 +1,95 @@ +namespace : sanitation +# Common Labels +labels: + app: "vehicle" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "vehicle" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "vehicle_schema" + image: + repository: "vehicle-db" + +# Container Configs +image: + repository: "vehicle" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/vehicle/health" + readinessProbePath: "/vehicle/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" +egov.idgen.vehicle.trip.applicationNum.format: "[CITY.CODE]-VT-[cy:yyyy-MM-dd]-[SEQ_EGOV_VEHICLETRIP]" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: WORKFLOW_CONTEXT_PATH + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKFLOW_TRANSITION_PATH + value: "egov-workflow-v2/egov-wf/process/_transition" + - name: EGOV_IDEN_VEHICLE_TRIP_APPLICATIONNUM_FORMAT + value: "[CITY.CODE]-VT-[cy:yyyy-MM-dd]-[SEQ_EGOV_VEHICLETRIP]" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-vehicle-services + - name: PERSISTER_SAVE_VEHICLE_TOPIC + value: save-vehicle-application + - name: PERSISTER_UPDATE_VEHICLE_TOPIC + value: update-vehicle-application + - name: PERSISTER_SAVE_VEHICLE_TRIP_TOPIC + value: save-vehicle-trip + - name: PERSISTER_UPDATE_VEHICLE_TRIP_TOPIC + value: update-vehicle-trip + - name: PERSISTER_UPDATE_VEHICLE_TRIP_WORKFLOW_TOPIC + value: update-workflow-vehicle-trip + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/sanitation/vendor/Chart.yaml b/deploy-as-code/helm/charts/sanitation/vendor/Chart.yaml new file mode 100644 index 0000000000..dffbd24e93 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vendor/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: vendor +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/vendor/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/vendor/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vendor/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vendor/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/vendor/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vendor/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vendor/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/vendor/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vendor/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml new file mode 100644 index 0000000000..cd96632f6d --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml @@ -0,0 +1,84 @@ +namespace : sanitation +# Common Labels +labels: + app: "vendor" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "vendor" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "vendor_schema" + image: + repository: "vendor-db" + +# Container Configs +image: + repository: "vendor" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/vendor/health" + readinessProbePath: "/vendor/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: EGOV_VEHICLE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: vehicle + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-vendor-services + - name: PERSISTER_SAVE_VENDOR_TOPIC + value: save-vendor-application + - name: PERSISTER_UPDATE_VENDOR_TOPIC + value: update-vendor-application + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} From 0a51dfaf585245a9ebc2a5d413eb61cd25a53990 Mon Sep 17 00:00:00 2001 From: Abhishek-eGov Date: Thu, 20 Apr 2023 14:51:09 +0530 Subject: [PATCH 167/742] change context path egov-url-shortening to eus --- .../charts/core-services/egov-url-shortening/values.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 030181faa5..beab2a3dd9 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -7,7 +7,7 @@ labels: ingress: enabled: true zuul: false - context: "egov-url-shortening" + context: "eus" # Init Containers Configs initContainers: @@ -29,7 +29,7 @@ appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" -server-context: "/egov-url-shortening" +server-context: "/eus" # Additional Container Envs env: | diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e8bca6669b..4e8d038496 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -130,7 +130,7 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" + egov-url-shortening: "http://eus:8080/" fsm-calculator: "http://fsm-calculator.sanitation:8080/" fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" @@ -181,9 +181,9 @@ egov-filestore: egov-url-shortening: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + egov-url-shortner-endpoint: "/eus/shortener" hashids-salt: "randomsalt" - hashids-min-length: "5" + hashids-min-length: "2" egov-idgen: idformat-from-mdms: "true" @@ -419,7 +419,7 @@ zuul: heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 68e37a29c8b93bfc37261142f688589d93f96afc Mon Sep 17 00:00:00 2001 From: Gowtham-egov <112694085+Gowtham-egov@users.noreply.github.com> Date: Tue, 25 Apr 2023 12:38:27 +0530 Subject: [PATCH 168/742] added sanitation yaml and secrets yaml (#1523) --- deploy-as-code/helm/.sops.yaml | 8 + .../helm/environments/sanitation-secrets.yaml | 126 +++ .../helm/environments/sanitation.yaml | 734 ++++++++++++++++++ 3 files changed, 868 insertions(+) create mode 100644 deploy-as-code/helm/.sops.yaml create mode 100644 deploy-as-code/helm/environments/sanitation-secrets.yaml create mode 100644 deploy-as-code/helm/environments/sanitation.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml new file mode 100644 index 0000000000..c61878468e --- /dev/null +++ b/deploy-as-code/helm/.sops.yaml @@ -0,0 +1,8 @@ +# creation rules are evaluated sequentially, the first match wins +creation_rules: + # upon creation of a file that matches the pattern *dev.yaml, + # KMS set A is used + # eGOV Internal ------------------------------------------------------------------------------------------------------------- # + - path_regex: environments/sanitation\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' + pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' diff --git a/deploy-as-code/helm/environments/sanitation-secrets.yaml b/deploy-as-code/helm/environments/sanitation-secrets.yaml new file mode 100644 index 0000000000..eaf232c97d --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation-secrets.yaml @@ -0,0 +1,126 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] + password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] + flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] + flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] + password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:BbAOdX4eraGZG8XEeUk52JdTCzs=,iv:dY4wElIQE/w6OhExzH0NsZfubeL5+SQpu0oAd8T56/k=,tag:oHB9nkvpkyUwaoa9DH0OCg==,type:str] + aws-secret-key: ENC[AES256_GCM,data:N3BgZRp7Y07WU5Laufl7x9EuRYhbzZc2/NHtZWepl8MCv1c/Go/mPg==,iv:1Z1gd885HzpFxkA8Y78gZd4J2cxdwp6a4QZwQlukSgg=,tag:EGbJhJQJ1fT8VeliD363dg==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] + account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] + admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] + read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] + read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] + master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] + master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] + known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] + si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] + valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:yT/F7cLsWHtG89VVI7qbAmVXTxk=,iv:+/+Pp4VFN3ZCGR9XKbZNrzJPsV8lz+19fBwrC3Tvo1c=,tag:lgXlThijLj1Rwo/vBajz7Q==,type:str] + clientSecret: ENC[AES256_GCM,data:XqWk57Zv3fexIKJhWSxd7vDMAqlqDZnk2i43ctrGpcPpvVzmuPZH5Q==,iv:Lc/CBENbYMdMbPU3neUrbEnLZJaaKRUe0k3SwXSSSlo=,tag:IXiiFifxjD2B3/O6J+1PeA==,type:str] + cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] + secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] + route: + receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] + group_by: + - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] + match: + alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] + group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] + group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] + repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] + receivers: + - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] + api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] + channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] + username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] + title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] + text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] + templates: + - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-04-11T06:12:24Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-04-11T06:22:14Z" + mac: ENC[AES256_GCM,data:ja9HWlgWrIJ0z4ujxZbnDo2yMHn71oJ8J4N+vK5AEwvlfOcRyVWHpoFafGhXFx3v8wt5ld0uAK62PhJSuGJ+Cp3JROycj8jnhPLJwLRB9hF7U2c8zUjlvoM0ByartA47AjH5Kf1bNzcUIcWUoN3LS9uZttSpfORKhwl7I/qmVP4=,iv:SbYRWPWpYBwNTp+UyuTUMGmZa55MBYmdejGj+IMV2Ik=,tag:NpUjOB7JV9VSQLYGdFyHQQ==,type:str] + pgp: + - created_at: "2023-04-11T06:12:24Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 + L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo + HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 + vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 + HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd + 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc + kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 + 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE + igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L + MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ + LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== + =NBp6 + -----END PGP MESSAGE----- + fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml new file mode 100644 index 0000000000..4e8d038496 --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -0,0 +1,734 @@ +global: + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-url-shortening: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-url-shortner-endpoint: "/eus/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "2" + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 300Mi + heap: "-Xmx128m -Xms128m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 256Mi + heap: -Xmx128m -Xms128m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx550m -Xms550m" + resources: + requests: + memory: "1Gi" + limits: + memory: "1Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + + +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "dev_readonly" + + +playground: + replicas: 1 + images: + - egovio/playground:v2 + + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file From 9a655a50466ce1ebb0014a785e6cf8f1bb549fd8 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 25 Apr 2023 13:12:48 +0530 Subject: [PATCH 169/742] Removed core service configuration Removed core service configuration --- .../helm/environments/sanitation.yaml | 61 +------------------ 1 file changed, 1 insertion(+), 60 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 4e8d038496..8be65dffcb 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -164,66 +164,7 @@ citizen: ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-url-shortening: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-url-shortner-endpoint: "/eus/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "2" -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" chatbot: kafka-topics-partition-count: 3 @@ -731,4 +672,4 @@ es-curator: logs-cleanup-enabled: "true" jaeger-cleanup-enabled: "true" logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 53d6289f22493bdee637db28a8e17da7d199c116 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 25 Apr 2023 14:20:12 +0530 Subject: [PATCH 170/742] added ui config added ui config --- deploy-as-code/helm/environments/sanitation.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 8be65dffcb..8adf294aac 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -165,6 +165,12 @@ citizen: ';" +sanitation-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" chatbot: kafka-topics-partition-count: 3 From ac285b0f651c951f95aa2a6e8305a9ac7838cd2a Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov Date: Tue, 25 Apr 2023 14:30:39 +0530 Subject: [PATCH 171/742] Added chart for sanitation-ui --- .../sanitation/sanitation-ui/Chart.yaml | 26 ++++++++++++++ .../sanitation-ui/templates/deployment.yaml | 2 ++ .../sanitation-ui/templates/ingress.yaml | 2 ++ .../sanitation-ui/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../sanitation/sanitation-ui/values.yaml | 34 +++++++++++++++++++ 6 files changed, 77 insertions(+) create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/Chart.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/Chart.yaml new file mode 100644 index 0000000000..1095f460a7 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: sanitation-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml new file mode 100644 index 0000000000..f35bb8d449 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "sanitation-ui" + group: "web" + +namespace: sanitation + +# Ingress Configs +ingress: + enabled: true + context: "sanitation-ui" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "sanitation-ui" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/sanitation-ui/" + readinessProbePath: "/sanitation-ui/" + +extraVolumes: | + - name: js-injection + configMap: + name: sanitation-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf From 22d99ebb1fdb262d119714b480d0a0de350b547b Mon Sep 17 00:00:00 2001 From: Shashwat Mishra <71879793+shashwat-egov@users.noreply.github.com> Date: Tue, 25 Apr 2023 18:02:52 +0530 Subject: [PATCH 172/742] Update _ingress.yaml --- deploy-as-code/helm/charts/common/templates/_ingress.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/common/templates/_ingress.yaml b/deploy-as-code/helm/charts/common/templates/_ingress.yaml index a47a9f4113..e4cb6671e8 100644 --- a/deploy-as-code/helm/charts/common/templates/_ingress.yaml +++ b/deploy-as-code/helm/charts/common/templates/_ingress.yaml @@ -5,7 +5,11 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ template "common.name" . }} +{{- if .Values.ingress.namespace }} + namespace: {{ .Values.ingress.namespace }} +{{- else }} namespace: {{ .Values.namespace }} +{{- end }} annotations: {{- toYaml .Values.ingress.annotations | nindent 4 }} {{- if .Values.ingress.waf.enabled }} From b82a5b43024b67840142125f1a9a7fd21303f0f6 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 25 Apr 2023 18:05:11 +0530 Subject: [PATCH 173/742] Update values.yaml --- deploy-as-code/helm/charts/sanitation/fsm/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml index 45c777989d..74ff561d10 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -9,6 +9,7 @@ ingress: enabled: true zuul: true context: "fsm" + namespace : egov # Init Containers Configs initContainers: From 8ead7db9ff8d9d67f5c45982af4d331c583765f6 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 26 Apr 2023 10:56:43 +0530 Subject: [PATCH 174/742] Removed fsm, fsm-calculator, vehicle and vendor (#1536) --- .../fsm-calculator/Chart.yaml | 26 ---- .../fsm-calculator/templates/deployment.yaml | 2 - .../fsm-calculator/templates/ingress.yaml | 2 - .../fsm-calculator/templates/service.yaml | 2 - .../fsm-calculator/values.yaml | 76 ---------- .../charts/municipal-services/fsm/Chart.yaml | 26 ---- .../fsm/templates/deployment.yaml | 2 - .../fsm/templates/ingress.yaml | 2 - .../fsm/templates/service.yaml | 2 - .../charts/municipal-services/fsm/values.yaml | 138 ------------------ .../municipal-services/vehicle/Chart.yaml | 26 ---- .../vehicle/templates/deployment.yaml | 2 - .../vehicle/templates/ingress.yaml | 2 - .../vehicle/templates/service.yaml | 2 - .../municipal-services/vehicle/values.yaml | 95 ------------ .../municipal-services/vendor/Chart.yaml | 26 ---- .../vendor/templates/deployment.yaml | 2 - .../vendor/templates/ingress.yaml | 2 - .../vendor/templates/service.yaml | 2 - .../municipal-services/vendor/values.yaml | 84 ----------- 20 files changed, 521 deletions(-) delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/fsm/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/vendor/values.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml deleted file mode 100644 index 63eef01da4..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: fsm-calculator -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml deleted file mode 100644 index a05754d8a1..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm-calculator/values.yaml +++ /dev/null @@ -1,76 +0,0 @@ -namespace : sanitation -# Common Labels -labels: - app: "fsm-calculator" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "fsm-calculator" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "fsm-calculator_schema" - image: - repository: "fsm-calculator-db" - -# Container Configs -image: - repository: "fsm-calculator" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/fsm-calculator/health" - readinessProbePath: "/fsm-calculator/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: SERVER_CONTEXTPATH - value: /fsm-calculator - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: fsm-calculator - - name: PERSISTER_SAVE_BILLING_SLAB_TOPIC - value: save-fsm-billing-slab - - name: PERSISTER_UPDATE_BILLING_SLAB_TOPIC - value: update-fsm-billing-slab - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_BILLINGSERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: billing-service - - name: EGOV_FSM_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: fsm - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml deleted file mode 100644 index f691afbdff..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: fsm -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml deleted file mode 100644 index 96fb6e00a0..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml deleted file mode 100644 index cc12d64759..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml deleted file mode 100644 index 454d8db3b6..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/fsm/values.yaml b/deploy-as-code/helm/charts/municipal-services/fsm/values.yaml deleted file mode 100644 index 45c777989d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/fsm/values.yaml +++ /dev/null @@ -1,138 +0,0 @@ -namespace : sanitation -# Common Labels -labels: - app: "fsm" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "fsm" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "fsm_schema" - image: - repository: "fsm-db" - -# Container Configs -image: - repository: "fsm" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/fsm/health" - readinessProbePath: "/fsm/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx256m -Xms256m" -java-args: "-Dspring.profiles.active=monitoring" -egov.idgen.fsm.applicationNum.format: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" - -# Additional Container Envs -env: | - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_URL_SHORTNER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-url-shortening - - name: EGOV_PDF_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: pdf-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_BILLINGSERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: billing-service - - name: EGOV_COLLECTION_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: collection-services - - name: EGOV_FSM_CALCULATOR_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: fsm-calculator - - name: EGOV_VEHICLE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: vehicle - - name: EGOV_VENDOR_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: vendor - - name: EGOV_UI_APP_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: WORKFLOW_CONTEXT_PATH - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - - name: WORKFLOW_TRANSITION_PATH - value: "egov-workflow-v2/egov-wf/process/_transition" - - name: EGOV_IDGEN_FSM_APPLICATIONNUM_FORMAT - value: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-fsm-service - - name: PERSISTER_SAVE_FSM_TOPIC - value: save-fsm-application - - name: PERSISTER_UPDATE_FSM_TOPIC - value: update-fsm-application - - name: PERSISTER_UPDATE_FSM_WORKFLOW_TOPIC - value: update-fsm-workflow-application - - name: PERSISTER_UPDATE_FSM_ADHOC_TOPIC - value: update-fsm-adhoc-application - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml deleted file mode 100644 index 04364c9c08..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vehicle/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: vehicle -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml deleted file mode 100644 index 96fb6e00a0..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml deleted file mode 100644 index cc12d64759..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml deleted file mode 100644 index 454d8db3b6..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vehicle/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml b/deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml deleted file mode 100644 index efbafea07b..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vehicle/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -namespace : sanitation -# Common Labels -labels: - app: "vehicle" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "vehicle" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "vehicle_schema" - image: - repository: "vehicle-db" - -# Container Configs -image: - repository: "vehicle" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/vehicle/health" - readinessProbePath: "/vehicle/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx256m -Xms256m" -java-args: "-Dspring.profiles.active=monitoring" -egov.idgen.vehicle.trip.applicationNum.format: "[CITY.CODE]-VT-[cy:yyyy-MM-dd]-[SEQ_EGOV_VEHICLETRIP]" - -# Additional Container Envs -env: | - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_HRMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-hrms - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: WORKFLOW_CONTEXT_PATH - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - - name: WORKFLOW_TRANSITION_PATH - value: "egov-workflow-v2/egov-wf/process/_transition" - - name: EGOV_IDEN_VEHICLE_TRIP_APPLICATIONNUM_FORMAT - value: "[CITY.CODE]-VT-[cy:yyyy-MM-dd]-[SEQ_EGOV_VEHICLETRIP]" - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-vehicle-services - - name: PERSISTER_SAVE_VEHICLE_TOPIC - value: save-vehicle-application - - name: PERSISTER_UPDATE_VEHICLE_TOPIC - value: update-vehicle-application - - name: PERSISTER_SAVE_VEHICLE_TRIP_TOPIC - value: save-vehicle-trip - - name: PERSISTER_UPDATE_VEHICLE_TRIP_TOPIC - value: update-vehicle-trip - - name: PERSISTER_UPDATE_VEHICLE_TRIP_WORKFLOW_TOPIC - value: update-workflow-vehicle-trip - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml deleted file mode 100644 index dffbd24e93..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vendor/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: vendor -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml deleted file mode 100644 index 96fb6e00a0..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vendor/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml deleted file mode 100644 index cc12d64759..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vendor/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml deleted file mode 100644 index 454d8db3b6..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vendor/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/vendor/values.yaml b/deploy-as-code/helm/charts/municipal-services/vendor/values.yaml deleted file mode 100644 index cd96632f6d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/vendor/values.yaml +++ /dev/null @@ -1,84 +0,0 @@ -namespace : sanitation -# Common Labels -labels: - app: "vendor" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "vendor" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "vendor_schema" - image: - repository: "vendor-db" - -# Container Configs -image: - repository: "vendor" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/vendor/health" - readinessProbePath: "/vendor/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx256m -Xms256m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: EGOV_VEHICLE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: vehicle - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_HRMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-hrms - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-vendor-services - - name: PERSISTER_SAVE_VENDOR_TOPIC - value: save-vendor-application - - name: PERSISTER_UPDATE_VENDOR_TOPIC - value: update-vendor-application - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} From 537ef3c9ce251f8e608529a7327ccacf72d7edf9 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 2 May 2023 17:04:01 +0530 Subject: [PATCH 175/742] updated zuul charts in unified-env (#1568) Co-authored-by: Harish-egov --- .../templates/{role.yaml => clusterrole.yaml} | 25 ++++++++++--------- ...lebinding.yaml => clusterrolebinding.yaml} | 11 ++++---- .../charts/core-services/zuul/values.yaml | 17 ++++++++++--- 3 files changed, 31 insertions(+), 22 deletions(-) rename deploy-as-code/helm/charts/core-services/zuul/templates/{role.yaml => clusterrole.yaml} (53%) rename deploy-as-code/helm/charts/core-services/zuul/templates/{rolebinding.yaml => clusterrolebinding.yaml} (72%) diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/clusterrole.yaml similarity index 53% rename from deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/clusterrole.yaml index 8566522a47..79e33973d3 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/templates/role.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/templates/clusterrole.yaml @@ -3,22 +3,23 @@ {{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} {{- with mustMergeOverwrite . $values }} apiVersion: rbac.authorization.k8s.io/v1 -kind: Role +kind: ClusterRole metadata: labels: app: {{ .Chart.Name }} group: gateway name: {{ .Chart.Name }} - namespace: {{ .Values.namespace }} rules: -- apiGroups: - - "" - resources: - - services - - endpoints - - pods - verbs: - - get - - list - - watch +- apiGroups: [""] + resources: ["services"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["endpoints"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["namespaces"] + verbs: ["get", "list", "watch"] {{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/clusterrolebinding.yaml similarity index 72% rename from deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml rename to deploy-as-code/helm/charts/core-services/zuul/templates/clusterrolebinding.yaml index 2f0751eba6..f7a76e9441 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/templates/rolebinding.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/templates/clusterrolebinding.yaml @@ -3,19 +3,18 @@ {{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} {{- with mustMergeOverwrite . $values }} apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding +kind: ClusterRoleBinding metadata: labels: app: {{ .Chart.Name }} group: gateway name: {{ .Chart.Name }} - namespace: {{ .Values.namespace }} roleRef: apiGroup: rbac.authorization.k8s.io - kind: Role + kind: ClusterRole name: {{ .Chart.Name }} subjects: -- kind: ServiceAccount - name: {{ .Values.serviceAccount }} - namespace: {{ .Values.namespace }} + - kind: ServiceAccount + name: {{ .Values.serviceAccount }} + namespace: {{ .Values.namespace }} {{- end -}} diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 320573357e..c8bd4e7088 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,17 +5,17 @@ labels: serviceAccount: zuul namespace: egov - +discovery_namespaces: works,egov # Init Containers Configs initContainers: extraInitContainers: | - name: "zuul-kubernetes-discovery" - image: "{{ .Values.global.containerRegistry }}/zuul-kubernetes-discovery:2-master-91c9795" + image: "{{ .Values.global.containerRegistry }}/zuul-kubernetes-discovery:zuul-discovery-multiple-ns-1b978047ee-1" env: - name: "OUTPUT_FILE_PATH" value: "/etc/zuul/routes.properties" - name: "NAMESPACE" - value: "egov" + value: {{ index .Values "discovery_namespaces" | quote }} volumeMounts: - name: zuul-routes mountPath: /etc/zuul @@ -45,7 +45,7 @@ tracing-enabled: true server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" java-args: "" -egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-searcher/property-services/propertyopensearch/_get,/edcr/rest/dcr/downloadfile" +egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-searcher/property-services/propertyopensearch/_get,/edcr/rest/dcr/downloadfile" egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/_search,/tl-services/v1/BPAREG/_search,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/bpa-services/bpa/appl/_search,/edcr/rest/dcr/scrutinize,/edcr/rest/dcr/scrutinydetails" eventlog-enabled: "false" eventlog-topic: "zuul-event-log" @@ -137,3 +137,12 @@ env: | name: egov-service-host key: home-isolation-chatbot {{- end }} + - name: SPRING_REDIS_HOST + {{- if index .Values "cluster-configs" "configmaps" "egov-service-host" "data" "redis-host" }} + valueFrom: + configMapKeyRef: + name: egov-service-host + key: redis-host + {{- else }} + value: "redis.backbone" + {{- end }} \ No newline at end of file From b602e79e1d3bc03ac666e69dd8e67acaa66f0a41 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 2 May 2023 17:26:01 +0530 Subject: [PATCH 176/742] updated namespaces in zuul values.yaml (#1571) * updated zuul charts in unified-env * updated namespace for zuul values.yaml in unified-env * removed works namespace in zuul values.yaml --------- Co-authored-by: Harish-egov --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index c8bd4e7088..564178ec65 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: works,egov +discovery_namespaces: egov,sanitation # Init Containers Configs initContainers: extraInitContainers: | From 78b5a5484b2a63745d79d0322a786617a984e0ea Mon Sep 17 00:00:00 2001 From: talele08 Date: Wed, 3 May 2023 11:24:00 +0530 Subject: [PATCH 177/742] added sops creation rule for unified-dev-secrets (#1576) * added sops creation rule for unified-dev-secrets * Update .sops.yaml --- deploy-as-code/helm/.sops.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index c61878468e..b97f0e73f2 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -6,3 +6,7 @@ creation_rules: - path_regex: environments/sanitation\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' + + - path_regex: environments/unified\-dev\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' From 8cdf236710b16559708ae1877394b5e017a675fa Mon Sep 17 00:00:00 2001 From: talele08 Date: Wed, 3 May 2023 11:35:14 +0530 Subject: [PATCH 178/742] updated zuul memory limit (#1577) --- deploy-as-code/helm/environments/unified-dev.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 4e8d038496..746369c3e1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -416,7 +416,8 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" + memory_limits: 768Mi + heap: "-Xmx512m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" @@ -731,4 +732,4 @@ es-curator: logs-cleanup-enabled: "true" jaeger-cleanup-enabled: "true" logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< \ No newline at end of file +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 6fc56ff1128a40159715d1017da3e7f11a2c0d05 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 3 May 2023 15:00:25 +0530 Subject: [PATCH 179/742] added namespace --- deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml index a05754d8a1..474cf0f127 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml @@ -9,6 +9,7 @@ ingress: enabled: true zuul: true context: "fsm-calculator" + namespace : egov # Init Containers Configs initContainers: From 32d8929f8667d6280e2ea4064eb140833a55e3ad Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 3 May 2023 15:01:30 +0530 Subject: [PATCH 180/742] added namesapce --- deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml b/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml index f35bb8d449..492aabdf8a 100644 --- a/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/sanitation-ui/values.yaml @@ -9,6 +9,7 @@ namespace: sanitation ingress: enabled: true context: "sanitation-ui" + namespace : egov # Init Containers Configs initContainers: {} From 480e5cf0780dff45357432901eeeefece4b98af7 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 3 May 2023 15:02:12 +0530 Subject: [PATCH 181/742] added namespace --- deploy-as-code/helm/charts/sanitation/vehicle/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml index efbafea07b..8f86ef6dbf 100644 --- a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml @@ -9,6 +9,7 @@ ingress: enabled: true zuul: true context: "vehicle" + namespace : egov # Init Containers Configs initContainers: From 9e81d9b8bb17be5e68b86d0de26e1c5edf48589f Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 3 May 2023 15:02:44 +0530 Subject: [PATCH 182/742] added namesapce --- deploy-as-code/helm/charts/sanitation/vendor/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml index cd96632f6d..60fca724a1 100644 --- a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml @@ -9,6 +9,7 @@ ingress: enabled: true zuul: true context: "vendor" + namespace : egov # Init Containers Configs initContainers: From c9249ee269c8e34fcdbabfaf11e125862602cc53 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 4 May 2023 15:30:44 +0530 Subject: [PATCH 183/742] updated fsm service memory size and heap size in unified-dev env --- deploy-as-code/helm/charts/sanitation/fsm/values.yaml | 2 +- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml index 74ff561d10..967c94abf9 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -29,7 +29,7 @@ healthChecks: readinessProbePath: "/fsm/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx256m -Xms256m" +heap: "-Xmx384m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" egov.idgen.fsm.applicationNum.format: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 746369c3e1..7f139db2d3 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -387,6 +387,10 @@ egov-apportion-service: memory_limits: 256Mi heap: -Xmx128m -Xms128m +fsm: + memory_limits: 384Mi + heap: -Xmx384m -Xms256m + # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: replicas: 1 From e21b019a18e7d0a02c1e2c974a9ccf477cfed718 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 5 May 2023 15:21:17 +0530 Subject: [PATCH 184/742] Update unified-dev.yaml (#1600) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 7f139db2d3..c9c59083ff 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -72,7 +72,7 @@ cluster-configs: egov-idgen: "http://egov-idgen:8080/" egov-otp: "http://egov-otp:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 7277cc6efc8c130c6c4f0c9a056c73b245bb4fb9 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 8 May 2023 12:05:31 +0530 Subject: [PATCH 185/742] Update sanitation.yaml (#1608) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 8adf294aac..d725bc7148 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -72,7 +72,7 @@ cluster-configs: egov-idgen: "http://egov-idgen:8080/" egov-otp: "http://egov-otp:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 678788b10e80baec37214f788caaca83eff0d707 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 8 May 2023 13:00:26 +0530 Subject: [PATCH 186/742] added .egov so that services from different namespaces can redirect to pods (#1610) --- .../helm/environments/unified-dev.yaml | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index c9c59083ff..13ec4c4bc5 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -45,8 +45,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -57,31 +57,31 @@ cluster-configs: data-sync-employee: "http://data-sync-employee:8080/" egov-common-masters: "http://egov-common-masters:8080/" egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" egf-voucher: "http://egf-voucher:8080/" egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -106,7 +106,7 @@ cluster-configs: pgr-master: "http://pgr-master:8080/" pgr-rest: "http://pgr-rest:8080/" pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" + report: "http://report.egov:8080/" swm-services: "http://swm-services:8080/" tenant: "http://tenant:8080/" tl-masters: "http://tl-masters:8080/" @@ -114,7 +114,7 @@ cluster-configs: tl-workflow: "http://tl-workflow:8080/" tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" + user-otp: "http://user-otp.egov:8080/" firenoc-services: "http://firenoc-services:8080/" firenoc-calculator: "http://firenoc-calculator:8080/" egov-apportion-service: "http://egov-apportion-service:8080/" From dc48cd234b4ba6b0b1b8a0e39f84c1c9d2bd2360 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 8 May 2023 14:33:37 +0530 Subject: [PATCH 187/742] updated location to location.egov (#1611) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index d725bc7148..f0fb853303 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -66,7 +66,7 @@ cluster-configs: egov-accesscontrol: "http://egov-accesscontrol:8080/" egov-user: "http://egov-user:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" + egov-location: "http://egov-location.egov:8080/" egov-filestore: "http://egov-filestore:8080/" egov-localization: "http://egov-localization:8080/" egov-idgen: "http://egov-idgen:8080/" From f63817f8d385075c9a080130ff2d2d274f1fff6b Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 8 May 2023 17:09:57 +0530 Subject: [PATCH 188/742] Namespace addition in other core services (#1612) * updated location to location.egov * updated hosts to point correct namespace --- .../helm/environments/sanitation.yaml | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index f0fb853303..6173630f93 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -45,8 +45,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -63,25 +63,25 @@ cluster-configs: egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -130,7 +130,7 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" + egov-url-shortening: "http://eus.egov:8080/" fsm-calculator: "http://fsm-calculator.sanitation:8080/" fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" From d4381125a017439b80de4842f9200026439d6375 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 9 May 2023 15:23:05 +0530 Subject: [PATCH 189/742] Update unified-dev.yaml (#1617) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 13ec4c4bc5..ff307ac29c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -304,7 +304,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 4ddd78c9355eac50ada651b61017d200846230c5 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 11 May 2023 11:58:07 +0530 Subject: [PATCH 190/742] Updated branch name for mdms and config to UNIFIED-DEV (#1618) * Updated branch name for mdms and config to UNIFIED-DEV * Updated branch name of mdms and config --- .../helm/environments/sanitation.yaml | 18 +++++++++--------- .../helm/environments/unified-dev.yaml | 18 +++++++++--------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 6173630f93..0cb956c9c9 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -229,7 +229,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -242,7 +242,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -255,7 +255,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-localization: replicas: 1 @@ -266,28 +266,28 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -308,14 +308,14 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ff307ac29c..5a63b52a5c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -282,7 +282,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -295,7 +295,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -308,7 +308,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-localization: replicas: 1 @@ -319,28 +319,28 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -361,14 +361,14 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" From e0862b10b6709aab012b65fecbaa1b5f28405cd1 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Fri, 12 May 2023 13:52:18 +0530 Subject: [PATCH 191/742] added inbox service-map config (#1641) --- deploy-as-code/helm/environments/sanitation.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 0cb956c9c9..6e11051f70 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -268,6 +268,9 @@ egov-data-uploader: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch +inbox: + service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: From 3aed6b07db7041c6f9c03cc762158b4cfe921bec Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 15 May 2023 10:13:52 +0530 Subject: [PATCH 192/742] Added inbox service (#1643) * Added inbox service * Added inbox service --- .../helm/charts/sanitation/inbox/Chart.yaml | 26 ++++++++ .../inbox/templates/deployment.yaml | 2 + .../sanitation/inbox/templates/ingress.yaml | 2 + .../sanitation/inbox/templates/service.yaml | 2 + .../helm/charts/sanitation/inbox/values.yaml | 63 +++++++++++++++++++ 5 files changed, 95 insertions(+) create mode 100644 deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/inbox/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml b/deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml new file mode 100644 index 0000000000..de87e4ffaa --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: inbox +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml new file mode 100644 index 0000000000..704ca11d5a --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -0,0 +1,63 @@ +namespace : sanitation +# Common Labels +labels: + app: "inbox" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "inbox" + namespace : egov + + +# Container Configs +image: + repository: "inbox" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/inbox/health" + readinessProbePath: "/inbox/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: WORKFLOW_PROCESS_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/process/_search" + - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/businessservice/_search" + - name: WORKFLOW_PROCESS_COUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_count" + - name: WORKFLOW_PROCESS_STATUSCOUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_statuscount" + - name: SERVICE_SEARCH_MAPPING + value: {{ index .Values "service-map" | quote }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} From d3061da5d49e3727430e0cd6586c03834d16995d Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 17 May 2023 11:26:28 +0530 Subject: [PATCH 193/742] added user service in inbox (#1660) * added user service in inbox * increased memory limit for fsm service --- deploy-as-code/helm/charts/sanitation/inbox/values.yaml | 5 +++++ deploy-as-code/helm/environments/sanitation.yaml | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml index 704ca11d5a..08f31f55f7 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -37,6 +37,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user - name: WORKFLOW_PROCESS_SEARCH_PATH value: "egov-workflow-v2/egov-wf/process/_search" - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 6e11051f70..c68ef0daf7 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -210,6 +210,12 @@ bpa-calculator: java-debug: true tracing-enabled: "true" +fsm: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" From 31fae806a3ecde8745fa8c37521e91986a584a86 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 17 May 2023 16:42:55 +0530 Subject: [PATCH 194/742] changed fsm.egov to fsm.sanitation (#1663) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index c68ef0daf7..b3babffc11 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -275,7 +275,7 @@ egov-data-uploader: branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + service-map : '{"FSM":{"searchPath":"http://fsm.sanitation:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.sanitation:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.sanitation:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" From 1b9e235c39b03e6c4e61aa50cdf2398f3badd6af Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 18 May 2023 12:54:18 +0530 Subject: [PATCH 195/742] added fsm service config (#1666) --- deploy-as-code/helm/charts/sanitation/vehicle/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml index 8f86ef6dbf..22f331e676 100644 --- a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml @@ -60,6 +60,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-workflow-v2 + - name: EGOV_FSM_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: fsm - name: WORKFLOW_TRANSITION_PATH value: "egov-workflow-v2/egov-wf/process/_transition" - name: EGOV_IDEN_VEHICLE_TRIP_APPLICATIONNUM_FORMAT From a2e3b28f5c8a5eba8ce22d086561bc4bc46bd104 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Fri, 19 May 2023 16:25:45 +0530 Subject: [PATCH 196/742] increased inbox memory (#1673) --- deploy-as-code/helm/environments/sanitation.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index b3babffc11..c37b3559ca 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -215,6 +215,12 @@ fsm: heap: "-Xmx256m -Xms256m" java-debug: true tracing-enabled: "true" + +inbox: + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" From c54020eb6eeb812ca9884e48b3995cbf04367573 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 19 May 2023 17:15:21 +0530 Subject: [PATCH 197/742] Urban setup (#1672) * updated location to location.egov * Added 3 services to urban charts --- .../charts/urban/property-services/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../property-services/templates/ingress.yaml | 2 + .../property-services/templates/service.yaml | 2 + .../urban/property-services/values.yaml | 149 +++ .../charts/urban/ws-calculator/Chart.yaml | 26 + .../ws-calculator/templates/deployment.yaml | 2 + .../ws-calculator/templates/ingress.yaml | 2 + .../ws-calculator/templates/service.yaml | 2 + .../charts/urban/ws-calculator/values.yaml | 110 ++ .../helm/charts/urban/ws-services/Chart.yaml | 26 + .../ws-services/templates/deployment.yaml | 2 + .../urban/ws-services/templates/ingress.yaml | 2 + .../urban/ws-services/templates/service.yaml | 2 + .../helm/charts/urban/ws-services/values.yaml | 132 +++ deploy-as-code/helm/environments/urban.yaml | 967 ++++++++++++++++++ 16 files changed, 1454 insertions(+) create mode 100644 deploy-as-code/helm/charts/urban/property-services/Chart.yaml create mode 100644 deploy-as-code/helm/charts/urban/property-services/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/urban/property-services/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/urban/property-services/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/urban/property-services/values.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-calculator/Chart.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-calculator/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-calculator/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-calculator/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-calculator/values.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-services/Chart.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-services/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-services/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-services/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/urban/ws-services/values.yaml create mode 100644 deploy-as-code/helm/environments/urban.yaml diff --git a/deploy-as-code/helm/charts/urban/property-services/Chart.yaml b/deploy-as-code/helm/charts/urban/property-services/Chart.yaml new file mode 100644 index 0000000000..43477efcc9 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/property-services/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: property-services +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/urban/property-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/property-services/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/property-services/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/property-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/property-services/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/urban/property-services/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/property-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/property-services/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/property-services/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/property-services/values.yaml b/deploy-as-code/helm/charts/urban/property-services/values.yaml new file mode 100644 index 0000000000..97fba47a32 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/property-services/values.yaml @@ -0,0 +1,149 @@ +# Common Labels +labels: + app: "property-services" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "property-services" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "property_services_schema" + image: + repository: "property-services-db" + +# Container Configs +image: + repository: "property-services" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/property-services/health" + readinessProbePath: "/property-services/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" +notification-sms-enabled: "" +employee-allowed-search-params: "" +citizen-allowed-search-params: "" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_CALCULATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pt-calculator-v2 + - name: EGOV_PT-SERVICES-V2_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pt-services-v2 + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-property-services + - name: PERSISTER_SAVE_PROPERTY_TOPIC + value: save-property-registry + - name: PERSISTER_UPDATE_PROPERTY_TOPIC + value: update-property-registry + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_ENABLE_DEBUG + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: NOTIFICATION_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: ASSESSMENT_WORKFLOW_ENABLED + value: "false" + - name: EGOV_IDGEN_ACK_FORMAT + value: {{ index .Values "egov-idgen-ack-format" | quote }} + - name: EGOV_IDGEN_MUTATION_FORMAT + value: {{ index .Values "egov-idgen-mutation-format" | quote }} + - name: EGOV_IDGEN_ASSM_FORMAT + value: {{ index .Values "egov-idgen-assm-format" | quote }} + - name: EGOV_IDGEN_PTID_FORMAT + value: {{ index .Values "egov-idgen-ptid-format" | quote }} + + - name: NOTIFICATION_SMS_ENABLED + value: {{ index .Values "notification-sms-enabled" | quote }} + - name: EGOV_USER_EVENT_NOTIFICATION_ENABLED + value: "true" + {{- if index .Values "employee-allowed-search-params" }} + - name: EMPLOYEE_ALLOWED_SEARCH_PARAMS + value: {{ index .Values "employee-allowed-search-params" | quote }} + {{- end }} + {{- if index .Values "citizen-allowed-search-params" }} + - name: CITIZEN_ALLOWED_SEARCH_PARAMS + value: {{ index .Values "citizen-allowed-search-params" | quote }} + {{- end }} + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: EGOV_USR_EVENTS_CREATE_TOPIC + value: "persist-user-events-async" + - name: EGOV_USR_EVENTS_PAY_LINK + value: "citizen/withoutAuth?redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" + - name: EGOV_USR_EVENTS_PAY_CODE + value: "PAY" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/Chart.yaml new file mode 100644 index 0000000000..38683ced11 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-calculator/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ws-calculator +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-calculator/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-calculator/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/templates/service.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-calculator/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml new file mode 100644 index 0000000000..0138637433 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml @@ -0,0 +1,110 @@ +# Common Labels +labels: + app: "ws-calculator" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "ws-calculator" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "ws_calculator_schema" + image: + repository: "ws-calculator-db" + +# Container Configs +image: + repository: "ws-calculator" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/ws-calculator/health" + readinessProbePath: "/ws-calculator/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_PROPERTY_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: property-services + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_BILLINGSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: billing-service + - name: EGOV_WS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ws-services + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-ws-calculator + - name: EGOV_METERSERVICE_CREATEMETERCONNECTION + value: save-ws-meter + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SERVER_CONTEXT_PATH + value: /ws-calculator + - name: NOTIFICATION_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/urban/ws-services/Chart.yaml b/deploy-as-code/helm/charts/urban/ws-services/Chart.yaml new file mode 100644 index 0000000000..d783c71d70 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-services/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ws-services +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/urban/ws-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/ws-services/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-services/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/ws-services/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-services/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/ws-services/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-services/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/ws-services/values.yaml b/deploy-as-code/helm/charts/urban/ws-services/values.yaml new file mode 100644 index 0000000000..348119fcca --- /dev/null +++ b/deploy-as-code/helm/charts/urban/ws-services/values.yaml @@ -0,0 +1,132 @@ +# Common Labels +labels: + app: "ws-services" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "ws-services" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "ws_services_schema" + image: + repository: "ws-services-db" + +# Container Configs +image: + repository: "ws-services" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/ws-services/health" + readinessProbePath: "/ws-services/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: EGOV_PROPERTY_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: property-services + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_BILLINGSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: billing-service + - name: EGOV_WS_CALCULATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ws-calculator + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_PDFSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: WORKFLOW_CONTEXT_PATH + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-ws-services + - name: EGOV_WATERSERVICE_CREATEWATERCONNECTION + value: save-ws-connection + - name: EGOV_WATERSERVICE_UPDATEWATERCONNECTION + value: update-ws-connection + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: NOTIFICATION_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: IS_EXTERNAL_WORKFLOW_ENABLED + value: {{ index .Values "is-external-workflow-enabled" | quote }} \ No newline at end of file diff --git a/deploy-as-code/helm/environments/urban.yaml b/deploy-as-code/helm/environments/urban.yaml new file mode 100644 index 0000000000..7bdcde630d --- /dev/null +++ b/deploy-as-code/helm/environments/urban.yaml @@ -0,0 +1,967 @@ +global: + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban ] + + rbac: + - role: user + namespaces: [egov] + - role: admin + namespaces: [playground,kafka-cluster] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation, urban ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + + egov-service-host: + namespace: [ egov, monitoring, sanitation, urban ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location.egov:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.urban:8080/" + ws-services: "http://ws-services.urban:8080/" + sw-services: "http://sw-services.urban:8080/" + sw-calculator: "http://sw-calculator.urban:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + +egov-filestore: + replicas: 2 + heap: "-Xmx1344m -Xms1344m" + memory_limits: 1536Mi + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + fixed-bucketname: egov-rainmaker # Only for Dev & QA + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + + +egov-url-shortening: + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "5" + + +egov-idgen: + idformat-from-mdms: "true" + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + ingress: + enabled: true + + +egov-user: + replicas: 2 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "pb" + decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744060444" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744060444" + valuefirst-notification-assigned-templateid: "205987" + valuefirst-notification-resolved-templateid: "205989" + valuefirst-notification-rejected-templateid: "205991" + valuefirst-notification-reassigned-templateid: "205993" + valuefirst-notification-commented-templateid: "205995" + valuefirst-notification-welcome-templateid: "205999" + valuefirst-notification-root-templateid: "206001" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + test-data-cleanup-enabled: true + +xstate-chatbot: + whatsapp-provider: "ValueFirst" + contact-card-whatsapp-number: "+918448098732" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918448098732" + valuefirst-notification-assigned-templateid: "3656031,4156319" + valuefirst-notification-resolved-templateid: "3656033,4156321" + valuefirst-notification-rejected-templateid: "3656037,4156323" + valuefirst-notification-reassigned-templateid: "3656039,4156325" + valuefirst-notification-commented-templateid: "205995" + valuefirst-notification-welcome-templateid: "205999,4156311" + valuefirst-notification-root-templateid: "206001,4156313" + valuefirst-notification-viewrecept-templateid: "3597461,4156327" + valuefirst-notification-pt-bill-templateid: "3595729,4156331" + valuefirst-notification-ws-bill-templateid: "3595727,4156329" + valuefirst-notification-owner-bill-success-templateid: "3595731,4156489" + valuefirst-notification-other-pt-bill-success-templateid: "3618673,4156315" + valuefirst-notification-other-ws-bill-success-templateid: "3618675,4156317" + valuefirst-notification-track-complaint-templateid: "4052381,4156335" + valuefirst-notification-lodge-complaint-templateid: "4052379,4156333" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + bill-supported-modules: "WS, PT" + pgr-version: "v1" + pgr-update-topic: "update-pgr-service" + information-image-filestoreid: "16dff22d-06dd-485d-a03d-6d11e8564dff" + open-search-image-filestoreid: "bd150c64-2188-44ba-b77e-3030475bddc8" + nlp-geoSearch: true + bill-search-limit: 3 + receipt-search-limit: 3 + complaint-search-limit: 3 + +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "QA" + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + + + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + bpa-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$applicationNo?tenantId=$tenantId" + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +noc-services: + java-debug: true + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "b405e4d0-99ec-41b1-92e7-2ebda0321e0d" + +egov-persister: + replicas: 3 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-migration-batch.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/echallan.yml,file:///work-dir/configs/egov-persister/egov-document-upload-persister.yml,file:///work-dir/configs/egov-persister/egov-survey-service-persister.yml,file:///work-dir/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/configs/egov-persister/nss-persister.yml,file:///work-dir/configs/egov-persister/birth-death.yml,file:///work-dir/configs/egov-persister/bulk-bill-generator-ws.yml,file:///work-dir/configs/egov-persister/bulk-bill-generator-sw.yml,file:///work-dir/configs/egov-persister/audit-service-persister.yml,file:///work-dir/configs/egov-persister/pt-enc-audit-persister.yml,file:///work-dir/configs/egov-persister/ws-enc-audit-persister.yml,file:///work-dir/configs/egov-persister/sw-enc-audit-persister.yml" + persister-bulk-enabled: "false" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + +egov-localization: + replicas: 1 + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + +egov-searcher: + replicas: 2 + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/configs/egov-searcher/inboxpropertysearch.yml,file:///work-dir/configs/egov-searcher/wateropensearch.yml,file:///work-dir/configs/egov-searcher/sewerageopensearch.yml,file:///work-dir/configs/egov-searcher/inboxTLSearch.yml,file:///work-dir/configs/egov-searcher/inboxFSMSearch.yml,file:///work-dir/configs/egov-searcher/inboxNOCSearch.yml,file:///work-dir/configs/egov-searcher/inboxBPASearch.yml,file:///work-dir/configs/egov-searcher/inboxWSSearch.yml,file:///work-dir/configs/egov-searcher/inboxSWSearch.yml,file:///work-dir/configs/egov-searcher/inboxBillAmendmentWsSearch.yml,file:///work-dir/configs/egov-searcher/inboxBillAmendmentSwSearch.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + +egov-custom-consumer: + erp-host: "https://mohali-qa.digit.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +inbox: + service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_qa_db" + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + metrics: + enabled: true + serviceMonitor: + enabled: true + service: + annotations: + service.beta.kubernetes.io/aws-load-balancer-type: nlb + enabled: true + prometheusRule: + enabled: true + + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number","noOfPropertiesPaidToday":"number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +cert-manager: + email: "nithin.dv@egovernments.org" + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov + +zuul: + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + eventlog-enabled: "true" + egov-open-endpoints-whitelist: "/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/xstate-chatbot/message,/dashboard-ingest/ingest/upload,/edcr/rest/dcr/downloadfile,/xstate-chatbot/status,/xstate-chatbot/reminder,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/notification-sms/smsbounce/callback,/birth-death-services/birth/_viewcertdata,/inbox/v1/dss/_search" + egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files, /filestore/v1/files/id,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/turn-io-adapter/_transform,/egov-pdf/download/PAYMENT/consolidatedreceipt,/egov-user-event/v1/events/_search,/tl-services/v1/_search,/pgr-services/v2/request/_search,/echallan-services/eChallan/v1/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +billing-service: + replicas: 1 + java-enable-debug: "true" + tracing-enabled: true + +collection-services: + replicas: 2 + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + apportion-endpoint: /apportion-service/v2/bill/_apportion + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "digit.org" + +employee: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +dashboard-analytics: + replicas: 1 + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + +dashboard-ingest: + topic-incoming-collection: "dss-collection-update" + es-index-name: "dss-collection_v2" + es-push-direct: "true" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +dashboard: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +sanitation-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "false" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pgr-services: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + java-enable-debug: "true" + time-before-closing-complaint: "3600000" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" + tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=digit-ui/citizen/payment/my-bills/$businessService/$applicationNo?tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + tl-search-default-limit: "50" + +property-services: + replicas: 1 + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + wf-max-limit: "10000" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + employee-applink: "https://qa.digit.org/employee/user/login" + +pdf-service: + replicas: 3 + memory_limits: 1.5Gi + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "qa" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/data-config/birth-certificate-pdf.json, file:///work-dir/configs/pdf-service/data-config/death-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-sewagedisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-seweragedisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sewerageconnectiondetails.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-metered.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-nonmetered.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/format-config/birth-certificate.json, file:///work-dir/configs/pdf-service/format-config/death-certificate.json, file:///work-dir/configs/pdf-service/format-config/ws-sewagedisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-seweragedisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-sewerageconnectiondetails.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-metered.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-nonmetered.json" + persistence: + enabled: true + accessMode: ReadWriteOnce + size: "1Gi" + extraVolumes: | + - name: {{ template "common.name" . }} + persistentVolumeClaim: + claimName: {{ template "common.name" . }} + extraVolumeMounts: | + - mountPath: /mnt/pdf + name: {{ template "common.name" . }} + +efs: + nfs_server: "10.1.9.132" + nfs_path: "/" + + +egov-pdf: + replicas: 3 + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-data-v1.es-cluster" + es-port: "9200" + +echallan-services: + egov-idgen-challanNum-format: "PB-CH-[cy:yyyy-MM-dd]-[SEQ_EG_CH_APL]" + +jaeger: + host: "" + port: "" + sampler-type: "" + sampler-param: "" + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.0 + +pgadmin: + images: + - egovio/pgadmin:v0.1 + +pgadmin-config: + host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" + db-admin-username: "egov_qa" + db-read-username: "egovqa_readonly" + port: "5432" + env: "QA" + maintenance-db-name: "egov_qa_db" +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# egov-wordpress-portal >>>>>>>>>>>>>>>>> + +egov-wordpress-portal: + replicas: 1 + images: + - egovio/wordpress + db-host: prod-egov.mysql.database.azure.com + db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== + db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== + db-name: egov_wp_portal_db + wordpress_siteurl: http://qa.egovernments.org + +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-enc-service: + state-level-tenant-id: "pb" + # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0ce7714c3291e0284" + zone: ap-south-1a + - volumeId: "vol-000e8329af4f912f3" + zone: ap-south-1a + - volumeId: "vol-0b34d6132ba38816e" + zone: ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +kafka-connect: + image: + tag: "5.4.1" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0f15d6515a5038ba1" + zone: ap-south-1a + - volumeId: "vol-0a78afd284cdf38f3" + zone: ap-south-1a + - volumeId: "vol-0885e513c59d5529b" + zone: ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-021eb5ed56e94f8c6" + zone: ap-south-1a + - volumeId: "vol-0f758925f2ea2de71" + zone: ap-south-1a + - volumeId: "vol-0909c5b4411e8c54b" + zone: ap-south-1a + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + # cpu: "1000m" + memory: "2Gi" + limits: + # cpu: "1000m" + memory: "2Gi" + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-09a70a40a22a68679" + zone: ap-south-1a + - volumeId: "vol-09676d61dad41a85d" + zone: ap-south-1a + - volumeId: "vol-0a1821d70789c0fe5" + zone: ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +es-curator-infra: + namespace: es-cluster + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-data-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" + +kuberhealthy: + deployment: + replicas: 1 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-qa,devops" + upstreams = [ "file:///dev/null" ] +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-finance: + replicas: 1 + dev_mode: true + filestore_beanname: microDiskFileStoreService + +# eGov-eDCR Tenants +edcrTenants: | + common.domain.name=qa.digit.org + tenant.qa.digit.org=state + client.id=punjab + tenant.amritsar-qa.digit.org=amritsar + tenant.jalandhar-qa.digit.org=jalandhar + ms.url=http://egov-filestore.egov:8080/ + filestoreservice.beanname=egovMicroServiceStore + mdms.enable=true + mdms.host=https://qa.digit.org + +microservice: | + indexer.host=http://egov-indexer.egov:8080/ + egov.services.egov-indexer.url=egov-indexer/index-operations/{edcr-create-application}/_index + edcr.indexer.data.push.required=true + egov.collection.version={{ index .Values "collection-version" }} + egov.default.services.endpoint=https://qa.digit.org/ + egov.hrms.service.endpoint=http://egov-hrms.egov:8080/ + egov.accesscontrol.service.endpoint=http://egov-accesscontrol.egov:8080/ + egov.hr.masters.service.endpoint=http://hr-masters.egov:8080/ + egov.user.service.endpoint=http://egov-user.egov:8080/ + egov.common.masters.endpoint=http://egov-common-masters.egov:8080/ + egov.billing.service.endpoint=http://billing-service.egov:8080/ + egov.collection.service.endpoint=http://collection-services.egov:8080/ + egov.egf.master.service.endpoint=http://egf-master.egov:8080/ + egov.egf.instrument.service.endpoint=http://egf-instrument.egov:8080/ + egov.mdms.service.endpoint=http://egov-mdms-service.egov:8080/ + egov.indexer.service.endpoint=http://egov-indexer.egov:8080/ + egov.services.billing.service.bill.generate=billing-service/bill/v2/_fetchbill + egov.filestore.service.endpoint=http://egov-filestore.egov:8080/ + +egov-edcr: + ingress: + enabled: true + zuul: true + context: "edcr" + +ws-services: + replicas: 1 + is-external-workflow-enabled: "true" + water-decryption-abac-enabled: "true" + +sw-services: + replicas: 1 + is-external-workflow-enabled: "true" + sewerage-decryption-abac-enabled: "true" + + +egf-instrument: + persistence-through-kafka: no + +# eGov-Finance Tenants +financeTenants: | + tenant.mohali-qa.digit.org=mohali + tenant.nayagaon-qa.digit.org=nayagaon + tenant.amritsar-qa.digit.org=amritsar + tenant.nawanshahr-qa.digit.org=nawanshahr + tenant.phagwara-qa.digit.org=phagwara + tenant.derabassi-qa.digit.org=derabassi + tenant.jalandhar-qa.digit.org=jalandhar + location.user.role=Collection Operator + collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl + +# grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +grafana: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/configs" + branch: "qa" +# minio >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +minio: + mode: distributed + persistence: + enabled: true + dataDirSize: 20G + aws: + - volumeId: "vol-085bf7c435e9eed0d" + zone: ap-south-1a + - volumeId: "vol-09ebb5d2741478244" + zone: ap-south-1a + - volumeId: "vol-02f3fdabc338c9b0b" + zone: ap-south-1a + - volumeId: "vol-0eb0b261285dcb652" + zone: ap-south-1a + ingress: + hostName: minio-egov-micro-qa.digit.org + +# nlp-engine >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +nlp-engine: + isSentenceRecognitionEnabled : "false" + +# airflow >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +airflow: + config: + AIRFLOW__WEBSERVER__BASE_URL: "https://qa.digit.org/airflow" + AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/dags/repo/egov-national-dashboard-accelerator/plugins" +dags: + gitSync: + repo: "https://github.com/egovernments/utilities.git" + repoSubPath: "egov-national-dashboard-accelerator/dags" + branch: develop \ No newline at end of file From 4cb61a716b282e5d5ce9bcd95e12ccc8875f6125 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 19 May 2023 17:15:34 +0530 Subject: [PATCH 198/742] egov-configmap-change from vehicle.egov to vehicle.sanitation (#1674) --- deploy-as-code/helm/charts/sanitation/inbox/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml index 08f31f55f7..22a88450f9 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -32,6 +32,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-workflow-v2 + - name: EGOV_VEHICLE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: vehicle - name: EGOV_MDMS_HOST valueFrom: configMapKeyRef: From 05d0667bd7adb06f95319adb3f636cccc98b726e Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 22 May 2023 17:18:25 +0530 Subject: [PATCH 199/742] increased inbox memory (#1679) * increased inbox memory * Update values.yaml --- deploy-as-code/helm/charts/sanitation/inbox/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml index 22a88450f9..d471a2578e 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -22,6 +22,7 @@ healthChecks: readinessProbePath: "/inbox/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" From 5dcf7acd91343cd6155c9ebe95b33c145653c41b Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 23 May 2023 17:58:06 +0530 Subject: [PATCH 200/742] Increased memory for all the services (#1684) --- deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml | 1 + deploy-as-code/helm/charts/sanitation/fsm/values.yaml | 1 + deploy-as-code/helm/charts/sanitation/vehicle/values.yaml | 1 + deploy-as-code/helm/charts/sanitation/vendor/values.yaml | 1 + 4 files changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml index 474cf0f127..9c30633d91 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml @@ -29,6 +29,7 @@ healthChecks: readinessProbePath: "/fsm-calculator/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml index 967c94abf9..c4e2b92157 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -29,6 +29,7 @@ healthChecks: readinessProbePath: "/fsm/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx384m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" egov.idgen.fsm.applicationNum.format: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" diff --git a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml index 22f331e676..8cafe89aed 100644 --- a/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vehicle/values.yaml @@ -29,6 +29,7 @@ healthChecks: readinessProbePath: "/vehicle/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" egov.idgen.vehicle.trip.applicationNum.format: "[CITY.CODE]-VT-[cy:yyyy-MM-dd]-[SEQ_EGOV_VEHICLETRIP]" diff --git a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml index 60fca724a1..6a47108122 100644 --- a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml @@ -29,6 +29,7 @@ healthChecks: readinessProbePath: "/vendor/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" From 64c1380a3f5544b5ce5005e24e9d609a955e7bee Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 24 May 2023 13:21:49 +0530 Subject: [PATCH 201/742] added fsm-receipt apth (#1688) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 5a63b52a5c..a07531f629 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -369,8 +369,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 25079ffacbc860d58af71abebbb634f5cfb87948 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 30 May 2023 10:47:53 +0530 Subject: [PATCH 202/742] Enable debugger (#1702) --- .../helm/charts/business-services/egf-master/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/business-services/egf-master/values.yaml b/deploy-as-code/helm/charts/business-services/egf-master/values.yaml index 5b6787b2a4..b8e7b9b2a3 100644 --- a/deploy-as-code/helm/charts/business-services/egf-master/values.yaml +++ b/deploy-as-code/helm/charts/business-services/egf-master/values.yaml @@ -23,6 +23,7 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true +java-debug: true db-url: "jdbc:postgresql://egov-micro-dev.postgres.database.azure.com:5432/egov_dev_ms?currentSchema=egov_master" heap: "-Xmx192m -Xms192m" From 6c354d3b8266643dcd2fc76eb185e4fcd525eac1 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 30 May 2023 11:50:58 +0530 Subject: [PATCH 203/742] increased memory limit for egf-master (#1703) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a07531f629..bd3a569fb0 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -377,7 +377,7 @@ pdf-service: # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - memory_limits: 300Mi + memory_limits: 512Mi heap: "-Xmx128m -Xms128m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: From 46c67f821ce21030dfd355ee60bb27c1e3aa6a34 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 30 May 2023 11:51:29 +0530 Subject: [PATCH 204/742] changed bucket name (#1700) --- .../helm/charts/core-services/egov-filestore/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml index 9e34e645a7..51c0e5b603 100644 --- a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml @@ -27,7 +27,7 @@ healthChecks: appType: "java-spring" tracing-enabled: true is-bucket-fixed: "true" -fixed-bucketname: "egov-rainmaker" +fixed-bucketname: "unified-dev-bucket-s3" heap: "-Xmx192m -Xms192m" file-storage-mount-path: "/filestore" is-nfs-enabled: false From 8cf876931e3b136b6ff31e7d3bccdf341b1c60a3 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 1 Jun 2023 11:54:47 +0530 Subject: [PATCH 205/742] updated urban namespace in unified-dev (#1708) Co-authored-by: Harish-egov --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index bd3a569fb0..037deafc2f 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -5,7 +5,7 @@ global: cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban ] root-ingress: cert-issuer: letsencrypt-prod From 7b36d8942cdf05bbd45c01c156c46a1aaa5fd3ab Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 2 Jun 2023 18:58:38 +0530 Subject: [PATCH 206/742] updated works and health env file to unified-env branch (#1712) Co-authored-by: Harish-egov --- .../helm/environments/health-dev-secrets.yaml | 96 ++ .../helm/environments/health-dev.yaml | 868 ++++++++++++++++++ .../helm/environments/health-qa-secrets.yaml | 114 +++ .../helm/environments/health-qa.yaml | 862 +++++++++++++++++ .../helm/environments/works-dev-secrets.yaml | 125 +++ .../helm/environments/works-dev.yaml | 744 +++++++++++++++ .../helm/environments/works-qa-secrets.yaml | 117 +++ .../helm/environments/works-qa.yaml | 751 +++++++++++++++ 8 files changed, 3677 insertions(+) create mode 100644 deploy-as-code/helm/environments/health-dev-secrets.yaml create mode 100644 deploy-as-code/helm/environments/health-dev.yaml create mode 100644 deploy-as-code/helm/environments/health-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/health-qa.yaml create mode 100644 deploy-as-code/helm/environments/works-dev-secrets.yaml create mode 100644 deploy-as-code/helm/environments/works-dev.yaml create mode 100644 deploy-as-code/helm/environments/works-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/works-qa.yaml diff --git a/deploy-as-code/helm/environments/health-dev-secrets.yaml b/deploy-as-code/helm/environments/health-dev-secrets.yaml new file mode 100644 index 0000000000..a070fc7160 --- /dev/null +++ b/deploy-as-code/helm/environments/health-dev-secrets.yaml @@ -0,0 +1,96 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:sex2DbN5UuFaO4aU9Ys=,iv:heLMmi06sly5QsCFpRXpeE3rMW5VmPLd15Z4ASmcsUI=,tag:E7cvrqcckbQiNVM5FZUL4g==,type:str] + password: ENC[AES256_GCM,data:TDqFOlZURKRxqSJzjgc=,iv:rUlds3jQTxNKImHoJcCuabOeoRTbrU4Wxqjk9QYVvKw=,tag:PEgrgILVONq07otUccBpPw==,type:str] + flywayUsername: ENC[AES256_GCM,data:IMXBlNmuMN0khYm/ERQ=,iv:9/NRieUjftZMCm1T+qRgU5832dd2XQrYTg4XYAXth6k=,tag:eK6z0/dGJNsZxc4dOm8vTQ==,type:str] + flywayPassword: ENC[AES256_GCM,data:FrpaZkPthv+WtcxW7n0=,iv:2iyCkDJ4mI9l7vuZ9kjt/Un2/vcH4SaZ9mvErVsXY1Q=,tag:u891R2jQWqDVlXQ1WTY6sw==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:/CJsyg==,iv:P2moYkb2XcYQqJV5608zRBmPNrxSzWZ9CtHXAAdHJcs=,tag:Cf8T9dANu3IRxIphSGWiqw==,type:str] + password: ENC[AES256_GCM,data:oK8ebg==,iv:sIqNd/wp5wLUqoPYXIHv7gAQ0t99H8Eq3WeaEX0QrlE=,tag:eyxPEhLIBU/tEcQVqV4m+A==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:xOV9C2FlSgnzvxHelE6pDZHrxPc=,iv:5sTgtII5Cx4/cz6ZfwrwyG148hCA2KHcMRAIWcxc6zU=,tag:kZLgrEooKseiRd0jscvHvA==,type:str] + aws-secret-key: ENC[AES256_GCM,data:DSxjWvXeq3nJuyiYoHWtS4AhLgykyXDaxvLb2ubn1uOOwGTi+/0kDw==,iv:fDd7R5jBCX5jBWdx+H/t0ScvR4eYrO8o5lLoVGknuOM=,tag:DfmtaHI4TbdHNqZRhO6Tgw==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:XtbDTT+mPcDcEJJWrndvSQrYhA==,iv:aUbhP8frrhNo6WH9t9kyRnoJgWacyE9Hh/d53e2AakM=,tag:J7Nw6J3Q4eFqTx3Db1GqHQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:pJW27Q==,iv:3Hq2kQlc9yAYMjwTHWmI+OpvQteLWh6pfm9UwNm/NDI=,tag:KQx1PYHUX0UsCwohdLxdUg==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:NpyAog==,iv:bArZumBg/+dsmxjmiCkBH9jFb/Q9Ad8OHdBgXKD8uW8=,tag:DXKqBIC/yZzIL3ioHRyyVw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:nF/ZsA==,iv:jmQeqKkjhTsdWPgXbgtsB9e+72ghR0caRXRxIGsL7BE=,tag:WbhTF2Tokb+qOkGFid01nw==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:egh8yA==,iv:ZHbWazNwfrMcKtbnTJ8caXX0ZqLhpI8i/cGjgVoiW44=,tag:Gl9Y5X//YY519vjcYhPLcg==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:IT4gfg==,iv:GWvXFqnkeWeaOtBA7F+8FwajWRfzCwt3hWRXsWLvQqM=,tag:9K/JCEvtmrNkJeiBBL0IfQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:CMoPlg==,iv:K0L8iN1Z1YdwKHsp1lwdAXKOKl8Nn4s/3Uktk4PjnR0=,tag:edn15q0dMXIueF8OLTJC9Q==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:255xpg==,iv:R4oVe1LqA7kM1cA4d6omS9tuqgZWvfWMxnn/WXib00s=,tag:95ZnwaDI4EyfVRVbxpjFDw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:LkZf0Uc4kNXx4R13nQ==,iv:2q6xmXtS4k60Yg7Tfu8VcLhjsY2d26ZNvWbc+o8oxeI=,tag:VaEXGJzHJM1K0RguOK4G4A==,type:str] + admin-password: ENC[AES256_GCM,data:4ZkQXQ==,iv:Jl+bzprGfv0uShBrKEsH6GsGD0Jo/msrPR5HuPc/K3w=,tag:0x+bM8qblhLV5tgeXkpFAA==,type:str] + read-email: ENC[AES256_GCM,data:3LeFVQDQf6lbBieyvQ==,iv:KiYMxrjzWVqQFNXuyMwsLrEDNmv/1sPqoLEeYeJS6MA=,tag:vcBEx5co4xRLJBSzCPJYTA==,type:str] + read-password: ENC[AES256_GCM,data:ThJlgQ==,iv:fM5Yr1z8bQ/bOeZ8wXjA3CB1WbLHjsjFqQqlNGw5Pnc=,tag:UWRDyovUc1g/M1XkHzKw8Q==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:wsnq8g==,iv:/8O9dxsd0UrlohkB49p3/bJW5N0WU3snC33bv4b7rlw=,tag:zbVq3ojHFd1d6oXdwV5wsw==,type:str] + master-salt: ENC[AES256_GCM,data:+je79oA4EhY=,iv:oteeFw1+7yBIoF5wJQY03QzJw/FF3svMD0u/YorAzuo=,tag:HM3j4dx17Vwud3LhIL47CA==,type:str] + master-initialvector: ENC[AES256_GCM,data:hn0RAUJmn/u0zs00,iv:CIOtGol2MprUAmRweTnsVjDXJ7bdtJFDYbNTbSMrIOY=,tag:Lh25QE5icIdyOlw8llaaGw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:bgqgYE6ZB/CuPoXJK8ylQdi1cI7NQfrSH6Q6c7w=,iv:uIv1xShxiPSG033nKEP9mFPlKiw2KEKbM92btaQifZ8=,tag:7bizJh4mZUZEf0RwOi6txg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:bx2BxYUnX8LHaD79IrgF9Q==,iv:wdZdT/WW4rXwyau267XDK9gJ0GY2QS4Rvo4KHIkY5zo=,tag:fIQuCF2RcYvgwnb8KqQg+A==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:96RCTJqTYHpHgZO4WmR4oRbc1aOIGK2iBUqOPfKMg8Niwx0vYex+5oju6MwjDaE2VjuSvmIq77syVSh18PHMaai+kUvaqHyqp6+uALNW6OROiAc6CnUzAZLZE/InhmrRZ5JenFZQktQJILaz2ZcA343dBKeW78RpJvCuMiaHlQiCU+91EPE66XY8uekElJM0S0/tQ9cCdgEGKLDZXgHeoUfBkekWRJ+oytqfV8HRMrgr81WadBNJGFAH1pXYI2U89fRccedRXJ/3Y21VxKOEdBIfqof8Ej8mTF4z6pQMoRIJjgh18zHaBA2ZWoTYPO0CQCQ2pPu9s3QEBMVRsIX/b4VjZUcqquoVI0dDIPv04jVHg18Ox8nHq5VJI8rHvvtfLaNh9WX60RfW1vT0EdMn/v27XDzYpIvsKqKl5IEilq9ft6tg3QL5zFPLIX/IWoc20Stt28ZjjWeBrXWpQlndTiRw1MB3Z47dyFLUMJps/1/4HG06VBDg5MgVfXmycW52b4+O0KSRif00N/w2GyeL3bGdiXfRT7AiByRZe68UCY3DiofiQAjaz4SUCtLFvnymzww6CKNsqIo9PWdnVGhhwyc7bLeff3a5P2jN6yRZSYCT24DoT4Rsmt1RhNcmmn8ScMo0H36s4ZfeT9Zdn22WAus4lqLAUfu2UC3FujljoWJoqRT+4wf9qMn7iCdCq7eLiZo58mCF3K944a2tgAi84VfR2Eb5nOnVhR6agFxbA19VF8dz7lRhi0aET+GzFYapTU1z1IL/dO7nuQ1fGRXAb8CHsaAaCpqN6PqBKsueeZIZBYcXtAu8h+GPvzBw/TEqa08r+kog1EQX02nplnjWOX6AtbWozzoKaYwj/pZdSYk9wJ+oILg2bO46X9aTX9JQP3H7yKaZxaFoDFI5GI1CtK8ftIdK+Cx2gf+YRHc5CbLZDApU5Kia8v9cVldkt+vlnoLz7hBMSMpTz+u8NT+UMGfDHLyWEyGAZYeZM9adRzprSVnJlE0hMeDwWjTJAVo0/9itocDe/Zo5s3LLeMS60grT1Uq+S3lL3A0JO22cYO7GhoeIcM3UZgR2OGy7r8+oIS7bYqZeo0EiJD0YfdO+8TzrXrTp0wG8hrTBHgUvYzMcmWIZKIjWh6mFzdz4qrUBN1CIJiCkcRLVylsz/jKsENTstpn+domM37v4Mr+E+QIr0BUZMNwTmNP1JzWrQ2p4B0G5A8bs8ygzi1XhJFyuTQtRDkS/pyISBeyub0U9ws58g1KFxSp8w9QbRQt0qxwfNXM4tAo7zP5S1rQGxej8YO25PzBavU3VI95f/94abymsVUE8gwchGaFTFu05heNNjPdHVwBn6RTezMo7EXrRveto+D6quPLKlBsCr+TdB47GZMnAI1mJcWj0/7fPS/iW4hp5k5nE1FDn+VWXDaoVkDs5AmW5Aq8O0Worhdp7HkKG0ZM5Xs+E3uDtyrBYKSpAa7FFqDsdE0TRolRup8wCQ86KYRiTdIbYAiiFi4nMZpUvhr9IopTl5+t0Ka37+VciiTSKonxXS8ns+UGmZhLopB0Iiwq6wLmD3HuCFkttoAHfYgWj5vOdzbk6zL/94nzXwG9esTNzD5N5jCJ8s12PqhLEBYeNxBA3i+Vfn3nLIsKfYyQBVMTZ2pq4605f7qfOO6q7R/+RXdF+lhyY4jyAPmD8s5M3E/aF3/1Cs3Jj/mx5Xpjv4kw7Ne6/l+Ko1Td5k+NEnijx7/MoocUQAQks8dsVfDq1fEMQbvS8VPoFenn/jU2GNJai9SUgRTxy5OHjWRUiouROUEHtWgE8jPhU3BYsqxddy90hod9Tbl0MYw2CQjEhovbeZTRWKFqoscFQFv2I0p2wGKafz50B3xu7h/h1Dh8IMNleoOKR6LLhuhPfknpYZjuvfKGJmM1cxwbfIF3Ga6JPxc7xMooJHNXKwBzNj6z0clfpaHXVGjEaA8CChlRVH9HoeFrwFOnuxxz4ulrdCHcUDMu87OUNbsEB6XmdK5U/xgUhBeLMbCNRLZkh99ALlFtDONLxayAkHqL/KEYzfRiSoZ/E3FM1ZFL3l9Yxhno18KwHLyhzDaA/ViImW+MF/6A4eudr9Wwcmx77NNpXoRwHZU++Qe9vgRxtJzw4W1V/JIzr39RsPrKISntArx5M9IpN3SvHQB3yCI9ZQPgl7NstVNLg+23Iktxt1WgfLNZtMrxmABA9NGCSehwgntMSlhAQkvxP0kCBm+ICgSTKTJn+GjMkAXUfpaHacO8Ieff/KTGKGyNsBTPFlUqX6qG3FZ6pcCvEIUmXARXkLsFmxrCo324QC5+M7bzHSUnGWCwF6+E9hY+fOySDgSZEH9Y3KJPaPXgo5lBB3AyU8pVsGhHEvk7vztLROB/4sGbyRmJhkY1pC6Lm0H2niHcPEQyRX/b5hPxjBt5wDFRNmC6daM4b3HrehmXUVDyNo53HOyKy43BU0dBbEOR0UvmK9SZRqjOrp1h+Yz97n7IdKLe4WI9KPf5uWyvsLHL6AbaLnP/f9t3vSr2nnPoYp+eGny0j8ryJyux45dkO8o9OBM37FZcGPSaRYfdr2F2q1HBPLlcfiz4cu4Af5ANE9u3XtLnv7TpJYRaVgyiIAmGwHhb+i8sPuPQAUNHGTstqFaek8bTndKS8cbC4RxUI3S6aJl2BFumf5coXNzX5avkKSVIeF0CcAOAv6ChPxt8l03R6O1uitWUSmseLWJTliRkDlTaGmgXACCqDfE/r2wncH7G4JDybXUeXyM4K1IHxv5aDnf5LZ8oPd/KVN5jZVc5rzLYvZnQVyphU/S0CnkmL8ueVdbyDfC1fQ/MeSAiicXpZi1bP6lk3tW73Xev5k/qO+qzB3PQrdcG0PTGrXlHvzNCcCCmMA/oUG97+7X+f4cem5UIYblXnCUmlE8zETijvENj4NtwE8SvBS8ZpVgHsuohY14z9XdDmlzRQ0djkkTJoImF4OQPTpRXe/IVDdV7KTnwGDPdcACTUTJm+78kPYZXLDmBYmQsM70LA0aCk15J4fZGuTUZ+P2WAYtA2eKzmzZTpdKaPcPTWozVfj1/VolQ3SVF66Wd7F2p1H4xvKafdYWxio+PNkDot6/O63miV5Dj6eN52L0vPKtz3xEzn5NHJb0uoPGqaxP+UT1tTrbarGXR5c5mwayU1M2p/9tIh4fzBfQShOgeLW4ieWqjAK7V+xUHrEnQ6CC9iP/TCdW/6xaw9J1pUmKLUWcCT4ocU1p1hWCZZFrA1YpyFGhiZQIejm8AnS5QNBfMY7Pu7Pbq33e4VTkPVBIF3c/i8b4BOvAi6VdKzlLuU35wV+DfvzZ8IP9uJpN3xGFACSOx9uUjCZufWO8d/Klbhxj6N6ywTeA9y4MUwKG72mlJx0YlPEM8LL49efIzdLGa8SfyuTyFWFwItAG9tggVIPMIi1IxW6TbCz1yNOkseN3CdCOwMbi/wQ0aTLgBus/t4dnxpQPcyYyWkjCuQptI497EbdlC2/ta4wmCRXt5zddukwmd+8OEKb1cq0G5VrciQ3x9oqqRNOafFBdEXluEgbAsnvpuG+D2VBZjSpTtg8dBW3owL5iv1BakSpKA6Fs4qKjLuaF86zxnD1US1nbQz/VGzzhcNCF12A6XYAxKV/Bdt7Pas8OYdvrKwvnUzht9wFVJAXF6MOLtUKBbfKLCmt5vdHEWZIeUctdosazEXJaAhFxQrEtWoavXxbReK49PL/+WGP4dbv8yj2i2QOhuMRGPlxDs1QIP67s67aAt4Qs1nVQ6/S8JmE5GwGwQHgqkMx23gQd4kcChVaFER3zBqhEMKEMFNJmjWLliFmxAHR95JY5Y/2B6ZLDi+Hk7Ovp7qgUm/mXu3rHDpGIG7t/h0aKCmHMvB0oVpn1jj+RiMRK6KgCq0kqxmj1CtrHo7F88bvIC8DLcx5Aht7n0NanN/KEI6QPggIscubR1Y7jWzMkbLtologdeBT/KAX2Lnaq+talAVwEu7RYhPsxoUOrD39mhseAKlRHfjWnibRTjPJFrWvOx0c6c9gBZ3R4B7qdWqq1QHx+TDWNLPPb2OmL92PN+wsffyI7t6dmKTVvfZLGSJa8GCBv/3FO4MZECwzBvAMUKe3MdA7x0bOw1LUh7VpJ6lrDWVoGvCXOGMzFwO3bs3oDVdlhxdp8oNeDnzHZ8e6SbWwH5firqn1OEmocOIbQ0hBtM6qcadrlx/2FYszOvRc917HtRFJw1N5bBjm+ICF6QaLN2E4V5LCMueWUcnAd2C5mHEaj7IvS3X/xbmpVWiqneP5Fd6IFjoBR+CbEYvTaDLMI8zoRzcxPwPxZ41HR/s/MLzuGlVAbT3VsdLFvER1koQL5TSxrXW0iYwHFJqCaXOxN20fUp3A8ejEjT0O8MP+O+79GhPDCVa6zsEQCeabFmEYWU0ciwd2gAiG7rzNNIC6wWlKgq20UjDAXPPQqAP0/erZ/CO1NksHuastmRhaF63afUdPw5ZvSR9onvUlowATBev/brn,iv:sQ7LEBu1jYmvOnFSNuvbmyscbqVTe8/zsc13CaBmDX8=,tag:vg1Czp8VkfBz+FOs+8BA/g==,type:str] + known-hosts: ENC[AES256_GCM,data:Ogz6kn5ARlLOCxvchQR2wUcmLz5gButmBOv+7ZuUW/WBLsxAbyqj3Zs3AK65LhhdrYNUh6p8jMPD2KrNx9F+jjy6LRByyBKzZEryz5JwbcbXyhHyqbBguQcVtImhQhhdB0cYtpqncEsxWZu0xcS3/XYYsq0FR51soP2aW0my77BVkw7hZ8Mdn3602vayPV6I7jQ+GiafJxww6jKkC6rjYue03b/IHjQJM8RcczTKMGLs1LsHdMdsDId81SI77HNpvlLjS4Af2cvfss1QZ2l7s7ZWQ1vBYcHb7mALAaEOybrbe6qKXjWZl4NxVuQ2td9TQZ2d8cj4bLq0XXnOBWS5OnSa8fAC3MNjaQnnlSEa2ByEwIDFCdAEs6VGUrdHuObgXdtXO83kfyYGWc4Z0yfD3HOUc8spau2vHuPXzT9DeRRx5Kv/HQQzrgOdDE+uiASOJm5WE0I02aahQrqdL2mCQC5BFbufegf7ckhgF/7QCQyrFVF4l14ifilvO6A9uYgIJFebLMrBhbTg6Z4h9xbAlMTH6WJGCIKH9C01j31xAINa+TqnLgS+x9B9yHHNzwGqs3LJCMYUJxS02rGJMd3hzUzDHbRTkhqq3/pKxLFfTR3jupnsq3aIuP28K53+XlKzE/FX61bVYhd7f8gHSiu4MyQNVEinOKIG9uoABNxhKOfmJtgfXKSNsOvb4huer3xR7Ee7TqoLG07hi2xGQmOCDLwL1nOeUvuyCIjg640gOxtRMEQ=,iv:waXsceFW+3WkcSyU0CNJlyajICVDUhrwTsLFGu7TJ/A=,tag:nr9Pv30/DKMgBV3mJLlvKw==,type:str] + kibana: + namespace: ENC[AES256_GCM,data:a9oJM1gnWUCdjg==,iv:JVwYhGdz3KnOssVpmuYm1OCjHOgqIPIc136s39YEeTc=,tag:c6bvRP5dQ6bv1G/JXPWKQA==,type:str] + credentials: ENC[AES256_GCM,data:WLpn5Q==,iv:z3TXgpd0njd+Kd2EV9Utkbri85kRjc5XuBj6IZCQ0dc=,tag:NnyM1iSI5VV9BRrZ+5ZXbQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:g15ruw==,iv:jElPG+7i0fwQmMKSJQxt2drAyZX9LxsRyb9fti9hMgE=,tag:qYQhpt3ztgEoastsb/pW2w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:sy4oyg==,iv:iMQSphqMN8xITh6Sc+gyseTMZXNdSAsn/yZRAFGzVC8=,tag:7ZjL8DN8Q3n54A8D13nn3Q==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eDIMYA==,iv:gDu+qtfSUUK/lPobhbHIGJy9RIwGCLaDcL9ynNR9Yxg=,tag:7jIVSY5IJbu0f3JbYy9gsg==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:xP3A3gU0lLHc0KIzuw==,iv:hOfbfYyssdDpFrzscZeoXxIcGpOi8HFxkH3wLT05a4A=,tag:nKYsHZ+M6BECFg6xIuhGUw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:2o2ZAA==,iv:7L5oiPAW+Mg8kNh7c3d4OaaTH8DifNE0sxCsUnZ2E/0=,tag:aSyY1zJOBQ58hmEHnTJkOQ==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:TujdHQ==,iv:WumxaagLETIncJZc7qNMmy6RE5tVxlnJJIjgZghDPIM=,tag:9DRwpbkoveJetJikYZfQpQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:VD0DIw==,iv:nXA5Xk3+Ipbs0rJaQk2U2+Hu+ScvEaZwW2HO1lNbsBo=,tag:+rr3wTPuJWSZpIbzf6NQig==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:gTHBdw==,iv:NFEcGO7pmTWcp1a1MT4Rh2pXKdVxPB4DsormS9teEd8=,tag:k7S9i2buiUMmYEe8K6GqKw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:Uvl76w==,iv:FeEAn0TN85DsIdCKR8G9z1M0lEoSzSw18S7/FTZVv2k=,tag:N6d6aBnsfh+Ex4GDumkzPw==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:W893GnL9,iv:HnXjj4x10rawvgAaQCMxuQ5ODI/+6KEcWkoWymX5n1c=,tag:fs2XSVQ0iET6+gAS/rvhhw==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:oSO+gYpTvsVB37ZsveCjJZzjE54=,iv:e72hTHiHk/TopGorp6Ic4G2IHNn2i9Hx0NIaSBAHbHk=,tag:yH8X3Q45e6b1GVwuJ1+diQ==,type:str] + clientSecret: ENC[AES256_GCM,data:ZuMHDCn+fO4G0RqcL1FrjxVF3W51h2OiaqCZtmAlRTEY2BGmOnp4mg==,iv:F+LKRCNzCQjxp0VxpnpgfIhNleyWdn7Lvi0nR7xG+u8=,tag:vOc+R0OdpANl12RvcUIx6g==,type:str] + cookieSecret: ENC[AES256_GCM,data:6E/+7kOTwhKpJI1tY675voIm9FRU1sCv,iv:Mma+ILgL3iz6BczjGHggfBwY+FAfPb1ddg5g4L6QNZU=,tag:Sah+SIR18ouotL5XIp3IWA==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:NyY=,iv:UznPqViLo2WQtdfjb9x4ZeikfyScgJFuW0IR8oJSBts=,tag:VA7Ylc+Gmy3QBk2z2654BA==,type:str] + route: + receiver: ENC[AES256_GCM,data:G/vKE29k4jXX9u8hbZN+6sYvTA==,iv:2hHgfHr/9ih4mZOHG3sjxU2+deyEel6dMkiJNLnbcao=,tag:JZSeUcbg/yoZs1MUarP1xg==,type:str] + group_by: + - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] + match: + alertname: ENC[AES256_GCM,data:ajFoZp2FW1s=,iv:naL8WZhGKwwVr/3g88nC3d6AlvdfAZTVbzquP5GrvLo=,tag:aS6NMPlgVRDgYpQWotrwfw==,type:str] + group_wait: ENC[AES256_GCM,data:1JCH,iv:L+6dATlYrACJW3Vic0oRc7gSZj7Cmu0h5Pvdz0fUWpU=,tag:ZVzDZfnmFMb/0lGa06A3gQ==,type:str] + group_interval: ENC[AES256_GCM,data:b8Q=,iv:CMxaAvO9BjR8WvVqUMhsaMpffwEQj272nDccHRdkaCA=,tag:zoh5Ub7y8ZNWV1zKHXersg==,type:str] + repeat_interval: ENC[AES256_GCM,data:SMHx,iv:/WM5JgJkAuZgvDLrktMUYwlbRGq+FbrDp0+uJCtKCZM=,tag:xy1d/IKmTJJK5Y3oeQqyTg==,type:str] + receivers: + - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] + api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] + channel: ENC[AES256_GCM,data:04ngVfZj42VAUiUYLfPIbLKe,iv:dvaeNh7DRfjZBburqu5qKnQ83gx9tTWhWaVe4vhHyHs=,tag:G7jaKcHy7eFk73kYXn1WCg==,type:str] + username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] + title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] + text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] + templates: + - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c + created_at: '2022-09-28T09:15:01Z' + enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== + gcp_kms: [] + lastmodified: '2023-04-20T10:37:17Z' + mac: ENC[AES256_GCM,data:8Pswl91VPmvDG0tw0MleSlGo2iq4H10+4SZ0kZBD4szD+tkEJtiyDrvBSzfNv69jiIqpY6gyI2W9ulENwTZ6HOLqFV0ejNnpaeL9KCmeNhF1i9TvJyUQKdcLSuiIqR3GMpj2g1Utdv8NKOziYc32SoTYlbjH8JjZs8//XvvH+hE=,iv:KmAjxFkWL02WTT1NMKshiB08onoE9uAyZXJTPujy1cI=,tag:aVIZ7PEG+DGhgVTh1/Excw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/health-dev.yaml b/deploy-as-code/helm/environments/health-dev.yaml new file mode 100644 index 0000000000..35fdceb234 --- /dev/null +++ b/deploy-as-code/helm/environments/health-dev.yaml @@ -0,0 +1,868 @@ +global: + domain: health-dev.digit.org + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + data: + db-host: "health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com" ## Add db-host name eg: egov-demo.database.azure.com + db-name: "healthdev" ## Add db-name + db-url: "jdbc:postgresql://health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthdev" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "health-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://health-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "default" + s3-assets-bucket: "(pg-health-egov-assets|egov-health-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: "kafka-v2-infra.kafka-cluster:9092" + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: "Asia/Kolkata" + tracer-errors-provideexceptionindetails: "true" + egov-internal-microservice-user-uuid: fa0f820c-49df-46bb-8e62-8a0ec5d9af5e + + egov-service-host: + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: "http://dashboard-analytics.egov:8080/" + dashboard-ingest: "http://dashboard-ingest.egov:8080/" + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: "http://echallan-calculator.egov:8080/" + echallan-services: "http://echallan-services.egov:8080/" + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + health-registration-service: "http://health-registration-service:8080/" + health-delivery-service: "http://health-delivery-service:8080/" + project: "http://project:8080/" + product: "http://product:8080/" + household: "http://household:8080/" + individual: "http://individual:8080/" + stock: "http://stock:8080/" + facility: "http://facility:8080/" + service-request: "http://service-request:8080/" + + +#>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "https://s3.amazonaws.com" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{gz:{'application/gzip'},jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: health-egov-assets ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "default" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + +inbox: + service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' + #W&S index names + water-es-index : water-services + sewerage-es-index : sewerage-services + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + +egov-pg-service: + axis: true + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/health-campaign-mdms/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "health-campaign-mdms" + masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/data-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/format-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + db-url: "jdbc:postgresql://health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthdev" + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + metrics: #To collect the matrics data from nginx-ingress. + enabled: true + serviceMonitor: #To enable the service monitoring of nginx-ingress + enabled: true + service: + prometheusRule: + enabled: true + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "" + port: "" + sampler-type: "" + sampler-param: "" + sampling-strategies: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.0 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-04252ba788d687a32" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0999233fdb43fc001" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-09555d5b6f7474fd1" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +#kafka-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +#kafka-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" +# storage-size: "75Gi +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-0af907e3ec6b45dff" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0c8ed5253e66a3b99" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-08667160508016b62" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + # zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> + #zookeeper-v2: + # persistence: + # enabled: true + # azure: + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + + ## Zookeeper JVM Heap Option +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< +#zookeeper-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. + +# storage-size: 5Gi +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0471fb65377b31af3" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0d312161f24d7608d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0dcb03521a8befe8f" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + memory: "2Gi" + limits: + memory: "2Gi" +## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# +# esJavaOpts: "-Xmx1g -Xms1g" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-data-v1 SDC<<<<<<<<<<<<<<< +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. +# storage-size: 25Gi +# esJavaOpts: "-Xmx1g -Xms1g" +# storage-size: 25Gi +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-08afd24346fb136f5" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0c94e7b9cc22e555a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0986961f7968b5cd5" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# storage-size: 5Gi +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-devops,health-dev" + upstreams = [ "file:///dev/null" ] + +grafana: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/health-campaign-config" #REPLACE with your configs repo + branch: "DEV" #REPLACE with config repo branch name + dashboardsFolder: /work-dir/health-campaign-config/monitoring-dashboards diff --git a/deploy-as-code/helm/environments/health-qa-secrets.yaml b/deploy-as-code/helm/environments/health-qa-secrets.yaml new file mode 100644 index 0000000000..96089ab666 --- /dev/null +++ b/deploy-as-code/helm/environments/health-qa-secrets.yaml @@ -0,0 +1,114 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:yiHHeg6ttJbm95Afl0U=,iv:EDRRJtqdNxNLlgP6mJBP0B+4j8H5rhzIMGsXz93zcQg=,tag:Jsi+mapF6w7UTmThxY9N7w==,type:str] + password: ENC[AES256_GCM,data:txNHRnHu0nTIJWDIoWQ=,iv:7WdOBdU3z7iDjfDYytwPWwKyjDrcd0oQzhr31HhdfHY=,tag:8+OIIkGm+f+Zi8mkffHY0Q==,type:str] + flywayUsername: ENC[AES256_GCM,data:QU7cnoWbT1hImiG4rZQ=,iv:+guTJLnLe/byxzQnPbYaQZWO8gnnYLx6EZhrApUTmkE=,tag:Q7I6y/IJ5re1Slx4rJ2eKQ==,type:str] + flywayPassword: ENC[AES256_GCM,data:nBVwSEDgZR2BZCpAyYM=,iv:4Rt4m4pSkHBiGI9g8yhz526QhNTOfQR57faxUnuEcDw=,tag:/ITCwLlcxg7BhhBA6q+mmQ==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:g86c5A==,iv:VCXis/2M/2l/FIbUmn9H1iEWBp5sMAclU5pApJNBNDM=,tag:zaWq8sF7U3+HpwURkKHgoQ==,type:str] + password: ENC[AES256_GCM,data:eoAbEw==,iv:8xD4eu4A8aEmA9hRobniB4VKkQo0hxDY7SjHYH5HVc0=,tag:qibhazoHFZPVwwf5drdVQw==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:nfHNTFuCEdKexmq/X9l7ohHoWVI=,iv:0Ei1DeMHd8V+/H1jqT7WUvy3/hkZFXy338lYwME/LnE=,tag:nsa9qU2dLhfm8WJ069d1HA==,type:str] + aws-secret-key: ENC[AES256_GCM,data:8UTyYZyaZVMXAqdTVKc2/6gshRt6Sas+dYr2Bqva3ScDngP2wIyISA==,iv:4XX1GmN0wezM9iy3RNI0bsSpJCr969x5GLqnPZB/qiE=,tag:inRmtsSLcPJDy9aP2uEVHQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:BW7ohJEp8JzuJONLB5stYH4Pgg==,iv:xRuXcNUWe819/6EKsVZoy+okPgLaQH0F5lxIjW6pg7M=,tag:AnPwwRPQfthPkWMyaEcNaw==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:Sdwg8w==,iv:ebSPHaUQtLvY01z+jW5E+/rUFt8qhQrnnFDaNIlCHWQ=,tag:QSQmX6kUsVCE8alGma4gVw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:atreQA==,iv:WbQ5RpTDF2u8NFyEHDyn2x1m1TC1XcP9h+0aNfUSA1s=,tag:2Q/FTCia39qBSflAOWdetA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:BI/98Q==,iv:+Z7/tha8bMK2ajRPskrNj1ZXJMdgsc/JtaBDmO9G52Y=,tag:enYkP1B6EYiDZnzLf8WyBg==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:5XRuxg==,iv:kX3/d8oK+oAgbOjkoZKFAO2DvfmxEXUQfHgNwJnDzdI=,tag:/ay+qyiDpX4kPXi0cjbiCg==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:vWZEyw==,iv:Jw+WF0atcryXn9ixag+W4Wyu7cCNhMvP0k1TI0xjQFc=,tag:H+pUcQSpAQXT3ngaBfqgrA==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:tuDLGg==,iv:KrlFK/Ps5m9ylEUNjtter7YQzVFVKSs3LWaQkIFTd/Y=,tag:uw18fHlwI1YtnKZQMmdUwg==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:p8cBRw==,iv:Yj5oksVKBXufuyRtole9MBCfCfCjfHjnjawyT4tikmk=,tag:3hYctCSPt9Ol2MIPo92yng==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:iIGWwGQMfZCvLaNaXQ==,iv:Eym6d1IzQclGoxvU3gG2FFXipX7S3VuUDGFtYKHeWgY=,tag:ElFkgiR8dL0rYkPXH2uDoQ==,type:str] + admin-password: ENC[AES256_GCM,data:TtbN9Q==,iv:7tYD5YEM6zIBRxmZHNLaHBDGhRFOnTEjpeauXQUpXNE=,tag:3Blsj5bnb75AXXGXrBrlHg==,type:str] + read-email: ENC[AES256_GCM,data:jQlGpHFP/5RWh86kRg==,iv:nWuiLgUZTMSjUpuLAERQu1kL97kT80g8xamMVvBmAEw=,tag:cbwIv7ihpirSAicP64Cy9A==,type:str] + read-password: ENC[AES256_GCM,data:snpHwA==,iv:LsnbGoRjyc9f1CYFRqUiEBVzJ9Yf6Z9nhNRTPjWAFlo=,tag:aLRFY81jlQIwSJPxe1yX8g==,type:str] + master-password: ENC[AES256_GCM,data:6pod2g==,iv:Idu9fC92eOUB6IryfdV6eF8HEj0YZgtaTUccK84wIr4=,tag:skgYQh9Knoqiyfngye/33g==,type:str] + master-salt: ENC[AES256_GCM,data:ag/BBayg3QU=,iv:86rFTnjNmLkgkMMzE9NRQFSxK8dDMcOQDJTWIgnvOrQ=,tag:xCWwA3ReFElfrdSHu8bnOg==,type:str] + master-initialvector: ENC[AES256_GCM,data:iMR0jFtCzbWn+u63,iv:0o39xWvg6aMkor2CsipyzZTnLJLAMDunZG9OZyWmqHk=,tag:hkVziIHCNOARkYWyg17/yw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:LOydfyMt+5Kurw6Q0nxpnU/CC1o9Yd/GGBRtAg==,iv:GuPPW3cDkr1vdvPLD7P48DIK5Pkz8nNzk0cZU6s1l90=,tag:QlyDn2evcUianTbhxMSYrw==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:imm9r9EYEzIz+Syn9w/YQQ==,iv:ZdfIRsGumbyUAFuJi0InlET1aMjfz5TctN9ICG3htsY=,tag:ob7SiW3/gAulLtV/1nnZMg==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:qklzu/npeh2posrUKb95Vn/8PCWVxd9udEY7KAGiLjijZLos+ZyUGpLbHDU+m2qAWIbu61YP+PIkEsQB91htOP+okqzEXitzm2hIOdfXGLDGfCtQm/09RygD5DQvAFZQ9os1FfjYXQJRisdALYt6cOw9prAhzUKqtgWG0XADHlnpcYPeARCp0p2sQ1tuGAZwjsPFkpScEK7sSenjLcttxigGn/fucHNGtVe570Exvw52LT3PHK8wbh3GHH3QBsochn0efRjXjAoK5BRYGmCwGmKDXrMhfc4c5QtnmeoSfkHgB5fS+yDypIz/s11BcXUstomc51NZsQory+8pMIvGN7X2Hmtv0dLdaOagreygUu5I5eq6/CliVMdZk9MeMATKOhO1Ku+/loN+LxJU2tnOF6xOixPQt4JdvtajIrnuKbiHKkWzne393MYxcKFRwUNMKAXkFIPV2lapmjqCN/2n1voz0R6WtK+WHC8G1J8UbBRKQFu9LPryZwJE+sBRTSIMZiOTNwsrg3mF1ewNudi8SwLh0Pzay5XIVbcMO4g7VE6TBVbCjFFU0FxoQ5svtFbSnGWk01i21KHAVVVu4JPmGwmf04qrvQrnR3MoTAv5wQKx69Wc47Eew3Qpr5ACDWQBMbDSsZQdlWAhW0uURkrXaDs0Ocf1T5TSCVbXmbB0aO+1h6G+FwOcJNud+ZmJ83Y2qyHlka/lbUSr4KST2cy1+VTlD0aJ5VnfEW4FgJv9Lh4Mmb9vBuwni5M7hY6jz1jKnn0eSsQ1WxToWEkdUvodOb+5FJ84Qv+LrKn1wHNuGHrkV1QQXnNF96shxwjnVpTRRSnh0s0BEWoxB4ivQsAow+f5v6DDJKpDHZJd1Y2mPP2QFVxKytzKE7/4zQdh/J+l713eK7cMNNrBfW3zB8ih3ij+0qqEerZjhSfy6P/SIs/X9Svh/SJx0r/5t8Ws8DT7NK6UglIzyvWxyOUf2Ih4NnWCnh4WmAPKt1ZVQiT8rNWEweD4iQpChOykfLvk58lWJSEaAUPQP0pg5smRJv2KCo8dwi6M8X9NON0CTdfXk/Ouu4Ak62fao3bQibr9S9RfzNAdekz0OwcGwfQMZNDqHZkDP4lO2b/ZIGWB6zuHTmUq56mumDSYCecAP5LYJ5SsMLMHe9jsiT/5xjUlxFbBFXCr99OUEJZhsgmeWTYD6TYxl704BFV64Qw+PP/xrupOvyuzNrNEzFH97sLwhWEQNh12Sr9FQprWR3/rHcg6DcNGj12qIbUt/RCEJghxrZ6pk6leISzBi/dnmvHTA/FGYlimKOc2drACaP2D++FnKH0VVZWD2DGP/3HnWAZsJVioRNT4T+p6zvjrEnZM/ObNLsITEIBULMi9zUAz8pobVeXeymFWbs0ACtEYP4dZPzsW+k15ZOg/1KNHPDoHOT77MW5msecsmTObL2BLdl50aNJheXC+8TIJsMpQvj5klRW2dhlxEOXs9V4K85eMNBtuDaxf2pxzyelaYRmrT8ku4YssAjmQTHUL2/NRMPkEFM3dJRRdmCgjIaWr+wR328lO3jhp/3NrsoollSG8xxp3yvebgro1nPzz5lYol6rceJvE3h161cbTuIXDcTyHbWLuvvaV7wws9fuTCL+Am2MB9sedD4GGR1XL2xMbllAycR6a4TqLCdwyFypLKRQsVurX1BoiKWpJuN+2NPbCWyVZ87UPK9qP8Mqkh7amK3Sfa4+tx+34Dsk/G/656Q8g/SVM9L+4xwEWtD6MQJBI5u+HSQYMRFQ0tcHQA9uFl2E1XHjhpxNbXzM3ZmU9vu360yVMEdHERZp6FsPcASvLe6e71VjwAiEllqaE1U7J9SrLRYDBYyGRaCY2XcoBglv51ED7O8WnjSWNqgLeGfRCiLRA3RmUQmcB1YkRpqF71O9BNG9cEu9V/ZO5IJVm57bcjHrIufTWk+uwp8bveuta0tsLqL0/v+Wihg9YFdfA/p8zOaj7pqNaghQz5yPiis+7vOaM1KdAHTBDQkVdzS8SHLsJ9N/XHrmUDFaf4Htu6DPajQ5bSCCulPUThfs99RqJWZHIC9l5/bNoVyOSAhZgvUS85AKn+BdlzL5UJh2Hi8Sxb1S+8jV2YcKWdUnLG6s3GVlg8NylkhLru6wIGHkQtdwpFFE64t+CAuwTR31uurIC1qpsoMwDDp9Co3CBz6xhHeTnjl89OSpc5cu1PIHMakwuRSvOasOOqO3Oh4Unhw==,iv:xH+vNckrmh8yjmtK4Xh8pzY803YrWBIrDMQtqG87fWk=,tag:1nhBioidf0jbjiwnxCAgcw==,type:str] + known-hosts: ENC[AES256_GCM,data:Q8WSvL/wGIhjvDVAUnM19DS1fmBLFOiDmSeZvftt9syl2IJaALLhPo/OwdM2EJgVR7DRKaPpQRG6nrm/HMVaP4DJ6sJ+tqhohb4zMMVsg995ajiE8uXAcnTUFVmkfCocdC+mbR9JbrICqPCQO0zqs4mK2Cu/1M/a5o0S5/i+izsNe6X8w+jgNcDBEPoakzfuqQ/EjvQ+uXH7qlyOVO+NmA3sUWUOV2nqBEgNrU3fabusO52nifHeDulZLcS4uN3kAloBcO+K0lEG2+sXPfFwyNXGXaYvRILrHj4y8r0dDv7XbEqWG+anekTOSDkMpBpOrxq2IFfEXlSlYBxnNm+3o0ci2LhXnE1GuMzXBlIRJnVLyCNYHhaGPwhjxltsMa78tow6E3UAzB2HPkeVIMxmGQEMwvpBfBNGZUr+1Q7rlLAK3TYlG7MhuW7RkFWkjl1fPyUVc/liXxNWHpe4D/RCr/Tm+2b9apL0BHFTlWwJsj/DGV/3ZjlYEWhbr35UNiOYzixyYD6PTqEqA4qBxrByxrtv6T82RB/N2ihXK/f6GDi5F7GR9IlFNVg2dI1ELHmtFPAlDOhDezJS1zkIoNZoOY1wGOaWLYTq+590dnNbfambn7wpIRXffdaEmrhMfOZ/xTnWOViYV6zipcT5m4xYB1NS/cMJDKR5wfUY/NF2ktGsNAzVyWgvOApecthKJPTyPbUySNWw98gt2dzXzmZnH+umr8N78ifEGBPiUEXJ9qCuMeg=,iv:TYiJsEks2hCqJvV++hUASY2nKT31coLn5u0BkQTGVUI=,tag:7PungasLEKA1iuOC+9nxQw==,type:str] + kibana: + namespace: ENC[AES256_GCM,data:aXl0M/IDRastkw==,iv:NuWKpaX6WR41ZBomSERB9x6wa/z7InT9b93V4bDypL4=,tag:ok2WOSp5lLyFKLbIgC2G2w==,type:str] + credentials: ENC[AES256_GCM,data:AHc50g==,iv:emJsA/koUyHB+iR+1EjjsxPyo3LFHos+A29JM0oayK8=,tag:DEkAF3SlVRDCj+aSo3IqEA==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:8T+AyA==,iv:tjnIlQ6EPVL8C/iAHu5TMgRjlK47gOT9vONkXAUHaIc=,tag:Xnw7dpLj8ivMJKcj13avKg==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ZyNbFQ==,iv:8/1BfFgWWRuXabr+isFcWV6EGhHDxbMhpEttEcwF4iI=,tag:t/XTRWNvi0LBtFitKFQFRw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:2Wqg9Q==,iv:AE9LqlEciONd9aQCtWm8Ip8WzdcJ9ztZBHG1Hg/kknQ=,tag:M9xUOG+ZmrTEBvX+cn7SCg==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:Yn8JueYZaQJQFlku7A==,iv:miVYsweuUieW04X/vQoNj52zq5I48I7sllU7AjMBhUI=,tag:IgVUyqaDW1YinbXWzShypQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:Zu9W6Q==,iv:azvLnWHGh+AmhbUtfd8ZcMbeeE1qJ1o2jo6W6s1Vg/4=,tag:lYd8xigGj5to/GOnhaU5dg==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:X640/Q==,iv:rsEjpI4JUTwt+wSlHDW7xnp9x5yhljf+8Y3IKD3qDek=,tag:z5SdL9GiBQyjdzeWsjinQw==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xq8MRQ==,iv:Plf2V01njc7HokycpUKEpV+CebkV2kwAGWATaqC0bW0=,tag:x+E10lOTxC5gq+ZGRpFNdw==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:B902ig==,iv:BTmgzSV7u340AvYn2fXK4xKmV3WBD4eS1yf28/uTdoY=,tag:n6f39AWEi8JBJdVGnufMkw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:xy2HKg==,iv:AlBZltIKoRi2gOXv3nnohQqj6qvhb7zJfrlcoM1a8kI=,tag:XWqdYBYcrAgtZgCZNBKFEw==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:pRT7Do0n,iv:23EeO0HHiVCCYwTVjJc7OgihBhsA973ZcUdMAR9hdkU=,tag:3KUd8qxM3agGRdWq2rVCZQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:SAEuDowdYClliRdrogIqiHVKRfY=,iv:Ywsct9F65qSWmuHm24uu3OXa1CP/XHU/NF7gbLMC6uw=,tag:sc/XjHzvbsWc2ZHnivvYsw==,type:str] + clientSecret: ENC[AES256_GCM,data:JJ4r311eve3SVSjbyQ17MLWGNH8EcIK2jDKEpt5O9OvJ4RlKIHPx0Q==,iv:pISCgA6RX0a2i0+8B3kIhvWl1r06QppvU+K1lppVOPA=,tag:zo38NXDrsEQK5kViIMjkfw==,type:str] + cookieSecret: ENC[AES256_GCM,data:mamqwic8IGDS2WIZAZgqDUPEkz8B5kPO,iv:uYxqXqFuoe7RiNBkyQZBTqejwToH6L0bmbxGHBPEn1w=,tag:tEQZ+nI1D1gCXS1sXiBUaQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:Wm4=,iv:u7+4iLSDHdwqJLFf/zBPV3cEkKyz1S7N41o3OoHykTs=,tag:olEY3fT2C3v28+xmtDI9Bg==,type:str] + route: + receiver: ENC[AES256_GCM,data:SmIYloLZ8j6boYiHxGcFblsQ4Q==,iv:tOoavgNtqO8OoevmziJ2Ngmxu0beRo0cTGSq2YxyvRc=,tag:b0yPSpRMJhNCDTvajEUInQ==,type:str] + group_by: + - ENC[AES256_GCM,data:JuEe9DkXCOyF,iv:Ss7sFJRZnI+rqia3U2nMLAAXunkQtFkGPoyVorrsnGs=,tag:Xp5601rgG6z9k+dhHerfGQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:xARhHtSYFedoOGByCEeBxhomFQ==,iv:cqW2AmN2t2YYlj+onKA96XLhScu8/T6GriG2n7QbE5Q=,tag:zieKMTOK+LND3OHev2VJ1g==,type:str] + match: + alertname: ENC[AES256_GCM,data:Hc6K44D8k2o=,iv:JnZxrs4ISFbBiPw01zmfqwvdCPAo0QeL1euhp7kq4nA=,tag:cSNmTpockLlPA4phv2venw==,type:str] + group_wait: ENC[AES256_GCM,data:S8wm,iv:+zyB3O/nikXnLp58pqwCFnP53bB43ZNa8YrB0GDht4k=,tag:lhKjYocqjHP6IP3wSEAXoQ==,type:str] + group_interval: ENC[AES256_GCM,data:Z+4=,iv:bSZdsNoHsXTDFX3vUfz7t8JAo3D9ms6CrA3ncqYLcpQ=,tag:zZsS47WTrW1nHqFRoBU5+Q==,type:str] + repeat_interval: ENC[AES256_GCM,data:p882,iv:j9ErmLS89HyRuTjCNSCzKRajImjHfI59hsARbekUq48=,tag:raouKCK+TOboXhytMJMqUw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:D/vsVidBOpqXYZqSAMAHuFj1sA==,iv:r9IldAL9X7BSEg2LNas4jf+fjZArDxor1xJ9IBlZYDA=,tag:JltOtHSvWVq9G2udPgyXIg==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:U49U8Q==,iv:IfJqafAloArT7Vta8mX2OIVoK9KFhP7xQEBsRjHg3Rc=,tag:MraL8w7S43TVy2Aa74iuRQ==,type:bool] + api_url: ENC[AES256_GCM,data:8P2IiDWzCKRKqWsYAehiIfiheXLxQJiOnSnzaon1gkP9D7FXozStWyEuXBmaCra6QsIS+6jn5RqyzbMWFZ44lFupSHq7Tv7BxGQtlLE6aQ==,iv:TtjtgtSuu3upzNTZ0pGJYFapwvTr+G7WIYCVAaAMX9E=,tag:LObDWtOLSTtPxhi88CG0jQ==,type:str] + channel: ENC[AES256_GCM,data:LqmIYP8/VL2A2qZgBPAp6CE=,iv:hnMBGswQoeWXiOYbjq0oJVKdyUMFoNP6XXK0DID0MLQ=,tag:5C1rGbBtnKbGhP2HrM23cw==,type:str] + username: ENC[AES256_GCM,data:rMo0Ewspe5SMBqAI,iv:yaLJUusyNdp6Xv7kG8pFqe4edtowAR0NCK93fAYi3jY=,tag:M+1htAtjBEgJdKoYYtLPkg==,type:str] + title: ENC[AES256_GCM,data:frVxReXCbRZ1QCXvS5e2Q2ArId/M+yJp1FeiPgZ6q/WAvqqCPtU=,iv:UXW+4tQE7rzPI68WXFmXp/cupksJdVv9UNYvWIJIg4M=,tag:aCzQJpAyYYI4MedS3U+sDA==,type:str] + text: ENC[AES256_GCM,data:MOlIIk7/gD70F37wWa5mugk+SANchj/9Z1HHPxio2vAazhQAHw==,iv:iMkuc0QQd8SHwJ5ZqphxUO1zunuhdemDSetYfKncA+c=,tag:8LZE03RmjvHBJjBNC4Vk8A==,type:str] + templates: + - ENC[AES256_GCM,data:FZeDssq222VIuaF7Z2/R0qw6nF8bmvkznv9ptOnODnDGclviwH+D8xWaD4ej+/9+rx3iW/7BU1pQqq0ExAoEZ1xpTdVhNPM=,iv:upoM26wxue4XAaDiOTCEEKnkIkzW65pVJ22XF0vk8q0=,tag:sSvsZNDCR8IjJ5qPBcLWxw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c + created_at: "2023-01-12T06:19:42Z" + enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQH7m56lL8Jh3uGaZgbTl5jfAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0CwDMOpfXWfIsrsEAgEQgDs3fZLjg4rCpjn0jOcYVOjsQuq9YCGfhpZQYKNpBHZf1wxrwFMIPKepF5i2FrwHvhrgicy+P8354qRWjA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-05-12T10:52:29Z" + mac: ENC[AES256_GCM,data:TE+zHGs+xMuRGP7ilF7x+n+yhulXzC26Jwej1mzbKTPCVDkbvF/nzshcpkAnUluHbRzw98B5kONqpVT8M5SCOUbuXyxoM/cTHtEgkHxvXxpzbplRMXhGO8jlFdhj0mH3Wf30OfdS0pxDUvyQSTI7g0W2lVZoSHuaz2wgFNnGjl4=,iv:EmJ98RNqHimTdkc3uGbqc+IKzAMD4cNt3Grq47aHfqQ=,tag:lvV//UejgJLMnYBE4B/KlQ==,type:str] + pgp: + - created_at: "2023-01-12T06:19:42Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf+P79MIi6iHOlaK537vo2yoK3Or534UulSBy61pAvOWdWi + iGkmva8pLHMdJQmiWw9MIgNTFhMOWs7xdTjJi9afr4fQ6LijvQQ8gLJdxgJeqRlI + f9uEtBTjPQMhmp68hbZIKmWWsxIb22mFGBpE0KlZoWJTbNxy9ET/Lb3QKcTCkM0S + Tc9M7phWX9uIZhcb9ZO7EC3BiWpw3jMQ9gj/tY6ykuAi2DYnFylFgOvDgB5OTnCk + xgfIVkT51+Cb7zF7cjZk3CMCQ3tEISUgr1ICfbUpUQftGGmmc3pOvxAJe55p8+Xf + 3BtfTkyPswQkyMjDzVHcd+OEjEUvcCSz94MO/ez1D9JeAeIpNDP7Ur9VEMyWlGx+ + omUIVGToLsFvyj1w9TKQwKBcAkHQADmoOnYQO71B1iS5DY2Pz0EubGAlUEZC8W4Q + C7oaMHN2Bjqd7yyBGDKaqo3twalFjylzgo30krS3Mg== + =EtBq + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/health-qa.yaml b/deploy-as-code/helm/environments/health-qa.yaml new file mode 100644 index 0000000000..ddda8676dd --- /dev/null +++ b/deploy-as-code/helm/environments/health-qa.yaml @@ -0,0 +1,862 @@ +global: + domain: health-qa.digit.org + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + data: + db-host: "health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com" + db-name: "healthqa" + db-url: "jdbc:postgresql://health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthqa" + domain: "health-qa.digit.org" + egov-services-fqdn-name: "https://health-qa.digit.org/" + + egov-state-level-tenant-id: "default" + s3-assets-bucket: "(pg-health-egov-assets|egov-health-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: "kafka-v2-infra.kafka-cluster:9092" + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: "Asia/Kolkata" + tracer-errors-provideexceptionindetails: "true" + + egov-service-host: + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: "http://dashboard-analytics.egov:8080/" + dashboard-ingest: "http://dashboard-ingest.egov:8080/" + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: "http://echallan-calculator.egov:8080/" + echallan-services: "http://echallan-services.egov:8080/" + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + project: "http://project:8080/" + product: "http://product:8080/" + household: "http://household:8080/" + individual: "http://individual:8080/" + stock: "http://stock:8080/" + facility: "http://facility:8080/" + service-request: "http://service-request:8080/" + +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: pb-health-egov-assets + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "default" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + +inbox: + service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' + #W&S index names + water-es-index : water-services + sewerage-es-index : sewerage-services + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + +egov-pg-service: + axis: true +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/health-campaign-mdms/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "health-campaign-mdms" + masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "QA" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/data-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/format-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + db-url: "jdbc:postgresql://health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthqa" + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + metrics: #To collect the matrics data from nginx-ingress. + enabled: true + serviceMonitor: #To enable the service monitoring of nginx-ingress + enabled: true + service: + prometheusRule: + enabled: true + + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "" + port: "" + sampler-type: "" + sampler-param: "" + sampling-strategies: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.0 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-08be2c6aabcfb732f" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-088f0666498c8a38d" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0f317e2eb92cb44e5" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +#kafka-v2: +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +#kafka-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. +# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" +# storage-size: "75Gi +# heapOptions: "-Xms704M -Xmx704M" +# memory_limits: 1408Mi +# lingerMs: "250" +# numberPartitions: "3" +# replicationFactor: "2" +# minInsyncReplicas: "1" +# offsetsReplicationFactor: "3" + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-08201b8155c34f108" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0f406d2f33a4b056c" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0dd3faa7c6bf8fdcb" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + # zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> + #zookeeper-v2: + # persistence: + # enabled: true + # azure: + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + # - diskName: "diskName" ## add diskName + # diskURI: ## Azure diskURI + + ## Zookeeper JVM Heap Option +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< +#zookeeper-v2: +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. + +# storage-size: 5Gi +# heapOptions: "-Xms256M -Xmx256M" +# resources: +# limits: +# cpu: 300m +# memory: 384Mi +# requests: +# cpu: 300m +# memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0444670b30ef7bf2e" + zone: ap-south-1b + - volumeId: "vol-0b1ca661d2e945093" + zone: ap-south-1b + - volumeId: "vol-0a42f9bfadef8f511" + zone: ap-south-1b + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + memory: "2Gi" + limits: + memory: "2Gi" +## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# +# esJavaOpts: "-Xmx1g -Xms1g" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-data-v1 SDC<<<<<<<<<<<<<<< +#elasticsearch-data-v1: +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. +# storage-size: 25Gi +# esJavaOpts: "-Xmx1g -Xms1g" +# storage-size: 25Gi +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-041c746213d8a27d4" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-0abb5d61fd6246938" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-06c016ff026344d7a" + zone: ap-south-1b ## add your respective zone eg. ap-south-1b + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# azure: +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI +# - diskName: "diskName" ## add diskName +# diskURI: ## Azure diskURI + +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< +#elasticsearch-master-v1: +# replicas: 3 +# image: +# tag: 6.6.2 +# persistence: +# enabled: true +# iscsi: +# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. +# iqn: +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. +# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. +# storage-size: 5Gi +# esJavaOpts: "-Xmx448m -Xms448m" +# resources: +# requests: +# memory: "896Mi" +# limits: +# memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-devops,health-dev" + upstreams = [ "file:///dev/null" ] + +grafana: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/health-campaign-config" #REPLACE with your configs repo + branch: "DEV" #REPLACE with config repo branch name + dashboardsFolder: /work-dir/health-campaign-config/monitoring-dashboards diff --git a/deploy-as-code/helm/environments/works-dev-secrets.yaml b/deploy-as-code/helm/environments/works-dev-secrets.yaml new file mode 100644 index 0000000000..1389c19568 --- /dev/null +++ b/deploy-as-code/helm/environments/works-dev-secrets.yaml @@ -0,0 +1,125 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ufcHeQl9et3fD68=,iv:MkZAe9JE9352L6ENwOy3hEPMVDBBObvypnPKZsUABP4=,tag:9ggPsfbWktLi45DxOmPhaA==,type:str] + password: ENC[AES256_GCM,data:dY+uHddQUgc=,iv:hPzHbmTT7HMG5nUwBpEQymVkTPMWmiPSq0cPyHdXGb0=,tag:ZXBcJx7YkO54kY5GC+4TRg==,type:str] + flywayUsername: ENC[AES256_GCM,data:gZR1O1+vHC8ClUw=,iv:FJJZ0vz/SvhTGxyV2Deb/OBWS58rK6kMZaYpS3VTNa4=,tag:cEMJT+e9kCAxfRz1YEPeRQ==,type:str] + flywayPassword: ENC[AES256_GCM,data:A/xgH7lHEZI=,iv:2Mx+iJmVCKupu6hTORbth5Oge+7v63ZtXZ2tQuWIMCU=,tag:C+Q6H/OxVA/ddgSjyuh2gA==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] + secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] + password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:2/iAHgvDaL/jkoso2bGvK2lBmqA=,iv:d1RfEofx1DvEKBgmEfXSi2Uc0oxC+JViA1cDHzTlH+I=,tag:rkovGCDAN0QlOfB7dfsQoA==,type:str] + aws-secret-key: ENC[AES256_GCM,data:0qOBRRosTaEn8FsH1sGAVRvh8aOVUXF5Za++lOPcGvEcrd6Dlcfvvg==,iv:Tm141HWjeOa37TNnGi1jUsVgzHqugVdX68hTYCKaedI=,tag:mI2XzAcF3PNTxUOsuZhU5Q==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] + admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] + read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] + read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:zIZF3uLtJIfXDw==,iv:vQESE+sjUTQrIRIjsYadLAboraj69JmTI3MHIsnTya4=,tag:6sUPwMjMJkBEVPTTkonFOQ==,type:str] + master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] + master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] + egov-wordpress-portal: + db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] + db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:F1pTK0ZEuqxPNnfPzRxrkD6ckyX3kSl5/oNmYBoDj62A,iv:wcFqE3qIV1zHDJ4WWDlpJzQzbfI7Wk5xbtkzsRm3jRs=,tag:oeZWSZrJB4msjn7vnsuczw==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] + wordpress: + wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] + mysql: + mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:GpE1XVfn44LKjg2jk22dzgNoJA8=,iv:WtW76me9aqMk4JMmoC5d8T7gqZEOl5UXmV3f8Msyeyc=,tag:vc/SGitPaGGwc9r8+gc2ew==,type:str] + clientSecret: ENC[AES256_GCM,data:NQ3oRJMI6XQ3qCh93OYIVxxcX+ICtGt7jjLZdBirp6VtsBWuqTAhGQ==,iv:VFvSFnDxPAXlXZo0VsNq/Y0EYULHp9n6+VRA29Xipuo=,tag:v/nLIHS4Ee8pt2A7sbJV1Q==,type:str] + cookieSecret: ENC[AES256_GCM,data:UXn1+wvvuGN1qY1vJYZw7MxvXx6eiQIkrhJPlKxLN4XtxRXrp70l8+3UKA==,iv:QX/yKh16Pnb6C0XnatJwrW+8bfas7Ifl1G5/mIam6p8=,tag:Jov5WAX3E0EdbbGTShCQZQ==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] + route: + receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] + group_by: + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: + alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] + group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] + group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] + repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] + receivers: + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + templates: + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] + known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2020-11-10T06:48:05Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-03-24T12:10:14Z" + mac: ENC[AES256_GCM,data:kRXHQE3uQ8EitDU2Ilw6X6p4D1OmrpuRuLEe2dmHuyxn34+o6XfA3+0ntTWYl2+MNeYkNNguOysCA9j9sL1xJDrKruvmQlT7fuAcQh0QDMIcwl5V2Q+h8gAXWCX/c2eU/3gzpyRE4XAj1q3A0FY+gpdLZK2nxQpd3+HPpkXXKnc=,iv:1vV6oLbN38wkjuy7AMi7xA8/yyD+I9KOe9AjNi9AHaY=,tag:0Wx4diAoWbUMEKxTZ/o+2A==,type:str] + pgp: + - created_at: "2020-11-10T06:48:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv + lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ + gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ + Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t + PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF + 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS + ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S + q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== + =msen + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/works-dev.yaml b/deploy-as-code/helm/environments/works-dev.yaml new file mode 100644 index 0000000000..3fbaf2178c --- /dev/null +++ b/deploy-as-code/helm/environments/works-dev.yaml @@ -0,0 +1,744 @@ +global: + domain: works-dev.digit.org + tracing-enabled: true + +cluster-configs: + namespaces: + create: false + values: + [ + backbone, + cert-manager, + egov, + works, + es-cluster, + kafka-cluster, + logging, + monitoring, + playground, + zookeeper-cluster, + ] + + rbac: + - role: user + namespaces: [egov, works, playground, kafka-cluster] + - role: admin + namespaces: [playground] + + root-ingress: + cert-issuer: letsencrypt-prod + namespace: works + appRoot: works-ui + serviceName: works-ui + + configmaps: + egov-config: + namespace: [ egov , works ] + data: + db-host: "postgres.egov" + db-name: "works_dev_db" + db-url: "jdbc:postgresql://postgres.egov:5432/works_dev_db" + domain: "works-dev.digit.org" + egov-services-fqdn-name: "https://works-dev.digit.org/" + egov-state-level-tenant-id: "pg" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" + logging-level-jdbc: "debug" + mobile-validation-workaround: "true" + s3-assets-bucket: "(pg-egov-assets|works-dev-asset)" + serializers-timezone-in-ist: "true" + server-tomcat-max-threads: "10" + server-tomcat-max-connections: "500" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + tracer-errors-provideexceptionindetails: "true" + timezone: "Asia/Kolkata" + es-infra-host: elasticsearch-data-v1.es-cluster + db-ssl: "false" + state-level-tenant-id: "pg" + + egov-service-host: + namespace: [ egov , works ] + data: + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + + attendance-service: "http://attendance.works:8080/" + contract-service: "http://contracts.works:8080/" + muster-roll-service: "http://muster-roll.works:8080/" + project-management-system: "http://project.works:8080/" + estimate-service: "http://estimates.works:8080/" + organisation: "http://organisation.works:8080/" + bankaccounts: "http://bankaccounts.works:8080/" + expense-calculator: "http://expense-calculator.works:8080/" + expense: "http://expense.works:8080/" + works-management-service: "http://works-management-service.works:8080/" + individual: "http://individual.works:8080/" + works-pdf: "http://works-pdf.works:8080/" + + audit-service: "http://audit-service.egov:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-otp: "http://egov-otp:8080/" + minio-url: "http://minio.backbone:9000/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + loi-service: "http://loi-service.works:8080/" + location: "http://location:8080/" + pdf-service: "http://pdf-service.egov:8080/" + user-otp: "http://user-otp:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening.egov:8080/" + inbox: "http://inbox.egov:8080/" + +#########---Works---######### + +estimate-service: + tracing-enabled: true + java-enable-debug: true + estimate-default-limit: 100 + estimate-search-max-limit: 200 + estimate-workflow-business-service: "ESTIMATE" + +loi-service: + tracing-enabled: true + workflow.loi.business.service.name: "loi-approval-4" + +attendance-service: + tracing-enabled: true + java-enable-debug: true + attendance-register-default-offset: 0 + attendance-register-default-limit: 10 + attendance-register-search-max-limit: 100 + attendance-individual-service-integration-required: false + attendance-staff-service-integration-required: false + attendance-document-id-verification-required: false + attendance-register-open-search-enabled-roles: "SUPERUSER" + +contract-service: + tracing-enabled: true + java-enable-debug: true + contract-default-offset: 0 + contract-default-limit: 10 + contract-search-max-limit: 50 + works-contract-service-code: "WORKS-CONTRACT" + contract-workflow-business-service: "CONTRACT" + contract-workflow-module-name: "contract-service" + contract-cbo-url-host : "https://works-dev.digit.org" + contract-cbo-url-endpoint : "/works-shg-app" + +# project-management-system: +# tracing-enabled: true +# java-enable-debug: true +# project-default-offset: 0 +# project-default-limit: 100 +# project-search-max-limit: 200 +# project-mdms-module: "works" +# egov-location-hierarchy-type: "ADMIN" + +project: + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + project-mdms-module: "works" + egov-location-hierarchy-type: "ADMIN" + +muster-roll-service: + tracing-enabled: true + java-enable-debug: true + musterroll-default-offset: 0 + musterroll-default-limit: 100 + musterroll-search-max-limit: 200 + musterroll-workflow-business-service: "MR" + works-attendance-log-search-endpoint: "attendance/log/v1/_search" + works-attendance-register-search-endpoint: "attendance/v1/_search" + works-attendance-register-search-limit: 100 + muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" + works-individual-search-endpoint: "individual/v1/_search" + works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" + works-contract-service-code: "WORKS-CONTRACT" + notification-sms-enabled: "true" + +organisation: + tracing-enabled: true + java-enable-debug: true + org-default-limit: 100 + org-search-max-limit: 200 + egov-location-hierarchy-type: "ADMIN" + works-cbo-url-host: "https:/works-dev.digit.org" + works-cbo-url-endpoint: "/works-shg-app" + +bankaccounts: + tracing-enabled: true + java-enable-debug: true + bank-account-default-limit: 100 + bank-account-search-max-limit: 200 + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + +works-management-service: + tracing-enabled: true + java-enable-debug: true + + + +expense-calculator: + tracing-enabled: true + java-enable-debug: true + +expenses-billing: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + bill-kafka-topic: "bill" + +expense: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" + +works-inbox-service: + java-enable-debug: true + tracing-enabled: true + +#########---core-services---######### + +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/contract-service-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + +egov-mdms-service: + mdms-path: "/work-dir/works-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-mdms-data" + branch: "DEV" + mdms-folder: "works-mdms-data" + java-args: -Dspring.profiles.active=monitoring + masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" + +egov-filestore: + is-s3-enabled: "true" + fixed-bucketname: "works-dev-filestore" + minio-enabled: false + aws.s3.url : "https://s3.amazonaws.com" + is-bucket-fixed: "true" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + +egov-user: + replicas: "1" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + state-level-tenant-id: "pg" + java-enable-debug: true + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-persister: + persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "true" + wf-max-limit: "10000" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + java-enable-debug: true + heap: "-Xmx192m -Xms192m" + employee-applink: "https://works-dev.digit.org/works-ui/employee/user/login" + +egov-notification-sms: + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +zuul: + replicas: 2 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" + egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" + eventlog-enabled: "true" + eventlog-topic: "zuul-event-log" + eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +########################################## + +egov-url-shortening: + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + egov-url-shorten-hashid-salt: "randomsalt" + egov-url-shorten-hashid-min-length: "5" +# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egov-common-workflows: + db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" + + +egov-workflow: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +pdf-service: + replicas: 1 + memory_limits: 1.5Gi + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" + format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" + +egov-searcher: + search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + + +# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-user-chatbot: + egov-state-level-tenant-id: "pg" + +works-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +works-shg-app: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + +dashboard-ingest: + topic-incoming-collection: "dss-collection-update" + es-index-name: "dss-collection_v2" + es-push-direct: "true" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + + +nginx-ingress: + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + #metrics: + enabled: true + serviceMonitor: + enabled: true + service: + prometheusRule: + enabled: true + +cert-manager: + email: "devops-team@egov.org.in" + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov + + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + tracing-enabled: "true" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + spring-datasource-tomcat-max-active: 5 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +inbox: + service-map : '{}' + bs-service-map : '{}' +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-config: + data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "es-client.es-cluster" + es-port: "9200" + + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +minio: + mode: distributed + persistence: + enabled: true + aws: + - volumeId: "vol-0393fa1f3c5cd57e7" + zone: ap-south-1a + - volumeId: "vol-0a90fced10336cf2d" + zone: ap-south-1a + - volumeId: "vol-052f5b02391cf572e" + zone: ap-south-1a + - volumeId: "vol-024b629a7e1a01ec7" + zone: ap-south-1a + +postgres: + persistence: + enabled: true + dataDirSize: 30Gi + aws: + volumeId: "vol-0dae5eae2cb06009c" + postgresDatabase: works_dev_db + +kafka-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-0ada98badba828121" + zone: ap-south-1a + - volumeId: "vol-06f14a402f6a4e393" + zone: ap-south-1a + - volumeId: "vol-06aa546865f96bf9d" + zone: ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-0b04da159ca5cb333" + zone: ap-south-1a + - volumeId: "vol-0e953ab20516b6874" + zone: ap-south-1a + - volumeId: "vol-026ac89a9ba812586" + zone: ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-03fdd115ece13fcf6" + zone: ap-south-1a + - volumeId: "vol-03fa12d6acf3ee6e6" + zone: ap-south-1a + - volumeId: "vol-0ee45d588c0950dd6" + zone: ap-south-1a + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + # cpu: "1000m" + memory: "2Gi" + limits: + # cpu: "1000m" + memory: "2Gi" + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-03fc47da18c414fee" + zone: ap-south-1a + - volumeId: "vol-0743bade66fe9a18c" + zone: ap-south-1a + - volumeId: "vol-07675366adde7b23e" + zone: ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +es-curator-infra: + namespace: es-cluster + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluentd: + images: + - egovio/fluentd:v0.1.9 + target_env: qa + +delete-old-logs-in-es: + images: + - egovio/elasticsearch-curator-5-0-2:0.0.2 + days: 1 + schedule: "0 12 * * *" + target_env: qa + +logrotate: + images: + - egovio/logrotate:0.1 + logrotate-interval: daily +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.0 + +pgadmin: + images: + - egovio/pgadmin:v0.1 + +pgadmin-config: + host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" + db-admin-username: "egov_qa" + db-read-username: "egovqa_readonly" + port: "5432" + env: "QA" + maintenance-db-name: "egov_qa_pb_db" + +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:0.14.9 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kibana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kibana-v1: + replicas: 1 + images: + - docker.elastic.co/kibana/kibana:6.4.2 + es-url: "http://elasticsearch-client-v1:9200" + external_port: 5601 + service_type: LoadBalancer + server-basepath: "/kibana" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-uat,devops,works" + upstreams = [ "file:///dev/null" ] + +grafana: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/works-configs" + branch: "DEV" + + minio: + mode: distributed + disableWebUI: false + persistence: + enabled: true + dataDirSize: 10G + aws: + - volumeId: "vol-0085073c65f7568a3" + zone: ap-south-1a + - volumeId: "vol-031fa52f18391ddab" + zone: ap-south-1a + - volumeId: "vol-054c367d60f236577" + zone: ap-south-1a + - volumeId: "vol-015c0f14cb3927c68" + zone: ap-south-1a + ingress: + hostName: minio-staging.digit.org diff --git a/deploy-as-code/helm/environments/works-qa-secrets.yaml b/deploy-as-code/helm/environments/works-qa-secrets.yaml new file mode 100644 index 0000000000..8ece681a0b --- /dev/null +++ b/deploy-as-code/helm/environments/works-qa-secrets.yaml @@ -0,0 +1,117 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ufcHeQl9et3fD68=,iv:MkZAe9JE9352L6ENwOy3hEPMVDBBObvypnPKZsUABP4=,tag:9ggPsfbWktLi45DxOmPhaA==,type:str] + password: ENC[AES256_GCM,data:dY+uHddQUgc=,iv:hPzHbmTT7HMG5nUwBpEQymVkTPMWmiPSq0cPyHdXGb0=,tag:ZXBcJx7YkO54kY5GC+4TRg==,type:str] + flywayUsername: ENC[AES256_GCM,data:gZR1O1+vHC8ClUw=,iv:FJJZ0vz/SvhTGxyV2Deb/OBWS58rK6kMZaYpS3VTNa4=,tag:cEMJT+e9kCAxfRz1YEPeRQ==,type:str] + flywayPassword: ENC[AES256_GCM,data:A/xgH7lHEZI=,iv:2Mx+iJmVCKupu6hTORbth5Oge+7v63ZtXZ2tQuWIMCU=,tag:C+Q6H/OxVA/ddgSjyuh2gA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] + password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:1EE5Z9h8uen4pQZxgAYI1q+sDpk=,iv:eeCXNCkVONQsHjQ/HUy7QzynBQTWpg9WzWCLM2OPD24=,tag:DixDO0gDvhloWPeXTzch3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:cdJM7eawrvG2GkOISVkA6IzqloB+1HG2hECyQ/ivh/K15c91AuIpPQ==,iv:2fwqXTr6CeSQZo6y6aQHpd59rvw2mDvun4ZGKrUfkCQ=,tag:2VJ2qBq7aCUXlREnf5CEsQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] + admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] + read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] + read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:zIZF3uLtJIfXDw==,iv:vQESE+sjUTQrIRIjsYadLAboraj69JmTI3MHIsnTya4=,tag:6sUPwMjMJkBEVPTTkonFOQ==,type:str] + master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] + master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] + egov-wordpress-portal: + db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] + db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:F1pTK0ZEuqxPNnfPzRxrkD6ckyX3kSl5/oNmYBoDj62A,iv:wcFqE3qIV1zHDJ4WWDlpJzQzbfI7Wk5xbtkzsRm3jRs=,tag:oeZWSZrJB4msjn7vnsuczw==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] + wordpress: + wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] + mysql: + mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:SEpeoTCr6H1DuN9njXE8pAmbCp8=,iv:927VB4IGsrlm1m8LMNJTuHPto4jbzBHMcnUCPWzxuIQ=,tag:MDHL8+b/t8oWnRekb/d0+A==,type:str] + clientSecret: ENC[AES256_GCM,data:D2oTAXYdeMxB4E0+KUq+v0ekQm0SQ6ZnurBpmag49xI8nd5LRbjsWw==,iv:iqvX1daqQwtpVElTpsAmb9HJwz83Mx4EN9Flpva7fHk=,tag:FDNCVR0/dLa69xgA6ibQRQ==,type:str] + cookieSecret: ENC[AES256_GCM,data:Bt38VVbNL+4Twrs4o84ElNqVeA4jnHPURjgqwFgLe8gNM2j1pZU0FeGgWqM=,iv:AKb+N6w/Jvq1/VWn6KnHK6gdY6EztVmsLlRv356HV9U=,tag:/UQpTFMnf442aUNeljP27w==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] + route: + receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] + group_by: + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: + alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] + group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] + group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] + repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] + receivers: + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + templates: + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] + known-hosts: ENC[AES256_GCM,data:tdetLPfNXdryPyQn5ln0wfIiuQRSEmQzmxnNIQ3CTCLQeWd6Gb+PJjIEglWkJyEnDq/9VdSA6Iysu9eDuQHCfFclgqpB0nXPokplyNNz1Yiz4rrjC8yg+0vceKXgIselRSwHIPnuR9w9JMOJ9tuVl9bc9okHC6gBPlx+dqCDemxHk02d9DBBdrLrj/EgpZ1YaO+v1Bs2IzBtFZJi6nE7rD1qA1MKZwGMlyDOrmx3Wvx24U7IMaIY9q/nQ9yg/qR2QZAHr80x9Alf6UvagJIBcbIxXiK9vq3xLn41GcUkbMu0SZ6bMrlxoLqkxRMgHqyvLCbL12aCrJYTYdhlFKIBl9dh6e5woohLa2oN62hVfDNQCFFPgYMRSrAKA+7pBmi7gFp0Rd1J1+r+7Bclv0pFJ653aahfpJ2n16WQeW/Cf0ccRcwU47j3rljOoa9sCZu1W9qaJW+Q4EZ4wDdfx//sBUBXqjT1kU7cVyfVjnXqcpJK83iLtW7dX1d1ALPowRU0kSI5dKAZpOKzZSUFlkajTa3JpNIMdENWvi0L49oG/K18GWAzQ60LfLa0UUCg8UOEHG7Wid2tX9A8AFWEkLA/7D4nEaEx/vQSbpXWLuwecPmMEgD0qhY2HNwKbFeNNDh3x2x3xUmztkNNslJvWVqsRIZ7TcP7T5Ev3N6LaC7Zc+q2059le3gHdQIp4VgjZ/e7ONnvx3GXXHviH714JqSUSxVOpc7KA+O818Dq8m3Vr6lP6c8=,iv:bbz8kcF20h7W4NFLIb/3a4f9fqlj6XovC0Mqx1XDUKw=,tag:S+/DnuDGR+VsR3wGT8XlTA==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2020-11-10T06:48:05Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-03-29T10:30:00Z" + mac: ENC[AES256_GCM,data:eIZ+OFCd2Ni3QMiWMAwU1Q6ideyWlSSFsZI6828jZ7xpBwYy1A70OEtMWM62/Hh6ixyCyoSA7iTGAMYkLNyllstKamjq00NSKnsesU/YEdjZ+HF4kzjpfpyTHMqzsxidWoKpVpu1ejZBDpXFdj8cfiCigWOFvaVXL9rYrvyaB8Y=,iv:PO0UDFg9cY6KoABGrOjnjd6eBv+NhY7YpB64aJ6fE/A=,tag:4NJEO8ToZqaXJjRZzd6QhA==,type:str] + pgp: + - created_at: "2020-11-10T06:48:05Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv + lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ + gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ + Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t + PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF + 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS + ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S + q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== + =msen + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/works-qa.yaml b/deploy-as-code/helm/environments/works-qa.yaml new file mode 100644 index 0000000000..8b10bf2b56 --- /dev/null +++ b/deploy-as-code/helm/environments/works-qa.yaml @@ -0,0 +1,751 @@ +global: + domain: works-qa.digit.org + tracing-enabled: true + +cluster-configs: + namespaces: + create: true + values: + [ + backbone, + cert-manager, + egov, + works, + es-cluster, + kafka-cluster, + logging, + monitoring, + playground, + zookeeper-cluster, + ] + + rbac: + - role: user + namespaces: [egov, works, playground, kafka-cluster] + - role: admin + namespaces: [playground] + + root-ingress: + cert-issuer: letsencrypt-prod + namespace: works + appRoot: works-ui + serviceName: works-ui + + configmaps: + egov-config: + namespace: [ egov , works ] + data: + db-host: "postgres.egov" + db-name: "works_qa_db" + db-url: "jdbc:postgresql://postgres.egov:5432/works_qa_db" + domain: "works-qa.digit.org" + egov-services-fqdn-name: "https://works-qa.digit.org/" + egov-state-level-tenant-id: "pg" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" + logging-level-jdbc: "debug" + mobile-validation-workaround: "true" + s3-assets-bucket: "(pg-egov-assets|works-qa-asset)" + serializers-timezone-in-ist: "true" + server-tomcat-max-threads: "10" + server-tomcat-max-connections: "500" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + tracer-errors-provideexceptionindetails: "true" + timezone: "Asia/Kolkata" + es-infra-host: elasticsearch-data-v1.es-cluster + db-ssl: "false" + state-level-tenant-id: "pg" + + egov-service-host: + namespace: [ egov , works ] + data: + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + + attendance-service: "http://attendance.works:8080/" + contract-service: "http://contracts.works:8080/" + muster-roll-service: "http://muster-roll.works:8080/" + project-management-system: "http://project.works:8080/" + estimate-service: "http://estimates.works:8080/" + organisation: "http://organisation.works:8080/" + bankaccounts: "http://bankaccounts.works:8080/" + expense-calculator: "http://expense-calculator.works:8080/" + expense: "http://expense.works:8080/" + works-management-service: "http://works-management-service.works:8080/" + individual: "http://individual.works:8080/" + works-pdf: "http://works-pdf.works:8080/" + + audit-service: "http://audit-service.egov:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-otp: "http://egov-otp:8080/" + minio-url: "http://minio.backbone:9000/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + loi-service: "http://loi-service.works:8080/" + location: "http://location:8080/" + pdf-service: "http://pdf-service.egov:8080/" + user-otp: "http://user-otp:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening.egov:8080/" + inbox: "http://inbox.egov:8080/" + +#########---Works---######### + +estimate-service: + tracing-enabled: true + java-enable-debug: true + estimate-default-limit: 100 + estimate-search-max-limit: 200 + estimate-workflow-business-service: "ESTIMATE" + +loi-service: + tracing-enabled: true + workflow.loi.business.service.name: "loi-approval-4" + +attendance-service: + tracing-enabled: true + java-enable-debug: true + attendance-register-default-offset: 0 + attendance-register-default-limit: 10 + attendance-register-search-max-limit: 100 + attendance-individual-service-integration-required: false + attendance-staff-service-integration-required: false + attendance-document-id-verification-required: false + attendance-register-open-search-enabled-roles: "SUPERUSER" + +contract-service: + tracing-enabled: true + java-enable-debug: true + contract-default-offset: 0 + contract-default-limit: 10 + contract-search-max-limit: 50 + works-contract-service-code: "WORKS-CONTRACT" + contract-workflow-business-service: "CONTRACT" + contract-workflow-module-name: "contract-service" + contract-cbo-url-host : "https://works-qa.digit.org" + contract-cbo-url-endpoint : "/works-shg-app" + +# project-management-system: +# tracing-enabled: true +# java-enable-debug: true +# project-default-offset: 0 +# project-default-limit: 100 +# project-search-max-limit: 200 +# project-mdms-module: "works" +# egov-location-hierarchy-type: "ADMIN" + +project: + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + project-mdms-module: "works" + egov-location-hierarchy-type: "ADMIN" + +muster-roll-service: + tracing-enabled: true + java-enable-debug: true + musterroll-default-offset: 0 + musterroll-default-limit: 100 + musterroll-search-max-limit: 200 + musterroll-workflow-business-service: "MR" + works-attendance-log-search-endpoint: "attendance/log/v1/_search" + works-attendance-register-search-endpoint: "attendance/v1/_search" + works-attendance-register-search-limit: 100 + muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" + works-individual-search-endpoint: "individual/v1/_search" + works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" + works-contract-service-code: "WORKS-CONTRACT" + notification-sms-enabled: "true" + +organisation: + tracing-enabled: true + java-enable-debug: true + org-default-limit: 100 + org-search-max-limit: 200 + egov-location-hierarchy-type: "ADMIN" + works-cbo-url-host: "https:/works-qa.digit.org" + works-cbo-url-endpoint: "/works-shg-app" + +bankaccounts: + tracing-enabled: true + java-enable-debug: true + bank-account-default-limit: 100 + bank-account-search-max-limit: 200 + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + +works-management-service: + tracing-enabled: true + java-enable-debug: true + + + +expense-calculator: + tracing-enabled: true + java-enable-debug: true + +expenses-billing: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + bill-kafka-topic: "bill" + +expense: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" + +works-inbox-service: + java-enable-debug: true + tracing-enabled: true + +#########---core-services---######### + +audit-service: + persist-yml-path: https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-management-system-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-mdms-service: + mdms-path: "/work-dir/works-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-mdms-data" + branch: "QA" + mdms-folder: "works-mdms-data" + java-args: -Dspring.profiles.active=monitoring + masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" + +egov-filestore: + is-s3-enabled: "true" + fixed-bucketname: "works-qa-filestore" + minio-enabled: false + aws.s3.url : "https://s3.amazonaws.com" + is-bucket-fixed: "true" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + +egov-user: + replicas: "1" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + state-level-tenant-id: "pg" + java-enable-debug: true + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-persister: + persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "true" + wf-max-limit: "10000" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + java-enable-debug: true + heap: "-Xmx192m -Xms192m" + employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" + +egov-notification-sms: + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +zuul: + replicas: 2 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" + egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" + eventlog-enabled: "true" + eventlog-topic: "zuul-event-log" + eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +########################################## + +egov-url-shortening: + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + egov-url-shorten-hashid-salt: "randomsalt" + egov-url-shorten-hashid-min-length: "5" +# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egov-common-workflows: + db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" + + +egov-workflow: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +pdf-service: + replicas: 1 + memory_limits: 1.5Gi + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" + format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" + +egov-searcher: + search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + + +# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-user-chatbot: + egov-state-level-tenant-id: "pg" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +works-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +works-shg-app: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + +dashboard-ingest: + topic-incoming-collection: "dss-collection-update" + es-index-name: "dss-collection_v2" + es-push-direct: "true" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + + +nginx-ingress: + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + #metrics: + enabled: true + serviceMonitor: + enabled: true + service: + prometheusRule: + enabled: true + +cert-manager: + email: "devops-team@egov.org.in" + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov + + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + tracing-enabled: "true" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + spring-datasource-tomcat-max-active: 5 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +inbox: + service-map : '{}' + bs-service-map : '{}' +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-config: + data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "es-client.es-cluster" + es-port: "9200" + + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +minio: + mode: distributed + persistence: + enabled: true + aws: + - volumeId: "vol-0393fa1f3c5cd57e7" + zone: ap-south-1a + - volumeId: "vol-0a90fced10336cf2d" + zone: ap-south-1a + - volumeId: "vol-052f5b02391cf572e" + zone: ap-south-1a + - volumeId: "vol-024b629a7e1a01ec7" + zone: ap-south-1a + +postgres: + persistence: + enabled: true + dataDirSize: 30Gi + aws: + volumeId: "vol-0cd581235fc577fbf" + postgresDatabase: works_qa_db + +kafka-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-06e1bfdc067286d92" + zone: ap-south-1a + - volumeId: "vol-06f19fc74f9e66c6b" + zone: ap-south-1a + - volumeId: "vol-05d04c8e05bbe19cb" + zone: ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + persistence: + enabled: true + aws: + - volumeId: "vol-02461920d5bc17e2c" + zone: ap-south-1a + - volumeId: "vol-027adf626596b0600" + zone: ap-south-1a + - volumeId: "vol-0121393132c8de41b" + zone: ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-036a386d7058d1fa8" + zone: ap-south-1a + - volumeId: "vol-0be443e8b49ecf3bc" + zone: ap-south-1a + - volumeId: "vol-050c6a2beed14aeec" + zone: ap-south-1a + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + # cpu: "1000m" + memory: "2Gi" + limits: + # cpu: "1000m" + memory: "2Gi" + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-031b81b02807f409a" + zone: ap-south-1a + - volumeId: "vol-032f19b57fb1741b6" + zone: ap-south-1a + - volumeId: "vol-08ee85f411cdd45be" + zone: ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + +es-curator-infra: + namespace: es-cluster + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluentd: + images: + - egovio/fluentd:v0.1.9 + target_env: qa + +delete-old-logs-in-es: + images: + - egovio/elasticsearch-curator-5-0-2:0.0.2 + days: 1 + schedule: "0 12 * * *" + target_env: qa + +logrotate: + images: + - egovio/logrotate:0.1 + logrotate-interval: daily +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.0 + +pgadmin: + images: + - egovio/pgadmin:v0.1 + +pgadmin-config: + host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" + db-admin-username: "egov_qa" + db-read-username: "egovqa_readonly" + port: "5432" + env: "QA" + maintenance-db-name: "egov_qa_pb_db" + +#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:0.14.9 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kibana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kibana-v1: + replicas: 1 + images: + - docker.elastic.co/kibana/kibana:6.4.2 + es-url: "http://elasticsearch-client-v1:9200" + external_port: 5601 + service_type: LoadBalancer + server-basepath: "/kibana" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-uat,devops,works" + upstreams = [ "file:///dev/null" ] + +grafana: + initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/configs" + branch: "staging" + + minio: + mode: distributed + disableWebUI: false + persistence: + enabled: true + dataDirSize: 10G + aws: + - volumeId: "vol-0085073c65f7568a3" + zone: ap-south-1a + - volumeId: "vol-031fa52f18391ddab" + zone: ap-south-1a + - volumeId: "vol-054c367d60f236577" + zone: ap-south-1a + - volumeId: "vol-015c0f14cb3927c68" + zone: ap-south-1a + ingress: + hostName: minio-staging.digit.org From 05471f5e7cc2262556780a4bd26495c7b3ef647f Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 5 Jun 2023 12:26:54 +0530 Subject: [PATCH 207/742] SM-2527 Update values.yaml for Inbox - Adding searcher host (#1715) --- deploy-as-code/helm/charts/sanitation/inbox/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml index d471a2578e..17d0686cad 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -48,6 +48,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-user + - name: EGOV_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher - name: WORKFLOW_PROCESS_SEARCH_PATH value: "egov-workflow-v2/egov-wf/process/_search" - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH From 4b2d8846e95efb2817d40ad406d222be34beb949 Mon Sep 17 00:00:00 2001 From: nabeelmd-eGov <94039229+nabeelmd-eGov@users.noreply.github.com> Date: Tue, 13 Jun 2023 17:01:26 +0530 Subject: [PATCH 208/742] Update sanitation.yaml for old ui reports fixes (#1735) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index c37b3559ca..62f3389746 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -149,7 +149,7 @@ employee: sub_filter.conf: " sub_filter '' ' - + ';" digit-ui: custom-js-injection: | From 22d5e38701f052ea41aa592e571b96c766d5c494 Mon Sep 17 00:00:00 2001 From: talele08 Date: Wed, 14 Jun 2023 12:39:20 +0530 Subject: [PATCH 209/742] Update CODEOWNERS --- CODEOWNERS | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/CODEOWNERS b/CODEOWNERS index 3f7100ce0d..5d7b879ed2 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1,23 +1 @@ -* @gajendran-egov -*.yaml @gajendran-egov - -##Internal Env#### -deploy-as-code/helm/environments/qa*.yaml @sathishp-eGov -deploy-as-code/helm/environments/uat*.yaml @sathishp-eGov -deploy-as-code/helm/environments/staging*.yaml @sathishp-eGov -deploy-as-code/helm/environments/dev*.yaml @sathishp-eGov - -##UKD ENV##### -deploy-as-code/helm/environments/ukd-*.yaml @satyamashish-egov @elzanmathew-eGov @pradeepkumarcm-egov - -##PB Env####### -deploy-as-code/helm/environments/pb-*.yaml @ramakrishnaippili-eGov @elzanmathew-eGov - -##Bihar Env##### -deploy-as-code/helm/environments/bihar-*.yaml @pradeepkumarcm-egov @elzanmathew-eGov - -##UP Env### -deploy-as-code/helm/environments/up-*.yaml @subhash-eGov @elzanmathew-eGov - -##NUGP Env## -deploy-as-code/helm/environments/nugp-*.yaml @elzanmathew-eGov @satyamashish-egov +@shashwat-egov @nikhilmulinti-egov @sathishp-eGov From 49649c79cff8e28caa3c1b12c84863c6f96ecd72 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 14 Jun 2023 13:40:11 +0530 Subject: [PATCH 210/742] Added indexer-yaml-repo-path (#1738) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 037deafc2f..d7ec17eef6 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -296,7 +296,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" egov-persister: replicas: 1 From bb88333c0286dbe2a2c829dd17fb4a7f3739d728 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Tue, 20 Jun 2023 14:55:23 +0530 Subject: [PATCH 211/742] SM-2531 enabling fsm's remote java debug (#1755) --- deploy-as-code/helm/charts/sanitation/fsm/values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml index c4e2b92157..50d5192106 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -130,6 +130,13 @@ env: | value: {{ index .Values "java-args" | quote }} - name: SERVER_PORT value: "8080" + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} - name: SECURITY_BASIC_ENABLED value: "false" - name: MANAGEMENT_SECURITY_ENABLED From 851e84b971668dec87737a55a531e6ea00809dd6 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 21 Jun 2023 11:15:49 +0530 Subject: [PATCH 212/742] Increased memory size and heap size for collection-service in unified-dev env (#1757) Co-authored-by: Harish-egov --- .../charts/business-services/collection-services/values.yaml | 2 +- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/business-services/collection-services/values.yaml b/deploy-as-code/helm/charts/business-services/collection-services/values.yaml index 039c804a8d..d84b17e5c1 100644 --- a/deploy-as-code/helm/charts/business-services/collection-services/values.yaml +++ b/deploy-as-code/helm/charts/business-services/collection-services/values.yaml @@ -31,7 +31,7 @@ receipt-search-paginate: "false" receipt-search-defaultsize: "30" user-create-enabled: "true" search-ignore-status: "" -heap: "-Xmx256m -Xms256m" +heap: "-Xmx512m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" java-debug: "" receiptnumber-servicebased: "false" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d7ec17eef6..96ef866ee6 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -434,8 +434,8 @@ collection-services: receipt-search-paginate: "true" receipt-search-defaultsize: 30 user-create-enabled: "true" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + memory_limits: 768Mi collection-receipt-voucher-consumer: jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" From 2a39d192b2583aa5fce3d444f0b8e6516bb5e140 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 21 Jun 2023 11:22:36 +0530 Subject: [PATCH 213/742] Added memory limit for collection-service in values.yaml file (#1758) * Increased memory size and heap size for collection-service in unified-dev env * Added memory limit for collection-service in values.yaml file --------- Co-authored-by: Harish-egov --- .../charts/business-services/collection-services/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/business-services/collection-services/values.yaml b/deploy-as-code/helm/charts/business-services/collection-services/values.yaml index d84b17e5c1..3d2ebad062 100644 --- a/deploy-as-code/helm/charts/business-services/collection-services/values.yaml +++ b/deploy-as-code/helm/charts/business-services/collection-services/values.yaml @@ -32,6 +32,7 @@ receipt-search-defaultsize: "30" user-create-enabled: "true" search-ignore-status: "" heap: "-Xmx512m -Xms256m" +memory_limits: 768Mi java-args: "-Dspring.profiles.active=monitoring" java-debug: "" receiptnumber-servicebased: "false" From 653ae83e28cf79af84c28e900db76ad065095f78 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 22 Jun 2023 10:50:54 +0530 Subject: [PATCH 214/742] Added digit-works charts and modified works-dev and sec yaml file (#1759) Co-authored-by: Harish-egov --- .../digit-works/backend/attendance/Chart.yaml | 26 + .../attendance/templates/deployment.yaml | 2 + .../backend/attendance/templates/ingress.yaml | 2 + .../backend/attendance/templates/service.yaml | 2 + .../backend/attendance/values.yaml | 119 ++ .../backend/bankaccounts/Chart.yaml | 26 + .../bankaccounts/templates/deployment.yaml | 2 + .../bankaccounts/templates/ingress.yaml | 2 + .../bankaccounts/templates/service.yaml | 2 + .../backend/bankaccounts/values.yaml | 104 ++ .../digit-works/backend/contracts/Chart.yaml | 26 + .../contracts/templates/deployment.yaml | 2 + .../backend/contracts/templates/ingress.yaml | 2 + .../backend/contracts/templates/service.yaml | 2 + .../digit-works/backend/contracts/values.yaml | 149 +++ .../backend/egov-bff-service/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../egov-bff-service/templates/ingress.yaml | 2 + .../egov-bff-service/templates/service.yaml | 2 + .../backend/egov-bff-service/values.yaml | 102 ++ .../digit-works/backend/estimates/Chart.yaml | 26 + .../estimates/templates/deployment.yaml | 2 + .../backend/estimates/templates/ingress.yaml | 2 + .../backend/estimates/templates/service.yaml | 2 + .../digit-works/backend/estimates/values.yaml | 119 ++ .../backend/expense-calculator/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../expense-calculator/templates/ingress.yaml | 2 + .../expense-calculator/templates/service.yaml | 2 + .../backend/expense-calculator/values.yaml | 93 ++ .../digit-works/backend/expense/Chart.yaml | 26 + .../backend/expense/templates/deployment.yaml | 2 + .../backend/expense/templates/ingress.yaml | 2 + .../backend/expense/templates/service.yaml | 2 + .../digit-works/backend/expense/values.yaml | 114 ++ .../backend/ifms-adapter/Chart.yaml | 26 + .../ifms-adapter/templates/deployment.yaml | 2 + .../backend/ifms-adapter/values.yaml | 42 + .../digit-works/backend/individual/Chart.yaml | 26 + .../individual/templates/deployment.yaml | 2 + .../backend/individual/templates/ingress.yaml | 2 + .../backend/individual/templates/service.yaml | 2 + .../backend/individual/values.yaml | 142 +++ .../backend/loi-service/Chart.yaml | 26 + .../loi-service/templates/deployment.yaml | 2 + .../loi-service/templates/ingress.yaml | 2 + .../loi-service/templates/service.yaml | 2 + .../backend/loi-service/values.yaml | 74 ++ .../backend/muster-roll/Chart.yaml | 26 + .../muster-roll/templates/deployment.yaml | 2 + .../muster-roll/templates/ingress.yaml | 2 + .../muster-roll/templates/service.yaml | 2 + .../backend/muster-roll/values.yaml | 168 +++ .../backend/organisation/Chart.yaml | 26 + .../organisation/templates/deployment.yaml | 2 + .../organisation/templates/ingress.yaml | 2 + .../organisation/templates/service.yaml | 2 + .../backend/organisation/values.yaml | 133 +++ .../project-management-system/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../project-management-system/values.yaml | 94 ++ .../digit-works/backend/project/Chart.yaml | 26 + .../backend/project/templates/deployment.yaml | 2 + .../backend/project/templates/ingress.yaml | 2 + .../backend/project/templates/service.yaml | 2 + .../digit-works/backend/project/values.yaml | 104 ++ .../backend/works-inbox-service/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../backend/works-inbox-service/values.yaml | 86 ++ .../works-management-service/Chart.yaml | 26 + .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../works-management-service/values.yaml | 84 ++ .../frontend/works-shg-app/Chart.yaml | 26 + .../works-shg-app/templates/deployment.yaml | 2 + .../works-shg-app/templates/ingress.yaml | 2 + .../works-shg-app/templates/service.yaml | 2 + .../subfilter-injection-configmap.yaml | 15 + .../frontend/works-shg-app/values.yaml | 32 + .../works-shg-app/works-ui/Chart.yaml | 26 + .../works-ui/templates/deployment.yaml | 2 + .../works-ui/templates/ingress.yaml | 2 + .../works-ui/templates/service.yaml | 2 + .../subfilter-injection-configmap.yaml | 11 + .../works-shg-app/works-ui/values.yaml | 34 + .../utilities/works-pdf/Chart.yaml | 26 + .../works-pdf/templates/deployment.yaml | 2 + .../works-pdf/templates/ingress.yaml | 2 + .../works-pdf/templates/service.yaml | 2 + .../utilities/works-pdf/values.yaml | 143 +++ .../helm/environments/works-dev-secrets.yaml | 110 +- .../helm/environments/works-dev.yaml | 1035 +++++++++-------- 97 files changed, 3191 insertions(+), 520 deletions(-) create mode 100644 deploy-as-code/helm/charts/digit-works/backend/attendance/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/attendance/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/attendance/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/attendance/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/bankaccounts/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/bankaccounts/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/contracts/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/contracts/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/contracts/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/contracts/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/estimates/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/estimates/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/estimates/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/estimates/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense-calculator/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense-calculator/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/loi-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/loi-service/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/muster-roll/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/muster-roll/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/organisation/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/organisation/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/organisation/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/organisation/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project-management-system/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project-management-system/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-management-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/works-management-service/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/works-pdf/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/Chart.yaml new file mode 100644 index 0000000000..d2bf4dd89a --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: attendance +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml new file mode 100644 index 0000000000..47fb3ac14a --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml @@ -0,0 +1,119 @@ +# Common Labels +labels: + app: "attendance" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "attendance" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "attendance_schema" + image: + repository: "attendance-db" + +# Container Configs +image: + repository: "attendance" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/attendance/health" + readinessProbePath: "/attendance/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /attendance + - name: SERVER_SERVLET_CONTEXT-PATH + value: /attendance + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: ATTENDANCE_LOG_KAFKA_CREATE_TOPIC + value: "save-attendance-log" + - name: ATTENDANCE_LOG_KAFKA_UPDATE_TOPIC + value: "update-attendance-log" + - name: ATTENDANCE_REGISTER_KAFKA_CREATE_TOPIC + value: "save-attendance" + - name: ATTENDANCE_REGISTER_KAFKA_UPDATE_TOPIC + value: "update-attendance" + - name: ATTENDANCE_STAFF_KAFKA_CREATE_TOPIC + value: "save-staff" + - name: ATTENDANCE_STAFF_KAFKA_UPDATE_TOPIC + value: "update-staff" + - name: ATTENDANCE_ATTENDEE_KAFKA_CREATE_TOPIC + value: "save-attendee" + - name: ATTENDANCE_ATTENDEE_KAFKA_UPDATE_TOPIC + value: "update-attendee" + {{- if index .Values "attendance-register-default-offset" }} + - name: ATTENDANCE_REGISTER_DEFAULT_OFFSET + value: {{ index .Values "attendance-register-default-offset" | quote }} + {{- end }} + {{- if index .Values "attendance-register-default-limit" }} + - name: ATTENDANCE_REGISTER_DEFAULT_LIMIT + value: {{ index .Values "attendance-register-default-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-register-search-max-limit" }} + - name: ATTENDANCE_REGISTER_SEARCH_MAX_LIMIT + value: {{ index .Values "attendance-register-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-individual-service-integration-required" }} + - name: ATTENDANCE_INDIVIDUAL_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-individual-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-staff-service-integration-required" }} + - name: ATTENDANCE_STAFF_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-staff-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-document-id-verification-required" }} + - name: ATTENDANCE_DOCUMENT_ID_VERIFICATION_REQUIRED + value: {{ index .Values "attendance-document-id-verification-required" | quote }} + {{- end }} + {{- if index .Values "attendance-register-open-search-enabled-roles" }} + - name: ATTENDANCE_REGISTER_OPEN_SEARCH_ENABLED_ROLES + value: {{ index .Values "attendance-register-open-search-enabled-roles" | quote }} + {{- end }} + {{- if index .Values "works-individual-search-endpoint" }} + - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT + value: {{ index .Values "works-individual-search-endpoint" | quote }} + {{- end }} + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/Chart.yaml new file mode 100644 index 0000000000..0cce25c834 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: bankaccounts +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/values.yaml new file mode 100644 index 0000000000..2308304d20 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/bankaccounts/values.yaml @@ -0,0 +1,104 @@ +# Common Labels +labels: + app: "bankaccounts" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "bankaccount-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "bankaccount_schema" + image: + repository: "bankaccounts-db" + +# Container Configs +image: + repository: "bankaccounts" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/bankaccount-service/health" + readinessProbePath: "/bankaccount-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /bankaccount-service + - name: SERVER_SERVLET_CONTEXT-PATH + value: /bankaccount-service + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: BANK_ACCOUNT_KAFKA_CREATE_TOPIC + value: "save-bank-account" + - name: BANK_ACCOUNT_KAFKA_UPDATE_TOPIC + value: "update-bank-account" + {{- if index .Values "bank-account-default-limit" }} + - name: BANK_ACCOUNT_DEFAULT_LIMIT + value: {{ index .Values "bank-account-default-limit" | quote }} + {{- end }} + {{- if index .Values "bank-account-search-max-limit" }} + - name: BANK_ACCOUNT_SEARCH_MAX_LIMIT + value: {{ index .Values "bank-account-search-max-limit" | quote }} + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "bankaccounts" + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/Chart.yaml new file mode 100644 index 0000000000..c3ee476cea --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: contracts +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml new file mode 100644 index 0000000000..324e380da9 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml @@ -0,0 +1,149 @@ +# Common Labels +labels: + app: "contracts" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "contract" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "contracts_schema" + image: + repository: "contracts-db" + +# Container Configs +image: + repository: "contracts" + +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/contract/health" + readinessProbePath: "/contract/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /contract + - name: SERVER_SERVLET_CONTEXT-PATH + value: /contract + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKS_ESTIMATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: estimate-service + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_ATTENDANCE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: attendance-service + - name: EGOV_ORG_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: WORKS_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project-management-system + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: CONTRACT_KAFKA_CREATE_TOPIC + value: "save-contract" + - name: CONTRACT_KAFKA_UPDATE_TOPIC + value: "update-contract" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "contract-default-offset" }} + - name: CONTRACT_DEFAULT_OFFSET + value: {{ index .Values "contract-default-offset" | quote }} + {{- end }} + {{- if index .Values "contract-default-limit" }} + - name: CONTRACT_DEFAULT_LIMIT + value: {{ index .Values "contract-default-limit" | quote }} + {{- end }} + {{- if index .Values "contract-search-max-limit" }} + - name: CONTRACT_SEARCH_MAX_LIMIT + value: {{ index .Values "contract-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "works-contract-service-code" }} + - name: WORKS_CONTRACT_SERVICE_CODE + value: {{ index .Values "works-contract-service-code" | quote }} + {{- end }} + {{- if index .Values "contract-workflow-business-service" }} + - name: CONTRACT_WORKFLOW_BUSINESS_SERVICE + value: {{ index .Values "contract-workflow-business-service" | quote }} + {{- end }} + {{- if index .Values "contract-workflow-module-name" }} + - name: CONTRACT_WORKFLOW_MODULE_NAME + value: {{ index .Values "contract-workflow-module-name" | quote }} + {{- end }} + {{- if index .Values "contract-cbo-url-host" }} + - name: CONTRACT_CBO_URL_HOST + value: {{ index .Values "contract-cbo-url-host" | quote }} + {{- end }} + {{- if index .Values "contract-cbo-url-endpoint" }} + - name: CONTRACT_CBO_URL_ENDPOINT + value: {{ index .Values "contract-cbo-url-endpoint" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/Chart.yaml new file mode 100644 index 0000000000..89ea5d52c6 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: egov-bff-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/values.yaml new file mode 100644 index 0000000000..19e8e5cea0 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/egov-bff-service/values.yaml @@ -0,0 +1,102 @@ +labels: + app: egov-bff-service + group: digit-works +namespace: works +ingress: + namespace: egov + enabled: true + zuul: true + context: egov-bff-service +image: + repository: egov-bff-service +replicas: '1' +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: DB_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: db-host + - name: DB_NAME + valueFrom: + configMapKeyRef: + name: egov-config + key: db-name + - name: DB_USER + valueFrom: + secretKeyRef: + name: db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: DB_PORT + value: "5432" + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: CONTEXT_PATH + value: "/egov-bff-service" + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: WORKS_ESTIMATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: estimate-service + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_ATTENDANCE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: attendance-service + - name: WORKS_ATTENDANCE_LOG_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: attendance-service + - name: WORKS_BANKACCOUNTS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: WORKS_MUSTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: muster-roll-service diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/Chart.yaml new file mode 100644 index 0000000000..efa02e2e59 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: estimates +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml new file mode 100644 index 0000000000..45dd11ab39 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -0,0 +1,119 @@ +# Common Labels +labels: + app: "estimates" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "estimate" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "estimates_schema" + image: + repository: "estimates-db" + +# Container Configs +image: + repository: "estimates" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/estimate/health" + readinessProbePath: "/estimate/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx512m -Xms512m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /estimate + - name: SERVER_SERVLET_CONTEXT-PATH + value: /estimate + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: ESTIMATE_KAFKA_CREATE_TOPIC + value: "save-estimate" + - name: ESTIMATE_KAFKA_UPDATE_TOPIC + value: "update-estimate" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "estimate-default-limit" }} + - name: ESTIMATE_DEFAULT_LIMIT + value: {{ index .Values "estimate-default-limit" | quote }} + {{- end }} + {{- if index .Values "estimate-search-max-limit" }} + - name: ESTIMATE_SEARCH_MAX_LIMIT + value: {{ index .Values "estimate-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "estimate-workflow-business-service" }} + - name: ESTIMATE_WORKFLOW_BUSINESS_SERVICE + value: {{ index .Values "estimate-workflow-business-service" | quote }} + {{- end }} + {{- if index .Values "estimate-workflow-module-name" }} + - name: ESTIMATE_WORKFLOW_MODULE_NAME + value: {{ index .Values "estimate-workflow-module-name" | quote }} + {{- end }} + - name: WORKS_PROJECT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project-management-system + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "estimate-service" + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/Chart.yaml new file mode 100644 index 0000000000..67030a1a80 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: expense-calculator +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/values.yaml new file mode 100644 index 0000000000..eda6297cf7 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense-calculator/values.yaml @@ -0,0 +1,93 @@ +# Common Labels +labels: + app: "expense-calculator" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "expense-calculator" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "expense_calculator_schema" + image: + repository: "expense-calculator-db" + +# Container Configs +image: + repository: "expense-calculator" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/expense-calculator/health" + readinessProbePath: "/expense-calculator/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /expense-calculator + - name: SERVER_SERVLET_CONTEXT-PATH + value: /expense-calculator + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EXPENSE_CALCULATOR_CONSUME_TOPIC + value: "calculate-musterroll" + - name: EXPENSE_CALCULATOR_ERROR_TOPIC + value: "calculate-error" + - name: EXPENSE_CALCULATOR_CREATE_BILL_TOPIC + value: "calculate-billmeta" + - name: EGOV_MUSTERROLL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: muster-roll-service + - name: EGOV_BILL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "egov-mdms-service/v1/_search" + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_CONTRACT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/Chart.yaml new file mode 100644 index 0000000000..0f6a646c9e --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: expense +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml new file mode 100644 index 0000000000..26a328291a --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml @@ -0,0 +1,114 @@ +# Common Labels +labels: + app: "expense" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "expense" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "expense_schema" + image: + repository: "expense-db" + +# Container Configs +image: + repository: "expense" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/expense/health" + readinessProbePath: "/expense/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /expense + - name: SERVER_SERVLET_CONTEXT-PATH + value: /expense + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: BUSINESS_WORKFLOW_STATUS_MAP + value: {{ index .Values "business-workflow-status-map" | quote }} + - name: EXPENSE_BILLING_BILL_CREATE + value: "expense-bill-create" + - name: EXPENSE_BILLING_BILL_UPDATE + value: "expense-bill-update" + - name: EXPENSE_BILLING_PAYMENT_CREATE + value: "expense-payment-create" + - name: EXPENSE_BILLING_PAYMENT_UPDATE + value: "expense-payment-update" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "expense-billing-default-offset" }} + - name: EXPENSE_BILLING_DEFAULT_OFFSET + value: {{ index .Values "expense-billing-default-offset" | quote }} + {{- end }} + {{- if index .Values "expense-billing-default-limit" }} + - name: EXPENSE_BILLING_DEFAULT_LIMIT + value: {{ index .Values "expense-billing-default-limit" | quote }} + {{- end }} + {{- if index .Values "expense-billing-search-max-limit" }} + - name: EXPENSE_BILLING_SEARCH_MAX_LIMIT + value: {{ index .Values "expense-billing-search-max-limit" | quote }} + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/Chart.yaml new file mode 100644 index 0000000000..b68679e77c --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-adapter +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml new file mode 100644 index 0000000000..9515bfeef7 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml @@ -0,0 +1,42 @@ +# Common Labels +labels: + app: "ifms-adapter" + group: "digit-works" + +namespace: works + +# Container Configs +image: + repository: "ifms-adapter" +replicas: "1" +healthChecks: + enabled: false +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "bill-kafka-topic" }} + - name: BILL_KAFKA_TOPIC + value: {{ index .Values "bill-kafka-topic" | quote }} + {{- end }} + {{- if index .Values "payment-status-kafka-topic" }} + - name: PAYMENT_STATUS_KAFKA_TOPIC + value: {{ index .Values "payment-status-kafka-topic" | quote }} + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml new file mode 100644 index 0000000000..93da335372 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: individual +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml new file mode 100644 index 0000000000..5269f2e1a1 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml @@ -0,0 +1,142 @@ +# Common Labels +labels: + app: "individual" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "individual" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "individual_schema" + image: + repository: "individual-db" + +# Container Configs +image: + repository: "individual" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/individual/health" + readinessProbePath: "/individual/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-individual + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_ENC_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_ENC_ENCRYPT_ENDPOINT + value: "egov-enc-service/crypto/v1/_encrypt" + - name: EGOV_ENC_DECRYPT_ENDPOINT + value: "egov-enc-service/crypto/v1/_decrypt" + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "egov-mdms-service/v1/_search" + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: IDGEN.INDIVIDUAL.ID.FORMAT + value: "individual.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC + value: "individual-consumer-bulk-create-topic" + - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC + value: "individual-consumer-bulk-update-topic" + - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC + value: "individual-consumer-bulk-delete-topic" + - name: INDIVIDUAL.CONSUMER.SAVE.TOPIC + value: "save-individual-topic" + - name: INDIVIDUAL.CONSUMER.UPDATE.TOPIC + value: "update-individual-topic" + - name: INDIVIDUAL.CONSUMER.DELETE.TOPIC + value: "delete-individual-topic" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} + {{- if index .Values "aadhaar-pattern" }} + - name: AADHAAR_PATTERN + value: {{ index .Values "aadhaar-pattern" | quote }} + {{- end }} + {{- if index .Values "mobile-pattern" }} + - name: MOBILE_PATTERN + value: {{ index .Values "mobile-pattern" | quote }} + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/loi-service/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/loi-service/Chart.yaml new file mode 100644 index 0000000000..4e83497fb2 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/loi-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: loi-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/loi-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/loi-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/loi-service/values.yaml new file mode 100644 index 0000000000..78d805dc73 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/loi-service/values.yaml @@ -0,0 +1,74 @@ +# Common Labels +labels: + app: "loi-service" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "loi-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "loi_service_schema" + image: + repository: "loi-service-db" + +# Container Configs +image: + repository: "loi-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/loi-service/health" + readinessProbePath: "/loi-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /loi-service + - name: SERVER_SERVLET_CONTEXT-PATH + value: /loi-service + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "workflow.loi.business.service.name" }} + - name: WORKFLOW_LOI_BUSINESS_SERVICE_NAME + value: {{ index .Values "workflow.loi.business.service.name" | quote }} + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 diff --git a/deploy-as-code/helm/charts/digit-works/backend/muster-roll/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/Chart.yaml new file mode 100644 index 0000000000..164ba1b17a --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: muster-roll +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/muster-roll/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/values.yaml new file mode 100644 index 0000000000..8f7d06ee58 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/muster-roll/values.yaml @@ -0,0 +1,168 @@ +# Common Labels +labels: + app: "muster-roll" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "muster-roll" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "muster_roll_schema" + image: + repository: "muster-roll-db" + +# Container Configs +image: + repository: "muster-roll" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/muster-roll/health" + readinessProbePath: "/muster-roll/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /muster-roll + - name: SERVER_SERVLET_CONTEXT-PATH + value: /muster-roll + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKS_ATTENDANCE_LOG_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: attendance-service + - name: WORKS_BANKACCOUNTS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: WORKS_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: WORKS_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: WORKS_EXPENSE_CALCULATOR_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + - name: MUSTERROLL_KAFKA_CREATE_TOPIC + value: "save-musterroll" + - name: MUSTERROLL_KAFKA_UPDATE_TOPIC + value: "update-musterroll" + - name: MUSTERROLL_KAFKA_CALCULATE_TOPIC + value: "calculate-musterroll" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "notification-sms-enabled" }} + - name: NOTIFICATION_SMS_ENABLED + value: {{ index .Values "notification-sms-enabled" | quote }} + {{- end }} + {{- if index .Values "musterroll-default-offset" }} + - name: MUSTERROLL_DEFAULT_OFFSET + value: {{ index .Values "musterroll-default-offset" | quote }} + {{- end }} + {{- if index .Values "musterroll-default-limit" }} + - name: MUSTERROLL_DEFAULT_LIMIT + value: {{ index .Values "musterroll-default-limit" | quote }} + {{- end }} + {{- if index .Values "musterroll-search-max-limit" }} + - name: MUSTERROLL_SEARCH_MAX_LIMIT + value: {{ index .Values "musterroll-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "musterroll-workflow-business-service" }} + - name: MUSTERROLL_WORKFLOW_BUSINESS_SERVICE + value: {{ index .Values "musterroll-workflow-business-service" | quote }} + {{- end }} + {{- if index .Values "works-attendance-log-search-endpoint" }} + - name: WORKS_ATTENDANCE_LOG_SEARCH_ENDPOINT + value: {{ index .Values "works-attendance-log-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "works-attendance-register-search-endpoint" }} + - name: WORKS_ATTENDANCE_REGISTER_SEARCH_ENDPOINT + value: {{ index .Values "works-attendance-register-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "works-attendance-register-search-limit" }} + - name: WORKS_ATTENDANCE_REGISTER_SEARCH_LIMIT + value: {{ index .Values "works-attendance-register-search-limit" | quote }} + {{- end }} + {{- if index .Values "works-individual-search-endpoint" }} + - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT + value: {{ index .Values "works-individual-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "works-bankaccounts-search-endpoint" }} + - name: WORKS_BANKACCOUNTS_SEARCH_ENDPOINT + value: {{ index .Values "works-bankaccounts-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "muster-restricted-search-roles" }} + - name: MUSTER_RESTRICTED_SEARCH_ROLES + value: {{ index .Values "muster-restricted-search-roles" | quote }} + {{- end }} + {{- if index .Values "works-contract-service-code" }} + - name: WORKS_CONTRACT_SERVICE_CODE + value: {{ index .Values "works-contract-service-code" | quote }} + {{- end }} + + diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/Chart.yaml new file mode 100644 index 0000000000..46ee6513ec --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: organisation +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml new file mode 100644 index 0000000000..99bffc8e6e --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml @@ -0,0 +1,133 @@ +# Common Labels +labels: + app: "organisation" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "org-services" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "organisation_schema" + image: + repository: "organisation-db" + +# Container Configs +image: + repository: "organisation" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/org-services/health" + readinessProbePath: "/org-services/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /org-services + - name: SERVER_SERVLET_CONTEXT-PATH + value: /org-services + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: ORG_KAFKA_CREATE_TOPIC + value: "save-org" + - name: ORG_KAFKA_UPDATE_TOPIC + value: "update-org" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "org-default-limit" }} + - name: ORG_DEFAULT_LIMIT + value: {{ index .Values "org-default-limit" | quote }} + {{- end }} + {{- if index .Values "org-search-max-limit" }} + - name: ORG_SEARCH_MAX_LIMIT + value: {{ index .Values "org-search-max-limit" | quote }} + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "organisation" + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + {{- if index .Values "egov-location-hierarchy-type" }} + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: {{ index .Values "egov-location-hierarchy-type" | quote }} + {{- end }} + {{- if index .Values "contract-cbo-url-host" }} + - name: CONTRACT_CBO_URL_HOST + value: {{ index .Values "contract-cbo-url-host" | quote }} + {{- end }} + {{- if index .Values "contract-cbo-url-endpoint" }} + - name: CONTRACT_CBO_URL_ENDPOINT + value: {{ index .Values "contract-cbo-url-endpoint" | quote }} + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/project-management-system/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/Chart.yaml new file mode 100644 index 0000000000..32993c7398 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: project-management-system +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project-management-system/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/values.yaml new file mode 100644 index 0000000000..776dbf7f98 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project-management-system/values.yaml @@ -0,0 +1,94 @@ +# Common Labels +labels: + app: "project-management-system" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "pms" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "project_management_system_schema" + image: + repository: "project-management-system-db" + +# Container Configs +image: + repository: "project-management-system" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/pms/health" + readinessProbePath: "/pms/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /pms + - name: SERVER_SERVLET_CONTEXT-PATH + value: /pms + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: PROJECT_MANAGEMENT_SYSTEM_KAFKA_CREATE_TOPIC + value: "save-project" + - name: PROJECT_MANAGEMENT_SYSTEM_KAFKA_UPDATE_TOPIC + value: "update-project" + {{- if index .Values "project-default-offset" }} + - name: PROJECT_MANAGEMENT_SYSTEM_DEFAULT_OFFSET + value: {{ index .Values "project-default-offset" | quote }} + {{- end }} + {{- if index .Values "project-default-limit" }} + - name: PROJECT_MANAGEMENT_SYSTEM_DEFAULT_LIMIT + value: {{ index .Values "project-default-limit" | quote }} + {{- end }} + {{- if index .Values "project-search-max-limit" }} + - name: PROJECT_MANAGEMENT_SYSTEM_SEARCH_MAX_LIMIT + value: {{ index .Values "project-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "project-mdms-module" }} + - name: PROJECT_MANAGEMENT_SYSTEM_MDMS_MODULE + value: {{ index .Values "project-mdms-module" | quote }} + {{- end }} + {{- if index .Values "egov-location-hierarchy-type" }} + - name: PROJECT_MANAGEMENT_SYSTEM_EGOV_LOCATION_HIERARCHY_TYPE + value: {{ index .Values "egov-location-hierarchy-type" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml new file mode 100644 index 0000000000..fe0aa63fd3 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: project +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml new file mode 100644 index 0000000000..b419ced116 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml @@ -0,0 +1,104 @@ +# Common Labels +labels: + app: "project" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "project" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "project_schema" + image: + repository: "project-db" + +# Container Configs +image: + repository: "project" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/project/health" + readinessProbePath: "/project/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /project + - name: SERVER_SERVLET_CONTEXT-PATH + value: /project + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC + value: "save-project" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC + value: "update-project" + {{- if index .Values "project-default-offset" }} + - name: PROJECT.DEFAULT.OFFSET + value: {{ index .Values "project-default-offset" | quote }} + {{- end }} + {{- if index .Values "project-default-limit" }} + - name: PROJECT.DEFAULT.LIMIT + value: {{ index .Values "project-default-limit" | quote }} + {{- end }} + {{- if index .Values "project-search-max-limit" }} + - name: PROJECT.SEARCH.MAX.LIMIT + value: {{ index .Values "project-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "project-mdms-module" }} + - name: PROJECT_MDMS_MODULE + value: {{ index .Values "project-mdms-module" | quote }} + {{- end }} + {{- if index .Values "egov-location-hierarchy-type" }} + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: {{ index .Values "egov-location-hierarchy-type" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/Chart.yaml new file mode 100644 index 0000000000..6cf49e12a8 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: works-inbox-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/values.yaml new file mode 100644 index 0000000000..ac18691921 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-inbox-service/values.yaml @@ -0,0 +1,86 @@ +# Common Labels +labels: + app: "works-inbox-service" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "works-inbox-service" + +# Container Configs +image: + repository: "works-inbox-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/works-inbox-service/health" + readinessProbePath: "/works-inbox-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /works-inbox-service + - name: SERVER_SERVLET_CONTEXT-PATH + value: /works-inbox-service + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + {{- if index .Values "es-search-pagination-default-limit" }} + - name: ES_SEARCH_PAGINATION_DEFAULT_LIMIT + value: {{ index .Values "es-search-pagination-default-limit" | quote }} + {{- end }} + {{- if index .Values "es-search-pagination-max-search-limit" }} + - name: ES_SEARCH_PAGINATION_MAX_SEARCH_LIMIT + value: {{ index .Values "es-search-pagination-max-search-limit" | quote }} + {{- end }} + {{- if index .Values "es-search-default-sort-order" }} + - name: ES_SEARCH_DEFAULT_SORT_ORDER + value: {{ index .Values "es-search-default-sort-order" | quote }} + {{- end }} + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: SERVICE_SEARCH_MAPPING + value: {{ index .Values "service-map" | quote }} + - name: EGOV_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-management-service/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/Chart.yaml new file mode 100644 index 0000000000..f729582ab3 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: works-management-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/works-management-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/values.yaml new file mode 100644 index 0000000000..a6d3c2b9f8 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/works-management-service/values.yaml @@ -0,0 +1,84 @@ +# Common Labels +labels: + app: "works-management-service" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "wms" + +# Container Configs +image: + repository: "works-management-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/wms/health" + readinessProbePath: "/wms/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /wms + - name: SERVER_SERVLET_CONTEXT-PATH + value: /wms + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKFLOW_PROCESS_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/process/_search" + - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/businessservice/_search" + - name: WORKFLOW_PROCESS_COUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_count" + - name: WORKFLOW_PROCESS_STATUSCOUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_statuscount" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: SERVICES_ESINDEXER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: es-indexer-host + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: PARENT_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/Chart.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/Chart.yaml new file mode 100644 index 0000000000..9be604ccb5 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: works-shg-app +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..a4b26a542b --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,15 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/values.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/values.yaml new file mode 100644 index 0000000000..d0bc83fc46 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/values.yaml @@ -0,0 +1,32 @@ +# Common Labels +labels: + app: "works-shg-app" + group: "web" + +# Ingress Configs +ingress: + enabled: true + context: "works-shg-app" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "works-shg-app" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/works-shg-app/" + readinessProbePath: "/works-shg-app/" + +namespace: works +extraVolumes: | + - name: js-injection + configMap: + name: works-shg-app-js-injection +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml new file mode 100644 index 0000000000..06c50c3a28 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: works-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml new file mode 100644 index 0000000000..89f81e46bc --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "works-ui" + group: "web" + +namespace: works + +# Ingress Configs +ingress: + enabled: true + context: "works-ui" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "works-ui" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/works-ui/" + readinessProbePath: "/works-ui/" + +extraVolumes: | + - name: js-injection + configMap: + name: works-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/Chart.yaml new file mode 100644 index 0000000000..e8a88e4513 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: works-pdf +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml new file mode 100644 index 0000000000..1ec21eab16 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml @@ -0,0 +1,143 @@ +# Common Labels +labels: + app: "works-pdf" + group: "rainmaker" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "egov-pdf" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "works_pdf_schema" + image: + repository: "works-pdf-db" + +# Container Configs +image: + repository: "works-pdf" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: DB_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: db-host + - name: DB_NAME + valueFrom: + configMapKeyRef: + name: egov-config + key: db-name + - name: DB_USER + valueFrom: + secretKeyRef: + name: db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: DB_PORT + value: "5432" + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project-management-system + - name: EGOV_ESTIMATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: estimate-service + - name: EGOV_MUSTER_ROLL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: muster-roll-service + - name: EGOV_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EXPENSE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: BANKACCOUNT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: EXPENSE_CALCULATOR_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator + - name: EGOV_FILESTORE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: CONTEXT_PATH + value: "/egov-pdf" + - name: PROJECT_DETAILS_TEMPLATE + value: "project-detail" + - name: ESTIMATE_TEMPLATE + value: "estimate" + - name: NOMINAL_MUSTER_ROLL_TEMPLATE + value: "nominal-muster-roll" + - name: WORK_ORDER_TEMPLATE + value: "work-order" + - name: WORK_ORDER_TEMPLATE_HINDI + value: "work-order-hindi" + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name \ No newline at end of file diff --git a/deploy-as-code/helm/environments/works-dev-secrets.yaml b/deploy-as-code/helm/environments/works-dev-secrets.yaml index 1389c19568..5b52ab8d15 100644 --- a/deploy-as-code/helm/environments/works-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/works-dev-secrets.yaml @@ -1,42 +1,48 @@ cluster-configs: secrets: db: - username: ENC[AES256_GCM,data:ufcHeQl9et3fD68=,iv:MkZAe9JE9352L6ENwOy3hEPMVDBBObvypnPKZsUABP4=,tag:9ggPsfbWktLi45DxOmPhaA==,type:str] - password: ENC[AES256_GCM,data:dY+uHddQUgc=,iv:hPzHbmTT7HMG5nUwBpEQymVkTPMWmiPSq0cPyHdXGb0=,tag:ZXBcJx7YkO54kY5GC+4TRg==,type:str] - flywayUsername: ENC[AES256_GCM,data:gZR1O1+vHC8ClUw=,iv:FJJZ0vz/SvhTGxyV2Deb/OBWS58rK6kMZaYpS3VTNa4=,tag:cEMJT+e9kCAxfRz1YEPeRQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:A/xgH7lHEZI=,iv:2Mx+iJmVCKupu6hTORbth5Oge+7v63ZtXZ2tQuWIMCU=,tag:C+Q6H/OxVA/ddgSjyuh2gA==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] - secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] + username: ENC[AES256_GCM,data:P7eJg7L6BHNkDw==,iv:V6c2oa4rgef4zVubyBVqfLzaBPqL37NkBHnS4ow3t4I=,tag:KPWWcyV2RRkz2dbEgIZvGw==,type:str] + password: ENC[AES256_GCM,data:rwmZvpS1UFgLuqEM8Q==,iv:ZdKLKhW5BNC9cv7xWyES91V9527IhyxDZFtrG8/RMnc=,tag:AGKY4AtnM71vZwQvV0v7UA==,type:str] + flywayUsername: ENC[AES256_GCM,data:SvFKmVr7KoATQw==,iv:lyzeqf80asZcscJbdEr3L/U8Ak8Xiwk0rA/n2tNDydQ=,tag:BV/qcv9YkdYejOk0nUYn2A==,type:str] + flywayPassword: ENC[AES256_GCM,data:6yLOXN8nBhFymxYSGg==,iv:BOK2G6uctHpllOoHuOw4Ypf7lQ3RjSJCOsUXpLEanFs=,tag:tidMqqG0Xywp7jcIwxrtJw==,type:str] egov-notification-sms: username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:2/iAHgvDaL/jkoso2bGvK2lBmqA=,iv:d1RfEofx1DvEKBgmEfXSi2Uc0oxC+JViA1cDHzTlH+I=,tag:rkovGCDAN0QlOfB7dfsQoA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:0qOBRRosTaEn8FsH1sGAVRvh8aOVUXF5Za++lOPcGvEcrd6Dlcfvvg==,iv:Tm141HWjeOa37TNnGi1jUsVgzHqugVdX68hTYCKaedI=,tag:mI2XzAcF3PNTxUOsuZhU5Q==,type:str] + aws-key: ENC[AES256_GCM,data:w8dzx1VxegcyiuUkEkZUJ2q6sl8=,iv:tblebty94pl2+ByPoZu9L8U7cXEylYQUMAQlxTPvfvM=,tag:x44CUdAQGTiZJjyioLolCw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:AqwpqJ0eGdu7XR7sDDQnIQyOQna2tLAiSNO/ISpUStCBTbn52IB7iQ==,iv:SkYL0egyml+Ub8+QZzB+JF8eqPl27s6qE2yUszMN8/I=,tag:QRLPO7lsianWkI3v+GWTyA==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:IDNGiQ/UdJfodlpDksRd,iv:JXpOVDYms1HVVWGnxMwmpirVScnDTZt6OaPn2pb4hnY=,tag:tTDmD8PRBezzXFg876KG4g==,type:str] + account-key: ENC[AES256_GCM,data:bIk4upLfb+M4xzsW/pVEQQIRQzUHItnATMxoQw/a6q5iSeGOJxcbFoj/Yj5wN61AXFI1QgGqPUVyGTU4LFj4OvSb4Te/AL1bsqIgAppdEKxKu0YOXeWouQ==,iv:FIkApN+y2tCd4xzPb61DqfmFXAb9v5lYVRuPWUdUWLA=,tag:3dTtN+HvrA1+m9QjeeqZTQ==,type:str] egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] + gmapskey: ENC[AES256_GCM,data:7Oh3SrZgqF9uTGyFY1e2gERb4Q+xFgn0Ch5geYuq0oCkskBt+2DY,iv:R6kmwnTy5vIgbmrTh6ro3zQhfqKxxh9ziKmsCcPFNUY=,tag:0wt831cNMzBEI7xWPA5r/Q==,type:str] egov-pg-service: axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:rZ5weD43,iv:w1J3CFaON7TwZ6eX/hCzaRGwVU4zL44ImgRQTIm3K14=,tag:FhB+ULwj3L/Fv0fKNho+xg==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:7v9zmQRdhws=,iv:WIRN18PE2qY6tk9RlRlSBwZ82JoHikXU9OgZZJEb6tY=,tag:hGrLc397Bnd3BajNYAlcTg==,type:str] pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] + admin-email: ENC[AES256_GCM,data:i56/L3PqmtdCHZxEA3vINmFUFo33Gun3FRI=,iv:BuHWeGoT/xf9OcAQPglN7tAUUseXE/dqhTaxXUvKzjE=,tag:SgoB8+KkKfTz0DWZEOytvQ==,type:str] + admin-password: ENC[AES256_GCM,data:OHYF/5vUzv6/uHSV,iv:yWkFCGcHjIdBXYVYQA8TCMcu/ThkJetHxYfnCn+Wiyg=,tag:O85S6LybYeOqFw4sJzMxHw==,type:str] + read-email: ENC[AES256_GCM,data:HAV68+XHfk+SO/Orbm0DquAOBcVF1/sKfg==,iv:8fJWgr0MVzM9l963+Z0/yHFjL7CY7vMbtuX9E4o8M+Q=,tag:dwOz9PoZcVUOyKVW9WupTA==,type:str] + read-password: ENC[AES256_GCM,data:oguc3wk49XcvhgPW,iv:a5riBFfT0rznHZDFC8eByvoAlc1KDAKeuLZhFdTSXPM=,tag:pkRyrUsPhq5VmYsL5cmPQw==,type:str] egov-enc-service: - master-password: ENC[AES256_GCM,data:zIZF3uLtJIfXDw==,iv:vQESE+sjUTQrIRIjsYadLAboraj69JmTI3MHIsnTya4=,tag:6sUPwMjMJkBEVPTTkonFOQ==,type:str] + master-password: ENC[AES256_GCM,data:yd9we+lE5aD+kGmgJnVnCQ==,iv:nsPJQ8Njd1iHYIy3UE6WI8wAMvIkkmFtpISkQALXkB4=,tag:eK9XP11MN8o/vlnxR74DHQ==,type:str] master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:F1pTK0ZEuqxPNnfPzRxrkD6ckyX3kSl5/oNmYBoDj62A,iv:wcFqE3qIV1zHDJ4WWDlpJzQzbfI7Wk5xbtkzsRm3jRs=,tag:oeZWSZrJB4msjn7vnsuczw==,type:str] + mailsenderusername: ENC[AES256_GCM,data:UsnTwEe1/Wyjj+U0EOLzHU5LIE+IQZ1DpL4NysUrAFsg,iv:mpri8EAFmGTrBSZrZvyl0zYeIB3tQ9xKZgkwsr2DI8c=,tag:HqO7yg20VlxOU6Tddex5UQ==,type:str] mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] + known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] egov-edcr-notification: edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] @@ -47,23 +53,18 @@ cluster-configs: edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - wordpress: - wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] - mysql: - mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:GpE1XVfn44LKjg2jk22dzgNoJA8=,iv:WtW76me9aqMk4JMmoC5d8T7gqZEOl5UXmV3f8Msyeyc=,tag:vc/SGitPaGGwc9r8+gc2ew==,type:str] - clientSecret: ENC[AES256_GCM,data:NQ3oRJMI6XQ3qCh93OYIVxxcX+ICtGt7jjLZdBirp6VtsBWuqTAhGQ==,iv:VFvSFnDxPAXlXZo0VsNq/Y0EYULHp9n6+VRA29Xipuo=,tag:v/nLIHS4Ee8pt2A7sbJV1Q==,type:str] - cookieSecret: ENC[AES256_GCM,data:UXn1+wvvuGN1qY1vJYZw7MxvXx6eiQIkrhJPlKxLN4XtxRXrp70l8+3UKA==,iv:QX/yKh16Pnb6C0XnatJwrW+8bfas7Ifl1G5/mIam6p8=,tag:Jov5WAX3E0EdbbGTShCQZQ==,type:str] chatbot: valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:Wb2bU7Pmc1PAP99unifMuI+qTys=,iv:y7/SC/x++TShu5YOYH5fJgpUMBBextRsb5xzyIOB0qU=,tag:he2I+NvpDskBlI4WQ6UrxQ==,type:str] + clientSecret: ENC[AES256_GCM,data:4Vq3Jghf73pAH90xvNhLJ52sl3GH/gGA2L6+Dyk4lsy0TMmic9YIzw==,iv:STL6OnofD7p+bRaw6vKEVYd2XBJb0Wlm/RxywMQDW0Q=,tag:L3+xX3qKYRuCPFtX3Ew6VA==,type:str] + cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] + secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] alertmanager: config: global: @@ -71,43 +72,36 @@ cluster-configs: route: receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2020-11-10T06:48:05Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2020-11-10T06:48:05Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-03-24T12:10:14Z" - mac: ENC[AES256_GCM,data:kRXHQE3uQ8EitDU2Ilw6X6p4D1OmrpuRuLEe2dmHuyxn34+o6XfA3+0ntTWYl2+MNeYkNNguOysCA9j9sL1xJDrKruvmQlT7fuAcQh0QDMIcwl5V2Q+h8gAXWCX/c2eU/3gzpyRE4XAj1q3A0FY+gpdLZK2nxQpd3+HPpkXXKnc=,iv:1vV6oLbN38wkjuy7AMi7xA8/yyD+I9KOe9AjNi9AHaY=,tag:0Wx4diAoWbUMEKxTZ/o+2A==,type:str] + lastmodified: '2023-06-22T05:01:45Z' + mac: ENC[AES256_GCM,data:h8dvwlX5sRvsOYhiJw0C/aQdzzXyhwxTuv2eGAO91Gqs/wKHQBdoiFtNBRk0JSNOk+067+E32K7sAaGiFyrRLvquHha7cRAxL6DqLY6/Ryx6Rur3218YOGBUABNIX3y9f+dIeEmwf5T6Q73FNClrb2nvwrwyJ9qJzheLvtsQ+ZM=,iv:9v27T1Wh1myNtRgfX4DP1QuoVghzRc6kH/1NDSN7YXw=,tag:RFQ8YXpGJa54HoIHi4ANxg==,type:str] pgp: - - created_at: "2020-11-10T06:48:05Z" - enc: | + - created_at: '2020-11-10T06:48:05Z' + enc: | -----BEGIN PGP MESSAGE----- hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv @@ -120,6 +114,6 @@ sops: q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== =msen -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/works-dev.yaml b/deploy-as-code/helm/environments/works-dev.yaml index 3fbaf2178c..fb3eccc686 100644 --- a/deploy-as-code/helm/environments/works-dev.yaml +++ b/deploy-as-code/helm/environments/works-dev.yaml @@ -1,80 +1,149 @@ global: - domain: works-dev.digit.org - tracing-enabled: true + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup cluster-configs: - namespaces: - create: false - values: - [ - backbone, - cert-manager, - egov, - works, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov, works, playground, kafka-cluster] - - role: admin - namespaces: [playground] - + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban, works ] + root-ingress: cert-issuer: letsencrypt-prod - namespace: works - appRoot: works-ui - serviceName: works-ui - configmaps: egov-config: - namespace: [ egov , works ] + namespace: [ egov, monitoring, sanitation, works ] data: - db-host: "postgres.egov" - db-name: "works_dev_db" - db-url: "jdbc:postgresql://postgres.egov:5432/works_dev_db" - domain: "works-dev.digit.org" - egov-services-fqdn-name: "https://works-dev.digit.org/" - egov-state-level-tenant-id: "pg" + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - logging-level-jdbc: "debug" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" - s3-assets-bucket: "(pg-egov-assets|works-dev-asset)" serializers-timezone-in-ist: "true" - server-tomcat-max-threads: "10" server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" sms-enabled: "true" spring-datasource-tomcat-initialSize: "1" spring-datasource-tomcat-max-active: "2" spring-jpa-show-sql: "true" + timezone: Asia/Kolkata tracer-errors-provideexceptionindetails: "true" - timezone: "Asia/Kolkata" - es-infra-host: elasticsearch-data-v1.es-cluster - db-ssl: "false" - state-level-tenant-id: "pg" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov , works ] + namespace: [ egov, monitoring, sanitation, works ] data: - egov-mdms-service: "http://egov-mdms-service.egov:8080/" + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" egov-location: "http://egov-location.egov:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + audit-service: "http://audit-service.egov:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report.egov:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" attendance-service: "http://attendance.works:8080/" contract-service: "http://contracts.works:8080/" muster-roll-service: "http://muster-roll.works:8080/" @@ -87,40 +156,27 @@ cluster-configs: works-management-service: "http://works-management-service.works:8080/" individual: "http://individual.works:8080/" works-pdf: "http://works-pdf.works:8080/" - - audit-service: "http://audit-service.egov:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-otp: "http://egov-otp:8080/" - minio-url: "http://minio.backbone:9000/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" loi-service: "http://loi-service.works:8080/" - location: "http://location:8080/" - pdf-service: "http://pdf-service.egov:8080/" - user-otp: "http://user-otp:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening.egov:8080/" - inbox: "http://inbox.egov:8080/" - -#########---Works---######### +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" -estimate-service: - tracing-enabled: true - java-enable-debug: true - estimate-default-limit: 100 - estimate-search-max-limit: 200 - estimate-workflow-business-service: "ESTIMATE" - -loi-service: - tracing-enabled: true - workflow.loi.business.service.name: "loi-approval-4" +works-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" attendance-service: tracing-enabled: true @@ -132,7 +188,13 @@ attendance-service: attendance-staff-service-integration-required: false attendance-document-id-verification-required: false attendance-register-open-search-enabled-roles: "SUPERUSER" - + +bankaccounts: + tracing-enabled: true + java-enable-debug: true + bank-account-default-limit: 100 + bank-account-search-max-limit: 200 + contract-service: tracing-enabled: true java-enable-debug: true @@ -144,25 +206,30 @@ contract-service: contract-workflow-module-name: "contract-service" contract-cbo-url-host : "https://works-dev.digit.org" contract-cbo-url-endpoint : "/works-shg-app" - -# project-management-system: -# tracing-enabled: true -# java-enable-debug: true -# project-default-offset: 0 -# project-default-limit: 100 -# project-search-max-limit: 200 -# project-mdms-module: "works" -# egov-location-hierarchy-type: "ADMIN" -project: +expense-calculator: tracing-enabled: true java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - project-mdms-module: "works" - egov-location-hierarchy-type: "ADMIN" - + +expenses-billing: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + bill-kafka-topic: "bill" + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + +loi-service: + tracing-enabled: true + workflow.loi.business.service.name: "loi-approval-4" + muster-roll-service: tracing-enabled: true java-enable-debug: true @@ -178,7 +245,7 @@ muster-roll-service: works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" works-contract-service-code: "WORKS-CONTRACT" notification-sms-enabled: "true" - + organisation: tracing-enabled: true java-enable-debug: true @@ -187,96 +254,57 @@ organisation: egov-location-hierarchy-type: "ADMIN" works-cbo-url-host: "https:/works-dev.digit.org" works-cbo-url-endpoint: "/works-shg-app" - -bankaccounts: - tracing-enabled: true - java-enable-debug: true - bank-account-default-limit: 100 - bank-account-search-max-limit: 200 - -individual: - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - -works-management-service: - tracing-enabled: true - java-enable-debug: true - - - -expense-calculator: - tracing-enabled: true - java-enable-debug: true -expenses-billing: +project: tracing-enabled: true java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - bill-kafka-topic: "bill" + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + project-mdms-module: "works" + egov-location-hierarchy-type: "ADMIN" -expense: +works-management-service: tracing-enabled: true java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" works-inbox-service: java-enable-debug: true tracing-enabled: true - -#########---core-services---######### - -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/DEV/egov-persister/contract-service-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" -egov-mdms-service: - mdms-path: "/work-dir/works-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-mdms-data" - branch: "DEV" - mdms-folder: "works-mdms-data" - java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" +works-shg-app: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" - fixed-bucketname: "works-dev-filestore" minio-enabled: false - aws.s3.url : "https://s3.amazonaws.com" - is-bucket-fixed: "true" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi -egov-user: - replicas: "1" +egov-url-shortening: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - state-level-tenant-id: "pg" - java-enable-debug: true + egov-url-shortner-endpoint: "/eus/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "2" egov-idgen: idformat-from-mdms: "true" @@ -284,44 +312,13 @@ egov-idgen: heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" -egov-persister: - persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - java-enable-debug: true - heap: "-Xmx192m -Xms192m" - employee-applink: "https://works-dev.digit.org/works-ui/employee/user/login" - egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender sms-sender-requesttype: "GET" sms-custom-config: "true" sms-extra-req-params: "mtype=N&DR=Y" @@ -332,125 +329,188 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 2 - custom-filter-property: "false" +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" - eventlog-enabled: "true" - eventlog-topic: "zuul-event-log" - eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" -########################################## +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - egov-url-shorten-hashid-salt: "randomsalt" - egov-url-shorten-hashid-min-length: "5" -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" -egov-workflow: +egov-persister: + replicas: 1 heap: "-Xmx256m -Xms256m" memory_limits: 512Mi + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -pdf-service: +egov-localization: replicas: 1 - memory_limits: 1.5Gi + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" - data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" - format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-searcher: - search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-user-chatbot: - egov-state-level-tenant-id: "pg" - -works-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -works-shg-app: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx-ingress: +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - #metrics: - enabled: true - serviceMonitor: - enabled: true - service: - prometheusRule: - enabled: true + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' -cert-manager: - email: "devops-team@egov.org.in" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx128m -Xms128m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 256Mi + heap: -Xmx128m -Xms128m +fsm: + memory_limits: 384Mi + heap: -Xmx384m -Xms256m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: @@ -460,25 +520,120 @@ redoc: service_type: LoadBalancer # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + memory_limits: 768Mi + heap: "-Xmx512m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" -inbox: - service-map : '{}' - bs-service-map : '{}' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + heap: "-Xmx512m -Xms256m" + memory_limits: 768Mi + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-config: topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" @@ -486,10 +641,9 @@ kafka-config: kafka-brokers: "kafka-v2.kafka-cluster:9092" logging-config: - es-host: "es-client.es-cluster" + es-host: "elasticsearch-client-v1.es-cluster" es-port: "9200" - jaeger: host: "jaeger-agent.monitoring" port: "6831" @@ -499,15 +653,55 @@ jaeger: samplingConfig: | { "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, { "service": "report-service", "type": "probabilistic", "param": 0.5 }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, { "service": "egov-hrms", "type": "probabilistic", "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 } ], "default_strategy": { @@ -515,7 +709,6 @@ jaeger: "param": 0.05 } } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< # redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redis: @@ -523,38 +716,33 @@ redis: images: - egovio/redis:3.2 # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -minio: - mode: distributed - persistence: - enabled: true - aws: - - volumeId: "vol-0393fa1f3c5cd57e7" - zone: ap-south-1a - - volumeId: "vol-0a90fced10336cf2d" - zone: ap-south-1a - - volumeId: "vol-052f5b02391cf572e" - zone: ap-south-1a - - volumeId: "vol-024b629a7e1a01ec7" - zone: ap-south-1a - -postgres: - persistence: - enabled: true - dataDirSize: 30Gi - aws: - volumeId: "vol-0dae5eae2cb06009c" - postgresDatabase: works_dev_db +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: - - volumeId: "vol-0ada98badba828121" - zone: ap-south-1a - - volumeId: "vol-06f14a402f6a4e393" - zone: ap-south-1a - - volumeId: "vol-06aa546865f96bf9d" - zone: ap-south-1a + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -565,27 +753,29 @@ kafka-v2: minInsyncReplicas: "1" offsetsReplicationFactor: "3" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: - - volumeId: "vol-0b04da159ca5cb333" - zone: ap-south-1a - - volumeId: "vol-0e953ab20516b6874" - zone: ap-south-1a - - volumeId: "vol-026ac89a9ba812586" - zone: ap-south-1a + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. limits: cpu: 300m memory: 384Mi @@ -593,30 +783,29 @@ zookeeper-v2: cpu: 300m memory: 384Mi -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> elasticsearch-data-v1: image: tag: 6.6.2 persistence: enabled: true aws: - - volumeId: "vol-03fdd115ece13fcf6" - zone: ap-south-1a - - volumeId: "vol-03fa12d6acf3ee6e6" - zone: ap-south-1a - - volumeId: "vol-0ee45d588c0950dd6" - zone: ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx550m -Xms550m" resources: requests: - # cpu: "1000m" - memory: "2Gi" + memory: "1Gi" limits: - # cpu: "1000m" - memory: "2Gi" + memory: "1Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> elasticsearch-master-v1: replicas: 3 @@ -625,13 +814,13 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "vol-03fc47da18c414fee" - zone: ap-south-1a - - volumeId: "vol-0743bade66fe9a18c" - zone: ap-south-1a - - volumeId: "vol-07675366adde7b23e" - zone: ap-south-1a - + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + esJavaOpts: "-Xmx448m -Xms448m" resources: requests: @@ -639,106 +828,28 @@ elasticsearch-master-v1: limits: memory: "896Mi" -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluentd: - images: - - egovio/fluentd:v0.1.9 - target_env: qa - -delete-old-logs-in-es: - images: - - egovio/elasticsearch-curator-5-0-2:0.0.2 - days: 1 - schedule: "0 12 * * *" - target_env: qa - -logrotate: - images: - - egovio/logrotate:0.1 - logrotate-interval: daily -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "dev_readonly" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< playground: replicas: 1 images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_pb_db" + - egovio/playground:v2 -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: +es-curator: + schedule: "45 18 * * *" images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kibana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-uat,devops,works" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/works-configs" - branch: "DEV" - - minio: - mode: distributed - disableWebUI: false - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0085073c65f7568a3" - zone: ap-south-1a - - volumeId: "vol-031fa52f18391ddab" - zone: ap-south-1a - - volumeId: "vol-054c367d60f236577" - zone: ap-south-1a - - volumeId: "vol-015c0f14cb3927c68" - zone: ap-south-1a - ingress: - hostName: minio-staging.digit.org From e1677b0f8737033ae433b4bf1523eb2a4a8f5b06 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 23 Jun 2023 10:46:47 +0530 Subject: [PATCH 215/742] Renamed works-dev yaml to unified-works-dev yaml (#1761) Co-authored-by: Harish-egov --- .../{works-dev-secrets.yaml => unified-works-dev-secrets.yaml} | 0 .../helm/environments/{works-dev.yaml => unified-works-dev.yaml} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename deploy-as-code/helm/environments/{works-dev-secrets.yaml => unified-works-dev-secrets.yaml} (100%) rename deploy-as-code/helm/environments/{works-dev.yaml => unified-works-dev.yaml} (100%) diff --git a/deploy-as-code/helm/environments/works-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml similarity index 100% rename from deploy-as-code/helm/environments/works-dev-secrets.yaml rename to deploy-as-code/helm/environments/unified-works-dev-secrets.yaml diff --git a/deploy-as-code/helm/environments/works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml similarity index 100% rename from deploy-as-code/helm/environments/works-dev.yaml rename to deploy-as-code/helm/environments/unified-works-dev.yaml From 7cdd2bcf40d4aecdc2a05150d37150f17e863355 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 26 Jun 2023 10:19:49 +0530 Subject: [PATCH 216/742] Update Chart.yaml (#1767) --- .../digit-works/frontend/works-shg-app/works-ui/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml index 06c50c3a28..33b1b138f0 100644 --- a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../../../common From 3adf46b22ab573291dee88698bbdd7d2ab7fdbb8 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 26 Jun 2023 11:52:12 +0530 Subject: [PATCH 217/742] added debugger for zuul (#1770) --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 7 +++++++ deploy-as-code/helm/environments/unified-dev.yaml | 1 + 2 files changed, 8 insertions(+) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 564178ec65..3d50e49aad 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -114,6 +114,13 @@ env: | value: "false" - name: JAVA_ARGS value: {{ index .Values "java-args" | quote }} + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} - name: EGOV_STATELEVEL_TENANT valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 96ef866ee6..38987be551 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -422,6 +422,7 @@ zuul: tracing-enabled: "true" memory_limits: 768Mi heap: "-Xmx512m -Xms512m" + java-debug: "true" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" From d5a37e52f8acbe756b7de11df10ffc3ef64a15b9 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 26 Jun 2023 13:44:03 +0530 Subject: [PATCH 218/742] Added flag for IsEnvironmentCentralInstance (#1771) --- deploy-as-code/helm/charts/common/values.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index a533ee541a..a550d2ae8f 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -206,7 +206,10 @@ extraEnv: valueFrom: configMapKeyRef: name: egov-config - key: spring-jpa-show-sql + key: spring-jpa-show-sql + - name: IS_ENVIRONMENT_CENTRAL_INSTANCE + value: "false" + jaeger: | - name: JAEGER_SERVICE_NAME value: {{ template "common.name" . }} From 45ddb6d4a3c786fb8016777ad577138673d8aa21 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 26 Jun 2023 16:25:35 +0530 Subject: [PATCH 219/742] Update .sops.yaml (#1773) --- deploy-as-code/helm/.sops.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index b97f0e73f2..96bd2dcc1a 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -9,4 +9,8 @@ creation_rules: - path_regex: environments/unified\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' From b8bbd375b0510af79330327f7396771411d454cf Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 27 Jun 2023 10:50:14 +0530 Subject: [PATCH 220/742] Added works configs path in the yaml file (#1772) * Added works configs path in the yaml file * Update unified-works-dev.yaml --------- Co-authored-by: Harish-egov Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-works-dev.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index fb3eccc686..20d0a9c1b1 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -417,7 +417,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml" egov-persister: replicas: 1 @@ -425,7 +425,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -490,8 +490,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/works/pdf-service/data-config/works-estimate.json,file:///work-dir/configs/works/pdf-service/data-config/project-detail.json,file:///work-dir/configs/works/pdf-service/data-config/estimate.json,file:///work-dir/configs/works/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/configs/works/pdf-service/data-config/work-order.json,file:///work-dir/configs/works/pdf-service/data-config/work-order-hindi.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/works/pdf-service/format-config/works-estimate.json,file:///work-dir/configs/works/pdf-service/format-config/project-detail.json,file:///work-dir/configs/works/pdf-service/format-config/estimate.json,file:///work-dir/configs/works/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/configs/works/pdf-service/format-config/work-order.json,file:///work-dir/configs/works/pdf-service/format-config/work-order-hindi.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From d0bb03cc6fcdc2527f828e425a1f696675a3c4af Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 27 Jun 2023 16:20:15 +0530 Subject: [PATCH 221/742] Added health servcie charts and renamed yaml files (#1775) * Added health namespace in health-services charts and renamed health-dev yaml files * Removed extra Playground config * Added egov namespaces for ingress in health-services charts --------- Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 6 +- .../health-services/facility/Chart.yaml | 26 + .../facility/templates/deployment.yaml | 2 + .../facility/templates/ingress.yaml | 2 + .../facility/templates/service.yaml | 2 + .../health-services/facility/values.yaml | 100 ++++ .../health-services/household/Chart.yaml | 26 + .../household/templates/deployment.yaml | 2 + .../household/templates/ingress.yaml | 2 + .../household/templates/service.yaml | 2 + .../health-services/household/values.yaml | 118 +++++ .../health-services/individual/Chart.yaml | 26 + .../individual/templates/deployment.yaml | 2 + .../individual/templates/ingress.yaml | 2 + .../individual/templates/service.yaml | 2 + .../health-services/individual/values.yaml | 144 ++++++ .../charts/health-services/product/Chart.yaml | 26 + .../product/templates/deployment.yaml | 2 + .../product/templates/ingress.yaml | 2 + .../product/templates/service.yaml | 2 + .../health-services/product/values.yaml | 93 ++++ .../charts/health-services/project/Chart.yaml | 26 + .../project/templates/deployment.yaml | 2 + .../project/templates/ingress.yaml | 2 + .../project/templates/service.yaml | 2 + .../health-services/project/values.yaml | 236 +++++++++ .../charts/health-services/stock/Chart.yaml | 26 + .../stock/templates/deployment.yaml | 2 + .../stock/templates/ingress.yaml | 2 + .../stock/templates/service.yaml | 2 + .../charts/health-services/stock/values.yaml | 136 ++++++ .../health-services/transformer/Chart.yaml | 26 + .../transformer/templates/deployment.yaml | 2 + .../transformer/templates/ingress.yaml | 2 + .../transformer/templates/service.yaml | 2 + .../health-services/transformer/values.yaml | 149 ++++++ .../helm/environments/health-dev-secrets.yaml | 96 ---- .../unified-health-dev-secrets.yaml | 104 ++++ ...ealth-dev.yaml => unified-health-dev.yaml} | 448 +++++++----------- 39 files changed, 1468 insertions(+), 386 deletions(-) create mode 100644 deploy-as-code/helm/charts/health-services/facility/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/facility/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/facility/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/facility/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/facility/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/household/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/household/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/household/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/household/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/household/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/individual/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/individual/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/product/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/product/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/product/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/product/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/product/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/project/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/project/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/project/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/transformer/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/transformer/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/transformer/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/transformer/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/transformer/values.yaml delete mode 100644 deploy-as-code/helm/environments/health-dev-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-health-dev-secrets.yaml rename deploy-as-code/helm/environments/{health-dev.yaml => unified-health-dev.yaml} (62%) diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index 96bd2dcc1a..a32c1301db 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -13,4 +13,8 @@ creation_rules: - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-health\-dev\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' diff --git a/deploy-as-code/helm/charts/health-services/facility/Chart.yaml b/deploy-as-code/helm/charts/health-services/facility/Chart.yaml new file mode 100644 index 0000000000..a21747d61c --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/facility/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: facility +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/facility/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/facility/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/facility/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/facility/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/facility/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/facility/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/facility/templates/service.yaml b/deploy-as-code/helm/charts/health-services/facility/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/facility/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/facility/values.yaml b/deploy-as-code/helm/charts/health-services/facility/values.yaml new file mode 100644 index 0000000000..dd4555bbd3 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/facility/values.yaml @@ -0,0 +1,100 @@ +# Common Labels +labels: + app: "facility" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "facility" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "facility_schema" + image: + repository: "facility-db" + +# Container Configs +image: + repository: "facility" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/facility/health" + readinessProbePath: "/facility/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-project + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: FACILITY.IDGEN.ID.FORMAT + value: "facility.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + + - name: FACILITY.KAFKA.CREATE.TOPIC + value: "save-facility-topic" + - name: FACILITY.KAFKA.UPDATE.TOPIC + value: "update-facility-topic" + - name: FACILITY.KAFKA.DELETE.TOPIC + value: "delete-facility-topic" + - name: FACILITY.CONSUMER.BULK.DELETE.TOPIC + value: "delete-facility-bulk-topic" + - name: FACILITY.CONSUMER.BULK.CREATE.TOPIC + value: "create-facility-bulk-topic" + - name: FACILITY.CONSUMER.BULK.UPDATE.TOPIC + value: "update-facility-bulk-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/household/Chart.yaml b/deploy-as-code/helm/charts/health-services/household/Chart.yaml new file mode 100644 index 0000000000..bae9eec93d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/household/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: household +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/household/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/household/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/household/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/household/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/household/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/household/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/household/templates/service.yaml b/deploy-as-code/helm/charts/health-services/household/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/household/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/household/values.yaml b/deploy-as-code/helm/charts/health-services/household/values.yaml new file mode 100644 index 0000000000..2873b39b18 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/household/values.yaml @@ -0,0 +1,118 @@ +# Common Labels +labels: + app: "household" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "household" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "household_schema" + image: + repository: "household-db" + +# Container Configs +image: + repository: "household" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/household/health" + readinessProbePath: "/household/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx1024m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/household-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-persister/household-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-household + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: HOUSEHOLD.IDGEN.ID.FORMAT + value: "household.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_INDIVIDUAL_SEARCH_URL + value: "/individual/v1/_search" + - name: HOUSEHOLD_MEMBER_KAFKA_CREATE_TOPIC + value: "save-household-member-topic" + - name: HOUSEHOLD_MEMBER_KAFKA_UPDATE_TOPIC + value: "update-household-member-topic" + - name: HOUSEHOLD_MEMBER_KAFKA_DELETE_TOPIC + value: "delete-household-member-topic" + - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.CREATE.TOPIC + value: "household-member-consumer-bulk-create-topic" + - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.UPDATE.TOPIC + value: "household-member-consumer-bulk-update-topic" + - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.DELETE.TOPIC + value: "household-member-consumer-bulk-delete-topic" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: HOUSEHOLD.CONSUMER.BULK.DELETE.TOPIC + value: "delete-household-bulk-topic" + - name: HOUSEHOLD.CONSUMER.BULK.CREATE.TOPIC + value: "create-household-bulk-topic" + - name: HOUSEHOLD.CONSUMER.BULK.UPDATE.TOPIC + value: "update-household-bulk-topic" + - name: HOUSEHOLD.KAFKA.CREATE.TOPIC + value: "save-household-topic" + - name: HOUSEHOLD.KAFKA.UPDATE.TOPIC + value: "update-household-topic" + - name: HOUSEHOLD.KAFKA.DELETE.TOPIC + value: "delete-household-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/Chart.yaml b/deploy-as-code/helm/charts/health-services/individual/Chart.yaml new file mode 100644 index 0000000000..248d7f83cc --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/individual/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: individual +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/values.yaml b/deploy-as-code/helm/charts/health-services/individual/values.yaml new file mode 100644 index 0000000000..7e2906f034 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/individual/values.yaml @@ -0,0 +1,144 @@ +# Common Labels +labels: + app: "individual" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "individual" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "individual_schema" + image: + repository: "individual-db" + +# Container Configs +image: + repository: "individual" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/individual/health" + readinessProbePath: "/individual/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-persister/individual-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-individual + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: IDGEN.INDIVIDUAL.ID.FORMAT + value: "individual.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC + value: "individual-consumer-bulk-create-topic" + - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC + value: "individual-consumer-bulk-update-topic" + - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC + value: "individual-consumer-bulk-delete-topic" + - name: INDIVIDUAL.PRODUCER.SAVE.TOPIC + value: "save-individual-topic" + - name: INDIVIDUAL.PRODUCER.UPDATE.TOPIC + value: "update-individual-topic" + - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC + value: "delete-individual-topic" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: STATE_LEVEL_TENANT_ID + value: "default" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_ENC_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service + - name: EGOV_ENC_ENCRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_encrypt" + - name: EGOV_ENC_DECRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_decrypt" + - name: AADHAAR_PATTERN + value: "\\d{12}" + - name: MOBILE_PATTERN + value: "\\d+" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_CREATE_USER_URL + value: "/user/users/_createnovalidate" + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_UPDATE_USER_URL + value: "/user/users/_updatenovalidate" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: USER_SYNC_ENABLED + value: "true" + - name: USER_SERVICE_USER_TYPE + value: "CITIZEN" + - name: USER_SERVICE_ACCOUNT_LOCKED + value: "false" + - name: INDIVIDUAL_PRODUCER_UPDATE_USER_ID_TOPIC + value: "update-user-id-topic" + - name: NOTIFICATION_SMS_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/product/Chart.yaml b/deploy-as-code/helm/charts/health-services/product/Chart.yaml new file mode 100644 index 0000000000..3d7f36c7d4 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/product/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: product +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/product/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/product/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/product/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/product/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/product/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/product/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/product/templates/service.yaml b/deploy-as-code/helm/charts/health-services/product/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/product/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/product/values.yaml b/deploy-as-code/helm/charts/health-services/product/values.yaml new file mode 100644 index 0000000000..08fe34e935 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/product/values.yaml @@ -0,0 +1,93 @@ +# Common Labels +labels: + app: "product" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "product" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "product_schema" + image: + repository: "product-db" + +# Container Configs +image: + repository: "product" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/product/health" + readinessProbePath: "/product/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/product-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-persister/product-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-product + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: PRODUCT_KAFKA_CREATE_TOPIC + value: "save-product-topic" + - name: PRODUCT_KAFKA_UPDATE_TOPIC + value: "update-product-topic" + - name: PRODUCT_VARIANT_KAFKA_CREATE_TOPIC + value: "save-product-variant-topic" + - name: PRODUCT_VARIANT_KAFKA_UPDATE_TOPIC + value: "update-product-variant-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/Chart.yaml b/deploy-as-code/helm/charts/health-services/project/Chart.yaml new file mode 100644 index 0000000000..96f152dc86 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/project/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: project +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/templates/service.yaml b/deploy-as-code/helm/charts/health-services/project/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/project/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/values.yaml b/deploy-as-code/helm/charts/health-services/project/values.yaml new file mode 100644 index 0000000000..b720225612 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/project/values.yaml @@ -0,0 +1,236 @@ +# Common Labels +labels: + app: "project" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "project" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "project_schema" + image: + repository: "project-db" + +# Container Configs +image: + repository: "project" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/project/health" + readinessProbePath: "/project/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/project-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-project + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: PROJECT.STAFF.IDGEN.ID.FORMAT + value: "project.staff.id" + - name: PROJECT.FACILITY.IDGEN.ID.FORMAT + value: "project.facility.id" + - name: PROJECT.TASK.IDGEN.ID.FORMAT + value: "project.task.id" + - name: IDGEN.PROJECT.BENEFICIARY.ID.FORMAT + value: "project.beneficiary.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "project_master" + - name: EGOV_MDMS_MODULE_NAME + value: "project" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: PROJECT.TASK.KAFKA.CREATE.TOPIC + value: "save-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.UPDATE.TOPIC + value: "update-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.DELETE.TOPIC + value: "delete-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-task-bulk-topic" + - name: PROJECT.BENEFICIARY.KAFKA.CREATE.TOPIC + value: "save-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.UPDATE.TOPIC + value: "update-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.DELETE.TOPIC + value: "delete-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.CREATE.TOPIC + value: "project-beneficiary-consumer-bulk-create-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.UPDATE.TOPIC + value: "project-beneficiary-consumer-bulk-update-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.DELETE.TOPIC + value: "project-beneficiary-consumer-bulk-delete-topic" + - name: PROJECT.STAFF.KAFKA.DELETE.TOPIC + value: "delete-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.CREATE.TOPIC + value: "save-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.UPDATE.TOPIC + value: "update-project-staff-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-staff-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: PROJECT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC + value: "save-project" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC + value: "update-project" + - name: PROJECT.DEFAULT.OFFSET + value: "0" + - name: PROJECT.DEFAULT.LIMIT + value: "100" + - name: PROJECT.SEARCH.MAX.LIMIT + value: "200" + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: PROJECT.RESOURCE.KAFKA.CREATE.TOPIC + value: "save-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.UPDATE.TOPIC + value: "update-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.DELETE.TOPIC + value: "delete-project-resource-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-resource-bulk-topic" + - name: PROJECT.FACILITY.KAFKA.DELETE.TOPIC + value: "delete-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.CREATE.TOPIC + value: "save-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.UPDATE.TOPIC + value: "update-project-facility-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-facility-bulk-topic" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/Chart.yaml b/deploy-as-code/helm/charts/health-services/stock/Chart.yaml new file mode 100644 index 0000000000..fa5fe4ddec --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: stock +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/stock/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/stock/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/stock/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/templates/service.yaml b/deploy-as-code/helm/charts/health-services/stock/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/values.yaml b/deploy-as-code/helm/charts/health-services/stock/values.yaml new file mode 100644 index 0000000000..34d6e015f5 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/values.yaml @@ -0,0 +1,136 @@ +# Common Labels +labels: + app: "stock" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "stock" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "stock_schema" + image: + repository: "stock-db" + +# Container Configs +image: + repository: "stock" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/stock/health" + readinessProbePath: "/stock/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml" +indexer-yml-path: "file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-project + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: STOCK.IDGEN.ID.FORMAT + value: "stock.id" + - name: STOCK.RECONCILIATION.IDGEN.ID.FORMAT + value: "stock.reconciliation.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: STOCK.KAFKA.CREATE.TOPIC + value: "save-stock-topic" + - name: STOCK.KAFKA.UPDATE.TOPIC + value: "update-stock-topic" + - name: STOCK.KAFKA.DELETE.TOPIC + value: "delete-stock-topic" + - name: STOCK.CONSUMER.BULK.DELETE.TOPIC + value: "delete-stock-bulk-topic" + - name: STOCK.CONSUMER.BULK.CREATE.TOPIC + value: "create-stock-bulk-topic" + - name: STOCK.CONSUMER.BULK.UPDATE.TOPIC + value: "update-stock-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: STOCK.RECONCILIATION.KAFKA.CREATE.TOPIC + value: "save-stock-reconciliation-topic" + - name: STOCK.RECONCILIATION.KAFKA.UPDATE.TOPIC + value: "update-stock-reconciliation-topic" + - name: STOCK.RECONCILIATION.KAFKA.DELETE.TOPIC + value: "delete-stock-reconciliation-topic" + - name: STOCK.RECONCILIATION.CONSUMER.BULK.DELETE.TOPIC + value: "delete-stock-reconciliation-bulk-topic" + - name: STOCK.RECONCILIATION.CONSUMER.BULK.CREATE.TOPIC + value: "create-stock-reconciliation-bulk-topic" + - name: STOCK.RECONCILIATION.CONSUMER.BULK.UPDATE.TOPIC + value: "update-stock-reconciliation-bulk-topic" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: EGOV_PROJECT_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_SEARCH_PROJECT_FACILITY_URL + value: "/project/facility/v1/_search" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/transformer/Chart.yaml b/deploy-as-code/helm/charts/health-services/transformer/Chart.yaml new file mode 100644 index 0000000000..783c3677b6 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/transformer/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: transformer +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/transformer/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/transformer/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/transformer/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/transformer/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/transformer/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/transformer/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/transformer/templates/service.yaml b/deploy-as-code/helm/charts/health-services/transformer/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/transformer/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/transformer/values.yaml b/deploy-as-code/helm/charts/health-services/transformer/values.yaml new file mode 100644 index 0000000000..31e8868db6 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/transformer/values.yaml @@ -0,0 +1,149 @@ +# Common Labels +labels: + app: "transformer" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "transformer" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: false + schemaTable: "transformer_schema" + image: + repository: "transformer-db" + +# Container Configs +image: + repository: "transformer" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/transformer/health" + readinessProbePath: "/transformer/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx1024m -Xms192m" +java-args: "" +memory_limits: "1Gi" +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-transformer + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + + - name: TRANSFORMER_CONSUMER_BULK_CREATE_PROJECT_TASK_TOPIC + value: "save-project-task-topic" + - name: TRANSFORMER_CONSUMER_BULK_UPDATE_PROJECT_TASK_TOPIC + value: "update-project-task-topic" + - name: TRANSFORMER_PRODUCER_BULK_PROJECT_TASK_INDEX_V1_TOPIC + value: "transformer-producer-bulk-project-task-index-v1-topic" + + - name: TRANSFORMER_CONSUMER_BULK_CREATE_PROJECT_STAFF_TOPIC + value: "save-project-staff-topic" + - name: TRANSFORMER_CONSUMER_BULK_UPDATE_PROJECT_STAFF_TOPIC + value: "update-project-staff-topic" + - name: TRANSFORMER_PRODUCER_BULK_PROJECT_STAFF_INDEX_V1_TOPIC + value: "transformer-producer-bulk-project-staff-index-v1-topic" + + - name: TRANSFORMER_PRODUCER_BULK_PROJECT_INDEX_V1_TOPIC + value: "transformer-producer-bulk-project-index-v1-topic" + - name: TRANSFORMER_CONSUMER_CREATE_PROJECT_TOPIC + value: "save-project" + + - name: TRANSFORMER_CONSUMER_UPDATE_PROJECT_TOPIC + value: "update-project" + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_SEARCH_PROJECT_URL + value: "/project/v1/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + + - name: EGOV_LOCATION_ENDPOINT + value: "/egov-location/location/v11/boundarys/_search" + + - name: TRANSFORMER_CONSUMER_BULK_CREATE_STOCK_TOPIC + value: "save-stock-topic" + - name: TRANSFORMER_CONSUMER_BULK_UPDATE_STOCK_TOPIC + value: "update-stock-topic" + - name: TRANSFORMER_PRODUCER_BULK_STOCK_INDEX_V1_TOPIC + value: "transformer-producer-bulk-stock-index-v1-topic" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: TRANSFORMER_CONSUMER_CREATE_FACILITY_TOPIC + value: "save-facility-topic" + - name: TRANSFORMER_CONSUMER_UPDATE_FACILITY_TOPIC + value: "update-facility-topic" + - name: BOUNDARY_LABEL_NAME_PROVINCE + value: "Provincia" + - name: BOUNDARY_LABEL_NAME_DISTRICT + value: "Distrito" + - name: BOUNDARY_LABEL_NAME_ADMINISTRATIVEPROVINCE + value: "Posto Administrativo" + - name: BOUNDARY_LABEL_NAME_LOCALITY + value: "Localidade" + - name: BOUNDARY_LABEL_NAME_VILLAGE + value: "Aldeia" + - name: EGOV_SERVICEDEFINITION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: service-request + - name: EGOV_SEARCH_SERVICEDEFINITION_URL + value: "/service-request/service/definition/v1/_search" + - name: TRANSFORMER_CONSUMER_CREATE_SERVICE_TOPIC + value: "save-service" + - name: TRANSFORMER_PRODUCER_SERVICE_TASK_INDEX_V1_TOPIC + value: "transformer-producer-service-request-index-v1-topic" diff --git a/deploy-as-code/helm/environments/health-dev-secrets.yaml b/deploy-as-code/helm/environments/health-dev-secrets.yaml deleted file mode 100644 index a070fc7160..0000000000 --- a/deploy-as-code/helm/environments/health-dev-secrets.yaml +++ /dev/null @@ -1,96 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:sex2DbN5UuFaO4aU9Ys=,iv:heLMmi06sly5QsCFpRXpeE3rMW5VmPLd15Z4ASmcsUI=,tag:E7cvrqcckbQiNVM5FZUL4g==,type:str] - password: ENC[AES256_GCM,data:TDqFOlZURKRxqSJzjgc=,iv:rUlds3jQTxNKImHoJcCuabOeoRTbrU4Wxqjk9QYVvKw=,tag:PEgrgILVONq07otUccBpPw==,type:str] - flywayUsername: ENC[AES256_GCM,data:IMXBlNmuMN0khYm/ERQ=,iv:9/NRieUjftZMCm1T+qRgU5832dd2XQrYTg4XYAXth6k=,tag:eK6z0/dGJNsZxc4dOm8vTQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:FrpaZkPthv+WtcxW7n0=,iv:2iyCkDJ4mI9l7vuZ9kjt/Un2/vcH4SaZ9mvErVsXY1Q=,tag:u891R2jQWqDVlXQ1WTY6sw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:/CJsyg==,iv:P2moYkb2XcYQqJV5608zRBmPNrxSzWZ9CtHXAAdHJcs=,tag:Cf8T9dANu3IRxIphSGWiqw==,type:str] - password: ENC[AES256_GCM,data:oK8ebg==,iv:sIqNd/wp5wLUqoPYXIHv7gAQ0t99H8Eq3WeaEX0QrlE=,tag:eyxPEhLIBU/tEcQVqV4m+A==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:xOV9C2FlSgnzvxHelE6pDZHrxPc=,iv:5sTgtII5Cx4/cz6ZfwrwyG148hCA2KHcMRAIWcxc6zU=,tag:kZLgrEooKseiRd0jscvHvA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:DSxjWvXeq3nJuyiYoHWtS4AhLgykyXDaxvLb2ubn1uOOwGTi+/0kDw==,iv:fDd7R5jBCX5jBWdx+H/t0ScvR4eYrO8o5lLoVGknuOM=,tag:DfmtaHI4TbdHNqZRhO6Tgw==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:XtbDTT+mPcDcEJJWrndvSQrYhA==,iv:aUbhP8frrhNo6WH9t9kyRnoJgWacyE9Hh/d53e2AakM=,tag:J7Nw6J3Q4eFqTx3Db1GqHQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:pJW27Q==,iv:3Hq2kQlc9yAYMjwTHWmI+OpvQteLWh6pfm9UwNm/NDI=,tag:KQx1PYHUX0UsCwohdLxdUg==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:NpyAog==,iv:bArZumBg/+dsmxjmiCkBH9jFb/Q9Ad8OHdBgXKD8uW8=,tag:DXKqBIC/yZzIL3ioHRyyVw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:nF/ZsA==,iv:jmQeqKkjhTsdWPgXbgtsB9e+72ghR0caRXRxIGsL7BE=,tag:WbhTF2Tokb+qOkGFid01nw==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:egh8yA==,iv:ZHbWazNwfrMcKtbnTJ8caXX0ZqLhpI8i/cGjgVoiW44=,tag:Gl9Y5X//YY519vjcYhPLcg==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:IT4gfg==,iv:GWvXFqnkeWeaOtBA7F+8FwajWRfzCwt3hWRXsWLvQqM=,tag:9K/JCEvtmrNkJeiBBL0IfQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:CMoPlg==,iv:K0L8iN1Z1YdwKHsp1lwdAXKOKl8Nn4s/3Uktk4PjnR0=,tag:edn15q0dMXIueF8OLTJC9Q==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:255xpg==,iv:R4oVe1LqA7kM1cA4d6omS9tuqgZWvfWMxnn/WXib00s=,tag:95ZnwaDI4EyfVRVbxpjFDw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:LkZf0Uc4kNXx4R13nQ==,iv:2q6xmXtS4k60Yg7Tfu8VcLhjsY2d26ZNvWbc+o8oxeI=,tag:VaEXGJzHJM1K0RguOK4G4A==,type:str] - admin-password: ENC[AES256_GCM,data:4ZkQXQ==,iv:Jl+bzprGfv0uShBrKEsH6GsGD0Jo/msrPR5HuPc/K3w=,tag:0x+bM8qblhLV5tgeXkpFAA==,type:str] - read-email: ENC[AES256_GCM,data:3LeFVQDQf6lbBieyvQ==,iv:KiYMxrjzWVqQFNXuyMwsLrEDNmv/1sPqoLEeYeJS6MA=,tag:vcBEx5co4xRLJBSzCPJYTA==,type:str] - read-password: ENC[AES256_GCM,data:ThJlgQ==,iv:fM5Yr1z8bQ/bOeZ8wXjA3CB1WbLHjsjFqQqlNGw5Pnc=,tag:UWRDyovUc1g/M1XkHzKw8Q==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:wsnq8g==,iv:/8O9dxsd0UrlohkB49p3/bJW5N0WU3snC33bv4b7rlw=,tag:zbVq3ojHFd1d6oXdwV5wsw==,type:str] - master-salt: ENC[AES256_GCM,data:+je79oA4EhY=,iv:oteeFw1+7yBIoF5wJQY03QzJw/FF3svMD0u/YorAzuo=,tag:HM3j4dx17Vwud3LhIL47CA==,type:str] - master-initialvector: ENC[AES256_GCM,data:hn0RAUJmn/u0zs00,iv:CIOtGol2MprUAmRweTnsVjDXJ7bdtJFDYbNTbSMrIOY=,tag:Lh25QE5icIdyOlw8llaaGw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:bgqgYE6ZB/CuPoXJK8ylQdi1cI7NQfrSH6Q6c7w=,iv:uIv1xShxiPSG033nKEP9mFPlKiw2KEKbM92btaQifZ8=,tag:7bizJh4mZUZEf0RwOi6txg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:bx2BxYUnX8LHaD79IrgF9Q==,iv:wdZdT/WW4rXwyau267XDK9gJ0GY2QS4Rvo4KHIkY5zo=,tag:fIQuCF2RcYvgwnb8KqQg+A==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:96RCTJqTYHpHgZO4WmR4oRbc1aOIGK2iBUqOPfKMg8Niwx0vYex+5oju6MwjDaE2VjuSvmIq77syVSh18PHMaai+kUvaqHyqp6+uALNW6OROiAc6CnUzAZLZE/InhmrRZ5JenFZQktQJILaz2ZcA343dBKeW78RpJvCuMiaHlQiCU+91EPE66XY8uekElJM0S0/tQ9cCdgEGKLDZXgHeoUfBkekWRJ+oytqfV8HRMrgr81WadBNJGFAH1pXYI2U89fRccedRXJ/3Y21VxKOEdBIfqof8Ej8mTF4z6pQMoRIJjgh18zHaBA2ZWoTYPO0CQCQ2pPu9s3QEBMVRsIX/b4VjZUcqquoVI0dDIPv04jVHg18Ox8nHq5VJI8rHvvtfLaNh9WX60RfW1vT0EdMn/v27XDzYpIvsKqKl5IEilq9ft6tg3QL5zFPLIX/IWoc20Stt28ZjjWeBrXWpQlndTiRw1MB3Z47dyFLUMJps/1/4HG06VBDg5MgVfXmycW52b4+O0KSRif00N/w2GyeL3bGdiXfRT7AiByRZe68UCY3DiofiQAjaz4SUCtLFvnymzww6CKNsqIo9PWdnVGhhwyc7bLeff3a5P2jN6yRZSYCT24DoT4Rsmt1RhNcmmn8ScMo0H36s4ZfeT9Zdn22WAus4lqLAUfu2UC3FujljoWJoqRT+4wf9qMn7iCdCq7eLiZo58mCF3K944a2tgAi84VfR2Eb5nOnVhR6agFxbA19VF8dz7lRhi0aET+GzFYapTU1z1IL/dO7nuQ1fGRXAb8CHsaAaCpqN6PqBKsueeZIZBYcXtAu8h+GPvzBw/TEqa08r+kog1EQX02nplnjWOX6AtbWozzoKaYwj/pZdSYk9wJ+oILg2bO46X9aTX9JQP3H7yKaZxaFoDFI5GI1CtK8ftIdK+Cx2gf+YRHc5CbLZDApU5Kia8v9cVldkt+vlnoLz7hBMSMpTz+u8NT+UMGfDHLyWEyGAZYeZM9adRzprSVnJlE0hMeDwWjTJAVo0/9itocDe/Zo5s3LLeMS60grT1Uq+S3lL3A0JO22cYO7GhoeIcM3UZgR2OGy7r8+oIS7bYqZeo0EiJD0YfdO+8TzrXrTp0wG8hrTBHgUvYzMcmWIZKIjWh6mFzdz4qrUBN1CIJiCkcRLVylsz/jKsENTstpn+domM37v4Mr+E+QIr0BUZMNwTmNP1JzWrQ2p4B0G5A8bs8ygzi1XhJFyuTQtRDkS/pyISBeyub0U9ws58g1KFxSp8w9QbRQt0qxwfNXM4tAo7zP5S1rQGxej8YO25PzBavU3VI95f/94abymsVUE8gwchGaFTFu05heNNjPdHVwBn6RTezMo7EXrRveto+D6quPLKlBsCr+TdB47GZMnAI1mJcWj0/7fPS/iW4hp5k5nE1FDn+VWXDaoVkDs5AmW5Aq8O0Worhdp7HkKG0ZM5Xs+E3uDtyrBYKSpAa7FFqDsdE0TRolRup8wCQ86KYRiTdIbYAiiFi4nMZpUvhr9IopTl5+t0Ka37+VciiTSKonxXS8ns+UGmZhLopB0Iiwq6wLmD3HuCFkttoAHfYgWj5vOdzbk6zL/94nzXwG9esTNzD5N5jCJ8s12PqhLEBYeNxBA3i+Vfn3nLIsKfYyQBVMTZ2pq4605f7qfOO6q7R/+RXdF+lhyY4jyAPmD8s5M3E/aF3/1Cs3Jj/mx5Xpjv4kw7Ne6/l+Ko1Td5k+NEnijx7/MoocUQAQks8dsVfDq1fEMQbvS8VPoFenn/jU2GNJai9SUgRTxy5OHjWRUiouROUEHtWgE8jPhU3BYsqxddy90hod9Tbl0MYw2CQjEhovbeZTRWKFqoscFQFv2I0p2wGKafz50B3xu7h/h1Dh8IMNleoOKR6LLhuhPfknpYZjuvfKGJmM1cxwbfIF3Ga6JPxc7xMooJHNXKwBzNj6z0clfpaHXVGjEaA8CChlRVH9HoeFrwFOnuxxz4ulrdCHcUDMu87OUNbsEB6XmdK5U/xgUhBeLMbCNRLZkh99ALlFtDONLxayAkHqL/KEYzfRiSoZ/E3FM1ZFL3l9Yxhno18KwHLyhzDaA/ViImW+MF/6A4eudr9Wwcmx77NNpXoRwHZU++Qe9vgRxtJzw4W1V/JIzr39RsPrKISntArx5M9IpN3SvHQB3yCI9ZQPgl7NstVNLg+23Iktxt1WgfLNZtMrxmABA9NGCSehwgntMSlhAQkvxP0kCBm+ICgSTKTJn+GjMkAXUfpaHacO8Ieff/KTGKGyNsBTPFlUqX6qG3FZ6pcCvEIUmXARXkLsFmxrCo324QC5+M7bzHSUnGWCwF6+E9hY+fOySDgSZEH9Y3KJPaPXgo5lBB3AyU8pVsGhHEvk7vztLROB/4sGbyRmJhkY1pC6Lm0H2niHcPEQyRX/b5hPxjBt5wDFRNmC6daM4b3HrehmXUVDyNo53HOyKy43BU0dBbEOR0UvmK9SZRqjOrp1h+Yz97n7IdKLe4WI9KPf5uWyvsLHL6AbaLnP/f9t3vSr2nnPoYp+eGny0j8ryJyux45dkO8o9OBM37FZcGPSaRYfdr2F2q1HBPLlcfiz4cu4Af5ANE9u3XtLnv7TpJYRaVgyiIAmGwHhb+i8sPuPQAUNHGTstqFaek8bTndKS8cbC4RxUI3S6aJl2BFumf5coXNzX5avkKSVIeF0CcAOAv6ChPxt8l03R6O1uitWUSmseLWJTliRkDlTaGmgXACCqDfE/r2wncH7G4JDybXUeXyM4K1IHxv5aDnf5LZ8oPd/KVN5jZVc5rzLYvZnQVyphU/S0CnkmL8ueVdbyDfC1fQ/MeSAiicXpZi1bP6lk3tW73Xev5k/qO+qzB3PQrdcG0PTGrXlHvzNCcCCmMA/oUG97+7X+f4cem5UIYblXnCUmlE8zETijvENj4NtwE8SvBS8ZpVgHsuohY14z9XdDmlzRQ0djkkTJoImF4OQPTpRXe/IVDdV7KTnwGDPdcACTUTJm+78kPYZXLDmBYmQsM70LA0aCk15J4fZGuTUZ+P2WAYtA2eKzmzZTpdKaPcPTWozVfj1/VolQ3SVF66Wd7F2p1H4xvKafdYWxio+PNkDot6/O63miV5Dj6eN52L0vPKtz3xEzn5NHJb0uoPGqaxP+UT1tTrbarGXR5c5mwayU1M2p/9tIh4fzBfQShOgeLW4ieWqjAK7V+xUHrEnQ6CC9iP/TCdW/6xaw9J1pUmKLUWcCT4ocU1p1hWCZZFrA1YpyFGhiZQIejm8AnS5QNBfMY7Pu7Pbq33e4VTkPVBIF3c/i8b4BOvAi6VdKzlLuU35wV+DfvzZ8IP9uJpN3xGFACSOx9uUjCZufWO8d/Klbhxj6N6ywTeA9y4MUwKG72mlJx0YlPEM8LL49efIzdLGa8SfyuTyFWFwItAG9tggVIPMIi1IxW6TbCz1yNOkseN3CdCOwMbi/wQ0aTLgBus/t4dnxpQPcyYyWkjCuQptI497EbdlC2/ta4wmCRXt5zddukwmd+8OEKb1cq0G5VrciQ3x9oqqRNOafFBdEXluEgbAsnvpuG+D2VBZjSpTtg8dBW3owL5iv1BakSpKA6Fs4qKjLuaF86zxnD1US1nbQz/VGzzhcNCF12A6XYAxKV/Bdt7Pas8OYdvrKwvnUzht9wFVJAXF6MOLtUKBbfKLCmt5vdHEWZIeUctdosazEXJaAhFxQrEtWoavXxbReK49PL/+WGP4dbv8yj2i2QOhuMRGPlxDs1QIP67s67aAt4Qs1nVQ6/S8JmE5GwGwQHgqkMx23gQd4kcChVaFER3zBqhEMKEMFNJmjWLliFmxAHR95JY5Y/2B6ZLDi+Hk7Ovp7qgUm/mXu3rHDpGIG7t/h0aKCmHMvB0oVpn1jj+RiMRK6KgCq0kqxmj1CtrHo7F88bvIC8DLcx5Aht7n0NanN/KEI6QPggIscubR1Y7jWzMkbLtologdeBT/KAX2Lnaq+talAVwEu7RYhPsxoUOrD39mhseAKlRHfjWnibRTjPJFrWvOx0c6c9gBZ3R4B7qdWqq1QHx+TDWNLPPb2OmL92PN+wsffyI7t6dmKTVvfZLGSJa8GCBv/3FO4MZECwzBvAMUKe3MdA7x0bOw1LUh7VpJ6lrDWVoGvCXOGMzFwO3bs3oDVdlhxdp8oNeDnzHZ8e6SbWwH5firqn1OEmocOIbQ0hBtM6qcadrlx/2FYszOvRc917HtRFJw1N5bBjm+ICF6QaLN2E4V5LCMueWUcnAd2C5mHEaj7IvS3X/xbmpVWiqneP5Fd6IFjoBR+CbEYvTaDLMI8zoRzcxPwPxZ41HR/s/MLzuGlVAbT3VsdLFvER1koQL5TSxrXW0iYwHFJqCaXOxN20fUp3A8ejEjT0O8MP+O+79GhPDCVa6zsEQCeabFmEYWU0ciwd2gAiG7rzNNIC6wWlKgq20UjDAXPPQqAP0/erZ/CO1NksHuastmRhaF63afUdPw5ZvSR9onvUlowATBev/brn,iv:sQ7LEBu1jYmvOnFSNuvbmyscbqVTe8/zsc13CaBmDX8=,tag:vg1Czp8VkfBz+FOs+8BA/g==,type:str] - known-hosts: ENC[AES256_GCM,data:Ogz6kn5ARlLOCxvchQR2wUcmLz5gButmBOv+7ZuUW/WBLsxAbyqj3Zs3AK65LhhdrYNUh6p8jMPD2KrNx9F+jjy6LRByyBKzZEryz5JwbcbXyhHyqbBguQcVtImhQhhdB0cYtpqncEsxWZu0xcS3/XYYsq0FR51soP2aW0my77BVkw7hZ8Mdn3602vayPV6I7jQ+GiafJxww6jKkC6rjYue03b/IHjQJM8RcczTKMGLs1LsHdMdsDId81SI77HNpvlLjS4Af2cvfss1QZ2l7s7ZWQ1vBYcHb7mALAaEOybrbe6qKXjWZl4NxVuQ2td9TQZ2d8cj4bLq0XXnOBWS5OnSa8fAC3MNjaQnnlSEa2ByEwIDFCdAEs6VGUrdHuObgXdtXO83kfyYGWc4Z0yfD3HOUc8spau2vHuPXzT9DeRRx5Kv/HQQzrgOdDE+uiASOJm5WE0I02aahQrqdL2mCQC5BFbufegf7ckhgF/7QCQyrFVF4l14ifilvO6A9uYgIJFebLMrBhbTg6Z4h9xbAlMTH6WJGCIKH9C01j31xAINa+TqnLgS+x9B9yHHNzwGqs3LJCMYUJxS02rGJMd3hzUzDHbRTkhqq3/pKxLFfTR3jupnsq3aIuP28K53+XlKzE/FX61bVYhd7f8gHSiu4MyQNVEinOKIG9uoABNxhKOfmJtgfXKSNsOvb4huer3xR7Ee7TqoLG07hi2xGQmOCDLwL1nOeUvuyCIjg640gOxtRMEQ=,iv:waXsceFW+3WkcSyU0CNJlyajICVDUhrwTsLFGu7TJ/A=,tag:nr9Pv30/DKMgBV3mJLlvKw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:a9oJM1gnWUCdjg==,iv:JVwYhGdz3KnOssVpmuYm1OCjHOgqIPIc136s39YEeTc=,tag:c6bvRP5dQ6bv1G/JXPWKQA==,type:str] - credentials: ENC[AES256_GCM,data:WLpn5Q==,iv:z3TXgpd0njd+Kd2EV9Utkbri85kRjc5XuBj6IZCQ0dc=,tag:NnyM1iSI5VV9BRrZ+5ZXbQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:g15ruw==,iv:jElPG+7i0fwQmMKSJQxt2drAyZX9LxsRyb9fti9hMgE=,tag:qYQhpt3ztgEoastsb/pW2w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:sy4oyg==,iv:iMQSphqMN8xITh6Sc+gyseTMZXNdSAsn/yZRAFGzVC8=,tag:7ZjL8DN8Q3n54A8D13nn3Q==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eDIMYA==,iv:gDu+qtfSUUK/lPobhbHIGJy9RIwGCLaDcL9ynNR9Yxg=,tag:7jIVSY5IJbu0f3JbYy9gsg==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:xP3A3gU0lLHc0KIzuw==,iv:hOfbfYyssdDpFrzscZeoXxIcGpOi8HFxkH3wLT05a4A=,tag:nKYsHZ+M6BECFg6xIuhGUw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:2o2ZAA==,iv:7L5oiPAW+Mg8kNh7c3d4OaaTH8DifNE0sxCsUnZ2E/0=,tag:aSyY1zJOBQ58hmEHnTJkOQ==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:TujdHQ==,iv:WumxaagLETIncJZc7qNMmy6RE5tVxlnJJIjgZghDPIM=,tag:9DRwpbkoveJetJikYZfQpQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:VD0DIw==,iv:nXA5Xk3+Ipbs0rJaQk2U2+Hu+ScvEaZwW2HO1lNbsBo=,tag:+rr3wTPuJWSZpIbzf6NQig==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:gTHBdw==,iv:NFEcGO7pmTWcp1a1MT4Rh2pXKdVxPB4DsormS9teEd8=,tag:k7S9i2buiUMmYEe8K6GqKw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Uvl76w==,iv:FeEAn0TN85DsIdCKR8G9z1M0lEoSzSw18S7/FTZVv2k=,tag:N6d6aBnsfh+Ex4GDumkzPw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:W893GnL9,iv:HnXjj4x10rawvgAaQCMxuQ5ODI/+6KEcWkoWymX5n1c=,tag:fs2XSVQ0iET6+gAS/rvhhw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:oSO+gYpTvsVB37ZsveCjJZzjE54=,iv:e72hTHiHk/TopGorp6Ic4G2IHNn2i9Hx0NIaSBAHbHk=,tag:yH8X3Q45e6b1GVwuJ1+diQ==,type:str] - clientSecret: ENC[AES256_GCM,data:ZuMHDCn+fO4G0RqcL1FrjxVF3W51h2OiaqCZtmAlRTEY2BGmOnp4mg==,iv:F+LKRCNzCQjxp0VxpnpgfIhNleyWdn7Lvi0nR7xG+u8=,tag:vOc+R0OdpANl12RvcUIx6g==,type:str] - cookieSecret: ENC[AES256_GCM,data:6E/+7kOTwhKpJI1tY675voIm9FRU1sCv,iv:Mma+ILgL3iz6BczjGHggfBwY+FAfPb1ddg5g4L6QNZU=,tag:Sah+SIR18ouotL5XIp3IWA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:NyY=,iv:UznPqViLo2WQtdfjb9x4ZeikfyScgJFuW0IR8oJSBts=,tag:VA7Ylc+Gmy3QBk2z2654BA==,type:str] - route: - receiver: ENC[AES256_GCM,data:G/vKE29k4jXX9u8hbZN+6sYvTA==,iv:2hHgfHr/9ih4mZOHG3sjxU2+deyEel6dMkiJNLnbcao=,tag:JZSeUcbg/yoZs1MUarP1xg==,type:str] - group_by: - - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] - match: - alertname: ENC[AES256_GCM,data:ajFoZp2FW1s=,iv:naL8WZhGKwwVr/3g88nC3d6AlvdfAZTVbzquP5GrvLo=,tag:aS6NMPlgVRDgYpQWotrwfw==,type:str] - group_wait: ENC[AES256_GCM,data:1JCH,iv:L+6dATlYrACJW3Vic0oRc7gSZj7Cmu0h5Pvdz0fUWpU=,tag:ZVzDZfnmFMb/0lGa06A3gQ==,type:str] - group_interval: ENC[AES256_GCM,data:b8Q=,iv:CMxaAvO9BjR8WvVqUMhsaMpffwEQj272nDccHRdkaCA=,tag:zoh5Ub7y8ZNWV1zKHXersg==,type:str] - repeat_interval: ENC[AES256_GCM,data:SMHx,iv:/WM5JgJkAuZgvDLrktMUYwlbRGq+FbrDp0+uJCtKCZM=,tag:xy1d/IKmTJJK5Y3oeQqyTg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] - api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] - channel: ENC[AES256_GCM,data:04ngVfZj42VAUiUYLfPIbLKe,iv:dvaeNh7DRfjZBburqu5qKnQ83gx9tTWhWaVe4vhHyHs=,tag:G7jaKcHy7eFk73kYXn1WCg==,type:str] - username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] - title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] - text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] - templates: - - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c - created_at: '2022-09-28T09:15:01Z' - enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== - gcp_kms: [] - lastmodified: '2023-04-20T10:37:17Z' - mac: ENC[AES256_GCM,data:8Pswl91VPmvDG0tw0MleSlGo2iq4H10+4SZ0kZBD4szD+tkEJtiyDrvBSzfNv69jiIqpY6gyI2W9ulENwTZ6HOLqFV0ejNnpaeL9KCmeNhF1i9TvJyUQKdcLSuiIqR3GMpj2g1Utdv8NKOziYc32SoTYlbjH8JjZs8//XvvH+hE=,iv:KmAjxFkWL02WTT1NMKshiB08onoE9uAyZXJTPujy1cI=,tag:aVIZ7PEG+DGhgVTh1/Excw==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml new file mode 100644 index 0000000000..dafc8bcc87 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml @@ -0,0 +1,104 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:nwpCI9c4oqobrw==,iv:gX93oxvlfk6phIcpRWpKVXYiLx9fDhJcqtuP8GGgUyg=,tag:P1Bu6m24woLGsZ9w8c0cgA==,type:str] + password: ENC[AES256_GCM,data:HzBgRRZlV2T4f3hivw==,iv:JVh4FZuGoDexZ5XV6H1dqnv6WRU6jad7gNxG+6RD+iQ=,tag:8jvKBeyexrmqLk6w69j2aw==,type:str] + flywayUsername: ENC[AES256_GCM,data:cBbQtzBysPNEwQ==,iv:3IgeXRaQ/9dc27+acIQfMS6U+JgezkHuW9bdShNbpek=,tag:RwAE5Og/NAtjoWmejQTQoQ==,type:str] + flywayPassword: ENC[AES256_GCM,data:8rWw8pTNhQZQ7brh5Q==,iv:F2uwBHSuxDw4ReOzmV0qlFQCoGbXg+3YNlhucVdDxho=,tag:xJjhWS7BywjBaqngRMblYA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:bQa3nu9fsQ==,iv:v+Qm4c3YdBuQSJqxZhktm7x29a+mbLwHyQC+dqzPxPc=,tag:7EWbZSkavAkF1cid9iA6SQ==,type:str] + password: ENC[AES256_GCM,data:QJTPLfp8VTo=,iv:cEyo1ZY8I+Vs7IslHaFSpIHFzorDq8Y5azujpCxNTGQ=,tag:5jy+aoeSLjiEhEDNFTzDPA==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:jzjUoSq4wLdUzaaXKVJUDIn9gTw=,iv:aEg3rS9vPGiMhbFQB8VPH+Aalfc5j0rc5qg8jAo6oIs=,tag:Ch90e0CjgDC/jdNlogUKQQ==,type:str] + aws-secret-key: ENC[AES256_GCM,data:L8flKyKsLJbl7uoiwRy2VTmiLYdwIKwSha7p4nm+eMBFqltUjDXwhw==,iv:n6fliyJi7qGTSdCZi5VeTmlAFWWotwxaCMCCgJn2tQU=,tag:2bZFSbBXB+Rzfw2B37OYuw==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:/fTo+Zv20dZK2A+k8pLR,iv:aC6yKvKHY+KcuE3ngkM6iraFg9QG6lhilTq5Wr0KZD8=,tag:qapA1DZO8+UABE118X0Pmw==,type:str] + account-key: ENC[AES256_GCM,data:HRouu86mINit8e6PC9NAUAkFFBotnWzziCZ6Fx+D8lSksicJXVT/Q1lRfPDZ1yTKSIrtPhHezaeFGDLX2p0+1YaELgbb0vamWqSF/Mkdcyj+OsBJ/Ab6CA==,iv:fz1L7vdC0eEFHgVwxO3zZECJk6mspuyfOTvqLWHfE1c=,tag:KGmzmjEYTv8+jwM6EKI0+A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:rMYdABW5C148da4FUgVuY7ZupBQdmiphtpqQBkHPf3xe03XiBgkz,iv:qGR75qqYakahSxFvRsZJkpNdQSS+Am6h8XfJSuDKVA0=,tag:cTMCTdNsrO3pyh8fxLJHgQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:NQFMHqFQLaRzGjmGCUhHGw==,iv:GLs3FwllF+ZyqjjlfstHhyaMB4DyhR0L/esxgQy26wk=,tag:2sVT1A1gQVqglXXv0WUZsQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:5by2kS7SfCvpfa3KASWF4ZE7a1rOXInJeX+AvL15Tgw=,iv:0tQnlUuMNFPhgAU1ysaHnjvdaztbK+WTUp/bIT4l2BY=,tag:z4088rVlJ3n3sFj2uImhsA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:vp73jqXWHZgy4RnzIxV4,iv:lSKFsWe8s60wFAmy+sUpuEsMuWCjp6RUig4Lr23gj/4=,tag:v3mF4wK9FsBWh3eKXFPT0A==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:RqQBQEfMrX0JllA=,iv:AD3mPZrwDu16ABCBEpTHLze100S7IYezwdrmAB2aEMI=,tag:snzLkWWznoshO2hOZckgKg==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:IG/X5GcND7w=,iv:jj4BLsWwDktw6QYBMVgugq+lkQXIOO5FvtZ819OClrY=,tag:3bbf/GWUdo2sG3xipIEuqA==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:EL9NKv9N,iv:7GTy0xl7hy0U+DQ2G6jLu6FXbzueGn5QlQblTTxP9gA=,tag:09YSZkG9V224iNFY4WOZKQ==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:uqlSMbvrmyU=,iv:a0d6/FtLMGjQ0OZnVgMdFoBqfPN5mf3BZwHSrJEnrQQ=,tag:BFP36kqGN7zI2B4exV1tog==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:arJ6vwxg51MGUNga9swPqVKOYtld403LVx4=,iv:VyPvIZ4HJjkJx76MyaXJ23tFLGrhA80rXc+6yo5W6Xs=,tag:XhocZ4xsKkHCCcFIprXsnQ==,type:str] + admin-password: ENC[AES256_GCM,data:Hd51DzFxqCom3ggX,iv:5yiXvn+Z3YsSkxjtmiPrpoc3MMPzq0TEEel8flaUD3Y=,tag:SD5Aggt0Y5TN8n0ag5ZW6A==,type:str] + read-email: ENC[AES256_GCM,data:65WyuUsEYXj4dG8AnN3tnvx54+7HZV3jKw==,iv:fIuVHfWt3+CmkvU/DBbq/g5Qo1hkC7LJ1W/AFrna+KI=,tag:Pgmy0FoT8EUCWVclC/h+qA==,type:str] + read-password: ENC[AES256_GCM,data:/3eWB2RF4pfFxaCS,iv:55LiBzBphNnyeNrO0u5ehVZUp6MMojcMOW0LBDPCii0=,tag:D0py/aHpJq4WwnZ9MjZPnw==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:46bJ7nUvdV/M7CnWdPgBxQ==,iv:dx2wFvV4Ju5PZEj6GciLi2FFuOxhBtoShrfKHUQjAXY=,tag:YDVaak9VBXMiLprxAKp5Wg==,type:str] + master-salt: ENC[AES256_GCM,data:tYKf60n1mpE=,iv:PSk2Usy8trA1VbGG8W7LPu+3bzYhkm7AKcEGr1m4WCs=,tag:s7tkJEtxSLQkLMttG5RL8g==,type:str] + master-initialvector: ENC[AES256_GCM,data:MvqUjVVn2wSlsz2T,iv:BASbCJYjRPXlPpfsHrItQBDRXKmso3rtv0+pLi3loqk=,tag:gaZpiS85vBXx/o/Xg4JWpA==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:1MtNDbYpADWsK2L238HvvCy6As08q2Rs0qPUwpY+rVAP,iv:uIhxY/Dz9j7SANLQEUhnwnMMVmItU3M/+YJHV0GLTNw=,tag:b48wR+tQ4rbr+zUAnAw+Zg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:4zAytAbBZao=,iv:fHdEHzSCbGtB2pIEMHmLYsM3Xhk29py0GxqDj9jlln4=,tag:iIO1/UDGM4gWU6+kTSrnZg==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:Ib3op/+PYeZXOcVx9kqIs5dGIxM7bNmCCNsNr+VcpSFaxGuAZXEooKXAUFk6LDKR8Az+eJ/YDc6Se98y6pgjmgaBSppzk20av10wOPQCxK2mrhkI0YYp3l8N9dZcimAp5npulNHkOhXmt69TlE+NZOL+OFiE1GAsRz1OKfg2mhdLGfg0d1cPxm4UJmu1eMNK+yAFnUwu2dbz3Wgufv55D7amDXe5BxpG/hT+QHJ6G8yKwaaJRVW0XFS5MEL8mfzPzxtgkEfb+aD/CtrFiMn5LEN++qnoEjkUwflQT/2cKUwmExfvxlVlWD5RLUNk9bo2UZxxMeRFFcZOi48M6/B2FLdzn8yslkZrNlCk/8hP3beBKJV7Ddm93Pnn1TvLmRX1Do97EA23zqiOm8M1sEHxos6QYsIwuaQSJ/D21zEAob8ELbsXyY22bs+08xYj/UGeFvtbVEL/ODcIlV5D2CCMwaB9h5OaeyqHQgQ2/ow/IiqHOQUv3oLmn22XjD02QgauSu6zbPnBRYxddpooRk+HbeQQ122JIqh9JAxaBvmbvyKSfm9al5aEj12eyc90ruMMew1UjV7RyWfkp9D1/zwYMp2NQA5EOGZslXAbKc1mmdHunFQAeaxBnLQRK1dQR3fNoUlqq9rKC1edshOF+V7ks+XlnI/suA6iPM2OIdOwl4bUglxhzF+q7mrwrXILdxWbZ9wtpXig/d7G2KFKufWhzVdjAGwQYcYYQY+FtfnLfQcTCBb0HTjP0z30EGI70m8wtZw5p/0g4nM1IvuCefxXmGDB0V1tqVhrmDwiVSGwhyDXq02kctFnARu/G9YLw/6TRIjp4w4DmZHrV97rBDVOLTSD1ggVWONhAjAKffmK0u74dmdQrwhBiXzGrXsBwa5sjS2BRKpMJoEmrOAYhWvmGqLjjUpYRB4DNwwERHUoS7pMdHzOS5mFC5AZI1sCRUCgLua0vc+VwKSZorEHvl4Wv0TKTVBh/5Gc8JLb1oEEC0zX2n/bUW41B66WDRbbl4gZJshIo60upI0xGcNHBJcARjFSacqTjMS2Twi+3aQiHlzQaPQ1txV9+qLjU9T0ThkRl4cM3In08by+mN61wZyZF97JoM4cRZFs1IslqEZgI7eCb0ap44HX6F8ubpk20+SHTBDFtV9yx37SFwAWxg/2m/xMeebAlj3uCBGUQrBYjvUA9e3tT9SFuWEVKgiYHtaf3EnOpeID+3wZKnkSZb7YxZh0O/5B8h6qynkbuOWtPiK1xuQHdIO8NuBT0D71D7bKzQE+33l3Yx9EGKrowu24B3Mw0L7ohIDOin/HCO9Dd5LanO+GQxlbx80i6joUEy8HJS8dUgRpVC9UNr7zKHsNMIViiGqtPZQizFNYn++7mMFCknqBedwxp+UywSOO1FAzvOfoRwEda8yvKqiI/fLK/EnAnFj9Eh5vHwZ7xiXgPxtyLwio6XjFwJ07Z2MM5l3d2DdLbm+hzl3dxnCotWNQGuG40A8MiuZRZltk90mz6KCDm0/ahLtd6X6keteU+yLiVS/u6HkbtdJzSQGJ4tMthJ8WIRSCbYqLp9s5vu+7qIbNTxfw04qFnxUqgCTRjHXpdaANcMaFTSRApCMEsi/cGNtI6frTH2Try3TlKLXfzY5kXAqLrUZh6NKtKwD/ffNIN/iptEeg4rQ0luFlCJwLUQ6GS95ati3q3dd/KD96pykLDTM7gn+WtC3AbsK9uBauqB6nV0SrtGcKje40Wkanc4apANiRlYWRD9cE3cPGFcipwjY86qrhjzawG7hLB+rwIh4sDFfrY0InP2btpwysrEA1lMzlBNy/2et/V6IMfTd0LaJqcvafYZ62XCB4QHPANokE4tL9GtgOF8ezD6/SQFhuRDoZ2WpMEkZ9A+/oNUQCBM7cDrIAEoJ0zWOvl2+xSCruXZiqSwaNuaU1oSntxxBIM8IhKrD7u2iqr8AqOmnOqOoDdHj3oj7nri+0TTGFyHQ8Y2HuOTyDciGhWn2y3K7k8h+sEwk4jWxJ7TduuoQx+jbVPBknqfcGt++qmXeVyJfm4COwVtK6oituYcg2gaTN8aw0OK6QUyv0iCxu+zw5yC8AdWgCYzNoa5Vut/T/wZW9nAeFlol/pscSP/v4P5eETWIanAtr9lPDGUKSYYiNM/XDZLPyWXvLE8vsXuEr+oxSLggHm0R/49npPqyFimNUV/yaY4yspOqhSiVSdE6fW//Pbdtgm72C45Nd6kETyUErGqqKmM6qjngOfa8ALt+DS9gE0bDm9dni24Pi7VzRx4W7VC5q/KG8o7uzstAZwSlqObEK9d93TuYDpYIWvyJSKruz3rGxRA0jzFwiYOvY4cSnLCcc5j/ZLVtjFsEK5zY7Pa9zAo99+oSi/iLLOAhk/1GBSG4deSeeCiF6NvXVdswsRU+TVgyso9LCSw+hmrPvdiy+hJXN/lPFjqZRAop9vUkA8+Jayz9l50MqBX2e8gUykTe9EPFnb5hE2DLIsUa18wSgayZjrdr2+VYV6MDriauGEVFQP6xL0V3X95uxGDxs710ZeO1LI9+aCWQhUbQ7hqJy08rLK6uExlXdocP9hTcBI4Edh2k9J6z7/9Spy04HQLHxe6NL4z/zTkJRz3WO1B+vHbmSDUFly2eQ3J7bPtz6i+JWa5K5ocHfUoyRBN7USAecbKhu/fMnUvQ323IG5sCuxvVKG5BFBHmNqGpBusVIwQV4fp6FW4RdX1JnG8xZKkDE/FkBgm0PriEnlW3RJjNyyl/bMAYZ+CQgmOmmVP3aTxemVzVe60AreYi1pQe3bffbNdnyamhIoKs6irca92j2UIp4Fy3QyBdZnA+vEz4E1qPgP63EQZBSj31opumU4fmwoB4di7P1rXaO6Rz/Fpz/qnAHBq1a6X2s/fXzMi+hQ9qyO07by/lySN5D5OFmLNLYXoy2MUXjwv3D2nlHemxzJDnmPVWhJbeu00lrjoT4/zs8J0D2d15aYluWvZoBlNK4UQEoUBhE+LJGRm82CQdUvCI0nVrt/870QPP3nAnM+5amoe/zd90pFyR4BG/gj8+1VQoJ+qwEYZIcwNsM+Ivxr0souWB6xgXV0YcCHs3t6IHqbvNqreP34C/PaxeX0qUcdr/7KFfiJ5RvsuDWcicYntQCHhzkaaChBA5dAlcOQE+S7Z+2hRCgdYOWhP2X2thzaCfDGSIdtEyvuCKKACOuh3FyZ+sl+DGRCp33RpE7INU3uzBOrH5PYhnempUs6mtXyD3itLd5VxIt6E4FM++R4WwHXKLJvJEQK+U35cG7+wwEONRcnbALo6sPH+pvxDwF2v98QiRoCY/gfvXDIwJfbrE8DObe3ni5FGGrbUbk6JT1KHF86+cH+MUcOYwHGhxVm7CPOfF9qKcL5efXkcZutJizKmwvMVzNlbKlm5XqTGfz/k4FjnWoHTpBxwJLchlyQsSBrnP3nBYIIcQuFr+0d60fUe51deM+nxLIpXNl3NEWdoPoOVaG1IMELIlEEtZ+7bNmPDm1c5FlngnGh7DiBbB0F5KXCR5Wb3wLKrZ8njt5SxbuadixE+PqUCJXc92PhgC9nejVJArRNshgy0Rook/4gJ/O36WJPvS2mLuhh/pvgkZZhhESYsAn8Jeig+ZDl36+cj57WjzvFfYcmCIzTV2sLLLPYArpgoeZeZb13+O4x3f/1rkBuqNgcan71b7QxE+KPXEuEdu4QIy89UBO25+HnntBahCYc/Faa9qtCzuGh/c/L5ABbA242nWA2JKjkUN2x1vwz7dShoQV75myaC3SO1RqkF1e8nzsjZlN+RQ9SZ/Egnke+CgVOhEMTHoHTIh1RAtT9qlUnrE14iJQKo//UdIIBafUlpT6V7HuOdfKwa/Pd/70xeMAUbGl1Oh9Vfwy+wLN/x28wWfAR34n4bljzww6y1im5U47zKXFgW2ctCmJNdOIt9c4BZ7xCCxwPs9zl04UF5IttSI1VcLrtHfPJZS0DJj0pk5J/b0AFB2OyYrGCpZpiCqYaXbaMIg+W765LQ2dF25IYHg3neaWwUFX3IZ43x87aEqNfC0cxDHajdrMGuoeo8cpfEMvh/WxgdswHuZa5RAo9TtJG7N2RAV3n2oW+C2U4BVfl78Bo5yuFap1L8PwGAYX1hE5ubz4z43wo6u79Gwf7qlT2T+3jFLbi4Kbz3UeV5I/UfVewSVoRaHEJLBdxMzjzLeekcdo7KgjXX5h1rlGGlefu2ptmzKLyJzMZqzoKInv243A0fvdiZ3pFeyaNcTjHMFuAZZjhDh4DqTg/PGZSAboOEqxF7N7JU4D0culgnYhqYusy6mExYKP,iv:kEPfOn5qhc480InM4O9LCmMslEGNL5oaY9Jo+O6ADUc=,tag:g8aLBem2SMQRlmv54uNZTA==,type:str] + known-hosts: ENC[AES256_GCM,data:Ogz6kn5ARlLOCxvchQR2wUcmLz5gButmBOv+7ZuUW/WBLsxAbyqj3Zs3AK65LhhdrYNUh6p8jMPD2KrNx9F+jjy6LRByyBKzZEryz5JwbcbXyhHyqbBguQcVtImhQhhdB0cYtpqncEsxWZu0xcS3/XYYsq0FR51soP2aW0my77BVkw7hZ8Mdn3602vayPV6I7jQ+GiafJxww6jKkC6rjYue03b/IHjQJM8RcczTKMGLs1LsHdMdsDId81SI77HNpvlLjS4Af2cvfss1QZ2l7s7ZWQ1vBYcHb7mALAaEOybrbe6qKXjWZl4NxVuQ2td9TQZ2d8cj4bLq0XXnOBWS5OnSa8fAC3MNjaQnnlSEa2ByEwIDFCdAEs6VGUrdHuObgXdtXO83kfyYGWc4Z0yfD3HOUc8spau2vHuPXzT9DeRRx5Kv/HQQzrgOdDE+uiASOJm5WE0I02aahQrqdL2mCQC5BFbufegf7ckhgF/7QCQyrFVF4l14ifilvO6A9uYgIJFebLMrBhbTg6Z4h9xbAlMTH6WJGCIKH9C01j31xAINa+TqnLgS+x9B9yHHNzwGqs3LJCMYUJxS02rGJMd3hzUzDHbRTkhqq3/pKxLFfTR3jupnsq3aIuP28K53+XlKzE/FX61bVYhd7f8gHSiu4MyQNVEinOKIG9uoABNxhKOfmJtgfXKSNsOvb4huer3xR7Ee7TqoLG07hi2xGQmOCDLwL1nOeUvuyCIjg640gOxtRMEQ=,iv:waXsceFW+3WkcSyU0CNJlyajICVDUhrwTsLFGu7TJ/A=,tag:nr9Pv30/DKMgBV3mJLlvKw==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:KzAdXHplnYzx,iv:5UMyz1mzhw1bPE26eM4j+yaMO/kLtbLVhzfBbcCCMi4=,tag:xDRfb1m+r5b1DYbBNvVzqQ==,type:str] + si-microservice-password: ENC[AES256_GCM,data:2C1cEQwWEbd6zw7qaA==,iv:XJe2iPRN4fLJWt7d5kgvELjEq/h6eVDARoBBQAB9Hz8=,tag:Nzwwo3x5bnO3Z7HaruuSNg==,type:str] + mail-sender-password: ENC[AES256_GCM,data:IW/O6eBGxJObYec+RUCGn+g=,iv:FJRetFAyJgYIgG3IDzEHXtE6kPJQZ/hdGH9Dw8pxVJ8=,tag:PYK3rV/MlKu8+G5gcBWEkg==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:7WP/8D8jfjJRo7NYYkmdUHNPdON46EeMpksOOw==,iv:8kdM13I9U8KOy+1CKJikDrsHiYm5HW+TD7CDAXlGcSA=,tag:6ws8o8EvrNWicu3scDaXXg==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:gyuOoRvgk3ca/ZLVpBMhGQ==,iv:raDswqsZ8jiubc5PEQhroWK2+JpgQAeiVMUroVua5Vw=,tag:jach1d1HHrxJKisXYfm0lA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:rSmW9gIK+A==,iv:5HE7+aZpz0hRh4jV3dlBi8Y4JwGXen0nmdRsgFDv4W8=,tag:u5e46aZj2aTZ5lPUjjIs3Q==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:L3aW5wHMLA==,iv:jgXbyEkHpVRFLMdLt3/FJWi9uV2qviTqK7c5ipGYueU=,tag:llTj2KBxknvwiyJTqmg0iw==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:erhNuB5VU7DyvZ430So8,iv:rx87Q7sH3/wXbaDmnb2tlN2zc3mKucW4+FEx55MQPIY=,tag:N1z9BQ+c804rB96KiW1aaA==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:9173soI8/osecjonWZ155bG0ylLFERMDjs4aGZGXgjM=,iv:SwSAX/HOca5gaK+nLq/QOSMCD7nj9RayMa1By6GKp7U=,tag:nV+QDyL+nsRogDNRmOQ1/A==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:phSZvfrq,iv:Df6+6SN353iD781dlG4ch8tsxPgjUOwsNiLS25zoy7o=,tag:iYmDMHr29TEiS1Gvo0SENQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:JNg9klH7ZFY=,iv:bPLkQTUFyXOI1cSjM5IxaaWkFVRdvEr+0AyZrfVeCBc=,tag:UZlEn3Kd1Kf2AWw2PYCWgw==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:0PVjPJLu0aTz5zw=,iv:enlfrljM20c5G086pfeW9Kna3LplGH2CgXWe7ctKLTo=,tag:JWCnxMUVXExHs25rseijiw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:UG5JpgMbgplk,iv:+b1QEu2y9btdSSdUGWVMThLADdlhQrioU/AGk6pGmcA=,tag:w22Le6qOFlk0YkCqFDUEhw==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:W893GnL9,iv:HnXjj4x10rawvgAaQCMxuQ5ODI/+6KEcWkoWymX5n1c=,tag:fs2XSVQ0iET6+gAS/rvhhw==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:HIsimknr8dB8ph0QdhPiHgOX/K4=,iv:snnML0VoNAWvhPSw8YIpxwWXghShCwdnCqN58ylGRYk=,tag:m9ZUR8mMvKz4MZXARKySaQ==,type:str] + clientSecret: ENC[AES256_GCM,data:PuWgeBTp1223+TASnJ79AqK69VSAXF2j1uL6BQJU+if7LeXUBo45PA==,iv:7qcMYvugbEe3+oonj6q5XoALolz6aNaSOnAOtpWeWpQ=,tag:dPKMkgHcYbfp+XNFAG1RFg==,type:str] + cookieSecret: ENC[AES256_GCM,data:6E/+7kOTwhKpJI1tY675voIm9FRU1sCv,iv:Mma+ILgL3iz6BczjGHggfBwY+FAfPb1ddg5g4L6QNZU=,tag:Sah+SIR18ouotL5XIp3IWA==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:dtCKbd6BqMqT/IRZWD6kkK4mm1s=,iv:a2di3OXB+n+/SEIhiBLjXuN4mLtxysypiSFaETBnTQo=,tag:dJolFzpCMxXgFrvcGyGYDg==,type:str] + secretkey: ENC[AES256_GCM,data:u3xTk0nnk/8iv3JEk6G8GmV37TYpepwmveHboNBzVbhzSaZWikdBlQ==,iv:BfjP4DHCkn7X81noATswh4P9uz2l3aODsw0+oZMjn98=,tag:AI+cCTvMoWuEhTI5Gmf1rw==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:NyY=,iv:UznPqViLo2WQtdfjb9x4ZeikfyScgJFuW0IR8oJSBts=,tag:VA7Ylc+Gmy3QBk2z2654BA==,type:str] + route: + receiver: ENC[AES256_GCM,data:G/vKE29k4jXX9u8hbZN+6sYvTA==,iv:2hHgfHr/9ih4mZOHG3sjxU2+deyEel6dMkiJNLnbcao=,tag:JZSeUcbg/yoZs1MUarP1xg==,type:str] + group_by: + - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] + match: + alertname: ENC[AES256_GCM,data:ajFoZp2FW1s=,iv:naL8WZhGKwwVr/3g88nC3d6AlvdfAZTVbzquP5GrvLo=,tag:aS6NMPlgVRDgYpQWotrwfw==,type:str] + group_wait: ENC[AES256_GCM,data:1JCH,iv:L+6dATlYrACJW3Vic0oRc7gSZj7Cmu0h5Pvdz0fUWpU=,tag:ZVzDZfnmFMb/0lGa06A3gQ==,type:str] + group_interval: ENC[AES256_GCM,data:b8Q=,iv:CMxaAvO9BjR8WvVqUMhsaMpffwEQj272nDccHRdkaCA=,tag:zoh5Ub7y8ZNWV1zKHXersg==,type:str] + repeat_interval: ENC[AES256_GCM,data:SMHx,iv:/WM5JgJkAuZgvDLrktMUYwlbRGq+FbrDp0+uJCtKCZM=,tag:xy1d/IKmTJJK5Y3oeQqyTg==,type:str] + receivers: + - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] + api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] + channel: ENC[AES256_GCM,data:Bp2uVjR3+mts3n2Q0RZA3jTnw34hdg==,iv:qrARYPL00Se1AIucwDUuUzebsFe6qNzZLCknFMeiN3I=,tag:SC1iaOiXoBgamMadBhB2Yg==,type:str] + username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] + title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] + text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] + templates: + - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c + created_at: '2022-09-28T09:15:01Z' + enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== + gcp_kms: [] + lastmodified: '2023-06-27T10:21:35Z' + mac: ENC[AES256_GCM,data:Aa0aTWz7UiE5AuOX0NKoiQ5jub4VRm+Dehi8i7yzUgioeyXeBP7ffqa8Idd0FP2N6U1XSeQRktHoC2v6PhzZRS0l31cjndX12z+8vQCqaDhJuM7mRydu2lVT5x28jnz7jEE0rnYSeqUbhqzdLVD8zZMorCfFYBP4oRDgeYr8J2w=,iv:VfosuSFuhVKnADxjJ/yixJJ1L57HUHfpSPfBAebGhpo=,tag:XjHMNbxvnnonQyViy5SbqA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml similarity index 62% rename from deploy-as-code/helm/environments/health-dev.yaml rename to deploy-as-code/helm/environments/unified-health-dev.yaml index 35fdceb234..9c1d0ca9b9 100644 --- a/deploy-as-code/helm/environments/health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -1,30 +1,31 @@ global: - domain: health-dev.digit.org - setup: fullsetup + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup cluster-configs: - namespaces: + namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] + root-ingress: cert-issuer: letsencrypt-prod configmaps: egov-config: + namespace: [ egov, monitoring, health ] data: - db-host: "health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com" ## Add db-host name eg: egov-demo.database.azure.com - db-name: "healthdev" ## Add db-name - db-url: "jdbc:postgresql://health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthdev" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "health-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://health-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "default" - s3-assets-bucket: "(pg-health-egov-assets|egov-health-playground-assets)" + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pb" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" serializers-timezone-in-ist: "true" @@ -34,11 +35,13 @@ cluster-configs: spring-datasource-tomcat-initialSize: "1" spring-datasource-tomcat-max-active: "2" spring-jpa-show-sql: "true" - timezone: "Asia/Kolkata" + timezone: Asia/Kolkata tracer-errors-provideexceptionindetails: "true" - egov-internal-microservice-user-uuid: fa0f820c-49df-46bb-8e62-8a0ec5d9af5e + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: + namespace: [ egov, monitoring, health ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" @@ -149,9 +152,6 @@ cluster-configs: stock: "http://stock:8080/" facility: "http://facility:8080/" service-request: "http://service-request:8080/" - - -#>>>>>> Frontend Servies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -283,95 +283,118 @@ egov-mdms-service: replicas: 1 images: - egovio/egov-mdms-service - mdms-path: "/work-dir/health-campaign-mdms/data" + mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "health-campaign-mdms" - masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" egov-persister: replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch egov-searcher: - search-yaml-path: "" + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-analytics: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch dashboard-ingest: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + report: heap: "-Xmx512m -Xms512m" tracing-enabled: "true" spring-datasource-tomcat-max-active: 5 initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/data-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/format-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlcertificate.json" + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - db-url: "jdbc:postgresql://health-eks-dev-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthdev" memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" + heap: "-Xmx128m -Xms128m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: erp-host: "https://mohali-qa.egovernments.org/" egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m + memory_limits: 256Mi + heap: -Xmx128m -Xms128m + +fsm: + memory_limits: 384Mi + heap: -Xmx384m -Xms256m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: @@ -385,7 +408,7 @@ redoc: nginx-ingress: images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 replicas: 1 default-backend-service: "egov/nginx" namespace: egov @@ -393,30 +416,21 @@ nginx-ingress: ssl-protocols: "TLSv1.2 TLSv1.3" ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: #To collect the matrics data from nginx-ingress. - enabled: true - serviceMonitor: #To enable the service monitoring of nginx-ingress - enabled: true - service: - prometheusRule: - enabled: true cert-manager: email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - + + zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" + memory_limits: 768Mi + heap: "-Xmx512m -Xms512m" + java-debug: "true" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -426,6 +440,8 @@ collection-services: receipt-search-paginate: "true" receipt-search-defaultsize: 30 user-create-enabled: "true" + heap: "-Xmx512m -Xms256m" + memory_limits: 768Mi collection-receipt-voucher-consumer: jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" @@ -438,6 +454,8 @@ collection-receipt-voucher-consumer: finance-collections-voucher-consumer: erp-env-name: "qa" erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi # rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rainmaker-pgr: @@ -449,6 +467,17 @@ rainmaker-pgr: comment-by-employee-notif-enabled: "false" notification-allowed-status: "open,assigned,rejected,resolved" +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + pt-services-v2: pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" @@ -471,14 +500,16 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" egov-hrms: java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi egov-weekly-impact-notifier: @@ -499,12 +530,13 @@ logging-config: es-port: "9200" jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { "service_strategies": [ { "service": "tl-services", @@ -573,7 +605,7 @@ redis: playground: replicas: 1 images: - - egovio/playground:1.0 + - egovio/playground:1.3 # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> fluent-bit: @@ -583,17 +615,24 @@ fluent-bit: egov-infra-log-topic: "egov-infra-logs" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: - - volumeId: "vol-04252ba788d687a32" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0999233fdb43fc001" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-09555d5b6f7474fd1" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -604,59 +643,25 @@ kafka-v2: minInsyncReplicas: "1" offsetsReplicationFactor: "3" -## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#kafka-v2: -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -#kafka-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" -# storage-size: "75Gi -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: + image: + tag: "5.4.1" persistence: enabled: true aws: - - volumeId: "vol-0af907e3ec6b45dff" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0c8ed5253e66a3b99" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-08667160508016b62" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -668,50 +673,6 @@ zookeeper-v2: cpu: 300m memory: 384Mi - # zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> - #zookeeper-v2: - # persistence: - # enabled: true - # azure: - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - - ## Zookeeper JVM Heap Option -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< -#zookeeper-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. - -# storage-size: 5Gi -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - # es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> elasticsearch-data-v1: @@ -720,60 +681,19 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "vol-0471fb65377b31af3" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0d312161f24d7608d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0dcb03521a8befe8f" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx550m -Xms550m" resources: requests: - memory: "2Gi" + memory: "1Gi" limits: - memory: "2Gi" -## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# -# esJavaOpts: "-Xmx1g -Xms1g" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-data-v1 SDC<<<<<<<<<<<<<<< -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. -# storage-size: 25Gi -# esJavaOpts: "-Xmx1g -Xms1g" -# storage-size: 25Gi -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" + memory: "1Gi" ### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> @@ -784,13 +704,13 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "vol-08afd24346fb136f5" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0c94e7b9cc22e555a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0986961f7968b5cd5" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + esJavaOpts: "-Xmx448m -Xms448m" resources: requests: @@ -798,48 +718,14 @@ elasticsearch-master-v1: limits: memory: "896Mi" -## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# storage-size: 5Gi -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" + +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "dev_readonly" es-curator: schedule: "45 18 * * *" @@ -850,19 +736,3 @@ es-curator: jaeger-cleanup-enabled: "true" logs-to-retain: "7" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-devops,health-dev" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/health-campaign-config" #REPLACE with your configs repo - branch: "DEV" #REPLACE with config repo branch name - dashboardsFolder: /work-dir/health-campaign-config/monitoring-dashboards From 5c0236062644054e1a2d9e6791841a987925a35c Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 4 Jul 2023 15:41:16 +0530 Subject: [PATCH 222/742] updated charts api version for prometheus-operator in unified env (#1789) Co-authored-by: Harish-egov --- .../templates/clusterrole.yaml | 2 +- .../templates/clusterrolebinding.yaml | 2 +- .../crds/crd-alertmanager.yaml | 8479 ++++++------ .../crds/crd-alertmanagerconfig.yaml | 3965 ++++++ .../crds/crd-podmonitor.yaml | 449 +- .../prometheus-operator/crds/crd-probe.yaml | 653 + .../crds/crd-prometheus.yaml | 10769 ++++++++-------- .../crds/crd-prometheusrules.yaml | 133 +- .../crds/crd-servicemonitor.yaml | 829 +- .../crds/crd-thanosrulers.yaml | 7173 +++++----- .../templates/alertmanager/ingress.yaml | 14 +- .../templates/operator/clusterrole.yaml | 2 + .../templates/operator/deployment.yaml | 5 - .../prometheus-operator/values.yaml | 12 +- 14 files changed, 18550 insertions(+), 13937 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanagerconfig.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-probe.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml index 68c09f4c8c..6d921619e4 100644 --- a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrole.yaml @@ -1,5 +1,5 @@ {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml index 1a8b7b3998..45135e4ff9 100644 --- a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/clusterrolebinding.yaml @@ -1,5 +1,5 @@ {{- if .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml index f7c5215214..27a4d00bef 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanager.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/master/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,4459 +16,4458 @@ spec: singular: alertmanager preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: Alertmanager describes an Alertmanager cluster. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Specification of the desired behavior of the Alertmanager - cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - additionalPeers: - description: AdditionalPeers allows injecting a set of additional Alertmanagers - to peer with to form a highly available cluster. - items: - type: string - type: array - affinity: - description: If specified, the pod's scheduling constraints. - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the affinity expressions specified by this field, - but it may choose a node that violates one or more of the - expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets - all of the scheduling requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to the sum - if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches all - objects with implicit weight 0 (i.e. it's a no-op). A null - preferred scheduling term matches no objects (i.e. is also - a no-op). + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Alertmanager describes an Alertmanager cluster. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the Alertmanager + cluster. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + additionalPeers: + description: AdditionalPeers allows injecting a set of additional Alertmanagers + to peer with to form a highly available cluster. + items: + type: string + type: array + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array required: - - preference - - weight + - nodeSelectorTerms type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The - terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label query over a set of resources, in + this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some other + pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: - type: string + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label query over a set of resources, in + this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + baseImage: + description: Base image that is used to deploy pods, without tag. + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Alertmanager object, which shall be mounted into the Alertmanager + Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/. + items: + type: string + type: array + configSecret: + description: ConfigSecret is the name of a Kubernetes Secret in the + same namespace as the Alertmanager object, which contains configuration + for this Alertmanager instance. Defaults to 'alertmanager-' + The secret is mounted into /etc/alertmanager/config. + type: string + containers: + description: Containers allows injecting additional containers. This + is meant to allow adding an authentication proxy to an Alertmanager + pod. + items: + description: A single application container that you want to run within + a pod. properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the affinity expressions specified by this field, - but it may choose a node that violates one or more of the - expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets - all of the scheduling requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to the sum - if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) + description: EnvVar represents an environment variable present + in a Container. properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. + configMapKeyRef: + description: Selects a key of a ConfigMap. properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key type: object - namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey matches - that of any node on which any of the selected pods - is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may not - try to eventually evict the pod from its node. When there - are multiple elements, the lists of nodes corresponding to - each podAffinityTerm are intersected, i.e. all terms must - be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) that - this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of pods - is running - properties: - labelSelector: - description: A label query over a set of resources, in - this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath type: object - type: object - namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of any - node on which any of the selected pods is running. Empty - topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some other - pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the anti-affinity expressions specified by this - field, but it may choose a node that violates one or more - of the expressions. The node that is most preferred is the - one with the greatest sum of weights, i.e. for each node that - meets all of the scheduling requirements (resource request, - requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field - and adding "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the node(s) with - the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key type: object - namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey matches - that of any node on which any of the selected pods - is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer required: - - podAffinityTerm - - weight + - name type: object type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will not - be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms must - be satisfied. + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) that - this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of pods - is running + description: EnvFromSource represents the source of a set of + ConfigMaps properties: - labelSelector: - description: A label query over a set of resources, in - this case pods. + configMapRef: + description: The ConfigMap to select from properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean type: object - namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of any - node on which any of the selected pods is running. Empty - topologyKey is not allowed. + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. type: string - required: - - topologyKey + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object type: object type: array - type: object - type: object - baseImage: - description: Base image that is used to deploy pods, without tag. - type: string - configMaps: - description: ConfigMaps is a list of ConfigMaps in the same namespace - as the Alertmanager object, which shall be mounted into the Alertmanager - Pods. The ConfigMaps are mounted into /etc/alertmanager/configmaps/. - items: - type: string - type: array - configSecret: - description: ConfigSecret is the name of a Kubernetes Secret in the - same namespace as the Alertmanager object, which contains configuration - for this Alertmanager instance. Defaults to 'alertmanager-' - The secret is mounted into /etc/alertmanager/config. - type: string - containers: - description: Containers allows injecting additional containers. This - is meant to allow adding an authentication proxy to an Alertmanager - pod. - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - key: - description: The key to select. + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - resource: - description: 'Required: resource to select' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean + required: + - port type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + properties: + limits: + additionalProperties: type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. format: int32 type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + name: + description: name must match the name of a persistentVolumeClaim + in the pod type: string required: - - port + - devicePath + - name type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - properties: - level: - description: Level is SELinux level label that applies - to the container. + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. type: string - role: - description: Role is a SELinux role label that applies - to the container. + name: + description: This must match the Name of a Volume. type: string - type: - description: Type is a SELinux type label that applies - to the container. + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). type: string - user: - description: User is a SELinux user label that applies - to the container. + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. type: string + required: + - mountPath + - name type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + externalUrl: + description: The external URL the Alertmanager instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Alertmanager is not served from root of a DNS name. + type: string + image: + description: Image if specified has precedence over baseImage, tag and + sha combinations. Specifying the version is still necessary to ensure + the Prometheus Operator knows what version of Alertmanager is being + configured. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + description: 'InitContainers allows adding initContainers to the pod + definition. Those can be used to e.g. fetch secrets for injection + into the Alertmanager configuration from external sources. Any errors + during the execution of an initContainer will lead to a restart of + the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + Using initContainers for any use case other then secret fetching is + entirely outside the scope of what the maintainers will support and + by doing so, you accept that this behaviour may break at any time + without notice.' + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - externalUrl: - description: The external URL the Alertmanager instances will be available - under. This is necessary to generate correct URLs. This is necessary - if Alertmanager is not served from root of a DNS name. - type: string - image: - description: Image if specified has precedence over baseImage, tag and - sha combinations. Specifying the version is still necessary to ensure - the Prometheus Operator knows what version of Alertmanager is being - configured. - type: string - imagePullSecrets: - description: An optional list of references to secrets in the same namespace - to use for pulling prometheus and alertmanager images from registries - see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod - items: - description: LocalObjectReference contains enough information to let - you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - initContainers: - description: 'InitContainers allows adding initContainers to the pod - definition. Those can be used to e.g. fetch secrets for injection - into the Alertmanager configuration from external sources. Any errors - during the execution of an initContainer will lead to a restart of - the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - Using initContainers for any use case other then secret fetching is - entirely outside the scope of what the maintainers will support and - by doing so, you accept that this behaviour may break at any time - without notice.' - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - key: - description: The key to select. + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - resource: - description: 'Required: resource to select' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean + required: + - port type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. format: int32 type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + properties: + limits: + additionalProperties: type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + properties: + level: + description: Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. type: string - user: - description: User is a SELinux user label that applies - to the container. + name: + description: name must match the name of a persistentVolumeClaim + in the pod type: string + required: + - devicePath + - name type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. - type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + name: + description: This must match the Name of a Volume. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - mountPath + - name type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + listenLocal: + description: ListenLocal makes the Alertmanager server listen on loopback, + so that it does not bind against the Pod IP. Note this is only for + the Alertmanager UI, not the gossip communication. + type: boolean + logFormat: + description: Log format for Alertmanager to be configured with. + type: string + logLevel: + description: Log level for Alertmanager to be configured with. + type: string + nodeSelector: + additionalProperties: + type: string + description: Define which Nodes the Pods are scheduled on. + type: object + paused: + description: If set to true all actions on the underlaying managed objects + are not goint to be performed, except for delete actions. + type: boolean + podMetadata: + description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + Metadata Labels and Annotations gets propagated to the prometheus + pods.' + type: object + portName: + description: Port name used for the pods and governing service. This + defaults to web + type: string + priorityClassName: + description: Priority class assigned to the Pods + type: string + replicas: + description: Size is the expected size of the alertmanager cluster. + The controller will eventually make the size of the running cluster + equal to the expected size. + format: int32 + type: integer + resources: + description: Define resources requests and limits for single Pods. + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + retention: + description: Time duration Alertmanager shall retain data for. Default + is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` + (milliseconds seconds minutes hours). + type: string + routePrefix: + description: The route prefix Alertmanager registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Alertmanager object, which shall be mounted into the Alertmanager + Pods. The Secrets are mounted into /etc/alertmanager/secrets/. + items: + type: string + type: array + securityContext: + description: SecurityContext holds pod-level security attributes and + common container settings. This defaults to the default PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies to all containers + in a pod. Some volume types allow the Kubelet to change the ownership + of that volume to be owned by the pod: \n 1. The owning GID will + be the FSGroup 2. The setgid bit is set (new files created in + the volume will be owned by FSGroup) 3. The permission bits are + OR'd with rw-rw---- \n If unset, the Kubelet will not modify the + ownership and permissions of any volume." + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux + context for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + properties: + level: + description: Level is SELinux level label that applies to the + container. + type: string + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. + type: string + type: object + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object + format: int64 + type: integer type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. items: - description: VolumeMount describes a mounting of a Volume within - a container. + description: Sysctl defines a kernel parameter to be set properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string name: - description: This must match the Name of a Volume. + description: Name of a property to set type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. + value: + description: Value of a property to set type: string required: - - mountPath - name + - value type: object type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. This field is alpha-level and is only + honored by servers that enable the WindowsGMSA feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint of + the container process. Defaults to the user specified in image + metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. This + field is alpha-level and it is only honored by servers that + enable the WindowsRunAsUserName feature flag. + type: string + type: object type: object - type: array - listenLocal: - description: ListenLocal makes the Alertmanager server listen on loopback, - so that it does not bind against the Pod IP. Note this is only for - the Alertmanager UI, not the gossip communication. - type: boolean - logFormat: - description: Log format for Alertmanager to be configured with. - type: string - logLevel: - description: Log level for Alertmanager to be configured with. - type: string - nodeSelector: - additionalProperties: + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. type: string - description: Define which Nodes the Pods are scheduled on. - type: object - paused: - description: If set to true all actions on the underlaying managed objects - are not goint to be performed, except for delete actions. - type: boolean - podMetadata: - description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata - Metadata Labels and Annotations gets propagated to the prometheus - pods.' - type: object - portName: - description: Port name used for the pods and governing service. This - defaults to web - type: string - priorityClassName: - description: Priority class assigned to the Pods - type: string - replicas: - description: Size is the expected size of the alertmanager cluster. - The controller will eventually make the size of the running cluster - equal to the expected size. - format: int32 - type: integer - resources: - description: Define resources requests and limits for single Pods. - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute resources - required. If Requests is omitted for a container, it defaults - to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - retention: - description: Time duration Alertmanager shall retain data for. Default - is '120h', and must match the regular expression `[0-9]+(ms|s|m|h)` - (milliseconds seconds minutes hours). - type: string - routePrefix: - description: The route prefix Alertmanager registers HTTP handlers for. - This is useful, if using ExternalURL and a proxy is rewriting HTTP - routes of a request, and the actual ExternalURL is still true, but - the server serves requests under a different route prefix. For example - for use with `kubectl proxy`. - type: string - secrets: - description: Secrets is a list of Secrets in the same namespace as the - Alertmanager object, which shall be mounted into the Alertmanager - Pods. The Secrets are mounted into /etc/alertmanager/secrets/. - items: + sha: + description: SHA of Alertmanager container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. type: string - type: array - securityContext: - description: SecurityContext holds pod-level security attributes and - common container settings. This defaults to the default PodSecurityContext. - properties: - fsGroup: - description: "A special supplemental group that applies to all containers - in a pod. Some volume types allow the Kubelet to change the ownership - of that volume to be owned by the pod: \n 1. The owning GID will - be the FSGroup 2. The setgid bit is set (new files created in - the volume will be owned by FSGroup) 3. The permission bits are - OR'd with rw-rw---- \n If unset, the Kubelet will not modify the - ownership and permissions of any volume." - format: int64 - type: integer - runAsGroup: - description: The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. May - also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random SELinux - context for each container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - properties: - level: - description: Level is SELinux level label that applies to the - container. - type: string - role: - description: Role is a SELinux role label that applies to the - container. - type: string - type: - description: Type is a SELinux type label that applies to the - container. - type: string - user: - description: User is a SELinux user label that applies to the - container. - type: string - type: object - supplementalGroups: - description: A list of groups applied to the first process run in - each container, in addition to the container's primary GID. If - unspecified, no groups will be added to any container. - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced sysctls used for - the pod. Pods with unsupported sysctls (by the container runtime) - might fail to launch. - items: - description: Sysctl defines a kernel parameter to be set + storage: + description: Storage is the definition of how storage will be used by + the Alertmanager instances. + properties: + emptyDir: + description: 'EmptyDirVolumeSource to be used by the Prometheus + StatefulSets. If specified, used in place of any volumeClaimTemplate. + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' properties: - name: - description: Name of a property to set + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string - value: - description: Value of a property to set + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. More + info: http://kubernetes.io/docs/user-guide/volumes#emptydir' type: string - required: - - name - - value type: object - type: array - windowsOptions: - description: The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named by - the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA - credential spec to use. This field is alpha-level and is only - honored by servers that enable the WindowsGMSA feature flag. - type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint of - the container process. Defaults to the user specified in image - metadata if unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. This - field is alpha-level and it is only honored by servers that - enable the WindowsRunAsUserName feature flag. - type: string - type: object - type: object - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to - use to run the Prometheus Pods. - type: string - sha: - description: SHA of Alertmanager container image to be deployed. Defaults - to the value of `version`. Similar to a tag, but the SHA explicitly - deploys an immutable container image. Version and Tag are ignored - if SHA is set. - type: string - storage: - description: Storage is the definition of how storage will be used by - the Alertmanager instances. - properties: - emptyDir: - description: 'EmptyDirVolumeSource to be used by the Prometheus - StatefulSets. If specified, used in place of any volumeClaimTemplate. - More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' - properties: - medium: - description: 'What type of storage medium should back this directory. - The default is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. The - default is nil which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the Prometheus StatefulSets. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' - type: object - spec: - description: 'Spec defines the desired characteristics of a - volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - accessModes: - description: 'AccessModes contains the desired access modes - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: This field requires the VolumeSnapshotDataSource - alpha feature gate to be enabled and currently VolumeSnapshot - is the only supported data source. If the provisioner - can support VolumeSnapshot data source, it will create - a new volume and data will be restored to the volume at - the same time. If the provisioner does not support VolumeSnapshot - data source, volume will not be created and the failure - will be reported as an event. In the future, we plan to - support more data source types and the behavior of the - provisioner may change. - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, the - specified Kind must be in the core API group. For - any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string - name: - description: Name is the name of resource being referenced + volumeClaimTemplate: + description: A PVC spec to be used by the Prometheus StatefulSets. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: 'Spec defines the desired characteristics of a + volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: type: string - required: - - kind - - name - type: object - resources: - description: 'Resources represents the minimum resources - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: + type: array + dataSource: + description: This field requires the VolumeSnapshotDataSource + alpha feature gate to be enabled and currently VolumeSnapshot + is the only supported data source. If the provisioner + can support VolumeSnapshot data source, it will create + a new volume and data will be restored to the volume at + the same time. If the provisioner does not support VolumeSnapshot + data source, volume will not be created and the failure + will be reported as an event. In the future, we plan to + support more data source types and the behavior of the + provisioner may change. + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. type: string - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: + kind: + description: Kind is the type of resource being referenced type: string - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - selector: - description: A label query over volumes to consider for - binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - storageClassName: - description: 'Name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume is required - by the claim. Value of Filesystem is implied when not - included in claim spec. This is a beta feature. - type: string - volumeName: - description: VolumeName is the binding reference to the - PersistentVolume backing this claim. - type: string - type: object - status: - description: 'Status represents the current information/status - of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - accessModes: - description: 'AccessModes contains the actual access modes - the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - capacity: - additionalProperties: - type: string - description: Represents the actual resources of the underlying - volume. - type: object - conditions: - description: Current Condition of persistent volume claim. - If underlying persistent volume is being resized then - the Condition will be set to 'ResizeStarted'. - items: - description: PersistentVolumeClaimCondition contails details - about state of pvc - properties: - lastProbeTime: - description: Last time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transitioned - from one status to another. - format: date-time - type: string - message: - description: Human-readable message indicating details - about last transition. - type: string - reason: - description: Unique, this should be a short, machine - understandable string that gives the reason for - condition's last transition. If it reports "ResizeStarted" - that means the underlying persistent volume is being - resized. - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is - a valid value of PersistentVolumeClaimCondition.Type + name: + description: Name is the name of resource being referenced type: string required: - - status - - type + - kind + - name type: object - type: array - phase: - description: Phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: object - tag: - description: Tag of Alertmanager container image to be deployed. Defaults - to the value of `version`. Version is ignored if Tag is set. - type: string - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, operator - must be Exists; this combination means to match all values and - all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. Exists - is equivalent to wildcard for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the - toleration (which must be of effect NoExecute, otherwise this - field is ignored) tolerates the taint. By default, it is not - set, which means tolerate the taint forever (do not evict). - Zero and negative values will be treated as 0 (evict immediately) - by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise - just a regular string. - type: string - type: object - type: array - version: - description: Version the cluster should be on. - type: string - volumeMounts: - description: VolumeMounts allows configuration of additional VolumeMounts - on the output StatefulSet definition. VolumeMounts specified will - be appended to other VolumeMounts in the alertmanager container, that - are generated as a result of StorageSpec objects. - items: - description: VolumeMount describes a mounting of a Volume within a - container. - properties: - mountPath: - description: Path within the container at which the volume should - be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are propagated - from the host to container and the other way around. When not - set, MountPropagationNone is used. This field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise (false - or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which the container's - volume should be mounted. Behaves similarly to SubPath but environment - variable references $(VAR_NAME) are expanded using the container's - environment. Defaults to "" (volume's root). SubPathExpr and - SubPath are mutually exclusive. This field is beta in 1.15. - type: string - required: - - mountPath - - name - type: object - type: array - volumes: - description: Volumes allows configuration of additional volumes on the - output StatefulSet definition. Volumes specified will be appended - to other volumes that are generated as a result of StorageSpec objects. - items: - description: Volume represents a named volume in a pod that may be - accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'AWSElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'Specify "true" to force and set the ReadOnly - property in VolumeMounts to "true". If omitted, the default - is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'Unique ID of the persistent disk resource in - AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: AzureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'Host Caching mode: None, Read Only, Read Write.' - type: string - diskName: - description: The Name of the data disk in the blob storage - type: string - diskURI: - description: The URI the data disk in the blob storage - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - kind: - description: 'Expected values Shared: multiple blob disks - per storage account Dedicated: single blob disk per storage - account Managed: azure managed data disk (only in managed - availability set). defaults to shared' - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: AzureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: the name of secret that contains Azure Storage - Account Name and Key - type: string - shareName: - description: Share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: CephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'Required: Monitors is a collection of Ceph monitors - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: - type: string - type: array - path: - description: 'Optional: Used as the mounted root, rather than - the full Ceph tree, default is /' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'Optional: SecretFile is the path to key ring - for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'Optional: SecretRef is reference to the authentication - secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + resources: + description: 'Resources represents the minimum resources + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + selector: + description: A label query over volumes to consider for + binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' type: string - type: object - user: - description: 'Optional: User is the rados user name, default - is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'Cinder represents a cinder volume attached and mounted - on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'Optional: points to a secret object containing - parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is a beta feature. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. type: string type: object - volumeID: - description: 'volume id used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: ConfigMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced ConfigMap will be projected into - the volume as a file whose name is the key and content is - the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the - ConfigMap, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. - properties: - key: - description: The key to project. + status: + description: 'Status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + type: array + capacity: + additionalProperties: type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its keys must - be defined - type: boolean - type: object - csi: - description: CSI (Container Storage Interface) represents storage - that is handled by an external CSI driver (Alpha feature). - properties: - driver: - description: Driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: Filesystem type to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed to the - associated CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: NodePublishSecretRef is a reference to the secret - object containing sensitive information to pass to the CSI - driver to complete the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be empty if no secret - is required. If the secret object contains more than one - secret, all secret references are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - readOnly: - description: Specifies a read-only configuration for the volume. - Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: VolumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: DownwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field - properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are supported.' + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". + lastProbeTime: + description: Last time we probed the condition. + format: date-time type: string - fieldPath: - description: Path of the field to select in the - specified API version. + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative path name - of the file to be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 encoded. The - first item of the relative path must not start with - ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" + status: type: string - resource: - description: 'Required: resource to select' + type: + description: PersistentVolumeClaimConditionType is + a valid value of PersistentVolumeClaimCondition.Type type: string required: - - resource + - status + - type type: object - required: - - path - type: object - type: array - type: object - emptyDir: - description: 'EmptyDir represents a temporary directory that shares - a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'What type of storage medium should back this - directory. The default is "" which means to use the node''s - default medium. Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. + type: string + type: object type: object - fc: - description: FC represents a Fibre Channel resource that is attached - to a kubelet's host machine and then exposed to the pod. - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - lun: - description: 'Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'Optional: FC target worldwide names (WWNs)' - items: + type: object + tag: + description: Tag of Alertmanager container image to be deployed. Defaults + to the value of `version`. Version is ignored if Tag is set. + type: string + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: object + type: array + version: + description: Version the cluster should be on. + type: string + volumeMounts: + description: VolumeMounts allows configuration of additional VolumeMounts + on the output StatefulSet definition. VolumeMounts specified will + be appended to other VolumeMounts in the alertmanager container, that + are generated as a result of StorageSpec objects. + items: + description: VolumeMount describes a mounting of a Volume within a + container. + properties: + mountPath: + description: Path within the container at which the volume should + be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are propagated + from the host to container and the other way around. When not + set, MountPropagationNone is used. This field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise (false + or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which the container's + volume should be mounted. Behaves similarly to SubPath but environment + variable references $(VAR_NAME) are expanded using the container's + environment. Defaults to "" (volume's root). SubPathExpr and + SubPath are mutually exclusive. This field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + volumes: + description: Volumes allows configuration of additional volumes on the + output StatefulSet definition. Volumes specified will be appended + to other volumes that are generated as a result of StorageSpec objects. + items: + description: Volume represents a named volume in a pod that may be + accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising + the machine' type: string - type: array - wwids: - description: 'Optional: FC volume world wide identifiers (wwids) - Either wwids or combination of targetWWNs and lun must be - set, but not both simultaneously.' - items: + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the ReadOnly + property in VolumeMounts to "true". If omitted, the default + is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource in + AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string - type: array - type: object - flexVolume: - description: FlexVolume represents a generic volume resource that - is provisioned/attached using an exec based plugin. - properties: - driver: - description: Driver is the name of the driver to use for this - volume. - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends on FlexVolume - script. - type: string - options: - additionalProperties: + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, Read Write.' type: string - description: 'Optional: Extra command options if any.' - type: object - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'Optional: SecretRef is reference to the secret - object containing sensitive information to pass to the plugin - scripts. This may be empty if no secret object is specified. - If the secret object contains more than one secret, all - secrets are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: Flocker represents a Flocker volume attached to a - kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: Name of the dataset stored as metadata -> name - on the dataset for Flocker should be considered as deprecated - type: string - datasetUUID: - description: UUID of the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'GCEPersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'Unique name of the PD resource in GCE. Used - to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision a - container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: Target directory name. Must not contain or start - with '..'. If '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory with - the given name. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'Glusterfs represents a Glusterfs mount on the host - that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'EndpointsName is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'Path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'ReadOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to false. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'HostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'Path of the directory on the host. If the path - is a symlink, it will follow the link to the real path. - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'Type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'ISCSI represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to the - pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - initiatorName: - description: Custom iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, new iSCSI - interface : will be created - for the connection. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses an iSCSI transport. - Defaults to 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. The portal is either - an IP or ip_addr:port if the port is other than default - (typically TCP ports 860 and 3260). - items: + diskName: + description: The Name of the data disk in the blob storage type: string - type: array - readOnly: - description: ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob disks + per storage account Dedicated: single blob disk per storage + account Managed: azure managed data disk (only in managed + availability set). defaults to shared' + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure Storage + Account Name and Key + type: string + shareName: + description: Share Name + type: string + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + items: type: string - type: object - targetPortal: - description: iSCSI Target Portal. The Portal is either an - IP or ip_addr:port if the port is other than default (typically - TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL and unique within - the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'NFS represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'Path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'ReadOnly here will force the NFS export to be - mounted with read-only permissions. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'Server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource represents a reference - to a PersistentVolumeClaim in the same namespace. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: Will force the ReadOnly setting in VolumeMounts. - Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: PhotonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - pdID: - description: ID that identifies Photon Controller persistent - disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: FSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources secrets, configmaps, - and downward API - properties: - defaultMode: - description: Mode bits to use on created files by default. - Must be a value between 0 and 0777. Directories within the - path are not affected by this setting. This might be in - conflict with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: list of volume projections + type: array + path: + description: 'Optional: Used as the mounted root, rather than + the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to key ring + for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to the authentication + secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, default + is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached and mounted + on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object containing + parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: string + required: + - volumeID + type: object + configMap: + description: ConfigMap represents a configMap that should populate + this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer items: - description: Projection that may be projected along with - other supported volume types + description: If unspecified, each key-value pair in the Data + field of the referenced ConfigMap will be projected into + the volume as a file whose name is the key and content is + the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the + ConfigMap, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its keys must + be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents storage + that is handled by an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed to the + associated CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference to the secret + object containing sensitive information to pass to the CSI + driver to complete the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be empty if no secret + is required. If the secret object contains more than one + secret, all secret references are passed. properties: - configMap: - description: information about the configMap data to - project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - downwardAPI: - description: information about the downwardAPI data - to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field - properties: - fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - description: Specifies the output format - of the exposed resources, defaults to - "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the secret data to project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced Secret will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the serviceAccountToken - data to project - properties: - audience: - description: Audience is the intended audience of - the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: ExpirationSeconds is the requested - duration of validity of the service account token. - As the token approaches expiration, the kubelet - volume plugin will proactively rotate the service - account token. The kubelet will start trying to - rotate the token if the token is older than 80 - percent of its time to live or if the token is - older than 24 hours.Defaults to 1 hour and must - be at least 10 minutes. - format: int64 - type: integer - path: - description: Path is the path relative to the mount - point of the file to project the token into. - type: string - required: - - path - type: object + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string type: object - type: array - required: - - sources - type: object - quobyte: - description: Quobyte represents a Quobyte mount on the host that - shares a pod's lifetime - properties: - group: - description: Group to map volume access to Default is no group - type: string - readOnly: - description: ReadOnly here will force the Quobyte volume to - be mounted with read-only permissions. Defaults to false. - type: boolean - registry: - description: Registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: Tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: User to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: Volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'RBD represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - image: - description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'Keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + readOnly: + description: Specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path name + of the file to be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 encoded. The + first item of the relative path must not start with + ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory that shares + a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should back this + directory. The default is "" which means to use the node''s + default medium. Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string - type: array - pool: - description: 'The rados pool name. Default is rbd. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'SecretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is nil. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + fc: + description: FC represents a Fibre Channel resource that is attached + to a kubelet's host machine and then exposed to the pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names (WWNs)' + items: type: string - type: object - user: - description: 'The rados user name. Default is admin. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: The host address of the ScaleIO API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection Domain for - the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + type: array + wwids: + description: 'Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be + set, but not both simultaneously.' + items: type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL communication with - Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage for a volume should - be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated with the - protection domain. - type: string - system: - description: The name of the storage system as configured - in ScaleIO. - type: string - volumeName: - description: The name of a volume already created in the ScaleIO - system that is associated with this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced Secret will be projected into the - volume as a file whose name is the key and content is the - value. If specified, the listed keys will be projected into - the specified paths, and unlisted keys will not be present. - If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' path - or start with '..'. - items: - description: Maps a string key to a path within a volume. + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume resource that + is provisioned/attached using an exec based plugin. + properties: + driver: + description: Driver is the name of the driver to use for this + volume. + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to the secret + object containing sensitive information to pass to the plugin + scripts. This may be empty if no secret object is specified. + If the secret object contains more than one secret, all + secrets are passed to the plugin scripts.' properties: - key: - description: The key to project. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + type: object + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached to a + kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: Name of the dataset stored as metadata -> name + on the dataset for Flocker should be considered as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in GCE. Used + to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision a + container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: Target directory name. Must not contain or start + with '..'. If '.' is supplied, the volume directory will + be the git repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory with + the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount on the host + that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. If the path + is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to the + pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, new iSCSI + interface : will be created + for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal is either + an IP or ip_addr:port if the port is other than default + (typically TCP ports 860 and 3260). + items: + type: string + type: array + readOnly: + description: ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - key - - path type: object - type: array - optional: - description: Specify whether the Secret or its keys must be - defined - type: boolean - secretName: - description: 'Name of the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + targetPortal: + description: iSCSI Target Portal. The Portal is either an + IP or ip_addr:port if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and unique within + the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export to be + mounted with read-only permissions. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents a reference + to a PersistentVolumeClaim in the same namespace. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller persistent + disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, configmaps, + and downward API + properties: + defaultMode: + description: Mode bits to use on created files by default. + Must be a value between 0 and 0777. Directories within the + path are not affected by this setting. This might be in + conflict with other options that affect the file mode, like + fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: information about the configMap data to + project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI data + to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format + of the exposed resources, defaults to + "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret data to project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended audience of + the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the requested + duration of validity of the service account token. + As the token approaches expiration, the kubelet + volume plugin will proactively rotate the service + account token. The kubelet will start trying to + rotate the token if the token is older than 80 + percent of its time to live or if the token is + older than 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative to the mount + point of the file to project the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the host that + shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default is no group + type: string + readOnly: + description: ReadOnly here will force the Quobyte volume to + be mounted with read-only permissions. Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: User to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: Volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: type: string - type: object - volumeName: - description: VolumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within a - namespace. - type: string - volumeNamespace: - description: VolumeNamespace specifies the scope of the volume - within StorageOS. If no namespace is specified then the - Pod's namespace will be used. This allows the Kubernetes - name scoping to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override the - default behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - storagePolicyID: - description: Storage Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: Path that identifies vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - type: object - status: - description: 'Most recent observed status of the Alertmanager cluster. Read-only. - Not included when requesting from the apiserver, only from the Prometheus - Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) - targeted by this Alertmanager cluster. - format: int32 - type: integer - paused: - description: Represents whether any actions on the underlaying managed - objects are being performed. Only delete actions will be performed. - type: boolean - replicas: - description: Total number of non-terminated pods targeted by this Alertmanager - cluster (their labels match the selector). - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable pods targeted by this Alertmanager - cluster. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated pods targeted by this Alertmanager - cluster that have the desired version spec. - format: int32 - type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas - type: object - required: - - spec - type: object - version: v1 - versions: - - name: v1 + type: array + pool: + description: 'The rados pool name. Default is rbd. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + user: + description: 'The rados user name. Default is admin. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: The host address of the ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection Domain for + the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + sslEnabled: + description: Flag to enable/disable SSL communication with + Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a volume should + be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated with the + protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created in the ScaleIO + system that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the Data + field of the referenced Secret will be projected into the + volume as a file whose name is the key and content is the + value. If specified, the listed keys will be projected into + the specified paths, and unlisted keys will not be present. + If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' path + or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys must be + defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within a + namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope of the volume + within StorageOS. If no namespace is specified then the + Pod's namespace will be used. This allows the Kubernetes + name scoping to be mirrored within StorageOS for tighter + integration. Set VolumeName to any name to override the + default behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: Path that identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + status: + description: 'Most recent observed status of the Alertmanager cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Alertmanager cluster. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Alertmanager + cluster. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Alertmanager + cluster that have the desired version spec. + format: int32 + type: integer + required: + - availableReplicas + - paused + - replicas + - unavailableReplicas + - updatedReplicas + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanagerconfig.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanagerconfig.yaml new file mode 100644 index 0000000000..3de01b6eb3 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-alertmanagerconfig.yaml @@ -0,0 +1,3965 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: alertmanagerconfigs.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: AlertmanagerConfig + listKind: AlertmanagerConfigList + plural: alertmanagerconfigs + singular: alertmanagerconfig + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: AlertmanagerConfig defines a namespaced AlertmanagerConfig to + be aggregated across multiple namespaces configuring one Alertmanager cluster. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AlertmanagerConfigSpec is a specification of the desired + behavior of the Alertmanager configuration. By definition, the Alertmanager + configuration only applies to alerts for which the `namespace` label + is equal to the namespace of the AlertmanagerConfig resource. + properties: + inhibitRules: + description: List of inhibition rules. The rules will only apply to + alerts matching the resource’s namespace. + items: + description: InhibitRule defines an inhibition rule that allows + to mute alerts when other alerts are already firing. See https://prometheus.io/docs/alerting/latest/configuration/#inhibit_rule + properties: + equal: + description: Labels that must have an equal value in the source + and target alert for the inhibition to take effect. + items: + type: string + type: array + sourceMatch: + description: Matchers for which one or more alerts have to exist + for the inhibition to take effect. The operator enforces that + the alert matches the resource’s namespace. + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + targetMatch: + description: Matchers that have to be fulfilled in the alerts + to be muted. The operator enforces that the alert matches + the resource’s namespace. + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + type: object + type: array + muteTimeIntervals: + description: List of MuteTimeInterval specifying when the routes should + be muted. + items: + description: MuteTimeInterval specifies the periods in time when + notifications will be muted + properties: + name: + description: Name of the time interval + type: string + timeIntervals: + description: TimeIntervals is a list of TimeInterval + items: + description: TimeInterval describes intervals of time + properties: + daysOfMonth: + description: DaysOfMonth is a list of DayOfMonthRange + items: + description: DayOfMonthRange is an inclusive range of + days of the month beginning at 1 + properties: + end: + description: End of the inclusive range + maximum: 31 + minimum: -31 + type: integer + start: + description: Start of the inclusive range + maximum: 31 + minimum: -31 + type: integer + type: object + type: array + months: + description: Months is a list of MonthRange + items: + description: MonthRange is an inclusive range of months + of the year beginning in January Months can be specified + by name (e.g 'January') by numerical month (e.g '1') + or as an inclusive range (e.g 'January:March', '1:3', + '1:March') + pattern: ^((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12])(?:((:((?i)january|february|march|april|may|june|july|august|september|october|november|december|[1-12]))$)|$) + type: string + type: array + times: + description: Times is a list of TimeRange + items: + description: TimeRange defines a start and end time + in 24hr format + properties: + endTime: + description: EndTime is the end time in 24hr format. + pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) + type: string + startTime: + description: StartTime is the start time in 24hr + format. + pattern: ^((([01][0-9])|(2[0-3])):[0-5][0-9])$|(^24:00$) + type: string + type: object + type: array + weekdays: + description: Weekdays is a list of WeekdayRange + items: + description: WeekdayRange is an inclusive range of days + of the week beginning on Sunday Days can be specified + by name (e.g 'Sunday') or as an inclusive range (e.g + 'Monday:Friday') + pattern: ^((?i)sun|mon|tues|wednes|thurs|fri|satur)day(?:((:(sun|mon|tues|wednes|thurs|fri|satur)day)$)|$) + type: string + type: array + years: + description: Years is a list of YearRange + items: + description: YearRange is an inclusive range of years + pattern: ^2\d{3}(?::2\d{3}|$) + type: string + type: array + type: object + type: array + type: object + type: array + receivers: + description: List of receivers. + items: + description: Receiver defines one or more notification integrations. + properties: + emailConfigs: + description: List of Email configurations. + items: + description: EmailConfig configures notifications via Email. + properties: + authIdentity: + description: The identity to use for authentication. + type: string + authPassword: + description: The secret's key that contains the password + to use for authentication. The secret needs to be in + the same namespace as the AlertmanagerConfig object + and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authSecret: + description: The secret's key that contains the CRAM-MD5 + secret. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + authUsername: + description: The username to use for authentication. + type: string + from: + description: The sender address. + type: string + headers: + description: Further headers email header key/value pairs. + Overrides any headers previously set by the notification + implementation. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + hello: + description: The hostname to identify to the SMTP server. + type: string + html: + description: The HTML body of the email notification. + type: string + requireTLS: + description: The SMTP TLS requirement. Note that Go does + not support unencrypted connections to remote SMTP endpoints. + type: boolean + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + smarthost: + description: The SMTP host and port through which emails + are sent. E.g. example.com:25 + type: string + text: + description: The text body of the email notification. + type: string + tlsConfig: + description: TLS configuration + properties: + ca: + description: Struct containing the CA cert to use + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert file + for the targets. + properties: + configMap: + description: ConfigMap containing data to use + for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for + the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file + for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + to: + description: The email address to send notifications to. + type: string + type: object + type: array + name: + description: Name of the receiver. Must be unique across all + items from the list. + minLength: 1 + type: string + opsgenieConfigs: + description: List of OpsGenie configurations. + items: + description: OpsGenieConfig configures notifications via OpsGenie. + See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config + properties: + apiKey: + description: The secret's key that contains the OpsGenie + API key. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiURL: + description: The URL to send OpsGenie API requests to. + type: string + description: + description: Description of the incident. + type: string + details: + description: A set of arbitrary key/value pairs that provide + further detail about the incident. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: Alert text limited to 130 characters. + type: string + note: + description: Additional alert note. + type: string + priority: + description: Priority level of alert. Possible values + are P1, P2, P3, P4, and P5. + type: string + responders: + description: List of responders responsible for notifications. + items: + description: OpsGenieConfigResponder defines a responder + to an incident. One of `id`, `name` or `username` + has to be defined. + properties: + id: + description: ID of the responder. + type: string + name: + description: Name of the responder. + type: string + type: + description: Type of responder. + minLength: 1 + type: string + username: + description: Username of the responder. + type: string + required: + - type + type: object + type: array + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + source: + description: Backlink to the sender of the notification. + type: string + tags: + description: Comma separated list of tags attached to + the notifications. + type: string + type: object + type: array + pagerdutyConfigs: + description: List of PagerDuty configurations. + items: + description: PagerDutyConfig configures notifications via + PagerDuty. See https://prometheus.io/docs/alerting/latest/configuration/#pagerduty_config + properties: + class: + description: The class/type of the event. + type: string + client: + description: Client identification. + type: string + clientURL: + description: Backlink to the sender of notification. + type: string + component: + description: The part or component of the affected system + that is broken. + type: string + description: + description: Description of the incident. + type: string + details: + description: Arbitrary key/value pairs that provide further + detail about the incident. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + group: + description: A cluster or grouping of sources. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + pagerDutyImageConfigs: + description: A list of image details to attach that provide + further detail about an incident. + items: + description: PagerDutyImageConfig attaches images to + an incident + properties: + alt: + description: Alt is the optional alternative text + for the image. + type: string + href: + description: Optional URL; makes the image a clickable + link. + type: string + src: + description: Src of the image being attached to + the incident + type: string + type: object + type: array + pagerDutyLinkConfigs: + description: A list of link details to attach that provide + further detail about an incident. + items: + description: PagerDutyLinkConfig attaches text links + to an incident + properties: + alt: + description: Text that describes the purpose of + the link, and can be used as the link's text. + type: string + href: + description: Href is the URL of the link to be attached + type: string + type: object + type: array + routingKey: + description: The secret's key that contains the PagerDuty + integration key (when using Events API v2). Either this + field or `serviceKey` needs to be defined. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + serviceKey: + description: The secret's key that contains the PagerDuty + service key (when using integration type "Prometheus"). + Either this field or `routingKey` needs to be defined. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + severity: + description: Severity of the incident. + type: string + url: + description: The URL to send requests to. + type: string + type: object + type: array + pushoverConfigs: + description: List of Pushover configurations. + items: + description: PushoverConfig configures notifications via Pushover. + See https://prometheus.io/docs/alerting/latest/configuration/#pushover_config + properties: + expire: + description: How long your notification will continue + to be retried for, unless the user acknowledges the + notification. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + html: + description: Whether notification message is HTML or plain + text. + type: boolean + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: Notification message. + type: string + priority: + description: Priority, see https://pushover.net/api#priority + type: string + retry: + description: How often the Pushover servers will send + the same notification to the user. Must be at least + 30 seconds. + pattern: ^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$ + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + sound: + description: The name of one of the sounds supported by + device clients to override the user's default sound + choice + type: string + title: + description: Notification title. + type: string + token: + description: The secret's key that contains the registered + application’s API token, see https://pushover.net/apps. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + url: + description: A supplementary URL shown alongside the message. + type: string + urlTitle: + description: A title for supplementary URL, otherwise + just the URL is shown + type: string + userKey: + description: The secret's key that contains the recipient + user’s user key. The secret needs to be in the same + namespace as the AlertmanagerConfig object and accessible + by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + type: array + slackConfigs: + description: List of Slack configurations. + items: + description: SlackConfig configures notifications via Slack. + See https://prometheus.io/docs/alerting/latest/configuration/#slack_config + properties: + actions: + description: A list of Slack actions that are sent with + each notification. + items: + description: SlackAction configures a single Slack action + that is sent with each notification. See https://api.slack.com/docs/message-attachments#action_fields + and https://api.slack.com/docs/message-buttons for + more information. + properties: + confirm: + description: SlackConfirmationField protect users + from destructive actions or particularly distinguished + decisions by asking them to confirm their button + click one more time. See https://api.slack.com/docs/interactive-message-field-guide#confirmation_fields + for more information. + properties: + dismissText: + type: string + okText: + type: string + text: + minLength: 1 + type: string + title: + type: string + required: + - text + type: object + name: + type: string + style: + type: string + text: + minLength: 1 + type: string + type: + minLength: 1 + type: string + url: + type: string + value: + type: string + required: + - text + - type + type: object + type: array + apiURL: + description: The secret's key that contains the Slack + webhook URL. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + callbackId: + type: string + channel: + description: The channel or user to send notifications + to. + type: string + color: + type: string + fallback: + type: string + fields: + description: A list of Slack fields that are sent with + each notification. + items: + description: SlackField configures a single Slack field + that is sent with each notification. Each field must + contain a title, value, and optionally, a boolean + value to indicate if the field is short enough to + be displayed next to other fields designated as short. + See https://api.slack.com/docs/message-attachments#fields + for more information. + properties: + short: + type: boolean + title: + minLength: 1 + type: string + value: + minLength: 1 + type: string + required: + - title + - value + type: object + type: array + footer: + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + iconEmoji: + type: string + iconURL: + type: string + imageURL: + type: string + linkNames: + type: boolean + mrkdwnIn: + items: + type: string + type: array + pretext: + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + shortFields: + type: boolean + text: + type: string + thumbURL: + type: string + title: + type: string + titleLink: + type: string + username: + type: string + type: object + type: array + snsConfigs: + description: List of SNS configurations + items: + description: SNSConfig configures notifications via AWS SNS. + See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs + properties: + apiURL: + description: The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + If not specified, the SNS API URL from the SNS SDK will + be used. + type: string + attributes: + additionalProperties: + type: string + description: SNS message attributes. + type: object + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: The message content of the SNS notification. + type: string + phoneNumber: + description: Phone number if message is delivered via + SMS in E.164 format. If you don't specify this value, + you must specify a value for the TopicARN or TargetARN. + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + sigv4: + description: Configures AWS's Signature Verification 4 + signing process to sign requests. + properties: + accessKey: + description: AccessKey is the AWS API key. If blank, + the environment variable `AWS_ACCESS_KEY_ID` is + used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + profile: + description: Profile is the named AWS profile used + to authenticate. + type: string + region: + description: Region is the AWS region. If blank, the + region from the default credentials chain used. + type: string + roleArn: + description: RoleArn is the named AWS profile used + to authenticate. + type: string + secretKey: + description: SecretKey is the AWS API secret. If blank, + the environment variable `AWS_SECRET_ACCESS_KEY` + is used. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + type: object + subject: + description: Subject line when the message is delivered + to email endpoints. + type: string + targetARN: + description: The mobile platform endpoint ARN if message + is delivered via mobile notifications. If you don't + specify this value, you must specify a value for the + topic_arn or PhoneNumber. + type: string + topicARN: + description: SNS topic ARN, i.e. arn:aws:sns:us-east-2:698519295917:My-Topic + If you don't specify this value, you must specify a + value for the PhoneNumber or TargetARN. + type: string + type: object + type: array + victoropsConfigs: + description: List of VictorOps configurations. + items: + description: VictorOpsConfig configures notifications via + VictorOps. See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config + properties: + apiKey: + description: The secret's key that contains the API key + to use when talking to the VictorOps API. The secret + needs to be in the same namespace as the AlertmanagerConfig + object and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiUrl: + description: The VictorOps API URL. + type: string + customFields: + description: Additional custom fields for notification. + items: + description: KeyValue defines a (key, value) tuple. + properties: + key: + description: Key of the tuple. + minLength: 1 + type: string + value: + description: Value of the tuple. + type: string + required: + - key + - value + type: object + type: array + entityDisplayName: + description: Contains summary of the alerted problem. + type: string + httpConfig: + description: The HTTP client's configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + messageType: + description: Describes the behavior of the alert (CRITICAL, + WARNING, INFO). + type: string + monitoringTool: + description: The monitoring tool the state message is + from. + type: string + routingKey: + description: A key used to map the alert to a team. + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + stateMessage: + description: Contains long explanation of the alerted + problem. + type: string + type: object + type: array + webhookConfigs: + description: List of webhook configurations. + items: + description: WebhookConfig configures notifications via a + generic receiver supporting the webhook payload. See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config + properties: + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + maxAlerts: + description: Maximum number of alerts to be sent per webhook + message. When 0, all alerts are included. + format: int32 + minimum: 0 + type: integer + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + url: + description: The URL to send HTTP POST requests to. `urlSecret` + takes precedence over `url`. One of `urlSecret` and + `url` should be defined. + type: string + urlSecret: + description: The secret's key that contains the webhook + URL to send HTTP requests to. `urlSecret` takes precedence + over `url`. One of `urlSecret` and `url` should be defined. + The secret needs to be in the same namespace as the + AlertmanagerConfig object and accessible by the Prometheus + Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + type: array + wechatConfigs: + description: List of WeChat configurations. + items: + description: WeChatConfig configures notifications via WeChat. + See https://prometheus.io/docs/alerting/latest/configuration/#wechat_config + properties: + agentID: + type: string + apiSecret: + description: The secret's key that contains the WeChat + API key. The secret needs to be in the same namespace + as the AlertmanagerConfig object and accessible by the + Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + apiURL: + description: The WeChat API URL. + type: string + corpID: + description: The corp id for authentication. + type: string + httpConfig: + description: HTTP client configuration. + properties: + authorization: + description: Authorization header configuration for + the client. This is mutually exclusive with BasicAuth + and is only available starting from Alertmanager + v0.22+. + properties: + credentials: + description: The secret's key that contains the + credentials of the request + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults + to Bearer, Basic will cause an error + type: string + type: object + basicAuth: + description: BasicAuth for the client. This is mutually + exclusive with Authorization. If both are defined, + BasicAuth takes precedence. + properties: + password: + description: The secret in the service monitor + namespace that contains the password for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor + namespace that contains the username for authentication. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: The secret's key that contains the bearer + token to be used by the client for authentication. + The secret needs to be in the same namespace as + the AlertmanagerConfig object and accessible by + the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean + required: + - key + type: object + followRedirects: + description: FollowRedirects specifies whether the + client should follow HTTP 3xx redirects. + type: boolean + oauth2: + description: OAuth2 client credentials used to fetch + a token for the targets. + properties: + clientId: + description: The secret or configmap containing + the OAuth2 client id + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 + client secret + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token + URL + type: object + scopes: + description: OAuth2 scopes used for the token + request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + proxyURL: + description: Optional proxy URL. + type: string + tlsConfig: + description: TLS configuration for the client. + properties: + ca: + description: Struct containing the CA cert to + use for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert + file for the targets. + properties: + configMap: + description: ConfigMap containing data to + use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap + or its key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use + for the targets. + properties: + key: + description: The key of the secret to + select from. Must be a valid secret + key. + type: string + name: + description: 'Name of the referent. More + info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret + or its key must be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key + file for the targets. + properties: + key: + description: The key of the secret to select + from. Must be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, + kind, uid?' + type: string + optional: + description: Specify whether the Secret or + its key must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the + targets. + type: string + type: object + type: object + message: + description: API request data as defined by the WeChat + API. + type: string + messageType: + type: string + sendResolved: + description: Whether or not to notify about resolved alerts. + type: boolean + toParty: + type: string + toTag: + type: string + toUser: + type: string + type: object + type: array + required: + - name + type: object + type: array + route: + description: The Alertmanager route definition for alerts matching + the resource’s namespace. If present, it will be added to the generated + Alertmanager configuration as a first-level route. + properties: + continue: + description: Boolean indicating whether an alert should continue + matching subsequent sibling nodes. It will always be overridden + to true for the first-level route by the Prometheus operator. + type: boolean + groupBy: + description: List of labels to group by. Labels must not be repeated + (unique list). Special label "..." (aggregate by all possible + labels), if provided, must be the only element in the list. + items: + type: string + type: array + groupInterval: + description: 'How long to wait before sending an updated notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "5m"' + type: string + groupWait: + description: 'How long to wait before sending the initial notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "30s"' + type: string + matchers: + description: 'List of matchers that the alert’s labels should + match. For the first level route, the operator removes any existing + equality and regexp matcher on the `namespace` label and adds + a `namespace: ` matcher.' + items: + description: Matcher defines how to match on alert's labels. + properties: + matchType: + description: Match operation available with AlertManager + >= v0.22.0 and takes precedence over Regex (deprecated) + if non-empty. + enum: + - '!=' + - = + - =~ + - '!~' + type: string + name: + description: Label to match. + minLength: 1 + type: string + regex: + description: Whether to match on equality (false) or regular-expression + (true). Deprecated as of AlertManager >= v0.22.0 where + a user should use MatchType instead. + type: boolean + value: + description: Label value to match. + type: string + required: + - name + type: object + type: array + muteTimeIntervals: + description: 'Note: this comment applies to the field definition + above but appears below otherwise it gets included in the generated + manifest. CRD schema doesn''t support self-referential types + for now (see https://github.com/kubernetes/kubernetes/issues/62872). + We have to use an alternative type to circumvent the limitation. + The downside is that the Kube API can''t validate the data beyond + the fact that it is a valid JSON representation. MuteTimeIntervals + is a list of MuteTimeInterval names that will mute this route + when matched,' + items: + type: string + type: array + receiver: + description: Name of the receiver for this route. If not empty, + it should be listed in the `receivers` field. + type: string + repeatInterval: + description: 'How long to wait before repeating the last notification. + Must match the regular expression`^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$` + Example: "4h"' + type: string + routes: + description: Child routes. + items: + x-kubernetes-preserve-unknown-fields: true + type: array + type: object + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml index c43f198353..c47babefd8 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-podmonitor.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/release-0.35/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,247 +16,246 @@ spec: singular: podmonitor preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: PodMonitor defines monitoring for a set of pods. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of desired Pod selection for target discovery - by Prometheus. - properties: - jobLabel: - description: The label to use to retrieve the job name from. - type: string - namespaceSelector: - description: Selector to select which namespaces the Endpoints objects - are discovered from. - properties: - any: - description: Boolean describing whether all namespaces are selected - in contrast to a list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - podMetricsEndpoints: - description: A list of endpoints allowed as part of this PodMonitor. - items: - description: PodMetricsEndpoint defines a scrapeable endpoint of a - Kubernetes Pod serving Prometheus metrics. + versions: + - name: v1 + schema: + openAPIV3Schema: + description: PodMonitor defines monitoring for a set of pods. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Pod selection for target discovery + by Prometheus. + properties: + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. properties: - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. type: boolean - honorTimestamps: - description: HonorTimestamps controls whether Prometheus respects - the timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. + matchNames: + description: List of namespace names. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It defines - ``-section of Prometheus configuration. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' - properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: Regular expression against which the extracted - value is matched. Default is '(.*)' - type: string - replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' - type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: + type: string + type: array + type: object + podMetricsEndpoints: + description: A list of endpoints allowed as part of this PodMonitor. + items: + description: PodMetricsEndpoint defines a scrapeable endpoint of a + Kubernetes Pod serving Prometheus metrics. + properties: + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether Prometheus respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' type: string - type: array - targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + params: + additionalProperties: + items: type: string + type: array + description: Optional HTTP URL parameters type: object - type: array - params: - additionalProperties: + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the port this endpoint refers to. Mutually + exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before ingestion. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' items: - type: string + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - port: - description: Name of the port this endpoint refers to. Mutually - exclusive with targetPort. - type: string - proxyUrl: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - relabelings: - description: 'RelabelConfigs to apply to samples before ingestion. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the target port of the endpoint. + Mutually exclusive with port. + x-kubernetes-int-or-string: true + type: object + type: array + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Pod objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It defines - ``-section of Prometheus configuration. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: Regular expression against which the extracted - value is matched. Default is '(.*)' - type: string - replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + key: + description: key is the label key that the selector applies + to. type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string - sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - separator and matched against the configured regular expression - for the replace, keep, and drop actions. + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. items: type: string type: array - targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. - type: string + required: + - key + - operator type: object type: array - scheme: - description: HTTP scheme to use for scraping. - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - targetPort: - anyOf: - - type: integer - - type: string - description: Name or number of the target port of the endpoint. - Mutually exclusive with port. - x-kubernetes-int-or-string: true - type: object - type: array - podTargetLabels: - description: PodTargetLabels transfers labels on the Kubernetes Pod - onto the target. - items: - type: string - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - selector: - description: Selector to select Pod objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - required: - - podMetricsEndpoints - - selector - type: object - required: - - spec - type: object - version: v1 - versions: - - name: v1 + type: object + required: + - podMetricsEndpoints + - selector + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-probe.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-probe.yaml new file mode 100644 index 0000000000..aa39aa0d63 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-probe.yaml @@ -0,0 +1,653 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.6.2 + creationTimestamp: null + name: probes.monitoring.coreos.com +spec: + group: monitoring.coreos.com + names: + categories: + - prometheus-operator + kind: Probe + listKind: ProbeList + plural: probes + singular: probe + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Probe defines monitoring for a set of static targets or ingresses. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Ingress selection for target discovery + by Prometheus. + properties: + authorization: + description: Authorization section for this endpoint + properties: + credentials: + description: The secret's key that contains the credentials of + the request + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + type: + description: Set the authentication type. Defaults to Bearer, + Basic will cause an error + type: string + type: object + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over basic + authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint' + properties: + password: + description: The secret in the service monitor namespace that + contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + type: object + bearerTokenSecret: + description: Secret to mount to read bearer token for scraping targets. + The secret needs to be in the same namespace as the probe and accessible + by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must be a + valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + interval: + description: Interval at which targets are probed using the configured + prober. If not specified Prometheus' global scrape interval is used. + type: string + jobName: + description: The job name assigned to scraped metrics by default. + type: string + labelLimit: + description: Per-scrape limit on number of labels that will be accepted + for a sample. Only valid in Prometheus versions 2.27.0 and newer. + format: int64 + type: integer + labelNameLengthLimit: + description: Per-scrape limit on length of labels name that will be + accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + labelValueLengthLimit: + description: Per-scrape limit on length of labels value that will + be accepted for a sample. Only valid in Prometheus versions 2.27.0 + and newer. + format: int64 + type: integer + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the label + set, being applied to samples before ingestion. It defines ``-section + of Prometheus configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. Default + is 'replace' + enum: + - replace + - keep + - drop + - hashmod + - labelmap + - labeldrop + - labelkeep + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex capture + groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source label + values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing labels. + Their content is concatenated using the configured separator + and matched against the configured regular expression for + the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label name which + may only contain ASCII letters, numbers, as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written in + a replace action. It is mandatory for replace actions. Regex + capture groups are available. + type: string + type: object + type: array + module: + description: 'The module to use for probing specifying how to probe + the target. Example module configuring in the blackbox exporter: + https://github.com/prometheus/blackbox_exporter/blob/master/example.yml' + type: string + oauth2: + description: OAuth2 for the URL. Only valid in Prometheus versions + 2.27.0 and newer. + properties: + clientId: + description: The secret or configmap containing the OAuth2 client + id + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + clientSecret: + description: The secret containing the OAuth2 client secret + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + endpointParams: + additionalProperties: + type: string + description: Parameters to append to the token URL + type: object + scopes: + description: OAuth2 scopes used for the token request + items: + type: string + type: array + tokenUrl: + description: The URL to fetch the token from + minLength: 1 + type: string + required: + - clientId + - clientSecret + - tokenUrl + type: object + prober: + description: Specification for the prober to use for probing targets. + The prober.URL parameter is required. Targets cannot be probed if + left empty. + properties: + path: + description: Path to collect metrics from. Defaults to `/probe`. + type: string + proxyUrl: + description: Optional ProxyURL. + type: string + scheme: + description: HTTP scheme to use for scraping. Defaults to `http`. + type: string + url: + description: Mandatory URL of the prober. + type: string + required: + - url + type: object + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + scrapeTimeout: + description: Timeout for scraping metrics from the Prometheus exporter. + type: string + targetLimit: + description: TargetLimit defines a limit on the number of scraped + targets that will be accepted. + format: int64 + type: integer + targets: + description: Targets defines a set of static or dynamically discovered + targets to probe. + properties: + ingress: + description: ingress defines the Ingress objects to probe and + the relabeling configuration. If `staticConfig` is also defined, + `staticConfig` takes precedence. + properties: + namespaceSelector: + description: From which namespaces to select Ingress objects. + properties: + any: + description: Boolean describing whether all namespaces + are selected in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names to select from. + items: + type: string + type: array + type: object + relabelingConfigs: + description: 'RelabelConfigs to apply to the label set of + the target before it gets scraped. The original ingress + address is available via the `__tmp_prometheus_ingress_address` + label. It can be used to customize the probed URL. The original + scrape job''s name is available via the `__tmp_prometheus_job_name` + label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of + the label set, being applied to samples before ingestion. + It defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace' + enum: + - replace + - keep + - drop + - hashmod + - labelmap + - labeldrop + - labelkeep + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label + name which may only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + selector: + description: Selector to select the Ingress objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, NotIn, + Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists or + DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field is + "key", the operator is "In", and the values array contains + only "value". The requirements are ANDed. + type: object + type: object + type: object + staticConfig: + description: 'staticConfig defines the static list of targets + to probe and the relabeling configuration. If `ingress` is also + defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.' + properties: + labels: + additionalProperties: + type: string + description: Labels assigned to all metrics scraped from the + targets. + type: object + relabelingConfigs: + description: 'RelabelConfigs to apply to the label set of + the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of + the label set, being applied to samples before ingestion. + It defines ``-section of Prometheus + configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + properties: + action: + default: replace + description: Action to perform based on regex matching. + Default is 'replace' + enum: + - replace + - keep + - drop + - hashmod + - labelmap + - labeldrop + - labelkeep + type: string + modulus: + description: Modulus to take of the hash of the source + label values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex + replace is performed if the regular expression matches. + Regex capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular + expression for the replace, keep, and drop actions. + items: + description: LabelName is a valid Prometheus label + name which may only contain ASCII letters, numbers, + as well as underscores. + pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$ + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. + type: string + type: object + type: array + static: + description: The list of hosts to probe. + items: + type: string + type: array + type: object + type: object + tlsConfig: + description: TLS configuration to use when scraping the endpoint. + properties: + ca: + description: Struct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + cert: + description: Struct containing the client cert file for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + type: object + required: + - spec + type: object + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml index baad86f252..643872f27b 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheus.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/release-0.35/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,2282 +16,3459 @@ spec: singular: prometheus preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: Prometheus defines a Prometheus deployment. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Specification of the desired behavior of the Prometheus cluster. - More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - additionalAlertManagerConfigs: - description: 'AdditionalAlertManagerConfigs allows specifying a key - of a Secret containing additional Prometheus AlertManager configurations. - AlertManager configurations specified are appended to the configurations - generated by the Prometheus Operator. Job configurations specified - must have the form as specified in the official Prometheus documentation: - https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. - As AlertManager configs are appended, the user is responsible to make - sure it is valid. Note that using this feature may expose the possibility - to break upgrades of Prometheus. It is advised to review Prometheus - release notes to ensure that no incompatible AlertManager configs - are going to break Prometheus after the upgrade.' - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - additionalAlertRelabelConfigs: - description: 'AdditionalAlertRelabelConfigs allows specifying a key - of a Secret containing additional Prometheus alert relabel configurations. - Alert relabel configurations specified are appended to the configurations - generated by the Prometheus Operator. Alert relabel configurations - specified must have the form as specified in the official Prometheus - documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. - As alert relabel configs are appended, the user is responsible to - make sure it is valid. Note that using this feature may expose the - possibility to break upgrades of Prometheus. It is advised to review - Prometheus release notes to ensure that no incompatible alert relabel - configs are going to break Prometheus after the upgrade.' - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - additionalScrapeConfigs: - description: 'AdditionalScrapeConfigs allows specifying a key of a Secret - containing additional Prometheus scrape configurations. Scrape configurations - specified are appended to the configurations generated by the Prometheus - Operator. Job configurations specified must have the form as specified - in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. - As scrape configs are appended, the user is responsible to make sure - it is valid. Note that using this feature may expose the possibility - to break upgrades of Prometheus. It is advised to review Prometheus - release notes to ensure that no incompatible scrape configs are going - to break Prometheus after the upgrade.' - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - affinity: - description: If specified, the pod's scheduling constraints. - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the affinity expressions specified by this field, - but it may choose a node that violates one or more of the - expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets - all of the scheduling requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to the sum - if the node matches the corresponding matchExpressions; the - node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches all - objects with implicit weight 0 (i.e. it's a no-op). A null - preferred scheduling term matches no objects (i.e. is also - a no-op). + versions: + - name: v1 + schema: + openAPIV3Schema: + description: Prometheus defines a Prometheus deployment. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the Prometheus cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + additionalAlertManagerConfigs: + description: 'AdditionalAlertManagerConfigs allows specifying a key + of a Secret containing additional Prometheus AlertManager configurations. + AlertManager configurations specified are appended to the configurations + generated by the Prometheus Operator. Job configurations specified + must have the form as specified in the official Prometheus documentation: + https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config. + As AlertManager configs are appended, the user is responsible to make + sure it is valid. Note that using this feature may expose the possibility + to break upgrades of Prometheus. It is advised to review Prometheus + release notes to ensure that no incompatible AlertManager configs + are going to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + additionalAlertRelabelConfigs: + description: 'AdditionalAlertRelabelConfigs allows specifying a key + of a Secret containing additional Prometheus alert relabel configurations. + Alert relabel configurations specified are appended to the configurations + generated by the Prometheus Operator. Alert relabel configurations + specified must have the form as specified in the official Prometheus + documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. + As alert relabel configs are appended, the user is responsible to + make sure it is valid. Note that using this feature may expose the + possibility to break upgrades of Prometheus. It is advised to review + Prometheus release notes to ensure that no incompatible alert relabel + configs are going to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + additionalScrapeConfigs: + description: 'AdditionalScrapeConfigs allows specifying a key of a Secret + containing additional Prometheus scrape configurations. Scrape configurations + specified are appended to the configurations generated by the Prometheus + Operator. Job configurations specified must have the form as specified + in the official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config. + As scrape configs are appended, the user is responsible to make sure + it is valid. Note that using this feature may expose the possibility + to break upgrades of Prometheus. It is advised to review Prometheus + release notes to ensure that no incompatible scrape configs are going + to break Prometheus after the upgrade.' + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + affinity: + description: If specified, the pod's scheduling constraints. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node matches the corresponding matchExpressions; the + node(s) with the highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches all + objects with implicit weight 0 (i.e. it's a no-op). A null + preferred scheduling term matches no objects (i.e. is also + a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + nodeSelectorTerms: + description: Required. A list of node selector terms. The + terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the + operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be + empty. If the operator is Gt or Lt, the values + array must have a single element, which will + be interpreted as an integer. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the affinity expressions specified by this field, + but it may choose a node that violates one or more of the + expressions. The node that is most preferred is the one with + the greatest sum of weights, i.e. for each node that meets + all of the scheduling requirements (resource request, requiredDuringScheduling + affinity expressions, etc.), compute a sum by iterating through + the elements of this field and adding "weight" to the sum + if the node has pods which matches the corresponding podAffinityTerm; + the node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may not + try to eventually evict the pod from its node. When there + are multiple elements, the lists of nodes corresponding to + each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label query over a set of resources, in + this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some other + pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes + that satisfy the anti-affinity expressions specified by this + field, but it may choose a node that violates one or more + of the expressions. The node that is most preferred is the + one with the greatest sum of weights, i.e. for each node that + meets all of the scheduling requirements (resource request, + requiredDuringScheduling anti-affinity expressions, etc.), + compute a sum by iterating through the elements of this field + and adding "weight" to the sum if the node has pods which + matches the corresponding podAffinityTerm; the node(s) with + the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement is + a selector that contains values, a key, and + an operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If + the operator is Exists or DoesNotExist, + the values array must be empty. This array + is replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object type: array - required: - - key - - operator + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". + The requirements are ANDed. + type: object type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + namespaces: + description: namespaces specifies which namespaces + the labelSelector applies to (matches against); + null or empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey matches + that of any node on which any of the selected pods + is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will not + be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its node. + When there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms must + be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) that + this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of pods + is running + properties: + labelSelector: + description: A label query over a set of resources, in + this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values + array must be non-empty. If the operator is + Exists or DoesNotExist, the values array must + be empty. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies which namespaces the + labelSelector applies to (matches against); null or + empty list means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of any + node on which any of the selected pods is running. Empty + topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + alerting: + description: Define details regarding alerting. + properties: + alertmanagers: + description: AlertmanagerEndpoints Prometheus should fire alerts + against. + items: + description: AlertmanagerEndpoints defines a selection of a single + Endpoints object containing alertmanager IPs to fire alerts + against. + properties: + apiVersion: + description: Version of the Alertmanager API that Prometheus + uses to send alerts. It can be "v1" or "v2". + type: string + bearerTokenFile: + description: BearerTokenFile to read from filesystem to use + when authenticating to Alertmanager. + type: string + name: + description: Name of Endpoints object in Namespace. + type: string + namespace: + description: Namespace of Endpoints object. + type: string + pathPrefix: + description: Prefix for the HTTP path alerts are pushed to. + type: string + port: + anyOf: + - type: integer + - type: string + description: Port the Alertmanager API is exposed on. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use when firing alerts. + type: string + tlsConfig: + description: TLS Config to use for alertmanager connection. + properties: + ca: + description: Stuct containing the CA cert to use for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. properties: key: - description: The label key that the selector - applies to. + description: The key to select. type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: - type: string - type: array + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean required: - key - - operator type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The - terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + secret: + description: Secret containing data to use for the + targets. properties: key: - description: The label key that the selector - applies to. + description: The key of the secret to select from. Must + be a valid secret key. type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: - type: string - type: array + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean required: - key - - operator type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file for + the targets. + properties: + configMap: + description: ConfigMap containing data to use for + the targets. properties: key: - description: The label key that the selector - applies to. + description: The key to select. type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists, DoesNotExist. Gt, and Lt. + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string - values: - description: An array of string values. If the - operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be - empty. If the operator is Gt or Lt, the values - array must have a single element, which will - be interpreted as an integer. This array is - replaced during a strategic merge patch. - items: - type: string - type: array + optional: + description: Specify whether the ConfigMap or + its key must be defined + type: boolean required: - key - - operator type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate - this pod in the same node, zone, etc. as some other pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the affinity expressions specified by this field, - but it may choose a node that violates one or more of the - expressions. The node that is most preferred is the one with - the greatest sum of weights, i.e. for each node that meets - all of the scheduling requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating through - the elements of this field and adding "weight" to the sum - if the node has pods which matches the corresponding podAffinityTerm; - the node(s) with the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. - properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey matches - that of any node on which any of the selected pods - is running. Empty topologyKey is not allowed. - type: string - required: - - topologyKey - type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to a pod label update), the system may or may not - try to eventually evict the pod from its node. When there - are multiple elements, the lists of nodes corresponding to - each podAffinityTerm are intersected, i.e. all terms must - be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) that - this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of pods - is running - properties: - labelSelector: - description: A label query over a set of resources, in - this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + secret: + description: Secret containing data to use for the + targets. properties: key: - description: key is the label key that the selector - applies to. + description: The key of the secret to select from. Must + be a valid secret key. type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. + name: + description: 'Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: - type: string - type: array + optional: + description: Specify whether the Secret or its + key must be defined + type: boolean required: - key - - operator type: object - type: array - matchLabels: - additionalProperties: + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for + the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" - items: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of any - node on which any of the selected pods is running. Empty - topologyKey is not allowed. + type: object + required: + - name + - namespace + - port + type: object + type: array + required: + - alertmanagers + type: object + apiserverConfig: + description: APIServerConfig allows specifying a host and auth methods + to access apiserver. If left empty, Prometheus is assumed to run inside + of the cluster and will discover API servers automatically and use + the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. + properties: + basicAuth: + description: BasicAuth allow an endpoint to authenticate over basic + authentication + properties: + password: + description: The secret in the service monitor namespace that + contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean required: - - topologyKey + - key type: object - type: array - type: object - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. - avoid putting this pod in the same node, zone, etc. as some other - pod(s)). - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes - that satisfy the anti-affinity expressions specified by this - field, but it may choose a node that violates one or more - of the expressions. The node that is most preferred is the - one with the greatest sum of weights, i.e. for each node that - meets all of the scheduling requirements (resource request, - requiredDuringScheduling anti-affinity expressions, etc.), - compute a sum by iterating through the elements of this field - and adding "weight" to the sum if the node has pods which - matches the corresponding podAffinityTerm; the node(s) with - the highest sum are the most preferred. - items: - description: The weights of all of the matched WeightedPodAffinityTerm - fields are added per-node to find the most preferred node(s) + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + bearerToken: + description: Bearer token for accessing apiserver. + type: string + bearerTokenFile: + description: File to read bearer token for accessing apiserver. + type: string + host: + description: Host of apiserver. A valid string consisting of a hostname + or IP followed by an optional port number + type: string + tlsConfig: + description: TLS Config to use for accessing apiserver. + properties: + ca: + description: Stuct containing the CA cert to use for the targets. properties: - podAffinityTerm: - description: Required. A pod affinity term, associated - with the corresponding weight. + configMap: + description: ConfigMap containing data to use for the targets. properties: - labelSelector: - description: A label query over a set of resources, - in this case pods. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement is - a selector that contains values, a key, and - an operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If - the operator is Exists or DoesNotExist, - the values array must be empty. This array - is replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - namespaces: - description: namespaces specifies which namespaces - the labelSelector applies to (matches against); - null or empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods - matching the labelSelector in the specified namespaces, - where co-located is defined as running on a node - whose value of the label with key topologyKey matches - that of any node on which any of the selected pods - is running. Empty topologyKey is not allowed. + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean required: - - topologyKey + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key type: object - weight: - description: weight associated with matching the corresponding - podAffinityTerm, in the range 1-100. - format: int32 - type: integer - required: - - podAffinityTerm - - weight type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by - this field are not met at scheduling time, the pod will not - be scheduled onto the node. If the anti-affinity requirements - specified by this field cease to be met at some point during - pod execution (e.g. due to a pod label update), the system - may or may not try to eventually evict the pod from its node. - When there are multiple elements, the lists of nodes corresponding - to each podAffinityTerm are intersected, i.e. all terms must - be satisfied. - items: - description: Defines a set of pods (namely those matching - the labelSelector relative to the given namespace(s)) that - this pod should be co-located (affinity) or not co-located - (anti-affinity) with, where co-located is defined as running - on a node whose value of the label with key - matches that of any node on which a pod of the set of pods - is running + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. properties: - labelSelector: - description: A label query over a set of resources, in - this case pods. + configMap: + description: ConfigMap containing data to use for the targets. properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values - array must be non-empty. If the operator is - Exists or DoesNotExist, the values array must - be empty. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its key + must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key type: object - namespaces: - description: namespaces specifies which namespaces the - labelSelector applies to (matches against); null or - empty list means "this pod's namespace" - items: - type: string - type: array - topologyKey: - description: This pod should be co-located (affinity) - or not co-located (anti-affinity) with the pods matching - the labelSelector in the specified namespaces, where - co-located is defined as running on a node whose value - of the label with key topologyKey matches that of any - node on which any of the selected pods is running. Empty - topologyKey is not allowed. - type: string - required: - - topologyKey type: object - type: array - type: object - type: object - alerting: - description: Define details regarding alerting. - properties: - alertmanagers: - description: AlertmanagerEndpoints Prometheus should fire alerts - against. - items: - description: AlertmanagerEndpoints defines a selection of a single - Endpoints object containing alertmanager IPs to fire alerts - against. - properties: - apiVersion: - description: Version of the Alertmanager API that Prometheus - uses to send alerts. It can be "v1" or "v2". - type: string - bearerTokenFile: - description: BearerTokenFile to read from filesystem to use - when authenticating to Alertmanager. + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. type: string - name: - description: Name of Endpoints object in Namespace. + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus container + for the targets. type: string - namespace: - description: Namespace of Endpoints object. + keySecret: + description: Secret containing the client key file for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. type: string - pathPrefix: - description: Prefix for the HTTP path alerts are pushed to. + type: object + required: + - host + type: object + arbitraryFSAccessThroughSMs: + description: ArbitraryFSAccessThroughSMs configures whether configuration + based on a service monitor can access arbitrary files on the file + system of the Prometheus container e.g. bearer token files. + properties: + deny: + type: boolean + type: object + baseImage: + description: Base image to use for a Prometheus deployment. + type: string + configMaps: + description: ConfigMaps is a list of ConfigMaps in the same namespace + as the Prometheus object, which shall be mounted into the Prometheus + Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/. + items: + type: string + type: array + containers: + description: 'Containers allows injecting additional containers or modifying + operator generated containers. This can be used to allow adding an + authentication proxy to a Prometheus pod or to change the behavior + of an operator generated container. Containers described here modify + an operator generated container if they share the same name and modifications + are done via a strategic merge patch. The current container names + are: `prometheus`, `prometheus-config-reloader`, `rules-configmap-reloader`, + and `thanos-sidecar`. Overriding containers is entirely outside the + scope of what the maintainers will support and by doing so, you accept + that this behaviour may break at any time without notice.' + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: type: string - port: - anyOf: - - type: integer - - type: string - description: Port the Alertmanager API is exposed on. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use when firing alerts. + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: type: string - tlsConfig: - description: TLS Config to use for alertmanager connection. + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. properties: - ca: - description: Stuct containing the CA cert to use for the - targets. + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. properties: - configMap: - description: ConfigMap containing data to use for - the targets. + configMapKeyRef: + description: Selects a key of a ConfigMap. properties: key: description: The key to select. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: - description: Specify whether the ConfigMap or - its key must be defined + description: Specify whether the ConfigMap or its + key must be defined type: boolean required: - key type: object - secret: - description: Secret containing data to use for the - targets. + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + fieldPath: + description: Path of the field to select in the + specified API version. type: string - optional: - description: Specify whether the Secret or its - key must be defined - type: boolean required: - - key + - fieldPath type: object - type: object - caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. - type: string - cert: - description: Struct containing the client cert file for - the targets. - properties: - configMap: - description: ConfigMap containing data to use for - the targets. + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' properties: - key: - description: The key to select. + containerName: + description: 'Container name: required for volumes, + optional for env vars' type: string - name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' type: string - optional: - description: Specify whether the ConfigMap or - its key must be defined - type: boolean required: - - key + - resource type: object - secret: - description: Secret containing data to use for the - targets. + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace properties: key: description: The key of the secret to select from. Must be a valid secret key. type: string name: - description: 'Name of the referent. More info: - https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: - description: Specify whether the Secret or its - key must be defined + description: Specify whether the Secret or its key + must be defined type: boolean required: - key type: object type: object - certFile: - description: Path to the client cert file in the Prometheus - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the Prometheus - container for the targets. - type: string - keySecret: - description: Secret containing the client key file for - the targets. + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: - description: Specify whether the Secret or its key - must be defined + description: Specify whether the ConfigMap must be defined type: boolean - required: - - key type: object - serverName: - description: Used to verify the hostname for the targets. + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object type: object - required: - - name - - namespace - - port - type: object - type: array - required: - - alertmanagers - type: object - apiserverConfig: - description: APIServerConfig allows specifying a host and auth methods - to access apiserver. If left empty, Prometheus is assumed to run inside - of the cluster and will discover API servers automatically and use - the pod's CA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/. - properties: - basicAuth: - description: BasicAuth allow an endpoint to authenticate over basic - authentication - properties: - password: - description: The secret in the service monitor namespace that - contains the password for authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - username: - description: The secret in the service monitor namespace that - contains the username for authentication. + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object type: object - type: object - bearerToken: - description: Bearer token for accessing apiserver. - type: string - bearerTokenFile: - description: File to read bearer token for accessing apiserver. - type: string - host: - description: Host of apiserver. A valid string consisting of a hostname - or IP followed by an optional port number - type: string - tlsConfig: - description: TLS Config to use for accessing apiserver. - properties: - ca: - description: Stuct containing the CA cert to use for the targets. + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMap: - description: ConfigMap containing data to use for the targets. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - key: - description: The key to select. + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean required: - - key + - port type: object - secret: - description: Secret containing data to use for the targets. + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. type: string - cert: - description: Struct containing the client cert file for the - targets. + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. + properties: + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. + type: string + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. + type: string + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMap: - description: ConfigMap containing data to use for the targets. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - key: - description: The key to select. + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its key - must be defined - type: boolean required: - - key + - port type: object - secret: - description: Secret containing data to use for the targets. + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - certFile: - description: Path to the client cert file in the Prometheus - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the Prometheus container - for the targets. - type: string - keySecret: - description: Secret containing the client key file for the targets. + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object type: object - serverName: - description: Used to verify the hostname for the targets. - type: string - type: object - required: - - host - type: object - arbitraryFSAccessThroughSMs: - description: ArbitraryFSAccessThroughSMs configures whether configuration - based on a service monitor can access arbitrary files on the file - system of the Prometheus container e.g. bearer token files. - properties: - deny: - type: boolean - type: object - baseImage: - description: Base image to use for a Prometheus deployment. - type: string - configMaps: - description: ConfigMaps is a list of ConfigMaps in the same namespace - as the Prometheus object, which shall be mounted into the Prometheus - Pods. The ConfigMaps are mounted into /etc/prometheus/configmaps/. - items: - type: string - type: array - containers: - description: 'Containers allows injecting additional containers or modifying - operator generated containers. This can be used to allow adding an - authentication proxy to a Prometheus pod or to change the behavior - of an operator generated container. Containers described here modify - an operator generated container if they share the same name and modifications - are done via a strategic merge patch. The current container names - are: `prometheus`, `prometheus-config-reloader`, `rules-configmap-reloader`, - and `thanos-sidecar`. Overriding containers is entirely outside the - scope of what the maintainers will support and by doing so, you accept - that this behaviour may break at any time without notice.' - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. + type: string + name: + description: name must match the name of a persistentVolumeClaim + in the pod + type: string + required: + - devicePath + - name type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. + type: string + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + disableCompaction: + description: Disable prometheus compaction. + type: boolean + enableAdminAPI: + description: 'Enable access to prometheus web admin API. Defaults to + the value of `false`. WARNING: Enabling the admin APIs enables mutating + endpoints, to delete data, shutdown Prometheus, and more. Enabling + this should be done with care and the user is advised to add additional + authentication authorization via a proxy to ensure only clients authorized + to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' + type: boolean + enforcedNamespaceLabel: + description: EnforcedNamespaceLabel enforces adding a namespace label + of origin for each alert and metric that is user created. The label + value will always be the namespace of the object that is being created. + type: string + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + externalLabels: + additionalProperties: + type: string + description: The labels to add to any time series or alerts when communicating + with external systems (federation, remote storage, Alertmanager). + type: object + externalUrl: + description: The external URL the Prometheus instances will be available + under. This is necessary to generate correct URLs. This is necessary + if Prometheus is not served from root of a DNS name. + type: string + ignoreNamespaceSelectors: + description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector + settings from the podmonitor and servicemonitor configs, and they + will only discover endpoints within their current namespace. Defaults + to false. + type: boolean + image: + description: Image if specified has precedence over baseImage, tag and + sha combinations. Specifying the version is still necessary to ensure + the Prometheus Operator knows what version of Prometheus is being + configured. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling prometheus and alertmanager images from registries + see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + description: 'InitContainers allows adding initContainers to the pod + definition. Those can be used to e.g. fetch secrets for injection + into the Prometheus configuration from external sources. Any errors + during the execution of an initContainer will lead to a restart of + the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + Using initContainers for any use case other then secret fetching is + entirely outside the scope of what the maintainers will support and + by doing so, you accept that this behaviour may break at any time + without notice.' + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object type: object - httpGet: - description: HTTPGet specifies the http request to perform. + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - port + optional: + description: Specify whether the ConfigMap must be defined + type: boolean type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port + optional: + description: Specify whether the Secret must be defined + type: boolean type: object type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' + type: string + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' + type: string + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. + properties: + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. properties: - name: - description: The header field name + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - value: - description: The header field value + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - - name - - value + - port type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. format: int32 type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + - containerPort type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + properties: + limits: + additionalProperties: type: string - user: - description: User is a SELinux user label that applies - to the container. + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: type: string - type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. + type: string + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + properties: + level: + description: Level is SELinux level label that applies + to the container. + type: string + role: + description: Role is a SELinux role label that applies + to the container. + type: string + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. + name: + description: name must match the name of a persistentVolumeClaim + in the pod type: string + required: + - devicePath + - name type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + name: + description: This must match the Name of a Volume. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). + type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - mountPath + - name type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + listenLocal: + description: ListenLocal makes the Prometheus server listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logFormat: + description: Log format for Prometheus to be configured with. + type: string + logLevel: + description: Log level for Prometheus to be configured with. + type: string + nodeSelector: + additionalProperties: + type: string + description: Define which Nodes the Pods are scheduled on. + type: object + overrideHonorLabels: + description: OverrideHonorLabels if set to true overrides all user configured + honor_labels. If HonorLabels is set in ServiceMonitor or PodMonitor + to true, this overrides honor_labels to false. + type: boolean + overrideHonorTimestamps: + description: OverrideHonorTimestamps allows to globally enforce honoring + timestamps in all scrape configs. + type: boolean + paused: + description: When a Prometheus deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + Metadata Labels and Annotations gets propagated to the prometheus + pods.' + type: object + podMonitorNamespaceSelector: + description: Namespaces to be selected for PodMonitor discovery. If + nil, only check own namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: volumeDevice describes a mapping of a raw block - device within a container. + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. + key: + description: key is the label key that the selector applies + to. type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array required: - - devicePath - - name + - key + - operator type: object type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + podMonitorSelector: + description: '*Experimental* PodMonitors to be selected for target discovery.' + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: VolumeMount describes a mounting of a Volume within - a container. + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + key: + description: key is the label key that the selector applies + to. type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array required: - - mountPath - - name + - key + - operator type: object type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object type: object - type: array - disableCompaction: - description: Disable prometheus compaction. - type: boolean - enableAdminAPI: - description: 'Enable access to prometheus web admin API. Defaults to - the value of `false`. WARNING: Enabling the admin APIs enables mutating - endpoints, to delete data, shutdown Prometheus, and more. Enabling - this should be done with care and the user is advised to add additional - authentication authorization via a proxy to ensure only clients authorized - to perform these actions can do so. For more information see https://prometheus.io/docs/prometheus/latest/querying/api/#tsdb-admin-apis' - type: boolean - enforcedNamespaceLabel: - description: EnforcedNamespaceLabel enforces adding a namespace label - of origin for each alert and metric that is user created. The label - value will always be the namespace of the object that is being created. - type: string - evaluationInterval: - description: Interval between consecutive evaluations. - type: string - externalLabels: - additionalProperties: + portName: + description: Port name used for the pods and governing service. This + defaults to web type: string - description: The labels to add to any time series or alerts when communicating - with external systems (federation, remote storage, Alertmanager). - type: object - externalUrl: - description: The external URL the Prometheus instances will be available - under. This is necessary to generate correct URLs. This is necessary - if Prometheus is not served from root of a DNS name. - type: string - ignoreNamespaceSelectors: - description: IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector - settings from the podmonitor and servicemonitor configs, and they - will only discover endpoints within their current namespace. Defaults - to false. - type: boolean - image: - description: Image if specified has precedence over baseImage, tag and - sha combinations. Specifying the version is still necessary to ensure - the Prometheus Operator knows what version of Prometheus is being - configured. - type: string - imagePullSecrets: - description: An optional list of references to secrets in the same namespace - to use for pulling prometheus and alertmanager images from registries - see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod - items: - description: LocalObjectReference contains enough information to let - you locate the referenced object inside the same namespace. + priorityClassName: + description: Priority class assigned to the Pods + type: string + prometheusExternalLabelName: + description: Name of Prometheus external label used to denote Prometheus + instance name. Defaults to the value of `prometheus`. External label + will _not_ be added when value is set to empty string (`""`). + type: string + query: + description: QuerySpec defines the query command line flags when starting + Prometheus. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + lookbackDelta: + description: The delta difference allowed for retrieving metrics + during expression evaluations. + type: string + maxConcurrency: + description: Number of concurrent queries that can be run at once. + format: int32 + type: integer + maxSamples: + description: Maximum number of samples a single query can load into + memory. Note that queries will fail if they would load more samples + than this into memory, so this also limits the number of samples + a query can return. + format: int32 + type: integer + timeout: + description: Maximum time a query may take before being aborted. type: string type: object - type: array - initContainers: - description: 'InitContainers allows adding initContainers to the pod - definition. Those can be used to e.g. fetch secrets for injection - into the Prometheus configuration from external sources. Any errors - during the execution of an initContainer will lead to a restart of - the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - Using initContainers for any use case other then secret fetching is - entirely outside the scope of what the maintainers will support and - by doing so, you accept that this behaviour may break at any time - without notice.' - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + remoteRead: + description: If specified, the remote_read spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteReadSpec defines the remote_read configuration + for prometheus. + properties: + basicAuth: + description: BasicAuth for the URL. properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + password: + description: The secret in the service monitor namespace that + contains the password for authentication. properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + bearerToken: + description: bearer token for remote read. + type: string + bearerTokenFile: + description: File to read bearer token for remote read. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + readRecent: + description: Whether reads should be made for queries for time + ranges that the local storage should have complete data for. + type: boolean + remoteTimeout: + description: Timeout for requests to the remote read endpoint. + type: string + requiredMatchers: + additionalProperties: + type: string + description: An optional list of equality matchers which have + to be present in a selector to query the remote read endpoint. + type: object + tlsConfig: + description: TLS Config to use for remote read. + properties: + ca: + description: Stuct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names @@ -2306,3489 +3483,2311 @@ spec: - key type: object type: object - required: - - name + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. + type: string + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. + type: string + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. + type: string type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + url: + description: The URL of the endpoint to send samples to. + type: string + required: + - url + type: object + type: array + remoteWrite: + description: If specified, the remote_write spec. This is an experimental + feature, it may change in any upcoming release in a breaking way. + items: + description: RemoteWriteSpec defines the remote_write configuration + for prometheus. + properties: + basicAuth: + description: BasicAuth for the URL. properties: - configMapRef: - description: The ConfigMap to select from + password: + description: The secret in the service monitor namespace that + contains the password for authentication. properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: - description: Specify whether the ConfigMap must be defined + description: Specify whether the Secret or its key must + be defined type: boolean + required: + - key type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + username: + description: The secret in the service monitor namespace that + contains the username for authentication. properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' type: string optional: - description: Specify whether the Secret must be defined + description: Specify whether the Secret or its key must + be defined type: boolean + required: + - key type: object type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + bearerToken: + description: File to read bearer token for remote write. + type: string + bearerTokenFile: + description: File to read bearer token for remote write. + type: string + proxyUrl: + description: Optional ProxyURL + type: string + queueConfig: + description: QueueConfig allows tuning of the remote write queue + parameters. properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. + batchSendDeadline: + description: BatchSendDeadline is the maximum time a sample + will wait in buffer. type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. - format: int32 + capacity: + description: Capacity is the number of samples to buffer per + shard before we start dropping them. type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. + maxBackoff: + description: MaxBackoff is the maximum retry delay. type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". + maxRetries: + description: MaxRetries is the maximum number of times to + retry a batch on recoverable errors. + type: integer + maxSamplesPerSend: + description: MaxSamplesPerSend is the maximum number of samples + per send. + type: integer + maxShards: + description: MaxShards is the maximum number of shards, i.e. + amount of concurrency. + type: integer + minBackoff: + description: MinBackoff is the initial retry delay. Gets doubled + for every retry. type: string - required: - - containerPort + minShards: + description: MinShards is the minimum number of shards, i.e. + amount of concurrency. + type: integer type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes + remoteTimeout: + description: Timeout for requests to the remote write endpoint. + type: string + tlsConfig: + description: TLS Config to use for remote write. + properties: + ca: + description: Stuct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. properties: + key: + description: The key to select. + type: string name: - description: The header field name + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. type: string - value: - description: The header field value + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean required: - - name - - value + - key type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. + type: string + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. + type: string + type: object + url: + description: The URL of the endpoint to send samples to. + type: string + writeRelabelConfigs: + description: The list of remote write relabel configurations. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' properties: - level: - description: Level is SELinux level label that applies - to the container. + action: + description: Action to perform based on regex matching. + Default is 'replace' type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. + separator: + description: Separator placed between concatenated source + label values. default is ';'. type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. items: type: string type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer + type: array + required: + - url + type: object + type: array + replicaExternalLabelName: + description: Name of Prometheus external label used to denote replica + name. Defaults to the value of `prometheus_replica`. External label + will _not_ be added when value is set to empty string (`""`). + type: string + replicas: + description: Number of instances to deploy for a Prometheus deployment. + format: int32 + type: integer + resources: + description: Define resources requests and limits for single Pods. + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + retention: + description: Time duration Prometheus shall retain data for. Default + is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + type: string + retentionSize: + description: Maximum amount of disk space used by blocks. + type: string + routePrefix: + description: The route prefix Prometheus registers HTTP handlers for. + This is useful, if using ExternalURL and a proxy is rewriting HTTP + routes of a request, and the actual ExternalURL is still true, but + the server serves requests under a different route prefix. For example + for use with `kubectl proxy`. + type: string + ruleNamespaceSelector: + description: Namespaces to be selected for PrometheusRules discovery. + If unspecified, only the same namespace as the Prometheus object is + in is used. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: volumeDevice describes a mapping of a raw block - device within a container. + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. + key: + description: key is the label key that the selector applies + to. type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array required: - - devicePath - - name + - key + - operator type: object type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + ruleSelector: + description: A selector to select which PrometheusRules to mount for + loading alerting rules from. Until (excluding) Prometheus Operator + v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps + to PrometheusRule custom resources selected by RuleSelector. Make + sure it does not match any config maps that you do not want to be + migrated. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: VolumeMount describes a mounting of a Volume within - a container. + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + key: + description: key is the label key that the selector applies + to. type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array required: - - mountPath - - name + - key + - operator type: object type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object type: object - type: array - listenLocal: - description: ListenLocal makes the Prometheus server listen on loopback, - so that it does not bind against the Pod IP. - type: boolean - logFormat: - description: Log format for Prometheus to be configured with. - type: string - logLevel: - description: Log level for Prometheus to be configured with. - type: string - nodeSelector: - additionalProperties: - type: string - description: Define which Nodes the Pods are scheduled on. - type: object - overrideHonorLabels: - description: OverrideHonorLabels if set to true overrides all user configured - honor_labels. If HonorLabels is set in ServiceMonitor or PodMonitor - to true, this overrides honor_labels to false. - type: boolean - overrideHonorTimestamps: - description: OverrideHonorTimestamps allows to globally enforce honoring - timestamps in all scrape configs. - type: boolean - paused: - description: When a Prometheus deployment is paused, no actions except - for deletion will be performed on the underlying objects. - type: boolean - podMetadata: - description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata - Metadata Labels and Annotations gets propagated to the prometheus - pods.' - type: object - podMonitorNamespaceSelector: - description: Namespaces to be selected for PodMonitor discovery. If - nil, only check own namespace. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. + rules: + description: /--rules.*/ command-line arguments. + properties: + alert: + description: /--rules.alert.*/ command-line arguments properties: - key: - description: key is the label key that the selector applies - to. + forGracePeriod: + description: Minimum duration between alert and restored 'for' + state. This is maintained only for alerts with configured + 'for' time greater than grace period. type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. + forOutageTolerance: + description: Max time to tolerate prometheus outage for restoring + 'for' state of alert. + type: string + resendDelay: + description: Minimum amount of time to wait before resending + an alert to Alertmanager. type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - podMonitorSelector: - description: '*Experimental* PodMonitors to be selected for target discovery.' - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. + type: object + scrapeInterval: + description: Interval between consecutive scrapes. + type: string + secrets: + description: Secrets is a list of Secrets in the same namespace as the + Prometheus object, which shall be mounted into the Prometheus Pods. + The Secrets are mounted into /etc/prometheus/secrets/. + items: + type: string + type: array + securityContext: + description: SecurityContext holds pod-level security attributes and + common container settings. This defaults to the default PodSecurityContext. + properties: + fsGroup: + description: "A special supplemental group that applies to all containers + in a pod. Some volume types allow the Kubelet to change the ownership + of that volume to be owned by the pod: \n 1. The owning GID will + be the FSGroup 2. The setgid bit is set (new files created in + the volume will be owned by FSGroup) 3. The permission bits are + OR'd with rw-rw---- \n If unset, the Kubelet will not modify the + ownership and permissions of any volume." + format: int64 + type: integer + runAsGroup: + description: The GID to run the entrypoint of the container process. + Uses runtime default if unset. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail to start + the container if it does. If unset or false, no such validation + will be performed. May also be set in SecurityContext. If set + in both SecurityContext and PodSecurityContext, the value specified + in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container process. + Defaults to user specified in image metadata if unspecified. May + also be set in SecurityContext. If set in both SecurityContext + and PodSecurityContext, the value specified in SecurityContext + takes precedence for that container. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to all containers. + If unspecified, the container runtime will allocate a random SELinux + context for each container. May also be set in SecurityContext. If + set in both SecurityContext and PodSecurityContext, the value + specified in SecurityContext takes precedence for that container. properties: - key: - description: key is the label key that the selector applies - to. + level: + description: Level is SELinux level label that applies to the + container. type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. + role: + description: Role is a SELinux role label that applies to the + container. + type: string + type: + description: Type is a SELinux type label that applies to the + container. + type: string + user: + description: User is a SELinux user label that applies to the + container. type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - portName: - description: Port name used for the pods and governing service. This - defaults to web - type: string - priorityClassName: - description: Priority class assigned to the Pods - type: string - prometheusExternalLabelName: - description: Name of Prometheus external label used to denote Prometheus - instance name. Defaults to the value of `prometheus`. External label - will _not_ be added when value is set to empty string (`""`). - type: string - query: - description: QuerySpec defines the query command line flags when starting - Prometheus. - properties: - lookbackDelta: - description: The delta difference allowed for retrieving metrics - during expression evaluations. - type: string - maxConcurrency: - description: Number of concurrent queries that can be run at once. - format: int32 - type: integer - maxSamples: - description: Maximum number of samples a single query can load into - memory. Note that queries will fail if they would load more samples - than this into memory, so this also limits the number of samples - a query can return. - format: int32 - type: integer - timeout: - description: Maximum time a query may take before being aborted. - type: string - type: object - remoteRead: - description: If specified, the remote_read spec. This is an experimental - feature, it may change in any upcoming release in a breaking way. - items: - description: RemoteReadSpec defines the remote_read configuration - for prometheus. - properties: - basicAuth: - description: BasicAuth for the URL. + supplementalGroups: + description: A list of groups applied to the first process run in + each container, in addition to the container's primary GID. If + unspecified, no groups will be added to any container. + items: + format: int64 + type: integer + type: array + sysctls: + description: Sysctls hold a list of namespaced sysctls used for + the pod. Pods with unsupported sysctls (by the container runtime) + might fail to launch. + items: + description: Sysctl defines a kernel parameter to be set + properties: + name: + description: Name of a property to set + type: string + value: + description: Value of a property to set + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + description: The Windows specific settings applied to all containers. + If unspecified, the options within a container's SecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. properties: - password: - description: The secret in the service monitor namespace that - contains the password for authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - username: - description: The secret in the service monitor namespace that - contains the username for authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named by + the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the GMSA + credential spec to use. This field is alpha-level and is only + honored by servers that enable the WindowsGMSA feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint of + the container process. Defaults to the user specified in image + metadata if unspecified. May also be set in PodSecurityContext. + If set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. This + field is alpha-level and it is only honored by servers that + enable the WindowsRunAsUserName feature flag. + type: string + type: object + type: object + serviceAccountName: + description: ServiceAccountName is the name of the ServiceAccount to + use to run the Prometheus Pods. + type: string + serviceMonitorNamespaceSelector: + description: Namespaces to be selected for ServiceMonitor discovery. + If nil, only check own namespace. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. type: object - bearerToken: - description: bearer token for remote read. - type: string - bearerTokenFile: - description: File to read bearer token for remote read. - type: string - proxyUrl: - description: Optional ProxyURL - type: string - readRecent: - description: Whether reads should be made for queries for time - ranges that the local storage should have complete data for. - type: boolean - remoteTimeout: - description: Timeout for requests to the remote read endpoint. - type: string - requiredMatchers: + type: object + serviceMonitorSelector: + description: ServiceMonitors to be selected for target discovery. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: additionalProperties: type: string - description: An optional list of equality matchers which have - to be present in a selector to query the remote read endpoint. + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. type: object - tlsConfig: - description: TLS Config to use for remote read. + type: object + sha: + description: SHA of Prometheus container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. + type: string + storage: + description: Storage spec to specify how storage shall be used. + properties: + emptyDir: + description: 'EmptyDirVolumeSource to be used by the Prometheus + StatefulSets. If specified, used in place of any volumeClaimTemplate. + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' properties: - ca: - description: Stuct containing the CA cert to use for the targets. + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. More + info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the Prometheus StatefulSets. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: 'Spec defines the desired characteristics of a + volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: - configMap: - description: ConfigMap containing data to use for the - targets. + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + dataSource: + description: This field requires the VolumeSnapshotDataSource + alpha feature gate to be enabled and currently VolumeSnapshot + is the only supported data source. If the provisioner + can support VolumeSnapshot data source, it will create + a new volume and data will be restored to the volume at + the same time. If the provisioner does not support VolumeSnapshot + data source, volume will not be created and the failure + will be reported as an event. In the future, we plan to + support more data source types and the behavior of the + provisioner may change. properties: - key: - description: The key to select. + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + kind: + description: Kind is the type of resource being referenced type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: Name is the name of resource being referenced type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean required: - - key + - kind + - name type: object - type: object - caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. + resources: + description: 'Resources represents the minimum resources + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object type: object - secret: - description: Secret containing data to use for the targets. + selector: + description: A label query over volumes to consider for + binding. properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is a beta feature. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string type: object - certFile: - description: Path to the client cert file in the Prometheus - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the Prometheus - container for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. + status: + description: 'Status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + additionalProperties: + type: string + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. + items: + description: PersistentVolumeClaimCondition contails details + about state of pvc + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. + type: string + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType is + a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + phase: + description: Phase represents the current phase of PersistentVolumeClaim. type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key type: object - serverName: - description: Used to verify the hostname for the targets. - type: string type: object - url: - description: The URL of the endpoint to send samples to. - type: string - required: - - url type: object - type: array - remoteWrite: - description: If specified, the remote_write spec. This is an experimental - feature, it may change in any upcoming release in a breaking way. - items: - description: RemoteWriteSpec defines the remote_write configuration - for prometheus. + tag: + description: Tag of Prometheus container image to be deployed. Defaults + to the value of `version`. Version is ignored if Tag is set. + type: string + thanos: + description: "Thanos configuration allows configuring various aspects + of a Prometheus server in a Thanos environment. \n This section is + experimental, it may change significantly without deprecation notice + in any release. \n This is experimental and may change significantly + without backward compatibility in any release." properties: - basicAuth: - description: BasicAuth for the URL. + baseImage: + description: Thanos base image if other than default. + type: string + image: + description: Image if specified has precedence over baseImage, tag + and sha combinations. Specifying the version is still necessary + to ensure the Prometheus Operator knows what version of Thanos + is being configured. + type: string + listenLocal: + description: ListenLocal makes the Thanos sidecar listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + objectStorageConfig: + description: ObjectStorageConfig configures object storage in Thanos. properties: - password: - description: The secret in the service monitor namespace that - contains the password for authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - username: - description: The secret in the service monitor namespace that - contains the username for authentication. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - type: object - bearerToken: - description: File to read bearer token for remote write. - type: string - bearerTokenFile: - description: File to read bearer token for remote write. - type: string - proxyUrl: - description: Optional ProxyURL - type: string - queueConfig: - description: QueueConfig allows tuning of the remote write queue - parameters. - properties: - batchSendDeadline: - description: BatchSendDeadline is the maximum time a sample - will wait in buffer. - type: string - capacity: - description: Capacity is the number of samples to buffer per - shard before we start dropping them. - type: integer - maxBackoff: - description: MaxBackoff is the maximum retry delay. + key: + description: The key of the secret to select from. Must be + a valid secret key. type: string - maxRetries: - description: MaxRetries is the maximum number of times to - retry a batch on recoverable errors. - type: integer - maxSamplesPerSend: - description: MaxSamplesPerSend is the maximum number of samples - per send. - type: integer - maxShards: - description: MaxShards is the maximum number of shards, i.e. - amount of concurrency. - type: integer - minBackoff: - description: MinBackoff is the initial retry delay. Gets doubled - for every retry. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - minShards: - description: MinShards is the minimum number of shards, i.e. - amount of concurrency. - type: integer + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key type: object - remoteTimeout: - description: Timeout for requests to the remote write endpoint. - type: string - tlsConfig: - description: TLS Config to use for remote write. + resources: + description: Resources defines the resource requirements for the + Thanos sidecar. If not provided, no requests/limits will be set properties: - ca: - description: Stuct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object - certFile: - description: Path to the client cert file in the Prometheus - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the Prometheus - container for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' type: object - serverName: - description: Used to verify the hostname for the targets. - type: string type: object - url: - description: The URL of the endpoint to send samples to. + sha: + description: SHA of Thanos container image to be deployed. Defaults + to the value of `version`. Similar to a tag, but the SHA explicitly + deploys an immutable container image. Version and Tag are ignored + if SHA is set. type: string - writeRelabelConfigs: - description: The list of remote write relabel configurations. - items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It defines - ``-section of Prometheus configuration. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + tag: + description: Tag of Thanos sidecar container image to be deployed. + Defaults to the value of `version`. Version is ignored if Tag + is set. + type: string + version: + description: Version describes the version of Thanos to use. + type: string + type: object + tolerations: + description: If specified, the pod's tolerations. + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, operator + must be Exists; this combination means to match all values and + all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. + Valid operators are Exists and Equal. Defaults to Equal. Exists + is equivalent to wildcard for value, so that a pod can tolerate + all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the + toleration (which must be of effect NoExecute, otherwise this + field is ignored) tolerates the taint. By default, it is not + set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) + by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches to. + If the operator is Exists, the value should be empty, otherwise + just a regular string. + type: string + type: object + type: array + version: + description: Version of Prometheus to be deployed. + type: string + volumes: + description: Volumes allows configuration of additional volumes on the + output StatefulSet definition. Volumes specified will be appended + to other volumes that are generated as a result of StorageSpec objects. + items: + description: Volume represents a named volume in a pod that may be + accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising + the machine' type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty).' + format: int32 type: integer - regex: - description: Regular expression against which the extracted - value is matched. Default is '(.*)' + readOnly: + description: 'Specify "true" to force and set the ReadOnly + property in VolumeMounts to "true". If omitted, the default + is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource in + AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: string + required: + - volumeID + type: object + azureDisk: + description: AzureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. + properties: + cachingMode: + description: 'Host Caching mode: None, Read Only, Read Write.' + type: string + diskName: + description: The Name of the data disk in the blob storage + type: string + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string - replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + kind: + description: 'Expected values Shared: multiple blob disks + per storage account Dedicated: single blob disk per storage + account Managed: azure managed data disk (only in managed + availability set). defaults to shared' type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + description: AzureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure Storage + Account Name and Key + type: string + shareName: + description: Share Name type: string - sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - separator and matched against the configured regular expression - for the replace, keep, and drop actions. + required: + - secretName + - shareName + type: object + cephfs: + description: CephFS represents a Ceph FS mount on the host that + shares a pod's lifetime + properties: + monitors: + description: 'Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array - targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + path: + description: 'Optional: Used as the mounted root, rather than + the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to key ring + for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to the authentication + secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + user: + description: 'Optional: User is the rados user name, default + is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string + required: + - monitors type: object - type: array - required: - - url - type: object - type: array - replicaExternalLabelName: - description: Name of Prometheus external label used to denote replica - name. Defaults to the value of `prometheus_replica`. External label - will _not_ be added when value is set to empty string (`""`). - type: string - replicas: - description: Number of instances to deploy for a Prometheus deployment. - format: int32 - type: integer - resources: - description: Define resources requests and limits for single Pods. - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute resources - required. If Requests is omitted for a container, it defaults - to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - retention: - description: Time duration Prometheus shall retain data for. Default - is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` - (milliseconds seconds minutes hours days weeks years). - type: string - retentionSize: - description: Maximum amount of disk space used by blocks. - type: string - routePrefix: - description: The route prefix Prometheus registers HTTP handlers for. - This is useful, if using ExternalURL and a proxy is rewriting HTTP - routes of a request, and the actual ExternalURL is still true, but - the server serves requests under a different route prefix. For example - for use with `kubectl proxy`. - type: string - ruleNamespaceSelector: - description: Namespaces to be selected for PrometheusRules discovery. - If unspecified, only the same namespace as the Prometheus object is - in is used. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: + cinder: + description: 'Cinder represents a cinder volume attached and mounted + on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - ruleSelector: - description: A selector to select which PrometheusRules to mount for - loading alerting rules from. Until (excluding) Prometheus Operator - v0.24.0 Prometheus Operator will migrate any legacy rule ConfigMaps - to PrometheusRule custom resources selected by RuleSelector. Make - sure it does not match any config maps that you do not want to be - migrated. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object containing + parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - rules: - description: /--rules.*/ command-line arguments. - properties: - alert: - description: /--rules.alert.*/ command-line arguments - properties: - forGracePeriod: - description: Minimum duration between alert and restored 'for' - state. This is maintained only for alerts with configured - 'for' time greater than grace period. - type: string - forOutageTolerance: - description: Max time to tolerate prometheus outage for restoring - 'for' state of alert. - type: string - resendDelay: - description: Minimum amount of time to wait before resending - an alert to Alertmanager. - type: string - type: object - type: object - scrapeInterval: - description: Interval between consecutive scrapes. - type: string - secrets: - description: Secrets is a list of Secrets in the same namespace as the - Prometheus object, which shall be mounted into the Prometheus Pods. - The Secrets are mounted into /etc/prometheus/secrets/. - items: - type: string - type: array - securityContext: - description: SecurityContext holds pod-level security attributes and - common container settings. This defaults to the default PodSecurityContext. - properties: - fsGroup: - description: "A special supplemental group that applies to all containers - in a pod. Some volume types allow the Kubelet to change the ownership - of that volume to be owned by the pod: \n 1. The owning GID will - be the FSGroup 2. The setgid bit is set (new files created in - the volume will be owned by FSGroup) 3. The permission bits are - OR'd with rw-rw---- \n If unset, the Kubelet will not modify the - ownership and permissions of any volume." - format: int64 - type: integer - runAsGroup: - description: The GID to run the entrypoint of the container process. - Uses runtime default if unset. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail to start - the container if it does. If unset or false, no such validation - will be performed. May also be set in SecurityContext. If set - in both SecurityContext and PodSecurityContext, the value specified - in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container process. - Defaults to user specified in image metadata if unspecified. May - also be set in SecurityContext. If set in both SecurityContext - and PodSecurityContext, the value specified in SecurityContext - takes precedence for that container. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to all containers. - If unspecified, the container runtime will allocate a random SELinux - context for each container. May also be set in SecurityContext. If - set in both SecurityContext and PodSecurityContext, the value - specified in SecurityContext takes precedence for that container. - properties: - level: - description: Level is SELinux level label that applies to the - container. - type: string - role: - description: Role is a SELinux role label that applies to the - container. - type: string - type: - description: Type is a SELinux type label that applies to the - container. - type: string - user: - description: User is a SELinux user label that applies to the - container. - type: string - type: object - supplementalGroups: - description: A list of groups applied to the first process run in - each container, in addition to the container's primary GID. If - unspecified, no groups will be added to any container. - items: - format: int64 - type: integer - type: array - sysctls: - description: Sysctls hold a list of namespaced sysctls used for - the pod. Pods with unsupported sysctls (by the container runtime) - might fail to launch. - items: - description: Sysctl defines a kernel parameter to be set - properties: - name: - description: Name of a property to set - type: string - value: - description: Value of a property to set - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - description: The Windows specific settings applied to all containers. - If unspecified, the options within a container's SecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named by - the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the GMSA - credential spec to use. This field is alpha-level and is only - honored by servers that enable the WindowsGMSA feature flag. - type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint of - the container process. Defaults to the user specified in image - metadata if unspecified. May also be set in PodSecurityContext. - If set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. This - field is alpha-level and it is only honored by servers that - enable the WindowsRunAsUserName feature flag. - type: string - type: object - type: object - serviceAccountName: - description: ServiceAccountName is the name of the ServiceAccount to - use to run the Prometheus Pods. - type: string - serviceMonitorNamespaceSelector: - description: Namespaces to be selected for ServiceMonitor discovery. - If nil, only check own namespace. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - serviceMonitorSelector: - description: ServiceMonitors to be selected for target discovery. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - sha: - description: SHA of Prometheus container image to be deployed. Defaults - to the value of `version`. Similar to a tag, but the SHA explicitly - deploys an immutable container image. Version and Tag are ignored - if SHA is set. - type: string - storage: - description: Storage spec to specify how storage shall be used. - properties: - emptyDir: - description: 'EmptyDirVolumeSource to be used by the Prometheus - StatefulSets. If specified, used in place of any volumeClaimTemplate. - More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' - properties: - medium: - description: 'What type of storage medium should back this directory. - The default is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. The - default is nil which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the Prometheus StatefulSets. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + required: + - volumeID type: object - spec: - description: 'Spec defines the desired characteristics of a - volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + configMap: + description: ConfigMap represents a configMap that should populate + this volume properties: - accessModes: - description: 'AccessModes contains the desired access modes - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the Data + field of the referenced ConfigMap will be projected into + the volume as a file whose name is the key and content is + the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the + ConfigMap, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. items: - type: string + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object type: array - dataSource: - description: This field requires the VolumeSnapshotDataSource - alpha feature gate to be enabled and currently VolumeSnapshot - is the only supported data source. If the provisioner - can support VolumeSnapshot data source, it will create - a new volume and data will be restored to the volume at - the same time. If the provisioner does not support VolumeSnapshot - data source, volume will not be created and the failure - will be reported as an event. In the future, we plan to - support more data source types and the behavior of the - provisioner may change. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap or its keys must + be defined + type: boolean + type: object + csi: + description: CSI (Container Storage Interface) represents storage + that is handled by an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. + type: string + fsType: + description: Filesystem type to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed to the + associated CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference to the secret + object containing sensitive information to pass to the CSI + driver to complete the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be empty if no secret + is required. If the secret object contains more than one + secret, all secret references are passed. properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, the - specified Kind must be in the core API group. For - any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string name: - description: Name is the name of resource being referenced + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - kind - - name type: object - resources: - description: 'Resources represents the minimum resources - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object + readOnly: + description: Specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: + type: string + description: VolumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. type: object - selector: - description: A label query over volumes to consider for - binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are supported.' properties: - key: - description: key is the label key that the selector - applies to. + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. + fieldPath: + description: Path of the field to select in the + specified API version. type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array required: - - key - - operator + - fieldPath type: object - type: array - matchLabels: - additionalProperties: + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path name + of the file to be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 encoded. The + first item of the relative path must not start with + ''..''' type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object - type: object - storageClassName: - description: 'Name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume is required - by the claim. Value of Filesystem is implied when not - included in claim spec. This is a beta feature. + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory that shares + a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should back this + directory. The default is "" which means to use the node''s + default medium. Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' type: string - volumeName: - description: VolumeName is the binding reference to the - PersistentVolume backing this claim. + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' type: string type: object - status: - description: 'Status represents the current information/status - of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + fc: + description: FC represents a Fibre Channel resource that is attached + to a kubelet's host machine and then exposed to the pod. properties: - accessModes: - description: 'AccessModes contains the actual access modes - the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names (WWNs)' items: type: string type: array - capacity: - additionalProperties: + wwids: + description: 'Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be + set, but not both simultaneously.' + items: type: string - description: Represents the actual resources of the underlying + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume resource that + is provisioned/attached using an exec based plugin. + properties: + driver: + description: Driver is the name of the driver to use for this volume. + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to the secret + object containing sensitive information to pass to the plugin + scripts. This may be empty if no secret object is specified. + If the secret object contains more than one secret, all + secrets are passed to the plugin scripts.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string type: object - conditions: - description: Current Condition of persistent volume claim. - If underlying persistent volume is being resized then - the Condition will be set to 'ResizeStarted'. + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached to a + kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: Name of the dataset stored as metadata -> name + on the dataset for Flocker should be considered as deprecated + type: string + datasetUUID: + description: UUID of the dataset. This is unique identifier + of a Flocker dataset + type: string + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in GCE. Used + to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision a + container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: Target directory name. Must not contain or start + with '..'. If '.' is supplied, the volume directory will + be the git repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory with + the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount on the host + that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. If the path + is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to the + pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, new iSCSI + interface : will be created + for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal is either + an IP or ip_addr:port if the port is other than default + (typically TCP ports 860 and 3260). items: - description: PersistentVolumeClaimCondition contails details - about state of pvc - properties: - lastProbeTime: - description: Last time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transitioned - from one status to another. - format: date-time - type: string - message: - description: Human-readable message indicating details - about last transition. - type: string - reason: - description: Unique, this should be a short, machine - understandable string that gives the reason for - condition's last transition. If it reports "ResizeStarted" - that means the underlying persistent volume is being - resized. - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is - a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object + type: string type: array - phase: - description: Phase represents the current phase of PersistentVolumeClaim. + readOnly: + description: ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator authentication + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is either an + IP or ip_addr:port if the port is other than default (typically + TCP ports 860 and 3260). type: string + required: + - iqn + - lun + - targetPortal type: object - type: object - type: object - tag: - description: Tag of Prometheus container image to be deployed. Defaults - to the value of `version`. Version is ignored if Tag is set. - type: string - thanos: - description: "Thanos configuration allows configuring various aspects - of a Prometheus server in a Thanos environment. \n This section is - experimental, it may change significantly without deprecation notice - in any release. \n This is experimental and may change significantly - without backward compatibility in any release." - properties: - baseImage: - description: Thanos base image if other than default. - type: string - image: - description: Image if specified has precedence over baseImage, tag - and sha combinations. Specifying the version is still necessary - to ensure the Prometheus Operator knows what version of Thanos - is being configured. - type: string - listenLocal: - description: ListenLocal makes the Thanos sidecar listen on loopback, - so that it does not bind against the Pod IP. - type: boolean - objectStorageConfig: - description: ObjectStorageConfig configures object storage in Thanos. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: 'Volume''s name. Must be a DNS_LABEL and unique within + the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - resources: - description: Resources defines the resource requirements for the - Thanos sidecar. If not provided, no requests/limits will be set - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + nfs: + description: 'NFS represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export to be + mounted with read-only permissions. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents a reference + to a PersistentVolumeClaim in the same namespace. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName type: object - type: object - sha: - description: SHA of Thanos container image to be deployed. Defaults - to the value of `version`. Similar to a tag, but the SHA explicitly - deploys an immutable container image. Version and Tag are ignored - if SHA is set. - type: string - tag: - description: Tag of Thanos sidecar container image to be deployed. - Defaults to the value of `version`. Version is ignored if Tag - is set. - type: string - version: - description: Version describes the version of Thanos to use. - type: string - type: object - tolerations: - description: If specified, the pod's tolerations. - items: - description: The pod this Toleration is attached to tolerates any - taint that matches the triple using the matching - operator . - properties: - effect: - description: Effect indicates the taint effect to match. Empty - means match all taint effects. When specified, allowed values - are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, operator - must be Exists; this combination means to match all values and - all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. - Valid operators are Exists and Equal. Defaults to Equal. Exists - is equivalent to wildcard for value, so that a pod can tolerate - all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the - toleration (which must be of effect NoExecute, otherwise this - field is ignored) tolerates the taint. By default, it is not - set, which means tolerate the taint forever (do not evict). - Zero and negative values will be treated as 0 (evict immediately) - by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches to. - If the operator is Exists, the value should be empty, otherwise - just a regular string. - type: string - type: object - type: array - version: - description: Version of Prometheus to be deployed. - type: string - volumes: - description: Volumes allows configuration of additional volumes on the - output StatefulSet definition. Volumes specified will be appended - to other volumes that are generated as a result of StorageSpec objects. - items: - description: Volume represents a named volume in a pod that may be - accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'AWSElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'Specify "true" to force and set the ReadOnly - property in VolumeMounts to "true". If omitted, the default - is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'Unique ID of the persistent disk resource in - AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: AzureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'Host Caching mode: None, Read Only, Read Write.' - type: string - diskName: - description: The Name of the data disk in the blob storage - type: string - diskURI: - description: The URI the data disk in the blob storage - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - kind: - description: 'Expected values Shared: multiple blob disks - per storage account Dedicated: single blob disk per storage - account Managed: azure managed data disk (only in managed - availability set). defaults to shared' - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: AzureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: the name of secret that contains Azure Storage - Account Name and Key - type: string - shareName: - description: Share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: CephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'Required: Monitors is a collection of Ceph monitors - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. type: string - type: array - path: - description: 'Optional: Used as the mounted root, rather than - the full Ceph tree, default is /' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'Optional: SecretFile is the path to key ring - for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'Optional: SecretRef is reference to the authentication - secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'Optional: User is the rados user name, default - is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'Cinder represents a cinder volume attached and mounted - on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'Optional: points to a secret object containing - parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + pdID: + description: ID that identifies Photon Controller persistent + disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, configmaps, + and downward API + properties: + defaultMode: + description: Mode bits to use on created files by default. + Must be a value between 0 and 0777. Directories within the + path are not affected by this setting. This might be in + conflict with other options that affect the file mode, like + fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: information about the configMap data to + project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI data + to project + properties: + items: + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format + of the exposed resources, defaults to + "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret data to project + properties: + items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended audience of + the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the requested + duration of validity of the service account token. + As the token approaches expiration, the kubelet + volume plugin will proactively rotate the service + account token. The kubelet will start trying to + rotate the token if the token is older than 80 + percent of its time to live or if the token is + older than 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative to the mount + point of the file to project the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the host that + shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default is no group + type: string + readOnly: + description: ReadOnly here will force the Quobyte volume to + be mounted with read-only permissions. Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: User to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: Volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: type: string - type: object - volumeID: - description: 'volume id used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: ConfigMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced ConfigMap will be projected into - the volume as a file whose name is the key and content is - the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the - ConfigMap, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. + type: array + pool: + description: 'The rados pool name. Default is rbd. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - key - - path type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its keys must - be defined - type: boolean - type: object - csi: - description: CSI (Container Storage Interface) represents storage - that is handled by an external CSI driver (Alpha feature). - properties: - driver: - description: Driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: Filesystem type to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed to the - associated CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: NodePublishSecretRef is a reference to the secret - object containing sensitive information to pass to the CSI - driver to complete the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be empty if no secret - is required. If the secret object contains more than one - secret, all secret references are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - readOnly: - description: Specifies a read-only configuration for the volume. - Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: + user: + description: 'The rados user name. Default is admin. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' type: string - description: VolumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: DownwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file - items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: The host address of the ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection Domain for + the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative path name - of the file to be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 encoded. The - first item of the relative path must not start with - ''..''' + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path type: object - type: array - type: object - emptyDir: - description: 'EmptyDir represents a temporary directory that shares - a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'What type of storage medium should back this - directory. The default is "" which means to use the node''s - default medium. Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - fc: - description: FC represents a Fibre Channel resource that is attached - to a kubelet's host machine and then exposed to the pod. - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - lun: - description: 'Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'Optional: FC target worldwide names (WWNs)' - items: + sslEnabled: + description: Flag to enable/disable SSL communication with + Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a volume should + be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. type: string - type: array - wwids: - description: 'Optional: FC volume world wide identifiers (wwids) - Either wwids or combination of targetWWNs and lun must be - set, but not both simultaneously.' - items: + storagePool: + description: The ScaleIO Storage Pool associated with the + protection domain. type: string - type: array - type: object - flexVolume: - description: FlexVolume represents a generic volume resource that - is provisioned/attached using an exec based plugin. - properties: - driver: - description: Driver is the name of the driver to use for this - volume. - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends on FlexVolume - script. - type: string - options: - additionalProperties: + system: + description: The name of the storage system as configured + in ScaleIO. type: string - description: 'Optional: Extra command options if any.' - type: object - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'Optional: SecretRef is reference to the secret - object containing sensitive information to pass to the plugin - scripts. This may be empty if no secret object is specified. - If the secret object contains more than one secret, all - secrets are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: Flocker represents a Flocker volume attached to a - kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: Name of the dataset stored as metadata -> name - on the dataset for Flocker should be considered as deprecated - type: string - datasetUUID: - description: UUID of the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'GCEPersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'Unique name of the PD resource in GCE. Used - to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision a - container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: Target directory name. Must not contain or start - with '..'. If '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory with - the given name. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'Glusterfs represents a Glusterfs mount on the host - that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'EndpointsName is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'Path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'ReadOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to false. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'HostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'Path of the directory on the host. If the path - is a symlink, it will follow the link to the real path. - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'Type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'ISCSI represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to the - pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - initiatorName: - description: Custom iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, new iSCSI - interface : will be created - for the connection. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses an iSCSI transport. - Defaults to 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. The portal is either - an IP or ip_addr:port if the port is other than default - (typically TCP ports 860 and 3260). - items: + volumeName: + description: The name of a volume already created in the ScaleIO + system that is associated with this volume source. type: string - type: array - readOnly: - description: ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - targetPortal: - description: iSCSI Target Portal. The Portal is either an - IP or ip_addr:port if the port is other than default (typically - TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL and unique within - the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'NFS represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'Path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'ReadOnly here will force the NFS export to be - mounted with read-only permissions. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'Server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource represents a reference - to a PersistentVolumeClaim in the same namespace. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: Will force the ReadOnly setting in VolumeMounts. - Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: PhotonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - pdID: - description: ID that identifies Photon Controller persistent - disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: FSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources secrets, configmaps, - and downward API - properties: - defaultMode: - description: Mode bits to use on created files by default. - Must be a value between 0 and 0777. Directories within the - path are not affected by this setting. This might be in - conflict with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected along with - other supported volume types - properties: - configMap: - description: information about the configMap data to - project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - downwardAPI: - description: information about the downwardAPI data - to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file - items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field - properties: - fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - description: Specifies the output format - of the exposed resources, defaults to - "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the secret data to project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced Secret will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. - items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the serviceAccountToken - data to project - properties: - audience: - description: Audience is the intended audience of - the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: ExpirationSeconds is the requested - duration of validity of the service account token. - As the token approaches expiration, the kubelet - volume plugin will proactively rotate the service - account token. The kubelet will start trying to - rotate the token if the token is older than 80 - percent of its time to live or if the token is - older than 24 hours.Defaults to 1 hour and must - be at least 10 minutes. - format: int64 - type: integer - path: - description: Path is the path relative to the mount - point of the file to project the token into. - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - description: Quobyte represents a Quobyte mount on the host that - shares a pod's lifetime - properties: - group: - description: Group to map volume access to Default is no group - type: string - readOnly: - description: ReadOnly here will force the Quobyte volume to - be mounted with read-only permissions. Defaults to false. - type: boolean - registry: - description: Registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: Tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: User to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: Volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'RBD represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - image: - description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'Keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer items: + description: If unspecified, each key-value pair in the Data + field of the referenced Secret will be projected into the + volume as a file whose name is the key and content is the + value. If specified, the listed keys will be projected into + the specified paths, and unlisted keys will not be present. + If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' path + or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys must be + defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' type: string - type: array - pool: - description: 'The rados pool name. Default is rbd. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'SecretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is nil. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'The rados user name. Default is admin. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: The host address of the ScaleIO API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection Domain for - the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL communication with - Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage for a volume should - be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated with the - protection domain. - type: string - system: - description: The name of the storage system as configured - in ScaleIO. - type: string - volumeName: - description: The name of a volume already created in the ScaleIO - system that is associated with this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced Secret will be projected into the - volume as a file whose name is the key and content is the - value. If specified, the listed keys will be projected into - the specified paths, and unlisted keys will not be present. - If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' path - or start with '..'. - items: - description: Maps a string key to a path within a volume. + type: object + storageos: + description: StorageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - key - - path type: object - type: array - optional: - description: Specify whether the Secret or its keys must be - defined - type: boolean - secretName: - description: 'Name of the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeName: - description: VolumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within a - namespace. - type: string - volumeNamespace: - description: VolumeNamespace specifies the scope of the volume - within StorageOS. If no namespace is specified then the - Pod's namespace will be used. This allows the Kubernetes - name scoping to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override the - default behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - storagePolicyID: - description: Storage Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: Path that identifies vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - walCompression: - description: Enable compression of the write-ahead log using Snappy. - This flag is only available in versions of Prometheus >= 2.11.0. - type: boolean - type: object - status: - description: 'Most recent observed status of the Prometheus cluster. Read-only. - Not included when requesting from the apiserver, only from the Prometheus - Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) - targeted by this Prometheus deployment. - format: int32 - type: integer - paused: - description: Represents whether any actions on the underlaying managed - objects are being performed. Only delete actions will be performed. - type: boolean - replicas: - description: Total number of non-terminated pods targeted by this Prometheus - deployment (their labels match the selector). - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable pods targeted by this Prometheus - deployment. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated pods targeted by this Prometheus - deployment that have the desired version spec. - format: int32 - type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas - type: object - required: - - spec - type: object - version: v1 - versions: - - name: v1 + volumeName: + description: VolumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within a + namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope of the volume + within StorageOS. If no namespace is specified then the + Pod's namespace will be used. This allows the Kubernetes + name scoping to be mirrored within StorageOS for tighter + integration. Set VolumeName to any name to override the + default behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: Path that identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + walCompression: + description: Enable compression of the write-ahead log using Snappy. + This flag is only available in versions of Prometheus >= 2.11.0. + type: boolean + type: object + status: + description: 'Most recent observed status of the Prometheus cluster. Read-only. + Not included when requesting from the apiserver, only from the Prometheus + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this Prometheus deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlaying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this Prometheus + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this Prometheus + deployment that have the desired version spec. + format: int32 + type: integer + required: + - availableReplicas + - paused + - replicas + - unavailableReplicas + - updatedReplicas + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml index 26a441b60f..d490fafc07 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-prometheusrules.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/release-0.35/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,73 +16,72 @@ spec: singular: prometheusrule preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: PrometheusRule defines alerting rules for a Prometheus instance - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of desired alerting rule definitions for Prometheus. - properties: - groups: - description: Content of Prometheus rule file - items: - description: RuleGroup is a list of sequentially evaluated recording - and alerting rules. - properties: - interval: - type: string - name: - type: string - rules: - items: - description: Rule describes an alerting or recording rule. - properties: - alert: - type: string - annotations: - additionalProperties: - type: string - type: object - expr: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - for: - type: string - labels: - additionalProperties: - type: string - type: object - record: - type: string - required: - - expr - type: object - type: array - required: - - name - - rules - type: object - type: array - type: object - required: - - spec - type: object - version: v1 versions: - name: v1 + schema: + openAPIV3Schema: + description: PrometheusRule defines alerting rules for a Prometheus instance + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired alerting rule definitions for Prometheus. + properties: + groups: + description: Content of Prometheus rule file + items: + description: RuleGroup is a list of sequentially evaluated recording + and alerting rules. + properties: + interval: + type: string + name: + type: string + rules: + items: + description: Rule describes an alerting or recording rule. + properties: + alert: + type: string + annotations: + additionalProperties: + type: string + type: object + expr: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + for: + type: string + labels: + additionalProperties: + type: string + type: object + record: + type: string + required: + - expr + type: object + type: array + required: + - name + - rules + type: object + type: array + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml index 7c0099e351..1a6592f472 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-servicemonitor.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/release-0.35/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,445 +16,444 @@ spec: singular: servicemonitor preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: ServiceMonitor defines monitoring for a set of services. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Specification of desired Service selection for target discovery - by Prometheus. - properties: - endpoints: - description: A list of endpoints allowed as part of this ServiceMonitor. - items: - description: Endpoint defines a scrapeable endpoint serving Prometheus - metrics. - properties: - basicAuth: - description: 'BasicAuth allow an endpoint to authenticate over - basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' - properties: - password: - description: The secret in the service monitor namespace that - contains the password for authentication. + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ServiceMonitor defines monitoring for a set of services. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of desired Service selection for target discovery + by Prometheus. + properties: + endpoints: + description: A list of endpoints allowed as part of this ServiceMonitor. + items: + description: Endpoint defines a scrapeable endpoint serving Prometheus + metrics. + properties: + basicAuth: + description: 'BasicAuth allow an endpoint to authenticate over + basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints' + properties: + password: + description: The secret in the service monitor namespace that + contains the password for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + username: + description: The secret in the service monitor namespace that + contains the username for authentication. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + type: object + bearerTokenFile: + description: File to read bearer token for scraping targets. + type: string + bearerTokenSecret: + description: Secret to mount to read bearer token for scraping + targets. The secret needs to be in the same namespace as the + service monitor and accessible by the Prometheus Operator. + properties: + key: + description: The key of the secret to select from. Must be + a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be + defined + type: boolean + required: + - key + type: object + honorLabels: + description: HonorLabels chooses the metric's labels on collisions + with target labels. + type: boolean + honorTimestamps: + description: HonorTimestamps controls whether Prometheus respects + the timestamps present in scraped data. + type: boolean + interval: + description: Interval at which metrics should be scraped + type: string + metricRelabelings: + description: MetricRelabelConfigs to apply to samples before ingestion. + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' + type: string + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key type: object - username: - description: The secret in the service monitor namespace that - contains the username for authentication. + type: array + params: + additionalProperties: + items: + type: string + type: array + description: Optional HTTP URL parameters + type: object + path: + description: HTTP path to scrape for metrics. + type: string + port: + description: Name of the service port this endpoint refers to. + Mutually exclusive with targetPort. + type: string + proxyUrl: + description: ProxyURL eg http://proxyserver:2195 Directs scrapes + to proxy through this endpoint. + type: string + relabelings: + description: 'RelabelConfigs to apply to samples before scraping. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + items: + description: 'RelabelConfig allows dynamic rewriting of the + label set, being applied to samples before ingestion. It defines + ``-section of Prometheus configuration. + More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + action: + description: Action to perform based on regex matching. + Default is 'replace' + type: string + modulus: + description: Modulus to take of the hash of the source label + values. + format: int64 + type: integer + regex: + description: Regular expression against which the extracted + value is matched. Default is '(.*)' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + replacement: + description: Replacement value against which a regex replace + is performed if the regular expression matches. Regex + capture groups are available. Default is '$1' + type: string + separator: + description: Separator placed between concatenated source + label values. default is ';'. + type: string + sourceLabels: + description: The source labels select values from existing + labels. Their content is concatenated using the configured + separator and matched against the configured regular expression + for the replace, keep, and drop actions. + items: + type: string + type: array + targetLabel: + description: Label to which the resulting value is written + in a replace action. It is mandatory for replace actions. + Regex capture groups are available. type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key type: object - type: object - bearerTokenFile: - description: File to read bearer token for scraping targets. - type: string - bearerTokenSecret: - description: Secret to mount to read bearer token for scraping - targets. The secret needs to be in the same namespace as the - service monitor and accessible by the Prometheus Operator. - properties: - key: - description: The key of the secret to select from. Must be - a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be - defined - type: boolean - required: - - key - type: object - honorLabels: - description: HonorLabels chooses the metric's labels on collisions - with target labels. - type: boolean - honorTimestamps: - description: HonorTimestamps controls whether Prometheus respects - the timestamps present in scraped data. - type: boolean - interval: - description: Interval at which metrics should be scraped - type: string - metricRelabelings: - description: MetricRelabelConfigs to apply to samples before ingestion. - items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It defines - ``-section of Prometheus configuration. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + type: array + scheme: + description: HTTP scheme to use for scraping. + type: string + scrapeTimeout: + description: Timeout after which the scrape is ended + type: string + targetPort: + anyOf: + - type: integer + - type: string + description: Name or number of the target port of the endpoint. + Mutually exclusive with port. + x-kubernetes-int-or-string: true + tlsConfig: + description: TLS configuration to use when scraping the endpoint properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' + ca: + description: Stuct containing the CA cert to use for the targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + caFile: + description: Path to the CA cert in the Prometheus container + to use for the targets. type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: Regular expression against which the extracted - value is matched. Default is '(.*)' + cert: + description: Struct containing the client cert file for the + targets. + properties: + configMap: + description: ConfigMap containing data to use for the + targets. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + secret: + description: Secret containing data to use for the targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + certFile: + description: Path to the client cert file in the Prometheus + container for the targets. type: string - replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + insecureSkipVerify: + description: Disable target certificate validation. + type: boolean + keyFile: + description: Path to the client key file in the Prometheus + container for the targets. type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - separator and matched against the configured regular expression - for the replace, keep, and drop actions. - items: - type: string - type: array - targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. + keySecret: + description: Secret containing the client key file for the + targets. + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must + be defined + type: boolean + required: + - key + type: object + serverName: + description: Used to verify the hostname for the targets. type: string type: object + type: object + type: array + jobLabel: + description: The label to use to retrieve the job name from. + type: string + namespaceSelector: + description: Selector to select which namespaces the Endpoints objects + are discovered from. + properties: + any: + description: Boolean describing whether all namespaces are selected + in contrast to a list restricting them. + type: boolean + matchNames: + description: List of namespace names. + items: + type: string type: array - params: - additionalProperties: - items: - type: string - type: array - description: Optional HTTP URL parameters - type: object - path: - description: HTTP path to scrape for metrics. - type: string - port: - description: Name of the service port this endpoint refers to. - Mutually exclusive with targetPort. - type: string - proxyUrl: - description: ProxyURL eg http://proxyserver:2195 Directs scrapes - to proxy through this endpoint. - type: string - relabelings: - description: 'RelabelConfigs to apply to samples before scraping. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config' + type: object + podTargetLabels: + description: PodTargetLabels transfers labels on the Kubernetes Pod + onto the target. + items: + type: string + type: array + sampleLimit: + description: SampleLimit defines per-scrape limit on number of scraped + samples that will be accepted. + format: int64 + type: integer + selector: + description: Selector to select Endpoints objects. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. items: - description: 'RelabelConfig allows dynamic rewriting of the - label set, being applied to samples before ingestion. It defines - ``-section of Prometheus configuration. - More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs' + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. properties: - action: - description: Action to perform based on regex matching. - Default is 'replace' - type: string - modulus: - description: Modulus to take of the hash of the source label - values. - format: int64 - type: integer - regex: - description: Regular expression against which the extracted - value is matched. Default is '(.*)' + key: + description: key is the label key that the selector applies + to. type: string - replacement: - description: Replacement value against which a regex replace - is performed if the regular expression matches. Regex - capture groups are available. Default is '$1' + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. type: string - separator: - description: Separator placed between concatenated source - label values. default is ';'. - type: string - sourceLabels: - description: The source labels select values from existing - labels. Their content is concatenated using the configured - separator and matched against the configured regular expression - for the replace, keep, and drop actions. + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. items: type: string type: array - targetLabel: - description: Label to which the resulting value is written - in a replace action. It is mandatory for replace actions. - Regex capture groups are available. - type: string + required: + - key + - operator type: object type: array - scheme: - description: HTTP scheme to use for scraping. - type: string - scrapeTimeout: - description: Timeout after which the scrape is ended - type: string - targetPort: - anyOf: - - type: integer - - type: string - description: Name or number of the target port of the endpoint. - Mutually exclusive with port. - x-kubernetes-int-or-string: true - tlsConfig: - description: TLS configuration to use when scraping the endpoint - properties: - ca: - description: Stuct containing the CA cert to use for the targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - caFile: - description: Path to the CA cert in the Prometheus container - to use for the targets. - type: string - cert: - description: Struct containing the client cert file for the - targets. - properties: - configMap: - description: ConfigMap containing data to use for the - targets. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - secret: - description: Secret containing data to use for the targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - certFile: - description: Path to the client cert file in the Prometheus - container for the targets. - type: string - insecureSkipVerify: - description: Disable target certificate validation. - type: boolean - keyFile: - description: Path to the client key file in the Prometheus - container for the targets. - type: string - keySecret: - description: Secret containing the client key file for the - targets. - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must - be defined - type: boolean - required: - - key - type: object - serverName: - description: Used to verify the hostname for the targets. - type: string + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. type: object type: object - type: array - jobLabel: - description: The label to use to retrieve the job name from. - type: string - namespaceSelector: - description: Selector to select which namespaces the Endpoints objects - are discovered from. - properties: - any: - description: Boolean describing whether all namespaces are selected - in contrast to a list restricting them. - type: boolean - matchNames: - description: List of namespace names. - items: - type: string - type: array - type: object - podTargetLabels: - description: PodTargetLabels transfers labels on the Kubernetes Pod - onto the target. - items: - type: string - type: array - sampleLimit: - description: SampleLimit defines per-scrape limit on number of scraped - samples that will be accepted. - format: int64 - type: integer - selector: - description: Selector to select Endpoints objects. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - targetLabels: - description: TargetLabels transfers labels on the Kubernetes Service - onto the target. - items: - type: string - type: array - required: - - endpoints - - selector - type: object - required: - - spec - type: object - version: v1 - versions: - - name: v1 + targetLabels: + description: TargetLabels transfers labels on the Kubernetes Service + onto the target. + items: + type: string + type: array + required: + - endpoints + - selector + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml index 0cbb04a38f..f79f82a856 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/crds/crd-thanosrulers.yaml @@ -1,5 +1,5 @@ # https://raw.githubusercontent.com/coreos/prometheus-operator/master/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml -apiVersion: apiextensions.k8s.io/v1beta1 +apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: @@ -16,3800 +16,3799 @@ spec: singular: thanosruler preserveUnknownFields: null scope: Namespaced - validation: - openAPIV3Schema: - description: ThanosRuler defines a ThanosRuler deployment. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: 'Specification of the desired behavior of the ThanosRuler cluster. - More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - alertDropLabels: - description: AlertDropLabels configure the label names which should - be dropped in ThanosRuler alerts. If `labels` field is not provided, - `thanos_ruler_replica` will be dropped in alerts by default. - items: - type: string - type: array - alertmanagersConfig: - description: Define configuration for connecting to alertmanager. Only - available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` - arg. - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + versions: + - name: v1 + schema: + openAPIV3Schema: + description: ThanosRuler defines a ThanosRuler deployment. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: 'Specification of the desired behavior of the ThanosRuler cluster. + More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + alertDropLabels: + description: AlertDropLabels configure the label names which should + be dropped in ThanosRuler alerts. If `labels` field is not provided, + `thanos_ruler_replica` will be dropped in alerts by default. + items: type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - alertmanagersUrl: - description: Define URL to send alerts to alertmanager. For Thanos - v0.10.0 and higher, AlertManagersConfig should be used instead. Maps - to the `alertmanagers.url` arg. - type: string - containers: - description: 'Containers allows injecting additional containers or modifying - operator generated containers. This can be used to allow adding an - authentication proxy to a ThanosRuler pod or to change the behavior - of an operator generated container. Containers described here modify - an operator generated container if they share the same name and modifications - are done via a strategic merge patch. The current container names - are: `thanos-ruler` and `rules-configmap-reloader`. Overriding containers - is entirely outside the scope of what the maintainers will support - and by doing so, you accept that this behaviour may break at any time - without notice.' - items: - description: A single application container that you want to run within - a pod. + type: array + alertmanagersConfig: + description: Define configuration for connecting to alertmanager. Only + available with thanos v0.10.0 and higher. Maps to the `alertmanagers.config` + arg. properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + alertmanagersUrl: + description: Define URL to send alerts to alertmanager. For Thanos + v0.10.0 and higher, AlertManagersConfig should be used instead. Maps + to the `alertmanagers.url` arg. + type: string + containers: + description: 'Containers allows injecting additional containers or modifying + operator generated containers. This can be used to allow adding an + authentication proxy to a ThanosRuler pod or to change the behavior + of an operator generated container. Containers described here modify + an operator generated container if they share the same name and modifications + are done via a strategic merge patch. The current container names + are: `thanos-ruler` and `rules-configmap-reloader`. Overriding containers + is entirely outside the scope of what the maintainers will support + and by doing so, you accept that this behaviour may break at any time + without notice.' + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. + properties: + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. + type: string + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' + type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps + properties: + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. + type: string + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object + type: object + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - key: - description: The key to select. + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + httpGet: + description: HTTPGet specifies the http request to perform. properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - resource: - description: 'Required: resource to select' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - optional: - description: Specify whether the Secret must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + properties: + limits: + additionalProperties: type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + properties: + level: + description: Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. type: string - user: - description: User is a SELinux user label that applies - to the container. + name: + description: name must match the name of a persistentVolumeClaim + in the pod type: string + required: + - devicePath + - name type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + name: + description: This must match the Name of a Volume. type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). type: string + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. + type: string + required: + - mountPath + - name type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + enforcedNamespaceLabel: + description: EnforcedNamespaceLabel enforces adding a namespace label + of origin for each alert and metric that is user created. The label + value will always be the namespace of the object that is being created. + type: string + evaluationInterval: + description: Interval between consecutive evaluations. + type: string + image: + description: Thanos container image URL. + type: string + imagePullSecrets: + description: An optional list of references to secrets in the same namespace + to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod + items: + description: LocalObjectReference contains enough information to let + you locate the referenced object inside the same namespace. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + type: array + initContainers: + description: 'InitContainers allows adding initContainers to the pod + definition. Those can be used to e.g. fetch secrets for injection + into the ThanosRuler configuration from external sources. Any errors + during the execution of an initContainer will lead to a restart of + the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ + Using initContainers for any use case other then secret fetching is + entirely outside the scope of what the maintainers will support and + by doing so, you accept that this behaviour may break at any time + without notice.' + items: + description: A single application container that you want to run within + a pod. + properties: + args: + description: 'Arguments to the entrypoint. The docker image''s + CMD is used if this is not provided. Variable references $(VAR_NAME) + are expanded using the container''s environment. If a variable + cannot be resolved, the reference in the input string will be + unchanged. The $(VAR_NAME) syntax can be escaped with a double + $$, ie: $$(VAR_NAME). Escaped references will never be expanded, + regardless of whether the variable exists or not. Cannot be + updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + command: + description: 'Entrypoint array. Not executed within a shell. The + docker image''s ENTRYPOINT is used if this is not provided. + Variable references $(VAR_NAME) are expanded using the container''s + environment. If a variable cannot be resolved, the reference + in the input string will be unchanged. The $(VAR_NAME) syntax + can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable exists + or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' + items: + type: string + type: array + env: + description: List of environment variables to set in the container. + Cannot be updated. + items: + description: EnvVar represents an environment variable present + in a Container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + name: + description: Name of the environment variable. Must be a + C_IDENTIFIER. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + value: + description: 'Variable references $(VAR_NAME) are expanded + using the previous defined environment variables in the + container and any service environment variables. If a + variable cannot be resolved, the reference in the input + string will be unchanged. The $(VAR_NAME) syntax can be + escaped with a double $$, ie: $$(VAR_NAME). Escaped references + will never be expanded, regardless of whether the variable + exists or not. Defaults to "".' type: string + valueFrom: + description: Source for the environment variable's value. + Cannot be used if value is not empty. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + key must be defined + type: boolean + required: + - key + type: object + fieldRef: + description: 'Selects a field of the pod: supports metadata.name, + metadata.namespace, metadata.labels, metadata.annotations, + spec.nodeName, spec.serviceAccountName, status.hostIP, + status.podIP.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + limits.ephemeral-storage, requests.cpu, requests.memory + and requests.ephemeral-storage) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + secretKeyRef: + description: Selects a key of a secret in the pod's + namespace + properties: + key: + description: The key of the secret to select from. Must + be a valid secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + required: + - key + type: object + type: object required: - - port + - name type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' + type: array + envFrom: + description: List of sources to populate environment variables + in the container. The keys defined within a source must be a + C_IDENTIFIER. All invalid keys will be reported as an event + when the container is starting. When a key exists in multiple + sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will + take precedence. Cannot be updated. + items: + description: EnvFromSource represents the source of a set of + ConfigMaps properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + configMapRef: + description: The ConfigMap to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the ConfigMap must be defined + type: boolean + type: object + prefix: + description: An optional identifier to prepend to each key + in the ConfigMap. Must be a C_IDENTIFIER. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port + secretRef: + description: The Secret to select from + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret must be defined + type: boolean + type: object type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - enforcedNamespaceLabel: - description: EnforcedNamespaceLabel enforces adding a namespace label - of origin for each alert and metric that is user created. The label - value will always be the namespace of the object that is being created. - type: string - evaluationInterval: - description: Interval between consecutive evaluations. - type: string - image: - description: Thanos container image URL. - type: string - imagePullSecrets: - description: An optional list of references to secrets in the same namespace - to use for pulling thanos images from registries see http://kubernetes.io/docs/user-guide/images#specifying-imagepullsecrets-on-a-pod - items: - description: LocalObjectReference contains enough information to let - you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - initContainers: - description: 'InitContainers allows adding initContainers to the pod - definition. Those can be used to e.g. fetch secrets for injection - into the ThanosRuler configuration from external sources. Any errors - during the execution of an initContainer will lead to a restart of - the Pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - Using initContainers for any use case other then secret fetching is - entirely outside the scope of what the maintainers will support and - by doing so, you accept that this behaviour may break at any time - without notice.' - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + type: array + image: + description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images + This field is optional to allow higher level config management + to default or override container images in workload controllers + like Deployments and StatefulSets.' type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: + imagePullPolicy: + description: 'Image pull policy. One of Always, Never, IfNotPresent. + Defaults to Always if :latest tag is specified, or IfNotPresent + otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. + lifecycle: + description: Actions that the management system should take in + response to container lifecycle events. Cannot be updated. properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + postStart: + description: 'PostStart is called immediately after a container + is created. If the handler fails, the container is terminated + and restarted according to its restart policy. Other management + of the container blocks until the hook completes. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + type: object + httpGet: + description: HTTPGet specifies the http request to perform. properties: - key: - description: The key to select. + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean required: - - key + - port type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP.' + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - fieldPath + - port + type: object + type: object + preStop: + description: 'PreStop is called immediately before a container + is terminated due to an API request or management event + such as liveness/startup probe failure, preemption, resource + contention, etc. The handler is not called if the container + crashes or exits. The reason for termination is passed to + the handler. The Pod''s termination grace period countdown + begins before the PreStop hooked is executed. Regardless + of the outcome of the handler, the container will eventually + terminate within the Pod''s termination grace period. Other + management of the container blocks until the hook completes + or until the termination grace period is reached. More info: + https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' + properties: + exec: + description: One and only one of the following should + be specified. Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute + inside the container, the working directory for + the command is root ('/') in the container's filesystem. + The command is simply exec'd, it is not run inside + a shell, so traditional shell instructions ('|', + etc) won't work. To use a shell, you need to explicitly + call out to that shell. Exit status of 0 is treated + as live/healthy and non-zero is unhealthy. + items: + type: string + type: array type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + httpGet: + description: HTTPGet specifies the http request to perform. properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' + host: + description: Host name to connect to, defaults to + the pod IP. You probably want to set "Host" in httpHeaders + instead. type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" + httpHeaders: + description: Custom headers to set in the request. + HTTP allows repeated headers. + items: + description: HTTPHeader describes a custom header + to be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. type: string - resource: - description: 'Required: resource to select' + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string required: - - resource + - port type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace + tcpSocket: + description: 'TCPSocket specifies an action involving + a TCP port. TCP hooks not yet supported TODO: implement + a realistic TCP lifecycle hook' properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access + on the container. Number must be in the range 1 + to 65535. Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true required: - - key + - port type: object type: object - required: - - name type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps + livenessProbe: + description: 'Periodic probe of container liveness. Container + will be restarted if the probe fails. Cannot be updated. More + info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - configMapRef: - description: The ConfigMap to select from + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. type: string - optional: - description: Specify whether the Secret must be defined - type: boolean + required: + - port type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + name: + description: Name of the container specified as a DNS_LABEL. Each + container in a pod must have a unique name (DNS_LABEL). Cannot + be updated. + type: string + ports: + description: List of ports to expose from the container. Exposing + a port here gives the system additional information about the + network connections a container uses, but is primarily informational. + Not specifying a port here DOES NOT prevent that port from being + exposed. Any port which is listening on the default "0.0.0.0" + address inside a container will be accessible from the network. + Cannot be updated. + items: + description: ContainerPort represents a network port in a single + container. properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. + containerPort: + description: Number of port to expose on the pod's IP address. + This must be a valid port number, 0 < x < 65536. + format: int32 + type: integer + hostIP: + description: What host IP to bind the external port to. type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + hostPort: + description: Number of port to expose on the host. If specified, + this must be a valid port number, 0 < x < 65536. If HostNetwork + is specified, this must match ContainerPort. Most containers + do not need this. + format: int32 + type: integer + name: + description: If specified, this must be an IANA_SVC_NAME + and unique within the pod. Each named port in a pod must + have a unique name. Name for the port that can be referred + to by services. type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + protocol: + description: Protocol for port. Must be UDP, TCP, or SCTP. + Defaults to "TCP". type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true required: - - port + - containerPort type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. + type: array + readinessProbe: + description: 'Periodic probe of container service readiness. Container + will be removed from service endpoints if the probe fails. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. format: int32 type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' format: int32 type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + resources: + description: 'Compute Resources required by this container. Cannot + be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + properties: + limits: + additionalProperties: type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + description: 'Limits describes the maximum amount of compute + resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + securityContext: + description: 'Security options the pod should run with. More info: + https://kubernetes.io/docs/concepts/policy/security-context/ + More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' + properties: + allowPrivilegeEscalation: + description: 'AllowPrivilegeEscalation controls whether a + process can gain more privileges than its parent process. + This bool directly controls if the no_new_privs flag will + be set on the container process. AllowPrivilegeEscalation + is true always when the container is: 1) run as Privileged + 2) has CAP_SYS_ADMIN' + type: boolean + capabilities: + description: The capabilities to add/drop when running containers. + Defaults to the default set of capabilities granted by the + container runtime. + properties: + add: + description: Added capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + drop: + description: Removed capabilities + items: + description: Capability represent POSIX capabilities + type + type: string + type: array + type: object + privileged: + description: Run container in privileged mode. Processes in + privileged containers are essentially equivalent to root + on the host. Defaults to false. + type: boolean + procMount: + description: procMount denotes the type of proc mount to use + for the containers. The default is DefaultProcMount which + uses the container runtime defaults for readonly paths and + masked paths. This requires the ProcMountType feature flag + to be enabled. type: string - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type + readOnlyRootFilesystem: + description: Whether this container has a read-only root filesystem. + Default is false. + type: boolean + runAsGroup: + description: The GID to run the entrypoint of the container + process. Uses runtime default if unset. May also be set + in PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + format: int64 + type: integer + runAsNonRoot: + description: Indicates that the container must run as a non-root + user. If true, the Kubelet will validate the image at runtime + to ensure that it does not run as UID 0 (root) and fail + to start the container if it does. If unset or false, no + such validation will be performed. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + type: boolean + runAsUser: + description: The UID to run the entrypoint of the container + process. Defaults to user specified in image metadata if + unspecified. May also be set in PodSecurityContext. If + set in both SecurityContext and PodSecurityContext, the + value specified in SecurityContext takes precedence. + format: int64 + type: integer + seLinuxOptions: + description: The SELinux context to be applied to the container. + If unspecified, the container runtime will allocate a random + SELinux context for each container. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. + properties: + level: + description: Level is SELinux level label that applies + to the container. type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type + role: + description: Role is a SELinux role label that applies + to the container. type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. + type: + description: Type is a SELinux type label that applies + to the container. + type: string + user: + description: User is a SELinux user label that applies + to the container. + type: string + type: object + windowsOptions: + description: The Windows specific settings applied to all + containers. If unspecified, the options from the PodSecurityContext + will be used. If set in both SecurityContext and PodSecurityContext, + the value specified in SecurityContext takes precedence. + properties: + gmsaCredentialSpec: + description: GMSACredentialSpec is where the GMSA admission + webhook (https://github.com/kubernetes-sigs/windows-gmsa) + inlines the contents of the GMSA credential spec named + by the GMSACredentialSpecName field. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + gmsaCredentialSpecName: + description: GMSACredentialSpecName is the name of the + GMSA credential spec to use. This field is alpha-level + and is only honored by servers that enable the WindowsGMSA + feature flag. + type: string + runAsUserName: + description: The UserName in Windows to run the entrypoint + of the container process. Defaults to the user specified + in image metadata if unspecified. May also be set in + PodSecurityContext. If set in both SecurityContext and + PodSecurityContext, the value specified in SecurityContext + takes precedence. This field is alpha-level and it is + only honored by servers that enable the WindowsRunAsUserName + feature flag. + type: string + type: object + type: object + startupProbe: + description: 'StartupProbe indicates that the Pod has successfully + initialized. If specified, no other probes are executed until + this completes successfully. If this probe fails, the Pod will + be restarted, just as if the livenessProbe failed. This can + be used to provide different probe parameters at the beginning + of a Pod''s lifecycle, when it might take a long time to load + data or warm a cache, than during steady-state operation. This + cannot be updated. This is an alpha feature enabled by the StartupProbe + feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + properties: + exec: + description: One and only one of the following should be specified. + Exec specifies the action to take. + properties: + command: + description: Command is the command line to execute inside + the container, the working directory for the command is + root ('/') in the container's filesystem. The command + is simply exec'd, it is not run inside a shell, so traditional + shell instructions ('|', etc) won't work. To use a shell, + you need to explicitly call out to that shell. Exit + status of 0 is treated as live/healthy and non-zero + is unhealthy. + items: + type: string + type: array + type: object + failureThreshold: + description: Minimum consecutive failures for the probe to + be considered failed after having succeeded. Defaults to + 3. Minimum value is 1. + format: int32 + type: integer + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: Host name to connect to, defaults to the + pod IP. You probably want to set "Host" in httpHeaders + instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to + be used in HTTP probes + properties: + name: + description: The header field name + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: Name or number of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: 'Number of seconds after the container has started + before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + periodSeconds: + description: How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + successThreshold: + description: Minimum consecutive successes for the probe to + be considered successful after having failed. Defaults to + 1. Must be 1 for liveness and startup. Minimum value is + 1. + format: int32 + type: integer + tcpSocket: + description: 'TCPSocket specifies an action involving a TCP + port. TCP hooks not yet supported TODO: implement a realistic + TCP lifecycle hook' + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: Number or name of the port to access on the + container. Number must be in the range 1 to 65535. Name + must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + description: 'Number of seconds after which the probe times + out. Defaults to 1 second. Minimum value is 1. More info: + https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + format: int32 + type: integer + type: object + stdin: + description: Whether this container should allocate a buffer for + stdin in the container runtime. If this is not set, reads from + stdin in the container will always result in EOF. Default is + false. + type: boolean + stdinOnce: + description: Whether the container runtime should close the stdin + channel after it has been opened by a single attach. When stdin + is true the stdin stream will remain open across multiple attach + sessions. If stdinOnce is set to true, stdin is opened on container + start, is empty until the first client attaches to stdin, and + then remains open and accepts data until the client disconnects, + at which time stdin is closed and remains closed until the container + is restarted. If this flag is false, a container processes that + reads from stdin will never receive an EOF. Default is false + type: boolean + terminationMessagePath: + description: 'Optional: Path at which the file to which the container''s + termination message will be written is mounted into the container''s + filesystem. Message written is intended to be brief final status, + such as an assertion failure message. Will be truncated by the + node if greater than 4096 bytes. The total message length across + all containers will be limited to 12kb. Defaults to /dev/termination-log. + Cannot be updated.' + type: string + terminationMessagePolicy: + description: Indicate how the termination message should be populated. + File will use the contents of terminationMessagePath to populate + the container status message on both success and failure. FallbackToLogsOnError + will use the last chunk of container log output if the termination + message file is empty and the container exited with an error. + The log output is limited to 2048 bytes or 80 lines, whichever + is smaller. Defaults to File. Cannot be updated. + type: string + tty: + description: Whether this container should allocate a TTY for + itself, also requires 'stdin' to be true. Default is false. + type: boolean + volumeDevices: + description: volumeDevices is the list of block devices to be + used by the container. This is a beta feature. + items: + description: volumeDevice describes a mapping of a raw block + device within a container. properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. + devicePath: + description: devicePath is the path inside of the container + that the device will be mapped to. type: string - user: - description: User is a SELinux user label that applies - to the container. + name: + description: name must match the name of a persistentVolumeClaim + in the pod type: string + required: + - devicePath + - name type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. + type: array + volumeMounts: + description: Pod volumes to mount into the container's filesystem. + Cannot be updated. + items: + description: VolumeMount describes a mounting of a Volume within + a container. properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + mountPath: + description: Path within the container at which the volume + should be mounted. Must not contain ':'. + type: string + mountPropagation: + description: mountPropagation determines how mounts are + propagated from the host to container and the other way + around. When not set, MountPropagationNone is used. This + field is beta in 1.10. type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. This field is alpha-level - and is only honored by servers that enable the WindowsGMSA - feature flag. + name: + description: This must match the Name of a Volume. + type: string + readOnly: + description: Mounted read-only if true, read-write otherwise + (false or unspecified). Defaults to false. + type: boolean + subPath: + description: Path within the volume from which the container's + volume should be mounted. Defaults to "" (volume's root). type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. This field is alpha-level and it is - only honored by servers that enable the WindowsRunAsUserName - feature flag. + subPathExpr: + description: Expanded path within the volume from which + the container's volume should be mounted. Behaves similarly + to SubPath but environment variable references $(VAR_NAME) + are expanded using the container's environment. Defaults + to "" (volume's root). SubPathExpr and SubPath are mutually + exclusive. This field is beta in 1.15. type: string + required: + - mountPath + - name type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is an alpha feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' + type: array + workingDir: + description: Container's working directory. If not specified, + the container runtime's default will be used, which might be + configured in the container image. Cannot be updated. + type: string + required: + - name + type: object + type: array + labels: + additionalProperties: + type: string + description: Labels configure the external label pairs to ThanosRuler. + If not provided, default replica label `thanos_ruler_replica` will + be added as a label and be dropped in alerts. + type: object + listenLocal: + description: ListenLocal makes the Thanos ruler listen on loopback, + so that it does not bind against the Pod IP. + type: boolean + logFormat: + description: Log format for ThanosRuler to be configured with. + type: string + logLevel: + description: Log level for ThanosRuler to be configured with. + type: string + objectStorageConfig: + description: ObjectStorageConfig configures object storage in Thanos. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. + type: string + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + optional: + description: Specify whether the Secret or its key must be defined + type: boolean + required: + - key + type: object + paused: + description: When a ThanosRuler deployment is paused, no actions except + for deletion will be performed on the underlying objects. + type: boolean + podMetadata: + description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + Metadata Labels and Annotations gets propagated to the prometheus + pods.' + type: object + portName: + description: Port name used for the pods and governing service. This + defaults to web + type: string + queryEndpoints: + description: QueryEndpoints defines Thanos querier endpoints from which + to query metrics. Maps to the --query flag of thanos ruler. + items: + type: string + type: array + replicas: + description: Number of thanos ruler instances to deploy. + format: int32 + type: integer + resources: + description: Resources defines the resource requirements for the Thanos + sidecar. If not provided, no requests/limits will be set + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount of compute resources + required. If Requests is omitted for a container, it defaults + to Limits if that is explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + retention: + description: Time duration ThanosRuler shall retain data for. Default + is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` + (milliseconds seconds minutes hours days weeks years). + type: string + ruleNamespaceSelector: + description: Namespaces to be selected for Rules discovery. If unspecified, + only the same namespace as the ThanosRuler object is in is used. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + ruleSelector: + description: A label selector to select which PrometheusRules to mount + for alerting and recording. + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. + The requirements are ANDed. + items: + description: A label selector requirement is a selector that contains + values, a key, and an operator that relates the key and values. + properties: + key: + description: key is the label key that the selector applies + to. + type: string + operator: + description: operator represents a key's relationship to a + set of values. Valid operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator + is In or NotIn, the values array must be non-empty. If the + operator is Exists or DoesNotExist, the values array must + be empty. This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. A single + {key,value} in the matchLabels map is equivalent to an element + of matchExpressions, whose key field is "key", the operator is + "In", and the values array contains only "value". The requirements + are ANDed. + type: object + type: object + storage: + description: Storage spec to specify how storage shall be used. + properties: + emptyDir: + description: 'EmptyDirVolumeSource to be used by the Prometheus + StatefulSets. If specified, used in place of any volumeClaimTemplate. + More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' + properties: + medium: + description: 'What type of storage medium should back this directory. + The default is "" which means to use the node''s default medium. + Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. The + default is nil which means that the limit is undefined. More + info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + volumeClaimTemplate: + description: A PVC spec to be used by the Prometheus StatefulSets. properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. + apiVersion: + description: 'APIVersion defines the versioned schema of this + representation of an object. Servers should convert recognized + schemas to the latest internal value, and may reject unrecognized + values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource + this object represents. Servers may infer this from the endpoint + the client submits requests to. Cannot be updated. In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + type: object + spec: + description: 'Spec defines the desired characteristics of a + volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. + accessModes: + description: 'AccessModes contains the desired access modes + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' items: type: string type: array + dataSource: + description: This field requires the VolumeSnapshotDataSource + alpha feature gate to be enabled and currently VolumeSnapshot + is the only supported data source. If the provisioner + can support VolumeSnapshot data source, it will create + a new volume and data will be restored to the volume at + the same time. If the provisioner does not support VolumeSnapshot + data source, volume will not be created and the failure + will be reported as an event. In the future, we plan to + support more data source types and the behavior of the + provisioner may change. + properties: + apiGroup: + description: APIGroup is the group for the resource + being referenced. If APIGroup is not specified, the + specified Kind must be in the core API group. For + any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being referenced + type: string + name: + description: Name is the name of resource being referenced + type: string + required: + - kind + - name + type: object + resources: + description: 'Resources represents the minimum resources + the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + properties: + limits: + additionalProperties: + type: string + description: 'Limits describes the maximum amount of + compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + requests: + additionalProperties: + type: string + description: 'Requests describes the minimum amount + of compute resources required. If Requests is omitted + for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined + value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + type: object + type: object + selector: + description: A label query over volumes to consider for + binding. + properties: + matchExpressions: + description: matchExpressions is a list of label selector + requirements. The requirements are ANDed. + items: + description: A label selector requirement is a selector + that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the selector + applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are In, + NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. + If the operator is In or NotIn, the values array + must be non-empty. If the operator is Exists + or DoesNotExist, the values array must be empty. + This array is replaced during a strategic merge + patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} pairs. + A single {key,value} in the matchLabels map is equivalent + to an element of matchExpressions, whose key field + is "key", the operator is "In", and the values array + contains only "value". The requirements are ANDed. + type: object + type: object + storageClassName: + description: 'Name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + type: string + volumeMode: + description: volumeMode defines what type of volume is required + by the claim. Value of Filesystem is implied when not + included in claim spec. This is a beta feature. + type: string + volumeName: + description: VolumeName is the binding reference to the + PersistentVolume backing this claim. + type: string type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. + status: + description: 'Status represents the current information/status + of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. + accessModes: + description: 'AccessModes contains the actual access modes + the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + items: + type: string + type: array + capacity: + additionalProperties: + type: string + description: Represents the actual resources of the underlying + volume. + type: object + conditions: + description: Current Condition of persistent volume claim. + If underlying persistent volume is being resized then + the Condition will be set to 'ResizeStarted'. items: - description: HTTPHeader describes a custom header to - be used in HTTP probes + description: PersistentVolumeClaimCondition contails details + about state of pvc properties: - name: - description: The header field name + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned + from one status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details + about last transition. type: string - value: - description: The header field value + reason: + description: Unique, this should be a short, machine + understandable string that gives the reason for + condition's last transition. If it reports "ResizeStarted" + that means the underlying persistent volume is being + resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType is + a valid value of PersistentVolumeClaimCondition.Type type: string required: - - name - - value + - status + - type type: object type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' + phase: + description: Phase represents the current phase of PersistentVolumeClaim. type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' + type: object + tracingConfig: + description: TracingConfig configures tracing in Thanos. This is an + experimental feature, it may change in any upcoming release in a breaking + way. + properties: + key: + description: The key of the secret to select from. Must be a valid + secret key. type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. + optional: + description: Specify whether the Secret or its key must be defined type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. This is a beta feature. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. + required: + - key + type: object + volumes: + description: Volumes allows configuration of additional volumes on the + output StatefulSet definition. Volumes specified will be appended + to other volumes that are generated as a result of StorageSpec objects. + items: + description: Volume represents a named volume in a pod that may be + accessed by any container in the pod. + properties: + awsElasticBlockStore: + description: 'AWSElasticBlockStore represents an AWS Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore + TODO: how do we prevent errors in the filesystem from compromising + the machine' type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty).' + format: int32 + type: integer + readOnly: + description: 'Specify "true" to force and set the ReadOnly + property in VolumeMounts to "true". If omitted, the default + is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + type: boolean + volumeID: + description: 'Unique ID of the persistent disk resource in + AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' type: string required: - - devicePath - - name + - volumeID type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume within - a container. + azureDisk: + description: AzureDisk represents an Azure Data Disk mount on + the host and bind mount to the pod. properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + cachingMode: + description: 'Host Caching mode: None, Read Only, Read Write.' type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. + diskName: + description: The Name of the data disk in the blob storage type: string - name: - description: This must match the Name of a Volume. + diskURI: + description: The URI the data disk in the blob storage + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + kind: + description: 'Expected values Shared: multiple blob disks + per storage account Dedicated: single blob disk per storage + account Managed: azure managed data disk (only in managed + availability set). defaults to shared' type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. This field is beta in 1.15. - type: string required: - - mountPath - - name + - diskName + - diskURI type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - labels: - additionalProperties: - type: string - description: Labels configure the external label pairs to ThanosRuler. - If not provided, default replica label `thanos_ruler_replica` will - be added as a label and be dropped in alerts. - type: object - listenLocal: - description: ListenLocal makes the Thanos ruler listen on loopback, - so that it does not bind against the Pod IP. - type: boolean - logFormat: - description: Log format for ThanosRuler to be configured with. - type: string - logLevel: - description: Log level for ThanosRuler to be configured with. - type: string - objectStorageConfig: - description: ObjectStorageConfig configures object storage in Thanos. - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - paused: - description: When a ThanosRuler deployment is paused, no actions except - for deletion will be performed on the underlying objects. - type: boolean - podMetadata: - description: 'Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata - Metadata Labels and Annotations gets propagated to the prometheus - pods.' - type: object - portName: - description: Port name used for the pods and governing service. This - defaults to web - type: string - queryEndpoints: - description: QueryEndpoints defines Thanos querier endpoints from which - to query metrics. Maps to the --query flag of thanos ruler. - items: - type: string - type: array - replicas: - description: Number of thanos ruler instances to deploy. - format: int32 - type: integer - resources: - description: Resources defines the resource requirements for the Thanos - sidecar. If not provided, no requests/limits will be set - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of compute resources - allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount of compute resources - required. If Requests is omitted for a container, it defaults - to Limits if that is explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - retention: - description: Time duration ThanosRuler shall retain data for. Default - is '24h', and must match the regular expression `[0-9]+(ms|s|m|h|d|w|y)` - (milliseconds seconds minutes hours days weeks years). - type: string - ruleNamespaceSelector: - description: Namespaces to be selected for Rules discovery. If unspecified, - only the same namespace as the ThanosRuler object is in is used. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: + azureFile: + description: AzureFile represents an Azure File Service mount + on the host and bind mount to the pod. + properties: + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretName: + description: the name of secret that contains Azure Storage + Account Name and Key type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - ruleSelector: - description: A label selector to select which PrometheusRules to mount - for alerting and recording. - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. - The requirements are ANDed. - items: - description: A label selector requirement is a selector that contains - values, a key, and an operator that relates the key and values. - properties: - key: - description: key is the label key that the selector applies - to. - type: string - operator: - description: operator represents a key's relationship to a - set of values. Valid operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator - is In or NotIn, the values array must be non-empty. If the - operator is Exists or DoesNotExist, the values array must - be empty. This array is replaced during a strategic merge - patch. - items: + shareName: + description: Share Name type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. A single - {key,value} in the matchLabels map is equivalent to an element - of matchExpressions, whose key field is "key", the operator is - "In", and the values array contains only "value". The requirements - are ANDed. - type: object - type: object - storage: - description: Storage spec to specify how storage shall be used. - properties: - emptyDir: - description: 'EmptyDirVolumeSource to be used by the Prometheus - StatefulSets. If specified, used in place of any volumeClaimTemplate. - More info: https://kubernetes.io/docs/concepts/storage/volumes/#emptydir' - properties: - medium: - description: 'What type of storage medium should back this directory. - The default is "" which means to use the node''s default medium. - Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. The - default is nil which means that the limit is undefined. More - info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - volumeClaimTemplate: - description: A PVC spec to be used by the Prometheus StatefulSets. - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this - representation of an object. Servers should convert recognized - schemas to the latest internal value, and may reject unrecognized - values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource - this object represents. Servers may infer this from the endpoint - the client submits requests to. Cannot be updated. In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata' + required: + - secretName + - shareName type: object - spec: - description: 'Spec defines the desired characteristics of a - volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + cephfs: + description: CephFS represents a Ceph FS mount on the host that + shares a pod's lifetime properties: - accessModes: - description: 'AccessModes contains the desired access modes - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + monitors: + description: 'Required: Monitors is a collection of Ceph monitors + More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' items: type: string type: array - dataSource: - description: This field requires the VolumeSnapshotDataSource - alpha feature gate to be enabled and currently VolumeSnapshot - is the only supported data source. If the provisioner - can support VolumeSnapshot data source, it will create - a new volume and data will be restored to the volume at - the same time. If the provisioner does not support VolumeSnapshot - data source, volume will not be created and the failure - will be reported as an event. In the future, we plan to - support more data source types and the behavior of the - provisioner may change. + path: + description: 'Optional: Used as the mounted root, rather than + the full Ceph tree, default is /' + type: string + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: boolean + secretFile: + description: 'Optional: SecretFile is the path to key ring + for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + type: string + secretRef: + description: 'Optional: SecretRef is reference to the authentication + secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, the - specified Kind must be in the core API group. For - any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being referenced - type: string name: - description: Name is the name of resource being referenced + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - kind - - name - type: object - resources: - description: 'Resources represents the minimum resources - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - type: string - description: 'Limits describes the maximum amount of - compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - type: string - description: 'Requests describes the minimum amount - of compute resources required. If Requests is omitted - for a container, it defaults to Limits if that is - explicitly specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - selector: - description: A label query over volumes to consider for - binding. - properties: - matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. - items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the selector - applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, - NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. - If the operator is In or NotIn, the values array - must be non-empty. If the operator is Exists - or DoesNotExist, the values array must be empty. - This array is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} pairs. - A single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field - is "key", the operator is "In", and the values array - contains only "value". The requirements are ANDed. - type: object type: object - storageClassName: - description: 'Name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + user: + description: 'Optional: User is the rados user name, default + is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' type: string - volumeMode: - description: volumeMode defines what type of volume is required - by the claim. Value of Filesystem is implied when not - included in claim spec. This is a beta feature. + required: + - monitors + type: object + cinder: + description: 'Cinder represents a cinder volume attached and mounted + on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string - volumeName: - description: VolumeName is the binding reference to the - PersistentVolume backing this claim. + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts. More + info: https://examples.k8s.io/mysql-cinder-pd/README.md' + type: boolean + secretRef: + description: 'Optional: points to a secret object containing + parameters used to connect to OpenStack.' + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeID: + description: 'volume id used to identify the volume in cinder. + More info: https://examples.k8s.io/mysql-cinder-pd/README.md' type: string + required: + - volumeID type: object - status: - description: 'Status represents the current information/status - of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + configMap: + description: ConfigMap represents a configMap that should populate + this volume properties: - accessModes: - description: 'AccessModes contains the actual access modes - the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - capacity: - additionalProperties: - type: string - description: Represents the actual resources of the underlying - volume. - type: object - conditions: - description: Current Condition of persistent volume claim. - If underlying persistent volume is being resized then - the Condition will be set to 'ResizeStarted'. + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the Data + field of the referenced ConfigMap will be projected into + the volume as a file whose name is the key and content is + the value. If specified, the listed keys will be projected + into the specified paths, and unlisted keys will not be + present. If a key is specified which is not present in the + ConfigMap, the volume setup will error unless it is marked + optional. Paths must be relative and may not contain the + '..' path or start with '..'. items: - description: PersistentVolumeClaimCondition contails details - about state of pvc + description: Maps a string key to a path within a volume. properties: - lastProbeTime: - description: Last time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transitioned - from one status to another. - format: date-time + key: + description: The key to project. type: string - message: - description: Human-readable message indicating details - about last transition. - type: string - reason: - description: Unique, this should be a short, machine - understandable string that gives the reason for - condition's last transition. If it reports "ResizeStarted" - that means the underlying persistent volume is being - resized. - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType is - a valid value of PersistentVolumeClaimCondition.Type + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. type: string required: - - status - - type + - key + - path type: object type: array - phase: - description: Phase represents the current phase of PersistentVolumeClaim. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string + optional: + description: Specify whether the ConfigMap or its keys must + be defined + type: boolean type: object - type: object - type: object - tracingConfig: - description: TracingConfig configures tracing in Thanos. This is an - experimental feature, it may change in any upcoming release in a breaking - way. - properties: - key: - description: The key of the secret to select from. Must be a valid - secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret or its key must be defined - type: boolean - required: - - key - type: object - volumes: - description: Volumes allows configuration of additional volumes on the - output StatefulSet definition. Volumes specified will be appended - to other volumes that are generated as a result of StorageSpec objects. - items: - description: Volume represents a named volume in a pod that may be - accessed by any container in the pod. - properties: - awsElasticBlockStore: - description: 'AWSElasticBlockStore represents an AWS Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty).' - format: int32 - type: integer - readOnly: - description: 'Specify "true" to force and set the ReadOnly - property in VolumeMounts to "true". If omitted, the default - is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: boolean - volumeID: - description: 'Unique ID of the persistent disk resource in - AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' - type: string - required: - - volumeID - type: object - azureDisk: - description: AzureDisk represents an Azure Data Disk mount on - the host and bind mount to the pod. - properties: - cachingMode: - description: 'Host Caching mode: None, Read Only, Read Write.' - type: string - diskName: - description: The Name of the data disk in the blob storage - type: string - diskURI: - description: The URI the data disk in the blob storage - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - kind: - description: 'Expected values Shared: multiple blob disks - per storage account Dedicated: single blob disk per storage - account Managed: azure managed data disk (only in managed - availability set). defaults to shared' - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - description: AzureFile represents an Azure File Service mount - on the host and bind mount to the pod. - properties: - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretName: - description: the name of secret that contains Azure Storage - Account Name and Key - type: string - shareName: - description: Share Name - type: string - required: - - secretName - - shareName - type: object - cephfs: - description: CephFS represents a Ceph FS mount on the host that - shares a pod's lifetime - properties: - monitors: - description: 'Required: Monitors is a collection of Ceph monitors - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - items: + csi: + description: CSI (Container Storage Interface) represents storage + that is handled by an external CSI driver (Alpha feature). + properties: + driver: + description: Driver is the name of the CSI driver that handles + this volume. Consult with your admin for the correct name + as registered in the cluster. type: string - type: array - path: - description: 'Optional: Used as the mounted root, rather than - the full Ceph tree, default is /' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: boolean - secretFile: - description: 'Optional: SecretFile is the path to key ring - for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - secretRef: - description: 'Optional: SecretRef is reference to the authentication - secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'Optional: User is the rados user name, default - is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' - type: string - required: - - monitors - type: object - cinder: - description: 'Cinder represents a cinder volume attached and mounted - on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Examples: "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. More - info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: boolean - secretRef: - description: 'Optional: points to a secret object containing - parameters used to connect to OpenStack.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeID: - description: 'volume id used to identify the volume in cinder. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' - type: string - required: - - volumeID - type: object - configMap: - description: ConfigMap represents a configMap that should populate - this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced ConfigMap will be projected into - the volume as a file whose name is the key and content is - the value. If specified, the listed keys will be projected - into the specified paths, and unlisted keys will not be - present. If a key is specified which is not present in the - ConfigMap, the volume setup will error unless it is marked - optional. Paths must be relative and may not contain the - '..' path or start with '..'. - items: - description: Maps a string key to a path within a volume. + fsType: + description: Filesystem type to mount. Ex. "ext4", "xfs", + "ntfs". If not provided, the empty value is passed to the + associated CSI driver which will determine the default filesystem + to apply. + type: string + nodePublishSecretRef: + description: NodePublishSecretRef is a reference to the secret + object containing sensitive information to pass to the CSI + driver to complete the CSI NodePublishVolume and NodeUnpublishVolume + calls. This field is optional, and may be empty if no secret + is required. If the secret object contains more than one + secret, all secret references are passed. properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - key - - path type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap or its keys must - be defined - type: boolean - type: object - csi: - description: CSI (Container Storage Interface) represents storage - that is handled by an external CSI driver (Alpha feature). - properties: - driver: - description: Driver is the name of the CSI driver that handles - this volume. Consult with your admin for the correct name - as registered in the cluster. - type: string - fsType: - description: Filesystem type to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed to the - associated CSI driver which will determine the default filesystem - to apply. - type: string - nodePublishSecretRef: - description: NodePublishSecretRef is a reference to the secret - object containing sensitive information to pass to the CSI - driver to complete the CSI NodePublishVolume and NodeUnpublishVolume - calls. This field is optional, and may be empty if no secret - is required. If the secret object contains more than one - secret, all secret references are passed. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + readOnly: + description: Specifies a read-only configuration for the volume. + Defaults to false (read/write). + type: boolean + volumeAttributes: + additionalProperties: type: string - type: object - readOnly: - description: Specifies a read-only configuration for the volume. - Defaults to false (read/write). - type: boolean - volumeAttributes: - additionalProperties: - type: string - description: VolumeAttributes stores driver-specific properties - that are passed to the CSI driver. Consult your driver's - documentation for supported values. - type: object - required: - - driver - type: object - downwardAPI: - description: DownwardAPI represents downward API about the pod - that should populate this volume - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: Items is a list of downward API volume file + description: VolumeAttributes stores driver-specific properties + that are passed to the CSI driver. Consult your driver's + documentation for supported values. + type: object + required: + - driver + type: object + downwardAPI: + description: DownwardAPI represents downward API about the pod + that should populate this volume + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field + description: Items is a list of downward API volume file + items: + description: DownwardAPIVolumeFile represents information + to create the file containing the pod field + properties: + fieldRef: + description: 'Required: Selects a field of the pod: + only annotations, labels, name and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the FieldPath + is written in terms of, defaults to "v1". + type: string + fieldPath: + description: Path of the field to select in the + specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative path name + of the file to be created. Must not be absolute or + contain the ''..'' path. Must be utf-8 encoded. The + first item of the relative path must not start with + ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: only + resources limits and requests (limits.cpu, limits.memory, + requests.cpu and requests.memory) are currently supported.' + properties: + containerName: + description: 'Container name: required for volumes, + optional for env vars' + type: string + divisor: + description: Specifies the output format of the + exposed resources, defaults to "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + description: 'EmptyDir represents a temporary directory that shares + a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + properties: + medium: + description: 'What type of storage medium should back this + directory. The default is "" which means to use the node''s + default medium. Must be an empty string (default) or Memory. + More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + type: string + sizeLimit: + description: 'Total amount of local storage required for this + EmptyDir volume. The size limit is also applicable for memory + medium. The maximum usage on memory medium EmptyDir would + be the minimum value between the SizeLimit specified here + and the sum of memory limits of all containers in a pod. + The default is nil which means that the limit is undefined. + More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + type: string + type: object + fc: + description: FC represents a Fibre Channel resource that is attached + to a kubelet's host machine and then exposed to the pod. + properties: + fsType: + description: 'Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + lun: + description: 'Optional: FC target lun number' + format: int32 + type: integer + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + targetWWNs: + description: 'Optional: FC target worldwide names (WWNs)' + items: + type: string + type: array + wwids: + description: 'Optional: FC volume world wide identifiers (wwids) + Either wwids or combination of targetWWNs and lun must be + set, but not both simultaneously.' + items: + type: string + type: array + type: object + flexVolume: + description: FlexVolume represents a generic volume resource that + is provisioned/attached using an exec based plugin. + properties: + driver: + description: Driver is the name of the driver to use for this + volume. + type: string + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". The default filesystem depends on FlexVolume + script. + type: string + options: + additionalProperties: + type: string + description: 'Optional: Extra command options if any.' + type: object + readOnly: + description: 'Optional: Defaults to false (read/write). ReadOnly + here will force the ReadOnly setting in VolumeMounts.' + type: boolean + secretRef: + description: 'Optional: SecretRef is reference to the secret + object containing sensitive information to pass to the plugin + scripts. This may be empty if no secret object is specified. + If the secret object contains more than one secret, all + secrets are passed to the plugin scripts.' properties: - fieldRef: - description: 'Required: Selects a field of the pod: - only annotations, labels, name and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative path name - of the file to be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 encoded. The - first item of the relative path must not start with - ''..''' + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - description: Specifies the output format of the - exposed resources, defaults to "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path type: object - type: array - type: object - emptyDir: - description: 'EmptyDir represents a temporary directory that shares - a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - properties: - medium: - description: 'What type of storage medium should back this - directory. The default is "" which means to use the node''s - default medium. Must be an empty string (default) or Memory. - More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' - type: string - sizeLimit: - description: 'Total amount of local storage required for this - EmptyDir volume. The size limit is also applicable for memory - medium. The maximum usage on memory medium EmptyDir would - be the minimum value between the SizeLimit specified here - and the sum of memory limits of all containers in a pod. - The default is nil which means that the limit is undefined. - More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' - type: string - type: object - fc: - description: FC represents a Fibre Channel resource that is attached - to a kubelet's host machine and then exposed to the pod. - properties: - fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - lun: - description: 'Optional: FC target lun number' - format: int32 - type: integer - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - targetWWNs: - description: 'Optional: FC target worldwide names (WWNs)' - items: + required: + - driver + type: object + flocker: + description: Flocker represents a Flocker volume attached to a + kubelet's host machine. This depends on the Flocker control + service being running + properties: + datasetName: + description: Name of the dataset stored as metadata -> name + on the dataset for Flocker should be considered as deprecated type: string - type: array - wwids: - description: 'Optional: FC volume world wide identifiers (wwids) - Either wwids or combination of targetWWNs and lun must be - set, but not both simultaneously.' - items: + datasetUUID: + description: UUID of the dataset. This is unique identifier + of a Flocker dataset type: string - type: array - type: object - flexVolume: - description: FlexVolume represents a generic volume resource that - is provisioned/attached using an exec based plugin. - properties: - driver: - description: Driver is the name of the driver to use for this - volume. - type: string - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends on FlexVolume - script. - type: string - options: - additionalProperties: + type: object + gcePersistentDisk: + description: 'GCEPersistentDisk represents a GCE Disk resource + that is attached to a kubelet''s host machine and then exposed + to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk + TODO: how do we prevent errors in the filesystem from compromising + the machine' type: string - description: 'Optional: Extra command options if any.' - type: object - readOnly: - description: 'Optional: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts.' - type: boolean - secretRef: - description: 'Optional: SecretRef is reference to the secret - object containing sensitive information to pass to the plugin - scripts. This may be empty if no secret object is specified. - If the secret object contains more than one secret, all - secrets are passed to the plugin scripts.' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - required: - - driver - type: object - flocker: - description: Flocker represents a Flocker volume attached to a - kubelet's host machine. This depends on the Flocker control - service being running - properties: - datasetName: - description: Name of the dataset stored as metadata -> name - on the dataset for Flocker should be considered as deprecated - type: string - datasetUUID: - description: UUID of the dataset. This is unique identifier - of a Flocker dataset - type: string - type: object - gcePersistentDisk: - description: 'GCEPersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - partition: - description: 'The partition in the volume that you want to - mount. If omitted, the default is to mount by volume name. - Examples: For volume /dev/sda1, you specify the partition - as "1". Similarly, the volume partition for /dev/sda is - "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - format: int32 - type: integer - pdName: - description: 'Unique name of the PD resource in GCE. Used - to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' - type: boolean - required: - - pdName - type: object - gitRepo: - description: 'GitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision a - container with a git repo, mount an EmptyDir into an InitContainer - that clones the repo using git, then mount the EmptyDir into - the Pod''s container.' - properties: - directory: - description: Target directory name. Must not contain or start - with '..'. If '.' is supplied, the volume directory will - be the git repository. Otherwise, if specified, the volume - will contain the git repository in the subdirectory with - the given name. - type: string - repository: - description: Repository URL - type: string - revision: - description: Commit hash for the specified revision. - type: string - required: - - repository - type: object - glusterfs: - description: 'Glusterfs represents a Glusterfs mount on the host - that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' - properties: - endpoints: - description: 'EndpointsName is the endpoint name that details - Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - path: - description: 'Path is the Glusterfs volume path. More info: - https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: string - readOnly: - description: 'ReadOnly here will force the Glusterfs volume - to be mounted with read-only permissions. Defaults to false. - More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' - type: boolean - required: - - endpoints - - path - type: object - hostPath: - description: 'HostPath represents a pre-existing file or directory - on the host machine that is directly exposed to the container. - This is generally used for system agents or other privileged - things that are allowed to see the host machine. Most containers - will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host directory - mounts and who can/can not mount host directories as read/write.' - properties: - path: - description: 'Path of the directory on the host. If the path - is a symlink, it will follow the link to the real path. - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - type: - description: 'Type for HostPath Volume Defaults to "" More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' - type: string - required: - - path - type: object - iscsi: - description: 'ISCSI represents an ISCSI Disk resource that is - attached to a kubelet''s host machine and then exposed to the - pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' - properties: - chapAuthDiscovery: - description: whether support iSCSI Discovery CHAP authentication - type: boolean - chapAuthSession: - description: whether support iSCSI Session CHAP authentication - type: boolean - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - initiatorName: - description: Custom iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, new iSCSI - interface : will be created - for the connection. - type: string - iqn: - description: Target iSCSI Qualified Name. - type: string - iscsiInterface: - description: iSCSI Interface Name that uses an iSCSI transport. - Defaults to 'default' (tcp). - type: string - lun: - description: iSCSI Target Lun number. - format: int32 - type: integer - portals: - description: iSCSI Target Portal List. The portal is either - an IP or ip_addr:port if the port is other than default - (typically TCP ports 860 and 3260). - items: + partition: + description: 'The partition in the volume that you want to + mount. If omitted, the default is to mount by volume name. + Examples: For volume /dev/sda1, you specify the partition + as "1". Similarly, the volume partition for /dev/sda is + "0" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + format: int32 + type: integer + pdName: + description: 'Unique name of the PD resource in GCE. Used + to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' type: string - type: array - readOnly: - description: ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. - type: boolean - secretRef: - description: CHAP Secret for iSCSI target and initiator authentication - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + type: boolean + required: + - pdName + type: object + gitRepo: + description: 'GitRepo represents a git repository at a particular + revision. DEPRECATED: GitRepo is deprecated. To provision a + container with a git repo, mount an EmptyDir into an InitContainer + that clones the repo using git, then mount the EmptyDir into + the Pod''s container.' + properties: + directory: + description: Target directory name. Must not contain or start + with '..'. If '.' is supplied, the volume directory will + be the git repository. Otherwise, if specified, the volume + will contain the git repository in the subdirectory with + the given name. + type: string + repository: + description: Repository URL + type: string + revision: + description: Commit hash for the specified revision. + type: string + required: + - repository + type: object + glusterfs: + description: 'Glusterfs represents a Glusterfs mount on the host + that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + properties: + endpoints: + description: 'EndpointsName is the endpoint name that details + Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + path: + description: 'Path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: string + readOnly: + description: 'ReadOnly here will force the Glusterfs volume + to be mounted with read-only permissions. Defaults to false. + More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + type: boolean + required: + - endpoints + - path + type: object + hostPath: + description: 'HostPath represents a pre-existing file or directory + on the host machine that is directly exposed to the container. + This is generally used for system agents or other privileged + things that are allowed to see the host machine. Most containers + will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath + --- TODO(jonesdl) We need to restrict who can use host directory + mounts and who can/can not mount host directories as read/write.' + properties: + path: + description: 'Path of the directory on the host. If the path + is a symlink, it will follow the link to the real path. + More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + type: + description: 'Type for HostPath Volume Defaults to "" More + info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + type: string + required: + - path + type: object + iscsi: + description: 'ISCSI represents an ISCSI Disk resource that is + attached to a kubelet''s host machine and then exposed to the + pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + properties: + chapAuthDiscovery: + description: whether support iSCSI Discovery CHAP authentication + type: boolean + chapAuthSession: + description: whether support iSCSI Session CHAP authentication + type: boolean + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + initiatorName: + description: Custom iSCSI Initiator Name. If initiatorName + is specified with iscsiInterface simultaneously, new iSCSI + interface : will be created + for the connection. + type: string + iqn: + description: Target iSCSI Qualified Name. + type: string + iscsiInterface: + description: iSCSI Interface Name that uses an iSCSI transport. + Defaults to 'default' (tcp). + type: string + lun: + description: iSCSI Target Lun number. + format: int32 + type: integer + portals: + description: iSCSI Target Portal List. The portal is either + an IP or ip_addr:port if the port is other than default + (typically TCP ports 860 and 3260). + items: type: string - type: object - targetPortal: - description: iSCSI Target Portal. The Portal is either an - IP or ip_addr:port if the port is other than default (typically - TCP ports 860 and 3260). - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - description: 'Volume''s name. Must be a DNS_LABEL and unique within - the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - nfs: - description: 'NFS represents an NFS mount on the host that shares - a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - properties: - path: - description: 'Path that is exported by the NFS server. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - readOnly: - description: 'ReadOnly here will force the NFS export to be - mounted with read-only permissions. Defaults to false. More - info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: boolean - server: - description: 'Server is the hostname or IP address of the - NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource represents a reference - to a PersistentVolumeClaim in the same namespace. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - properties: - claimName: - description: 'ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' - type: string - readOnly: - description: Will force the ReadOnly setting in VolumeMounts. - Default false. - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - description: PhotonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - pdID: - description: ID that identifies Photon Controller persistent - disk - type: string - required: - - pdID - type: object - portworxVolume: - description: PortworxVolume represents a portworx volume attached - and mounted on kubelets host machine - properties: - fsType: - description: FSType represents the filesystem type to mount - Must be a filesystem type supported by the host operating - system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" - if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - volumeID: - description: VolumeID uniquely identifies a Portworx volume - type: string - required: - - volumeID - type: object - projected: - description: Items for all in one resources secrets, configmaps, - and downward API - properties: - defaultMode: - description: Mode bits to use on created files by default. - Must be a value between 0 and 0777. Directories within the - path are not affected by this setting. This might be in - conflict with other options that affect the file mode, like - fsGroup, and the result can be other mode bits set. - format: int32 - type: integer - sources: - description: list of volume projections - items: - description: Projection that may be projected along with - other supported volume types + type: array + readOnly: + description: ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. + type: boolean + secretRef: + description: CHAP Secret for iSCSI target and initiator authentication properties: - configMap: - description: information about the configMap data to - project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced ConfigMap - will be projected into the volume as a file whose - name is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the ConfigMap, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + targetPortal: + description: iSCSI Target Portal. The Portal is either an + IP or ip_addr:port if the port is other than default (typically + TCP ports 860 and 3260). + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + description: 'Volume''s name. Must be a DNS_LABEL and unique within + the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + nfs: + description: 'NFS represents an NFS mount on the host that shares + a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + properties: + path: + description: 'Path that is exported by the NFS server. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + readOnly: + description: 'ReadOnly here will force the NFS export to be + mounted with read-only permissions. Defaults to false. More + info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: boolean + server: + description: 'Server is the hostname or IP address of the + NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + description: 'PersistentVolumeClaimVolumeSource represents a reference + to a PersistentVolumeClaim in the same namespace. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + properties: + claimName: + description: 'ClaimName is the name of a PersistentVolumeClaim + in the same namespace as the pod using this volume. More + info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + type: string + readOnly: + description: Will force the ReadOnly setting in VolumeMounts. + Default false. + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + description: PhotonPersistentDisk represents a PhotonController + persistent disk attached and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + pdID: + description: ID that identifies Photon Controller persistent + disk + type: string + required: + - pdID + type: object + portworxVolume: + description: PortworxVolume represents a portworx volume attached + and mounted on kubelets host machine + properties: + fsType: + description: FSType represents the filesystem type to mount + Must be a filesystem type supported by the host operating + system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" + if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + volumeID: + description: VolumeID uniquely identifies a Portworx volume + type: string + required: + - volumeID + type: object + projected: + description: Items for all in one resources secrets, configmaps, + and downward API + properties: + defaultMode: + description: Mode bits to use on created files by default. + Must be a value between 0 and 0777. Directories within the + path are not affected by this setting. This might be in + conflict with other options that affect the file mode, like + fsGroup, and the result can be other mode bits set. + format: int32 + type: integer + sources: + description: list of volume projections + items: + description: Projection that may be projected along with + other supported volume types + properties: + configMap: + description: information about the configMap data to + project + properties: items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - keys must be defined - type: boolean - type: object - downwardAPI: - description: information about the downwardAPI data - to project - properties: - items: - description: Items is a list of DownwardAPIVolume - file + description: If unspecified, each key-value pair + in the Data field of the referenced ConfigMap + will be projected into the volume as a file whose + name is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the ConfigMap, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the ConfigMap or its + keys must be defined + type: boolean + type: object + downwardAPI: + description: information about the downwardAPI data + to project + properties: items: - description: DownwardAPIVolumeFile represents - information to create the file containing the - pod field - properties: - fieldRef: - description: 'Required: Selects a field of - the pod: only annotations, labels, name - and namespace are supported.' - properties: - apiVersion: - description: Version of the schema the - FieldPath is written in terms of, defaults - to "v1". - type: string - fieldPath: - description: Path of the field to select - in the specified API version. - type: string - required: - - fieldPath - type: object - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: 'Required: Path is the relative - path name of the file to be created. Must - not be absolute or contain the ''..'' path. - Must be utf-8 encoded. The first item of - the relative path must not start with ''..''' - type: string - resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' - properties: - containerName: - description: 'Container name: required - for volumes, optional for env vars' - type: string - divisor: - description: Specifies the output format - of the exposed resources, defaults to - "1" - type: string - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - required: - - path - type: object - type: array - type: object - secret: - description: information about the secret data to project - properties: - items: - description: If unspecified, each key-value pair - in the Data field of the referenced Secret will - be projected into the volume as a file whose name - is the key and content is the value. If specified, - the listed keys will be projected into the specified - paths, and unlisted keys will not be present. - If a key is specified which is not present in - the Secret, the volume setup will error unless - it is marked optional. Paths must be relative - and may not contain the '..' path or start with - '..'. + description: Items is a list of DownwardAPIVolume + file + items: + description: DownwardAPIVolumeFile represents + information to create the file containing the + pod field + properties: + fieldRef: + description: 'Required: Selects a field of + the pod: only annotations, labels, name + and namespace are supported.' + properties: + apiVersion: + description: Version of the schema the + FieldPath is written in terms of, defaults + to "v1". + type: string + fieldPath: + description: Path of the field to select + in the specified API version. + type: string + required: + - fieldPath + type: object + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: 'Required: Path is the relative + path name of the file to be created. Must + not be absolute or contain the ''..'' path. + Must be utf-8 encoded. The first item of + the relative path must not start with ''..''' + type: string + resourceFieldRef: + description: 'Selects a resource of the container: + only resources limits and requests (limits.cpu, + limits.memory, requests.cpu and requests.memory) + are currently supported.' + properties: + containerName: + description: 'Container name: required + for volumes, optional for env vars' + type: string + divisor: + description: Specifies the output format + of the exposed resources, defaults to + "1" + type: string + resource: + description: 'Required: resource to select' + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + description: information about the secret data to project + properties: items: - description: Maps a string key to a path within - a volume. - properties: - key: - description: The key to project. - type: string - mode: - description: 'Optional: mode bits to use on - this file, must be a value between 0 and - 0777. If not specified, the volume defaultMode - will be used. This might be in conflict - with other options that affect the file - mode, like fsGroup, and the result can be - other mode bits set.' - format: int32 - type: integer - path: - description: The relative path of the file - to map the key to. May not be an absolute - path. May not contain the path element '..'. - May not start with the string '..'. - type: string - required: - - key - - path - type: object - type: array - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - type: object - serviceAccountToken: - description: information about the serviceAccountToken - data to project - properties: - audience: - description: Audience is the intended audience of - the token. A recipient of a token must identify - itself with an identifier specified in the audience - of the token, and otherwise should reject the - token. The audience defaults to the identifier - of the apiserver. - type: string - expirationSeconds: - description: ExpirationSeconds is the requested - duration of validity of the service account token. - As the token approaches expiration, the kubelet - volume plugin will proactively rotate the service - account token. The kubelet will start trying to - rotate the token if the token is older than 80 - percent of its time to live or if the token is - older than 24 hours.Defaults to 1 hour and must - be at least 10 minutes. - format: int64 - type: integer - path: - description: Path is the path relative to the mount - point of the file to project the token into. - type: string - required: - - path - type: object - type: object - type: array - required: - - sources - type: object - quobyte: - description: Quobyte represents a Quobyte mount on the host that - shares a pod's lifetime - properties: - group: - description: Group to map volume access to Default is no group - type: string - readOnly: - description: ReadOnly here will force the Quobyte volume to - be mounted with read-only permissions. Defaults to false. - type: boolean - registry: - description: Registry represents a single or multiple Quobyte - Registry services specified as a string as host:port pair - (multiple entries are separated with commas) which acts - as the central registry for volumes - type: string - tenant: - description: Tenant owning the given Quobyte volume in the - Backend Used with dynamically provisioned Quobyte volumes, - value is set by the plugin - type: string - user: - description: User to map volume access to Defaults to serivceaccount - user - type: string - volume: - description: Volume is a string that references an already - created Quobyte volume by name. - type: string - required: - - registry - - volume - type: object - rbd: - description: 'RBD represents a Rados Block Device mount on the - host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' - properties: - fsType: - description: 'Filesystem type of the volume that you want - to mount. Tip: Ensure that the filesystem type is supported - by the host operating system. Examples: "ext4", "xfs", "ntfs". - Implicitly inferred to be "ext4" if unspecified. More info: - https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from compromising - the machine' - type: string - image: - description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - keyring: - description: 'Keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - monitors: - description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - items: + description: If unspecified, each key-value pair + in the Data field of the referenced Secret will + be projected into the volume as a file whose name + is the key and content is the value. If specified, + the listed keys will be projected into the specified + paths, and unlisted keys will not be present. + If a key is specified which is not present in + the Secret, the volume setup will error unless + it is marked optional. Paths must be relative + and may not contain the '..' path or start with + '..'. + items: + description: Maps a string key to a path within + a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on + this file, must be a value between 0 and + 0777. If not specified, the volume defaultMode + will be used. This might be in conflict + with other options that affect the file + mode, like fsGroup, and the result can be + other mode bits set.' + format: int32 + type: integer + path: + description: The relative path of the file + to map the key to. May not be an absolute + path. May not contain the path element '..'. + May not start with the string '..'. + type: string + required: + - key + - path + type: object + type: array + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, + uid?' + type: string + optional: + description: Specify whether the Secret or its key + must be defined + type: boolean + type: object + serviceAccountToken: + description: information about the serviceAccountToken + data to project + properties: + audience: + description: Audience is the intended audience of + the token. A recipient of a token must identify + itself with an identifier specified in the audience + of the token, and otherwise should reject the + token. The audience defaults to the identifier + of the apiserver. + type: string + expirationSeconds: + description: ExpirationSeconds is the requested + duration of validity of the service account token. + As the token approaches expiration, the kubelet + volume plugin will proactively rotate the service + account token. The kubelet will start trying to + rotate the token if the token is older than 80 + percent of its time to live or if the token is + older than 24 hours.Defaults to 1 hour and must + be at least 10 minutes. + format: int64 + type: integer + path: + description: Path is the path relative to the mount + point of the file to project the token into. + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + description: Quobyte represents a Quobyte mount on the host that + shares a pod's lifetime + properties: + group: + description: Group to map volume access to Default is no group type: string - type: array - pool: - description: 'The rados pool name. Default is rbd. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - readOnly: - description: 'ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: boolean - secretRef: - description: 'SecretRef is name of the authentication secret - for RBDUser. If provided overrides keyring. Default is nil. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - user: - description: 'The rados user name. Default is admin. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' - type: string - required: - - image - - monitors - type: object - scaleIO: - description: ScaleIO represents a ScaleIO persistent volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". - type: string - gateway: - description: The host address of the ScaleIO API Gateway. - type: string - protectionDomain: - description: The name of the ScaleIO Protection Domain for - the configured storage. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef references to the secret for ScaleIO - user and other sensitive information. If this is not provided, - Login operation will fail. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + readOnly: + description: ReadOnly here will force the Quobyte volume to + be mounted with read-only permissions. Defaults to false. + type: boolean + registry: + description: Registry represents a single or multiple Quobyte + Registry services specified as a string as host:port pair + (multiple entries are separated with commas) which acts + as the central registry for volumes + type: string + tenant: + description: Tenant owning the given Quobyte volume in the + Backend Used with dynamically provisioned Quobyte volumes, + value is set by the plugin + type: string + user: + description: User to map volume access to Defaults to serivceaccount + user + type: string + volume: + description: Volume is a string that references an already + created Quobyte volume by name. + type: string + required: + - registry + - volume + type: object + rbd: + description: 'RBD represents a Rados Block Device mount on the + host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md' + properties: + fsType: + description: 'Filesystem type of the volume that you want + to mount. Tip: Ensure that the filesystem type is supported + by the host operating system. Examples: "ext4", "xfs", "ntfs". + Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd + TODO: how do we prevent errors in the filesystem from compromising + the machine' + type: string + image: + description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + keyring: + description: 'Keyring is the path to key ring for RBDUser. + Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + monitors: + description: 'A collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + items: type: string - type: object - sslEnabled: - description: Flag to enable/disable SSL communication with - Gateway, default false - type: boolean - storageMode: - description: Indicates whether the storage for a volume should - be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. - type: string - storagePool: - description: The ScaleIO Storage Pool associated with the - protection domain. - type: string - system: - description: The name of the storage system as configured - in ScaleIO. - type: string - volumeName: - description: The name of a volume already created in the ScaleIO - system that is associated with this volume source. - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - description: 'Secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - properties: - defaultMode: - description: 'Optional: mode bits to use on created files - by default. Must be a value between 0 and 0777. Defaults - to 0644. Directories within the path are not affected by - this setting. This might be in conflict with other options - that affect the file mode, like fsGroup, and the result - can be other mode bits set.' - format: int32 - type: integer - items: - description: If unspecified, each key-value pair in the Data - field of the referenced Secret will be projected into the - volume as a file whose name is the key and content is the - value. If specified, the listed keys will be projected into - the specified paths, and unlisted keys will not be present. - If a key is specified which is not present in the Secret, - the volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' path - or start with '..'. - items: - description: Maps a string key to a path within a volume. + type: array + pool: + description: 'The rados pool name. Default is rbd. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + readOnly: + description: 'ReadOnly here will force the ReadOnly setting + in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: boolean + secretRef: + description: 'SecretRef is name of the authentication secret + for RBDUser. If provided overrides keyring. Default is nil. + More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' properties: - key: - description: The key to project. + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - mode: - description: 'Optional: mode bits to use on this file, - must be a value between 0 and 0777. If not specified, - the volume defaultMode will be used. This might be - in conflict with other options that affect the file - mode, like fsGroup, and the result can be other mode - bits set.' - format: int32 - type: integer - path: - description: The relative path of the file to map the - key to. May not be an absolute path. May not contain - the path element '..'. May not start with the string - '..'. + type: object + user: + description: 'The rados user name. Default is admin. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + type: string + required: + - image + - monitors + type: object + scaleIO: + description: ScaleIO represents a ScaleIO persistent volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Default is "xfs". + type: string + gateway: + description: The host address of the ScaleIO API Gateway. + type: string + protectionDomain: + description: The name of the ScaleIO Protection Domain for + the configured storage. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef references to the secret for ScaleIO + user and other sensitive information. If this is not provided, + Login operation will fail. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' type: string - required: - - key - - path type: object - type: array - optional: - description: Specify whether the Secret or its keys must be - defined - type: boolean - secretName: - description: 'Name of the secret in the pod''s namespace to - use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' - type: string - type: object - storageos: - description: StorageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - readOnly: - description: Defaults to false (read/write). ReadOnly here - will force the ReadOnly setting in VolumeMounts. - type: boolean - secretRef: - description: SecretRef specifies the secret to use for obtaining - the StorageOS API credentials. If not specified, default - values will be attempted. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - volumeName: - description: VolumeName is the human-readable name of the - StorageOS volume. Volume names are only unique within a - namespace. - type: string - volumeNamespace: - description: VolumeNamespace specifies the scope of the volume - within StorageOS. If no namespace is specified then the - Pod's namespace will be used. This allows the Kubernetes - name scoping to be mirrored within StorageOS for tighter - integration. Set VolumeName to any name to override the - default behaviour. Set to "default" if you are not using - namespaces within StorageOS. Namespaces that do not pre-exist - within StorageOS will be created. - type: string - type: object - vsphereVolume: - description: VsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine - properties: - fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - type: string - storagePolicyID: - description: Storage Policy Based Management (SPBM) profile - ID associated with the StoragePolicyName. - type: string - storagePolicyName: - description: Storage Policy Based Management (SPBM) profile - name. - type: string - volumePath: - description: Path that identifies vSphere volume vmdk - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - required: - - queryEndpoints - type: object - status: - description: 'Most recent observed status of the ThanosRuler cluster. Read-only. - Not included when requesting from the apiserver, only from the ThanosRuler - Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' - properties: - availableReplicas: - description: Total number of available pods (ready for at least minReadySeconds) - targeted by this ThanosRuler deployment. - format: int32 - type: integer - paused: - description: Represents whether any actions on the underlying managed - objects are being performed. Only delete actions will be performed. - type: boolean - replicas: - description: Total number of non-terminated pods targeted by this ThanosRuler - deployment (their labels match the selector). - format: int32 - type: integer - unavailableReplicas: - description: Total number of unavailable pods targeted by this ThanosRuler - deployment. - format: int32 - type: integer - updatedReplicas: - description: Total number of non-terminated pods targeted by this ThanosRuler - deployment that have the desired version spec. - format: int32 - type: integer - required: - - availableReplicas - - paused - - replicas - - unavailableReplicas - - updatedReplicas - type: object - required: - - spec - type: object - version: v1 - versions: - - name: v1 + sslEnabled: + description: Flag to enable/disable SSL communication with + Gateway, default false + type: boolean + storageMode: + description: Indicates whether the storage for a volume should + be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned. + type: string + storagePool: + description: The ScaleIO Storage Pool associated with the + protection domain. + type: string + system: + description: The name of the storage system as configured + in ScaleIO. + type: string + volumeName: + description: The name of a volume already created in the ScaleIO + system that is associated with this volume source. + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + description: 'Secret represents a secret that should populate + this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + properties: + defaultMode: + description: 'Optional: mode bits to use on created files + by default. Must be a value between 0 and 0777. Defaults + to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options + that affect the file mode, like fsGroup, and the result + can be other mode bits set.' + format: int32 + type: integer + items: + description: If unspecified, each key-value pair in the Data + field of the referenced Secret will be projected into the + volume as a file whose name is the key and content is the + value. If specified, the listed keys will be projected into + the specified paths, and unlisted keys will not be present. + If a key is specified which is not present in the Secret, + the volume setup will error unless it is marked optional. + Paths must be relative and may not contain the '..' path + or start with '..'. + items: + description: Maps a string key to a path within a volume. + properties: + key: + description: The key to project. + type: string + mode: + description: 'Optional: mode bits to use on this file, + must be a value between 0 and 0777. If not specified, + the volume defaultMode will be used. This might be + in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode + bits set.' + format: int32 + type: integer + path: + description: The relative path of the file to map the + key to. May not be an absolute path. May not contain + the path element '..'. May not start with the string + '..'. + type: string + required: + - key + - path + type: object + type: array + optional: + description: Specify whether the Secret or its keys must be + defined + type: boolean + secretName: + description: 'Name of the secret in the pod''s namespace to + use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + type: string + type: object + storageos: + description: StorageOS represents a StorageOS volume attached + and mounted on Kubernetes nodes. + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + readOnly: + description: Defaults to false (read/write). ReadOnly here + will force the ReadOnly setting in VolumeMounts. + type: boolean + secretRef: + description: SecretRef specifies the secret to use for obtaining + the StorageOS API credentials. If not specified, default + values will be attempted. + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + type: object + volumeName: + description: VolumeName is the human-readable name of the + StorageOS volume. Volume names are only unique within a + namespace. + type: string + volumeNamespace: + description: VolumeNamespace specifies the scope of the volume + within StorageOS. If no namespace is specified then the + Pod's namespace will be used. This allows the Kubernetes + name scoping to be mirrored within StorageOS for tighter + integration. Set VolumeName to any name to override the + default behaviour. Set to "default" if you are not using + namespaces within StorageOS. Namespaces that do not pre-exist + within StorageOS will be created. + type: string + type: object + vsphereVolume: + description: VsphereVolume represents a vSphere volume attached + and mounted on kubelets host machine + properties: + fsType: + description: Filesystem type to mount. Must be a filesystem + type supported by the host operating system. Ex. "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. + type: string + storagePolicyID: + description: Storage Policy Based Management (SPBM) profile + ID associated with the StoragePolicyName. + type: string + storagePolicyName: + description: Storage Policy Based Management (SPBM) profile + name. + type: string + volumePath: + description: Path that identifies vSphere volume vmdk + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + required: + - queryEndpoints + type: object + status: + description: 'Most recent observed status of the ThanosRuler cluster. Read-only. + Not included when requesting from the apiserver, only from the ThanosRuler + Operator API itself. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + properties: + availableReplicas: + description: Total number of available pods (ready for at least minReadySeconds) + targeted by this ThanosRuler deployment. + format: int32 + type: integer + paused: + description: Represents whether any actions on the underlying managed + objects are being performed. Only delete actions will be performed. + type: boolean + replicas: + description: Total number of non-terminated pods targeted by this ThanosRuler + deployment (their labels match the selector). + format: int32 + type: integer + unavailableReplicas: + description: Total number of unavailable pods targeted by this ThanosRuler + deployment. + format: int32 + type: integer + updatedReplicas: + description: Total number of non-terminated pods targeted by this ThanosRuler + deployment that have the desired version spec. + format: int32 + type: integer + required: + - availableReplicas + - paused + - replicas + - unavailableReplicas + - updatedReplicas + type: object + required: + - spec + type: object served: true storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml index 66dde45a12..542d6bd309 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml @@ -3,7 +3,7 @@ {{- $servicePort := .Values.alertmanager.service.port -}} {{- $routePrefix := .Values.alertmanager.alertmanagerSpec.routePrefix }} --- -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ $serviceName }} @@ -19,10 +19,14 @@ spec: - host: {{ .Values.global.domain }} http: paths: - - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - path: {{ $routePrefix }} + - path: {{ $routePrefix }} + pathType: Prefix + backend: + service: + name: {{ $serviceName }} + port: + number: {{ $servicePort }} + tls: - hosts: - {{ .Values.global.domain }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml index ad1bde287a..026083bba5 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/clusterrole.yaml @@ -16,6 +16,8 @@ rules: - apiGroups: - monitoring.coreos.com resources: + - probes + - alertmanagerconfigs - alertmanagers - prometheuses - thanosrulers diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml index 84bdeea039..89ac413795 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/deployment.yaml @@ -33,7 +33,6 @@ spec: image: "{{ .Values.prometheusOperator.image.repository }}:{{ .Values.prometheusOperator.image.tag }}" imagePullPolicy: "{{ .Values.prometheusOperator.image.pullPolicy }}" args: - - --manage-crds={{ $.Values.prometheusOperator.manageCrds }} {{- if .Values.prometheusOperator.kubeletService.enabled }} - --kubelet-service={{ .Values.prometheusOperator.kubeletService.namespace }}/{{ template "prometheus-operator.fullname" . }}-kubelet {{- end }} @@ -53,12 +52,8 @@ spec: {{- end }} - --namespaces={{ $ns | join "," }} {{- end }} - - --logtostderr=true - --localhost=127.0.0.1 - --prometheus-config-reloader={{ .Values.prometheusOperator.prometheusConfigReloaderImage.repository }}:{{ .Values.prometheusOperator.prometheusConfigReloaderImage.tag }} - - --config-reloader-image={{ .Values.prometheusOperator.configmapReloadImage.repository }}:{{ .Values.prometheusOperator.configmapReloadImage.tag }} - - --config-reloader-cpu={{ .Values.prometheusOperator.configReloaderCpu }} - - --config-reloader-memory={{ .Values.prometheusOperator.configReloaderMemory }} ports: - containerPort: 8080 name: http diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index 8eb4c4b26e..c8b0b7cc00 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1253,21 +1253,21 @@ prometheusOperator: ## Prometheus-operator image ## image: - repository: quay.io/coreos/prometheus-operator - tag: v0.37.0 + repository: quay.io/prometheus-operator/prometheus-operator + tag: v0.55.0 pullPolicy: IfNotPresent ## Configmap-reload image to use for reloading configmaps ## configmapReloadImage: - repository: quay.io/coreos/configmap-reload - tag: v0.0.1 + repository: jimmidyson/configmap-reload + tag: v0.4.0 ## Prometheus-config-reloader image to use for config and rule reloading ## prometheusConfigReloaderImage: - repository: quay.io/coreos/prometheus-config-reloader - tag: v0.37.0 + repository: quay.io/prometheus-operator/prometheus-config-reloader + tag: v0.55.0 ## Set the prometheus config reloader side-car CPU limit ## From 88c0c1e730ac026238dc5393ac0c2fcf90b78370 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 5 Jul 2023 11:33:56 +0530 Subject: [PATCH 223/742] Unified urban (#1792) * added urban yaml files and charts in unified-env branch * updated urban yaml files name --------- Co-authored-by: Harish-egov --- config-as-code/.sops.yaml | 8 - deploy-as-code/helm/.sops.yaml | 6 +- .../egov-user-event/Chart.yaml | 26 --- .../egov-user-event/values.yaml | 88 ----------- .../municipal-services/inbox/Chart.yaml | 26 --- .../inbox/templates/deployment.yaml | 2 - .../inbox/templates/ingress.yaml | 2 - .../inbox/templates/service.yaml | 2 - .../municipal-services/inbox/values.yaml | 56 ------- .../property-services/Chart.yaml | 26 --- .../property-services/values.yaml | 149 ------------------ .../tl-calculator/templates/deployment.yaml | 2 - .../tl-calculator/templates/ingress.yaml | 2 - .../tl-calculator/templates/service.yaml | 2 - .../tl-services/templates/deployment.yaml | 2 - .../tl-services/templates/ingress.yaml | 2 - .../tl-services/templates/service.yaml | 2 - .../turn-io-adapter/Chart.yaml | 26 --- .../turn-io-adapter/templates/deployment.yaml | 2 - .../turn-io-adapter/templates/ingress.yaml | 2 - .../turn-io-adapter/templates/service.yaml | 2 - .../turn-io-adapter/values.yaml | 65 -------- .../ws-calculator/Chart.yaml | 26 --- .../ws-calculator/templates/deployment.yaml | 2 - .../ws-calculator/templates/ingress.yaml | 2 - .../ws-calculator/templates/service.yaml | 2 - .../ws-calculator/values.yaml | 110 ------------- .../municipal-services/ws-services/Chart.yaml | 26 --- .../ws-services/templates/deployment.yaml | 2 - .../ws-services/templates/ingress.yaml | 2 - .../ws-services/templates/service.yaml | 2 - .../ws-services/values.yaml | 132 ---------------- .../bpa-calculator/Chart.yaml | 0 .../bpa-calculator/templates/deployment.yaml | 0 .../bpa-calculator/templates/ingress.yaml | 0 .../bpa-calculator/templates/service.yaml | 0 .../bpa-calculator/values.yaml | 3 + .../bpa-services/Chart.yaml | 0 .../bpa-services/templates/deployment.yaml | 0 .../bpa-services/templates/ingress.yaml | 0 .../bpa-services/templates/service.yaml | 0 .../bpa-services/values.yaml | 3 + .../echallan-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../echallan-calculator/values.yaml | 3 + .../echallan-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../echallan-services/templates/ingress.yaml | 0 .../echallan-services/templates/service.yaml | 0 .../echallan-services/values.yaml | 3 + .../firenoc-calculator/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../firenoc-calculator/values.yaml | 3 + .../firenoc-services/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../firenoc-services}/templates/ingress.yaml | 0 .../firenoc-services}/templates/service.yaml | 0 .../firenoc-services/values.yaml | 3 + .../land-services/Chart.yaml | 0 .../land-services}/templates/deployment.yaml | 0 .../land-services}/templates/ingress.yaml | 0 .../land-services}/templates/service.yaml | 0 .../land-services/values.yaml | 3 + .../noc-services/Chart.yaml | 0 .../noc-services}/templates/deployment.yaml | 0 .../noc-services}/templates/ingress.yaml | 0 .../noc-services}/templates/service.yaml | 0 .../noc-services/values.yaml | 3 + .../pgr-services/Chart.yaml | 0 .../pgr-services}/templates/deployment.yaml | 0 .../pgr-services}/templates/ingress.yaml | 0 .../pgr-services}/templates/service.yaml | 0 .../pgr-services/values.yaml | 3 + .../urban/property-services/values.yaml | 3 + .../pt-calculator-v2/Chart.yaml | 0 .../templates/deployment.yaml | 0 .../pt-calculator-v2}/templates/ingress.yaml | 0 .../pt-calculator-v2}/templates/service.yaml | 0 .../pt-calculator-v2/values.yaml | 3 + .../pt-services-v2/Chart.yaml | 0 .../pt-services-v2}/templates/deployment.yaml | 0 .../pt-services-v2}/templates/ingress.yaml | 0 .../pt-services-v2}/templates/service.yaml | 0 .../pt-services-v2/values.yaml | 3 + .../rainmaker-pgr/Chart.yaml | 0 .../rainmaker-pgr}/templates/deployment.yaml | 0 .../rainmaker-pgr}/templates/ingress.yaml | 0 .../rainmaker-pgr}/templates/service.yaml | 0 .../rainmaker-pgr/values.yaml | 3 + .../sw-calculator/Chart.yaml | 0 .../sw-calculator}/templates/deployment.yaml | 0 .../sw-calculator}/templates/ingress.yaml | 0 .../sw-calculator}/templates/service.yaml | 0 .../sw-calculator/values.yaml | 3 + .../sw-services/Chart.yaml | 0 .../sw-services}/templates/deployment.yaml | 0 .../sw-services}/templates/ingress.yaml | 0 .../sw-services}/templates/service.yaml | 0 .../sw-services/values.yaml | 3 + .../tl-calculator/Chart.yaml | 0 .../tl-calculator}/templates/deployment.yaml | 0 .../tl-calculator}/templates/ingress.yaml | 0 .../tl-calculator}/templates/service.yaml | 0 .../tl-calculator/values.yaml | 3 + .../tl-services/Chart.yaml | 0 .../tl-services}/templates/deployment.yaml | 0 .../tl-services}/templates/ingress.yaml | 0 .../tl-services}/templates/service.yaml | 0 .../tl-services/values.yaml | 3 + .../charts/urban/ws-calculator/values.yaml | 3 + .../helm/charts/urban/ws-services/values.yaml | 3 + .../unified-urban-dev-secrets.yaml | 119 ++++++++++++++ .../{urban.yaml => unified-urban-dev.yaml} | 0 117 files changed, 181 insertions(+), 801 deletions(-) delete mode 100644 config-as-code/.sops.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/inbox/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/property-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-calculator/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-calculator/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-calculator/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-calculator/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-calculator/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-services/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-services/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-services/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/bpa-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-calculator/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-calculator/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-calculator/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-calculator/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-calculator/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-services/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-services/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-services/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/echallan-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/firenoc-calculator/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/egov-user-event => urban/firenoc-calculator}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/egov-user-event => urban/firenoc-calculator}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/egov-user-event => urban/firenoc-calculator}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/firenoc-calculator/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/firenoc-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-calculator => urban/firenoc-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-calculator => urban/firenoc-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-calculator => urban/firenoc-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/firenoc-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/land-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-services => urban/land-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-services => urban/land-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/firenoc-services => urban/land-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/land-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/noc-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/land-services => urban/noc-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/land-services => urban/noc-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/land-services => urban/noc-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/noc-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pgr-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/noc-services => urban/pgr-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/noc-services => urban/pgr-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/noc-services => urban/pgr-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pgr-services/values.yaml (99%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pt-calculator-v2/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pgr-services => urban/pt-calculator-v2}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pgr-services => urban/pt-calculator-v2}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pgr-services => urban/pt-calculator-v2}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pt-calculator-v2/values.yaml (99%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pt-services-v2/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/property-services => urban/pt-services-v2}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/property-services => urban/pt-services-v2}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/property-services => urban/pt-services-v2}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/pt-services-v2/values.yaml (99%) rename deploy-as-code/helm/charts/{municipal-services => urban}/rainmaker-pgr/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-calculator-v2 => urban/rainmaker-pgr}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-calculator-v2 => urban/rainmaker-pgr}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-calculator-v2 => urban/rainmaker-pgr}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/rainmaker-pgr/values.yaml (99%) rename deploy-as-code/helm/charts/{municipal-services => urban}/sw-calculator/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-services-v2 => urban/sw-calculator}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-services-v2 => urban/sw-calculator}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/pt-services-v2 => urban/sw-calculator}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/sw-calculator/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/sw-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/rainmaker-pgr => urban/sw-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/rainmaker-pgr => urban/sw-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/rainmaker-pgr => urban/sw-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/sw-services/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/tl-calculator/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-calculator => urban/tl-calculator}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-calculator => urban/tl-calculator}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-calculator => urban/tl-calculator}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/tl-calculator/values.yaml (98%) rename deploy-as-code/helm/charts/{municipal-services => urban}/tl-services/Chart.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-services => urban/tl-services}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-services => urban/tl-services}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services/sw-services => urban/tl-services}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{municipal-services => urban}/tl-services/values.yaml (99%) create mode 100644 deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml rename deploy-as-code/helm/environments/{urban.yaml => unified-urban-dev.yaml} (100%) diff --git a/config-as-code/.sops.yaml b/config-as-code/.sops.yaml deleted file mode 100644 index ad9e053c6b..0000000000 --- a/config-as-code/.sops.yaml +++ /dev/null @@ -1,8 +0,0 @@ -# creation rules are evaluated sequentially, the first match wins -creation_rules: - # upon creation of a file that matches the pattern *dev.yaml, - # KMS set A is used - # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/unified-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' - pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index a32c1301db..ccb8c62bc3 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -9,7 +9,7 @@ creation_rules: - path_regex: environments/unified\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' @@ -18,3 +18,7 @@ creation_rules: - path_regex: environments/unified\-health\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-urban\-dev\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml deleted file mode 100644 index c3788cded3..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/egov-user-event/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: egov-user-event -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml b/deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml deleted file mode 100644 index 5955de8c07..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/egov-user-event/values.yaml +++ /dev/null @@ -1,88 +0,0 @@ -# Common Labels -labels: - app: "egov-user-event" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "egov-user-event" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "egov_user_event_schema_version" - image: - repository: "egov-user-event-db" - -# Container Configs -image: - repository: "egov-user-event" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/egov-user-event/health" - readinessProbePath: "/egov-user-event/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: /egov-mdms-service/v1/_search - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-user-events - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: KAFKA_TOPICS_PERSISTER_SAVE_EVENTS - value: save-user-events - - name: KAFKA_TOPICS_PERSISTER_UPDATE_EVENTS - value: update-user-events - - name: KAFKA_TOPICS_LLT_DETAILS - value: user-events-llt - - name: KAFKA_TOPICS_SAVE_EVENTS - value: persist-user-events-async - - name: KAFKA_TOPICS_UPDATE_EVENTS - value: update-user-events-async - - name: MSEVA_NOTIF_SEARCH_OFFSET - value: "0" - - name: MSEVA_NOTIF_SEARCH_LIMIT - value: "200" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: SERVER_PORT - value: "8080" - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: EGOV_LOCALISATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_LOCALISATION_IS_STATELEVEL - value: "false" - - name: MSEVA_NOTIF_SEARCH_OFFSET - value: "0" - - name: MSEVA_NOTIF_SEARCH_LIMIT - value: "200" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml deleted file mode 100644 index de87e4ffaa..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/inbox/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: inbox -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml deleted file mode 100644 index 96fb6e00a0..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/inbox/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml deleted file mode 100644 index cc12d64759..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/inbox/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml deleted file mode 100644 index 454d8db3b6..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/inbox/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/municipal-services/inbox/values.yaml b/deploy-as-code/helm/charts/municipal-services/inbox/values.yaml deleted file mode 100644 index 26ce04c2dc..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/inbox/values.yaml +++ /dev/null @@ -1,56 +0,0 @@ -namespace : sanitation -# Common Labels -labels: - app: "inbox" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "inbox" - -# Container Configs -image: - repository: "inbox" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/inbox/health" - readinessProbePath: "/inbox/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx256m -Xms256m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: WORKFLOW_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - - name: WORKFLOW_PROCESS_SEARCH_PATH - value: "egov-workflow-v2/egov-wf/process/_search" - - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH - value: "egov-workflow-v2/egov-wf/businessservice/_search" - - name: WORKFLOW_PROCESS_COUNT_PATH - value: "egov-workflow-v2/egov-wf/process/_count" - - name: WORKFLOW_PROCESS_STATUSCOUNT_PATH - value: "egov-workflow-v2/egov-wf/process/_statuscount" - - name: SERVICE_SEARCH_MAPPING - value: {{ index .Values "service-map" | quote }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml deleted file mode 100644 index 43477efcc9..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/property-services/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: property-services -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/property-services/values.yaml deleted file mode 100644 index 97fba47a32..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/property-services/values.yaml +++ /dev/null @@ -1,149 +0,0 @@ -# Common Labels -labels: - app: "property-services" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "property-services" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "property_services_schema" - image: - repository: "property-services-db" - -# Container Configs -image: - repository: "property-services" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/property-services/health" - readinessProbePath: "/property-services/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" -notification-sms-enabled: "" -employee-allowed-search-params: "" -citizen-allowed-search-params: "" - -# Additional Container Envs -env: | - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: STATE_LEVEL_TENANT_ID - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-state-level-tenant-id - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_CALCULATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: pt-calculator-v2 - - name: EGOV_PT-SERVICES-V2_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: pt-services-v2 - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-property-services - - name: PERSISTER_SAVE_PROPERTY_TOPIC - value: save-property-registry - - name: PERSISTER_UPDATE_PROPERTY_TOPIC - value: update-property-registry - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_ENABLE_DEBUG - value: "true" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: NOTIFICATION_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: ASSESSMENT_WORKFLOW_ENABLED - value: "false" - - name: EGOV_IDGEN_ACK_FORMAT - value: {{ index .Values "egov-idgen-ack-format" | quote }} - - name: EGOV_IDGEN_MUTATION_FORMAT - value: {{ index .Values "egov-idgen-mutation-format" | quote }} - - name: EGOV_IDGEN_ASSM_FORMAT - value: {{ index .Values "egov-idgen-assm-format" | quote }} - - name: EGOV_IDGEN_PTID_FORMAT - value: {{ index .Values "egov-idgen-ptid-format" | quote }} - - - name: NOTIFICATION_SMS_ENABLED - value: {{ index .Values "notification-sms-enabled" | quote }} - - name: EGOV_USER_EVENT_NOTIFICATION_ENABLED - value: "true" - {{- if index .Values "employee-allowed-search-params" }} - - name: EMPLOYEE_ALLOWED_SEARCH_PARAMS - value: {{ index .Values "employee-allowed-search-params" | quote }} - {{- end }} - {{- if index .Values "citizen-allowed-search-params" }} - - name: CITIZEN_ALLOWED_SEARCH_PARAMS - value: {{ index .Values "citizen-allowed-search-params" | quote }} - {{- end }} - - name: EGOV_UI_APP_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: EGOV_USR_EVENTS_CREATE_TOPIC - value: "persist-user-events-async" - - name: EGOV_USR_EVENTS_PAY_LINK - value: "citizen/withoutAuth?redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - - name: EGOV_USR_EVENTS_PAY_CODE - value: "PAY" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-calculator/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/tl-services/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml deleted file mode 100644 index e422888e16..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: turn-io-adapter -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml b/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml deleted file mode 100644 index 912a89bada..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/turn-io-adapter/values.yaml +++ /dev/null @@ -1,65 +0,0 @@ -# Common Labels -labels: - app: "turn-io-adapter" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "turn-io-adapter" - -# Init Containers Configs - - -# Container Configs -image: - repository: "turn-io-adapter" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/turn-io-adapter/health" - readinessProbePath: "/turn-io-adapter/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: EGOV_PGR_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: rainmaker-pgr - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_URL_SHORTNER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-url-shortening - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml deleted file mode 100644 index 38683ced11..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-calculator/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: ws-calculator -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-calculator/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml b/deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml deleted file mode 100644 index 0138637433..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-calculator/values.yaml +++ /dev/null @@ -1,110 +0,0 @@ -# Common Labels -labels: - app: "ws-calculator" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "ws-calculator" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "ws_calculator_schema" - image: - repository: "ws-calculator-db" - -# Container Configs -image: - repository: "ws-calculator" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/ws-calculator/health" - readinessProbePath: "/ws-calculator/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_PROPERTY_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: property-services - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_BILLINGSERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: billing-service - - name: EGOV_WS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: ws-services - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-ws-calculator - - name: EGOV_METERSERVICE_CREATEMETERCONNECTION - value: save-ws-meter - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SERVER_CONTEXT_PATH - value: /ws-calculator - - name: NOTIFICATION_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml deleted file mode 100644 index d783c71d70..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-services/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: ws-services -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-services/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml b/deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml deleted file mode 100644 index 348119fcca..0000000000 --- a/deploy-as-code/helm/charts/municipal-services/ws-services/values.yaml +++ /dev/null @@ -1,132 +0,0 @@ -# Common Labels -labels: - app: "ws-services" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "ws-services" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "ws_services_schema" - image: - repository: "ws-services-db" - -# Container Configs -image: - repository: "ws-services" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/ws-services/health" - readinessProbePath: "/ws-services/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: STATE_LEVEL_TENANT_ID - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-state-level-tenant-id - - name: EGOV_PROPERTY_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: property-services - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_BILLINGSERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: billing-service - - name: EGOV_WS_CALCULATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: ws-calculator - - name: EGOV_FILESTORE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-filestore - - name: EGOV_PDFSERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: pdf-service - - name: WORKFLOW_CONTEXT_PATH - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-ws-services - - name: EGOV_WATERSERVICE_CREATEWATERCONNECTION - value: save-ws-connection - - name: EGOV_WATERSERVICE_UPDATEWATERCONNECTION - value: update-ws-connection - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.springframework.kafka.support.serializer.JsonSerializer - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: NOTIFICATION_URL - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: IS_EXTERNAL_WORKFLOW_ENABLED - value: {{ index .Values "is-external-workflow-enabled" | quote }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/bpa-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/Chart.yaml rename to deploy-as-code/helm/charts/urban/bpa-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/bpa-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/bpa-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/bpa-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/bpa-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml b/deploy-as-code/helm/charts/urban/bpa-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/urban/bpa-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml b/deploy-as-code/helm/charts/urban/bpa-calculator/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml rename to deploy-as-code/helm/charts/urban/bpa-calculator/values.yaml index f4aa5fa253..d8033af64c 100644 --- a/deploy-as-code/helm/charts/municipal-services/bpa-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/bpa-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "bpa-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "bpa-calculator" diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml b/deploy-as-code/helm/charts/urban/bpa-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/bpa-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/bpa-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/bpa-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/bpa-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/bpa-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/bpa-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/bpa-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml b/deploy-as-code/helm/charts/urban/bpa-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml rename to deploy-as-code/helm/charts/urban/bpa-services/values.yaml index b6afc31f27..69265d860c 100644 --- a/deploy-as-code/helm/charts/municipal-services/bpa-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/bpa-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "bpa-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "bpa-services" diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/echallan-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/Chart.yaml rename to deploy-as-code/helm/charts/urban/echallan-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/echallan-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/echallan-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/echallan-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/echallan-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml b/deploy-as-code/helm/charts/urban/echallan-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/urban/echallan-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml b/deploy-as-code/helm/charts/urban/echallan-calculator/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml rename to deploy-as-code/helm/charts/urban/echallan-calculator/values.yaml index 62e47135c1..bf94bfe538 100644 --- a/deploy-as-code/helm/charts/municipal-services/echallan-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/echallan-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "echallan-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "echallan-calculator" diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml b/deploy-as-code/helm/charts/urban/echallan-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/echallan-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/echallan-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/echallan-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/echallan-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/echallan-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/echallan-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/echallan-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml b/deploy-as-code/helm/charts/urban/echallan-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml rename to deploy-as-code/helm/charts/urban/echallan-services/values.yaml index 03fc120d80..5268d3f942 100644 --- a/deploy-as-code/helm/charts/municipal-services/echallan-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/echallan-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "echallan-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "echallan-services" diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/firenoc-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/Chart.yaml rename to deploy-as-code/helm/charts/urban/firenoc-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/firenoc-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/firenoc-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/firenoc-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/firenoc-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml b/deploy-as-code/helm/charts/urban/firenoc-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/egov-user-event/templates/service.yaml rename to deploy-as-code/helm/charts/urban/firenoc-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml b/deploy-as-code/helm/charts/urban/firenoc-calculator/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml rename to deploy-as-code/helm/charts/urban/firenoc-calculator/values.yaml index 6c0b0a8385..d363f4b6e2 100644 --- a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/firenoc-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "firenoc-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "firenoc-calculator" diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml b/deploy-as-code/helm/charts/urban/firenoc-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/firenoc-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/firenoc-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/firenoc-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/firenoc-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/firenoc-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml b/deploy-as-code/helm/charts/urban/firenoc-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/urban/firenoc-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml b/deploy-as-code/helm/charts/urban/firenoc-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml rename to deploy-as-code/helm/charts/urban/firenoc-services/values.yaml index d8d0ad381b..6b8fe4d79b 100644 --- a/deploy-as-code/helm/charts/municipal-services/firenoc-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/firenoc-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "firenoc-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "firenoc-services" diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml b/deploy-as-code/helm/charts/urban/land-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/land-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/land-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/land-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/land-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/land-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/land-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/firenoc-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/land-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/values.yaml b/deploy-as-code/helm/charts/urban/land-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/land-services/values.yaml rename to deploy-as-code/helm/charts/urban/land-services/values.yaml index 3f9d9905e1..5f7a184ba1 100644 --- a/deploy-as-code/helm/charts/municipal-services/land-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/land-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "land-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "land-services" diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml b/deploy-as-code/helm/charts/urban/noc-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/noc-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/noc-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/noc-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/noc-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/noc-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/noc-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/land-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/noc-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml b/deploy-as-code/helm/charts/urban/noc-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml rename to deploy-as-code/helm/charts/urban/noc-services/values.yaml index 1298bfa4ab..a8b73f9942 100644 --- a/deploy-as-code/helm/charts/municipal-services/noc-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/noc-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "noc-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "noc-services" diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml b/deploy-as-code/helm/charts/urban/pgr-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/pgr-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/pgr-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/pgr-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/pgr-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/pgr-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/pgr-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/noc-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/pgr-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml b/deploy-as-code/helm/charts/urban/pgr-services/values.yaml similarity index 99% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml rename to deploy-as-code/helm/charts/urban/pgr-services/values.yaml index 60fada7865..c01729ad8b 100644 --- a/deploy-as-code/helm/charts/municipal-services/pgr-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/pgr-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "pgr-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "pgr-services" diff --git a/deploy-as-code/helm/charts/urban/property-services/values.yaml b/deploy-as-code/helm/charts/urban/property-services/values.yaml index 97fba47a32..f1ed8fa3f5 100644 --- a/deploy-as-code/helm/charts/urban/property-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/property-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "property-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "property-services" diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml b/deploy-as-code/helm/charts/urban/pt-calculator-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/Chart.yaml rename to deploy-as-code/helm/charts/urban/pt-calculator-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pgr-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/pt-calculator-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml b/deploy-as-code/helm/charts/urban/pt-calculator-v2/values.yaml similarity index 99% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml rename to deploy-as-code/helm/charts/urban/pt-calculator-v2/values.yaml index be48abdcd5..01030ad95c 100644 --- a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/values.yaml +++ b/deploy-as-code/helm/charts/urban/pt-calculator-v2/values.yaml @@ -3,8 +3,11 @@ labels: app: "pt-calculator-v2" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "pt-calculator-v2" diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml b/deploy-as-code/helm/charts/urban/pt-services-v2/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/Chart.yaml rename to deploy-as-code/helm/charts/urban/pt-services-v2/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/pt-services-v2/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/pt-services-v2/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/pt-services-v2/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/pt-services-v2/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/pt-services-v2/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/property-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/pt-services-v2/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml b/deploy-as-code/helm/charts/urban/pt-services-v2/values.yaml similarity index 99% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml rename to deploy-as-code/helm/charts/urban/pt-services-v2/values.yaml index 38fa81d66e..4eaf8ac75d 100644 --- a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/values.yaml +++ b/deploy-as-code/helm/charts/urban/pt-services-v2/values.yaml @@ -3,8 +3,11 @@ labels: app: "pt-services-v2" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "pt-services-v2" diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml b/deploy-as-code/helm/charts/urban/rainmaker-pgr/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/Chart.yaml rename to deploy-as-code/helm/charts/urban/rainmaker-pgr/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml b/deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-calculator-v2/templates/service.yaml rename to deploy-as-code/helm/charts/urban/rainmaker-pgr/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml b/deploy-as-code/helm/charts/urban/rainmaker-pgr/values.yaml similarity index 99% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml rename to deploy-as-code/helm/charts/urban/rainmaker-pgr/values.yaml index 32ec209390..18413f7b46 100644 --- a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/values.yaml +++ b/deploy-as-code/helm/charts/urban/rainmaker-pgr/values.yaml @@ -3,8 +3,11 @@ labels: app: "rainmaker-pgr" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "rainmaker-pgr" diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/sw-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/Chart.yaml rename to deploy-as-code/helm/charts/urban/sw-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/sw-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/sw-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/sw-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/sw-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml b/deploy-as-code/helm/charts/urban/sw-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/pt-services-v2/templates/service.yaml rename to deploy-as-code/helm/charts/urban/sw-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml b/deploy-as-code/helm/charts/urban/sw-calculator/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml rename to deploy-as-code/helm/charts/urban/sw-calculator/values.yaml index 5238e83269..2beb0afa59 100644 --- a/deploy-as-code/helm/charts/municipal-services/sw-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/sw-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "sw-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "sw-calculator" diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml b/deploy-as-code/helm/charts/urban/sw-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/sw-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/sw-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/sw-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/sw-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/sw-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml b/deploy-as-code/helm/charts/urban/sw-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/rainmaker-pgr/templates/service.yaml rename to deploy-as-code/helm/charts/urban/sw-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml b/deploy-as-code/helm/charts/urban/sw-services/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml rename to deploy-as-code/helm/charts/urban/sw-services/values.yaml index 7fd285be07..46dbff3bf4 100644 --- a/deploy-as-code/helm/charts/municipal-services/sw-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/sw-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "sw-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "sw-services" diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml b/deploy-as-code/helm/charts/urban/tl-calculator/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/Chart.yaml rename to deploy-as-code/helm/charts/urban/tl-calculator/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/tl-calculator/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/tl-calculator/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/tl-calculator/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/tl-calculator/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml b/deploy-as-code/helm/charts/urban/tl-calculator/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-calculator/templates/service.yaml rename to deploy-as-code/helm/charts/urban/tl-calculator/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml b/deploy-as-code/helm/charts/urban/tl-calculator/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml rename to deploy-as-code/helm/charts/urban/tl-calculator/values.yaml index 314248c5d3..2c99e01e77 100644 --- a/deploy-as-code/helm/charts/municipal-services/tl-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/tl-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "tl-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "tl-calculator" diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml b/deploy-as-code/helm/charts/urban/tl-services/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/tl-services/Chart.yaml rename to deploy-as-code/helm/charts/urban/tl-services/Chart.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/tl-services/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/deployment.yaml rename to deploy-as-code/helm/charts/urban/tl-services/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/tl-services/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/ingress.yaml rename to deploy-as-code/helm/charts/urban/tl-services/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml b/deploy-as-code/helm/charts/urban/tl-services/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/municipal-services/sw-services/templates/service.yaml rename to deploy-as-code/helm/charts/urban/tl-services/templates/service.yaml diff --git a/deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml b/deploy-as-code/helm/charts/urban/tl-services/values.yaml similarity index 99% rename from deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml rename to deploy-as-code/helm/charts/urban/tl-services/values.yaml index c33dab46d8..a8a78d6530 100644 --- a/deploy-as-code/helm/charts/municipal-services/tl-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/tl-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "tl-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "tl-services" diff --git a/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml b/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml index 0138637433..ccee7321f6 100644 --- a/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml +++ b/deploy-as-code/helm/charts/urban/ws-calculator/values.yaml @@ -3,8 +3,11 @@ labels: app: "ws-calculator" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "ws-calculator" diff --git a/deploy-as-code/helm/charts/urban/ws-services/values.yaml b/deploy-as-code/helm/charts/urban/ws-services/values.yaml index 348119fcca..4236e257cf 100644 --- a/deploy-as-code/helm/charts/urban/ws-services/values.yaml +++ b/deploy-as-code/helm/charts/urban/ws-services/values.yaml @@ -3,8 +3,11 @@ labels: app: "ws-services" group: "rainmaker" +namespace: urban + # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "ws-services" diff --git a/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml new file mode 100644 index 0000000000..5b52ab8d15 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml @@ -0,0 +1,119 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:P7eJg7L6BHNkDw==,iv:V6c2oa4rgef4zVubyBVqfLzaBPqL37NkBHnS4ow3t4I=,tag:KPWWcyV2RRkz2dbEgIZvGw==,type:str] + password: ENC[AES256_GCM,data:rwmZvpS1UFgLuqEM8Q==,iv:ZdKLKhW5BNC9cv7xWyES91V9527IhyxDZFtrG8/RMnc=,tag:AGKY4AtnM71vZwQvV0v7UA==,type:str] + flywayUsername: ENC[AES256_GCM,data:SvFKmVr7KoATQw==,iv:lyzeqf80asZcscJbdEr3L/U8Ak8Xiwk0rA/n2tNDydQ=,tag:BV/qcv9YkdYejOk0nUYn2A==,type:str] + flywayPassword: ENC[AES256_GCM,data:6yLOXN8nBhFymxYSGg==,iv:BOK2G6uctHpllOoHuOw4Ypf7lQ3RjSJCOsUXpLEanFs=,tag:tidMqqG0Xywp7jcIwxrtJw==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] + password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:w8dzx1VxegcyiuUkEkZUJ2q6sl8=,iv:tblebty94pl2+ByPoZu9L8U7cXEylYQUMAQlxTPvfvM=,tag:x44CUdAQGTiZJjyioLolCw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:AqwpqJ0eGdu7XR7sDDQnIQyOQna2tLAiSNO/ISpUStCBTbn52IB7iQ==,iv:SkYL0egyml+Ub8+QZzB+JF8eqPl27s6qE2yUszMN8/I=,tag:QRLPO7lsianWkI3v+GWTyA==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:IDNGiQ/UdJfodlpDksRd,iv:JXpOVDYms1HVVWGnxMwmpirVScnDTZt6OaPn2pb4hnY=,tag:tTDmD8PRBezzXFg876KG4g==,type:str] + account-key: ENC[AES256_GCM,data:bIk4upLfb+M4xzsW/pVEQQIRQzUHItnATMxoQw/a6q5iSeGOJxcbFoj/Yj5wN61AXFI1QgGqPUVyGTU4LFj4OvSb4Te/AL1bsqIgAppdEKxKu0YOXeWouQ==,iv:FIkApN+y2tCd4xzPb61DqfmFXAb9v5lYVRuPWUdUWLA=,tag:3dTtN+HvrA1+m9QjeeqZTQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:7Oh3SrZgqF9uTGyFY1e2gERb4Q+xFgn0Ch5geYuq0oCkskBt+2DY,iv:R6kmwnTy5vIgbmrTh6ro3zQhfqKxxh9ziKmsCcPFNUY=,tag:0wt831cNMzBEI7xWPA5r/Q==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:rZ5weD43,iv:w1J3CFaON7TwZ6eX/hCzaRGwVU4zL44ImgRQTIm3K14=,tag:FhB+ULwj3L/Fv0fKNho+xg==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:7v9zmQRdhws=,iv:WIRN18PE2qY6tk9RlRlSBwZ82JoHikXU9OgZZJEb6tY=,tag:hGrLc397Bnd3BajNYAlcTg==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:i56/L3PqmtdCHZxEA3vINmFUFo33Gun3FRI=,iv:BuHWeGoT/xf9OcAQPglN7tAUUseXE/dqhTaxXUvKzjE=,tag:SgoB8+KkKfTz0DWZEOytvQ==,type:str] + admin-password: ENC[AES256_GCM,data:OHYF/5vUzv6/uHSV,iv:yWkFCGcHjIdBXYVYQA8TCMcu/ThkJetHxYfnCn+Wiyg=,tag:O85S6LybYeOqFw4sJzMxHw==,type:str] + read-email: ENC[AES256_GCM,data:HAV68+XHfk+SO/Orbm0DquAOBcVF1/sKfg==,iv:8fJWgr0MVzM9l963+Z0/yHFjL7CY7vMbtuX9E4o8M+Q=,tag:dwOz9PoZcVUOyKVW9WupTA==,type:str] + read-password: ENC[AES256_GCM,data:oguc3wk49XcvhgPW,iv:a5riBFfT0rznHZDFC8eByvoAlc1KDAKeuLZhFdTSXPM=,tag:pkRyrUsPhq5VmYsL5cmPQw==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:yd9we+lE5aD+kGmgJnVnCQ==,iv:nsPJQ8Njd1iHYIy3UE6WI8wAMvIkkmFtpISkQALXkB4=,tag:eK9XP11MN8o/vlnxR74DHQ==,type:str] + master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] + master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:UsnTwEe1/Wyjj+U0EOLzHU5LIE+IQZ1DpL4NysUrAFsg,iv:mpri8EAFmGTrBSZrZvyl0zYeIB3tQ9xKZgkwsr2DI8c=,tag:HqO7yg20VlxOU6Tddex5UQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] + known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] + si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] + mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:Wb2bU7Pmc1PAP99unifMuI+qTys=,iv:y7/SC/x++TShu5YOYH5fJgpUMBBextRsb5xzyIOB0qU=,tag:he2I+NvpDskBlI4WQ6UrxQ==,type:str] + clientSecret: ENC[AES256_GCM,data:4Vq3Jghf73pAH90xvNhLJ52sl3GH/gGA2L6+Dyk4lsy0TMmic9YIzw==,iv:STL6OnofD7p+bRaw6vKEVYd2XBJb0Wlm/RxywMQDW0Q=,tag:L3+xX3qKYRuCPFtX3Ew6VA==,type:str] + cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] + secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] + route: + receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] + group_by: + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: + alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] + group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] + group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] + repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] + receivers: + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + templates: + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2020-11-10T06:48:05Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + gcp_kms: [] + lastmodified: '2023-06-22T05:01:45Z' + mac: ENC[AES256_GCM,data:h8dvwlX5sRvsOYhiJw0C/aQdzzXyhwxTuv2eGAO91Gqs/wKHQBdoiFtNBRk0JSNOk+067+E32K7sAaGiFyrRLvquHha7cRAxL6DqLY6/Ryx6Rur3218YOGBUABNIX3y9f+dIeEmwf5T6Q73FNClrb2nvwrwyJ9qJzheLvtsQ+ZM=,iv:9v27T1Wh1myNtRgfX4DP1QuoVghzRc6kH/1NDSN7YXw=,tag:RFQ8YXpGJa54HoIHi4ANxg==,type:str] + pgp: + - created_at: '2020-11-10T06:48:05Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv + lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ + gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ + Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t + PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF + 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS + ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S + q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== + =msen + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/urban.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml similarity index 100% rename from deploy-as-code/helm/environments/urban.yaml rename to deploy-as-code/helm/environments/unified-urban-dev.yaml From 10d146a8c795958963f6042b2aab1820b3b5fcb0 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 5 Jul 2023 11:35:27 +0530 Subject: [PATCH 224/742] updated service.yaml in charts (#1790) Co-authored-by: Harish-egov --- .../prometheus-operator/templates/prometheus/service.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml index 893c5213d2..bd8aa64d7e 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml @@ -47,7 +47,6 @@ spec: {{ toYaml .Values.prometheus.service.additionalPorts | indent 2 }} {{- end }} selector: - app: prometheus prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus {{- if .Values.prometheus.service.sessionAffinity }} sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }} From 1c4d3e85167e1aaab41be55e50453776f3f51006 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 7 Jul 2023 10:14:01 +0530 Subject: [PATCH 225/742] updated sops yaml in unified-env branch (#1800) Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index ccb8c62bc3..ab57449b47 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -9,7 +9,7 @@ creation_rules: - path_regex: environments/unified\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' From 77354e4fad312b0c30164058886f2f4c29552ab2 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 14 Jul 2023 09:36:06 +0530 Subject: [PATCH 226/742] DPG-1659 :: Enable workbench UI (#1810) --- .../charts/frontend/workbench-ui/Chart.yaml | 26 ++++++++++++++ .../workbench-ui/templates/deployment.yaml | 2 ++ .../workbench-ui/templates/ingress.yaml | 2 ++ .../workbench-ui/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../charts/frontend/workbench-ui/values.yaml | 34 +++++++++++++++++++ .../helm/environments/unified-dev.yaml | 7 +++- 7 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/Chart.yaml create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/frontend/workbench-ui/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/Chart.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/Chart.yaml new file mode 100644 index 0000000000..69ae0e46e1 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: workbench-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/templates/service.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/workbench-ui/values.yaml b/deploy-as-code/helm/charts/frontend/workbench-ui/values.yaml new file mode 100644 index 0000000000..13e1bfd764 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/workbench-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "workbench-ui" + group: "web" + +namespace: egov + +# Ingress Configs +ingress: + enabled: true + context: "workbench-ui" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "workbench-ui" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/workbench-ui/" + readinessProbePath: "/workbench-ui/" + +extraVolumes: | + - name: js-injection + configMap: + name: workbench-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 38987be551..ff4eaa0254 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -156,7 +156,12 @@ digit-ui: sub_filter.conf: " sub_filter '' ' - ';" + ';" +workbench-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" citizen: custom-js-injection: | sub_filter.conf: " From f85776e76643121a7745b1f303f3c1b012dadd46 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Sat, 15 Jul 2023 15:45:57 +0530 Subject: [PATCH 227/742] added helm charts for story book --- .../helm/charts/frontend/storybook/Chart.yaml | 26 ++++++++++++++ .../storybook/templates/deployment.yaml | 2 ++ .../frontend/storybook/templates/ingress.yaml | 2 ++ .../frontend/storybook/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../charts/frontend/storybook/values.yaml | 34 +++++++++++++++++++ .../helm/environments/unified-dev.yaml | 7 ++++ 7 files changed, 84 insertions(+) create mode 100644 deploy-as-code/helm/charts/frontend/storybook/Chart.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/storybook/Chart.yaml b/deploy-as-code/helm/charts/frontend/storybook/Chart.yaml new file mode 100644 index 0000000000..71237a6439 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: storybook +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/frontend/storybook/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/storybook/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/storybook/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook/templates/service.yaml b/deploy-as-code/helm/charts/frontend/storybook/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/storybook/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook/values.yaml b/deploy-as-code/helm/charts/frontend/storybook/values.yaml new file mode 100644 index 0000000000..be6533e8e1 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook/values.yaml @@ -0,0 +1,34 @@ +namespace : egov +# Common Labels +labels: + app: "storybook" + group: "web" + +# Ingress Configs +ingress: + enabled: true + context: "storybook" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "storybook" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/storybook/" + readinessProbePath: "/storybook/" + +namespace: egov +extraVolumes: | + - name: js-injection + configMap: + name: storybook-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ff4eaa0254..a37ee7935b 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -162,6 +162,13 @@ workbench-ui: sub_filter.conf: " sub_filter '' ' ';" + +storybook: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + citizen: custom-js-injection: | sub_filter.conf: " From f54448e0ad7bcf0e295fbfda3182406983b6576f Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Mon, 17 Jul 2023 11:28:04 +0530 Subject: [PATCH 228/742] added the pod for svg (#1819) --- .../charts/frontend/storybook-svg/Chart.yaml | 26 ++++++++++++++ .../storybook-svg/templates/deployment.yaml | 2 ++ .../storybook-svg/templates/ingress.yaml | 2 ++ .../storybook-svg/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../charts/frontend/storybook-svg/values.yaml | 34 +++++++++++++++++++ .../helm/environments/unified-dev.yaml | 10 ++++++ 7 files changed, 87 insertions(+) create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/Chart.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/frontend/storybook-svg/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/Chart.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/Chart.yaml new file mode 100644 index 0000000000..2e17ea51e3 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: storybook-svg +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/templates/service.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/storybook-svg/values.yaml b/deploy-as-code/helm/charts/frontend/storybook-svg/values.yaml new file mode 100644 index 0000000000..8d03949c60 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/storybook-svg/values.yaml @@ -0,0 +1,34 @@ +namespace : egov +# Common Labels +labels: + app: "storybook-svg" + group: "web" + +# Ingress Configs +ingress: + enabled: true + context: "storybook-svg" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "storybook-svg" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/storybook-svg/" + readinessProbePath: "/storybook-svg/" + +namespace: egov +extraVolumes: | + - name: js-injection + configMap: + name: storybook-svg-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a37ee7935b..3cdb505b32 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -167,6 +167,16 @@ storybook: custom-js-injection: | sub_filter.conf: " sub_filter '' ' + + DIGIT StoryBook + ';" + +storybook-svg: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + DIGIT SVG StoryBook ';" citizen: From fbf4afbb1f80b05e6850053bf5a26037e88541eb Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Mon, 17 Jul 2023 11:55:49 +0530 Subject: [PATCH 229/742] Update the tags for storybook (#1820) * added the pod for svg * Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 3cdb505b32..cfcc2d1160 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -167,7 +167,7 @@ storybook: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + DIGIT StoryBook ';" @@ -175,7 +175,7 @@ storybook-svg: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + DIGIT SVG StoryBook ';" From e5e23b02fd569f1d24d1559672d939fee8080da9 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 19 Jul 2023 14:54:30 +0530 Subject: [PATCH 230/742] added dependecies for project service on works namespace in unfied-dev --- deploy-as-code/helm/environments/unified-works-dev.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 20d0a9c1b1..d5b3b8c098 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -148,6 +148,7 @@ cluster-configs: contract-service: "http://contracts.works:8080/" muster-roll-service: "http://muster-roll.works:8080/" project-management-system: "http://project.works:8080/" + project: "http://project.works:8080/" estimate-service: "http://estimates.works:8080/" organisation: "http://organisation.works:8080/" bankaccounts: "http://bankaccounts.works:8080/" @@ -157,6 +158,9 @@ cluster-configs: individual: "http://individual.works:8080/" works-pdf: "http://works-pdf.works:8080/" loi-service: "http://loi-service.works:8080/" + household: "http://household:8080/" + product: "http://product:8080/" + facility: "http://facility:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -256,6 +260,7 @@ organisation: works-cbo-url-endpoint: "/works-shg-app" project: + namespace: works tracing-enabled: true java-enable-debug: true project-default-offset: 0 From b20a55afaf17faefc4f42f514f84e7a08195f55d Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 24 Jul 2023 12:31:21 +0530 Subject: [PATCH 231/742] added works discovery ns in values.yaml --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 3d50e49aad..52317d6760 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: egov,sanitation +discovery_namespaces: egov,sanitation,works # Init Containers Configs initContainers: extraInitContainers: | From 30d42a1c70781b10cd1b60cece9d02e4a4027efe Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 24 Jul 2023 15:45:27 +0530 Subject: [PATCH 232/742] added inbox service on egov namespace --- deploy-as-code/helm/environments/unified-works-dev.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index d5b3b8c098..8b97fc38ce 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -140,6 +140,7 @@ cluster-configs: echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ inbox: "http://inbox.sanitation:8080/" + inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" @@ -234,6 +235,11 @@ loi-service: tracing-enabled: true workflow.loi.business.service.name: "loi-approval-4" +inbox: + namespace: egov + service-map : '{}' + bs-service-map : '{}' + muster-roll-service: tracing-enabled: true java-enable-debug: true From a02f7f342300825289450306582a44b5c61a3cb6 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 25 Jul 2023 15:28:27 +0530 Subject: [PATCH 233/742] #SM-2878 added fsm inbox event indexer (#1847) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index cfcc2d1160..c5506e177f 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -318,7 +318,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-event-indexer.yml" egov-persister: replicas: 1 From 9b17876c1343829897ea9dd8b8839b84cc22b373 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 26 Jul 2023 13:41:50 +0530 Subject: [PATCH 234/742] =?UTF-8?q?[DPG-1503,DPG-1662]=20Adding=20mdms=20v?= =?UTF-8?q?2=20helm=20charts=20and=20added=20environment=20=E2=80=A6=20(#1?= =?UTF-8?q?851)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [DPG-1503,DPG-1662] Adding mdms v2 helm charts and added environment file on dev environment (#1837) * [DPG-1503] Adding mdms v2 helm charts (#1822) * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Made corrections to helm charts * [DPG-1503] corrected save definition topic key * [DPG-1503] Adding JAVA_ENABLE_DEBUG flag in helm chart * [DPG-1503] Adding db config in mdms-v2 helm (#1825) * [DPG-1503] Adding persister file path to qa.yaml file (#1827) * Update works-dev.yaml * DPG-1662 :: Added Build and whitelisted mdms apis --------- * Update unified-dev.yaml --- .../charts/core-services/mdms-v2/Chart.yaml | 26 ++++++++ .../mdms-v2/templates/deployment.yaml | 2 + .../mdms-v2/templates/ingress.yaml | 2 + .../mdms-v2/templates/service.yaml | 2 + .../charts/core-services/mdms-v2/values.yaml | 61 +++++++++++++++++++ .../helm/environments/unified-dev.yaml | 4 +- 6 files changed, 95 insertions(+), 2 deletions(-) create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/Chart.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/Chart.yaml new file mode 100644 index 0000000000..514f4066d7 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: mdms-v2 +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/service.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml new file mode 100644 index 0000000000..5d3aeb3790 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml @@ -0,0 +1,61 @@ +# Common Labels +labels: + app: "mdms-v2" + group: "core" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "mdms-v2" + +initContainers: + dbMigration: + enabled: true + schemaTable: "mdms_v2_schema" + image: + repository: "mdms-v2-db" + +# Container Configs +image: + repository: "mdms-v2" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/mdms-v2/health" + readinessProbePath: "/mdms-v2/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx512m -Xms512m" +java-args: "-Dspring.profiles.active=monitoring" +egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" +egov-mdms-data-save-topic: "save-mdms-data" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /mdms-v2 + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-mdms-service-consumer-group + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: JAVA_ENABLE_DEBUG + value: "true" + - name: EGOV_MDMS_SCHEMA_DEFINITION_SAVE_TOPIC + value: {{ index .Values "egov-mdms-schema-definition-save-topic" | quote }} + - name: EGOV_MDMS_DATA_SAVE_TOPIC + value: {{ index .Values "egov-mdms-data-save-topic" | quote }} diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index c5506e177f..8fa8a30732 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -326,7 +326,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml"" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -447,7 +447,7 @@ zuul: java-debug: "true" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality, egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From f8d0245afe369d7e424500876e31a84832709843 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 26 Jul 2023 14:01:09 +0530 Subject: [PATCH 235/742] Dpg workbench :: corrected syntax of persister (#1852) * [DPG-1503,DPG-1662] Adding mdms v2 helm charts and added environment file on dev environment (#1837) * [DPG-1503] Adding mdms v2 helm charts (#1822) * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Made corrections to helm charts * [DPG-1503] corrected save definition topic key * [DPG-1503] Adding JAVA_ENABLE_DEBUG flag in helm chart * [DPG-1503] Adding db config in mdms-v2 helm (#1825) * [DPG-1503] Adding persister file path to qa.yaml file (#1827) * Update works-dev.yaml * DPG-1662 :: Added Build and whitelisted mdms apis --------- * Update unified-dev.yaml * Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 8fa8a30732..e090aa5d65 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -326,7 +326,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml"" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 8ec5ddac78f4f48ab12ee4dd1116f8d621447e3a Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 26 Jul 2023 15:51:34 +0530 Subject: [PATCH 236/742] [DPG-1503,DPG-1662] updated the open endpoint for zuul (#1853) * [DPG-1503,DPG-1662] Adding mdms v2 helm charts and added environment file on dev environment (#1837) * [DPG-1503] Adding mdms v2 helm charts (#1822) * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Adding mdms-v2 helm charts * [DPG-1503] Made corrections to helm charts * [DPG-1503] corrected save definition topic key * [DPG-1503] Adding JAVA_ENABLE_DEBUG flag in helm chart * [DPG-1503] Adding db config in mdms-v2 helm (#1825) * [DPG-1503] Adding persister file path to qa.yaml file (#1827) * Update works-dev.yaml * DPG-1662 :: Added Build and whitelisted mdms apis --------- * Update unified-dev.yaml * Update unified-dev.yaml * Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e090aa5d65..58f2643539 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -447,7 +447,7 @@ zuul: java-debug: "true" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality, egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From deb3f8421990691fe85796868fa32bc46df745fb Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 27 Jul 2023 12:11:12 +0530 Subject: [PATCH 237/742] addded works configs path under egov-persister --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 58f2643539..b6a1e9df8c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -326,7 +326,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" + persist-yml-path: "file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 627525703c1ff4feba9a4b51f42f63a8cb578258 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 27 Jul 2023 18:21:01 +0530 Subject: [PATCH 238/742] Update unified-dev.yaml (#1857) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index b6a1e9df8c..ed370a7847 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -326,7 +326,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" +persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 27bfe1925b0466a813edc9464ea1f794533801f9 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Fri, 28 Jul 2023 10:23:56 +0530 Subject: [PATCH 239/742] Update unified-dev.yaml (#1858) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ed370a7847..58f2643539 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -326,7 +326,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister -persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 0c23abc9e7a1c2677ba36f05cdf7f836837b20b2 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 1 Aug 2023 16:44:48 +0530 Subject: [PATCH 240/742] Update unified-dev.yaml (#1866) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 58f2643539..3967460ddf 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -318,7 +318,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-event-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml" egov-persister: replicas: 1 From f9d0c437d464f0db6612e5faa05b40401cacb431 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 2 Aug 2023 12:26:48 +0530 Subject: [PATCH 241/742] Added helm chart of inbox service (#1868) --- .../charts/core-services/inbox/Chart.yaml | 26 +++++ .../inbox/templates/deployment.yaml | 2 + .../inbox/templates/ingress.yaml | 2 + .../inbox/templates/service.yaml | 2 + .../charts/core-services/inbox/values.yaml | 102 ++++++++++++++++++ 5 files changed, 134 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/inbox/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/inbox/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml b/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml new file mode 100644 index 0000000000..de87e4ffaa --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: inbox +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml new file mode 100644 index 0000000000..556f5ed04f --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -0,0 +1,102 @@ +# Common Labels +labels: + app: "inbox" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "inbox" + +# Container Configs +image: + repository: "inbox" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/inbox/health" + readinessProbePath: "/inbox/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx256m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKFLOW_PROCESS_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/process/_search" + - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH + value: "egov-workflow-v2/egov-wf/businessservice/_search" + - name: WORKFLOW_PROCESS_COUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_count" + - name: WORKFLOW_PROCESS_STATUSCOUNT_PATH + value: "egov-workflow-v2/egov-wf/process/_statuscount" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_USER_SEARCH_PATH + value: "user/_search" + - name: EGOV_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher + - name: EGOV_DASHBOARD_ANALYTICS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: dashboard-analytics + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: SERVICES_ESINDEXER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: es-indexer-host + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: EGOV_INTERNAL_MICROSERVICE_USER_UUID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-internal-microservice-user-uuid + - name: EGOV_SEARCHER_PT_SEARCH_PATH + value: "egov-searcher/property-services/inboxpropertysearch/_get" + - name: SERVICE_SEARCH_MAPPING + value: {{ index .Values "service-map" | quote }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: BS_BUSINESSCODE_SERVICE_SEARCH + value: {{ index .Values "bs-service-map" | quote }} + - name: WATER_ES_INDEX + value: {{ index .Values "water-es-index" | quote }} + - name: SEWERAGE_ES_INDEX + value: {{ index .Values "sewerage-es-index" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: JAVA_ENABLE_DEBUG + value: "true" From 2c2f42c5b7c8400621dc02182deaa9263af95f2b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 2 Aug 2023 12:50:42 +0530 Subject: [PATCH 242/742] added egov namespace in valies.yaml --- deploy-as-code/helm/charts/core-services/inbox/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml index 556f5ed04f..04b451262f 100644 --- a/deploy-as-code/helm/charts/core-services/inbox/values.yaml +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -1,4 +1,5 @@ # Common Labels +namespace: egov labels: app: "inbox" group: "rainmaker" @@ -8,6 +9,7 @@ ingress: enabled: true zuul: true context: "inbox" + namespace: egov # Container Configs image: From 93ad909219bb7b8021777a9d7044e72b3e64c36f Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 2 Aug 2023 13:00:02 +0530 Subject: [PATCH 243/742] added egov namespace in valies.yaml --- .../charts/core-services/inbox/Chart.yaml | 26 ----- .../inbox/templates/deployment.yaml | 2 - .../inbox/templates/ingress.yaml | 2 - .../inbox/templates/service.yaml | 2 - .../charts/core-services/inbox/values.yaml | 104 ------------------ .../helm/charts/sanitation/inbox/values.yaml | 7 +- .../helm/environments/unified-dev.yaml | 5 +- 7 files changed, 10 insertions(+), 138 deletions(-) delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml b/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml deleted file mode 100644 index de87e4ffaa..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: inbox -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml deleted file mode 100644 index 96fb6e00a0..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml deleted file mode 100644 index cc12d64759..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml deleted file mode 100644 index 454d8db3b6..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml deleted file mode 100644 index 04b451262f..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/values.yaml +++ /dev/null @@ -1,104 +0,0 @@ -# Common Labels -namespace: egov -labels: - app: "inbox" - group: "rainmaker" - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "inbox" - namespace: egov - -# Container Configs -image: - repository: "inbox" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/inbox/health" - readinessProbePath: "/inbox/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx256m -Xms256m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: WORKFLOW_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - - name: WORKFLOW_PROCESS_SEARCH_PATH - value: "egov-workflow-v2/egov-wf/process/_search" - - name: WORKFLOW_BUSINESSSERVICE_SEARCH_PATH - value: "egov-workflow-v2/egov-wf/businessservice/_search" - - name: WORKFLOW_PROCESS_COUNT_PATH - value: "egov-workflow-v2/egov-wf/process/_count" - - name: WORKFLOW_PROCESS_STATUSCOUNT_PATH - value: "egov-workflow-v2/egov-wf/process/_statuscount" - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_USER_SEARCH_PATH - value: "user/_search" - - name: EGOV_SEARCHER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-searcher - - name: EGOV_DASHBOARD_ANALYTICS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: dashboard-analytics - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: SERVICES_ESINDEXER_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: es-indexer-host - - name: STATE_LEVEL_TENANT_ID - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-state-level-tenant-id - - name: EGOV_INTERNAL_MICROSERVICE_USER_UUID - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-internal-microservice-user-uuid - - name: EGOV_SEARCHER_PT_SEARCH_PATH - value: "egov-searcher/property-services/inboxpropertysearch/_get" - - name: SERVICE_SEARCH_MAPPING - value: {{ index .Values "service-map" | quote }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: BS_BUSINESSCODE_SERVICE_SEARCH - value: {{ index .Values "bs-service-map" | quote }} - - name: WATER_ES_INDEX - value: {{ index .Values "water-es-index" | quote }} - - name: SEWERAGE_ES_INDEX - value: {{ index .Values "sewerage-es-index" | quote }} - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: JAVA_ENABLE_DEBUG - value: "true" diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml index 17d0686cad..2d53aa8c24 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/inbox/values.yaml @@ -1,4 +1,4 @@ -namespace : sanitation +namespace : [ sanitation, egov ] # Common Labels labels: app: "inbox" @@ -28,6 +28,11 @@ java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs env: | + - name: SERVICES_ESINDEXER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: es-indexer-host - name: WORKFLOW_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 3967460ddf..e984000bb0 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -138,7 +138,7 @@ cluster-configs: egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" + inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" @@ -213,6 +213,9 @@ egov-idgen: heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" +inbox: + namespace: egov + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" From 49a05f4546e65ff143e462f23a9265d580395607 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 2 Aug 2023 16:15:02 +0530 Subject: [PATCH 244/742] added inbox config in env file --- deploy-as-code/helm/environments/unified-dev.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e984000bb0..c38d4811d5 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -138,6 +138,7 @@ cluster-configs: egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" @@ -207,15 +208,21 @@ egov-url-shortening: hashids-salt: "randomsalt" hashids-min-length: "2" +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" -inbox: - namespace: egov - egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" From 3f80aa183b26d2c29e917b4d166af1240b2b79d0 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 7 Aug 2023 10:31:31 +0530 Subject: [PATCH 245/742] #SM-3026 removed sanitation inbox (#1874) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- deploy-as-code/helm/environments/unified-dev.yaml | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 62f3389746..c038d13f8d 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -138,7 +138,7 @@ cluster-configs: egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" + inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index c38d4811d5..2c848b2111 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -138,7 +138,6 @@ cluster-configs: egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" From b18d1644d7c8d0c2cefda0118755ee80042cb418 Mon Sep 17 00:00:00 2001 From: talele08 Date: Tue, 8 Aug 2023 11:22:31 +0530 Subject: [PATCH 246/742] Changed to MSK (#1881) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 2c848b2111..30946ead54 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "b-2.unifieddevcluster.pl3l75.c2.kafka.ap-south-1.amazonaws.com:9092,b-1.unifieddevcluster.pl3l75.c2.kafka.ap-south-1.amazonaws.com:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 894eb9561d166662129bacfeed81f0c09cefc206 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 8 Aug 2023 12:01:18 +0530 Subject: [PATCH 247/742] moved inbox service from sanitation to core charts (#1882) * moved inbox service from sanitation to core charts * updated namespace in inbox charts --------- Co-authored-by: Harish-egov --- .../helm/charts/{sanitation => core-services}/inbox/Chart.yaml | 0 .../inbox/templates/deployment.yaml | 0 .../{sanitation => core-services}/inbox/templates/ingress.yaml | 0 .../{sanitation => core-services}/inbox/templates/service.yaml | 0 .../helm/charts/{sanitation => core-services}/inbox/values.yaml | 2 +- 5 files changed, 1 insertion(+), 1 deletion(-) rename deploy-as-code/helm/charts/{sanitation => core-services}/inbox/Chart.yaml (100%) rename deploy-as-code/helm/charts/{sanitation => core-services}/inbox/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{sanitation => core-services}/inbox/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{sanitation => core-services}/inbox/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{sanitation => core-services}/inbox/values.yaml (98%) diff --git a/deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml b/deploy-as-code/helm/charts/core-services/inbox/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/sanitation/inbox/Chart.yaml rename to deploy-as-code/helm/charts/core-services/inbox/Chart.yaml diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/sanitation/inbox/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/inbox/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/sanitation/inbox/templates/ingress.yaml rename to deploy-as-code/helm/charts/core-services/inbox/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/sanitation/inbox/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/inbox/templates/service.yaml diff --git a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml similarity index 98% rename from deploy-as-code/helm/charts/sanitation/inbox/values.yaml rename to deploy-as-code/helm/charts/core-services/inbox/values.yaml index 2d53aa8c24..f258a228ca 100644 --- a/deploy-as-code/helm/charts/sanitation/inbox/values.yaml +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -1,4 +1,4 @@ -namespace : [ sanitation, egov ] +namespace : egov # Common Labels labels: app: "inbox" From c093f459e1884e6224c7e6841b22b97250c17e72 Mon Sep 17 00:00:00 2001 From: talele08 Date: Tue, 8 Aug 2023 13:09:11 +0530 Subject: [PATCH 248/742] Revert "Changed to MSK (#1881)" (#1884) This reverts commit b18d1644d7c8d0c2cefda0118755ee80042cb418. --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 30946ead54..2c848b2111 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "b-2.unifieddevcluster.pl3l75.c2.kafka.ap-south-1.amazonaws.com:9092,b-1.unifieddevcluster.pl3l75.c2.kafka.ap-south-1.amazonaws.com:9092" + kafka-brokers: "kafka-v2.kafka-cluster:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From d6e07ba05e6caaa94a3f09f1764a1ee65f7d2a57 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 8 Aug 2023 22:36:27 +0530 Subject: [PATCH 249/742] removed namespace in inbox values.yaml --- deploy-as-code/helm/charts/core-services/inbox/values.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml index f258a228ca..f115eda3bd 100644 --- a/deploy-as-code/helm/charts/core-services/inbox/values.yaml +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -1,4 +1,3 @@ -namespace : egov # Common Labels labels: app: "inbox" From d09ee6c02912f9b99e44d6719a0d8e840451cb13 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 9 Aug 2023 14:43:31 +0530 Subject: [PATCH 250/742] updated syncing kafka-exporter with prometheus --- .../charts/backbone-services/prometheus-operator/values.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index c8b0b7cc00..c9de024062 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1757,7 +1757,10 @@ prometheus: ## The scrape configuraiton example below will find master nodes, provided they have the name .*mst.*, relabel the ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes ## - additionalScrapeConfigs: [] + additionalScrapeConfigs: + - job_name: 'kafka-exporter' + static_configs: + - targets: ['prometheus-kafka-exporter:9308'] # - job_name: kube-etcd # kubernetes_sd_configs: # - role: node From aa53c87110860f4eb22bcf2d8f8572ee88118013 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 16 Aug 2023 12:35:51 +0530 Subject: [PATCH 251/742] PFM-4031-Removed core service configurations(idgen, filestore, user) (#1898) * PFM-4031-Removed core service configurations(idgen, filestore, user) * PFM-4031-Removed url shortening and sms notification configuration --- .../helm/environments/unified-works-dev.yaml | 60 ------------------- 1 file changed, 60 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 8b97fc38ce..9b72f83427 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -296,66 +296,6 @@ citizen: ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-url-shortening: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-url-shortner-endpoint: "/eus/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "2" - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" chatbot: kafka-topics-partition-count: 3 From 0b7aa57c13eb4cb14e9044fd4972825d24d7b0d0 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 16 Aug 2023 17:52:53 +0530 Subject: [PATCH 252/742] updated filestore secrets in unified-works-dev env (#1899) Co-authored-by: Harish-egov --- .../helm/environments/unified-works-dev-secrets.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml index 5b52ab8d15..49ef61d1d5 100644 --- a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:w8dzx1VxegcyiuUkEkZUJ2q6sl8=,iv:tblebty94pl2+ByPoZu9L8U7cXEylYQUMAQlxTPvfvM=,tag:x44CUdAQGTiZJjyioLolCw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:AqwpqJ0eGdu7XR7sDDQnIQyOQna2tLAiSNO/ISpUStCBTbn52IB7iQ==,iv:SkYL0egyml+Ub8+QZzB+JF8eqPl27s6qE2yUszMN8/I=,tag:QRLPO7lsianWkI3v+GWTyA==,type:str] + aws-key: ENC[AES256_GCM,data:2PynZQBMfZf996NrF/DqPpGyM5Q=,iv:xYJHOjGzx+o0RNImrCTW2NtYvhQVr6PTvqqDLzUTpME=,tag:HOFeP0mKD6U6hwnrLNJTMw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:xHf/VojI21waAmYrs5ssmej9pqs3ctmiM+9gLldzy1J11mLwP6KcZQ==,iv:Ah7QSCS/Xjij/Ct9qkksXxE5dXb3wj0IVahXUMOhieM=,tag:0DK+pnicmyXqkEuNpI3LLw==,type:str] egov-filestore-azure: account-name: ENC[AES256_GCM,data:IDNGiQ/UdJfodlpDksRd,iv:JXpOVDYms1HVVWGnxMwmpirVScnDTZt6OaPn2pb4hnY=,tag:tTDmD8PRBezzXFg876KG4g==,type:str] account-key: ENC[AES256_GCM,data:bIk4upLfb+M4xzsW/pVEQQIRQzUHItnATMxoQw/a6q5iSeGOJxcbFoj/Yj5wN61AXFI1QgGqPUVyGTU4LFj4OvSb4Te/AL1bsqIgAppdEKxKu0YOXeWouQ==,iv:FIkApN+y2tCd4xzPb61DqfmFXAb9v5lYVRuPWUdUWLA=,tag:3dTtN+HvrA1+m9QjeeqZTQ==,type:str] @@ -97,8 +97,8 @@ sops: created_at: '2020-11-10T06:48:05Z' enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== gcp_kms: [] - lastmodified: '2023-06-22T05:01:45Z' - mac: ENC[AES256_GCM,data:h8dvwlX5sRvsOYhiJw0C/aQdzzXyhwxTuv2eGAO91Gqs/wKHQBdoiFtNBRk0JSNOk+067+E32K7sAaGiFyrRLvquHha7cRAxL6DqLY6/Ryx6Rur3218YOGBUABNIX3y9f+dIeEmwf5T6Q73FNClrb2nvwrwyJ9qJzheLvtsQ+ZM=,iv:9v27T1Wh1myNtRgfX4DP1QuoVghzRc6kH/1NDSN7YXw=,tag:RFQ8YXpGJa54HoIHi4ANxg==,type:str] + lastmodified: '2023-08-16T12:04:22Z' + mac: ENC[AES256_GCM,data:tNpER4y2KIswW/ySaAoa4r6Mwi9mbpIi+ndSB+Q6GBW7s6wz9NXGi9bnMTkrCXFpEPi960HoCIx99iLKMBc2/pZ5J4oqzBraoThEohKd5nDRWGXKS0zeV4C83nQkrlF/lcIN03b3Bxdd4swd+cpdE1aNv9xK3PdmRLlJ2IH6K/E=,iv:dNqs1PW9FqU2z0ee/XnodXpiCMmqt45bGE0jAl3T8ds=,tag:+HdeYX6esf8s6jvep/pSTg==,type:str] pgp: - created_at: '2020-11-10T06:48:05Z' enc: | From 165025fa5094ab382468f8214233bef429497714 Mon Sep 17 00:00:00 2001 From: Gowtham-egov <112694085+Gowtham-egov@users.noreply.github.com> Date: Thu, 17 Aug 2023 12:44:51 +0530 Subject: [PATCH 253/742] updated filestore secrets in unified-dev (#1901) --- deploy-as-code/helm/environments/unified-dev-secrets.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml index eaf232c97d..4282a127ab 100644 --- a/deploy-as-code/helm/environments/unified-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-dev-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:BbAOdX4eraGZG8XEeUk52JdTCzs=,iv:dY4wElIQE/w6OhExzH0NsZfubeL5+SQpu0oAd8T56/k=,tag:oHB9nkvpkyUwaoa9DH0OCg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:N3BgZRp7Y07WU5Laufl7x9EuRYhbzZc2/NHtZWepl8MCv1c/Go/mPg==,iv:1Z1gd885HzpFxkA8Y78gZd4J2cxdwp6a4QZwQlukSgg=,tag:EGbJhJQJ1fT8VeliD363dg==,type:str] + aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] egov-filestore-azure: account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-04-11T06:22:14Z" - mac: ENC[AES256_GCM,data:ja9HWlgWrIJ0z4ujxZbnDo2yMHn71oJ8J4N+vK5AEwvlfOcRyVWHpoFafGhXFx3v8wt5ld0uAK62PhJSuGJ+Cp3JROycj8jnhPLJwLRB9hF7U2c8zUjlvoM0ByartA47AjH5Kf1bNzcUIcWUoN3LS9uZttSpfORKhwl7I/qmVP4=,iv:SbYRWPWpYBwNTp+UyuTUMGmZa55MBYmdejGj+IMV2Ik=,tag:NpUjOB7JV9VSQLYGdFyHQQ==,type:str] + lastmodified: "2023-08-17T07:01:44Z" + mac: ENC[AES256_GCM,data:iHw5Zk34A9TKiWAHFstx4hiuoSmPlSFqruNds8VvcPfl1H1QyImR+HKD8V9gKsnQ6WA/mN84xjKAGVYP0u6y8j7EY2D8Ei7+Bgw4i7lsL0gXZ7t3XVzdnUM72LxdyeeZnSxpKdki3GGx32/DUnE2YLUmhoNpEcOB3APJvjqHJPg=,iv:5KroSwR0++Bd7R9ZVAtuwuKNCLW6c4KTRptW6wBaAXg=,tag:rl1AFe++dAu2rjssG817zw==,type:str] pgp: - created_at: "2023-04-11T06:12:24Z" enc: | From d08bffb8557117c9b77f0e6138f654ae6969b27a Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 17 Aug 2023 15:16:12 +0530 Subject: [PATCH 254/742] PFM-4031-Added filestore bucket name in unified dev (#1902) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 2c848b2111..aa9145b4c1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -196,7 +196,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: "unified-dev-bucket-s3" heap: "-Xmx256m -Xms256m" memory_limits: 512Mi From d9dd6c8d5bc151cd303bb6c24aa91c2af579c0b3 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 21 Aug 2023 14:56:07 +0530 Subject: [PATCH 255/742] added indexer and persister file location for works (#1905) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index aa9145b4c1..46996eed79 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -327,7 +327,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/loiservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml" egov-persister: replicas: 1 @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-management-system-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From f631e470ecdb58f505d89bbc41e2f80e054e364f Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 22 Aug 2023 17:13:14 +0530 Subject: [PATCH 256/742] Update unified-works-dev.yaml (#1914) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 9b72f83427..c868f9a25a 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -1,11 +1,11 @@ global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: works-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban, works ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] root-ingress: cert-issuer: letsencrypt-prod From 65f01e65870dcb09ef411a340e2f2f91d63c8af8 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 22 Aug 2023 17:15:10 +0530 Subject: [PATCH 257/742] Updated domain url in unified-health-dev (#1915) --- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 9c1d0ca9b9..cc67d3aa27 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -1,5 +1,5 @@ global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: health-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: From 2c4a08a7f3cdf5c4628b80056623b49d9d49e39e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 22 Aug 2023 17:36:12 +0530 Subject: [PATCH 258/742] removed static-config in values.yaml --- .../charts/backbone-services/prometheus-operator/values.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index c9de024062..b9ac46e7c1 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1757,10 +1757,6 @@ prometheus: ## The scrape configuraiton example below will find master nodes, provided they have the name .*mst.*, relabel the ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes ## - additionalScrapeConfigs: - - job_name: 'kafka-exporter' - static_configs: - - targets: ['prometheus-kafka-exporter:9308'] # - job_name: kube-etcd # kubernetes_sd_configs: # - role: node From 5e6f3e665fb18544a341d82fd1cfc6f24addd0d5 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 22 Aug 2023 17:43:56 +0530 Subject: [PATCH 259/742] Prometheus (#1913) * added prometheus-blackbox-exporter helm chart for ssl expiry * Update values.yaml * Update values.yaml --- .../prometheus-blackbox-exporter/Chart.yaml | 17 + .../prometheus-blackbox-exporter/README.md | 113 ++++++ .../ci/daemonset-values.yml | 1 + .../ci/default-values.yaml | 0 .../ci/extraenv-values.yaml | 3 + .../ci/hostAliases.yml | 9 + .../ci/ingress-values.yml | 2 + .../ci/networkpolicy-values.yaml | 2 + .../ci/secret-values.yaml | 1 + .../templates/NOTES.txt | 31 ++ .../templates/_helpers.tpl | 103 +++++ .../templates/configmap.yaml | 12 + .../templates/daemonset.yaml | 146 +++++++ .../templates/deployment.yaml | 165 ++++++++ .../templates/extra-manifests.yaml | 4 + .../templates/ingress.yaml | 66 ++++ .../templates/networkpolicy.yaml | 28 ++ .../templates/poddisruptionbudget.yaml | 18 + .../templates/podsecuritypolicy.yaml | 41 ++ .../templates/prometheusrule.yaml | 20 + .../templates/role.yaml | 18 + .../templates/rolebinding.yaml | 16 + .../templates/selfservicemonitor.yaml | 31 ++ .../templates/service.yaml | 27 ++ .../templates/serviceaccount.yaml | 13 + .../templates/servicemonitor.yaml | 59 +++ .../templates/verticalpodautoscaler.yaml | 44 +++ .../prometheus-blackbox-exporter/values.yaml | 362 ++++++++++++++++++ .../prometheus-operator/requirements.yaml | 5 + .../prometheus/additionalScrapeConfigs.yaml | 2 +- .../templates/prometheus/prometheus.yaml | 3 + .../rules-1.14/alertmanager.rules.yaml | 8 + .../rules-1.14/kubernetes-storage.yaml | 12 + .../prometheus/rules/kubernetes-storage.yaml | 12 + .../prometheus-operator/values.yaml | 27 +- .../helm/environments/unified-dev.yaml | 3 +- 36 files changed, 1419 insertions(+), 5 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/Chart.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/README.md create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/daemonset-values.yml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/default-values.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/extraenv-values.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/hostAliases.yml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/ingress-values.yml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/networkpolicy-values.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/secret-values.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/NOTES.txt create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/_helpers.tpl create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/daemonset.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/extra-manifests.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/networkpolicy.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/poddisruptionbudget.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/podsecuritypolicy.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/prometheusrule.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/role.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/selfservicemonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/servicemonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/verticalpodautoscaler.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/Chart.yaml new file mode 100644 index 0000000000..2bef073740 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/Chart.yaml @@ -0,0 +1,17 @@ +apiVersion: v2 +description: Prometheus Blackbox Exporter +name: prometheus-blackbox-exporter +version: 8.2.0 +appVersion: v0.24.0 +home: https://github.com/prometheus/blackbox_exporter +sources: + - https://github.com/prometheus/blackbox_exporter + - https://github.com/prometheus-community/helm-charts/tree/main/charts/prometheus-blackbox-exporter +keywords: + - prometheus + - blackbox + - monitoring +maintainers: + - name: padma + email: sri.padma@egovernments.org +type: application diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/README.md b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/README.md new file mode 100644 index 0000000000..c7e2b5c274 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/README.md @@ -0,0 +1,113 @@ +# Prometheus Blackbox Exporter + +Prometheus exporter for blackbox testing + +Learn more: [https://github.com/prometheus/blackbox_exporter](https://github.com/prometheus/blackbox_exporter) + +This chart creates a Blackbox-Exporter deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.8+ with Beta APIs enabled +- Helm >= 3.0 + +## Get Repository Info + +```console +helm repo add prometheus-community https://prometheus-community.github.io/helm-charts +helm repo update +``` + +_See [`helm repo`](https://helm.sh/docs/helm/helm_repo/) for command documentation._ + +## Install Chart + +```console +helm install [RELEASE_NAME] prometheus-community/prometheus-blackbox-exporter +``` + +_See [configuration](#configuration) below._ + +_See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation._ + +## Uninstall Chart + +```console +helm uninstall [RELEASE_NAME] +``` + +This removes all the Kubernetes components associated with the chart and deletes the release. + +_See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation._ + +## Upgrading Chart + +```console +helm upgrade [RELEASE_NAME] [CHART] --install +``` + +_See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command documentation._ + +### To 8.0.0 + +- The default image is set to `quay.io/prometheus/blackbox-exporter` instead `prom/blackbox-exporter` +- `image.repository` is now split into `image.registry` and `image.repository`. + For the old behavior, set `image.registry` to an empty string and only use `image.repository`. + +### To 7.0.0 + +This version introduces the `securityContext` and `podSecurityContext` and removes `allowICMP`option. + +All previous values are setup as default. In case that you want to enable previous functionality for `allowICMP` you need to explicit enabled with the following configuration: + +```yaml +securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + capabilities: + add: ["NET_RAW"] +``` + +### To 6.0.0 + +This version introduces the relabeling field for the ServiceMonitor. +All values in the list `additionalRelabeling` will now appear under `relabelings` instead of `metricRelabelings`. + +### To 5.0.0 + +This version removes Helm 2 support. Also the ingress config has changed, so you have to adapt to the example in the values.yaml. + +### To 4.0.0 + +This version create the service account by default and introduce pod security policy, it can be enabled by setting `pspEnabled: true`. + +### To 2.0.0 + +This version removes the `podDisruptionBudget.enabled` parameter and changes the default value of `podDisruptionBudget` to `{}`, in order to fix Helm 3 compatibility. + +In order to upgrade, please remove `podDisruptionBudget.enabled` from your custom values.yaml file and set the content of `podDisruptionBudget`, for example: + +```yaml +podDisruptionBudget: + maxUnavailable: 0 +``` + +### To 1.0.0 + +This version introduce the new recommended labels. + +In order to upgrade, delete the Deployment before upgrading: + +```bash +kubectl delete deployment [RELEASE_NAME]-prometheus-blackbox-exporter +``` + +Note that this will cause downtime of the blackbox. + +## Configuration + +See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To see all configurable options with detailed comments, visit the chart's [values.yaml](./values.yaml), or run these configuration commands: + +```console +helm show values prometheus-community/prometheus-blackbox-exporter +``` diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/daemonset-values.yml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/daemonset-values.yml new file mode 100644 index 0000000000..7e498f6c0f --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/daemonset-values.yml @@ -0,0 +1 @@ +kind: DaemonSet diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/default-values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/default-values.yaml new file mode 100644 index 0000000000..e69de29bb2 diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/extraenv-values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/extraenv-values.yaml new file mode 100644 index 0000000000..df79f9a7ee --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/extraenv-values.yaml @@ -0,0 +1,3 @@ +extraEnv: + HTTP_PROXY: "http://superproxy.com:3128" + NO_PROXY: "localhost,127.0.0.1" diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/hostAliases.yml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/hostAliases.yml new file mode 100644 index 0000000000..3e3c401f02 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/hostAliases.yml @@ -0,0 +1,9 @@ +hostAliases: + - ip: 192.168.1.1 + hostNames: + - test.example.com + - another.example.net + - ip: 192.168.1.2 + hostNames: + - test2.example.com + - another2.example.net \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/ingress-values.yml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/ingress-values.yml new file mode 100644 index 0000000000..95e57c375e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/ingress-values.yml @@ -0,0 +1,2 @@ +ingress: + enabled: true \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/networkpolicy-values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/networkpolicy-values.yaml new file mode 100644 index 0000000000..12e4a94ac8 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/networkpolicy-values.yaml @@ -0,0 +1,2 @@ +networkPolicy: + enabled: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/secret-values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/secret-values.yaml new file mode 100644 index 0000000000..92664ab041 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/ci/secret-values.yaml @@ -0,0 +1 @@ +secretConfig: true diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/NOTES.txt new file mode 100644 index 0000000000..2e67428724 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/NOTES.txt @@ -0,0 +1,31 @@ +See https://github.com/prometheus/blackbox_exporter/ for how to configure Prometheus and the Blackbox Exporter. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range $host := .Values.ingress.hosts }} + {{- range .paths }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} + {{- end }} +{{- end }} + +{{- $kubeVersion := include "prometheus-blackbox-exporter.kubeVersion" . -}} +{{ if and .Values.ingress.className (semverCompare "<=1.18-0" $kubeVersion) }} +You've set ".Values.ingressClassName" but it's not supported by your Kubernetes version! +Therefore the option was not added and the old ingress annotation was set. +{{ end }} + +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "prometheus-blackbox-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} svc -w {{ include "prometheus-blackbox-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} {{ include "prometheus-blackbox-exporter.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} -l "app.kubernetes.io/name={{ include "prometheus-blackbox-exporter.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl --namespace {{ template "prometheus-blackbox-exporter.namespace" . }} port-forward $POD_NAME 8080:$CONTAINER_PORT +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/_helpers.tpl new file mode 100644 index 0000000000..9cb28d28e2 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/_helpers.tpl @@ -0,0 +1,103 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-blackbox-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-blackbox-exporter.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-blackbox-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "prometheus-blackbox-exporter.labels" -}} +helm.sh/chart: {{ include "prometheus-blackbox-exporter.chart" . }} +{{ include "prometheus-blackbox-exporter.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.releaseLabel }} +release: {{ .Release.Name }} +{{- end }} +{{- if .Values.commonLabels }} +{{ toYaml .Values.commonLabels }} +{{- end }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "prometheus-blackbox-exporter.selectorLabels" -}} +app.kubernetes.io/name: {{ include "prometheus-blackbox-exporter.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-blackbox-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "prometheus-blackbox-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Return the appropriate apiVersion for rbac. +*/}} +{{- define "rbac.apiVersion" -}} +{{- if .Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }} +{{- print "rbac.authorization.k8s.io/v1" -}} +{{- else -}} +{{- print "rbac.authorization.k8s.io/v1beta1" -}} +{{- end -}} +{{- end -}} + + +{{- define "prometheus-blackbox-exporter.namespace" -}} + {{- if .Values.namespaceOverride -}} + {{- .Values.namespaceOverride -}} + {{- else -}} + {{- .Release.Namespace -}} + {{- end -}} +{{- end -}} + +{{/* Enable overriding Kubernetes version for some use cases */}} +{{- define "prometheus-blackbox-exporter.kubeVersion" -}} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersionOverride -}} +{{- end -}} + + +{{/* +The image to use +*/}} +{{- define "prometheus-blackbox-exporter.image" -}} +{{- with (.Values.global.imageRegistry | default .Values.image.registry) -}}{{ . }}/{{- end }} +{{- .Values.image.repository -}}:{{- .Values.image.tag | default .Chart.AppVersion -}} +{{- with .Values.image.digest -}}@{{ .}}{{- end -}} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml new file mode 100644 index 0000000000..2b75de93ac --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.config (eq .Values.configExistingSecretName "") }} +apiVersion: v1 +kind: {{ if .Values.secretConfig -}} Secret {{- else -}} ConfigMap {{- end }} +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: monitoring + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +{{ if .Values.secretConfig -}} stringData: {{- else -}} data: {{- end }} + blackbox.yaml: | +{{ toYaml .Values.config | indent 4 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/daemonset.yaml new file mode 100644 index 0000000000..7dad52ce3b --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/daemonset.yaml @@ -0,0 +1,146 @@ +{{- if (eq .Values.kind "DaemonSet") }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" . | nindent 6 }} + template: + metadata: + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 8 }} + {{- if .Values.pod.labels }} +{{ toYaml .Values.pod.labels | indent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "prometheus-blackbox-exporter.serviceAccountName" . }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.tolerations }} + tolerations: +{{ toYaml .Values.tolerations | indent 6 }} + {{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.image.pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: + {{- range .Values.hostAliases }} + - ip: {{ .ip }} + hostnames: + {{- range .hostNames }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} + restartPolicy: {{ .Values.restartPolicy }} + + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + {{- if .Values.extraInitContainers }} + initContainers: +{{ toYaml .Values.extraInitContainers | indent 8 }} + {{- end }} + containers: + - name: blackbox-exporter + image: {{ include "prometheus-blackbox-exporter.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + args: +{{- if (or .Values.config .Values.configExistingSecretName) }} + {{- if .Values.configPath }} + - "--config.file={{ .Values.configPath }}" + {{- else }} + - "--config.file=/config/blackbox.yaml" + {{- end }} +{{- else }} + - "--config.file=/etc/blackbox_exporter/config.yml" +{{- end }} + {{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + ports: + - containerPort: {{ .Values.service.port }} + name: http + livenessProbe: + {{- toYaml .Values.livenessProbe | trim | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | trim | nindent 12 }} + volumeMounts: + - mountPath: /config + name: config + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} +{{- if .Values.dnsPolicy }} + dnsPolicy: {{ .Values.dnsPolicy | toString }} +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} +{{- if .Values.dnsConfig }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} +{{- end }} + volumes: + - name: config +{{- if .Values.secretConfig }} + secret: + secretName: {{ template "prometheus-blackbox-exporter.fullname" . }} +{{- else if .Values.configExistingSecretName }} + secret: + secretName: {{ .Values.configExistingSecretName }} +{{- else }} + configMap: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} +{{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + defaultMode: {{ .defaultMode }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml new file mode 100644 index 0000000000..c75738bec9 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml @@ -0,0 +1,165 @@ +{{- if (eq .Values.kind "Deployment") }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: monitoring + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.replicas }} + selector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" . | nindent 6 }} + strategy: +{{ toYaml .Values.strategy | indent 4 }} + template: + metadata: + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 8 }} + {{- if .Values.pod.labels }} +{{ toYaml .Values.pod.labels | indent 8 }} + {{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + {{- if .Values.podAnnotations }} +{{ toYaml .Values.podAnnotations | indent 8 }} + {{- end }} + spec: + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + serviceAccountName: {{ template "prometheus-blackbox-exporter.serviceAccountName" . }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range .Values.image.pullSecrets }} + - name: {{ . }} + {{- end }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: + {{- range .Values.hostAliases }} + - ip: {{ .ip }} + hostnames: + {{- range .hostNames }} + - {{ . }} + {{- end }} + {{- end }} + {{- end }} + restartPolicy: {{ .Values.restartPolicy }} + + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 8 }} + {{- if .Values.extraInitContainers }} + initContainers: +{{ toYaml .Values.extraInitContainers | indent 8 }} + {{- end }} + containers: + {{- if .Values.extraContainers }} +{{ toYaml .Values.extraContainers | indent 8 }} + {{- end }} + - name: blackbox-exporter + image: {{ include "prometheus-blackbox-exporter.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + env: + {{- range $key, $value := .Values.extraEnv }} + - name: {{ $key }} + value: {{ $value | quote }} + {{- end }} + args: +{{- if .Values.config }} + {{- if .Values.configPath }} + - "--config.file={{ .Values.configPath }}" + {{- else }} + - "--config.file=/config/blackbox.yaml" + {{- end }} +{{- else }} + - "--config.file=/etc/blackbox_exporter/config.yml" +{{- end }} + {{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + ports: + - containerPort: {{ .Values.containerPort }} + name: http + livenessProbe: + {{- toYaml .Values.livenessProbe | trim | nindent 12 }} + readinessProbe: + {{- toYaml .Values.readinessProbe | trim | nindent 12 }} + volumeMounts: + - mountPath: /config + name: config + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath | default "" }} + readOnly: {{ .readOnly }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + mountPath: {{ .mountPath }} + subPath: {{ .subPath }} + readOnly: {{ .readOnly }} + {{- end }} + {{- if .Values.extraVolumeMounts }} +{{ toYaml .Values.extraVolumeMounts | indent 12 }} + {{- end }} +{{- if .Values.dnsPolicy }} + dnsPolicy: {{ .Values.dnsPolicy | toString }} +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} +{{- if .Values.dnsConfig }} + dnsConfig: + {{- toYaml .Values.dnsConfig | nindent 8 }} +{{- end }} + volumes: + {{- if .Values.extraVolumes }} +{{ toYaml .Values.extraVolumes | indent 8 }} + {{- end }} + - name: config +{{- if .Values.secretConfig }} + secret: + secretName: {{ template "prometheus-blackbox-exporter.fullname" . }} +{{- else if .Values.configExistingSecretName }} + secret: + secretName: {{ .Values.configExistingSecretName }} +{{- else }} + configMap: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} +{{- end }} + {{- range .Values.extraConfigmapMounts }} + - name: {{ .name }} + configMap: + name: {{ .configMap }} + defaultMode: {{ .defaultMode }} + {{- end }} + {{- range .Values.extraSecretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + defaultMode: {{ .defaultMode }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/extra-manifests.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/extra-manifests.yaml new file mode 100644 index 0000000000..567f7bf329 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/extra-manifests.yaml @@ -0,0 +1,4 @@ +{{ range .Values.extraManifests }} +--- +{{ tpl (toYaml .) $ }} +{{ end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/ingress.yaml new file mode 100644 index 0000000000..4e469400bd --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/ingress.yaml @@ -0,0 +1,66 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "prometheus-blackbox-exporter.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- $kubeVersion := include "prometheus-blackbox-exporter.kubeVersion" . -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" $kubeVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" $kubeVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} + {{- if .Values.ingress.labels }} +{{ toYaml .Values.ingress.labels | indent 4 }} + {{- end}} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" $kubeVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ tpl . $ | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ tpl .host $ | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $kubeVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $kubeVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/networkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/networkpolicy.yaml new file mode 100644 index 0000000000..67c8857607 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/networkpolicy.yaml @@ -0,0 +1,28 @@ +{{- if .Values.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + podSelector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" . | nindent 6 }} + ingress: +{{- if .Values.networkPolicy.allowMonitoringNamespace }} + - from: + - namespaceSelector: + matchLabels: + name: monitoring + ports: + - port: {{ .Values.service.port }} + protocol: TCP +{{- else }} + - {} +{{- end }} + policyTypes: + - Ingress +{{- end }} + diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000000..72696d8525 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/poddisruptionbudget.yaml @@ -0,0 +1,18 @@ +{{- if .Values.podDisruptionBudget -}} +{{ if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" -}} +apiVersion: policy/v1 +{{- else -}} +apiVersion: policy/v1beta1 +{{- end }} +kind: PodDisruptionBudget +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + selector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" . | nindent 6 }} +{{ toYaml .Values.podDisruptionBudget | indent 2 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/podsecuritypolicy.yaml new file mode 100644 index 0000000000..760a9c6259 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/podsecuritypolicy.yaml @@ -0,0 +1,41 @@ +{{- if and .Values.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }}-psp + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + # Prevents running in privileged mode + privileged: false + # Required to prevent escalations to root. + allowPrivilegeEscalation: false + volumes: + - configMap + - secret + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 1 + max: 65535 + readOnlyRootFilesystem: {{ .Values.readOnlyRootFilesystem }} + {{- if has "NET_RAW" .Values.securityContext.capabilities.add }} + allowedCapabilities: + - NET_RAW + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/prometheusrule.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/prometheusrule.yaml new file mode 100644 index 0000000000..9aef61057a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/prometheusrule.yaml @@ -0,0 +1,20 @@ +{{- if .Values.prometheusRule.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + {{- with .Values.prometheusRule.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} + {{- with .Values.prometheusRule.additionalLabels -}} +{{- toYaml . | nindent 4 -}} + {{- end }} +spec: + {{- with .Values.prometheusRule.rules }} + groups: + - name: {{ template "prometheus-blackbox-exporter.name" $ }} + rules: {{ toYaml . | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/role.yaml new file mode 100644 index 0000000000..aad12d9574 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/role.yaml @@ -0,0 +1,18 @@ +{{- if and .Values.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} +apiVersion: {{ template "rbac.apiVersion" . }} +kind: Role +metadata: + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} +rules: + - apiGroups: + - policy + resources: + - podsecuritypolicies + resourceNames: + - {{ template "prometheus-blackbox-exporter.fullname" . }}-psp + verbs: + - use +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/rolebinding.yaml new file mode 100644 index 0000000000..1d1d58a50b --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/rolebinding.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.pspEnabled (.Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy") }} +apiVersion: {{ template "rbac.apiVersion" . }} +kind: RoleBinding +metadata: + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "prometheus-blackbox-exporter.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-blackbox-exporter.serviceAccountName" . }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/selfservicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/selfservicemonitor.yaml new file mode 100644 index 0000000000..9ea4c64474 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/selfservicemonitor.yaml @@ -0,0 +1,31 @@ +{{- if .Values.serviceMonitor.selfMonitor.enabled }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" $ }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" $ }} + labels: + {{- include "prometheus-blackbox-exporter.labels" $ | nindent 4 }} + {{- if .Values.serviceMonitor.selfMonitor.labels }} + {{- toYaml (.Values.serviceMonitor.selfMonitor.labels) | nindent 4 }} + {{- end }} +spec: + endpoints: + - path: {{ .Values.serviceMonitor.selfMonitor.path }} + interval: {{ .Values.serviceMonitor.selfMonitor.interval }} + scrapeTimeout: {{ .Values.serviceMonitor.selfMonitor.scrapeTimeout }} + scheme: http + +{{- if .Values.serviceMonitor.selfMonitor.additionalRelabeling }} + relabelings: +{{ toYaml .Values.serviceMonitor.selfMonitor.additionalRelabeling | indent 6 }} +{{- end }} + jobLabel: "{{ .Release.Name }}" + selector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" $ | nindent 6 }} + namespaceSelector: + matchNames: + - {{ template "prometheus-blackbox-exporter.namespace" $ }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml new file mode 100644 index 0000000000..daa798293a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: +{{- if .Values.service.annotations }} + annotations: + {{- toYaml .Values.service.annotations | nindent 4 }} +{{- end }} + name: {{ include "prometheus-blackbox-exporter.fullname" . }} + namespace: monitoring + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http +{{- if .Values.service.externalIPs }} + externalIPs: +{{ toYaml .Values.service.externalIPs | indent 4 }} +{{- end }} + selector: + {{- include "prometheus-blackbox-exporter.selectorLabels" . | nindent 4 }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml new file mode 100644 index 0000000000..2d02707e0e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "prometheus-blackbox-exporter.serviceAccountName" . }} + namespace: monitoring + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/servicemonitor.yaml new file mode 100644 index 0000000000..8ea1d542ad --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/servicemonitor.yaml @@ -0,0 +1,59 @@ +{{- if .Values.serviceMonitor.enabled }} +{{- range .Values.serviceMonitor.targets }} +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-blackbox-exporter.fullname" $ }}-{{ .name }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" $ }} + labels: + {{- include "prometheus-blackbox-exporter.labels" $ | nindent 4 }} + {{- if or $.Values.serviceMonitor.defaults.labels .labels }} + {{- toYaml (.labels | default $.Values.serviceMonitor.defaults.labels) | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: http + scheme: {{ $.Values.serviceMonitor.scheme }} + {{- if $.Values.serviceMonitor.bearerTokenFile }} + bearerTokenFile: {{ $.Values.serviceMonitor.bearerTokenFile }} + {{- end }} + {{- if $.Values.serviceMonitor.tlsConfig }} + tlsConfig: {{ toYaml $.Values.serviceMonitor.tlsConfig | nindent 6 }} + {{- end }} + path: {{ $.Values.serviceMonitor.path }} + interval: {{ .interval | default $.Values.serviceMonitor.defaults.interval }} + scrapeTimeout: {{ .scrapeTimeout | default $.Values.serviceMonitor.defaults.scrapeTimeout }} + params: + module: + - {{ .module | default $.Values.serviceMonitor.defaults.module }} + target: + - {{ .url }} + {{- if .hostname }} + hostname: + - {{ .hostname }} + {{- end }} + metricRelabelings: + - sourceLabels: [instance] + targetLabel: instance + replacement: {{ .url }} + - sourceLabels: [target] + targetLabel: target + replacement: {{ .name }} + {{- range $targetLabel, $replacement := .additionalMetricsRelabels | default $.Values.serviceMonitor.defaults.additionalMetricsRelabels }} + - targetLabel: {{ $targetLabel | quote }} + replacement: {{ $replacement | quote }} + {{- end }} +{{- if concat (.additionalRelabeling | default list) $.Values.serviceMonitor.defaults.additionalRelabeling }} + relabelings: +{{ toYaml (concat (.additionalRelabeling | default list) $.Values.serviceMonitor.defaults.additionalRelabeling) | indent 6 }} +{{- end }} + jobLabel: "{{ $.Release.Name }}" + selector: + matchLabels: + {{- include "prometheus-blackbox-exporter.selectorLabels" $ | nindent 6 }} + namespaceSelector: + matchNames: + - {{ template "prometheus-blackbox-exporter.namespace" $ }} +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/verticalpodautoscaler.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/verticalpodautoscaler.yaml new file mode 100644 index 0000000000..652ecf1ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/verticalpodautoscaler.yaml @@ -0,0 +1,44 @@ +{{- if and (.Capabilities.APIVersions.Has "autoscaling.k8s.io/v1") (.Values.verticalPodAutoscaler.enabled) }} +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ include "prometheus-blackbox-exporter.fullname" . }} + namespace: {{ template "prometheus-blackbox-exporter.namespace" . }} + labels: + {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} +spec: + {{- with .Values.verticalPodAutoscaler.recommenders }} + recommenders: + {{- toYaml . | nindent 4 }} + {{- end }} + resourcePolicy: + containerPolicies: + - containerName: blackbox-exporter + {{- with .Values.verticalPodAutoscaler.controlledResources }} + controlledResources: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.controlledValues }} + controlledValues: {{ .Values.verticalPodAutoscaler.controlledValues }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.maxAllowed }} + maxAllowed: + {{ toYaml .Values.verticalPodAutoscaler.maxAllowed | nindent 8 }} + {{- end }} + {{- if .Values.verticalPodAutoscaler.minAllowed }} + minAllowed: + {{ toYaml .Values.verticalPodAutoscaler.minAllowed | nindent 8 }} + {{- end }} + targetRef: + apiVersion: apps/v1 + {{- if (eq .Values.kind "DaemonSet") }} + kind: DaemonSet + {{- else }} + kind: Deployment + {{- end }} + name: {{ template "prometheus-blackbox-exporter.fullname" . }} + {{- with .Values.verticalPodAutoscaler.updatePolicy }} + updatePolicy: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/values.yaml new file mode 100644 index 0000000000..89885d5f5b --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/values.yaml @@ -0,0 +1,362 @@ +global: + ## Global image registry to use if it needs to be overriden for some specific use cases (e.g local registries, custom images, ...) + ## + imageRegistry: "" + +restartPolicy: Always + +kind: Deployment + +## Override the namespace +## +namespaceOverride: "" +namespace: monitoring + +# Override Kubernetes version if your distribution does not follow semver v2 +kubeVersionOverride: "" + +## set to true to add the release label so scraping of the servicemonitor with kube-prometheus-stack works out of the box +releaseLabel: false + +podDisruptionBudget: {} + # maxUnavailable: 0 + +## Allow automount the serviceaccount token for sidecar container (eg: oauthproxy) +automountServiceAccountToken: false + +## Additional blackbox-exporter container environment variables +## For instance to add a http_proxy +## +## extraEnv: +## HTTP_PROXY: "http://superproxy.com:3128" +## NO_PROXY: "localhost,127.0.0.1" +extraEnv: {} + +extraVolumes: [] + # - name: secret-blackbox-oauth-htpasswd + # secret: + # defaultMode: 420 + # secretName: blackbox-oauth-htpasswd + # - name: storage-volume + # persistentVolumeClaim: + # claimName: example + +## Additional volumes that will be attached to the blackbox-exporter container +extraVolumeMounts: + # - name: ca-certs + # mountPath: /etc/ssl/certs/ca-certificates.crt + +## Additional InitContainers to initialize the pod +## +extraInitContainers: [] + +extraContainers: [] + # - name: oAuth2-proxy + # args: + # - -https-address=:9116 + # - -upstream=http://localhost:9115 + # - -skip-auth-regex=^/metrics + # - -openshift-delegate-urls={"/":{"group":"monitoring.coreos.com","resource":"prometheuses","verb":"get"}} + # image: openshift/oauth-proxy:v1.1.0 + # ports: + # - containerPort: 9116 + # name: proxy + # resources: + # limits: + # memory: 16Mi + # requests: + # memory: 4Mi + # cpu: 20m + # volumeMounts: + # - mountPath: /etc/prometheus/secrets/blackbox-tls + # name: secret-blackbox-tls + +## Enable pod security policy +pspEnabled: true + +hostNetwork: false + +strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + +image: + registry: quay.io + repository: prometheus/blackbox-exporter + # Overrides the image tag whose default is {{ printf "v%s" .Chart.AppVersion }} + tag: "" + pullPolicy: IfNotPresent + digest: "" + + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistrKeySecretName + +podSecurityContext: {} +# fsGroup: 1000 + +## User and Group to run blackbox-exporter container as +securityContext: + runAsUser: 1000 + runAsGroup: 1000 + readOnlyRootFilesystem: true + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: ["ALL"] +# Add NET_RAW to enable ICMP +# add: ["NET_RAW"] + +livenessProbe: + httpGet: + path: /-/healthy + port: http + failureThreshold: 3 + +readinessProbe: + httpGet: + path: /-/healthy + port: http + +nodeSelector: {} +tolerations: [] +affinity: {} + +## Topology spread constraints rely on node labels to identify the topology domain(s) that each Node is in. +## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ +topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: failure-domain.beta.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # labelSelector: + # matchLabels: +# app.kubernetes.io/instance: jiralert + +# if the configuration is managed as secret outside the chart, using SealedSecret for example, +# provide the name of the secret here. If secretConfig is set to true, configExistingSecretName will be ignored +# in favor of the config value. +configExistingSecretName: "" +# Store the configuration as a `Secret` instead of a `ConfigMap`, useful in case it contains sensitive data +secretConfig: false +config: + modules: + http_2xx: + prober: http + timeout: 5s + http: + method: GET + valid_http_versions: ["HTTP/1.1", "HTTP/2.0"] + follow_redirects: true + preferred_ip_protocol: "ip4" + http_post_2xx: + prober: http + timeout: 5s + http: + method: POST + headers: + Content-Type: application/json + body: '{}' + +# Set custom config path, other than default /config/blackbox.yaml. If let empty, path will be "/config/blackbox.yaml" +# configPath: "/foo/bar" + +extraConfigmapMounts: [] + # - name: certs-configmap + # mountPath: /etc/secrets/ssl/ + # subPath: certificates.crt # (optional) + # configMap: certs-configmap + # readOnly: true + # defaultMode: 420 + +## Additional secret mounts +# Defines additional mounts with secrets. Secrets must be manually created in the namespace. +extraSecretMounts: [] + # - name: secret-files + # mountPath: /etc/secrets + # secretName: blackbox-secret-files + # readOnly: true + # defaultMode: 420 + +resources: {} + # limits: + # memory: 300Mi + # requests: + # memory: 50Mi + +priorityClassName: "" + +service: + annotations: {} + labels: {} + type: ClusterIP + port: 9115 + +# Only changes container port. Application port can be changed with extraArgs (--web.listen-address=:9115) +# https://github.com/prometheus/blackbox_exporter/blob/998037b5b40c1de5fee348ffdea8820509d85171/main.go#L55 +containerPort: 9115 + +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + annotations: {} + +## An Ingress resource can provide name-based virtual hosting and TLS +## termination among other things for CouchDB deployments which are accessed +## from outside the Kubernetes cluster. +## ref: https://kubernetes.io/docs/concepts/services-networking/ingress/ +ingress: + enabled: false + className: "" + labels: {} + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hosts: + ## The host property on hosts and tls is passed through helm tpl function. + ## ref: https://helm.sh/docs/developing_charts/#using-the-tpl-function + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +podAnnotations: {} + +# Hostaliases allow to add additional DNS entries to be injected directly into pods. +# This will take precedence over your implemented DNS solution +hostAliases: [] +# - ip: 192.168.1.1 +# hostNames: +# - test.example.com +# - another.example.net + +pod: + labels: {} + +extraArgs: [] + # - --history.limit=1000 + +replicas: 1 + +serviceMonitor: + ## If true, a ServiceMonitor CRD is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator for blackbox-exporter itself + ## + selfMonitor: + enabled: false + additionalMetricsRelabels: {} + additionalRelabeling: [] + labels: {} + path: /metrics + interval: 30s + scrapeTimeout: 30s + + ## If true, a ServiceMonitor CRD is created for a prometheus operator + ## https://github.com/coreos/prometheus-operator for each target + ## + enabled: false + + # Default values that will be used for all ServiceMonitors created by `targets` + defaults: + additionalMetricsRelabels: {} + additionalRelabeling: [] + labels: {} + interval: 30s + scrapeTimeout: 30s + module: http_2xx + ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. + scheme: http + ## path: HTTP path. Needs to be adjusted, if web.route-prefix is set + path: "/probe" + ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. + ## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig + tlsConfig: {} + bearerTokenFile: + + targets: +# - name: example # Human readable URL that will appear in Prometheus / AlertManager +# url: http://example.com/healthz # The URL that blackbox will scrape +# hostname: example.com # HTTP probes can accept an additional `hostname` parameter that will set `Host` header and TLS SNI +# labels: {} # Map of labels for ServiceMonitor. Overrides value set in `defaults` +# interval: 60s # Scraping interval. Overrides value set in `defaults` +# scrapeTimeout: 60s # Scrape timeout. Overrides value set in `defaults` +# module: http_2xx # Module used for scraping. Overrides value set in `defaults` +# additionalMetricsRelabels: {} # Map of metric labels and values to add +# additionalRelabeling: [] # List of metric relabeling actions to run + +## Custom PrometheusRules to be defined +## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions +prometheusRule: + enabled: false + additionalLabels: {} + namespace: "" + rules: [] + +## Network policy for chart +networkPolicy: + # Enable network policy and allow access from anywhere + enabled: false + # Limit access only from monitoring namespace + # Before setting this value to true, you must add the name=monitoring label to the monitoring namespace + # Network Policy uses label filtering + allowMonitoringNamespace: false + +## dnsPolicy and dnsConfig for Deployments and Daemonsets if you want non-default settings. +## These will be passed directly to the PodSpec of same. +dnsPolicy: +dnsConfig: + +# Extra manifests to deploy as an array +extraManifests: [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # labels: + # name: prometheus-extra + # data: + # extra-data: "value" + +# global common labels, applied to all ressources +commonLabels: {} + +# Enable vertical pod autoscaler support for prometheus-blackbox-exporter +verticalPodAutoscaler: + enabled: false + + # Recommender responsible for generating recommendation for the object. + # List should be empty (then the default recommender will generate the recommendation) + # or contain exactly one recommender. + # recommenders: + # - name: custom-recommender-performance + + # List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory + controlledResources: [] + # Specifies which resource values should be controlled: RequestsOnly or RequestsAndLimits. + # controlledValues: RequestsAndLimits + + # Define the max allowed resources for the pod + maxAllowed: {} + # cpu: 200m + # memory: 100Mi + # Define the min allowed resources for the pod + minAllowed: {} + # cpu: 200m + # memory: 100Mi + + updatePolicy: + # Specifies minimal number of replicas which need to be alive for VPA Updater to attempt pod eviction + # minReplicas: 1 + # Specifies whether recommended updates are applied when a Pod is started and whether recommended updates + # are applied during the life of a Pod. Possible values are "Off", "Initial", "Recreate", and "Auto". + updateMode: Auto diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml index 98b73c63f9..b2172c59a4 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.yaml @@ -9,3 +9,8 @@ dependencies: # version: "1.9.*" # repository: https://kubernetes-charts.storage.googleapis.com/ # condition: nodeExporter.enabled + + - name: prometheus-blackbox-exporter + version: "8.2.0" + repository: file://../prometheus-blackbox-exporter + condition: BlackboxExporter.enabled diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml index 66efb095fa..c20966133e 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus-scrape-confg - namespace: {{ .Release.Namespace }} + namespace: monitoring {{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }} annotations: {{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml index 049a0175a5..9829c620b0 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml @@ -31,6 +31,9 @@ spec: {{- else }} [] {{- end }} + additionalScrapeConfigs: + name: additional-scrape-configs + key: additional-scrape-configs.yaml {{- if .Values.prometheus.prometheusSpec.apiserverConfig }} apiserverConfig: {{ toYaml .Values.prometheus.prometheusSpec.apiserverConfig | indent 4}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml index 1c6db4095d..c62f56c15b 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/alertmanager.rules.yaml @@ -51,4 +51,12 @@ spec: for: 5m labels: severity: critical + - alert: SSLCertExpiringSoon + expr: probe_ssl_earliest_cert_expiry{job="web-probe"} - time() < 86400 * 20 + for: 60m + labels: + severity: warning + annotations: + summary: "SSL certificate is about to expire" + description: "SSL Certificate for {{`{{`}}$labels.instance{{`}}`}} expires in {{`{{`}} .Value | humanizeDuration {{`}}`}}." {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml index f2573966a1..a40af7285b 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules-1.14/kubernetes-storage.yaml @@ -60,4 +60,16 @@ spec: for: 5m labels: severity: critical + - alert: KubePersistentVolumeFull + annotations: + message: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} is occupied 80% of storage. Currently {{`{{`}} printf "%0.2f" $value {{`}}`}}% is available. + runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumefull + expr: |- + 100 * (1 - ( + kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"})) >= 80 + for: 5m + labels: + severity: critical {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml index 715924b863..84bf43eed8 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml @@ -60,4 +60,16 @@ spec: for: 5m labels: severity: critical + - alert: KubePersistentVolumeFull + annotations: + message: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} is occupied 80% of storage. Currently {{`{{`}} printf "%0.2f" $value {{`}}`}}% is available. + runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumefull + expr: |- + 100 * (1 - ( + kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} + / + kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"})) >= 80 + for: 5m + labels: + severity: critical {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index b9ac46e7c1..28cfd9d605 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -45,6 +45,7 @@ defaultRules: prometheus: true prometheusOperator: true time: false + ssl: true ## Runbook url prefix for default rules runbookUrl: https://github.com/kubernetes-monitoring/kubernetes-mixin/tree/master/runbook.md# @@ -970,12 +971,15 @@ kubeProxy: ## relabelings: [] # - action: keep - # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + # regex: 'kube_(daemonset|deployment|pod|namekubeStatespace|node|statefulset).+' # sourceLabels: [__name__] ## Component scraping kube state metrics ## +BlackboxExporter: + enabled: true + kubeStateMetrics: enabled: true serviceMonitor: @@ -1287,9 +1291,7 @@ prometheusOperator: ## Deploy a Prometheus instance ## prometheus: - enabled: true - ## Annotations for Prometheus ## annotations: {} @@ -1757,6 +1759,25 @@ prometheus: ## The scrape configuraiton example below will find master nodes, provided they have the name .*mst.*, relabel the ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes ## + additionalScrapeConfigs: + - job_name: 'blackbox' + metrics_path: /probe + params: + module: [http_2xx] + static_configs: + - targets: + - https://unified-dev.digit.org + - https://builds.digit.org # Add your domains here + relabel_configs: + - source_labels: [__address__] + target_label: __param_target + - source_labels: [__param_target] + target_label: instance + - target_label: __address__ + replacement: release-name-prometheus-blackbox-exporter:9115 + - job_name: 'kafka-exporter' + static_configs: + - targets: ['prometheus-kafka-exporter.kafka-cluster:9308'] # - job_name: kube-etcd # kubernetes_sd_configs: # - role: node diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 46996eed79..133cefbec1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -446,7 +446,8 @@ nginx-ingress: cert-manager: email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - +prometheus-blackbox-exporter: + namespace: monitoring zuul: replicas: 1 custom-filter-property: "false" From 07f59c50f14edca4a951376d2d034a263a278a9b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 23 Aug 2023 12:55:30 +0530 Subject: [PATCH 260/742] updated prometheus-blackbox-exporter --- .../prometheus-blackbox-exporter/templates/configmap.yaml | 2 +- .../prometheus-blackbox-exporter/templates/deployment.yaml | 6 +++--- .../prometheus-blackbox-exporter/templates/service.yaml | 2 +- .../templates/serviceaccount.yaml | 2 +- .../backbone-services/prometheus-operator/values.yaml | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml index 2b75de93ac..beb1fff88d 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/configmap.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: {{ if .Values.secretConfig -}} Secret {{- else -}} ConfigMap {{- end }} metadata: - name: {{ template "prometheus-blackbox-exporter.fullname" . }} + name: prometheus-blackbox-exporter namespace: monitoring labels: {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml index c75738bec9..a438d4250f 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/deployment.yaml @@ -2,7 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ template "prometheus-blackbox-exporter.fullname" . }} + name: prometheus-blackbox-exporter namespace: monitoring labels: {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} @@ -27,7 +27,7 @@ spec: {{- end }} spec: automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} - serviceAccountName: {{ template "prometheus-blackbox-exporter.serviceAccountName" . }} + serviceAccountName: prometheus-blackbox-exporter {{- with .Values.topologySpreadConstraints }} topologySpreadConstraints: {{- toYaml . | nindent 8 }} @@ -148,7 +148,7 @@ spec: secretName: {{ .Values.configExistingSecretName }} {{- else }} configMap: - name: {{ template "prometheus-blackbox-exporter.fullname" . }} + name: prometheus-blackbox-exporter {{- end }} {{- range .Values.extraConfigmapMounts }} - name: {{ .name }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml index daa798293a..0dd20d6850 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/service.yaml @@ -5,7 +5,7 @@ metadata: annotations: {{- toYaml .Values.service.annotations | nindent 4 }} {{- end }} - name: {{ include "prometheus-blackbox-exporter.fullname" . }} + name: prometheus-blackbox-exporter namespace: monitoring labels: {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml index 2d02707e0e..755117cc71 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-blackbox-exporter/templates/serviceaccount.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "prometheus-blackbox-exporter.serviceAccountName" . }} + name: prometheus-blackbox-exporter namespace: monitoring labels: {{- include "prometheus-blackbox-exporter.labels" . | nindent 4 }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index 28cfd9d605..7f69e4e671 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1766,7 +1766,7 @@ prometheus: module: [http_2xx] static_configs: - targets: - - https://unified-dev.digit.org + - https://unified-dev.digit.org/citizen - https://builds.digit.org # Add your domains here relabel_configs: - source_labels: [__address__] @@ -1774,7 +1774,7 @@ prometheus: - source_labels: [__param_target] target_label: instance - target_label: __address__ - replacement: release-name-prometheus-blackbox-exporter:9115 + replacement: prometheus-blackbox-exporter:9115 - job_name: 'kafka-exporter' static_configs: - targets: ['prometheus-kafka-exporter.kafka-cluster:9308'] From a9f3b0efe99825780b87b8589bb9fd5952db888e Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 28 Aug 2023 21:00:17 +0530 Subject: [PATCH 261/742] increased memory limit for individual, project and works-management service (#1927) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index c868f9a25a..a53532573e 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -225,6 +225,8 @@ expenses-billing: bill-kafka-topic: "bill" individual: + heap: "-Xmx512m -Xms512m" + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true state-level-tenant-id: "pg" @@ -274,8 +276,12 @@ project: project-search-max-limit: 200 project-mdms-module: "works" egov-location-hierarchy-type: "ADMIN" + heap: "-Xmx512m -Xms512m" + memory_limits: 512Mi works-management-service: + heap: "-Xmx512m -Xms512m" + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true From e5b3734338f2727e7fcab86ea135fc8ca13c3f39 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 28 Aug 2023 23:54:35 +0530 Subject: [PATCH 262/742] added domain name (#1928) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index a53532573e..d1d2dad950 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -1,5 +1,5 @@ global: - domain: works-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: unified-works-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: From f2635c9554025a404ceb32d13f38bc6d0542c7bd Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 30 Aug 2023 19:34:16 +0530 Subject: [PATCH 263/742] PFM-4031-Added unified-works-dev domain (#1934) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index d1d2dad950..07999156b8 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -16,8 +16,8 @@ cluster-configs: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + domain: "https://unified-works-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-works-dev.digit.org/" ## Add your Domain Name egov-state-level-tenant-id: "pb" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" @@ -192,7 +192,7 @@ attendance-service: attendance-individual-service-integration-required: false attendance-staff-service-integration-required: false attendance-document-id-verification-required: false - attendance-register-open-search-enabled-roles: "SUPERUSER" + attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON,EMPLOYEE" bankaccounts: tracing-enabled: true From ae7a3409a4bdedf848901291c3e509b34dea1dc9 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 31 Aug 2023 14:06:18 +0530 Subject: [PATCH 264/742] reverting host name change (#1935) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 07999156b8..c0eb731229 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -1,5 +1,5 @@ global: - domain: unified-works-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: @@ -16,8 +16,8 @@ cluster-configs: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-works-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-works-dev.digit.org/" ## Add your Domain Name + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name egov-state-level-tenant-id: "pb" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" From 3ed408e2ca1598261b26c9d2ddba047989c04164 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 4 Sep 2023 15:48:49 +0530 Subject: [PATCH 265/742] removed project-management-service indexer and persister (#1938) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 133cefbec1..a6cb9b7f8a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -327,7 +327,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/loiservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/loiservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml" egov-persister: replicas: 1 @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-management-system-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From e6036932e02362e5e27fe513e6531a8867da020a Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 5 Sep 2023 13:41:19 +0530 Subject: [PATCH 266/742] #HLM-3675 added health repo and config paths (#1942) * #HLM-3675 added health repo and config paths * Update unified-health-dev.yaml --- .../helm/environments/unified-health-dev.yaml | 104 ++++++++---------- 1 file changed, 48 insertions(+), 56 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index cc67d3aa27..d0769a07f9 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -45,8 +45,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -63,25 +63,25 @@ cluster-configs: egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test.egov:8080/" + egov-mdms-create: "http://egov-mdms-create.egov:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -130,7 +130,7 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" + egov-url-shortening: "http://egov-url-shortening.egov:8080/" fsm-calculator: "http://fsm-calculator.egov:8080/" fsm: "http://fsm.egov:8080/" vehicle: "http://vehicle.egov:8080" @@ -145,12 +145,12 @@ cluster-configs: egov-pdf: "http://egov-pdf.egov:8080/" health-registration-service: "http://health-registration-service:8080/" health-delivery-service: "http://health-delivery-service:8080/" - project: "http://project:8080/" - product: "http://product:8080/" - household: "http://household:8080/" - individual: "http://individual:8080/" - stock: "http://stock:8080/" - facility: "http://facility:8080/" + project: "http://project.health:8080/" + product: "http://product.health:8080/" + household: "http://household.health:8080/" + individual: "http://individual.health:8080/" + stock: "http://stock.health:8080/" + facility: "http://facility.health:8080/" service-request: "http://service-request:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" @@ -286,10 +286,10 @@ egov-mdms-service: mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "health-campaign-mdms" + masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" memory_limits: 512Mi @@ -299,9 +299,9 @@ egov-indexer: memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml" + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" egov-persister: replicas: 1 @@ -309,11 +309,11 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml" + persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch egov-localization: replicas: 1 @@ -323,29 +323,29 @@ egov-localization: egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -365,17 +365,9 @@ report: spring-datasource-tomcat-max-active: 5 initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" + repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url + branch: "DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From dc3d06bd07474e18b9cde9e03b6c11d41b90596c Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 6 Sep 2023 12:08:43 +0530 Subject: [PATCH 267/742] #HLM-3675 updated domain url (#1943) --- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index d0769a07f9..c855fb6fa4 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -1,5 +1,5 @@ global: - domain: health-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: From 89aa249aeb6e88b457d53c39bbf66af45715717b Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 7 Sep 2023 10:38:55 +0530 Subject: [PATCH 268/742] increased memory limit for estimate (#1945) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index c0eb731229..36c131df5a 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -556,6 +556,15 @@ pt-services-v2: pt-calculator-v2: logging-level: "DEBUG" +estimates: + tracing-enabled: true + java-enable-debug: true + estimate-default-limit: 100 + estimate-search-max-limit: 200 + estimate-workflow-business-service: "ESTIMATE" + heap: "-Xmx512m -Xms512m" + memory_limits: 512Mi + tl-services: heap: "-Xmx128m -Xms64m" memory_limits: 384Mi From 3b4a123baed457961d28a3f9830b9cb053330dca Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 7 Sep 2023 12:58:21 +0530 Subject: [PATCH 269/742] removed unwanted configs of workflow and hrms in works (#1946) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a6cb9b7f8a..3099b4e5d9 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 7816164ca2b2c98d04f70f26539119f4c7cc8e90 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 7 Sep 2023 15:01:02 +0530 Subject: [PATCH 270/742] removed loi service indexer path (#1947) * removed loi service indexer path * removed workflow and hrms configs form works --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 3099b4e5d9..9b11d1d8f0 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -327,7 +327,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/loiservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml" egov-persister: replicas: 1 @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From b58cbe14275cb2524c4c4d7e6bab0f2dc8dc68aa Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 8 Sep 2023 16:50:12 +0530 Subject: [PATCH 271/742] updated env file and (#1948) --- .../backend/attendance/values.yaml | 9 +- .../digit-works/backend/contracts/values.yaml | 13 ++ .../digit-works/backend/expense/values.yaml | 15 +++ .../backend/ifms-adapter/values.yaml | 120 +++++++++++++++++- .../backend/individual/values.yaml | 4 + .../backend/organisation/values.yaml | 4 + .../utilities/expense-cronjob/Chart.yaml | 26 ++++ .../expense-cronjob/templates/cronjob.yaml | 2 + .../utilities/expense-cronjob/values.yaml | 50 ++++++++ .../utilities/ifms-cronjob-fd/Chart.yaml | 26 ++++ .../ifms-cronjob-fd/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-fd/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-ftfps/Chart.yaml | 26 ++++ .../ifms-cronjob-ftfps/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-ftfps/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-ftps/Chart.yaml | 26 ++++ .../ifms-cronjob-ftps/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-ftps/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-pa/Chart.yaml | 26 ++++ .../ifms-cronjob-pa/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-pa/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-pag/Chart.yaml | 26 ++++ .../ifms-cronjob-pag/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-pag/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-pd/Chart.yaml | 26 ++++ .../ifms-cronjob-pd/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-pd/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-pis/Chart.yaml | 26 ++++ .../ifms-cronjob-pis/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-pis/values.yaml | 46 +++++++ .../utilities/ifms-cronjob-va/Chart.yaml | 26 ++++ .../ifms-cronjob-va/templates/cronjob.yaml | 2 + .../utilities/ifms-cronjob-va/values.yaml | 46 +++++++ .../utilities/works-pdf/values.yaml | 5 + .../helm/environments/unified-works-dev.yaml | 53 +++++++- 35 files changed, 883 insertions(+), 10 deletions(-) create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml index 47fb3ac14a..f50faa0cf1 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/attendance/values.yaml @@ -116,4 +116,11 @@ env: | - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT value: {{ index .Values "works-individual-search-endpoint" | quote }} {{- end }} - \ No newline at end of file + {{- if index .Values "organisation-contact-details-update-topic" }} + - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC + value: {{ index .Values "organisation-contact-details-update-topic" | quote }} + {{- end }} + {{- if index .Values "contracts-revision-topic" }} + - name: CONTRACTS_REVISION_TOPIC + value: {{ index .Values "contracts-revision-topic" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml index 324e380da9..c3d6255358 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml @@ -109,6 +109,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-location + - name: WORKS_MUSTER_ROLL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: muster-roll-service - name: CONTRACT_KAFKA_CREATE_TOPIC value: "save-contract" - name: CONTRACT_KAFKA_UPDATE_TOPIC @@ -119,6 +124,14 @@ env: | - name: CONTRACT_DEFAULT_OFFSET value: {{ index .Values "contract-default-offset" | quote }} {{- end }} + {{- if index .Values "contracts-revision-topic" }} + - name: CONTRACTS_REVISION_TOPIC + value: {{ index .Values "contracts-revision-topic" | quote }} + {{- end }} + {{- if index .Values "contract-workflow-revision-business-service" }} + - name: CONTRACT_WORKFLOW_REVISION_BUSINESS_SERVICE + value: {{ index .Values "contract-workflow-revision-business-service" | quote }} + {{- end }} {{- if index .Values "contract-default-limit" }} - name: CONTRACT_DEFAULT_LIMIT value: {{ index .Values "contract-default-limit" | quote }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml index 26a328291a..c659b2d5d0 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/expense/values.yaml @@ -88,6 +88,21 @@ env: | configMapKeyRef: name: egov-service-host key: egov-user + - name: WORKS_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: WORKS_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual - name: BUSINESS_WORKFLOW_STATUS_MAP value: {{ index .Values "business-workflow-status-map" | quote }} - name: EXPENSE_BILLING_BILL_CREATE diff --git a/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml index 9515bfeef7..58ee2558cc 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/ifms-adapter/values.yaml @@ -5,6 +5,21 @@ labels: namespace: works +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "ifms" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "ifms_schema" + image: + repository: "ifms-adapter-db" + # Container Configs image: repository: "ifms-adapter" @@ -32,11 +47,104 @@ env: | - name: JAVA_ENABLE_DEBUG value: "true" {{- end }} - {{- if index .Values "bill-kafka-topic" }} - - name: BILL_KAFKA_TOPIC - value: {{ index .Values "bill-kafka-topic" | quote }} + {{- if index .Values "payment-create-topic" }} + - name: PAYMENT_CREATE_TOPIC + value: {{ index .Values "payment-create-topic" | quote }} + {{- end }} + {{- if index .Values "egov-idgen-ifms-pi-reference-number" }} + - name: EGOV_IDGEN_IFMS_PI_REFERENCE_NUMBER + value: {{ index .Values "egov-idgen-ifms-pi-reference-number" | quote }} + {{- end }} + {{- if index .Values "ifms-jit-authenticate-endpoint" }} + - name: IFMS_JIT_AUTHENTICATE_ENDPOINT + value: {{ index .Values "ifms-jit-authenticate-endpoint" | quote }} + {{- end }} + {{- if index .Values "ifms-jit-service-endpoint" }} + - name: IFMS_JIT_SERVICE_ENDPOINT + value: {{ index .Values "ifms-jit-service-endpoint" | quote }} + {{- end }} + {{- if index .Values "egov-bill-search-limit" }} + - name: EGOV_BILL_SEARCH_LIMIT + value: {{ index .Values "egov-bill-search-limit" | quote }} + {{- end }} + {{- if index .Values "ifms-request-log-index" }} + - name: IFMS_REQUEST_LOG_INDEX + value: {{ index .Values "ifms-request-log-index" | quote }} + {{- end }} + {{- if index .Values "ifms-error-log-index" }} + - name: IFMS_ERROR_LOG_INDEX + value: {{ index .Values "ifms-error-log-index" | quote }} + {{- end }} + {{- if index .Values "ifms-request-log-enabled" }} + - name: IFMS_REQUEST_LOG_ENABLED + value: {{ index .Values "ifms-request-log-enabled" | quote }} {{- end }} - {{- if index .Values "payment-status-kafka-topic" }} - - name: PAYMENT_STATUS_KAFKA_TOPIC - value: {{ index .Values "payment-status-kafka-topic" | quote }} + {{- if index .Values "ifms-error-log-enabled" }} + - name: IFMS_ERROR_LOG_ENABLED + value: {{ index .Values "ifms-error-log-enabled" | quote }} {{- end }} + - name: EGOV_ES_INDEXER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: es-indexer-host + - name: IFMS_JIT_HOSTNAME + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-jit + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_BILL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: EGOV_BILL_CALCULATOR_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator + - name: EGOV_BANK_ACCOUNT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_AUDIT_LOG_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: audit-service + - name: IFMS_JIT_CLIENT_ID + valueFrom: + secretKeyRef: + name: ifms-adapter + key: clientID + - name: IFMS_JIT_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: ifms-adapter + key: clientSecret + - name: IFMS_REQUEST_ENC_SECRET + valueFrom: + secretKeyRef: + name: ifms-adapter + key: reqEncSecret diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml index 5269f2e1a1..1ba08968b2 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml @@ -116,6 +116,10 @@ env: | - name: STATE_LEVEL_TENANT_ID value: {{ index .Values "state-level-tenant-id" | quote }} {{- end }} + {{- if index .Values "notification-sms-disabled-roles" }} + - name: NOTIFICATION_SMS_DISABLED_ROLES + value: {{ index .Values "notification-sms-disabled-roles" | quote }} + {{- end }} {{- if index .Values "aadhaar-pattern" }} - name: AADHAAR_PATTERN value: {{ index .Values "aadhaar-pattern" | quote }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml index 99bffc8e6e..8edcd25b6d 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml @@ -131,3 +131,7 @@ env: | - name: CONTRACT_CBO_URL_ENDPOINT value: {{ index .Values "contract-cbo-url-endpoint" | quote }} {{- end }} + {{- if index .Values "organisation-contact-details-update-topic" }} + - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC + value: {{ index .Values "organisation-contact-details-update-topic" | quote }} + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/Chart.yaml new file mode 100644 index 0000000000..5948e958b3 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: expense-cronjob +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/values.yaml new file mode 100644 index 0000000000..7cfa5a3e31 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/expense-cronjob/values.yaml @@ -0,0 +1,50 @@ +# Common Labels +labels: + app: "expense-cronjob" + group: "expense-cronjob" + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/expense-cronjob" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "daily" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: MDMS_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: CONTRACTS_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: EXPENSE_CALCULATOR_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/Chart.yaml new file mode 100644 index 0000000000..c39f95bb40 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-fd +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml new file mode 100644 index 0000000000..5c50a50c48 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-fd" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-fd" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "FD" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/Chart.yaml new file mode 100644 index 0000000000..ebd0ff6841 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-ftfps +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml new file mode 100644 index 0000000000..a8513d121a --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-ftfps" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-ftfps" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "FTFPS" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/Chart.yaml new file mode 100644 index 0000000000..9ceec57c48 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-ftps +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml new file mode 100644 index 0000000000..f5ac2f601e --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-ftps" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-ftps" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "FTPS" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/Chart.yaml new file mode 100644 index 0000000000..f35023ff58 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-pa +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml new file mode 100644 index 0000000000..2eff763501 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-pa" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-pa" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "PA" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/Chart.yaml new file mode 100644 index 0000000000..a8324de486 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-pag +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml new file mode 100644 index 0000000000..5002f7367d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-pag" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-pag" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "PAG" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/Chart.yaml new file mode 100644 index 0000000000..fc0662cc40 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-pd +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml new file mode 100644 index 0000000000..16d3c467ad --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-pd" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-pd" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "PD" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/Chart.yaml new file mode 100644 index 0000000000..91fc2c0e4c --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-pis +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml new file mode 100644 index 0000000000..fc42e882b5 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-pis" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-pis" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "PIS" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/Chart.yaml new file mode 100644 index 0000000000..edaffc1516 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: ifms-cronjob-va +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/templates/cronjob.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml new file mode 100644 index 0000000000..09855580a3 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "ifms-cronjob-va" + group: "digit-works" + +namespace: works + +cron: + schedule: "*/5 * * * *" + +# Container Configs +image: + repository: "egovio/ifms-cronjob-va" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" +args: + - "VA" + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: IFMS_ADAPTER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: ifms-adapter + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml index 1ec21eab16..f28696f347 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml @@ -124,6 +124,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-localization + - name: EGOV_AUDIT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: audit-service - name: CONTEXT_PATH value: "/egov-pdf" - name: PROJECT_DETAILS_TEMPLATE diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 36c131df5a..d7d062fb02 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -193,6 +193,8 @@ attendance-service: attendance-staff-service-integration-required: false attendance-document-id-verification-required: false attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON,EMPLOYEE" + organisation-contact-details-update-topic: organisation.contact.details.update + contracts-revision-topic: "contracts-revision" bankaccounts: tracing-enabled: true @@ -208,8 +210,10 @@ contract-service: contract-search-max-limit: 50 works-contract-service-code: "WORKS-CONTRACT" contract-workflow-business-service: "CONTRACT" + contract-workflow-revision-business-service: "CONTRACT-REVISION" + contracts-revision-topic: "contracts-revision" contract-workflow-module-name: "contract-service" - contract-cbo-url-host : "https://works-dev.digit.org" + contract-cbo-url-host : "https://unified-dev.digit.org" contract-cbo-url-endpoint : "/works-shg-app" expense-calculator: @@ -232,6 +236,7 @@ individual: state-level-tenant-id: "pg" aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" loi-service: tracing-enabled: true @@ -264,8 +269,9 @@ organisation: org-default-limit: 100 org-search-max-limit: 200 egov-location-hierarchy-type: "ADMIN" - works-cbo-url-host: "https:/works-dev.digit.org" + works-cbo-url-host: "https:/unified-dev.digit.org" works-cbo-url-endpoint: "/works-shg-app" + organisation-contact-details-update-topic: organisation.contact.details.update project: namespace: works @@ -279,6 +285,47 @@ project: heap: "-Xmx512m -Xms512m" memory_limits: 512Mi +expense: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" + +ifms-adapter: + tracing-enabled: true + java-enable-debug: true + payment-create-topic: "expense-payment-create" + egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" + ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" + ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" + egov-bill-search-limit: 10 + +ifms-cronjob-pa: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-va: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pis: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pag: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-fd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftps: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftfps: + user-name: "IFMS_CRONJOB" + works-management-service: heap: "-Xmx512m -Xms512m" memory_limits: 512Mi @@ -293,7 +340,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ';" + ';" citizen: custom-js-injection: | From ce9184270537649a7916596212823cbfb76bb789 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Sat, 9 Sep 2023 15:46:23 +0530 Subject: [PATCH 272/742] added health-ui in unified-health-dev.yaml and helmcharts (#1950) * added health-ui in unified-health-dev.yaml * added health helm charts --- .../health-services/health-ui/Chart.yaml | 26 ++++++++++++++ .../health-ui/templates/deployment.yaml | 2 ++ .../health-ui/templates/ingress.yaml | 2 ++ .../health-ui/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../health-services/health-ui/values.yaml | 34 +++++++++++++++++++ .../helm/environments/unified-health-dev.yaml | 7 ++++ 7 files changed, 84 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-ui/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-ui/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-ui/Chart.yaml new file mode 100644 index 0000000000..ed560eef4e --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-ui/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/health-services/health-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml new file mode 100644 index 0000000000..72b271ab3b --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "health-ui" + group: "web" + +namespace: egov + +# Ingress Configs +ingress: + enabled: true + context: "health-ui" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "health-ui" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/health-ui/" + readinessProbePath: "/health-ui/" + +extraVolumes: | + - name: js-injection + configMap: + name: health-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index c855fb6fa4..098fb00ff7 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -175,6 +175,13 @@ digit-ui: sub_filter '' ' ';" + +health-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" #>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-filestore: From 9adde34e6124489401dfc602c87b760405c2222f Mon Sep 17 00:00:00 2001 From: Anil Singha <99383116+anilsingha-eGov@users.noreply.github.com> Date: Mon, 11 Sep 2023 10:50:21 +0530 Subject: [PATCH 273/742] HLM-3675: Updated namespace to health (#1951) --- .../charts/health-services/health-ui/values.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml index 72b271ab3b..31677be268 100644 --- a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml @@ -1,27 +1,27 @@ # Common Labels labels: - app: "health-ui" - group: "web" + app: 'health-ui' + group: 'web' -namespace: egov +namespace: health # Ingress Configs ingress: enabled: true - context: "health-ui" + context: 'health-ui' # Init Containers Configs initContainers: {} # Container Configs image: - repository: "health-ui" -replicas: "1" + repository: 'health-ui' +replicas: '1' httpPort: 80 healthChecks: enabled: true - livenessProbePath: "/health-ui/" - readinessProbePath: "/health-ui/" + livenessProbePath: '/health-ui/' + readinessProbePath: '/health-ui/' extraVolumes: | - name: js-injection From 9c45e90db9aca0d1b9a6770d92d367a137ccbb77 Mon Sep 17 00:00:00 2001 From: Anil Singha <99383116+anilsingha-eGov@users.noreply.github.com> Date: Mon, 11 Sep 2023 15:52:09 +0530 Subject: [PATCH 274/742] HLM-3675: updated helath config (#1952) since it is valid yaml and shows only format changes merging it --- .../helm/environments/unified-health-dev.yaml | 736 +++++++++--------- 1 file changed, 371 insertions(+), 365 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 098fb00ff7..a8b29621bf 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -1,159 +1,171 @@ global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup cluster-configs: - namespaces: + namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] - + values: + [ + backbone, + cert-manager, + egov, + es-cluster, + kafka-cluster, + logging, + monitoring, + playground, + zookeeper-cluster, + health, + ] + root-ingress: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, health ] + namespace: [egov, monitoring, health] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pb" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + domain: 'https://unified-dev.digit.org' ## Add your Domain Name + egov-services-fqdn-name: 'https://unified-dev.digit.org/' ## Add your Domain Name + + egov-state-level-tenant-id: 'pb' + s3-assets-bucket: '(pg-egov-assets|egov-playground-assets)' + es-host: 'elasticsearch-data-v1.es-cluster' + es-indexer-host: 'http://elasticsearch-data-v1.es-cluster:9200/' + flyway-locations: 'filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa' + kafka-brokers: 'kafka-v2.kafka-cluster:9092' kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" + logging-level-jdbc: 'DEBUG' + mobile-validation-workaround: 'true' + serializers-timezone-in-ist: 'true' + server-tomcat-max-connections: '500' + server-tomcat-max-threads: '10' + sms-enabled: 'true' + spring-datasource-tomcat-initialSize: '1' + spring-datasource-tomcat-max-active: '2' + spring-jpa-show-sql: 'true' timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" + tracer-errors-provideexceptionindetails: 'true' + egov-bnd-freedownload-tenants: 'pg.testing' + egov-bnd-live-citizen-tenants: 'pg.testing' egov-service-host: - namespace: [ egov, monitoring, health ] + namespace: [egov, monitoring, health] data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: "http://dashboard-analytics.egov:8080/" - dashboard-ingest: "http://dashboard-ingest.egov:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test.egov:8080/" - egov-mdms-create: "http://egov-mdms-create.egov:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening.egov:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: "http://echallan-calculator.egov:8080/" - echallan-services: "http://echallan-services.egov:8080/" - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - health-registration-service: "http://health-registration-service:8080/" - health-delivery-service: "http://health-delivery-service:8080/" - project: "http://project.health:8080/" - product: "http://product.health:8080/" - household: "http://household.health:8080/" - individual: "http://individual.health:8080/" - stock: "http://stock.health:8080/" - facility: "http://facility.health:8080/" - service-request: "http://service-request:8080/" + asset-services: 'http://asset-services:8080/' + asset-services-maha: 'http://asset-services-maha:8080/' + billing-service: 'http://billing-service.egov:8080/' + collection-services: 'http://collection-services.egov:8080/' + collection-masters: 'http://collection-masters:8080/' + collection-search-indexer: 'http://collection-search-indexer:8080/' + citizen-indexer: 'http://citizen-indexer:8080/' + citizen-services: 'http://citizen-services:8080/' + dashboard-analytics: 'http://dashboard-analytics.egov:8080/' + dashboard-ingest: 'http://dashboard-ingest.egov:8080/' + demand-services: 'http://demand-services:8080/' + data-sync-employee: 'http://data-sync-employee:8080/' + egov-common-masters: 'http://egov-common-masters:8080/' + egf-masters: 'http://egf-masters:8080/' + egf-master: 'http://egf-master:8080/' + egf-instrument: 'http://egf-instrument:8080/' + egf-voucher: 'http://egf-voucher:8080/' + egf-bill: 'http://egf-bill:8080/' + egov-enc-service: 'http://egov-enc-service.egov:8080/' + egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' + egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' + egov-user: 'http://egov-user.egov:8080/' + egov-user-egov: 'http://egov-user.egov:8080/' + egov-location: 'http://egov-location.egov:8080/' + egov-filestore: 'http://egov-filestore.egov:8080/' + egov-localization: 'http://egov-localization.egov:8080/' + egov-idgen: 'http://egov-idgen.egov:8080/' + egov-otp: 'http://egov-otp.egov:8080/' + egov-common-workflows: 'http://egov-common-workflows:8080/' + egov-mdms-service: 'http://egov-mdms-service.egov:8080/' + egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' + egov-mdms-create: 'http://egov-mdms-create.egov:8080/' + egov-eis: 'http://egov-eis:8080/' + egov-workflow: 'http://egov-workflow.egov:8080/' + egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' + egov-searcher: 'http://egov-searcher.egov:8080/' + egov-data-uploader: 'http://egov-data-uploader.egov:8080/' + egov-indexer: 'http://egov-indexer.egov:8080/' + egov-hrms: 'http://egov-hrms.egov:8080/' + es-client: 'http://elasticsearch-data-v1.es-cluster:9200' + hr-masters: 'http://hr-masters:8080/' + hr-employee: 'http://hr-employee:8080/' + hr-masters-v2: 'http://hr-masters-v2:8080/' + hr-employee-v2: 'http://hr-employee-v2:8080/' + hr-attendance: 'http://hr-attendance:8080/' + hr-leave: 'http://hr-leave:8080/' + hr-employee-movement: 'http://hr-employee-movement:8080/' + inventory-services: 'http://inventory-services:8080/' + lams-services: 'http://lams-services:8080/' + lcms-workflow: 'http://lcms-workflow:8080/' + lcms-services: 'http://lcms-services:8080/' + location: 'http://location:8080/' + performance-assessment: 'http://performance-assessment:8080/' + pt-property: 'http://pt-property:8080/' + pt-workflow: 'http://pt-workflow:8080/' + pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' + pt-calculator: 'http://pt-calculator:8080/' + pt-calculator-v2: 'http://pt-calculator-v2:8080/' + pt-services-v2: 'http://pt-services-v2:8080/' + property-services: 'http://property-services.egov:8080/' + pgr-master: 'http://pgr-master:8080/' + pgr-rest: 'http://pgr-rest:8080/' + pdf-service: 'http://pdf-service.egov:8080/' + report: 'http://report:8080/' + swm-services: 'http://swm-services:8080/' + tenant: 'http://tenant:8080/' + tl-masters: 'http://tl-masters:8080/' + tl-services: 'http://tl-services:8080/' + tl-workflow: 'http://tl-workflow:8080/' + tl-indexer: 'http://tl-indexer:8080/' + tl-calculator: 'http://tl-calculator:8080/' + user-otp: 'http://user-otp:8080/' + firenoc-services: 'http://firenoc-services:8080/' + firenoc-calculator: 'http://firenoc-calculator:8080/' + egov-apportion-service: 'http://egov-apportion-service:8080/' + bpa-services: 'http://bpa-services.egov:8080/' + bpa-calculator: 'http://bpa-calculator.egov:8080/' + rainmaker-pgr: 'http://rainmaker-pgr:8080/' + ws-calculator: 'http://ws-calculator.egov:8080/' + ws-services: 'http://ws-services.egov:8080/' + sw-services: 'http://sw-services.egov:8080/' + sw-calculator: 'http://sw-calculator.egov:8080/' + land-services: 'http://land-services.egov:8080/' + noc-services: 'http://noc-services.egov:8080/' + minio-url: 'https://minio-uat.digit.org/' + egov-user-chatbot: 'http://egov-user-chatbot:8080/' + zuul: 'http://zuul:8080/' + egov-url-shortening: 'http://egov-url-shortening.egov:8080/' + fsm-calculator: 'http://fsm-calculator.egov:8080/' + fsm: 'http://fsm.egov:8080/' + vehicle: 'http://vehicle.egov:8080' + vendor: 'http://vendor.egov:8080' + egov-edcr: 'http://egov-edcr.egov:8080/' + echallan-calculator: 'http://echallan-calculator.egov:8080/' + echallan-services: 'http://echallan-services.egov:8080/' + inbox: 'http://inbox.egov:8080/' + turn-io-adapter: 'http://turn-io-adapter.egov:8080/' + pgr-services: 'http://pgr-services.egov:8080/' + birth-death-services: 'http://birth-death-services.egov:8080/' + egov-pdf: 'http://egov-pdf.egov:8080/' + health-registration-service: 'http://health-registration-service:8080/' + health-delivery-service: 'http://health-delivery-service:8080/' + project: 'http://project.health:8080/' + product: 'http://product.health:8080/' + household: 'http://household.health:8080/' + individual: 'http://individual.health:8080/' + stock: 'http://stock.health:8080/' + facility: 'http://facility.health:8080/' + service-request: 'http://service-request:8080/' employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + dashboard-url: 'https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))' custom-js-injection: | sub_filter.conf: " sub_filter '' ' @@ -180,61 +192,60 @@ health-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" #>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - egov-filestore: volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "https://s3.amazonaws.com" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" + is-bucket-fixed: 'true' + minio.url: 'https://s3.amazonaws.com' + aws.s3.url: 'https://s3.amazonaws.com' + is-s3-enabled: 'true' minio-enabled: false allowed-file-formats-map: "{gz:{'application/gzip'},jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + allowed-file-formats: 'jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx' filestore-url-validity: 3600 - fixed-bucketname: health-egov-assets ## Add filestore bucket name + fixed-bucketname: health-egov-assets ## Add filestore bucket name egov-idgen: - idformat-from-mdms: "true" + idformat-from-mdms: 'true' java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" + heap: '-Xmx192m -Xms192m' + autocreate-new-seq: 'true' egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" + sms-provider-url: 'sms provider url' ## Add sms provider url + sms.provider.class: 'Generic' + sms.provider.contentType: 'application/x-www-form-urlencoded' sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + sms-gateway-to-use: 'sms provider name' ## Add sms provider name + sms-sender: 'sms sender' ## Add sms sender + sms-sender-requesttype: 'GET' + sms-custom-config: 'true' + sms-extra-req-params: 'mtype=N&DR=Y' + sms-sender-req-param-name: 'sid' + sms-sender-username-req-param-name: 'User' + sms-sender-password-req-param-name: 'passwd' + sms-destination-mobile-req-param-name: 'mobilenumber' + sms-message-req-param-name: 'message' + sms-error-codes: '401,403,404,405,406,407,408,409,410,411,412,413,414' egov-user: - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" + otp-validation: 'true' + citizen-otp-enabled: 'true' + employee-otp-enabled: 'false' access-token-validity: 10080 refresh-token-validity: 20160 default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "default" - decryption-abac-enabled: "false" + mobile-number-validation: 'false' + roles-state-level: 'true' + citizen-registration-withlogin: 'true' + citizen-otp-fixed: '123456' + citizen-otp-fixed-enabled: 'true' + egov-state-level-tenant-id: 'default' + decryption-abac-enabled: 'false' chatbot: kafka-topics-partition-count: 3 @@ -242,45 +253,45 @@ chatbot: kafka-consumer-poll-ms: 10 kafka-producer-linger-ms: 5 - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + contact-card-whatsapp-number: '+918744960111' + contact-card-whatsapp-name: 'mSeva Punjab' + valuefirst-whatsapp-number: '918744960111' + valuefirst-notification-assigned-templateid: '194781' + valuefirst-notification-resolved-templateid: '194783' + valuefirst-notification-rejected-templateid: '194785' + valuefirst-notification-reassigned-templateid: '194787' + valuefirst-notification-commented-templateid: '194789' + valuefirst-notification-welcome-templateid: '194791' + valuefirst-notification-root-templateid: '194795' + valuefirst-send-message-url: 'https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice' - user-service-chatbot-citizen-passwrord: "123456" + user-service-chatbot-citizen-passwrord: '123456' inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' - bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' + service-map: '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' + bs-service-map: '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' #W&S index names - water-es-index : water-services - sewerage-es-index : sewerage-services + water-es-index: water-services + sewerage-es-index: sewerage-services ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + wcid-format: 'WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]' bpa-services: memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring java-debug: true - tracing-enabled: "true" + tracing-enabled: 'true' egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] bpa-calculator: memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring java-debug: true - tracing-enabled: "true" + tracing-enabled: 'true' sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + scid-format: 'SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]' egov-pg-service: axis: true @@ -290,91 +301,91 @@ egov-mdms-service: replicas: 1 images: - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" + mdms-path: '/work-dir/egov-mdms-data/data' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "health-campaign-mdms" - masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" + repo: 'git@github.com:egovernments/health-campaign-mdms' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch + mdms-folder: 'health-campaign-mdms' + masters-config-url: 'file:///work-dir/health-campaign-mdms/master-config.json' java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + heap: '-Xmx512m -Xms512m' + memory_limits: '768Mi' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: 'file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml' egov-persister: replicas: 1 - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml" + persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch egov-localization: replicas: 1 - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi egov-data-uploader: initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + search-yaml-path: 'file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch dashboard-analytics: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" + config-schema-paths: 'file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch dashboard-ingest: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" + config-schema-paths: 'file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json' initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" + heap: '-Xmx750m -Xms750m' replicas: 1 server-tomcat-max-threads: 25 module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" + master-data-index: 'master-national-dashboard' module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" + heap: '-Xmx512m -Xms512m' + tracing-enabled: 'true' spring-datasource-tomcat-max-active: 5 initContainers: gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" + repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url + branch: 'DEV' ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: 'file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt' # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -382,10 +393,10 @@ report: egf-master: memory_limits: 512Mi - heap: "-Xmx128m -Xms128m" + heap: '-Xmx128m -Xms128m' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" + erp-host: 'https://mohali-qa.egovernments.org/' egov-apportion-service: memory_limits: 256Mi @@ -393,7 +404,7 @@ egov-apportion-service: fsm: memory_limits: 384Mi - heap: -Xmx384m -Xms256m + heap: -Xmx384m -Xms256m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: @@ -409,128 +420,126 @@ nginx-ingress: images: - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 replicas: 1 - default-backend-service: "egov/nginx" + default-backend-service: 'egov/nginx' namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + cert-issuer: 'letsencrypt-prod' + ssl-protocols: 'TLSv1.2 TLSv1.3' + ssl-ciphers: 'EECDH+CHACHA20:EECDH+AES' + ssl-ecdh-curve: 'X25519:prime256v1:secp521r1:secp384r1' cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - + email: 'devops@egovernments.org' ### Add email-id which used by cert-manager for certificates validation. + zuul: replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" + custom-filter-property: 'false' + tracing-enabled: 'true' memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - java-debug: "true" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + heap: '-Xmx512m -Xms512m' + java-debug: 'true' + server-tomcat-max-threads: '350' + server-tomcat-max-connections: '1500' + egov-open-endpoints-whitelist: '/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality' + egov-mixed-mode-endpoints-whitelist: '/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" + receiptnumber-servicebased: 'true' + receipt-search-paginate: 'true' receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx512m -Xms256m" + user-create-enabled: 'true' + heap: '-Xmx512m -Xms256m' memory_limits: 768Mi collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + jalandhar-erp-host: 'https://jalandhar-qa.egovernments.org/' + mohali-erp-host: 'https://mohali-qa.egovernments.org/' + nayagaon-erp-host: 'https://nayagaon-qa.egovernments.org/' + amritsar-erp-host: 'https://amritsar-qa.egovernments.org/' + kharar-erp-host: 'https://kharar-qa.egovernments.org/' + zirakpur-erp-host: 'https://zirakpur-qa.egovernments.org/' finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" + erp-env-name: 'qa' + erp-domain-name: 'egovernments.org' + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi # rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" + notification-sms-enabled: 'true' + notification-email-enabled: 'false' + new-complaint-enabled: 'true' + reassign-complaint-enabled: 'true' + reopen-complaint-enabled: 'true' + comment-by-employee-notif-enabled: 'false' + notification-allowed-status: 'open,assigned,rejected,resolved' property-services: replicas: 1 - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - + egov-idgen-ack-format: 'PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]' + egov-idgen-ptid-format: 'PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]' + egov-idgen-mutation-format: 'PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]' + egov-idgen-assm-format: 'PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]' + property-userevents-pay-link: 'digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId' + property-decryption-abac-enabled: 'true' + pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + pt-userevents-pay-link: '/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId' pt-calculator-v2: - logging-level: "DEBUG" + logging-level: 'DEBUG' tl-services: - heap: "-Xmx128m -Xms64m" + heap: '-Xmx128m -Xms64m' memory_limits: 384Mi java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" + tl-application-num-format: 'APP-[SEQ_EG_TL_APL]' + tl-license-num-format: 'MP-LEP-[SEQ_EG_PT_LN]' + tl-userevents-pay-link: 'citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId' + tl-payment-topic-name: 'egov.collection.payment-create' + host-link: 'https://egov-demo.egovernments.org/citizen/' + pdf-link: 'https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}' + tl-search-default-limit: '100' egov-workflow-v2: - logging-level: "DEBUG" + logging-level: 'DEBUG' java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" + heap: '-Xmx192m -Xms192m' memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + workflow-statelevel: 'false' + host-link: 'https://egov-demo.egovernments.org/citizen/' + pdf-link: '/download/epass?tenantId={TENANTID}&ids={UUID}' egov-hrms: java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" + employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi - egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" + mail-to-address: 'lata.naik@egovernments.org' - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" + mail-interval-in-secs: '604800' + schedule: '30 07 * * *' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + topics: 'egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1' + zookeeper-connect: 'zookeeper-v2.zookeeper-cluster:2181' + kafka-brokers: 'kafka-v2.kafka-cluster:9092' logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" + es-host: 'elasticsearch-client-v1.es-cluster' + es-port: '9200' jaeger: - host: "jaeger-agent.monitoring" - port: "6831" + host: 'jaeger-agent.monitoring' + port: '6831' sampler-type: const sampler-param: 1 collector: @@ -610,60 +619,59 @@ playground: fluent-bit: images: - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" + egov-services-log-topic: 'egov-services-logs' + egov-infra-log-topic: 'egov-infra-logs' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-enc-service: - heap: "-Xmx256m -Xms256m" + heap: '-Xmx256m -Xms256m' memory_limits: 512Mi - state-level-tenant-id: "pb" + state-level-tenant-id: 'pb' # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> kafka-v2: image: - tag: "5.4.1" + tag: '5.4.1' persistence: enabled: true aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" + - volumeId: 'vol-005465716b9ca6a9e' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-03252f4474ddb7300' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-0945c7000265a6390' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + zookeeperHosts: 'zookeeper-v2.zookeeper-cluster:2181/kafka-v2' + + heapOptions: '-Xms704M -Xmx704M' memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" + lingerMs: '250' + numberPartitions: '3' + replicationFactor: '2' + minInsyncReplicas: '1' + offsetsReplicationFactor: '3' ### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-connect: image: - tag: "5.4.1" - + tag: '5.4.1' # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> zookeeper-v2: image: - tag: "5.4.1" + tag: '5.4.1' persistence: enabled: true aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-04ab05c5b41096c6a' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-0f7e8dcf98e087983' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-08a42f187f978e5f7' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" + heapOptions: '-Xms256M -Xmx256M' resources: limits: cpu: 300m @@ -672,7 +680,6 @@ zookeeper-v2: cpu: 300m memory: 384Mi - # es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> elasticsearch-data-v1: image: @@ -680,19 +687,19 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx550m -Xms550m" + - volumeId: 'vol-093ea5986f5b46a71' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-046900000f8ffe60d' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-0a718b7e384a2870c' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: '-Xmx550m -Xms550m' resources: requests: - memory: "1Gi" + memory: '1Gi' limits: - memory: "1Gi" + memory: '1Gi' ### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> @@ -703,35 +710,34 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" + - volumeId: 'vol-0dfb25024c9e8f35e' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-0a83e7431f2d5a2c2' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: 'vol-03f793c66e07e9111' ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: '-Xmx448m -Xms448m' resources: requests: - memory: "896Mi" + memory: '896Mi' limits: - memory: "896Mi" - + memory: '896Mi' pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "dev_readonly" + dbUrl: 'unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com' + port: '5432' + environment: 'unified-dev' + maintenance-db-name: 'unifieddevdb' + db-admin-username: 'unifieddev' + db-read-username: 'dev_readonly' es-curator: - schedule: "45 18 * * *" + schedule: '45 18 * * *' images: - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" + es-host: 'elasticsearch-client-v1.es-cluster' + logs-cleanup-enabled: 'true' + jaeger-cleanup-enabled: 'true' + logs-to-retain: '7' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From e14f1b3c0062a78a94446925a327574d1efcc6ff Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 12 Sep 2023 11:17:37 +0530 Subject: [PATCH 275/742] updated namespaces and config file in health-dev env --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 2 +- .../helm/charts/health-services/health-ui/values.yaml | 2 +- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 52317d6760..798fb2fd0f 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: egov,sanitation,works +discovery_namespaces: egov,sanitation,works,health # Init Containers Configs initContainers: extraInitContainers: | diff --git a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml index 31677be268..f68aa1006f 100644 --- a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml @@ -3,7 +3,7 @@ labels: app: 'health-ui' group: 'web' -namespace: health +namespace: egov # Ingress Configs ingress: diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index a8b29621bf..ea53a4de01 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -192,7 +192,7 @@ health-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" #>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-filestore: From 933077a000cd36ceaf0548d65f4c03d8f2c9a636 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 12 Sep 2023 15:25:37 +0530 Subject: [PATCH 276/742] Updated tenent id in unified-dev.yaml (#1955) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 9b11d1d8f0..5e62ba22d4 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: "https://unified-dev.digit.org" ## Add your Domain Name egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - egov-state-level-tenant-id: "pb" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From 2be8027b7b90e3a5f2712271cb4de0b1a338c94d Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 13 Sep 2023 16:50:27 +0530 Subject: [PATCH 277/742] added pgr-services in unified-health-dev.yaml (#1958) --- .../helm/environments/unified-health-dev.yaml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index ea53a4de01..cf26ffd8c9 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -152,7 +152,7 @@ cluster-configs: echallan-services: 'http://echallan-services.egov:8080/' inbox: 'http://inbox.egov:8080/' turn-io-adapter: 'http://turn-io-adapter.egov:8080/' - pgr-services: 'http://pgr-services.egov:8080/' + pgr-services: 'http://pgr-services.health:8080/' birth-death-services: 'http://birth-death-services.egov:8080/' egov-pdf: 'http://egov-pdf.egov:8080/' health-registration-service: 'http://health-registration-service:8080/' @@ -476,6 +476,18 @@ rainmaker-pgr: comment-by-employee-notif-enabled: 'false' notification-allowed-status: 'open,assigned,rejected,resolved' +pgr-services: + namespace: health + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + java-enable-debug: "true" + time-before-closing-complaint: "3600000" + property-services: replicas: 1 heap: '-Xmx256m -Xms256m' From 371e5104abfe3d7fd167179b8aa48680b6fd1f86 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Thu, 14 Sep 2023 11:01:33 +0530 Subject: [PATCH 278/742] Copied ui charts from works-dev (#1959) --- .../digit-works/frontend/core-ui/Chart.yaml | 26 ++++++++++++++ .../templates/deployment.yaml | 0 .../templates/ingress.yaml | 0 .../templates/service.yaml | 0 .../subfilter-injection-configmap.yaml | 0 .../digit-works/frontend/core-ui/values.yaml | 34 +++++++++++++++++++ .../{works-shg-app => }/works-ui/Chart.yaml | 2 +- .../works-ui/templates/deployment.yaml | 2 ++ .../frontend/works-ui/templates/ingress.yaml | 2 ++ .../frontend/works-ui/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../{works-shg-app => }/works-ui/values.yaml | 0 12 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app/works-ui => core-ui}/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app/works-ui => core-ui}/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app/works-ui => core-ui}/templates/service.yaml (100%) rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app/works-ui => core-ui}/templates/subfilter-injection-configmap.yaml (100%) create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app => }/works-ui/Chart.yaml (95%) create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/subfilter-injection-configmap.yaml rename deploy-as-code/helm/charts/digit-works/frontend/{works-shg-app => }/works-ui/values.yaml (100%) diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml new file mode 100644 index 0000000000..64ad243520 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: core-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/deployment.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/ingress.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/service.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/service.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml new file mode 100644 index 0000000000..d051d7c91f --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: "core-ui" + group: "web" + +namespace: egov + +# Ingress Configs +ingress: + enabled: true + context: "core-ui" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "core-ui" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/core-ui/" + readinessProbePath: "/core-ui/" + +extraVolumes: | + - name: js-injection + configMap: + name: core-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/Chart.yaml similarity index 95% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/works-ui/Chart.yaml index 33b1b138f0..06c50c3a28 100644 --- a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/Chart.yaml +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../../common + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-ui/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/works-ui/values.yaml rename to deploy-as-code/helm/charts/digit-works/frontend/works-ui/values.yaml From 0964200382ac0cb73a6c42fc577033df87e3371f Mon Sep 17 00:00:00 2001 From: nabeelmd-eGov <94039229+nabeelmd-eGov@users.noreply.github.com> Date: Thu, 14 Sep 2023 16:18:47 +0530 Subject: [PATCH 279/742] Update global config for sanitation sanitation.yaml (#1962) --- deploy-as-code/helm/environments/sanitation.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index c038d13f8d..8d21fe7226 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -149,7 +149,7 @@ employee: sub_filter.conf: " sub_filter '' ' - + ';" digit-ui: custom-js-injection: | @@ -169,7 +169,7 @@ sanitation-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" chatbot: From 8b0f9726bc5f81a0e551a7245004760826bd8e76 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 14 Sep 2023 16:36:51 +0530 Subject: [PATCH 280/742] #HLM-3675 add pesister and indexer file path (#1960) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 5e62ba22d4..a27174fd63 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -327,7 +327,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml" egov-persister: replicas: 1 @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From cfd973123c8098f02459620a2be3f9ad2d5d37d2 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Thu, 14 Sep 2023 18:08:26 +0530 Subject: [PATCH 281/742] modified helm chart (#1963) * modified helm chart * updated helm chart * increades heap size --------- Co-authored-by: admin1 --- .../backend/measurement-service/Chart.yaml | 26 ++++++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../backend/measurement-service/values.yaml | 92 +++++++++++++++++++ 5 files changed, 124 insertions(+) create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/Chart.yaml new file mode 100644 index 0000000000..a717ee62e7 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: measurement-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml new file mode 100644 index 0000000000..7d55cbb5f0 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -0,0 +1,92 @@ +# Common Labels +labels: + app: "measurement-service" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "measurement-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "measurement-service-schema" + image: + repository: "measurement-service-db" + +# Container Configs +image: + repository: "measurement-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/measurement-serivce/health" + readinessProbePath: "/measurement-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx512m -Xms512m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /measurement-service + - name: SERVER_SERVLET_CONTEXT-PATH + value: /measurement-service + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKS_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + - name: MEASUREMENT_KAFKA_CREATE_TOPIC + value: "save-measurement-details" + - name: MEASUREMENT_KAFKA_UPDATE_TOPIC + value: "update-measurement-details" + - name: MEASUREMENT-SERVICE_KAFKA_CREATE_TOPIC + value: "save-measurement-service-details" + - name: MEASUREMENT-SERVICE_KAFKA_UPDATE_TOPIC + value: "update-measurement-service-details" + + + + From 700de60e30a2a0b82e39324067cf6c1c713e3fa8 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 15 Sep 2023 16:05:48 +0530 Subject: [PATCH 282/742] updated tenant id's in env files --- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-urban-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index cf26ffd8c9..8b01032758 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -31,7 +31,7 @@ cluster-configs: domain: 'https://unified-dev.digit.org' ## Add your Domain Name egov-services-fqdn-name: 'https://unified-dev.digit.org/' ## Add your Domain Name - egov-state-level-tenant-id: 'pb' + egov-state-level-tenant-id: 'pg' s3-assets-bucket: '(pg-egov-assets|egov-playground-assets)' es-host: 'elasticsearch-data-v1.es-cluster' es-indexer-host: 'http://elasticsearch-data-v1.es-cluster:9200/' diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 7bdcde630d..fd0ce04c1b 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -25,7 +25,7 @@ cluster-configs: domain: "https://unified-dev.digit.org" ## Add your Domain Name egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - egov-state-level-tenant-id: "pb" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index d7d062fb02..b497318d9e 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: "https://unified-dev.digit.org" ## Add your Domain Name egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - egov-state-level-tenant-id: "pb" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From ccbc57321e6201d1e19700e2500301afc3716d50 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Fri, 15 Sep 2023 19:13:41 +0530 Subject: [PATCH 283/742] Updated measurement service chart (#1966) Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- .../charts/digit-works/backend/measurement-service/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index 7d55cbb5f0..e3df0e1412 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -84,7 +84,7 @@ env: | value: "update-measurement-details" - name: MEASUREMENT-SERVICE_KAFKA_CREATE_TOPIC value: "save-measurement-service-details" - - name: MEASUREMENT-SERVICE_KAFKA_UPDATE_TOPIC + - name: MEASUREMENT-SERVICE_KAFKA_UPDATE_TOPIC value: "update-measurement-service-details" From 26f3480fbac7aed978f74642299911b6b57f4d33 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Fri, 15 Sep 2023 19:25:25 +0530 Subject: [PATCH 284/742] Measurement service chart update (#1967) * Updated measurement service chart * Updated chart of measurement service --------- Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- .../charts/digit-works/backend/measurement-service/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index e3df0e1412..100741ad36 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -26,7 +26,7 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/measurement-serivce/health" + livenessProbePath: "/measurement-service/health" readinessProbePath: "/measurement-service/health" appType: "java-spring" tracing-enabled: true From 8a83eb2959f7cc4c0eb3cade24d242d430598aa3 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Fri, 15 Sep 2023 19:52:20 +0530 Subject: [PATCH 285/742] Added persister for measurement in chart (#1968) Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a27174fd63..d84cb9e22c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -335,7 +335,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 507d44dd8ab66feb5600c5b67e00df18a44585d6 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 15:30:04 +0530 Subject: [PATCH 286/742] changed url for unified-dev-shg-app (#1975) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index b497318d9e..76e6b4b494 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -340,7 +340,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ';" + ';" citizen: custom-js-injection: | From 7fc9ef0d450d5df4bd2be1f601b265ccf44d6457 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 15:51:28 +0530 Subject: [PATCH 287/742] Shg app change unified (#1976) * changed url for unified-dev-shg-app * added s3 bucket config * changed shg app url --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d84cb9e22c..a6bafd4e8c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -20,7 +20,7 @@ cluster-configs: egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 76e6b4b494..ee31e017ec 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -340,7 +340,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ';" + ’;” citizen: custom-js-injection: | From 9c0303a7d3937d1105023cc01e54ae34cfdc084a Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 17:29:19 +0530 Subject: [PATCH 288/742] changed s3-proxy api version (#1977) --- .../backbone-services/s3-proxy/templates/ingress.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml index 8c9d821c36..5d1cc3c297 100644 --- a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml +++ b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: @@ -14,6 +14,8 @@ spec: http: paths: - backend: - serviceName: {{ .Values.name }} - servicePort: {{ .Values.httpPort }} + service: + name: {{ .Values.name }} + port: + number: {{ .Values.httpPort }} path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ From bc3944748ef0bd5a3d396efef0c6d5a916989d37 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 17:36:56 +0530 Subject: [PATCH 289/742] added prefix pathtype (#1978) --- .../charts/backbone-services/s3-proxy/templates/ingress.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml index 5d1cc3c297..d874d17ab9 100644 --- a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml +++ b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml @@ -19,3 +19,4 @@ spec: port: number: {{ .Values.httpPort }} path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ + pathType: prefix \ No newline at end of file From 2e8be2afec13bfb8d7c9573d55d9cdbe04a9086b Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 17:42:29 +0530 Subject: [PATCH 290/742] changed pathtype from prefix to Prefix (#1979) --- .../charts/backbone-services/s3-proxy/templates/ingress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml index d874d17ab9..a65f18dc60 100644 --- a/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml +++ b/deploy-as-code/helm/charts/backbone-services/s3-proxy/templates/ingress.yaml @@ -19,4 +19,4 @@ spec: port: number: {{ .Values.httpPort }} path: /{{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "s3-assets-bucket" }}/ - pathType: prefix \ No newline at end of file + pathType: Prefix \ No newline at end of file From 843f8678811e6cab6e2bcc08aa8314e1b0cfe0c2 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 18:05:07 +0530 Subject: [PATCH 291/742] changed subfilter injection file (#1980) --- .../templates/subfilter-injection-configmap.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml index a4b26a542b..98907dbc02 100644 --- a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml @@ -5,11 +5,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Chart.Name }}-js-injection -{{- if .Values.global.namespace }} - namespace: {{ .Values.global.namespace }} -{{- else }} namespace: {{ .Values.namespace }} -{{- end }} data: {{- index .Values "custom-js-injection" | nindent 2 }} -{{- end -}} +{{- end -}} \ No newline at end of file From 09954b8ad4a64a4835f08b4eff67c6a5c26205d6 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 18:44:24 +0530 Subject: [PATCH 292/742] added egov-dev-assests url (#1981) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index ee31e017ec..1b92153f33 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -340,7 +340,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ’;” + ’;” citizen: custom-js-injection: | From 0db9b679d0006bff14b1cda328325e32537c14ab Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 20 Sep 2023 18:52:19 +0530 Subject: [PATCH 293/742] reverting if else removal changes (#1982) --- .../templates/subfilter-injection-configmap.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml index 98907dbc02..052e378165 100644 --- a/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml +++ b/deploy-as-code/helm/charts/digit-works/frontend/works-shg-app/templates/subfilter-injection-configmap.yaml @@ -5,7 +5,11 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Chart.Name }}-js-injection +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} namespace: {{ .Values.namespace }} +{{- end }} data: {{- index .Values "custom-js-injection" | nindent 2 }} {{- end -}} \ No newline at end of file From d312c1738b0ecc4effb7cfd4d5082d7f1ed757b2 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 21 Sep 2023 11:15:40 +0530 Subject: [PATCH 294/742] moved individual and project to egov namespace (#1974) --- .../helm/environments/unified-dev.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a6bafd4e8c..88cb79037e 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -135,6 +135,8 @@ cluster-configs: fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" + project: "http://project.egov:8080/" + individual: "http://individual.egov:8080/" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ @@ -346,6 +348,21 @@ egov-localization: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi +project: + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + egov-data-uploader: initContainers: gitSync: From d4493bae970a60d2067914142c3a1c13c6fb3227 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 21 Sep 2023 12:03:04 +0530 Subject: [PATCH 295/742] updated docker secret (#1971) --- .../cert-manager/templates/cainjector-deployment.yaml | 2 ++ .../cert-manager/templates/webhook-deployment.yaml | 2 ++ .../elasticsearch/templates/statefulset.yaml | 2 ++ .../ingress-nginx/templates/controller-deployment.yaml | 2 ++ .../backbone-services/jaeger/templates/query-deploy.yaml | 2 ++ .../backbone-services/kafka-v2/templates/statefulset.yaml | 2 ++ .../charts/backbone-services/kafka/templates/statefulset.yaml | 2 ++ deploy-as-code/helm/charts/common/templates/_deployment.yaml | 4 +++- 8 files changed, 17 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml index 24389b3b01..c1c591c142 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml @@ -49,6 +49,8 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: - name: {{ .Chart.Name }} {{- with .Values.cainjector.image }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml index 1ceacde40f..07924a3d1c 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml @@ -51,6 +51,8 @@ spec: {{- if .Values.webhook.hostNetwork }} hostNetwork: true {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: - name: {{ .Chart.Name }} {{- with .Values.webhook.image }} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml index 9668e77919..4a8dc64fb0 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml @@ -195,6 +195,8 @@ spec: {{ toYaml .Values.extraInitContainers | indent 6 }} {{- end }} {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: - name: "elasticsearch" securityContext: diff --git a/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml index eacb1fd30d..34e9131b52 100644 --- a/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/ingress-nginx/templates/controller-deployment.yaml @@ -75,6 +75,8 @@ spec: {{- if .Values.controller.shareProcessNamespace }} shareProcessNamespace: {{ .Values.controller.shareProcessNamespace }} {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: - name: {{ .Values.controller.containerName }} {{- with .Values.controller.image }} diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml index 58da90639b..83411cabb6 100644 --- a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml +++ b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/query-deploy.yaml @@ -32,6 +32,8 @@ spec: {{- toYaml .Values.query.podLabels | nindent 8 }} {{- end }} spec: + imagePullSecrets: + - name: docker-registry-secret containers: - name: {{ template "name" . }} securityContext: diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml index 11c76dc5db..c1c00eab54 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-v2/templates/statefulset.yaml @@ -42,6 +42,8 @@ spec: values: - {{ template "name" . }} topologyKey: "kubernetes.io/hostname" + imagePullSecrets: + - name: docker-registry-secret containers: {{- if .Values.prometheus.jmx.enabled }} - name: prometheus-jmx-exporter diff --git a/deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml index 982804739b..e2b1968724 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka/templates/statefulset.yaml @@ -90,6 +90,8 @@ spec: {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers "context" $ ) | nindent 8 }} {{- end }} {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: - name: {{ template "name" . }} image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} diff --git a/deploy-as-code/helm/charts/common/templates/_deployment.yaml b/deploy-as-code/helm/charts/common/templates/_deployment.yaml index 9b45e7e4a7..d002afbc13 100644 --- a/deploy-as-code/helm/charts/common/templates/_deployment.yaml +++ b/deploy-as-code/helm/charts/common/templates/_deployment.yaml @@ -99,7 +99,9 @@ spec: env: {{- tpl .Values.initContainers.gitSync.env . | nindent 12 }} {{- end }} - {{- end }} + {{- end }} + imagePullSecrets: + - name: docker-registry-secret containers: {{- with .Values.extraContainers }} {{- tpl . $ | nindent 8 }} From 28ce56110169c8d8670f1a0f8821ef98d09659bb Mon Sep 17 00:00:00 2001 From: Shashwat Mishra <71879793+shashwat-egov@users.noreply.github.com> Date: Thu, 21 Sep 2023 12:37:39 +0530 Subject: [PATCH 296/742] Updated memory limits for mdms v2 (#1983) --- deploy-as-code/helm/environments/unified-dev.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 88cb79037e..ac1ad3b0b2 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -224,6 +224,9 @@ egov-idgen: heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" +mdms-v2: + memory_limits: 512Mi + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" From 1e8a0f134d4beb9f92f1c0ce95ff451d57ed6791 Mon Sep 17 00:00:00 2001 From: Swathi-eGov <137176788+Swathi-eGov@users.noreply.github.com> Date: Thu, 21 Sep 2023 17:02:03 +0530 Subject: [PATCH 297/742] Updated helm Configuration (#1987) --- .../backend/measurement-service/values.yaml | 81 +++++++++++++++---- .../helm/environments/unified-dev.yaml | 4 +- .../helm/environments/unified-works-dev.yaml | 18 +++++ 3 files changed, 84 insertions(+), 19 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index 100741ad36..dbbebcab1f 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -30,7 +30,7 @@ healthChecks: readinessProbePath: "/measurement-service/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx512m -Xms512m" +heap: "-Xmx192m -Xms192m" java-args: "" # Additional Container Envs @@ -41,10 +41,6 @@ env: | value: {{ index .Values "heap" | quote }} - name: JAVA_ARGS value: {{ index .Values "java-args" | quote }} - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - name: SERVER_CONTEXT_PATH value: /measurement-service - name: SERVER_SERVLET_CONTEXT-PATH @@ -54,10 +50,6 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service - {{- if index .Values "java-enable-debug" }} - - name: JAVA_ENABLE_DEBUG - value: "true" - {{- end }} - name: EGOV_IDGEN_HOST valueFrom: configMapKeyRef: @@ -68,25 +60,80 @@ env: | configMapKeyRef: name: egov-service-host key: egov-workflow-v2 - - name: WORKS_CONTRACT_HOST + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_CONTRACT_HOST valueFrom: configMapKeyRef: name: egov-service-host key: contract-service + - name: EGOV_ESTIMATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: estimate-service - name: APP_TIMEZONE valueFrom: configMapKeyRef: name: egov-config key: timezone + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "measurement-kafka-create-topic" }} - name: MEASUREMENT_KAFKA_CREATE_TOPIC - value: "save-measurement-details" + value: {{ index .Values "measurement-kafka-create-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-kafka-update-topic" }} - name: MEASUREMENT_KAFKA_UPDATE_TOPIC - value: "update-measurement-details" + value: {{ index .Values "measurement-kafka-update-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-service-kafka-create-topic" }} - name: MEASUREMENT-SERVICE_KAFKA_CREATE_TOPIC - value: "save-measurement-service-details" + value: {{ index .Values "measurement-service-kafka-create-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-service-kafka-update-topic" }} - name: MEASUREMENT-SERVICE_KAFKA_UPDATE_TOPIC - value: "update-measurement-service-details" - - + value: {{ index .Values "measurement-service-kafka-update-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-idgen-name" }} + - name: MEASUREMENT_IDGEN_NAME + value: {{ index .Values "measurement-idgen-name" | quote }} + {{- end }} + {{- if index .Values "measurement-idgen-format" }} + - name: MEASUREMENT_IDGEN_FORMAT + value: {{ index .Values "measurement-idgen-format" | quote }} + {{- end }} + {{- if index .Values "mb-default-offset" }} + - name: MB_DEFAULT_OFFSET + value: {{ index .Values "mb-default-offset" | quote }} + {{- end }} + {{- if index .Values "mb-default-limit" }} + - name: MB_DEFAULT_LIMIT + value: {{ index .Values "mb-default-limit" | quote }} + {{- end }} + {{- if index .Values "mb-search-max-limit" }} + - name: MB_SEARCH_MAX_LIMIT + value: {{ index .Values "mb-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "measurement-service-default-offset" }} + - name: MEASUREMENT-SERVICE_DEFAULT_OFFSET + value: {{ index .Values "measurement-service-default-offset" | quote }} + {{- end }} + {{- if index .Values "measurement-service-default-limit" }} + - name: MEASUREMENT-SERVICE_DEFAULT_LIMIT + value: {{ index .Values "measurement-service-default-limit" | quote }} + {{- end }} + {{- if index .Values "measurement-service-search-max-limit" }} + - name: MEASUREMENT-SERVICE_SEARCH_MAX_LIMIT + value: {{ index .Values "measurement-service-search-max-limit" | quote }} + {{- end }} - diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index ac1ad3b0b2..5baeaaae92 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -332,7 +332,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" egov-persister: replicas: 1 @@ -340,7 +340,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 1b92153f33..eed6bd75f7 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -371,6 +371,24 @@ chatbot: user-service-chatbot-citizen-passwrord: "123456" +measurement-service: + tracing-enabled: true + java-enable-debug: true + measurement-kafka-create-topic: "save-measurement-details" + measurement-kafka-update-topic: "update-measurement-details" + measurement-service-kafka-create-topic: "save-measurement-service-details" + measurement-service-kafka-update-topic: "update-measurement-service-details" + measurement-idgen-name: "mb.reference.number" + measurement-idgen-format: "MB/[fy:yyyy-yy]/[SEQ_MEASUREMENT_NUM]" + mb-default-offset: 0 + mb-default-limit: 10 + mb-search-max-limit: 50 + measurement-service-default-offset: 0 + measurement-service-default-limit: 10 + measurement-service-search-max-limit: 50 + + + ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" From 3f1501bc06623496ec5dc3f0dc05d696bd58fc7d Mon Sep 17 00:00:00 2001 From: Swathi-eGov <137176788+Swathi-eGov@users.noreply.github.com> Date: Thu, 21 Sep 2023 17:31:06 +0530 Subject: [PATCH 298/742] Updated helm configuration (#1988) * Updated helm Configuration * Updated Helm Configuration --- .../charts/digit-works/backend/measurement-service/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index dbbebcab1f..b8cd3ea6fa 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -16,7 +16,7 @@ ingress: initContainers: dbMigration: enabled: true - schemaTable: "measurement-service-schema" + schemaTable: "measurement_service_schema" image: repository: "measurement-service-db" From 522854610c537e71b8fd918cc724a9b540ce8b78 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 21 Sep 2023 18:38:43 +0530 Subject: [PATCH 299/742] removed from health and works helm charts (#1985) * removed from health and works helm charts * added to common services folder --- .../individual/Chart.yaml | 0 .../individual/templates/deployment.yaml | 0 .../individual/templates/ingress.yaml | 0 .../individual/templates/service.yaml | 0 .../individual/values.yaml | 21 ++- .../project/Chart.yaml | 0 .../project/templates/deployment.yaml | 0 .../project/templates/ingress.yaml | 0 .../project/templates/service.yaml | 0 .../project/values.yaml | 22 ++- .../digit-works/backend/individual/Chart.yaml | 26 ---- .../backend/individual/values.yaml | 146 ------------------ .../digit-works/backend/project/Chart.yaml | 26 ---- .../digit-works/backend/project/values.yaml | 104 ------------- .../individual/templates/deployment.yaml | 2 - .../individual/templates/ingress.yaml | 2 - .../individual/templates/service.yaml | 2 - .../project/templates/deployment.yaml | 2 - .../project/templates/ingress.yaml | 2 - .../project/templates/service.yaml | 2 - 20 files changed, 31 insertions(+), 326 deletions(-) rename deploy-as-code/helm/charts/{health-services => common-services}/individual/Chart.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/individual/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/individual/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/individual/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{health-services => common-services}/individual/values.yaml (87%) rename deploy-as-code/helm/charts/{health-services => common-services}/project/Chart.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/project/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/project/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/backend => common-services}/project/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{health-services => common-services}/project/values.yaml (93%) delete mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml delete mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/digit-works/backend/project/values.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/individual/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/project/templates/service.yaml diff --git a/deploy-as-code/helm/charts/health-services/individual/Chart.yaml b/deploy-as-code/helm/charts/common-services/individual/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/health-services/individual/Chart.yaml rename to deploy-as-code/helm/charts/common-services/individual/Chart.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml b/deploy-as-code/helm/charts/common-services/individual/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/individual/templates/deployment.yaml rename to deploy-as-code/helm/charts/common-services/individual/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml b/deploy-as-code/helm/charts/common-services/individual/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/individual/templates/ingress.yaml rename to deploy-as-code/helm/charts/common-services/individual/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml b/deploy-as-code/helm/charts/common-services/individual/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/individual/templates/service.yaml rename to deploy-as-code/helm/charts/common-services/individual/templates/service.yaml diff --git a/deploy-as-code/helm/charts/health-services/individual/values.yaml b/deploy-as-code/helm/charts/common-services/individual/values.yaml similarity index 87% rename from deploy-as-code/helm/charts/health-services/individual/values.yaml rename to deploy-as-code/helm/charts/common-services/individual/values.yaml index 7e2906f034..2ad96f81e5 100644 --- a/deploy-as-code/helm/charts/health-services/individual/values.yaml +++ b/deploy-as-code/helm/charts/common-services/individual/values.yaml @@ -3,7 +3,7 @@ labels: app: "individual" group: "core" -namespace: health +namespace: egov # Ingress Configs ingress: @@ -32,8 +32,6 @@ appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" -persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml" -indexer-yml-path: "file:///work-dir/health-campaign-config/egov-persister/individual-indexer.yml" # Additional Container Envs env: | @@ -81,6 +79,16 @@ env: | value: "update-individual-topic" - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC value: "delete-individual-topic" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} + {{- if index .Values "notification-sms-disabled-roles" }} + - name: NOTIFICATION_SMS_DISABLED_ROLES + value: {{ index .Values "notification-sms-disabled-roles" | quote }} + {{- end }} - name: JAVA_OPTS value: {{ index .Values "heap" | quote }} - name: JAVA_ARGS @@ -93,8 +101,6 @@ env: | value: "false" - name: MANAGEMENT_SECURITY_ENABLED value: "false" - - name: STATE_LEVEL_TENANT_ID - value: "default" - name: EGOV_MDMS_HOST valueFrom: configMapKeyRef: @@ -107,6 +113,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-enc-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization - name: EGOV_ENC_ENCRYPT_ENDPOINT value: "/egov-enc-service/crypto/v1/_encrypt" - name: EGOV_ENC_DECRYPT_ENDPOINT diff --git a/deploy-as-code/helm/charts/health-services/project/Chart.yaml b/deploy-as-code/helm/charts/common-services/project/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/health-services/project/Chart.yaml rename to deploy-as-code/helm/charts/common-services/project/Chart.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml b/deploy-as-code/helm/charts/common-services/project/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/project/templates/deployment.yaml rename to deploy-as-code/helm/charts/common-services/project/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml b/deploy-as-code/helm/charts/common-services/project/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/project/templates/ingress.yaml rename to deploy-as-code/helm/charts/common-services/project/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml b/deploy-as-code/helm/charts/common-services/project/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/backend/project/templates/service.yaml rename to deploy-as-code/helm/charts/common-services/project/templates/service.yaml diff --git a/deploy-as-code/helm/charts/health-services/project/values.yaml b/deploy-as-code/helm/charts/common-services/project/values.yaml similarity index 93% rename from deploy-as-code/helm/charts/health-services/project/values.yaml rename to deploy-as-code/helm/charts/common-services/project/values.yaml index b720225612..c690a65af2 100644 --- a/deploy-as-code/helm/charts/health-services/project/values.yaml +++ b/deploy-as-code/helm/charts/common-services/project/values.yaml @@ -1,9 +1,9 @@ # Common Labels labels: app: "project" - group: "health" + group: "core" -namespace: health +namespace: egov # Ingress Configs ingress: @@ -32,8 +32,6 @@ appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" -persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/project-persister.yml" -indexer-yml-path: "file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml" # Additional Container Envs env: | @@ -100,6 +98,10 @@ env: | - name: TRACER_OPENTRACING_ENABLED value: "true" {{- end }} + - name: SERVER_CONTEXT_PATH + value: /project + - name: SERVER_SERVLET_CONTEXT-PATH + value: /project - name: EGOV_LOCATION_HOST valueFrom: configMapKeyRef: @@ -187,12 +189,18 @@ env: | value: "save-project" - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC value: "update-project" + {{- if index .Values "project-default-offset" }} - name: PROJECT.DEFAULT.OFFSET - value: "0" + value: {{ index .Values "project-default-offset" | quote }} + {{- end }} + {{- if index .Values "project-default-limit" }} - name: PROJECT.DEFAULT.LIMIT - value: "100" + value: {{ index .Values "project-default-limit" | quote }} + {{- end }} + {{- if index .Values "project-search-max-limit" }} - name: PROJECT.SEARCH.MAX.LIMIT - value: "200" + value: {{ index .Values "project-search-max-limit" | quote }} + {{- end }} - name: EGOV.IDGEN.PROJECT.NUMBER.NAME value: "project.number" - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml deleted file mode 100644 index 93da335372..0000000000 --- a/deploy-as-code/helm/charts/digit-works/backend/individual/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: individual -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml deleted file mode 100644 index 1ba08968b2..0000000000 --- a/deploy-as-code/helm/charts/digit-works/backend/individual/values.yaml +++ /dev/null @@ -1,146 +0,0 @@ -# Common Labels -labels: - app: "individual" - group: "digit-works" - -namespace: works - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "individual" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "individual_schema" - image: - repository: "individual-db" - -# Container Configs -image: - repository: "individual" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/individual/health" - readinessProbePath: "/individual/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: health-individual - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_ENC_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-enc-service - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_ENC_ENCRYPT_ENDPOINT - value: "egov-enc-service/crypto/v1/_encrypt" - - name: EGOV_ENC_DECRYPT_ENDPOINT - value: "egov-enc-service/crypto/v1/_decrypt" - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: "egov-mdms-service/v1/_search" - - name: WORKS_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_IDGEN_PATH - value: "egov-idgen/id/_generate" - - name: EGOV_IDGEN_INTEGRATION_ENABLED - value: "true" - - name: IDGEN.INDIVIDUAL.ID.FORMAT - value: "individual.id" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC - value: "individual-consumer-bulk-create-topic" - - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC - value: "individual-consumer-bulk-update-topic" - - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC - value: "individual-consumer-bulk-delete-topic" - - name: INDIVIDUAL.CONSUMER.SAVE.TOPIC - value: "save-individual-topic" - - name: INDIVIDUAL.CONSUMER.UPDATE.TOPIC - value: "update-individual-topic" - - name: INDIVIDUAL.CONSUMER.DELETE.TOPIC - value: "delete-individual-topic" - - name: KAFKA_TOPICS_NOTIFICATION_SMS - value: "egov.core.notification.sms" - {{- if index .Values "state-level-tenant-id" }} - - name: STATE_LEVEL_TENANT_ID - value: {{ index .Values "state-level-tenant-id" | quote }} - {{- end }} - {{- if index .Values "notification-sms-disabled-roles" }} - - name: NOTIFICATION_SMS_DISABLED_ROLES - value: {{ index .Values "notification-sms-disabled-roles" | quote }} - {{- end }} - {{- if index .Values "aadhaar-pattern" }} - - name: AADHAAR_PATTERN - value: {{ index .Values "aadhaar-pattern" | quote }} - {{- end }} - {{- if index .Values "mobile-pattern" }} - - name: MOBILE_PATTERN - value: {{ index .Values "mobile-pattern" | quote }} - {{- end }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml deleted file mode 100644 index fe0aa63fd3..0000000000 --- a/deploy-as-code/helm/charts/digit-works/backend/project/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: project -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml deleted file mode 100644 index b419ced116..0000000000 --- a/deploy-as-code/helm/charts/digit-works/backend/project/values.yaml +++ /dev/null @@ -1,104 +0,0 @@ -# Common Labels -labels: - app: "project" - group: "digit-works" - -namespace: works - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "project" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "project_schema" - image: - repository: "project-db" - -# Container Configs -image: - repository: "project" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/project/health" - readinessProbePath: "/project/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: SERVER_CONTEXT_PATH - value: /project - - name: SERVER_SERVLET_CONTEXT-PATH - value: /project - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - {{- if index .Values "java-enable-debug" }} - - name: JAVA_ENABLE_DEBUG - value: "true" - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC - value: "save-project" - - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC - value: "update-project" - {{- if index .Values "project-default-offset" }} - - name: PROJECT.DEFAULT.OFFSET - value: {{ index .Values "project-default-offset" | quote }} - {{- end }} - {{- if index .Values "project-default-limit" }} - - name: PROJECT.DEFAULT.LIMIT - value: {{ index .Values "project-default-limit" | quote }} - {{- end }} - {{- if index .Values "project-search-max-limit" }} - - name: PROJECT.SEARCH.MAX.LIMIT - value: {{ index .Values "project-search-max-limit" | quote }} - {{- end }} - {{- if index .Values "project-mdms-module" }} - - name: PROJECT_MDMS_MODULE - value: {{ index .Values "project-mdms-module" | quote }} - {{- end }} - {{- if index .Values "egov-location-hierarchy-type" }} - - name: EGOV_LOCATION_HIERARCHY_TYPE - value: {{ index .Values "egov-location-hierarchy-type" | quote }} - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/individual/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/individual/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml b/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/individual/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/project/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/project/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/project/templates/service.yaml b/deploy-as-code/helm/charts/health-services/project/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/project/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file From e8d97f91a86bdc38e1eca40267a6950133252076 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 11:22:31 +0530 Subject: [PATCH 300/742] added service hosts (#1989) --- deploy-as-code/helm/environments/unified-dev.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 5baeaaae92..0b3772c3b1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -137,6 +137,9 @@ cluster-configs: vendor: "http://vendor.sanitation:8080" project: "http://project.egov:8080/" individual: "http://individual.egov:8080/" + household: "http://household.health:8080/" + product: "http://product.health:8080/" + facility: "http://facility.health:8080/" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ From 8e691f12bf91714bb6b93feb3b8586d5b93954f3 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 12:22:47 +0530 Subject: [PATCH 301/742] changed path for individual and project (#1991) --- deploy-as-code/helm/environments/unified-health-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-works-dev.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 8b01032758..fcce4d6f81 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -157,10 +157,10 @@ cluster-configs: egov-pdf: 'http://egov-pdf.egov:8080/' health-registration-service: 'http://health-registration-service:8080/' health-delivery-service: 'http://health-delivery-service:8080/' - project: 'http://project.health:8080/' + project: 'http://project.egov:8080/' product: 'http://product.health:8080/' household: 'http://household.health:8080/' - individual: 'http://individual.health:8080/' + individual: 'http://individual.egov:8080/' stock: 'http://stock.health:8080/' facility: 'http://facility.health:8080/' service-request: 'http://service-request:8080/' diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index eed6bd75f7..c919cc816c 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -149,14 +149,14 @@ cluster-configs: contract-service: "http://contracts.works:8080/" muster-roll-service: "http://muster-roll.works:8080/" project-management-system: "http://project.works:8080/" - project: "http://project.works:8080/" + project: "http://project.egov:8080/" estimate-service: "http://estimates.works:8080/" organisation: "http://organisation.works:8080/" bankaccounts: "http://bankaccounts.works:8080/" expense-calculator: "http://expense-calculator.works:8080/" expense: "http://expense.works:8080/" works-management-service: "http://works-management-service.works:8080/" - individual: "http://individual.works:8080/" + individual: "http://individual.egov:8080/" works-pdf: "http://works-pdf.works:8080/" loi-service: "http://loi-service.works:8080/" household: "http://household:8080/" From 08e28c3e3743508af707e5a151f807ef271aebe7 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 14:35:49 +0530 Subject: [PATCH 302/742] removed individual and project from env variables (#1992) --- .../helm/environments/unified-works-dev.yaml | 22 ------------------- 1 file changed, 22 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index c919cc816c..7712ca71de 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -228,16 +228,6 @@ expenses-billing: expense-billing-search-max-limit: 200 bill-kafka-topic: "bill" -individual: - heap: "-Xmx512m -Xms512m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - loi-service: tracing-enabled: true workflow.loi.business.service.name: "loi-approval-4" @@ -273,18 +263,6 @@ organisation: works-cbo-url-endpoint: "/works-shg-app" organisation-contact-details-update-topic: organisation.contact.details.update -project: - namespace: works - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - project-mdms-module: "works" - egov-location-hierarchy-type: "ADMIN" - heap: "-Xmx512m -Xms512m" - memory_limits: 512Mi - expense: tracing-enabled: true java-enable-debug: true From 72ce4ada7a38ccc6295a7326aeff0faef26d499d Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 22 Sep 2023 14:50:52 +0530 Subject: [PATCH 303/742] Mukta-services helm charts added (#1993) --- .../utilities/mukta-services/Chart.yaml | 26 +++++ .../mukta-services/templates/deployment.yaml | 2 + .../mukta-services/templates/ingress.yaml | 2 + .../mukta-services/templates/service.yaml | 2 + .../utilities/mukta-services/values.yaml | 101 ++++++++++++++++++ .../helm/environments/unified-works-dev.yaml | 1 + 6 files changed, 134 insertions(+) create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-services/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/Chart.yaml new file mode 100644 index 0000000000..3925aa5bcf --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: mukta-services +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml new file mode 100644 index 0000000000..e8b1422b9c --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml @@ -0,0 +1,101 @@ +# Common Labels +labels: + app: "mukta-services" + group: "rainmaker" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "mukta-services" + + +# Container Configs +image: + repository: "mukta-services" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: DB_PORT + value: "5432" + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project-management-system + - name: EGOV_ESTIMATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: estimate-service + - name: EGOV_MUSTER_ROLL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: muster-roll-service + - name: EGOV_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EXPENSE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: EGOV_FILESTORE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_MEASUREMENT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: measurement + - name: CONTEXT_PATH + value: "/mukta-services" + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 7712ca71de..42f3c03130 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -162,6 +162,7 @@ cluster-configs: household: "http://household:8080/" product: "http://product:8080/" facility: "http://facility:8080/" + measurement: "http://measurement-service.works:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 3bc453380d113948804a473fc28ad9176df0174b Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 15:51:38 +0530 Subject: [PATCH 304/742] removed dulplicate persister files (#1994) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 0b3772c3b1..f4a85c96a1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -335,7 +335,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/projectmanagementsystem-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" egov-persister: replicas: 1 @@ -343,7 +343,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 05d34dba8a2f053973b2aa463948c381b7710963 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 17:06:27 +0530 Subject: [PATCH 305/742] changed project persister (#1995) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index f4a85c96a1..75fc807ba3 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -343,7 +343,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 2ca284e77915a963901e43f9a8055e7113b14940 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Fri, 22 Sep 2023 19:47:49 +0530 Subject: [PATCH 306/742] removed duplicate project indexer path (#1996) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 75fc807ba3..30c3e4f659 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -335,7 +335,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" egov-persister: replicas: 1 From d8156ccaff6799a247865597776a28e95296fa02 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Sat, 23 Sep 2023 12:10:18 +0530 Subject: [PATCH 307/742] Updated project configuraiton for works env (#1997) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 42f3c03130..5daf664575 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -148,7 +148,7 @@ cluster-configs: attendance-service: "http://attendance.works:8080/" contract-service: "http://contracts.works:8080/" muster-roll-service: "http://muster-roll.works:8080/" - project-management-system: "http://project.works:8080/" + project-management-system: "http://project.egov:8080/" project: "http://project.egov:8080/" estimate-service: "http://estimates.works:8080/" organisation: "http://organisation.works:8080/" From f15df96a0ff7feef6bd011b753d01162e0ba5923 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 25 Sep 2023 10:40:12 +0530 Subject: [PATCH 308/742] increased memory for project and individual (#1990) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 30c3e4f659..0e8a20dda2 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -355,6 +355,8 @@ egov-localization: memory_limits: 512Mi project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true project-default-offset: 0 @@ -362,6 +364,8 @@ project: project-search-max-limit: 200 individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true state-level-tenant-id: "pg" From 93a5af0186c44a0209229b44d253fbbeab2f3cbc Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 27 Sep 2023 10:24:50 +0530 Subject: [PATCH 309/742] added ifms and jit service hosts (#1999) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 5daf664575..9111b97f8f 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -155,6 +155,8 @@ cluster-configs: bankaccounts: "http://bankaccounts.works:8080/" expense-calculator: "http://expense-calculator.works:8080/" expense: "http://expense.works:8080/" + ifms-jit: https://uat.odishatreasury.gov.in + ifms-adapter: "http://ifms-adapter.works:8080/" works-management-service: "http://works-management-service.works:8080/" individual: "http://individual.egov:8080/" works-pdf: "http://works-pdf.works:8080/" From d1de3f58ca1dfbc2341ec9d9bbcd07ee9cd76a09 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 11:56:55 +0530 Subject: [PATCH 310/742] updated oauth2-proxy secrets in unified-dev env (#2002) Co-authored-by: Harish-egov --- .../environments/unified-dev-secrets.yaml | 48 +++++++++---------- 1 file changed, 22 insertions(+), 26 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml index 4282a127ab..54074ddad7 100644 --- a/deploy-as-code/helm/environments/unified-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-dev-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:yT/F7cLsWHtG89VVI7qbAmVXTxk=,iv:+/+Pp4VFN3ZCGR9XKbZNrzJPsV8lz+19fBwrC3Tvo1c=,tag:lgXlThijLj1Rwo/vBajz7Q==,type:str] - clientSecret: ENC[AES256_GCM,data:XqWk57Zv3fexIKJhWSxd7vDMAqlqDZnk2i43ctrGpcPpvVzmuPZH5Q==,iv:Lc/CBENbYMdMbPU3neUrbEnLZJaaKRUe0k3SwXSSSlo=,tag:IXiiFifxjD2B3/O6J+1PeA==,type:str] + clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] + clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] minio: accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] @@ -72,40 +72,36 @@ cluster-configs: route: receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] group_by: - - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] + - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] routes: - - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] - match: + - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] + match: alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] receivers: - - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] - api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] - channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] - username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] - title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] - text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] + - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] + api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] + channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] + username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] + title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] + text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] templates: - - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] + - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-04-11T06:12:24Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== - aws_profile: "" + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-04-11T06:12:24Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-08-17T07:01:44Z" - mac: ENC[AES256_GCM,data:iHw5Zk34A9TKiWAHFstx4hiuoSmPlSFqruNds8VvcPfl1H1QyImR+HKD8V9gKsnQ6WA/mN84xjKAGVYP0u6y8j7EY2D8Ei7+Bgw4i7lsL0gXZ7t3XVzdnUM72LxdyeeZnSxpKdki3GGx32/DUnE2YLUmhoNpEcOB3APJvjqHJPg=,iv:5KroSwR0++Bd7R9ZVAtuwuKNCLW6c4KTRptW6wBaAXg=,tag:rl1AFe++dAu2rjssG817zw==,type:str] + lastmodified: '2023-09-27T06:18:14Z' + mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] pgp: - - created_at: "2023-04-11T06:12:24Z" - enc: | + - created_at: '2023-04-11T06:12:24Z' + enc: | -----BEGIN PGP MESSAGE----- hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 @@ -121,6 +117,6 @@ sops: LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== =NBp6 -----END PGP MESSAGE----- - fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F + fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F unencrypted_suffix: _unencrypted version: 3.7.3 From fdaab541109193488e71546bc004a707167ed11e Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 27 Sep 2023 12:07:20 +0530 Subject: [PATCH 311/742] added indexer path for ifms and expense-payment (#2000) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 0e8a20dda2..4e477b9200 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -335,7 +335,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml" egov-persister: replicas: 1 From b0b5de37bc44c84e0e650d2dc3645408eab94fd7 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 15:41:10 +0530 Subject: [PATCH 312/742] Helm chart for measurement registry and measurement service (#2003) * updated helmconfig for measurement registry and service * updated helm chart for measurement registry and service * updated unified-works-dev.yml file --------- Co-authored-by: admin1 Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- .../backend/measurement-registry/Chart.yaml | 26 +++++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../backend/measurement-registry/values.yaml | 105 ++++++++++++++++++ .../backend/measurement-service/values.yaml | 38 +------ .../helm/environments/unified-works-dev.yaml | 21 +++- 7 files changed, 157 insertions(+), 39 deletions(-) create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-registry/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/Chart.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/Chart.yaml new file mode 100644 index 0000000000..03e1c82852 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: measurement-registry +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml new file mode 100644 index 0000000000..c8005eecc6 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml @@ -0,0 +1,105 @@ +# Common Labels +labels: + app: "measurement-registry" + group: "digit-works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "measurement-registry" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "measurement_registry_schema" + image: + repository: "measurement-registry-db" + +# Container Configs +image: + repository: "measurement-registry" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/measurement-registry/health" + readinessProbePath: "/measurement-registry/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_CONTEXT_PATH + value: /measurement + - name: SERVER_SERVLET_CONTEXT-PATH + value: /measurement + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "measurement-kafka-create-topic" }} + - name: MEASUREMENT_KAFKA_CREATE_TOPIC + value: {{ index .Values "measurement-kafka-create-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-kafka-update-topic" }} + - name: MEASUREMENT_KAFKA_UPDATE_TOPIC + value: {{ index .Values "measurement-kafka-update-topic" | quote }} + {{- end }} + {{- if index .Values "measurement-idgen-name" }} + - name: MEASUREMENT_IDGEN_NAME + value: {{ index .Values "measurement-idgen-name" | quote }} + {{- end }} + {{- if index .Values "measurement-idgen-format" }} + - name: MEASUREMENT_IDGEN_FORMAT + value: {{ index .Values "measurement-idgen-format" | quote }} + {{- end }} + {{- if index .Values "mb-default-offset" }} + - name: MB_DEFAULT_OFFSET + value: {{ index .Values "mb-default-offset" | quote }} + {{- end }} + {{- if index .Values "mb-default-limit" }} + - name: MB_DEFAULT_LIMIT + value: {{ index .Values "mb-default-limit" | quote }} + {{- end }} + {{- if index .Values "mb-search-max-limit" }} + - name: MB_SEARCH_MAX_LIMIT + value: {{ index .Values "mb-search-max-limit" | quote }} + {{- end }} + + diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index b8cd3ea6fa..10af2e39bb 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -50,11 +50,6 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - name: EGOV_WORKFLOW_HOST valueFrom: configMapKeyRef: @@ -75,6 +70,11 @@ env: | configMapKeyRef: name: egov-service-host key: estimate-service + - name: EGOV_MEASUREMENT_REGISTRY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: measurement-registry - name: APP_TIMEZONE valueFrom: configMapKeyRef: @@ -88,14 +88,6 @@ env: | - name: JAVA_ENABLE_DEBUG value: "true" {{- end }} - {{- if index .Values "measurement-kafka-create-topic" }} - - name: MEASUREMENT_KAFKA_CREATE_TOPIC - value: {{ index .Values "measurement-kafka-create-topic" | quote }} - {{- end }} - {{- if index .Values "measurement-kafka-update-topic" }} - - name: MEASUREMENT_KAFKA_UPDATE_TOPIC - value: {{ index .Values "measurement-kafka-update-topic" | quote }} - {{- end }} {{- if index .Values "measurement-service-kafka-create-topic" }} - name: MEASUREMENT-SERVICE_KAFKA_CREATE_TOPIC value: {{ index .Values "measurement-service-kafka-create-topic" | quote }} @@ -104,26 +96,6 @@ env: | - name: MEASUREMENT-SERVICE_KAFKA_UPDATE_TOPIC value: {{ index .Values "measurement-service-kafka-update-topic" | quote }} {{- end }} - {{- if index .Values "measurement-idgen-name" }} - - name: MEASUREMENT_IDGEN_NAME - value: {{ index .Values "measurement-idgen-name" | quote }} - {{- end }} - {{- if index .Values "measurement-idgen-format" }} - - name: MEASUREMENT_IDGEN_FORMAT - value: {{ index .Values "measurement-idgen-format" | quote }} - {{- end }} - {{- if index .Values "mb-default-offset" }} - - name: MB_DEFAULT_OFFSET - value: {{ index .Values "mb-default-offset" | quote }} - {{- end }} - {{- if index .Values "mb-default-limit" }} - - name: MB_DEFAULT_LIMIT - value: {{ index .Values "mb-default-limit" | quote }} - {{- end }} - {{- if index .Values "mb-search-max-limit" }} - - name: MB_SEARCH_MAX_LIMIT - value: {{ index .Values "mb-search-max-limit" | quote }} - {{- end }} {{- if index .Values "measurement-service-default-offset" }} - name: MEASUREMENT-SERVICE_DEFAULT_OFFSET value: {{ index .Values "measurement-service-default-offset" | quote }} diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 9111b97f8f..5805b2c5d7 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -164,7 +164,9 @@ cluster-configs: household: "http://household:8080/" product: "http://product:8080/" facility: "http://facility:8080/" - measurement: "http://measurement-service.works:8080/" + measurement-service: "http://measurement-service.works:8080/" + measurement-registry: "http://measurement-registry.works:8080/" + employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -355,20 +357,27 @@ chatbot: measurement-service: tracing-enabled: true java-enable-debug: true - measurement-kafka-create-topic: "save-measurement-details" - measurement-kafka-update-topic: "update-measurement-details" measurement-service-kafka-create-topic: "save-measurement-service-details" measurement-service-kafka-update-topic: "update-measurement-service-details" measurement-idgen-name: "mb.reference.number" measurement-idgen-format: "MB/[fy:yyyy-yy]/[SEQ_MEASUREMENT_NUM]" - mb-default-offset: 0 - mb-default-limit: 10 - mb-search-max-limit: 50 measurement-service-default-offset: 0 measurement-service-default-limit: 10 measurement-service-search-max-limit: 50 +measurement-registry: + tracing-enabled: true + java-enable-debug: true + measurement-kafka-create-topic: "save-measurement-details" + measurement-kafka-update-topic: "update-measurement-details" + measurement-idgen-name: "mb.reference.number" + measurement-idgen-format: "MB/[fy:yyyy-yy]/[SEQ_MEASUREMENT_NUM]" + mb-default-offset: 0 + mb-default-limit: 10 + mb-search-max-limit: 50 + + ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" From 67f4b0b23051c7c3da02b46dd914f8d651d34eb4 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 17:18:23 +0530 Subject: [PATCH 313/742] Updated measurement-registry healthChecks url (#2005) --- .../digit-works/backend/measurement-registry/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml index c8005eecc6..0929f3a38b 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml @@ -26,8 +26,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/measurement-registry/health" - readinessProbePath: "/measurement-registry/health" + livenessProbePath: "/measurement/health" + readinessProbePath: "/measurement/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" From e3c5a086fead1405f4cc1ecc42048e2df8b16ab1 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 19:35:43 +0530 Subject: [PATCH 314/742] Updated estimate chart config for mdms-v2 (#2006) --- .../helm/charts/digit-works/backend/estimates/values.yaml | 5 +++++ deploy-as-code/helm/environments/unified-works-dev.yaml | 1 + 2 files changed, 6 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml index 45dd11ab39..34262daad8 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -83,6 +83,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-location + - name: EGOV_MDMS_HOST_V2 + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service-v2 - name: ESTIMATE_KAFKA_CREATE_TOPIC value: "save-estimate" - name: ESTIMATE_KAFKA_UPDATE_TOPIC diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 5805b2c5d7..1f25c4536a 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -75,6 +75,7 @@ cluster-configs: egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" + egov-mdms-service-v2: "http://mdms-v2.egov:8080/" egov-eis: "http://egov-eis:8080/" egov-workflow: "http://egov-workflow.egov:8080/" egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" From 4457e930f5ecb7b29d98bb833530a10acb27fcd2 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 19:50:24 +0530 Subject: [PATCH 315/742] updated config for bff (#2007) * Updated estimate chart config for mdms-v2 * updated config --- .../charts/digit-works/utilities/mukta-services/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml index e8b1422b9c..d5c616dd4b 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml @@ -91,7 +91,7 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: measurement + key: measurement-service - name: CONTEXT_PATH value: "/mukta-services" - name: EGOV_HOST From e297327d7321015acd47ce4779aeea310f2b4b2e Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Wed, 27 Sep 2023 20:21:12 +0530 Subject: [PATCH 316/742] Restore mukta-service helm config (#2008) --- .../charts/digit-works/utilities/mukta-services/values.yaml | 2 +- deploy-as-code/helm/environments/unified-works-dev.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml index d5c616dd4b..e8b1422b9c 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml @@ -91,7 +91,7 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: measurement-service + key: measurement - name: CONTEXT_PATH value: "/mukta-services" - name: EGOV_HOST diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 1f25c4536a..39b3772aaa 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -165,6 +165,7 @@ cluster-configs: household: "http://household:8080/" product: "http://product:8080/" facility: "http://facility:8080/" + measurement: "http://measurement-service.works:8080/" measurement-service: "http://measurement-service.works:8080/" measurement-registry: "http://measurement-registry.works:8080/" From badda1d305b2fca6e8ad7fed057635b919dacdcf Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 28 Sep 2023 14:07:33 +0530 Subject: [PATCH 317/742] changed ifms scheduler times to once a day (#2009) --- .../charts/digit-works/utilities/ifms-cronjob-fd/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-pa/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-pag/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-pd/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-pis/values.yaml | 2 +- .../charts/digit-works/utilities/ifms-cronjob-va/values.yaml | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml index 5c50a50c48..be66711961 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-fd/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "15 10 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml index a8513d121a..eaecb82150 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftfps/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "45 10 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml index f5ac2f601e..d9f147c77e 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-ftps/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "30 10 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml index 2eff763501..2bdd03ac16 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pa/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "30 9 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml index 5002f7367d..27b14bfde4 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pag/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "45 9 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml index 16d3c467ad..24ed93ed64 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pd/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "0 10 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml index fc42e882b5..9c62e4917d 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-pis/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "15 9 * * *" # Container Configs image: diff --git a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml index 09855580a3..03986d8c71 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/ifms-cronjob-va/values.yaml @@ -6,7 +6,7 @@ labels: namespace: works cron: - schedule: "*/5 * * * *" + schedule: "0 9 * * *" # Container Configs image: From e16ad824ddfbd351ccbbefe5a2119b5aefc0d41d Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 28 Sep 2023 14:36:02 +0530 Subject: [PATCH 318/742] added state level tenant id for cronjobs (#2010) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 39b3772aaa..4b320fc91b 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -20,6 +20,7 @@ cluster-configs: egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name egov-state-level-tenant-id: "pg" + state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From e223f99b16f5aef64ae98d8db14bcf69d8977e27 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 28 Sep 2023 18:04:47 +0530 Subject: [PATCH 319/742] Created a unified-qa env and also updated changes (#2001) * created unified-qa env's * created unified-qa env's * created unified-qa env and made some changes based on env --------- Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 12 + .../helm/charts/cluster-configs/values.yaml | 4 +- .../health-services/health-ui/values.yaml | 2 +- .../helm/environments/health-qa-secrets.yaml | 114 --- .../helm/environments/health-qa.yaml | 862 ------------------ .../unified-health-qa-secrets.yaml | 67 ++ .../helm/environments/unified-health-qa.yaml | 711 +++++++++++++++ .../helm/environments/unified-qa-secrets.yaml | 67 ++ .../helm/environments/unified-qa.yaml | 687 ++++++++++++++ .../unified-urban-qa-secrets.yaml | 67 ++ .../helm/environments/unified-urban-qa.yaml | 702 ++++++++++++++ .../helm/environments/unified-works-dev.yaml | 2 +- .../unified-works-qa-secrets.yaml | 67 ++ .../helm/environments/unified-works-qa.yaml | 715 +++++++++++++++ .../helm/environments/works-qa-secrets.yaml | 117 --- .../helm/environments/works-qa.yaml | 751 --------------- 16 files changed, 3099 insertions(+), 1848 deletions(-) delete mode 100644 deploy-as-code/helm/environments/health-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/health-qa.yaml create mode 100644 deploy-as-code/helm/environments/unified-health-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-health-qa.yaml create mode 100644 deploy-as-code/helm/environments/unified-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-qa.yaml create mode 100644 deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-urban-qa.yaml create mode 100644 deploy-as-code/helm/environments/unified-works-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-works-qa.yaml delete mode 100644 deploy-as-code/helm/environments/works-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/works-qa.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index ab57449b47..a63a153a8e 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -11,14 +11,26 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-works\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-health\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-health\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-urban\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index ad5badc825..94c4e286b4 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: egov + namespace: [ egov, works, health, urban ] name: db-service port: 5432 targetPort: 5432 @@ -36,7 +36,7 @@ cluster-configs: secrets: db: - namespace: [ egov ] + namespace: [ egov, works, health, urban ] name: db egov-notification-sms: diff --git a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml index f68aa1006f..31677be268 100644 --- a/deploy-as-code/helm/charts/health-services/health-ui/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-ui/values.yaml @@ -3,7 +3,7 @@ labels: app: 'health-ui' group: 'web' -namespace: egov +namespace: health # Ingress Configs ingress: diff --git a/deploy-as-code/helm/environments/health-qa-secrets.yaml b/deploy-as-code/helm/environments/health-qa-secrets.yaml deleted file mode 100644 index 96089ab666..0000000000 --- a/deploy-as-code/helm/environments/health-qa-secrets.yaml +++ /dev/null @@ -1,114 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:yiHHeg6ttJbm95Afl0U=,iv:EDRRJtqdNxNLlgP6mJBP0B+4j8H5rhzIMGsXz93zcQg=,tag:Jsi+mapF6w7UTmThxY9N7w==,type:str] - password: ENC[AES256_GCM,data:txNHRnHu0nTIJWDIoWQ=,iv:7WdOBdU3z7iDjfDYytwPWwKyjDrcd0oQzhr31HhdfHY=,tag:8+OIIkGm+f+Zi8mkffHY0Q==,type:str] - flywayUsername: ENC[AES256_GCM,data:QU7cnoWbT1hImiG4rZQ=,iv:+guTJLnLe/byxzQnPbYaQZWO8gnnYLx6EZhrApUTmkE=,tag:Q7I6y/IJ5re1Slx4rJ2eKQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:nBVwSEDgZR2BZCpAyYM=,iv:4Rt4m4pSkHBiGI9g8yhz526QhNTOfQR57faxUnuEcDw=,tag:/ITCwLlcxg7BhhBA6q+mmQ==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:g86c5A==,iv:VCXis/2M/2l/FIbUmn9H1iEWBp5sMAclU5pApJNBNDM=,tag:zaWq8sF7U3+HpwURkKHgoQ==,type:str] - password: ENC[AES256_GCM,data:eoAbEw==,iv:8xD4eu4A8aEmA9hRobniB4VKkQo0hxDY7SjHYH5HVc0=,tag:qibhazoHFZPVwwf5drdVQw==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:nfHNTFuCEdKexmq/X9l7ohHoWVI=,iv:0Ei1DeMHd8V+/H1jqT7WUvy3/hkZFXy338lYwME/LnE=,tag:nsa9qU2dLhfm8WJ069d1HA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:8UTyYZyaZVMXAqdTVKc2/6gshRt6Sas+dYr2Bqva3ScDngP2wIyISA==,iv:4XX1GmN0wezM9iy3RNI0bsSpJCr969x5GLqnPZB/qiE=,tag:inRmtsSLcPJDy9aP2uEVHQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:BW7ohJEp8JzuJONLB5stYH4Pgg==,iv:xRuXcNUWe819/6EKsVZoy+okPgLaQH0F5lxIjW6pg7M=,tag:AnPwwRPQfthPkWMyaEcNaw==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:Sdwg8w==,iv:ebSPHaUQtLvY01z+jW5E+/rUFt8qhQrnnFDaNIlCHWQ=,tag:QSQmX6kUsVCE8alGma4gVw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:atreQA==,iv:WbQ5RpTDF2u8NFyEHDyn2x1m1TC1XcP9h+0aNfUSA1s=,tag:2Q/FTCia39qBSflAOWdetA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:BI/98Q==,iv:+Z7/tha8bMK2ajRPskrNj1ZXJMdgsc/JtaBDmO9G52Y=,tag:enYkP1B6EYiDZnzLf8WyBg==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:5XRuxg==,iv:kX3/d8oK+oAgbOjkoZKFAO2DvfmxEXUQfHgNwJnDzdI=,tag:/ay+qyiDpX4kPXi0cjbiCg==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:vWZEyw==,iv:Jw+WF0atcryXn9ixag+W4Wyu7cCNhMvP0k1TI0xjQFc=,tag:H+pUcQSpAQXT3ngaBfqgrA==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:tuDLGg==,iv:KrlFK/Ps5m9ylEUNjtter7YQzVFVKSs3LWaQkIFTd/Y=,tag:uw18fHlwI1YtnKZQMmdUwg==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:p8cBRw==,iv:Yj5oksVKBXufuyRtole9MBCfCfCjfHjnjawyT4tikmk=,tag:3hYctCSPt9Ol2MIPo92yng==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:iIGWwGQMfZCvLaNaXQ==,iv:Eym6d1IzQclGoxvU3gG2FFXipX7S3VuUDGFtYKHeWgY=,tag:ElFkgiR8dL0rYkPXH2uDoQ==,type:str] - admin-password: ENC[AES256_GCM,data:TtbN9Q==,iv:7tYD5YEM6zIBRxmZHNLaHBDGhRFOnTEjpeauXQUpXNE=,tag:3Blsj5bnb75AXXGXrBrlHg==,type:str] - read-email: ENC[AES256_GCM,data:jQlGpHFP/5RWh86kRg==,iv:nWuiLgUZTMSjUpuLAERQu1kL97kT80g8xamMVvBmAEw=,tag:cbwIv7ihpirSAicP64Cy9A==,type:str] - read-password: ENC[AES256_GCM,data:snpHwA==,iv:LsnbGoRjyc9f1CYFRqUiEBVzJ9Yf6Z9nhNRTPjWAFlo=,tag:aLRFY81jlQIwSJPxe1yX8g==,type:str] - master-password: ENC[AES256_GCM,data:6pod2g==,iv:Idu9fC92eOUB6IryfdV6eF8HEj0YZgtaTUccK84wIr4=,tag:skgYQh9Knoqiyfngye/33g==,type:str] - master-salt: ENC[AES256_GCM,data:ag/BBayg3QU=,iv:86rFTnjNmLkgkMMzE9NRQFSxK8dDMcOQDJTWIgnvOrQ=,tag:xCWwA3ReFElfrdSHu8bnOg==,type:str] - master-initialvector: ENC[AES256_GCM,data:iMR0jFtCzbWn+u63,iv:0o39xWvg6aMkor2CsipyzZTnLJLAMDunZG9OZyWmqHk=,tag:hkVziIHCNOARkYWyg17/yw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:LOydfyMt+5Kurw6Q0nxpnU/CC1o9Yd/GGBRtAg==,iv:GuPPW3cDkr1vdvPLD7P48DIK5Pkz8nNzk0cZU6s1l90=,tag:QlyDn2evcUianTbhxMSYrw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:imm9r9EYEzIz+Syn9w/YQQ==,iv:ZdfIRsGumbyUAFuJi0InlET1aMjfz5TctN9ICG3htsY=,tag:ob7SiW3/gAulLtV/1nnZMg==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:qklzu/npeh2posrUKb95Vn/8PCWVxd9udEY7KAGiLjijZLos+ZyUGpLbHDU+m2qAWIbu61YP+PIkEsQB91htOP+okqzEXitzm2hIOdfXGLDGfCtQm/09RygD5DQvAFZQ9os1FfjYXQJRisdALYt6cOw9prAhzUKqtgWG0XADHlnpcYPeARCp0p2sQ1tuGAZwjsPFkpScEK7sSenjLcttxigGn/fucHNGtVe570Exvw52LT3PHK8wbh3GHH3QBsochn0efRjXjAoK5BRYGmCwGmKDXrMhfc4c5QtnmeoSfkHgB5fS+yDypIz/s11BcXUstomc51NZsQory+8pMIvGN7X2Hmtv0dLdaOagreygUu5I5eq6/CliVMdZk9MeMATKOhO1Ku+/loN+LxJU2tnOF6xOixPQt4JdvtajIrnuKbiHKkWzne393MYxcKFRwUNMKAXkFIPV2lapmjqCN/2n1voz0R6WtK+WHC8G1J8UbBRKQFu9LPryZwJE+sBRTSIMZiOTNwsrg3mF1ewNudi8SwLh0Pzay5XIVbcMO4g7VE6TBVbCjFFU0FxoQ5svtFbSnGWk01i21KHAVVVu4JPmGwmf04qrvQrnR3MoTAv5wQKx69Wc47Eew3Qpr5ACDWQBMbDSsZQdlWAhW0uURkrXaDs0Ocf1T5TSCVbXmbB0aO+1h6G+FwOcJNud+ZmJ83Y2qyHlka/lbUSr4KST2cy1+VTlD0aJ5VnfEW4FgJv9Lh4Mmb9vBuwni5M7hY6jz1jKnn0eSsQ1WxToWEkdUvodOb+5FJ84Qv+LrKn1wHNuGHrkV1QQXnNF96shxwjnVpTRRSnh0s0BEWoxB4ivQsAow+f5v6DDJKpDHZJd1Y2mPP2QFVxKytzKE7/4zQdh/J+l713eK7cMNNrBfW3zB8ih3ij+0qqEerZjhSfy6P/SIs/X9Svh/SJx0r/5t8Ws8DT7NK6UglIzyvWxyOUf2Ih4NnWCnh4WmAPKt1ZVQiT8rNWEweD4iQpChOykfLvk58lWJSEaAUPQP0pg5smRJv2KCo8dwi6M8X9NON0CTdfXk/Ouu4Ak62fao3bQibr9S9RfzNAdekz0OwcGwfQMZNDqHZkDP4lO2b/ZIGWB6zuHTmUq56mumDSYCecAP5LYJ5SsMLMHe9jsiT/5xjUlxFbBFXCr99OUEJZhsgmeWTYD6TYxl704BFV64Qw+PP/xrupOvyuzNrNEzFH97sLwhWEQNh12Sr9FQprWR3/rHcg6DcNGj12qIbUt/RCEJghxrZ6pk6leISzBi/dnmvHTA/FGYlimKOc2drACaP2D++FnKH0VVZWD2DGP/3HnWAZsJVioRNT4T+p6zvjrEnZM/ObNLsITEIBULMi9zUAz8pobVeXeymFWbs0ACtEYP4dZPzsW+k15ZOg/1KNHPDoHOT77MW5msecsmTObL2BLdl50aNJheXC+8TIJsMpQvj5klRW2dhlxEOXs9V4K85eMNBtuDaxf2pxzyelaYRmrT8ku4YssAjmQTHUL2/NRMPkEFM3dJRRdmCgjIaWr+wR328lO3jhp/3NrsoollSG8xxp3yvebgro1nPzz5lYol6rceJvE3h161cbTuIXDcTyHbWLuvvaV7wws9fuTCL+Am2MB9sedD4GGR1XL2xMbllAycR6a4TqLCdwyFypLKRQsVurX1BoiKWpJuN+2NPbCWyVZ87UPK9qP8Mqkh7amK3Sfa4+tx+34Dsk/G/656Q8g/SVM9L+4xwEWtD6MQJBI5u+HSQYMRFQ0tcHQA9uFl2E1XHjhpxNbXzM3ZmU9vu360yVMEdHERZp6FsPcASvLe6e71VjwAiEllqaE1U7J9SrLRYDBYyGRaCY2XcoBglv51ED7O8WnjSWNqgLeGfRCiLRA3RmUQmcB1YkRpqF71O9BNG9cEu9V/ZO5IJVm57bcjHrIufTWk+uwp8bveuta0tsLqL0/v+Wihg9YFdfA/p8zOaj7pqNaghQz5yPiis+7vOaM1KdAHTBDQkVdzS8SHLsJ9N/XHrmUDFaf4Htu6DPajQ5bSCCulPUThfs99RqJWZHIC9l5/bNoVyOSAhZgvUS85AKn+BdlzL5UJh2Hi8Sxb1S+8jV2YcKWdUnLG6s3GVlg8NylkhLru6wIGHkQtdwpFFE64t+CAuwTR31uurIC1qpsoMwDDp9Co3CBz6xhHeTnjl89OSpc5cu1PIHMakwuRSvOasOOqO3Oh4Unhw==,iv:xH+vNckrmh8yjmtK4Xh8pzY803YrWBIrDMQtqG87fWk=,tag:1nhBioidf0jbjiwnxCAgcw==,type:str] - known-hosts: ENC[AES256_GCM,data:Q8WSvL/wGIhjvDVAUnM19DS1fmBLFOiDmSeZvftt9syl2IJaALLhPo/OwdM2EJgVR7DRKaPpQRG6nrm/HMVaP4DJ6sJ+tqhohb4zMMVsg995ajiE8uXAcnTUFVmkfCocdC+mbR9JbrICqPCQO0zqs4mK2Cu/1M/a5o0S5/i+izsNe6X8w+jgNcDBEPoakzfuqQ/EjvQ+uXH7qlyOVO+NmA3sUWUOV2nqBEgNrU3fabusO52nifHeDulZLcS4uN3kAloBcO+K0lEG2+sXPfFwyNXGXaYvRILrHj4y8r0dDv7XbEqWG+anekTOSDkMpBpOrxq2IFfEXlSlYBxnNm+3o0ci2LhXnE1GuMzXBlIRJnVLyCNYHhaGPwhjxltsMa78tow6E3UAzB2HPkeVIMxmGQEMwvpBfBNGZUr+1Q7rlLAK3TYlG7MhuW7RkFWkjl1fPyUVc/liXxNWHpe4D/RCr/Tm+2b9apL0BHFTlWwJsj/DGV/3ZjlYEWhbr35UNiOYzixyYD6PTqEqA4qBxrByxrtv6T82RB/N2ihXK/f6GDi5F7GR9IlFNVg2dI1ELHmtFPAlDOhDezJS1zkIoNZoOY1wGOaWLYTq+590dnNbfambn7wpIRXffdaEmrhMfOZ/xTnWOViYV6zipcT5m4xYB1NS/cMJDKR5wfUY/NF2ktGsNAzVyWgvOApecthKJPTyPbUySNWw98gt2dzXzmZnH+umr8N78ifEGBPiUEXJ9qCuMeg=,iv:TYiJsEks2hCqJvV++hUASY2nKT31coLn5u0BkQTGVUI=,tag:7PungasLEKA1iuOC+9nxQw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:aXl0M/IDRastkw==,iv:NuWKpaX6WR41ZBomSERB9x6wa/z7InT9b93V4bDypL4=,tag:ok2WOSp5lLyFKLbIgC2G2w==,type:str] - credentials: ENC[AES256_GCM,data:AHc50g==,iv:emJsA/koUyHB+iR+1EjjsxPyo3LFHos+A29JM0oayK8=,tag:DEkAF3SlVRDCj+aSo3IqEA==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:8T+AyA==,iv:tjnIlQ6EPVL8C/iAHu5TMgRjlK47gOT9vONkXAUHaIc=,tag:Xnw7dpLj8ivMJKcj13avKg==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ZyNbFQ==,iv:8/1BfFgWWRuXabr+isFcWV6EGhHDxbMhpEttEcwF4iI=,tag:t/XTRWNvi0LBtFitKFQFRw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:2Wqg9Q==,iv:AE9LqlEciONd9aQCtWm8Ip8WzdcJ9ztZBHG1Hg/kknQ=,tag:M9xUOG+ZmrTEBvX+cn7SCg==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:Yn8JueYZaQJQFlku7A==,iv:miVYsweuUieW04X/vQoNj52zq5I48I7sllU7AjMBhUI=,tag:IgVUyqaDW1YinbXWzShypQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:Zu9W6Q==,iv:azvLnWHGh+AmhbUtfd8ZcMbeeE1qJ1o2jo6W6s1Vg/4=,tag:lYd8xigGj5to/GOnhaU5dg==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:X640/Q==,iv:rsEjpI4JUTwt+wSlHDW7xnp9x5yhljf+8Y3IKD3qDek=,tag:z5SdL9GiBQyjdzeWsjinQw==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xq8MRQ==,iv:Plf2V01njc7HokycpUKEpV+CebkV2kwAGWATaqC0bW0=,tag:x+E10lOTxC5gq+ZGRpFNdw==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:B902ig==,iv:BTmgzSV7u340AvYn2fXK4xKmV3WBD4eS1yf28/uTdoY=,tag:n6f39AWEi8JBJdVGnufMkw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:xy2HKg==,iv:AlBZltIKoRi2gOXv3nnohQqj6qvhb7zJfrlcoM1a8kI=,tag:XWqdYBYcrAgtZgCZNBKFEw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:pRT7Do0n,iv:23EeO0HHiVCCYwTVjJc7OgihBhsA973ZcUdMAR9hdkU=,tag:3KUd8qxM3agGRdWq2rVCZQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:SAEuDowdYClliRdrogIqiHVKRfY=,iv:Ywsct9F65qSWmuHm24uu3OXa1CP/XHU/NF7gbLMC6uw=,tag:sc/XjHzvbsWc2ZHnivvYsw==,type:str] - clientSecret: ENC[AES256_GCM,data:JJ4r311eve3SVSjbyQ17MLWGNH8EcIK2jDKEpt5O9OvJ4RlKIHPx0Q==,iv:pISCgA6RX0a2i0+8B3kIhvWl1r06QppvU+K1lppVOPA=,tag:zo38NXDrsEQK5kViIMjkfw==,type:str] - cookieSecret: ENC[AES256_GCM,data:mamqwic8IGDS2WIZAZgqDUPEkz8B5kPO,iv:uYxqXqFuoe7RiNBkyQZBTqejwToH6L0bmbxGHBPEn1w=,tag:tEQZ+nI1D1gCXS1sXiBUaQ==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:Wm4=,iv:u7+4iLSDHdwqJLFf/zBPV3cEkKyz1S7N41o3OoHykTs=,tag:olEY3fT2C3v28+xmtDI9Bg==,type:str] - route: - receiver: ENC[AES256_GCM,data:SmIYloLZ8j6boYiHxGcFblsQ4Q==,iv:tOoavgNtqO8OoevmziJ2Ngmxu0beRo0cTGSq2YxyvRc=,tag:b0yPSpRMJhNCDTvajEUInQ==,type:str] - group_by: - - ENC[AES256_GCM,data:JuEe9DkXCOyF,iv:Ss7sFJRZnI+rqia3U2nMLAAXunkQtFkGPoyVorrsnGs=,tag:Xp5601rgG6z9k+dhHerfGQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:xARhHtSYFedoOGByCEeBxhomFQ==,iv:cqW2AmN2t2YYlj+onKA96XLhScu8/T6GriG2n7QbE5Q=,tag:zieKMTOK+LND3OHev2VJ1g==,type:str] - match: - alertname: ENC[AES256_GCM,data:Hc6K44D8k2o=,iv:JnZxrs4ISFbBiPw01zmfqwvdCPAo0QeL1euhp7kq4nA=,tag:cSNmTpockLlPA4phv2venw==,type:str] - group_wait: ENC[AES256_GCM,data:S8wm,iv:+zyB3O/nikXnLp58pqwCFnP53bB43ZNa8YrB0GDht4k=,tag:lhKjYocqjHP6IP3wSEAXoQ==,type:str] - group_interval: ENC[AES256_GCM,data:Z+4=,iv:bSZdsNoHsXTDFX3vUfz7t8JAo3D9ms6CrA3ncqYLcpQ=,tag:zZsS47WTrW1nHqFRoBU5+Q==,type:str] - repeat_interval: ENC[AES256_GCM,data:p882,iv:j9ErmLS89HyRuTjCNSCzKRajImjHfI59hsARbekUq48=,tag:raouKCK+TOboXhytMJMqUw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:D/vsVidBOpqXYZqSAMAHuFj1sA==,iv:r9IldAL9X7BSEg2LNas4jf+fjZArDxor1xJ9IBlZYDA=,tag:JltOtHSvWVq9G2udPgyXIg==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:U49U8Q==,iv:IfJqafAloArT7Vta8mX2OIVoK9KFhP7xQEBsRjHg3Rc=,tag:MraL8w7S43TVy2Aa74iuRQ==,type:bool] - api_url: ENC[AES256_GCM,data:8P2IiDWzCKRKqWsYAehiIfiheXLxQJiOnSnzaon1gkP9D7FXozStWyEuXBmaCra6QsIS+6jn5RqyzbMWFZ44lFupSHq7Tv7BxGQtlLE6aQ==,iv:TtjtgtSuu3upzNTZ0pGJYFapwvTr+G7WIYCVAaAMX9E=,tag:LObDWtOLSTtPxhi88CG0jQ==,type:str] - channel: ENC[AES256_GCM,data:LqmIYP8/VL2A2qZgBPAp6CE=,iv:hnMBGswQoeWXiOYbjq0oJVKdyUMFoNP6XXK0DID0MLQ=,tag:5C1rGbBtnKbGhP2HrM23cw==,type:str] - username: ENC[AES256_GCM,data:rMo0Ewspe5SMBqAI,iv:yaLJUusyNdp6Xv7kG8pFqe4edtowAR0NCK93fAYi3jY=,tag:M+1htAtjBEgJdKoYYtLPkg==,type:str] - title: ENC[AES256_GCM,data:frVxReXCbRZ1QCXvS5e2Q2ArId/M+yJp1FeiPgZ6q/WAvqqCPtU=,iv:UXW+4tQE7rzPI68WXFmXp/cupksJdVv9UNYvWIJIg4M=,tag:aCzQJpAyYYI4MedS3U+sDA==,type:str] - text: ENC[AES256_GCM,data:MOlIIk7/gD70F37wWa5mugk+SANchj/9Z1HHPxio2vAazhQAHw==,iv:iMkuc0QQd8SHwJ5ZqphxUO1zunuhdemDSetYfKncA+c=,tag:8LZE03RmjvHBJjBNC4Vk8A==,type:str] - templates: - - ENC[AES256_GCM,data:FZeDssq222VIuaF7Z2/R0qw6nF8bmvkznv9ptOnODnDGclviwH+D8xWaD4ej+/9+rx3iW/7BU1pQqq0ExAoEZ1xpTdVhNPM=,iv:upoM26wxue4XAaDiOTCEEKnkIkzW65pVJ22XF0vk8q0=,tag:sSvsZNDCR8IjJ5qPBcLWxw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c - created_at: "2023-01-12T06:19:42Z" - enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQH7m56lL8Jh3uGaZgbTl5jfAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0CwDMOpfXWfIsrsEAgEQgDs3fZLjg4rCpjn0jOcYVOjsQuq9YCGfhpZQYKNpBHZf1wxrwFMIPKepF5i2FrwHvhrgicy+P8354qRWjA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-05-12T10:52:29Z" - mac: ENC[AES256_GCM,data:TE+zHGs+xMuRGP7ilF7x+n+yhulXzC26Jwej1mzbKTPCVDkbvF/nzshcpkAnUluHbRzw98B5kONqpVT8M5SCOUbuXyxoM/cTHtEgkHxvXxpzbplRMXhGO8jlFdhj0mH3Wf30OfdS0pxDUvyQSTI7g0W2lVZoSHuaz2wgFNnGjl4=,iv:EmJ98RNqHimTdkc3uGbqc+IKzAMD4cNt3Grq47aHfqQ=,tag:lvV//UejgJLMnYBE4B/KlQ==,type:str] - pgp: - - created_at: "2023-01-12T06:19:42Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf+P79MIi6iHOlaK537vo2yoK3Or534UulSBy61pAvOWdWi - iGkmva8pLHMdJQmiWw9MIgNTFhMOWs7xdTjJi9afr4fQ6LijvQQ8gLJdxgJeqRlI - f9uEtBTjPQMhmp68hbZIKmWWsxIb22mFGBpE0KlZoWJTbNxy9ET/Lb3QKcTCkM0S - Tc9M7phWX9uIZhcb9ZO7EC3BiWpw3jMQ9gj/tY6ykuAi2DYnFylFgOvDgB5OTnCk - xgfIVkT51+Cb7zF7cjZk3CMCQ3tEISUgr1ICfbUpUQftGGmmc3pOvxAJe55p8+Xf - 3BtfTkyPswQkyMjDzVHcd+OEjEUvcCSz94MO/ez1D9JeAeIpNDP7Ur9VEMyWlGx+ - omUIVGToLsFvyj1w9TKQwKBcAkHQADmoOnYQO71B1iS5DY2Pz0EubGAlUEZC8W4Q - C7oaMHN2Bjqd7yyBGDKaqo3twalFjylzgo30krS3Mg== - =EtBq - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/health-qa.yaml b/deploy-as-code/helm/environments/health-qa.yaml deleted file mode 100644 index ddda8676dd..0000000000 --- a/deploy-as-code/helm/environments/health-qa.yaml +++ /dev/null @@ -1,862 +0,0 @@ -global: - domain: health-qa.digit.org - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - data: - db-host: "health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com" - db-name: "healthqa" - db-url: "jdbc:postgresql://health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthqa" - domain: "health-qa.digit.org" - egov-services-fqdn-name: "https://health-qa.digit.org/" - - egov-state-level-tenant-id: "default" - s3-assets-bucket: "(pg-health-egov-assets|egov-health-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra.kafka-cluster:9092" - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: "Asia/Kolkata" - tracer-errors-provideexceptionindetails: "true" - - egov-service-host: - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: "http://dashboard-analytics.egov:8080/" - dashboard-ingest: "http://dashboard-ingest.egov:8080/" - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: "http://echallan-calculator.egov:8080/" - echallan-services: "http://echallan-services.egov:8080/" - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - project: "http://project:8080/" - product: "http://product:8080/" - household: "http://household:8080/" - individual: "http://individual:8080/" - stock: "http://stock:8080/" - facility: "http://facility:8080/" - service-request: "http://service-request:8080/" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: pb-health-egov-assets - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "default" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - -inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' - bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' - #W&S index names - water-es-index : water-services - sewerage-es-index : sewerage-services - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - -egov-pg-service: - axis: true -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/health-campaign-mdms/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-mdms" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "health-campaign-mdms" - masters-config-url: "file:///work-dir/health-campaign-mdms/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/health-campaign-config" ##### Change repo url with Your fork Repo url - branch: "QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/data-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/data-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/property-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/pt-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tl-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedbill.json,file:///work-dir/health-campaign-config/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlapplication.json,file:///work-dir/health-campaign-config/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/health-campaign-config/pdf-service/format-config/bpa-revocation.json,file:///work-dir/health-campaign-config/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/health-campaign-config/pdf-service/format-config/misc-receipt.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/health-campaign-config/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/health-campaign-config/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://health-eks-qa-db.cqqfmghbjssw.ap-south-1.rds.amazonaws.com:5432/healthqa" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - metrics: #To collect the matrics data from nginx-ingress. - enabled: true - serviceMonitor: #To enable the service monitoring of nginx-ingress - enabled: true - service: - prometheusRule: - enabled: true - - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - sampling-strategies: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-08be2c6aabcfb732f" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-088f0666498c8a38d" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0f317e2eb92cb44e5" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#kafka-v2: -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -#kafka-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" -# storage-size: "75Gi -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-08201b8155c34f108" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0f406d2f33a4b056c" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0dd3faa7c6bf8fdcb" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - # zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> - #zookeeper-v2: - # persistence: - # enabled: true - # azure: - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - # - diskName: "diskName" ## add diskName - # diskURI: ## Azure diskURI - - ## Zookeeper JVM Heap Option -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< -#zookeeper-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. - -# storage-size: 5Gi -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0444670b30ef7bf2e" - zone: ap-south-1b - - volumeId: "vol-0b1ca661d2e945093" - zone: ap-south-1b - - volumeId: "vol-0a42f9bfadef8f511" - zone: ap-south-1b - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - memory: "2Gi" - limits: - memory: "2Gi" -## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# -# esJavaOpts: "-Xmx1g -Xms1g" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-data-v1 SDC<<<<<<<<<<<<<<< -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. -# storage-size: 25Gi -# esJavaOpts: "-Xmx1g -Xms1g" -# storage-size: 25Gi -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-041c746213d8a27d4" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-0abb5d61fd6246938" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - volumeId: "vol-06c016ff026344d7a" - zone: ap-south-1b ## add your respective zone eg. ap-south-1b - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# storage-size: 5Gi -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-devops,health-dev" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/health-campaign-config" #REPLACE with your configs repo - branch: "DEV" #REPLACE with config repo branch name - dashboardsFolder: /work-dir/health-campaign-config/monitoring-dashboards diff --git a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml new file mode 100644 index 0000000000..a6d83beff9 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] + password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] + flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] + flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] + password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] + admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] + read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] + read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] + master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] + master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] + known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] + si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] + clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-09-26T16:11:43Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + gcp_kms: [] + lastmodified: '2023-09-26T16:23:25Z' + mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.0.0 diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml new file mode 100644 index 0000000000..b3a466ac3d --- /dev/null +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -0,0 +1,711 @@ +global: + domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, health ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, health ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + pgr-services: 'http://pgr-services.health:8080/' + product: 'http://product.health:8080/' + household: 'http://household.health:8080/' + stock: 'http://stock.health:8080/' + facility: 'http://facility.health:8080/' + individual: "http://individual.health:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + project: 'http://project.health:8080/' + service-request: "http://service-request:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" + +health-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + namespace: health + memory_limits: 512Mi + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + java-enable-debug: "true" + time-before-closing-complaint: "3600000" + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml new file mode 100644 index 0000000000..a6d83beff9 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-qa-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] + password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] + flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] + flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] + password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] + admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] + read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] + read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] + master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] + master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] + known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] + si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] + clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-09-26T16:11:43Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + gcp_kms: [] + lastmodified: '2023-09-26T16:23:25Z' + mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.0.0 diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml new file mode 100644 index 0000000000..9fb11c2322 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -0,0 +1,687 @@ +global: + domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + memory_limits: "512Mi" + heap: "-Xmx512m -Xms512m" + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml new file mode 100644 index 0000000000..a6d83beff9 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] + password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] + flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] + flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] + password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] + admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] + read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] + read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] + master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] + master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] + known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] + si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] + clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-09-26T16:11:43Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + gcp_kms: [] + lastmodified: '2023-09-26T16:23:25Z' + mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.0.0 diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml new file mode 100644 index 0000000000..509b6090a1 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -0,0 +1,702 @@ +global: + domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, urban ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe + + egov-service-host: + namespace: [ egov, monitoring, urban ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + ws-calculator: "http://ws-calculator.urban:8080/" + ws-services: "http://ws-services.urban:8080/" + sw-services: "http://sw-services.urban:8080/" + sw-calculator: "http://sw-calculator.urban:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +property-services: + replicas: 1 + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + replicas: 1 + is-external-workflow-enabled: "true" + water-decryption-abac-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + memory_limits: "512Mi" + heap: "-Xmx512m -Xms512m" + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 4b320fc91b..06adf0edb6 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -167,9 +167,9 @@ cluster-configs: product: "http://product:8080/" facility: "http://facility:8080/" measurement: "http://measurement-service.works:8080/" + ifms-adapter: "http://ifms-adapter.works:8080/" measurement-service: "http://measurement-service.works:8080/" measurement-registry: "http://measurement-registry.works:8080/" - employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml new file mode 100644 index 0000000000..a6d83beff9 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] + password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] + flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] + flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] + password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] + admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] + read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] + read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] + master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] + master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] + known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] + si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] + clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-09-26T16:11:43Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + gcp_kms: [] + lastmodified: '2023-09-26T16:23:25Z' + mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.0.0 diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml new file mode 100644 index 0000000000..657fa06bd8 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -0,0 +1,715 @@ +global: + domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, works ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, works ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + attendance-service: "http://attendance.works:8080/" + bankaccounts: "http://bankaccounts.works:8080/" + contract-service: "http://contracts.works:8080/" + estimate-service: "http://estimates.works:8080/" + expense-calculator: "http://expense-calculator.works:8080/" + expense: "http://expense.works:8080/" + ifms-adapter: "http://ifms-adapter.works:8080/" + individual: "http://individual.works:8080/" + organisation: "http://organisation.works:8080/" + muster-roll-service: "http://muster-roll.works:8080/" + works-pdf: "http://works-pdf.works:8080/" + works-management-service: "http://works-management-service.works:8080/" + project-management-system: "http://project.works:8080/" + ifms-jit: https://uat.odishatreasury.gov.in + household: "http://household.works:8080/" + product: "http://product.works:8080/" + facility: "http://facility.works:8080/" + +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +estimate-service: + memory_limits: 512Mi + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +individual: + namespace: works + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/works-qa-secrets.yaml b/deploy-as-code/helm/environments/works-qa-secrets.yaml deleted file mode 100644 index 8ece681a0b..0000000000 --- a/deploy-as-code/helm/environments/works-qa-secrets.yaml +++ /dev/null @@ -1,117 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ufcHeQl9et3fD68=,iv:MkZAe9JE9352L6ENwOy3hEPMVDBBObvypnPKZsUABP4=,tag:9ggPsfbWktLi45DxOmPhaA==,type:str] - password: ENC[AES256_GCM,data:dY+uHddQUgc=,iv:hPzHbmTT7HMG5nUwBpEQymVkTPMWmiPSq0cPyHdXGb0=,tag:ZXBcJx7YkO54kY5GC+4TRg==,type:str] - flywayUsername: ENC[AES256_GCM,data:gZR1O1+vHC8ClUw=,iv:FJJZ0vz/SvhTGxyV2Deb/OBWS58rK6kMZaYpS3VTNa4=,tag:cEMJT+e9kCAxfRz1YEPeRQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:A/xgH7lHEZI=,iv:2Mx+iJmVCKupu6hTORbth5Oge+7v63ZtXZ2tQuWIMCU=,tag:C+Q6H/OxVA/ddgSjyuh2gA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:1EE5Z9h8uen4pQZxgAYI1q+sDpk=,iv:eeCXNCkVONQsHjQ/HUy7QzynBQTWpg9WzWCLM2OPD24=,tag:DixDO0gDvhloWPeXTzch3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:cdJM7eawrvG2GkOISVkA6IzqloB+1HG2hECyQ/ivh/K15c91AuIpPQ==,iv:2fwqXTr6CeSQZo6y6aQHpd59rvw2mDvun4ZGKrUfkCQ=,tag:2VJ2qBq7aCUXlREnf5CEsQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:gJAB43kNqVyTeV0RnvSqC3mlaCmwfaH0yZvHH8niW1zUae1LDhPb,iv:OVTW/P9b9/xF6V1/M/iN+uh453vtEZSX/XRKPNXXH6o=,tag:KixeZhfInKrhSnnByp8ZEA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:CwmC/4nKZM14+F6FMwm0NDUhX7GHodTUeg==,iv:9XUS9Z7k2wQQlXvJH93UwKefylGR7FJhJaqtYC5W62M=,tag:Qiw5PdSzJsvxQXVBJuE16w==,type:str] - admin-password: ENC[AES256_GCM,data:RRQIqBp5ybW0q8ab06o=,iv:yD6grAFLQRFRuMrTymaolcw+9nwFA+2KuIuAWqJSTr4=,tag:bINhTRTfj0CtT71fNS5DAw==,type:str] - read-email: ENC[AES256_GCM,data:oi3d4aGjMhWI4dHMzq6lCblzAtvv9IOs,iv:IINvV81FHRmlvLhpg3reAoxbwF7kkKJz3UpY1CbjlFE=,tag:IL3KKPHebWuBEnbQBqQ4eg==,type:str] - read-password: ENC[AES256_GCM,data:hqBwiZElvF8f2ejEujUlYs8=,iv:eJQOBxzc/X5HQrQGfhXSGw7nYQpywmu9q8KmaSCD99M=,tag:l4eVkWPqtf2FIp176ubuGQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:zIZF3uLtJIfXDw==,iv:vQESE+sjUTQrIRIjsYadLAboraj69JmTI3MHIsnTya4=,tag:6sUPwMjMJkBEVPTTkonFOQ==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-wordpress-portal: - db-username: ENC[AES256_GCM,data:60tSBhTG2MP+8Ip8PN4eqQ==,iv:2iroKVf9S76rI7jddZIpD5G3R4z+UWyZAMkk2aInfcc=,tag:R6QBmYoub7q2pR8HfJ0evw==,type:str] - db-password: ENC[AES256_GCM,data:8GPtKLgLKWxZUtWR2p9kBmU9ggw=,iv:EvR7MGizLExALttpw/Y0wO/ye8sX/cdut+bfR5nVqsQ=,tag:Gg5ADN1UpnuPwW/kN8u0SQ==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:F1pTK0ZEuqxPNnfPzRxrkD6ckyX3kSl5/oNmYBoDj62A,iv:wcFqE3qIV1zHDJ4WWDlpJzQzbfI7Wk5xbtkzsRm3jRs=,tag:oeZWSZrJB4msjn7vnsuczw==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - wordpress: - wordpress-password: ENC[AES256_GCM,data:kUVsPJ4Qr+L7AmUTkwYfjQxH,iv:/slm4GGhmeqmbR+iihrJlUWtv0gpFKMP1EuwiM0YeVg=,tag:tciQ2XK8az1cGq5mW5J8+Q==,type:str] - mysql: - mysql-password: ENC[AES256_GCM,data:YcYf4W25NmdN,iv:sk+XgglRhSEho3qjKWQcmDN4G8JgEOTL5SwJXfsTMio=,tag:uvTJgNY+cgud0qwexgVDmA==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:SEpeoTCr6H1DuN9njXE8pAmbCp8=,iv:927VB4IGsrlm1m8LMNJTuHPto4jbzBHMcnUCPWzxuIQ=,tag:MDHL8+b/t8oWnRekb/d0+A==,type:str] - clientSecret: ENC[AES256_GCM,data:D2oTAXYdeMxB4E0+KUq+v0ekQm0SQ6ZnurBpmag49xI8nd5LRbjsWw==,iv:iqvX1daqQwtpVElTpsAmb9HJwz83Mx4EN9Flpva7fHk=,tag:FDNCVR0/dLa69xgA6ibQRQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:Bt38VVbNL+4Twrs4o84ElNqVeA4jnHPURjgqwFgLe8gNM2j1pZU0FeGgWqM=,iv:AKb+N6w/Jvq1/VWn6KnHK6gdY6EztVmsLlRv356HV9U=,tag:/UQpTFMnf442aUNeljP27w==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] - group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: - alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] - group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] - group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] - repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] - templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:tdetLPfNXdryPyQn5ln0wfIiuQRSEmQzmxnNIQ3CTCLQeWd6Gb+PJjIEglWkJyEnDq/9VdSA6Iysu9eDuQHCfFclgqpB0nXPokplyNNz1Yiz4rrjC8yg+0vceKXgIselRSwHIPnuR9w9JMOJ9tuVl9bc9okHC6gBPlx+dqCDemxHk02d9DBBdrLrj/EgpZ1YaO+v1Bs2IzBtFZJi6nE7rD1qA1MKZwGMlyDOrmx3Wvx24U7IMaIY9q/nQ9yg/qR2QZAHr80x9Alf6UvagJIBcbIxXiK9vq3xLn41GcUkbMu0SZ6bMrlxoLqkxRMgHqyvLCbL12aCrJYTYdhlFKIBl9dh6e5woohLa2oN62hVfDNQCFFPgYMRSrAKA+7pBmi7gFp0Rd1J1+r+7Bclv0pFJ653aahfpJ2n16WQeW/Cf0ccRcwU47j3rljOoa9sCZu1W9qaJW+Q4EZ4wDdfx//sBUBXqjT1kU7cVyfVjnXqcpJK83iLtW7dX1d1ALPowRU0kSI5dKAZpOKzZSUFlkajTa3JpNIMdENWvi0L49oG/K18GWAzQ60LfLa0UUCg8UOEHG7Wid2tX9A8AFWEkLA/7D4nEaEx/vQSbpXWLuwecPmMEgD0qhY2HNwKbFeNNDh3x2x3xUmztkNNslJvWVqsRIZ7TcP7T5Ev3N6LaC7Zc+q2059le3gHdQIp4VgjZ/e7ONnvx3GXXHviH714JqSUSxVOpc7KA+O818Dq8m3Vr6lP6c8=,iv:bbz8kcF20h7W4NFLIb/3a4f9fqlj6XovC0Mqx1XDUKw=,tag:S+/DnuDGR+VsR3wGT8XlTA==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2020-11-10T06:48:05Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-03-29T10:30:00Z" - mac: ENC[AES256_GCM,data:eIZ+OFCd2Ni3QMiWMAwU1Q6ideyWlSSFsZI6828jZ7xpBwYy1A70OEtMWM62/Hh6ixyCyoSA7iTGAMYkLNyllstKamjq00NSKnsesU/YEdjZ+HF4kzjpfpyTHMqzsxidWoKpVpu1ejZBDpXFdj8cfiCigWOFvaVXL9rYrvyaB8Y=,iv:PO0UDFg9cY6KoABGrOjnjd6eBv+NhY7YpB64aJ6fE/A=,tag:4NJEO8ToZqaXJjRZzd6QhA==,type:str] - pgp: - - created_at: "2020-11-10T06:48:05Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv - lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ - gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ - Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t - PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF - 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS - ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S - q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== - =msen - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/works-qa.yaml b/deploy-as-code/helm/environments/works-qa.yaml deleted file mode 100644 index 8b10bf2b56..0000000000 --- a/deploy-as-code/helm/environments/works-qa.yaml +++ /dev/null @@ -1,751 +0,0 @@ -global: - domain: works-qa.digit.org - tracing-enabled: true - -cluster-configs: - namespaces: - create: true - values: - [ - backbone, - cert-manager, - egov, - works, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - ] - - rbac: - - role: user - namespaces: [egov, works, playground, kafka-cluster] - - role: admin - namespaces: [playground] - - root-ingress: - cert-issuer: letsencrypt-prod - namespace: works - appRoot: works-ui - serviceName: works-ui - - configmaps: - egov-config: - namespace: [ egov , works ] - data: - db-host: "postgres.egov" - db-name: "works_qa_db" - db-url: "jdbc:postgresql://postgres.egov:5432/works_qa_db" - domain: "works-qa.digit.org" - egov-services-fqdn-name: "https://works-qa.digit.org/" - egov-state-level-tenant-id: "pg" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2.kafka-cluster:9092" - logging-level-jdbc: "debug" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pg-egov-assets|works-qa-asset)" - serializers-timezone-in-ist: "true" - server-tomcat-max-threads: "10" - server-tomcat-max-connections: "500" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - tracer-errors-provideexceptionindetails: "true" - timezone: "Asia/Kolkata" - es-infra-host: elasticsearch-data-v1.es-cluster - db-ssl: "false" - state-level-tenant-id: "pg" - - egov-service-host: - namespace: [ egov , works ] - data: - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - - attendance-service: "http://attendance.works:8080/" - contract-service: "http://contracts.works:8080/" - muster-roll-service: "http://muster-roll.works:8080/" - project-management-system: "http://project.works:8080/" - estimate-service: "http://estimates.works:8080/" - organisation: "http://organisation.works:8080/" - bankaccounts: "http://bankaccounts.works:8080/" - expense-calculator: "http://expense-calculator.works:8080/" - expense: "http://expense.works:8080/" - works-management-service: "http://works-management-service.works:8080/" - individual: "http://individual.works:8080/" - works-pdf: "http://works-pdf.works:8080/" - - audit-service: "http://audit-service.egov:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-otp: "http://egov-otp:8080/" - minio-url: "http://minio.backbone:9000/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - loi-service: "http://loi-service.works:8080/" - location: "http://location:8080/" - pdf-service: "http://pdf-service.egov:8080/" - user-otp: "http://user-otp:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening.egov:8080/" - inbox: "http://inbox.egov:8080/" - -#########---Works---######### - -estimate-service: - tracing-enabled: true - java-enable-debug: true - estimate-default-limit: 100 - estimate-search-max-limit: 200 - estimate-workflow-business-service: "ESTIMATE" - -loi-service: - tracing-enabled: true - workflow.loi.business.service.name: "loi-approval-4" - -attendance-service: - tracing-enabled: true - java-enable-debug: true - attendance-register-default-offset: 0 - attendance-register-default-limit: 10 - attendance-register-search-max-limit: 100 - attendance-individual-service-integration-required: false - attendance-staff-service-integration-required: false - attendance-document-id-verification-required: false - attendance-register-open-search-enabled-roles: "SUPERUSER" - -contract-service: - tracing-enabled: true - java-enable-debug: true - contract-default-offset: 0 - contract-default-limit: 10 - contract-search-max-limit: 50 - works-contract-service-code: "WORKS-CONTRACT" - contract-workflow-business-service: "CONTRACT" - contract-workflow-module-name: "contract-service" - contract-cbo-url-host : "https://works-qa.digit.org" - contract-cbo-url-endpoint : "/works-shg-app" - -# project-management-system: -# tracing-enabled: true -# java-enable-debug: true -# project-default-offset: 0 -# project-default-limit: 100 -# project-search-max-limit: 200 -# project-mdms-module: "works" -# egov-location-hierarchy-type: "ADMIN" - -project: - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - project-mdms-module: "works" - egov-location-hierarchy-type: "ADMIN" - -muster-roll-service: - tracing-enabled: true - java-enable-debug: true - musterroll-default-offset: 0 - musterroll-default-limit: 100 - musterroll-search-max-limit: 200 - musterroll-workflow-business-service: "MR" - works-attendance-log-search-endpoint: "attendance/log/v1/_search" - works-attendance-register-search-endpoint: "attendance/v1/_search" - works-attendance-register-search-limit: 100 - muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" - works-individual-search-endpoint: "individual/v1/_search" - works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" - works-contract-service-code: "WORKS-CONTRACT" - notification-sms-enabled: "true" - -organisation: - tracing-enabled: true - java-enable-debug: true - org-default-limit: 100 - org-search-max-limit: 200 - egov-location-hierarchy-type: "ADMIN" - works-cbo-url-host: "https:/works-qa.digit.org" - works-cbo-url-endpoint: "/works-shg-app" - -bankaccounts: - tracing-enabled: true - java-enable-debug: true - bank-account-default-limit: 100 - bank-account-search-max-limit: 200 - -individual: - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - -works-management-service: - tracing-enabled: true - java-enable-debug: true - - - -expense-calculator: - tracing-enabled: true - java-enable-debug: true - -expenses-billing: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - bill-kafka-topic: "bill" - -expense: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" - -works-inbox-service: - java-enable-debug: true - tracing-enabled: true - -#########---core-services---######### - -audit-service: - persist-yml-path: https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-management-system-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "QA" - -egov-mdms-service: - mdms-path: "/work-dir/works-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-mdms-data" - branch: "QA" - mdms-folder: "works-mdms-data" - java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" - -egov-filestore: - is-s3-enabled: "true" - fixed-bucketname: "works-qa-filestore" - minio-enabled: false - aws.s3.url : "https://s3.amazonaws.com" - is-bucket-fixed: "true" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - -egov-user: - replicas: "1" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - state-level-tenant-id: "pg" - java-enable-debug: true - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-persister: - persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "QA" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "QA" - egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - java-enable-debug: true - heap: "-Xmx192m -Xms192m" - employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 2 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" - eventlog-enabled: "true" - eventlog-topic: "zuul-event-log" - eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -########################################## - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - egov-url-shorten-hashid-salt: "randomsalt" - egov-url-shorten-hashid-min-length: "5" -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" - - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -pdf-service: - replicas: 1 - memory_limits: 1.5Gi - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "QA" - data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" - format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "QA" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-user-chatbot: - egov-state-level-tenant-id: "pg" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -works-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -works-shg-app: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - #metrics: - enabled: true - serviceMonitor: - enabled: true - service: - prometheusRule: - enabled: true - -cert-manager: - email: "devops-team@egov.org.in" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -inbox: - service-map : '{}' - bs-service-map : '{}' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "es-client.es-cluster" - es-port: "9200" - - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -minio: - mode: distributed - persistence: - enabled: true - aws: - - volumeId: "vol-0393fa1f3c5cd57e7" - zone: ap-south-1a - - volumeId: "vol-0a90fced10336cf2d" - zone: ap-south-1a - - volumeId: "vol-052f5b02391cf572e" - zone: ap-south-1a - - volumeId: "vol-024b629a7e1a01ec7" - zone: ap-south-1a - -postgres: - persistence: - enabled: true - dataDirSize: 30Gi - aws: - volumeId: "vol-0cd581235fc577fbf" - postgresDatabase: works_qa_db - -kafka-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-06e1bfdc067286d92" - zone: ap-south-1a - - volumeId: "vol-06f19fc74f9e66c6b" - zone: ap-south-1a - - volumeId: "vol-05d04c8e05bbe19cb" - zone: ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - persistence: - enabled: true - aws: - - volumeId: "vol-02461920d5bc17e2c" - zone: ap-south-1a - - volumeId: "vol-027adf626596b0600" - zone: ap-south-1a - - volumeId: "vol-0121393132c8de41b" - zone: ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-036a386d7058d1fa8" - zone: ap-south-1a - - volumeId: "vol-0be443e8b49ecf3bc" - zone: ap-south-1a - - volumeId: "vol-050c6a2beed14aeec" - zone: ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-031b81b02807f409a" - zone: ap-south-1a - - volumeId: "vol-032f19b57fb1741b6" - zone: ap-south-1a - - volumeId: "vol-08ee85f411cdd45be" - zone: ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -#logging >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluentd: - images: - - egovio/fluentd:v0.1.9 - target_env: qa - -delete-old-logs-in-es: - images: - - egovio/elasticsearch-curator-5-0-2:0.0.2 - days: 1 - schedule: "0 12 * * *" - target_env: qa - -logrotate: - images: - - egovio/logrotate:0.1 - logrotate-interval: daily -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egovqadb.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_pb_db" - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:0.14.9 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kibana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kibana-v1: - replicas: 1 - images: - - docker.elastic.co/kibana/kibana:6.4.2 - es-url: "http://elasticsearch-client-v1:9200" - external_port: 5601 - service_type: LoadBalancer - server-basepath: "/kibana" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-uat,devops,works" - upstreams = [ "file:///dev/null" ] - -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "staging" - - minio: - mode: distributed - disableWebUI: false - persistence: - enabled: true - dataDirSize: 10G - aws: - - volumeId: "vol-0085073c65f7568a3" - zone: ap-south-1a - - volumeId: "vol-031fa52f18391ddab" - zone: ap-south-1a - - volumeId: "vol-054c367d60f236577" - zone: ap-south-1a - - volumeId: "vol-015c0f14cb3927c68" - zone: ap-south-1a - ingress: - hostName: minio-staging.digit.org From 85760007cb3a98238eabf58287f9cc5eacfbfafc Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 29 Sep 2023 18:52:35 +0530 Subject: [PATCH 320/742] added annotation in the root-ingress.yaml file --- .../charts/cluster-configs/templates/ingress/root-ingress.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml index 1468c6ccb2..ee0ca6d57b 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/ingress/root-ingress.yaml @@ -5,6 +5,7 @@ metadata: annotations: {{- if ne .appRoot ""}} nginx.ingress.kubernetes.io/app-root: /{{ .appRoot }} + kubernetes.io/ingress.class: nginx {{- end }} {{- if ne $.Values.global.setup "quickstart" }} #certmanager.k8s.io/cluster-issuer: {{ index . "cert-issuer" }} From 09c2a66e8c50ce05503b9f9af5d9d93ce8ddd56f Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 3 Oct 2023 12:50:49 +0530 Subject: [PATCH 321/742] added sanitation-qa env (#2014) * updated sanitation env and the secrets.yaml file * updated oauth2-proxy in unified-qa env's * updated oauth2-proxy in unified-qa env's * updated oauth2-proxy in unified-qa env's --------- Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 4 + .../helm/charts/cluster-configs/values.yaml | 4 +- .../environments/sanitation-qa-secrets.yaml | 67 ++ .../helm/environments/sanitation-qa.yaml | 710 ++++++++++++++++++ .../helm/environments/unified-qa-secrets.yaml | 20 +- .../helm/environments/unified-qa.yaml | 9 +- 6 files changed, 803 insertions(+), 11 deletions(-) create mode 100644 deploy-as-code/helm/environments/sanitation-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/sanitation-qa.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index a63a153a8e..513d58bc03 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -31,6 +31,10 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/sanitation\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-urban\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 94c4e286b4..ef110aa8af 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: [ egov, works, health, urban ] + namespace: [ egov, works, health, urban, sanitation ] name: db-service port: 5432 targetPort: 5432 @@ -36,7 +36,7 @@ cluster-configs: secrets: db: - namespace: [ egov, works, health, urban ] + namespace: [ egov, works, health, urban, sanitation ] name: db egov-notification-sms: diff --git a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml new file mode 100644 index 0000000000..a6d83beff9 --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml @@ -0,0 +1,67 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] + password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] + flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] + flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] + password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] + aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] + admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] + read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] + read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] + master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] + master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] + known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] + si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] + valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] + clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-09-26T16:11:43Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + gcp_kms: [] + lastmodified: '2023-09-26T16:23:25Z' + mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.0.0 diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml new file mode 100644 index 0000000000..53b272cb26 --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -0,0 +1,710 @@ +global: + domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + ifms-jit: https://uat.odishatreasury.gov.in + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +estimate-service: + memory_limits: 512Mi + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +individual: + namespace: works + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sanitation-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml index a6d83beff9..969921f8ba 100644 --- a/deploy-as-code/helm/environments/unified-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-qa-secrets.yaml @@ -51,17 +51,21 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] - clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + clientID: ENC[AES256_GCM,data:63LswFTU8hO4dPN23VUDw1SefcA=,iv:t6aRfonLQGwgw1eo9tf8KJ+8n9DfLIyBFCC6PU+2LH0=,tag:OkZTlZFIUOmsNtyg5DF58A==,type:str] + clientSecret: ENC[AES256_GCM,data:nkT2zh02dhSa8YiTwIKWySG846VJ7lHpYkgEURDHnkWtpPevE7+0pg==,iv:qVg22Im0sIRYoZsTBQWvft56VgUxWZSYHFg/xgjSuGU=,tag:rY+DWG+eIA1w2oEvjcgpvg==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-09-26T16:11:43Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-09-26T16:11:43Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-09-26T16:23:25Z' - mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-03T06:46:57Z" + mac: ENC[AES256_GCM,data:GQVRWjxrVvl+GnkI8Nc4eCvhzvT+CdrYrSvWUenufG89ZApA2fcgo9RNO6KEfn5bzvC5Px76eRC1nwll9ui91Ss7o85sgKyxlrG+zGmdeamuL4+o8TdUHJTismHfZ9mlmdsofPx2pdf4WkP+5Co+QtCCuhJrTi2cBaULaXuIYQ0=,iv:SwckWqQZ3VvIB4Z4lHSu4CN5MLvmzIQm6ctaZZ9WZ90=,tag:Y58I70iwOxEkJMEstgAqxA==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.0.0 + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 9fb11c2322..20b012fca2 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -395,7 +395,14 @@ nginx-ingress: cert-manager: email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-qa" + upstreams = [ "file:///dev/null" ] + zuul: replicas: 1 custom-filter-property: "false" From 012e4b1084fc497aeff98c6a236be53a1d0aed8a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 3 Oct 2023 17:25:34 +0530 Subject: [PATCH 322/742] added alert manager configuration in unified-qa-secrets --- .../helm/environments/unified-qa-secrets.yaml | 30 +++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml index 969921f8ba..7f391b6f06 100644 --- a/deploy-as-code/helm/environments/unified-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-qa-secrets.yaml @@ -54,6 +54,32 @@ cluster-configs: clientID: ENC[AES256_GCM,data:63LswFTU8hO4dPN23VUDw1SefcA=,iv:t6aRfonLQGwgw1eo9tf8KJ+8n9DfLIyBFCC6PU+2LH0=,tag:OkZTlZFIUOmsNtyg5DF58A==,type:str] clientSecret: ENC[AES256_GCM,data:nkT2zh02dhSa8YiTwIKWySG846VJ7lHpYkgEURDHnkWtpPevE7+0pg==,iv:qVg22Im0sIRYoZsTBQWvft56VgUxWZSYHFg/xgjSuGU=,tag:rY+DWG+eIA1w2oEvjcgpvg==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:2mo=,iv:eAPZwktBjdmKkNm6FtngryqHDVWN3CuELOAiVjIa4RE=,tag:Po9XVVZ+rS3/HL9kqG2yYw==,type:str] + route: + receiver: ENC[AES256_GCM,data:uNg7j4jIs27VvafcWoA/gKRNTQ==,iv:OOGxmKEKhdcgqkZyr/my8B2PTNt8nOtKr0+Cn8FT8HM=,tag:HGZmr/DUb7qXW3dwyEesCQ==,type:str] + group_by: + - ENC[AES256_GCM,data:UMYHY0EARikd,iv:vUPiIEHvF4Kj9eiwe8Q3/lPlraXuoVof5lz/p1ptSTY=,tag:NUz+5aZqlRUf299GETD5qg==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:hSmLKhIdIuzJqDZtMSG9ChCeDw==,iv:B6bR3P8hpvrSYgkVvlnXULseZeJ3OP1/Pm9yMm27FWo=,tag:X+FreSX4COYCo1DE1KzS4Q==,type:str] + match: + alertname: ENC[AES256_GCM,data:C53S2ZfIgKo=,iv:zi6Mg431sLhGHVD97xUC8Y6WXQD31ygMID7cshXF7pg=,tag:dwQymJBTHNUWcq91/pNkxg==,type:str] + group_wait: ENC[AES256_GCM,data:duaD,iv:Zx3lQF9iCLMh7tT3M/qVaIYNGTN2D++qnxzW/0WlgYE=,tag:NMmE4x8DWAU+XeG5fVsliw==,type:str] + group_interval: ENC[AES256_GCM,data:iaA=,iv:cfTvairmzmpO+i9UBHoHfri8SpTZDjru3QPepddPXhg=,tag:7hjNuCm1JeATqRkg5lE7vw==,type:str] + repeat_interval: ENC[AES256_GCM,data:OGKJ,iv:1t/J0JxpmkZuGwJirzIrhOKiP0fopifVykV9W9w92FA=,tag:HNmT2Q/BlcFvy6cJ3TLCbw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:nBL9oIOzPbD4qnAGWx90p6J1xg==,iv:cry0UsoDQYBL0EVUO9cPyyNuSIgOe70So3GQ5t/ahYY=,tag:+NBMieV/gKIkkOhzERZP8w==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:LbzvlA==,iv:y29Oy6D7xpGniaM6UTNHA9xuawGub6VTAnc0/DJjxlw=,tag:E1ObmtQy4zhcyZZe6rPm3w==,type:bool] + api_url: ENC[AES256_GCM,data:pn2fKrMNz4dXDjYAdLlXX0kFoPZ5ndZ/qilywg0TMcx+QpNNpYp1NISUq1JkC+GqkxtA+eDAbg+MgchV8byeip1Efg3pqOFbBZ29rFuWWg==,iv:4X7zcUCm9POeydd/nznnue5GvrNIXleE0eMsRs4fNeI=,tag:osHw4ebXaZV/tUULNer3Tg==,type:str] + channel: ENC[AES256_GCM,data:K6BHyvsAJyVYiqBo6CG22c6gIE3veQ==,iv:kL7JrFjlOr4jghEsaj2CRc40T5TUPE2mvT4gHO/XfNY=,tag:tzpx0e/fI3br+mIu8QqKOQ==,type:str] + username: ENC[AES256_GCM,data:C/yOOXZCPz1D5Hw7,iv:FKDzcjopFXDPajboisgHokdo2gNimoX/BUVWIB2H6kM=,tag:1b8j8nnLnRN0E9OB72tt5g==,type:str] + title: ENC[AES256_GCM,data:Jl3sUqACE7tv8+njQQ6YuVW7EdkDQxVMwH1ptkRBgJZDl3HkZMo=,iv:mcP4fSOWpDIaoKmN6YAjugEYx9rxiGUzrw20StE5e/8=,tag:dPgk9s67zk9cJ16B7mJNQA==,type:str] + text: ENC[AES256_GCM,data:83QUrTZvbJnwq0a+Q/HvaXL35areXuxGHLaI7DKClX8g4iMA6A==,iv:fhwhQkD7BjQDRtpoDxiQ5ca4G4ugEYDlygBh+lTtxdI=,tag:ih4jmpb8mST9aPb1VV0ynw==,type:str] + templates: + - ENC[AES256_GCM,data:iN1aHpMaouIxIGB244BCVYeYZ9G/ZEC6+CmpFWBmkXEkALyQovp5SFIib+OeQT/nYDAPiGDuwmjXqC6L/rItrTwTu3INgYA=,iv:cU5bwd9CQvp/ZumUO2+LCE16mfn0EnwLRp5LOEtOGso=,tag:4Gc3WAq7Y43J+8ZhtW707Q==,type:str] sops: kms: - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 @@ -64,8 +90,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-03T06:46:57Z" - mac: ENC[AES256_GCM,data:GQVRWjxrVvl+GnkI8Nc4eCvhzvT+CdrYrSvWUenufG89ZApA2fcgo9RNO6KEfn5bzvC5Px76eRC1nwll9ui91Ss7o85sgKyxlrG+zGmdeamuL4+o8TdUHJTismHfZ9mlmdsofPx2pdf4WkP+5Co+QtCCuhJrTi2cBaULaXuIYQ0=,iv:SwckWqQZ3VvIB4Z4lHSu4CN5MLvmzIQm6ctaZZ9WZ90=,tag:Y58I70iwOxEkJMEstgAqxA==,type:str] + lastmodified: "2023-10-03T11:52:40Z" + mac: ENC[AES256_GCM,data:IDD4AtVQAkRR9L5IQJXoWxxD1+hU6qQ5FQ6B0flCnvnbxdVBqBHqg5QveHpfpIotzi01sviTK0pv0T8p/anxfH6f/XDu8wh7NgPm0dQ7JXzdHjRg2bzRB+Q3aVMJaWR/An6Td53E/J0ibUDXEroyX4FzMNyfDcTOdvJPuGor+Jk=,iv:QmZd4hsRzBdATZdxRDaNTGlvPuG1ovNY446gkRFgOEA=,tag:BkevFWOcTwgP2u143+foVw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 From 896fe75e9a681a936d0511cc77d45bb852f77ae7 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 4 Oct 2023 15:31:42 +0530 Subject: [PATCH 323/742] SM-3160 Adding helm chart config for PQM Scheduler (#2016) --- .../charts/sanitation/pqm-cronjob/Chart.yaml | 26 +++++++++++ .../pqm-cronjob/templates/cronjob.yaml | 2 + .../charts/sanitation/pqm-cronjob/values.yaml | 45 +++++++++++++++++++ .../helm/environments/sanitation.yaml | 3 ++ 4 files changed, 76 insertions(+) create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml new file mode 100644 index 0000000000..143c7f9f35 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: pqm-cronjob +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml new file mode 100644 index 0000000000..74d9de7ea4 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml @@ -0,0 +1,2 @@ +# cronjob.yaml +{{- template "common.cronjob" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml new file mode 100644 index 0000000000..793c76c492 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml @@ -0,0 +1,45 @@ +# Common Labels +labels: + app: "pqm-cronjob" + group: "rainmaker" + +namespace: sanitation + +cron: + schedule: "0 0 * * *" + +# Container Configs +image: + repository: "egovio/pqm-cronjob" + tag: "latest" + +command: + - "python3" + - "cronJobAPIConfig.py" + + +# Additional Container Envs +env: | + - name: TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: state-level-tenant-id + - name: USER_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: PQM_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pqm + {{- if index .Values "user-name" }} + - name: USER_NAME + value: {{ index .Values "user-name" | quote }} + {{- end }} +resources: | + requests: {} + + \ No newline at end of file diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 8d21fe7226..4a0a8edeae 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -222,6 +222,9 @@ inbox: java-debug: true tracing-enabled: "true" +pqm-cronjob: + user-name: "PQM_SERVICE_CRONJOB" + sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" From 5295b589ec460a562a6a7fcc319384b296a3ab3d Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 4 Oct 2023 16:25:01 +0530 Subject: [PATCH 324/742] added state level tenant id for works qa (#2017) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 657fa06bd8..94450602b2 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -20,6 +20,7 @@ cluster-configs: egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name egov-state-level-tenant-id: "pg" + state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From 03bf77830c8e5ed73cb8ba8d7ecbd34f76974c59 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 4 Oct 2023 17:10:52 +0530 Subject: [PATCH 325/742] SM-3160 updating helm chart for pqm scheduler (#2019) * SM-3160 Updating helm chart config for PQM Scheduler * SM-3142 Updating helm chart config for PQM --- .../sanitation/{pqm-cronjob => pqm-scheduler}/Chart.yaml | 2 +- .../{pqm-cronjob => pqm-scheduler}/templates/cronjob.yaml | 0 .../sanitation/{pqm-cronjob => pqm-scheduler}/values.yaml | 4 ++-- 3 files changed, 3 insertions(+), 3 deletions(-) rename deploy-as-code/helm/charts/sanitation/{pqm-cronjob => pqm-scheduler}/Chart.yaml (97%) rename deploy-as-code/helm/charts/sanitation/{pqm-cronjob => pqm-scheduler}/templates/cronjob.yaml (100%) rename deploy-as-code/helm/charts/sanitation/{pqm-cronjob => pqm-scheduler}/values.yaml (92%) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml similarity index 97% rename from deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml rename to deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml index 143c7f9f35..3afbbb3137 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/Chart.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -name: pqm-cronjob +name: pqm-scheduler description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/templates/cronjob.yaml similarity index 100% rename from deploy-as-code/helm/charts/sanitation/pqm-cronjob/templates/cronjob.yaml rename to deploy-as-code/helm/charts/sanitation/pqm-scheduler/templates/cronjob.yaml diff --git a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml similarity index 92% rename from deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml rename to deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml index 793c76c492..3b6756bed4 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-cronjob/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml @@ -1,6 +1,6 @@ # Common Labels labels: - app: "pqm-cronjob" + app: "pqm-scheduler" group: "rainmaker" namespace: sanitation @@ -10,7 +10,7 @@ cron: # Container Configs image: - repository: "egovio/pqm-cronjob" + repository: "egovio/pqm-scheduler" tag: "latest" command: From 1e5576da6c60c6deaafd9116246863f62b4bf736 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 4 Oct 2023 17:31:44 +0530 Subject: [PATCH 326/742] Update Chart.yaml for pqm scheduler (#2020) --- deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml index 3afbbb3137..f1eda62370 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../common From 254d43bee92bf460602f777457502a35c4b23962 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Thu, 5 Oct 2023 14:37:02 +0530 Subject: [PATCH 327/742] SM-3142 helm chart config for PQM Service (#2004) * SM-3142 helm chart config for PQM Service * SM-3142 Updating helm chart config for PQM --- .../charts/sanitation/pqm-service/Chart.yaml | 26 ++++ .../pqm-service/templates/deployment.yaml | 2 + .../pqm-service/templates/ingress.yaml | 2 + .../pqm-service/templates/service.yaml | 2 + .../charts/sanitation/pqm-service/values.yaml | 118 ++++++++++++++++++ .../helm/environments/sanitation.yaml | 9 +- 6 files changed, 158 insertions(+), 1 deletion(-) create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/Chart.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/Chart.yaml new file mode 100644 index 0000000000..b89aa99442 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: pqm-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.1.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml new file mode 100644 index 0000000000..abef1c5699 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml @@ -0,0 +1,118 @@ +namespace : sanitation +# Common Labels +labels: + app: "pqm-service" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "pqm-service" + namespace : egov + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "pqm_services_schema" + image: + repository: "pqm-service-db" + +# Container Configs +image: + repository: "pqm-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/pqm-service/health" + readinessProbePath: "/pqm-service/health" +appType: "java-spring" +tracing-enabled: true +memory_limits: 512Mi +heap: "-Xmx384m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" +#egov.idgen.pqm.applicationNum.format: "[CITY.CODE]-FSM-[cy:yyyy-MM-dd]-[SEQ_EGOV_FSM]" + +# Additional Container Envs +env: | + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: WORKFLOW_CONTEXT_PATH + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: WORKFLOW_TRANSITION_PATH + value: "egov-workflow-v2/egov-wf/process/_transition" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-pqm-service + - name: PERSISTER_SAVE_FSM_TOPIC + value: save-pqm-application + - name: PERSISTER_UPDATE_FSM_TOPIC + value: update-pqm-application + - name: PERSISTER_UPDATE_FSM_WORKFLOW_TOPIC + value: update-pqm-workflow-application + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 4a0a8edeae..cdb6b7c3b3 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -135,6 +135,7 @@ cluster-configs: fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ @@ -215,7 +216,13 @@ fsm: heap: "-Xmx256m -Xms256m" java-debug: true tracing-enabled: "true" - + +pqm: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + inbox: memory_limits: 512Mi heap: "-Xmx512m -Xms256m" From 6bb580efa60ce992a02adc459e08c71942f256d0 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 5 Oct 2023 15:15:15 +0530 Subject: [PATCH 328/742] updated gov-service-host im unified-works env --- .../helm/environments/unified-works-qa.yaml | 741 +++++++++--------- 1 file changed, 390 insertions(+), 351 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 94450602b2..e27da210e1 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -46,8 +46,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -58,31 +58,32 @@ cluster-configs: data-sync-employee: "http://data-sync-employee:8080/" egov-common-masters: "http://egov-common-masters:8080/" egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" egf-voucher: "http://egf-voucher:8080/" egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" + egov-mdms-service-v2: "http://mdms-v2.egov:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -96,6 +97,7 @@ cluster-configs: lcms-workflow: "http://lcms-workflow:8080/" lcms-services: "http://lcms-services:8080/" location: "http://location:8080/" + audit-service: "http://audit-service.egov:8080/" performance-assessment: "http://performance-assessment:8080/" pt-property: "http://pt-property:8080/" pt-workflow: "http://pt-workflow:8080/" @@ -107,7 +109,7 @@ cluster-configs: pgr-master: "http://pgr-master:8080/" pgr-rest: "http://pgr-rest:8080/" pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" + report: "http://report.egov:8080/" swm-services: "http://swm-services:8080/" tenant: "http://tenant:8080/" tl-masters: "http://tl-masters:8080/" @@ -115,7 +117,7 @@ cluster-configs: tl-workflow: "http://tl-workflow:8080/" tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" + user-otp: "http://user-otp.egov:8080/" firenoc-services: "http://firenoc-services:8080/" firenoc-calculator: "http://firenoc-calculator:8080/" egov-apportion-service: "http://egov-apportion-service:8080/" @@ -131,85 +133,292 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" attendance-service: "http://attendance.works:8080/" - bankaccounts: "http://bankaccounts.works:8080/" contract-service: "http://contracts.works:8080/" + muster-roll-service: "http://muster-roll.works:8080/" + project-management-system: "http://project.egov:8080/" + project: "http://project.egov:8080/" estimate-service: "http://estimates.works:8080/" + organisation: "http://organisation.works:8080/" + bankaccounts: "http://bankaccounts.works:8080/" expense-calculator: "http://expense-calculator.works:8080/" expense: "http://expense.works:8080/" + ifms-jit: https://uat.odishatreasury.gov.in ifms-adapter: "http://ifms-adapter.works:8080/" - individual: "http://individual.works:8080/" - organisation: "http://organisation.works:8080/" - muster-roll-service: "http://muster-roll.works:8080/" - works-pdf: "http://works-pdf.works:8080/" works-management-service: "http://works-management-service.works:8080/" - project-management-system: "http://project.works:8080/" - ifms-jit: https://uat.odishatreasury.gov.in - household: "http://household.works:8080/" - product: "http://product.works:8080/" - facility: "http://facility.works:8080/" + individual: "http://individual.egov:8080/" + works-pdf: "http://works-pdf.works:8080/" + loi-service: "http://loi-service.works:8080/" + household: "http://household:8080/" + product: "http://product:8080/" + facility: "http://facility:8080/" + measurement: "http://measurement-service.works:8080/" + ifms-adapter: "http://ifms-adapter.works:8080/" + measurement-service: "http://measurement-service.works:8080/" + measurement-registry: "http://measurement-registry.works:8080/" + +estimate-service: + tracing-enabled: true + java-enable-debug: true + estimate-default-limit: 100 + estimate-search-max-limit: 200 + estimate-workflow-business-service: "ESTIMATE" + +loi-service: + tracing-enabled: true + workflow.loi.business.service.name: "loi-approval-4" + +attendance-service: + tracing-enabled: true + java-enable-debug: true + attendance-register-default-offset: 0 + attendance-register-default-limit: 10 + attendance-register-search-max-limit: 100 + attendance-individual-service-integration-required: false + attendance-staff-service-integration-required: false + attendance-document-id-verification-required: false + attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON" + organisation-contact-details-update-topic: organisation.contact.details.update + contracts-revision-topic: "contracts-revision" + +contract-service: + tracing-enabled: true + java-enable-debug: true + contract-default-offset: 0 + contract-default-limit: 10 + contract-search-max-limit: 50 + works-contract-service-code: "WORKS-CONTRACT" + contract-workflow-business-service: "CONTRACT" + contract-workflow-revision-business-service: "CONTRACT-REVISION" + contracts-revision-topic: "contracts-revision" + contract-workflow-module-name: "contract-service" + contract-cbo-url-host : "https://works-qa.digit.org" + contract-cbo-url-endpoint : "/works-shg-app" + +# project-management-system: +# tracing-enabled: true +# java-enable-debug: true +# project-default-offset: 0 +# project-default-limit: 100 +# project-search-max-limit: 200 +# project-mdms-module: "works" +# egov-location-hierarchy-type: "ADMIN" + +project: + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + project-mdms-module: "works" + egov-location-hierarchy-type: "ADMIN" + +muster-roll-service: + tracing-enabled: true + java-enable-debug: true + musterroll-default-offset: 0 + musterroll-default-limit: 100 + musterroll-search-max-limit: 200 + musterroll-workflow-business-service: "MR" + works-attendance-log-search-endpoint: "attendance/log/v1/_search" + works-attendance-register-search-endpoint: "attendance/v1/_search" + works-attendance-register-search-limit: 100 + muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" + works-individual-search-endpoint: "individual/v1/_search" + works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" + works-contract-service-code: "WORKS-CONTRACT" + notification-sms-enabled: "true" + +organisation: + tracing-enabled: true + java-enable-debug: true + org-default-limit: 100 + org-search-max-limit: 200 + egov-location-hierarchy-type: "ADMIN" + works-cbo-url-host: "https:/works-qa.digit.org" + works-cbo-url-endpoint: "/works-shg-app" + organisation-contact-details-update-topic: organisation.contact.details.update + +bankaccounts: + tracing-enabled: true + java-enable-debug: true + bank-account-default-limit: 100 + bank-account-search-max-limit: 200 + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +works-management-service: + tracing-enabled: true + java-enable-debug: true + +ifms-adapter: + tracing-enabled: true + java-enable-debug: true + payment-create-topic: "expense-payment-create" + egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" + ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" + ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" + egov-bill-search-limit: 10 + +ifms-cronjob-pa: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-va: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pis: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pag: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-fd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftps: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftfps: + user-name: "IFMS_CRONJOB" + +expense-calculator: + tracing-enabled: true + java-enable-debug: true + +expenses-billing: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + bill-kafka-topic: "bill" + +expense: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" + +works-inbox-service: + java-enable-debug: true + tracing-enabled: true + +#########---core-services---######### + +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-mdms-service: + mdms-path: "/work-dir/works-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-mdms-data" + branch: "QA" + mdms-folder: "works-mdms-data" + java-args: -Dspring.profiles.active=monitoring + masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" + fixed-bucketname: "works-qa-filestore" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + aws.s3.url : "https://s3.amazonaws.com" + is-bucket-fixed: "true" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-user: + replicas: "1" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + state-level-tenant-id: "pg" + java-enable-debug: true egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" -estimate-service: - memory_limits: 512Mi +egov-persister: + persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "true" + wf-max-limit: "10000" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + java-enable-debug: true + heap: "-Xmx192m -Xms192m" + employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" sms.provider.class: "Generic" sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" sms-sender-requesttype: "GET" sms-custom-config: "true" sms-extra-req-params: "mtype=N&DR=Y" @@ -220,185 +429,132 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -individual: - namespace: works - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true +zuul: + replicas: 2 + custom-filter-property: "false" tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" + egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" + eventlog-enabled: "true" + eventlog-topic: "zuul-event-log" + eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" +########################################## -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring +egov-url-shortening: + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + egov-url-shorten-hashid-salt: "randomsalt" + egov-url-shorten-hashid-min-length: "5" +# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" +egov-common-workflows: + db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -pgr-services: +egov-workflow: + heap: "-Xmx256m -Xms256m" memory_limits: 512Mi -egov-data-uploader: + +pdf-service: + replicas: 1 + memory_limits: 1.5Gi initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" + format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + + +# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-user-chatbot: + egov-state-level-tenant-id: "pg" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +works-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" +works-shg-app: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/works-configs" + branch: "QA" dashboard-ingest: + topic-incoming-collection: "dss-collection-update" + es-index-name: "dss-collection_v2" + es-push-direct: "true" config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + repo: "git@github.com:egovernments/configs" + branch: "staging" -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" +nginx-ingress: replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + #metrics: + enabled: true + serviceMonitor: + enabled: true + service: + prometheusRule: + enabled: true -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" +cert-manager: + email: "devops-team@egov.org.in" + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: @@ -408,109 +564,36 @@ redoc: service_type: LoadBalancer # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + spring-datasource-tomcat-max-active: 5 # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - - +inbox: + service-map : '{}' + bs-service-map : '{}' # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-config: + data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" + kafka-config: topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" kafka-brokers: "kafka-v2.kafka-cluster:9092" logging-config: - es-host: "elasticsearch-client-v1.es-cluster" + es-host: "es-client.es-cluster" es-port: "9200" + jaeger: host: "jaeger-agent.monitoring" port: "6831" @@ -520,55 +603,15 @@ jaeger: samplingConfig: | { "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, { "service": "report-service", "type": "probabilistic", "param": 0.5 }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, { "service": "egov-hrms", "type": "probabilistic", "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 } ], "default_strategy": { @@ -576,6 +619,7 @@ jaeger: "param": 0.05 } } +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< # redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redis: @@ -584,11 +628,6 @@ redis: - egovio/redis:3.2 # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -playground: - replicas: 1 - images: - - egovio/playground:1.3 - # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> fluent-bit: images: From ab97633a2e980f5e53957ac7e718607c041fceaf Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Sat, 7 Oct 2023 19:18:11 +0530 Subject: [PATCH 329/742] Update sanitation-qa.yaml --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 53b272cb26..d14e1759b9 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" + egov-state-level-tenant-id: "pb" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From 1eb2bf8f4f9a344b36b75d0033eefcb4d1555cab Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Sat, 7 Oct 2023 14:38:55 +0000 Subject: [PATCH 330/742] Update sanitation-qa.yaml --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index d14e1759b9..53b272cb26 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pb" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From e9655a5faddaefc2f666966163586a1811e9c8eb Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 9 Oct 2023 12:36:04 +0530 Subject: [PATCH 331/742] Update unified-qa.yaml --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 20b012fca2..938e252391 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -483,7 +483,7 @@ egov-hrms: kafka-config: topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" logging-config: es-host: "elasticsearch-client-v1.es-cluster" From 4e31d80a563c0e9bfb9a65486b596d4e1cc0fe92 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 9 Oct 2023 12:40:46 +0530 Subject: [PATCH 332/742] Update unified-qa.yaml --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 938e252391..8ae7996570 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 42dcc86533c2de0d331b19154a3850e3cdb79750 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 10 Oct 2023 10:35:19 +0530 Subject: [PATCH 333/742] added unified-uat env's in unified-env branch (#2026) Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 30 +- .../environments/sanitation-uat-secrets.yaml | 129 +++ .../helm/environments/sanitation-uat.yaml | 729 +++++++++++++++++ .../unified-health-uat-secrets.yaml | 129 +++ .../helm/environments/unified-health-uat.yaml | 694 ++++++++++++++++ .../environments/unified-uat-secrets.yaml | 129 +++ .../helm/environments/unified-uat.yaml | 691 ++++++++++++++++ .../unified-urban-uat-secrets.yaml | 129 +++ .../helm/environments/unified-urban-uat.yaml | 686 ++++++++++++++++ .../unified-works-uat-secrets.yaml | 129 +++ .../helm/environments/unified-works-uat.yaml | 754 ++++++++++++++++++ 11 files changed, 4226 insertions(+), 3 deletions(-) create mode 100644 deploy-as-code/helm/environments/sanitation-uat-secrets.yaml create mode 100644 deploy-as-code/helm/environments/sanitation-uat.yaml create mode 100644 deploy-as-code/helm/environments/unified-health-uat-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-health-uat.yaml create mode 100644 deploy-as-code/helm/environments/unified-uat-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-uat.yaml create mode 100644 deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-urban-uat.yaml create mode 100644 deploy-as-code/helm/environments/unified-works-uat-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-works-uat.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index 513d58bc03..f7032596c9 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -7,6 +7,14 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' + - path_regex: environments/sanitation\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/sanitation\-uat\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' @@ -15,6 +23,10 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-uat\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' @@ -23,6 +35,10 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-works\-uat\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-health\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' @@ -31,10 +47,18 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - path_regex: environments/sanitation\-qa\-secrets\.yaml$ + - path_regex: environments/unified\-health\-uat\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - path_regex: environments/unified\-urban\-dev\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-urban\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-urban\-uat\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' \ No newline at end of file diff --git a/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml b/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml new file mode 100644 index 0000000000..60d9b45184 --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml @@ -0,0 +1,129 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] + password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] + flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] + flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] + + egov-notification-sms: + username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] + password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] + + egov-filestore: + aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + + egov-location: + gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] + + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] + + pgadmin: + admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] + admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] + read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] + read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] + + egov-enc-service: + master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] + master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] + master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] + + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] + + git-sync: + ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] + known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] + + kibana: + namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] + credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] + + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] + + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] + + chatbot: + valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] + valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] + + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] + + oauth2-proxy: + clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] + clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] + route: + receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] + group_by: + - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] + match: + alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] + group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] + group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] + repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] + api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] + channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] + username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] + title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] + text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] + templates: + - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-10-09T10:33:39Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-09T10:33:39Z" + mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + pgp: + - created_at: "2023-10-09T10:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB + ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W + Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 + 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj + W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle + ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 + MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL + nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== + =gDUX + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml new file mode 100644 index 0000000000..b3de7890cf --- /dev/null +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -0,0 +1,729 @@ +global: + domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +sanitation-ui: + namespace: sanitation + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml new file mode 100644 index 0000000000..60d9b45184 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -0,0 +1,129 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] + password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] + flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] + flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] + + egov-notification-sms: + username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] + password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] + + egov-filestore: + aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + + egov-location: + gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] + + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] + + pgadmin: + admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] + admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] + read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] + read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] + + egov-enc-service: + master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] + master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] + master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] + + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] + + git-sync: + ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] + known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] + + kibana: + namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] + credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] + + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] + + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] + + chatbot: + valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] + valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] + + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] + + oauth2-proxy: + clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] + clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] + route: + receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] + group_by: + - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] + match: + alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] + group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] + group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] + repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] + api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] + channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] + username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] + title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] + text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] + templates: + - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-10-09T10:33:39Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-09T10:33:39Z" + mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + pgp: + - created_at: "2023-10-09T10:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB + ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W + Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 + 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj + W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle + ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 + MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL + nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== + =gDUX + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml new file mode 100644 index 0000000000..fdf03b111c --- /dev/null +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -0,0 +1,694 @@ +global: + domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, health ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, health ] + data: + asset-services: 'http://asset-services:8080/' + asset-services-maha: 'http://asset-services-maha:8080/' + billing-service: 'http://billing-service.egov:8080/' + collection-services: 'http://collection-services.egov:8080/' + collection-masters: 'http://collection-masters:8080/' + collection-search-indexer: 'http://collection-search-indexer:8080/' + citizen-indexer: 'http://citizen-indexer:8080/' + citizen-services: 'http://citizen-services:8080/' + dashboard-analytics: 'http://dashboard-analytics.egov:8080/' + dashboard-ingest: 'http://dashboard-ingest.egov:8080/' + demand-services: 'http://demand-services:8080/' + data-sync-employee: 'http://data-sync-employee:8080/' + egov-common-masters: 'http://egov-common-masters:8080/' + egf-masters: 'http://egf-masters:8080/' + egf-master: 'http://egf-master:8080/' + egf-instrument: 'http://egf-instrument:8080/' + egf-voucher: 'http://egf-voucher:8080/' + egf-bill: 'http://egf-bill:8080/' + egov-enc-service: 'http://egov-enc-service.egov:8080/' + egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' + egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' + egov-user: 'http://egov-user.egov:8080/' + egov-user-egov: 'http://egov-user.egov:8080/' + egov-location: 'http://egov-location.egov:8080/' + egov-filestore: 'http://egov-filestore.egov:8080/' + egov-localization: 'http://egov-localization.egov:8080/' + egov-idgen: 'http://egov-idgen.egov:8080/' + egov-otp: 'http://egov-otp.egov:8080/' + egov-common-workflows: 'http://egov-common-workflows:8080/' + egov-mdms-service: 'http://egov-mdms-service.egov:8080/' + egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' + egov-mdms-create: 'http://egov-mdms-create.egov:8080/' + egov-eis: 'http://egov-eis:8080/' + egov-workflow: 'http://egov-workflow.egov:8080/' + egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' + egov-searcher: 'http://egov-searcher.egov:8080/' + egov-data-uploader: 'http://egov-data-uploader.egov:8080/' + egov-indexer: 'http://egov-indexer.egov:8080/' + egov-hrms: 'http://egov-hrms.egov:8080/' + es-client: 'http://elasticsearch-data-v1.es-cluster:9200' + hr-masters: 'http://hr-masters:8080/' + hr-employee: 'http://hr-employee:8080/' + hr-masters-v2: 'http://hr-masters-v2:8080/' + hr-employee-v2: 'http://hr-employee-v2:8080/' + hr-attendance: 'http://hr-attendance:8080/' + hr-leave: 'http://hr-leave:8080/' + hr-employee-movement: 'http://hr-employee-movement:8080/' + inventory-services: 'http://inventory-services:8080/' + lams-services: 'http://lams-services:8080/' + lcms-workflow: 'http://lcms-workflow:8080/' + lcms-services: 'http://lcms-services:8080/' + location: 'http://location:8080/' + performance-assessment: 'http://performance-assessment:8080/' + pt-property: 'http://pt-property:8080/' + pt-workflow: 'http://pt-workflow:8080/' + pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' + pt-calculator: 'http://pt-calculator:8080/' + pt-calculator-v2: 'http://pt-calculator-v2:8080/' + pt-services-v2: 'http://pt-services-v2:8080/' + property-services: 'http://property-services.egov:8080/' + pgr-master: 'http://pgr-master:8080/' + pgr-rest: 'http://pgr-rest:8080/' + pdf-service: 'http://pdf-service.egov:8080/' + report: 'http://report:8080/' + swm-services: 'http://swm-services:8080/' + tenant: 'http://tenant:8080/' + tl-masters: 'http://tl-masters:8080/' + tl-services: 'http://tl-services:8080/' + tl-workflow: 'http://tl-workflow:8080/' + tl-indexer: 'http://tl-indexer:8080/' + tl-calculator: 'http://tl-calculator:8080/' + user-otp: 'http://user-otp:8080/' + firenoc-services: 'http://firenoc-services:8080/' + firenoc-calculator: 'http://firenoc-calculator:8080/' + egov-apportion-service: 'http://egov-apportion-service:8080/' + bpa-services: 'http://bpa-services.egov:8080/' + bpa-calculator: 'http://bpa-calculator.egov:8080/' + rainmaker-pgr: 'http://rainmaker-pgr:8080/' + ws-calculator: 'http://ws-calculator.egov:8080/' + ws-services: 'http://ws-services.egov:8080/' + sw-services: 'http://sw-services.egov:8080/' + sw-calculator: 'http://sw-calculator.egov:8080/' + land-services: 'http://land-services.egov:8080/' + noc-services: 'http://noc-services.egov:8080/' + minio-url: 'https://minio-uat.digit.org/' + egov-user-chatbot: 'http://egov-user-chatbot:8080/' + zuul: 'http://zuul:8080/' + egov-url-shortening: 'http://egov-url-shortening.egov:8080/' + fsm-calculator: 'http://fsm-calculator.egov:8080/' + fsm: 'http://fsm.egov:8080/' + vehicle: 'http://vehicle.egov:8080' + vendor: 'http://vendor.egov:8080' + egov-edcr: 'http://egov-edcr.egov:8080/' + echallan-calculator: 'http://echallan-calculator.egov:8080/' + echallan-services: 'http://echallan-services.egov:8080/' + inbox: 'http://inbox.egov:8080/' + turn-io-adapter: 'http://turn-io-adapter.egov:8080/' + pgr-services: 'http://pgr-services.health:8080/' + birth-death-services: 'http://birth-death-services.egov:8080/' + egov-pdf: 'http://egov-pdf.egov:8080/' + health-registration-service: 'http://health-registration-service:8080/' + health-delivery-service: 'http://health-delivery-service:8080/' + project: 'http://project.egov:8080/' + product: 'http://product.health:8080/' + household: 'http://household.health:8080/' + individual: 'http://individual.egov:8080/' + stock: 'http://stock.health:8080/' + facility: 'http://facility.health:8080/' + service-request: 'http://service-request:8080/' +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-uat-secrets.yaml new file mode 100644 index 0000000000..60d9b45184 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-uat-secrets.yaml @@ -0,0 +1,129 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] + password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] + flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] + flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] + + egov-notification-sms: + username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] + password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] + + egov-filestore: + aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + + egov-location: + gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] + + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] + + pgadmin: + admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] + admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] + read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] + read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] + + egov-enc-service: + master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] + master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] + master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] + + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] + + git-sync: + ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] + known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] + + kibana: + namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] + credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] + + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] + + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] + + chatbot: + valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] + valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] + + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] + + oauth2-proxy: + clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] + clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] + route: + receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] + group_by: + - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] + match: + alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] + group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] + group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] + repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] + api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] + channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] + username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] + title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] + text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] + templates: + - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-10-09T10:33:39Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-09T10:33:39Z" + mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + pgp: + - created_at: "2023-10-09T10:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB + ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W + Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 + 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj + W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle + ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 + MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL + nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== + =gDUX + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml new file mode 100644 index 0000000000..8b83bbb2c3 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -0,0 +1,691 @@ +global: + domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring ] + data: + asset-services: 'http://asset-services:8080/' + asset-services-maha: 'http://asset-services-maha:8080/' + billing-service: 'http://billing-service.egov:8080/' + collection-services: 'http://collection-services.egov:8080/' + collection-masters: 'http://collection-masters:8080/' + collection-search-indexer: 'http://collection-search-indexer:8080/' + citizen-indexer: 'http://citizen-indexer:8080/' + citizen-services: 'http://citizen-services:8080/' + dashboard-analytics: 'http://dashboard-analytics.egov:8080/' + dashboard-ingest: 'http://dashboard-ingest.egov:8080/' + demand-services: 'http://demand-services:8080/' + data-sync-employee: 'http://data-sync-employee:8080/' + egov-common-masters: 'http://egov-common-masters:8080/' + egf-masters: 'http://egf-masters:8080/' + egf-master: 'http://egf-master:8080/' + egf-instrument: 'http://egf-instrument:8080/' + egf-voucher: 'http://egf-voucher:8080/' + egf-bill: 'http://egf-bill:8080/' + egov-enc-service: 'http://egov-enc-service.egov:8080/' + egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' + egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' + egov-user: 'http://egov-user.egov:8080/' + egov-user-egov: 'http://egov-user.egov:8080/' + egov-location: 'http://egov-location.egov:8080/' + egov-filestore: 'http://egov-filestore.egov:8080/' + egov-localization: 'http://egov-localization.egov:8080/' + egov-idgen: 'http://egov-idgen.egov:8080/' + egov-otp: 'http://egov-otp.egov:8080/' + egov-common-workflows: 'http://egov-common-workflows:8080/' + egov-mdms-service: 'http://egov-mdms-service.egov:8080/' + egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' + egov-mdms-create: 'http://egov-mdms-create.egov:8080/' + egov-eis: 'http://egov-eis:8080/' + egov-workflow: 'http://egov-workflow.egov:8080/' + egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' + egov-searcher: 'http://egov-searcher.egov:8080/' + egov-data-uploader: 'http://egov-data-uploader.egov:8080/' + egov-indexer: 'http://egov-indexer.egov:8080/' + egov-hrms: 'http://egov-hrms.egov:8080/' + es-client: 'http://elasticsearch-data-v1.es-cluster:9200' + hr-masters: 'http://hr-masters:8080/' + hr-employee: 'http://hr-employee:8080/' + hr-masters-v2: 'http://hr-masters-v2:8080/' + hr-employee-v2: 'http://hr-employee-v2:8080/' + hr-attendance: 'http://hr-attendance:8080/' + hr-leave: 'http://hr-leave:8080/' + hr-employee-movement: 'http://hr-employee-movement:8080/' + inventory-services: 'http://inventory-services:8080/' + lams-services: 'http://lams-services:8080/' + lcms-workflow: 'http://lcms-workflow:8080/' + lcms-services: 'http://lcms-services:8080/' + location: 'http://location:8080/' + performance-assessment: 'http://performance-assessment:8080/' + pt-property: 'http://pt-property:8080/' + pt-workflow: 'http://pt-workflow:8080/' + pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' + pt-calculator: 'http://pt-calculator:8080/' + pt-calculator-v2: 'http://pt-calculator-v2:8080/' + pt-services-v2: 'http://pt-services-v2:8080/' + property-services: 'http://property-services.egov:8080/' + pgr-master: 'http://pgr-master:8080/' + pgr-rest: 'http://pgr-rest:8080/' + pdf-service: 'http://pdf-service.egov:8080/' + report: 'http://report:8080/' + swm-services: 'http://swm-services:8080/' + tenant: 'http://tenant:8080/' + tl-masters: 'http://tl-masters:8080/' + tl-services: 'http://tl-services:8080/' + tl-workflow: 'http://tl-workflow:8080/' + tl-indexer: 'http://tl-indexer:8080/' + tl-calculator: 'http://tl-calculator:8080/' + user-otp: 'http://user-otp:8080/' + firenoc-services: 'http://firenoc-services:8080/' + firenoc-calculator: 'http://firenoc-calculator:8080/' + egov-apportion-service: 'http://egov-apportion-service:8080/' + bpa-services: 'http://bpa-services.egov:8080/' + bpa-calculator: 'http://bpa-calculator.egov:8080/' + rainmaker-pgr: 'http://rainmaker-pgr:8080/' + ws-calculator: 'http://ws-calculator.egov:8080/' + ws-services: 'http://ws-services.egov:8080/' + sw-services: 'http://sw-services.egov:8080/' + sw-calculator: 'http://sw-calculator.egov:8080/' + land-services: 'http://land-services.egov:8080/' + noc-services: 'http://noc-services.egov:8080/' + minio-url: 'https://minio-uat.digit.org/' + egov-user-chatbot: 'http://egov-user-chatbot:8080/' + zuul: 'http://zuul:8080/' + egov-url-shortening: 'http://egov-url-shortening.egov:8080/' + fsm-calculator: 'http://fsm-calculator.egov:8080/' + fsm: 'http://fsm.egov:8080/' + vehicle: 'http://vehicle.egov:8080' + vendor: 'http://vendor.egov:8080' + egov-edcr: 'http://egov-edcr.egov:8080/' + echallan-calculator: 'http://echallan-calculator.egov:8080/' + echallan-services: 'http://echallan-services.egov:8080/' + inbox: 'http://inbox.egov:8080/' + turn-io-adapter: 'http://turn-io-adapter.egov:8080/' + pgr-services: 'http://pgr-services.health:8080/' + birth-death-services: 'http://birth-death-services.egov:8080/' + egov-pdf: 'http://egov-pdf.egov:8080/' + health-registration-service: 'http://health-registration-service:8080/' + health-delivery-service: 'http://health-delivery-service:8080/' + project: 'http://project.egov:8080/' + service-request: 'http://service-request:8080/' +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + namespace: egov + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + memory_limits: "512Mi" + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml new file mode 100644 index 0000000000..60d9b45184 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml @@ -0,0 +1,129 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] + password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] + flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] + flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] + + egov-notification-sms: + username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] + password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] + + egov-filestore: + aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + + egov-location: + gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] + + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] + + pgadmin: + admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] + admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] + read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] + read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] + + egov-enc-service: + master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] + master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] + master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] + + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] + + git-sync: + ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] + known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] + + kibana: + namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] + credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] + + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] + + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] + + chatbot: + valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] + valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] + + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] + + oauth2-proxy: + clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] + clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] + route: + receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] + group_by: + - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] + match: + alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] + group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] + group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] + repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] + api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] + channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] + username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] + title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] + text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] + templates: + - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-10-09T10:33:39Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-09T10:33:39Z" + mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + pgp: + - created_at: "2023-10-09T10:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB + ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W + Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 + 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj + W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle + ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 + MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL + nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== + =gDUX + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml new file mode 100644 index 0000000000..3214f54a98 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -0,0 +1,686 @@ +global: + domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, urban ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe + + egov-service-host: + namespace: [ egov, monitoring, urban ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location.egov:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.urban:8080/" + ws-services: "http://ws-services.urban:8080/" + sw-services: "http://sw-services.urban:8080/" + sw-calculator: "http://sw-calculator.urban:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: filestore bucket name ## Add filestore bucket name + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + autocreate-new-seq: "true" + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "false" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + +egov-persister: + replicas: 1 + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +pgr-services: + memory_limits: 512Mi + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + + +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + + +user-otp: + logging-level: "DEBUG" + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + workflow-statelevel: "true" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + + + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml new file mode 100644 index 0000000000..60d9b45184 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml @@ -0,0 +1,129 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] + password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] + flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] + flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] + + egov-notification-sms: + username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] + password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] + + egov-filestore: + aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] + aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + + egov-location: + gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] + + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] + + pgadmin: + admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] + admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] + read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] + read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] + + egov-enc-service: + master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] + master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] + master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] + + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] + + git-sync: + ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] + known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] + + kibana: + namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] + credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] + + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] + si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] + mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] + + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] + + chatbot: + valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] + valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] + + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] + + oauth2-proxy: + clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] + clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] + route: + receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] + group_by: + - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] + match: + alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] + group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] + group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] + repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] + receivers: + - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] + api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] + channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] + username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] + title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] + text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] + templates: + - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-10-09T10:33:39Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-10-09T10:33:39Z" + mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + pgp: + - created_at: "2023-10-09T10:33:39Z" + enc: | + -----BEGIN PGP MESSAGE----- + + hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB + ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W + Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 + 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj + W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle + ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 + MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL + nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== + =gDUX + -----END PGP MESSAGE----- + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml new file mode 100644 index 0000000000..8f9d0b3aa8 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -0,0 +1,754 @@ +global: + domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, works ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, works ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-mdms-service-v2: "http://mdms-v2.egov:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + audit-service: "http://audit-service.egov:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report.egov:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.sanitation:8080/" + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + attendance-service: "http://attendance.works:8080/" + contract-service: "http://contracts.works:8080/" + muster-roll-service: "http://muster-roll.works:8080/" + project-management-system: "http://project.egov:8080/" + project: "http://project.egov:8080/" + estimate-service: "http://estimates.works:8080/" + organisation: "http://organisation.works:8080/" + bankaccounts: "http://bankaccounts.works:8080/" + expense-calculator: "http://expense-calculator.works:8080/" + expense: "http://expense.works:8080/" + ifms-jit: https://uat.odishatreasury.gov.in + ifms-adapter: "http://ifms-adapter.works:8080/" + works-management-service: "http://works-management-service.works:8080/" + individual: "http://individual.egov:8080/" + works-pdf: "http://works-pdf.works:8080/" + loi-service: "http://loi-service.works:8080/" + household: "http://household:8080/" + product: "http://product:8080/" + facility: "http://facility:8080/" + measurement: "http://measurement-service.works:8080/" + ifms-adapter: "http://ifms-adapter.works:8080/" + measurement-service: "http://measurement-service.works:8080/" + measurement-registry: "http://measurement-registry.works:8080/" +estimate-service: + tracing-enabled: true + java-enable-debug: true + estimate-default-limit: 100 + estimate-search-max-limit: 200 + estimate-workflow-business-service: "ESTIMATE" + +loi-service: + tracing-enabled: true + workflow.loi.business.service.name: "loi-approval-4" + +attendance-service: + tracing-enabled: true + java-enable-debug: true + attendance-register-default-offset: 0 + attendance-register-default-limit: 10 + attendance-register-search-max-limit: 100 + attendance-individual-service-integration-required: false + attendance-staff-service-integration-required: false + attendance-document-id-verification-required: false + attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON" + organisation-contact-details-update-topic: organisation.contact.details.update + contracts-revision-topic: "contracts-revision" + +contract-service: + tracing-enabled: true + java-enable-debug: true + contract-default-offset: 0 + contract-default-limit: 10 + contract-search-max-limit: 50 + works-contract-service-code: "WORKS-CONTRACT" + contract-workflow-business-service: "CONTRACT" + contract-workflow-revision-business-service: "CONTRACT-REVISION" + contracts-revision-topic: "contracts-revision" + contract-workflow-module-name: "contract-service" + contract-cbo-url-host : "https://works-qa.digit.org" + contract-cbo-url-endpoint : "/works-shg-app" + +# project-management-system: +# tracing-enabled: true +# java-enable-debug: true +# project-default-offset: 0 +# project-default-limit: 100 +# project-search-max-limit: 200 +# project-mdms-module: "works" +# egov-location-hierarchy-type: "ADMIN" + +project: + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + project-mdms-module: "works" + egov-location-hierarchy-type: "ADMIN" + +muster-roll-service: + tracing-enabled: true + java-enable-debug: true + musterroll-default-offset: 0 + musterroll-default-limit: 100 + musterroll-search-max-limit: 200 + musterroll-workflow-business-service: "MR" + works-attendance-log-search-endpoint: "attendance/log/v1/_search" + works-attendance-register-search-endpoint: "attendance/v1/_search" + works-attendance-register-search-limit: 100 + muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" + works-individual-search-endpoint: "individual/v1/_search" + works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" + works-contract-service-code: "WORKS-CONTRACT" + notification-sms-enabled: "true" + +organisation: + tracing-enabled: true + java-enable-debug: true + org-default-limit: 100 + org-search-max-limit: 200 + egov-location-hierarchy-type: "ADMIN" + works-cbo-url-host: "https:/works-qa.digit.org" + works-cbo-url-endpoint: "/works-shg-app" + organisation-contact-details-update-topic: organisation.contact.details.update + +bankaccounts: + tracing-enabled: true + java-enable-debug: true + bank-account-default-limit: 100 + bank-account-search-max-limit: 200 + +individual: + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +works-management-service: + tracing-enabled: true + java-enable-debug: true + +ifms-adapter: + tracing-enabled: true + java-enable-debug: true + payment-create-topic: "expense-payment-create" + egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" + ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" + ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" + egov-bill-search-limit: 10 + +ifms-cronjob-pa: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-va: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pis: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pag: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-pd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-fd: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftps: + user-name: "IFMS_CRONJOB" + +ifms-cronjob-ftfps: + user-name: "IFMS_CRONJOB" + +expense-calculator: + tracing-enabled: true + java-enable-debug: true + +expenses-billing: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + bill-kafka-topic: "bill" + +expense: + tracing-enabled: true + java-enable-debug: true + expense-billing-default-offset: 0 + expense-billing-default-limit: 100 + expense-billing-search-max-limit: 200 + business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" + +works-inbox-service: + java-enable-debug: true + tracing-enabled: true + +#########---core-services---######### + +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-mdms-service: + mdms-path: "/work-dir/works-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-mdms-data" + branch: "QA" + mdms-folder: "works-mdms-data" + java-args: -Dspring.profiles.active=monitoring + masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" + +egov-filestore: + is-s3-enabled: "true" + fixed-bucketname: "works-qa-filestore" + minio-enabled: false + aws.s3.url : "https://s3.amazonaws.com" + is-bucket-fixed: "true" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + +egov-user: + replicas: "1" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + state-level-tenant-id: "pg" + java-enable-debug: true + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +egov-persister: + persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + workflow-statelevel: "true" + wf-max-limit: "10000" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + java-enable-debug: true + heap: "-Xmx192m -Xms192m" + employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" + +egov-notification-sms: + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +zuul: + replicas: 2 + custom-filter-property: "false" + tracing-enabled: "true" + heap: "-Xmx704m -Xms512m" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" + egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" + eventlog-enabled: "true" + eventlog-topic: "zuul-event-log" + eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +########################################## + +egov-url-shortening: + egov-url-shortner-endpoint: "/egov-url-shortening/shortener" + egov-url-shorten-hashid-salt: "randomsalt" + egov-url-shorten-hashid-min-length: "5" +# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egov-common-workflows: + db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" + + +egov-workflow: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +pdf-service: + replicas: 1 + memory_limits: 1.5Gi + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" + format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" + +egov-searcher: + search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + + +# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-user-chatbot: + egov-state-level-tenant-id: "pg" + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +works-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +works-shg-app: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +dashboard-analytics: + config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/works-configs" + branch: "QA" + +dashboard-ingest: + topic-incoming-collection: "dss-collection-update" + es-index-name: "dss-collection_v2" + es-push-direct: "true" + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + + +nginx-ingress: + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + controller: + image: + repository: egovio/nginx-ingress-controller + tag: "0.26.1" + #metrics: + enabled: true + serviceMonitor: + enabled: true + service: + prometheusRule: + enabled: true + +cert-manager: + email: "devops-team@egov.org.in" + images: + - "quay.io/jetstack/cert-manager-controller:v0.10.1" + namespace: egov + + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +report: + tracing-enabled: "true" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "staging" + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + spring-datasource-tomcat-max-active: 5 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +inbox: + service-map : '{}' + bs-service-map : '{}' +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-config: + data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "es-client.es-cluster" + es-port: "9200" + + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add respective zone. + - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + resources: + limits: + cpu: 500m + memory: 1408Mi + requests: + cpu: 2000m + memory: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx1g -Xms1g" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "2000m" + memory: "2Gi" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id + zone: ap-south-1b ##REPLACE: add zone + - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id + zone: ap-south-1b ## REPLACE: add zone + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + cpu: "300m" + memory: "896Mi" + limits: + cpu: "500m" + memory: "896Mi" + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 4640cc9c54b69ba36c28658e64bb946cf4bfa739 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Tue, 10 Oct 2023 15:52:25 +0530 Subject: [PATCH 334/742] SM-3151, added pqm-persister.yaml (#2028) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index cdb6b7c3b3..ad3734a39d 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -273,7 +273,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 0298bd14708f3327af97c5d1ff1a8563b720cc5d Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Tue, 10 Oct 2023 16:58:14 +0530 Subject: [PATCH 335/742] SM-3151, Update sanitation.yaml (#2029) * Update sanitation.yaml * SM-3151, Update unified-dev.yaml * SM-3151, Update unified-dev.yaml --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index ad3734a39d..cdb6b7c3b3 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -273,7 +273,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 4e477b9200..13c37affa4 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -343,7 +343,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/pqm-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From d45867651b64e872eb3c88b6124639027e4bdbf1 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Tue, 10 Oct 2023 17:28:31 +0530 Subject: [PATCH 336/742] SM-3151, Update unified-dev.yaml (#2030) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 13c37affa4..a4c34c1cff 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -343,7 +343,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/pqm-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From f0eb32d78c9aa72b0d0e9f2c382e93e192c557ae Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 10 Oct 2023 22:52:56 +0530 Subject: [PATCH 337/742] updated oauth2-proxy secrets --- .../environments/unified-uat-secrets.yaml | 22 ++++--------------- .../helm/environments/unified-uat.yaml | 8 +++++++ 2 files changed, 12 insertions(+), 18 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-uat-secrets.yaml index 60d9b45184..89e896b143 100644 --- a/deploy-as-code/helm/environments/unified-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-uat-secrets.yaml @@ -5,18 +5,14 @@ cluster-configs: password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - egov-notification-sms: username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - egov-filestore: aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] - egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - egov-pg-service: axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] @@ -25,51 +21,41 @@ cluster-configs: axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - pgadmin: admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - egov-enc-service: master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - egov-notification-mail: mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - git-sync: ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - kibana: namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - egov-si-microservice: si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - egov-edcr-notification: edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - chatbot: valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] - clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] + clientID: ENC[AES256_GCM,data:KMLD6wYliMyfR6HRVJmJijZZ2ac=,iv:qz3YvcJ8cJ5vRrOQup8rAsV/Wlb1ly3HEa8+Cb9831A=,tag:MpUX6Zq6q+cstOL1cY+KnQ==,type:str] + clientSecret: ENC[AES256_GCM,data:MIR6xH4q6GhH1hMRncJwTf3jzpEQqdzDNsHO38i9LgMBwa5fxjSw5w==,iv:CAq7p0wNiY0LKQ7ZBdlTEpNhVbp5kIxVHeeyGkwF9Z4=,tag:cCZSpV5zYv6Yy4Dcm/8T4w==,type:str] cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] alertmanager: config: @@ -107,8 +93,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-09T10:33:39Z" - mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + lastmodified: "2023-10-10T17:19:41Z" + mac: ENC[AES256_GCM,data:JWY96OBRgbeidZ/D75ixxTHJjFck8LU6aZnMbOhNR7ltSGWM+rn9qzli/TF3dVXU4IHs7qEFmJkL5mP51iMARb9j/DOiloCNWLZRWgiBuL7KhZYvc+T7hFpMNfwftWbq39Dq3N9+gLcv7WjjnFQeEZM9EhxwZu3k4LAIzikHO6I=,iv:7eFg513+4xhSDyJGlpuUv+4GLgcDL9naN++scjtNyb8=,tag:q0Y0FkihNTvnO59lxhsUEA==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 8b83bbb2c3..b397652c13 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -203,6 +203,14 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" +oauth2-proxy: + config: + configFile: |- + email_domains = [ "*" ] + github_org = "egovernments" + github_team = "micro-service-uat" + upstreams = [ "file:///dev/null" ] + egov-user: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi From b6e70406933e25ad8511805141abd08f5efbee96 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 11 Oct 2023 12:51:20 +0530 Subject: [PATCH 338/742] added new helm charts for health services (#2023) Co-authored-by: Harish-egov --- .../health-services/health-hrms/Chart.yaml | 26 +++ .../health-hrms/templates/deployment.yaml | 2 + .../health-hrms/templates/ingress.yaml | 2 + .../health-hrms/templates/service.yaml | 2 + .../health-services/health-hrms/values.yaml | 127 +++++++++++ .../referral-management/Chart.yaml | 26 +++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../referral-management/values.yaml | 202 ++++++++++++++++++ 10 files changed, 393 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/health-hrms/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-hrms/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-hrms/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-hrms/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-hrms/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referral-management/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/Chart.yaml new file mode 100644 index 0000000000..897ee45e85 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-hrms/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-hrms +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-hrms/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-hrms/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-hrms/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml new file mode 100644 index 0000000000..59d2af5294 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -0,0 +1,127 @@ +# Common Labels +labels: + app: "health-hrms" + group: "rainmaker" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "health-hrms" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "egov_hrms_schema" + image: + repository: "health-hrms-db" + +# Container Configs +image: + repository: "health-hrms" +replicas: "1" +appType: "java-spring" +tracing-enabled: true +healthChecks: + enabled: true + livenessProbePath: "/health-hrms/health" + readinessProbePath: "/health-hrms/health" +employee-applink: "https://egov-micro-dev.egovernments.org/employee/user/login" +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: EGOV_SERVICES_DATA_SYNC_EMPLOYEE_REQUIRED + value: "false" + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-hrms" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: /egov-mdms-service/v1/_search + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + - name: EGOV_FILESTORE_URL_ENDPOINT + value: /filestore/v1/files/url + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_LOCALIZATION_SEARCH_ENDPOINT + value: /localization/messages/v1/_search + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_SERVICES_EGOV_IDGEN_CREATEPATH + value: /egov-idgen/id/_generate + - name: EGOV_SERVICES_EGOV_IDGEN_EMP_CODE_NAME + value: employee.code + - name: EGOV_SERVICES_EGOV_IDGEN_EMP_CODE_FORMAT + value: EMP_[SEQ_EMPLOYEE_CODE] + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_OTP_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-otp + - name: EGOV_ENVIRONMENT_DOMAIN + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: EGOV_USER_SEARCH_ENDPOINT + value: /user/v1/_search + - name: EGOV_USER_CREATE_ENDPOINT + value: /user/users/_createnovalidate + - name: EGOV_USER_UPDATE_ENDPOINT + value: /user/users/_updatenovalidate + - name: EGOV_HRMS_EMPLOYEE_APP_LINK + value: {{ index .Values "employee-applink" | quote }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: employee-group1 + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: KAFKA_TOPICS_SAVE_SERVICE + value: save-hrms-employee + - name: KAFKA_TOPICS_UPDATE_SERVICE + value: update-hrms-employee + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: egov.core.notification.sms + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml b/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml new file mode 100644 index 0000000000..6fa3c2fe4e --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: referralmanagement +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/values.yaml b/deploy-as-code/helm/charts/health-services/referral-management/values.yaml new file mode 100644 index 0000000000..8dcd761eae --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referral-management/values.yaml @@ -0,0 +1,202 @@ +# Common Labels +labels: + app: "referralmanagement" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "referralmanagement" + +namespace: health + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "referralmanagement_schema" + image: + repository: "referralmanagement-db" + +# Container Configs +image: + repository: "referralmanagement" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/referralmanagement/health" + readinessProbePath: "/referralmanagement/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/configs/egov-persister/referral-management-persister.yml" +indexer-yml-path: "file:///work-dir/configs/egov-indexer/referral-management-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-referral-management + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: REFERRALMANAGEMENT.SIDEEFFECT.IDGEN.ID.FORMAT + value: "referralmanagement.sideeffect.id" + - name: REFERRALMANAGEMENT.REFERRAL.IDGEN.ID.FORMAT + value: "referralmanagement.referral.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "referralmanagement_master" + - name: EGOV_MDMS_MODULE_NAME + value: "referralmanagement" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_SEARCH_PROJECT_TASK_URL + value: "/project/task/v1/_search" + - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL + value: "/project/beneficiary/v1/_search" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC + value: "save-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC + value: "update-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC + value: "delete-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC + value: "save-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC + value: "update-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC + value: "delete-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC + value: "save-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC + value: "update-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC + value: "delete-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC + value: "save-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC + value: "update-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC + value: "delete-referral-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: REFERRALMANAGEMENT.DEFAULT.OFFSET + value: "0" + - name: REFERRALMANAGEMENT.DEFAULT.LIMIT + value: "100" + - name: REFERRALMANAGEMENT.SEARCH.MAX.LIMIT + value: "200" + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" \ No newline at end of file From 34743aa51d380c6d11e856e3ce65b5fc5a4b925d Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 11 Oct 2023 13:02:42 +0530 Subject: [PATCH 339/742] SM-3151 changes (#2031) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 53b272cb26..3807d1a633 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -307,7 +307,8 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/sanitation/egov-perister +/pqm-persister.yml" egov-persister: replicas: 1 From 00a06f69e9cb6a4e148cf457ecfb16fb24f5bd26 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Wed, 11 Oct 2023 17:16:01 +0530 Subject: [PATCH 340/742] Prometheus (#2022) * updated prometheus image from version 2-15 to 2.47 * updated prometheus image from version 2-15 to 2.47 --- .../templates/podsecuritypolicy.yaml | 39 - .../templates/psp-clusterrole.yaml | 19 - .../templates/psp-clusterrolebinding.yaml | 16 - .../prometheus-operator/requirements.lock | 10 +- .../templates/alertmanager/alertmanager.yaml | 112 -- .../templates/alertmanager/ingress.yaml | 34 - .../alertmanager/ingressperreplica.yaml | 49 - .../alertmanager/podDisruptionBudget.yaml | 21 - .../templates/alertmanager/psp-role.yaml | 21 - .../alertmanager/psp-rolebinding.yaml | 18 - .../templates/alertmanager/psp.yaml | 49 - .../templates/alertmanager/secret.yaml | 28 - .../templates/alertmanager/service.yaml | 52 - .../alertmanager/serviceaccount.yaml | 12 - .../alertmanager/servicemonitor.yaml | 32 - .../alertmanager/serviceperreplica.yaml | 46 - .../templates/operator/psp-clusterrole.yaml | 20 - .../operator/psp-clusterrolebinding.yaml | 17 - .../templates/operator/psp.yaml | 48 - .../templates/prometheus/_rules.tpl | 36 + .../additionalAlertmanagerConfigs.yaml | 2 +- .../prometheus/additionalPrometheusRules.yaml | 3 + .../prometheus/additionalScrapeConfigs.yaml | 8 +- .../prometheus/ciliumnetworkpolicy.yaml | 27 + .../templates/prometheus/clusterrole.yaml | 18 +- .../prometheus/clusterrolebinding.yaml | 2 +- .../templates/prometheus/csi-secret.yaml | 12 + .../templates/prometheus/extrasecret.yaml | 20 + .../templates/prometheus/ingress.yaml | 51 +- .../prometheus/ingressThanosSidecar.yaml | 77 ++ .../prometheus/ingressperreplica.yaml | 30 +- .../templates/prometheus/networkpolicy.yaml | 34 + .../prometheus/podDisruptionBudget.yaml | 10 +- .../templates/prometheus/podmonitors.yaml | 8 +- .../templates/prometheus/prometheus.yaml | 244 +++- .../templates/prometheus/psp-clusterrole.yaml | 2 + .../prometheus/psp-clusterrolebinding.yaml | 5 +- .../templates/prometheus/psp.yaml | 24 +- .../prometheus/rules/alertmanager.rules.yaml | 54 - .../templates/prometheus/rules/etcd.yaml | 155 --- .../prometheus/rules/general.rules.yaml | 50 - .../templates/prometheus/rules/k8s.rules.yaml | 83 -- .../rules/kube-apiserver.rules.yaml | 39 - .../kube-prometheus-node-alerting.rules.yaml | 41 - .../kube-prometheus-node-recording.rules.yaml | 41 - .../rules/kube-scheduler.rules.yaml | 63 - .../prometheus/rules/kubernetes-absent.yaml | 129 -- .../prometheus/rules/kubernetes-apps.yaml | 161 --- .../rules/kubernetes-resources.yaml | 103 -- .../prometheus/rules/kubernetes-storage.yaml | 75 -- .../prometheus/rules/kubernetes-system.yaml | 145 --- .../prometheus/rules/node-network.yaml | 48 - .../templates/prometheus/rules/node-time.yaml | 34 - .../prometheus/rules/node.rules.yaml | 202 ---- .../prometheus/rules/prometheus-operator.yaml | 43 - .../prometheus/rules/prometheus.rules.yaml | 109 -- .../templates/prometheus/service.yaml | 33 +- .../prometheus/serviceThanosSidecar.yaml | 39 + .../serviceThanosSidecarExternal.yaml | 46 + .../templates/prometheus/serviceaccount.yaml | 8 +- .../templates/prometheus/servicemonitor.yaml | 30 +- .../servicemonitorThanosSidecar.yaml | 45 + .../templates/prometheus/servicemonitors.yaml | 15 +- .../prometheus/serviceperreplica.yaml | 16 +- .../prometheus-operator/values.yaml | 1063 ++++++++++++++++- 65 files changed, 1748 insertions(+), 2378 deletions(-) delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/_rules.tpl create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ciliumnetworkpolicy.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/csi-secret.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/extrasecret.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressThanosSidecar.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/networkpolicy.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecar.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecarExternal.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitorThanosSidecar.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml deleted file mode 100644 index 1a3612f46e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/podsecuritypolicy.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- if .Values.podSecurityPolicy.enabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "kube-state-metrics.fullname" . }} - labels: - app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} -{{- if .Values.podSecurityPolicy.annotations }} - annotations: -{{ toYaml .Values.podSecurityPolicy.annotations | indent 4 }} -{{- end }} -spec: - privileged: false - volumes: - - 'secret' -{{- if .Values.podSecurityPolicy.additionalVolumes }} -{{ toYaml .Values.podSecurityPolicy.additionalVolumes | indent 4 }} -{{- end }} - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - rule: 'MustRunAsNonRoot' - seLinux: - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 1 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml deleted file mode 100644 index 94dcdc18a1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrole.yaml +++ /dev/null @@ -1,19 +0,0 @@ -{{- if and .Values.podSecurityPolicy.enabled .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} - name: psp-{{ template "kube-state-metrics.fullname" . }} -rules: -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }} -- apiGroups: ['policy'] -{{- else }} -- apiGroups: ['extensions'] -{{- end }} - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "kube-state-metrics.fullname" . }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml deleted file mode 100644 index 7299b14f6c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/kube-state-metrics/templates/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if and .Values.podSecurityPolicy.enabled .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: {{ template "kube-state-metrics.name" . }} - name: psp-{{ template "kube-state-metrics.fullname" . }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: psp-{{ template "kube-state-metrics.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "kube-state-metrics.fullname" . }} - namespace: {{ template "kube-state-metrics.namespace" . }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock index 70a168daaa..938bba4ce9 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/requirements.lock @@ -2,8 +2,8 @@ dependencies: - name: kube-state-metrics repository: file://../kube-state-metrics version: 2.8.11 -- name: grafana - repository: file://../grafana - version: 0.1.0 -digest: sha256:c0f0be2f8382655778e38218851af8e8de3b488f8b2fdb046c4c913e836b2348 -generated: "2020-07-20T18:17:13.2686971+05:30" +- name: prometheus-blackbox-exporter + repository: file://../prometheus-blackbox-exporter + version: 8.2.0 +digest: sha256:8d0dc085579a66d92703e131f47087b4b2f433d477aa2373caa9aa35ad231ccf +generated: "2023-10-05T13:12:32.403372741+05:30" diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml deleted file mode 100644 index 089d85f398..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/alertmanager.yaml +++ /dev/null @@ -1,112 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if .Values.alertmanager.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: Alertmanager -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -spec: -{{- if .Values.alertmanager.alertmanagerSpec.image }} - baseImage: {{ .Values.alertmanager.alertmanagerSpec.image.repository }} - version: {{ .Values.alertmanager.alertmanagerSpec.image.tag }} -{{- end }} - replicas: {{ .Values.alertmanager.alertmanagerSpec.replicas }} - listenLocal: {{ .Values.alertmanager.alertmanagerSpec.listenLocal }} - serviceAccountName: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} -{{- if .Values.alertmanager.alertmanagerSpec.externalUrl }} - externalUrl: "{{ .Values.alertmanager.alertmanagerSpec.externalUrl }}" -{{- else if and .Values.alertmanager.ingress.enabled }} - externalUrl: "https://{{ .Values.global.domain }}{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" -{{- else }} - externalUrl: http://{{ template "prometheus-operator.fullname" . }}-alertmanager.{{ .Values.namespace}}:{{ .Values.alertmanager.service.port }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.nodeSelector }} - nodeSelector: -{{ toYaml .Values.alertmanager.alertmanagerSpec.nodeSelector | indent 4 }} -{{- end }} - paused: {{ .Values.alertmanager.alertmanagerSpec.paused }} - logFormat: {{ .Values.alertmanager.alertmanagerSpec.logFormat | quote }} - logLevel: {{ .Values.alertmanager.alertmanagerSpec.logLevel | quote }} - retention: {{ .Values.alertmanager.alertmanagerSpec.retention | quote }} -{{- if .Values.alertmanager.alertmanagerSpec.secrets }} - secrets: -{{ toYaml .Values.alertmanager.alertmanagerSpec.secrets | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.configSecret }} - configSecret: {{ .Values.alertmanager.alertmanagerSpec.configSecret }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.configMaps }} - configMaps: -{{ toYaml .Values.alertmanager.alertmanagerSpec.configMaps | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.resources }} - resources: -{{ toYaml .Values.alertmanager.alertmanagerSpec.resources | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.routePrefix }} - routePrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.securityContext }} - securityContext: -{{ toYaml .Values.alertmanager.alertmanagerSpec.securityContext | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.storage }} - storage: -{{ toYaml .Values.alertmanager.alertmanagerSpec.storage | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.podMetadata }} - podMetadata: -{{ toYaml .Values.alertmanager.alertmanagerSpec.podMetadata | indent 4 }} -{{- end }} -{{- if or .Values.alertmanager.alertmanagerSpec.podAntiAffinity .Values.alertmanager.alertmanagerSpec.affinity }} - affinity: -{{- if .Values.alertmanager.alertmanagerSpec.affinity }} -{{ toYaml .Values.alertmanager.alertmanagerSpec.affinity | indent 4 }} -{{- end }} -{{- if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "hard" }} - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} - labelSelector: - matchLabels: - app: alertmanager - alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager -{{- else if eq .Values.alertmanager.alertmanagerSpec.podAntiAffinity "soft" }} - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - topologyKey: {{ .Values.alertmanager.alertmanagerSpec.podAntiAffinityTopologyKey }} - labelSelector: - matchLabels: - app: alertmanager - alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager -{{- end }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.tolerations }} - tolerations: -{{ toYaml .Values.alertmanager.alertmanagerSpec.tolerations | indent 4 }} -{{- end }} -{{- if .Values.global.imagePullSecrets }} - imagePullSecrets: -{{ toYaml .Values.global.imagePullSecrets | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.containers }} - containers: -{{ toYaml .Values.alertmanager.alertmanagerSpec.containers | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.priorityClassName }} - priorityClassName: {{.Values.alertmanager.alertmanagerSpec.priorityClassName }} -{{- end }} -{{- if .Values.alertmanager.alertmanagerSpec.additionalPeers }} - additionalPeers: {{.Values.alertmanager.alertmanagerSpec.additionalPeers }} -{{- end }} - portName: {{ .Values.alertmanager.alertmanagerSpec.portName }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml deleted file mode 100644 index 542d6bd309..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingress.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.ingress.enabled }} -{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} -{{- $servicePort := .Values.alertmanager.service.port -}} -{{- $routePrefix := .Values.alertmanager.alertmanagerSpec.routePrefix }} ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $serviceName }} - namespace: {{ .Values.namespace }} - annotations: -{{- if .Values.alertmanager.ingress.additionalAnnotations }} - {{- tpl .Values.alertmanager.ingress.additionalAnnotations . | nindent 4 }} -{{- end }} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -spec: - rules: - - host: {{ .Values.global.domain }} - http: - paths: - - path: {{ $routePrefix }} - pathType: Prefix - backend: - service: - name: {{ $serviceName }} - port: - number: {{ $servicePort }} - - tls: - - hosts: - - {{ .Values.global.domain }} - secretName: {{ .Values.global.domain }}-tls-certs -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml deleted file mode 100644 index 8de67e3816..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/ingressperreplica.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled .Values.alertmanager.ingressPerReplica.enabled }} -{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}} -{{- $servicePort := .Values.alertmanager.service.port -}} -{{- $ingressValues := .Values.alertmanager.ingressPerReplica -}} -apiVersion: v1 -kind: List -metadata: - name: {{ include "prometheus-operator.fullname" $ }}-alertmanager-ingressperreplica - namespace: {{ $.Release.Namespace }} -items: -{{ range $i, $e := until $count }} - - apiVersion: extensions/v1beta1 - kind: Ingress - metadata: - name: {{ include "prometheus-operator.fullname" $ }}-alertmanager-{{ $i }} - namespace: {{ $.Release.Namespace }} - labels: - app: {{ include "prometheus-operator.name" $ }}-alertmanager -{{ include "prometheus-operator.labels" $ | indent 8 }} - {{- if $ingressValues.labels }} - {{ toYaml $ingressValues.labels | indent 8 }} - {{- end }} - {{- if $ingressValues.annotations }} - annotations: -{{ toYaml $ingressValues.annotations | indent 8 }} - {{- end }} - spec: - rules: - - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }} - http: - paths: - {{- range $p := $ingressValues.paths }} - - path: {{ tpl $p $ }} - backend: - serviceName: {{ include "prometheus-operator.fullname" $ }}-alertmanager-{{ $i }} - servicePort: {{ $servicePort }} - {{- end -}} - {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }} - tls: - - hosts: - - {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }} - {{- if $ingressValues.tlsSecretPerReplica.enabled }} - secretName: {{ $ingressValues.tlsSecretPerReplica.prefix }}-{{ $i }} - {{- else }} - secretName: {{ $ingressValues.tlsSecretName }} - {{- end }} - {{- end }} -{{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml deleted file mode 100644 index d9e4689168..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/podDisruptionBudget.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.podDisruptionBudget.enabled }} -apiVersion: policy/v1beta1 -kind: PodDisruptionBudget -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -spec: - {{- if .Values.alertmanager.podDisruptionBudget.minAvailable }} - minAvailable: {{ .Values.alertmanager.podDisruptionBudget.minAvailable }} - {{- end }} - {{- if .Values.alertmanager.podDisruptionBudget.maxUnavailable }} - maxUnavailable: {{ .Values.alertmanager.podDisruptionBudget.maxUnavailable }} - {{- end }} - selector: - matchLabels: - app: alertmanager - alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml deleted file mode 100644 index 4adb2a3ec4..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-role.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -rules: -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }} -- apiGroups: ['policy'] -{{- else }} -- apiGroups: ['extensions'] -{{- end }} - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "prometheus-operator.fullname" . }}-alertmanager -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml deleted file mode 100644 index 7e076c59f0..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp-rolebinding.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "prometheus-operator.fullname" . }}-alertmanager -subjects: - - kind: ServiceAccount - name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} - namespace: {{ .Values.namespace}} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml deleted file mode 100644 index 4132329e42..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/psp.yaml +++ /dev/null @@ -1,49 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -spec: - privileged: false - # Required to prevent escalations to root. - # allowPrivilegeEscalation: false - # This is redundant with non-root + disallow privilege escalation, - # but we can provide it for defense in depth. - #requiredDropCapabilities: - # - ALL - # Allow core volume types. - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - # Permits the container to run with root privileges as well. - rule: 'RunAsAny' - seLinux: - # This policy assumes the nodes are using AppArmor rather than SELinux. - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} - diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml deleted file mode 100644 index de64c3297a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/secret.yaml +++ /dev/null @@ -1,28 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if and (.Values.alertmanager.enabled) (not .Values.alertmanager.alertmanagerSpec.useExistingSecret) }} -apiVersion: v1 -kind: Secret -metadata: - name: alertmanager-{{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} -{{- if .Values.alertmanager.secret.annotations }} - annotations: -{{ toYaml .Values.alertmanager.secret.annotations | indent 4 }} -{{- end }} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -data: -{{- if .Values.alertmanager.tplConfig }} - alertmanager.yaml: {{ tpl (toYaml .Values.alertmanager.config) . | b64enc | quote }} -{{- else }} - alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }} -{{- end}} -{{- range $key, $val := .Values.alertmanager.templateFiles }} - {{ $key }}: {{ $val | b64enc | quote }} -{{- end }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml deleted file mode 100644 index adefd41e8a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/service.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if .Values.alertmanager.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager - self-monitor: {{ .Values.alertmanager.serviceMonitor.selfMonitor | quote }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.alertmanager.service.labels }} -{{ toYaml .Values.alertmanager.service.labels | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.service.annotations }} - annotations: -{{ toYaml .Values.alertmanager.service.annotations | indent 4 }} -{{- end }} -spec: -{{- if .Values.alertmanager.service.clusterIP }} - clusterIP: {{ .Values.alertmanager.service.clusterIP }} -{{- end }} -{{- if .Values.alertmanager.service.externalIPs }} - externalIPs: -{{ toYaml .Values.alertmanager.service.externalIPs | indent 4 }} -{{- end }} -{{- if .Values.alertmanager.service.loadBalancerIP }} - loadBalancerIP: {{ .Values.alertmanager.service.loadBalancerIP }} -{{- end }} -{{- if .Values.alertmanager.service.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := .Values.alertmanager.service.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} -{{- end }} - ports: - - name: {{ .Values.alertmanager.alertmanagerSpec.portName }} - {{- if eq .Values.alertmanager.service.type "NodePort" }} - nodePort: {{ .Values.alertmanager.service.nodePort }} - {{- end }} - port: {{ .Values.alertmanager.service.port }} - targetPort: {{ .Values.alertmanager.service.targetPort }} - protocol: TCP - selector: - app: alertmanager - alertmanager: {{ template "prometheus-operator.fullname" . }}-alertmanager - type: "{{ .Values.alertmanager.service.type }}" -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml deleted file mode 100644 index ceb7401c06..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "prometheus-operator.alertmanager.serviceAccountName" . }} - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -imagePullSecrets: -{{ toYaml .Values.global.imagePullSecrets | indent 2 }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml deleted file mode 100644 index e80e908f8e..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/servicemonitor.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.selfMonitor }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "prometheus-operator.fullname" . }}-alertmanager - namespace: {{ .Values.namespace}} - labels: - app: {{ template "prometheus-operator.name" . }}-alertmanager -{{ include "prometheus-operator.labels" . | indent 4 }} -spec: - selector: - matchLabels: - app: {{ template "prometheus-operator.name" . }}-alertmanager - self-monitor: "true" - namespaceSelector: - matchNames: - - {{ .Values.namespace| quote }} - endpoints: - - port: {{ .Values.alertmanager.alertmanagerSpec.portName }} - {{- if .Values.alertmanager.serviceMonitor.interval }} - interval: {{ .Values.alertmanager.serviceMonitor.interval }} - {{- end }} - path: "{{ trimSuffix "/" .Values.alertmanager.alertmanagerSpec.routePrefix }}/metrics" -{{- if .Values.alertmanager.serviceMonitor.metricRelabelings }} - metricRelabelings: -{{ tpl (toYaml .Values.alertmanager.serviceMonitor.metricRelabelings | indent 6) . }} -{{- end }} -{{- if .Values.alertmanager.serviceMonitor.relabelings }} - relabelings: -{{ toYaml .Values.alertmanager.serviceMonitor.relabelings | indent 6 }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml deleted file mode 100644 index 838d6a24be..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/alertmanager/serviceperreplica.yaml +++ /dev/null @@ -1,46 +0,0 @@ -{{- if and .Values.alertmanager.enabled .Values.alertmanager.servicePerReplica.enabled }} -{{- $count := .Values.alertmanager.alertmanagerSpec.replicas | int -}} -{{- $serviceValues := .Values.alertmanager.servicePerReplica -}} -apiVersion: v1 -kind: List -metadata: - name: {{ include "prometheus-operator.fullname" $ }}-alertmanager-serviceperreplica - namespace: {{ $.Release.Namespace }} -items: -{{- range $i, $e := until $count }} - - apiVersion: v1 - kind: Service - metadata: - name: {{ include "prometheus-operator.fullname" $ }}-alertmanager-{{ $i }} - namespace: {{ $.Release.Namespace }} - labels: - app: {{ include "prometheus-operator.name" $ }}-alertmanager -{{ include "prometheus-operator.labels" $ | indent 8 }} - {{- if $serviceValues.annotations }} - annotations: -{{ toYaml $serviceValues.annotations | indent 8 }} - {{- end }} - spec: - {{- if $serviceValues.clusterIP }} - clusterIP: {{ $serviceValues.clusterIP }} - {{- end }} - {{- if $serviceValues.loadBalancerSourceRanges }} - loadBalancerSourceRanges: - {{- range $cidr := $serviceValues.loadBalancerSourceRanges }} - - {{ $cidr }} - {{- end }} - {{- end }} - ports: - - name: {{ $.Values.alertmanager.alertmanagerSpec.portName }} - {{- if eq $serviceValues.type "NodePort" }} - nodePort: {{ $serviceValues.nodePort }} - {{- end }} - port: {{ $serviceValues.port }} - targetPort: {{ $serviceValues.targetPort }} - selector: - app: alertmanager - alertmanager: {{ template "prometheus-operator.fullname" $ }}-alertmanager - statefulset.kubernetes.io/pod-name: alertmanager-{{ include "prometheus-operator.fullname" $ }}-alertmanager-{{ $i }} - type: "{{ $serviceValues.type }}" -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml deleted file mode 100644 index a5c5ce7e6f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrole.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -kind: ClusterRole -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "prometheus-operator.fullname" . }}-operator-psp - labels: - app: {{ template "prometheus-operator.name" . }}-operator -{{ include "prometheus-operator.labels" . | indent 4 }} -rules: -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if semverCompare "> 1.15.0-0" $kubeTargetVersion }} -- apiGroups: ['policy'] -{{- else }} -- apiGroups: ['extensions'] -{{- end }} - resources: ['podsecuritypolicies'] - verbs: ['use'] - resourceNames: - - {{ template "prometheus-operator.fullname" . }}-operator -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml deleted file mode 100644 index 09c90e6454..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp-clusterrolebinding.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -kind: ClusterRoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: {{ template "prometheus-operator.fullname" . }}-operator-psp - labels: - app: {{ template "prometheus-operator.name" . }}-operator -{{ include "prometheus-operator.labels" . | indent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "prometheus-operator.fullname" . }}-operator-psp -subjects: - - kind: ServiceAccount - name: {{ template "prometheus-operator.operator.serviceAccountName" . }} - namespace: {{ .Values.namespace }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml deleted file mode 100644 index 28039550ca..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/operator/psp.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if and .Values.prometheusOperator.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - name: {{ template "prometheus-operator.fullname" . }}-operator - namespace: {{ .Values.namespace }} - labels: - app: {{ template "prometheus-operator.name" . }}-operator -{{ include "prometheus-operator.labels" . | indent 4 }} -spec: - privileged: false - # Required to prevent escalations to root. - # allowPrivilegeEscalation: false - # This is redundant with non-root + disallow privilege escalation, - # but we can provide it for defense in depth. - #requiredDropCapabilities: - # - ALL - # Allow core volume types. - volumes: - - 'configMap' - - 'emptyDir' - - 'projected' - - 'secret' - - 'downwardAPI' - - 'persistentVolumeClaim' - hostNetwork: false - hostIPC: false - hostPID: false - runAsUser: - # Permits the container to run with root privileges as well. - rule: 'RunAsAny' - seLinux: - # This policy assumes the nodes are using AppArmor rather than SELinux. - rule: 'RunAsAny' - supplementalGroups: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - fsGroup: - rule: 'MustRunAs' - ranges: - # Forbid adding the root group. - - min: 0 - max: 65535 - readOnlyRootFilesystem: false -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/_rules.tpl b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/_rules.tpl new file mode 100644 index 0000000000..e8baf98e47 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/_rules.tpl @@ -0,0 +1,36 @@ +{{- /* +Generated file. Do not change in-place! In order to change this file first read following link: +https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack/hack +*/ -}} +{{- define "rules.names" }} +rules: + - "alertmanager.rules" + - "config-reloaders" + - "etcd" + - "general.rules" + - "k8s.rules" + - "kube-apiserver-availability.rules" + - "kube-apiserver-burnrate.rules" + - "kube-apiserver-histogram.rules" + - "kube-apiserver-slos" + - "kube-prometheus-general.rules" + - "kube-prometheus-node-recording.rules" + - "kube-scheduler.rules" + - "kube-state-metrics" + - "kubelet.rules" + - "kubernetes-apps" + - "kubernetes-resources" + - "kubernetes-storage" + - "kubernetes-system" + - "kubernetes-system-kube-proxy" + - "kubernetes-system-apiserver" + - "kubernetes-system-kubelet" + - "kubernetes-system-controller-manager" + - "kubernetes-system-scheduler" + - "node-exporter.rules" + - "node-exporter" + - "node.rules" + - "node-network" + - "prometheus-operator" + - "prometheus" +{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml index b495f8ad19..21ec56691c 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalAlertmanagerConfigs.yaml @@ -12,5 +12,5 @@ metadata: app: {{ template "prometheus-operator.name" . }}-prometheus-am-confg {{ include "prometheus-operator.labels" . | indent 4 }} data: - additional-alertmanager-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs | b64enc | quote }} + additional-alertmanager-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs) . | b64enc | quote }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml index 957b23a104..ada53afa50 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalPrometheusRules.yaml @@ -1,6 +1,9 @@ {{- if or .Values.additionalPrometheusRules .Values.additionalPrometheusRulesMap}} apiVersion: v1 kind: List +metadata: + name: {{ include "prometheus-operator.fullname" $ }}-additional-prometheus-rules + namespace: {{ $.Release.Namespace }} items: {{- if .Values.additionalPrometheusRulesMap }} {{- range $prometheusRuleName, $prometheusRule := .Values.additionalPrometheusRulesMap }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml index c20966133e..5ef91e448f 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/additionalScrapeConfigs.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus-scrape-confg - namespace: monitoring + namespace: {{ template "prometheus-operator.namespace" . }} {{- if .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations }} annotations: {{ toYaml .Values.prometheus.prometheusSpec.additionalPrometheusSecretsAnnotations | indent 4 }} @@ -12,5 +12,9 @@ metadata: app: {{ template "prometheus-operator.name" . }}-prometheus-scrape-confg {{ include "prometheus-operator.labels" . | indent 4 }} data: - additional-scrape-configs.yaml: {{ toYaml .Values.prometheus.prometheusSpec.additionalScrapeConfigs | b64enc | quote }} +{{- if eq ( typeOf .Values.prometheus.prometheusSpec.additionalScrapeConfigs ) "string" }} + additional-scrape-configs.yaml: {{ tpl .Values.prometheus.prometheusSpec.additionalScrapeConfigs $ | b64enc | quote }} +{{- else }} + additional-scrape-configs.yaml: {{ tpl (toYaml .Values.prometheus.prometheusSpec.additionalScrapeConfigs) $ | b64enc | quote }} +{{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ciliumnetworkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ciliumnetworkpolicy.yaml new file mode 100644 index 0000000000..ef52e6bb7c --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ciliumnetworkpolicy.yaml @@ -0,0 +1,27 @@ +{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "cilium") }} +apiVersion: cilium.io/v2 +kind: CiliumNetworkPolicy +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus + {{- include "prometheus-operator.labels" . | nindent 4 }} +spec: + endpointSelector: + {{- if .Values.prometheus.networkPolicy.cilium.endpointSelector }} + {{- toYaml .Values.prometheus.networkPolicy.cilium.endpointSelector | nindent 4 }} + {{- else }} + matchExpressions: + - {key: app.kubernetes.io/name, operator: In, values: [prometheus]} + - {key: prometheus, operator: In, values: [{{ template "prometheus-operator.prometheus.crname" . }}]} + {{- end }} + {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.egress }} + egress: + {{ toYaml .Values.prometheus.networkPolicy.cilium.egress | nindent 4 }} + {{- end }} + {{- if and .Values.prometheus.networkPolicy.cilium .Values.prometheus.networkPolicy.cilium.ingress }} + ingress: + {{ toYaml .Values.prometheus.networkPolicy.cilium.ingress | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml index 4dc3dc183a..bd98192c21 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrole.yaml @@ -7,30 +7,24 @@ metadata: app: {{ template "prometheus-operator.name" . }}-prometheus {{ include "prometheus-operator.labels" . | indent 4 }} rules: -- apiGroups: - - "" - resources: - - nodes/metrics - verbs: - - get - - list - - watch -# This permission are not in the prometheus-operator repo +# This permission are not in the kube-prometheus repo # they're grabbed from https://github.com/prometheus/prometheus/blob/master/documentation/examples/rbac-setup.yml - apiGroups: [""] resources: - nodes - - nodes/proxy + - nodes/metrics - services - endpoints - pods verbs: ["get", "list", "watch"] - apiGroups: - - extensions - "networking.k8s.io" resources: - ingresses verbs: ["get", "list", "watch"] -- nonResourceURLs: ["/metrics"] +- nonResourceURLs: ["/metrics", "/metrics/cadvisor"] verbs: ["get"] +{{- if .Values.prometheus.additionalRulesForClusterRole }} +{{ toYaml .Values.prometheus.additionalRulesForClusterRole | indent 0 }} +{{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml index c373d15fa4..c319523308 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/clusterrolebinding.yaml @@ -13,6 +13,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/csi-secret.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/csi-secret.yaml new file mode 100644 index 0000000000..fb46763553 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/csi-secret.yaml @@ -0,0 +1,12 @@ +{{- if and .Values.prometheus.prometheusSpec.thanos .Values.prometheus.prometheusSpec.thanos.secretProviderClass }} +--- +apiVersion: secrets-store.csi.x-k8s.io/v1alpha1 +kind: SecretProviderClass +metadata: + name: {{ template "prometheus-operator.fullname" . }}-prometheus + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +spec: +{{ toYaml .Values.prometheus.prometheusSpec.thanos.secretProviderClass | indent 2 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/extrasecret.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/extrasecret.yaml new file mode 100644 index 0000000000..02f31ef3f4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/extrasecret.yaml @@ -0,0 +1,20 @@ +{{- if .Values.prometheus.extraSecret.data -}} +{{- $secretName := printf "prometheus-%s-extra" (include "prometheus-operator.fullname" . ) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ default $secretName .Values.prometheus.extraSecret.name }} + namespace: {{ $.Release.Namespace }} +{{- if .Values.prometheus.extraSecret.annotations }} + annotations: +{{ toYaml .Values.prometheus.extraSecret.annotations | indent 4 }} +{{- end }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus + app.kubernetes.io/component: prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +data: +{{- range $key, $val := .Values.prometheus.extraSecret.data }} + {{ $key }}: {{ $val | b64enc | quote }} +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml index 415dbff3d1..9ee81c62a9 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingress.yaml @@ -1,13 +1,12 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if and .Values.prometheus.enabled .Values.prometheus.ingress.enabled }} -{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} -{{- $servicePort := .Values.prometheus.service.port -}} -{{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix }} -{{- $paths := .Values.prometheus.ingress.paths | default $routePrefix -}} -apiVersion: extensions/v1beta1 +{{- if and .Values.prometheus.enabled .Values.prometheus.ingress.enabled -}} + {{- $pathType := .Values.prometheus.ingress.pathType | default "ImplementationSpecific" -}} + {{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" -}} + {{- $servicePort := .Values.prometheus.ingress.servicePort | default .Values.prometheus.service.port -}} + {{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix -}} + {{- $paths := .Values.prometheus.ingress.paths | default $routePrefix -}} + {{- $apiIsStable := eq (include "prometheus-operator.ingress.isStable" .) "true" -}} + {{- $ingressSupportsPathType := eq (include "prometheus-operator.ingress.supportsPathType" .) "true" -}} +apiVersion: {{ include "prometheus-operator.ingress.apiVersion" . }} kind: Ingress metadata: {{- if .Values.prometheus.ingress.annotations }} @@ -15,7 +14,7 @@ metadata: {{ toYaml .Values.prometheus.ingress.annotations | indent 4 }} {{- end }} name: {{ $serviceName }} - namespace: {{ .Values.namespace }} + namespace: {{ $.Release.Namespace }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus {{ include "prometheus-operator.labels" . | indent 4 }} @@ -23,6 +22,11 @@ metadata: {{ toYaml .Values.prometheus.ingress.labels | indent 4 }} {{- end }} spec: + {{- if $apiIsStable }} + {{- if .Values.prometheus.ingress.ingressClassName }} + ingressClassName: {{ .Values.prometheus.ingress.ingressClassName }} + {{- end }} + {{- end }} rules: {{- if .Values.prometheus.ingress.hosts }} {{- range $host := .Values.prometheus.ingress.hosts }} @@ -31,24 +35,43 @@ spec: paths: {{- range $p := $paths }} - path: {{ tpl $p $ }} + {{- if and $pathType $ingressSupportsPathType }} + pathType: {{ $pathType }} + {{- end }} backend: + {{- if $apiIsStable }} + service: + name: {{ $serviceName }} + port: + number: {{ $servicePort }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} - {{- end -}} + {{- end }} + {{- end -}} {{- end -}} {{- else }} - http: paths: {{- range $p := $paths }} - path: {{ tpl $p $ }} + {{- if and $pathType $ingressSupportsPathType }} + pathType: {{ $pathType }} + {{- end }} backend: + {{- if $apiIsStable }} + service: + name: {{ $serviceName }} + port: + number: {{ $servicePort }} + {{- else }} serviceName: {{ $serviceName }} servicePort: {{ $servicePort }} + {{- end }} {{- end -}} {{- end -}} {{- if .Values.prometheus.ingress.tls }} tls: -{{ toYaml .Values.prometheus.ingress.tls | indent 4 }} +{{ tpl (toYaml .Values.prometheus.ingress.tls | indent 4) . }} {{- end -}} {{- end -}} -{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressThanosSidecar.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressThanosSidecar.yaml new file mode 100644 index 0000000000..97fc3a9859 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressThanosSidecar.yaml @@ -0,0 +1,77 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.thanosIngress.enabled }} +{{- $pathType := .Values.prometheus.thanosIngress.pathType | default "" }} +{{- $serviceName := printf "%s-%s" (include "prometheus-operator.fullname" .) "thanos-discovery" }} +{{- $thanosPort := .Values.prometheus.thanosIngress.servicePort -}} +{{- $routePrefix := list .Values.prometheus.prometheusSpec.routePrefix }} +{{- $paths := .Values.prometheus.thanosIngress.paths | default $routePrefix -}} +{{- $apiIsStable := eq (include "prometheus-operator.ingress.isStable" .) "true" -}} +{{- $ingressSupportsPathType := eq (include "prometheus-operator.ingress.supportsPathType" .) "true" -}} +apiVersion: {{ include "prometheus-operator.ingress.apiVersion" . }} +kind: Ingress +metadata: +{{- if .Values.prometheus.thanosIngress.annotations }} + annotations: +{{ toYaml .Values.prometheus.thanosIngress.annotations | indent 4 }} +{{- end }} + name: {{ template "prometheus-operator.fullname" . }}-thanos-gateway + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheus.thanosIngress.labels }} +{{ toYaml .Values.prometheus.thanosIngress.labels | indent 4 }} +{{- end }} +spec: + {{- if $apiIsStable }} + {{- if .Values.prometheus.thanosIngress.ingressClassName }} + ingressClassName: {{ .Values.prometheus.thanosIngress.ingressClassName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.prometheus.thanosIngress.hosts }} + {{- range $host := .Values.prometheus.thanosIngress.hosts }} + - host: {{ tpl $host $ }} + http: + paths: + {{- range $p := $paths }} + - path: {{ tpl $p $ }} + {{- if and $pathType $ingressSupportsPathType }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if $apiIsStable }} + service: + name: {{ $serviceName }} + port: + number: {{ $thanosPort }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $thanosPort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- else }} + - http: + paths: + {{- range $p := $paths }} + - path: {{ tpl $p $ }} + {{- if and $pathType $ingressSupportsPathType }} + pathType: {{ $pathType }} + {{- end }} + backend: + {{- if $apiIsStable }} + service: + name: {{ $serviceName }} + port: + number: {{ $thanosPort }} + {{- else }} + serviceName: {{ $serviceName }} + servicePort: {{ $thanosPort }} + {{- end }} + {{- end -}} + {{- end -}} + {{- if .Values.prometheus.thanosIngress.tls }} + tls: +{{ tpl (toYaml .Values.prometheus.thanosIngress.tls | indent 4) . }} + {{- end -}} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml index 5f347a2e32..9a8ec8f099 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/ingressperreplica.yaml @@ -1,7 +1,10 @@ {{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled .Values.prometheus.ingressPerReplica.enabled }} +{{- $pathType := .Values.prometheus.ingressPerReplica.pathType | default "" }} {{- $count := .Values.prometheus.prometheusSpec.replicas | int -}} -{{- $servicePort := .Values.prometheus.service.port -}} +{{- $servicePort := .Values.prometheus.servicePerReplica.port -}} {{- $ingressValues := .Values.prometheus.ingressPerReplica -}} +{{- $apiIsStable := eq (include "prometheus-operator.ingress.isStable" .) "true" -}} +{{- $ingressSupportsPathType := eq (include "prometheus-operator.ingress.supportsPathType" .) "true" -}} apiVersion: v1 kind: List metadata: @@ -9,31 +12,46 @@ metadata: namespace: {{ $.Release.Namespace }} items: {{ range $i, $e := until $count }} - - apiVersion: extensions/v1beta1 - kind: Ingress + - kind: Ingress + apiVersion: {{ include "prometheus-operator.ingress.apiVersion" $ }} metadata: name: {{ include "prometheus-operator.fullname" $ }}-prometheus-{{ $i }} - namespace: {{ $.Release.Namespace }} + namespace: {{ template "prometheus-operator.namespace" $ }} labels: app: {{ include "prometheus-operator.name" $ }}-prometheus -{{ include "prometheus-operator.labels" $ | indent 8 }} + {{ include "prometheus-operator.labels" $ | indent 8 }} {{- if $ingressValues.labels }} - {{ toYaml $ingressValues.labels | indent 8 }} +{{ toYaml $ingressValues.labels | indent 8 }} {{- end }} {{- if $ingressValues.annotations }} annotations: {{ toYaml $ingressValues.annotations | indent 8 }} {{- end }} spec: + {{- if $apiIsStable }} + {{- if $ingressValues.ingressClassName }} + ingressClassName: {{ $ingressValues.ingressClassName }} + {{- end }} + {{- end }} rules: - host: {{ $ingressValues.hostPrefix }}-{{ $i }}.{{ $ingressValues.hostDomain }} http: paths: {{- range $p := $ingressValues.paths }} - path: {{ tpl $p $ }} + {{- if and $pathType $ingressSupportsPathType }} + pathType: {{ $pathType }} + {{- end }} backend: + {{- if $apiIsStable }} + service: + name: {{ include "prometheus-operator.fullname" $ }}-prometheus-{{ $i }} + port: + number: {{ $servicePort }} + {{- else }} serviceName: {{ include "prometheus-operator.fullname" $ }}-prometheus-{{ $i }} servicePort: {{ $servicePort }} + {{- end }} {{- end -}} {{- if or $ingressValues.tlsSecretName $ingressValues.tlsSecretPerReplica.enabled }} tls: diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/networkpolicy.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/networkpolicy.yaml new file mode 100644 index 0000000000..c7758b0ffb --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/networkpolicy.yaml @@ -0,0 +1,34 @@ +{{- if and .Values.prometheus.networkPolicy.enabled (eq .Values.prometheus.networkPolicy.flavor "kubernetes") }} +apiVersion: {{ template "prometheus-operator.prometheus.networkPolicy.apiVersion" . }} +kind: NetworkPolicy +metadata: + labels: + app: {{ template "prometheus-operator.name" . }}-prometheus + {{- include "prometheus-operator.labels" . | nindent 4 }} + name: {{ template "prometheus-operator.fullname" . }}-prometheus + namespace: {{ $.Release.Namespace }} +spec: + {{- if .Values.prometheus.networkPolicy.egress }} + egress: + {{- toYaml .Values.prometheus.networkPolicy.egress | nindent 4 }} + {{- end }} + {{- if .Values.prometheus.networkPolicy.ingress }} + ingress: + {{- toYaml .Values.prometheus.networkPolicy.ingress | nindent 4 }} + {{- end }} + policyTypes: + - Egress + - Ingress + podSelector: + {{- if .Values.prometheus.networkPolicy.podSelector }} + {{- toYaml .Values.prometheus.networkPolicy.podSelector | nindent 4 }} + {{- else }} + matchLabels: + {{- if .Values.prometheus.agentMode }} + app.kubernetes.io/name: prometheus-agent + {{- else }} + app.kubernetes.io/name: prometheus + {{- end }} + operator.prometheus.io/name: {{ template "prometheus-operator.prometheus.crname" . }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml index bc54ba87cd..b27b3d4c0a 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podDisruptionBudget.yaml @@ -3,7 +3,7 @@ apiVersion: policy/v1beta1 kind: PodDisruptionBudget metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus - namespace: {{ .Values.namespace }} + namespace: {{ $.Release.Namespace }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus {{ include "prometheus-operator.labels" . | indent 4 }} @@ -16,6 +16,10 @@ spec: {{- end }} selector: matchLabels: - app: prometheus - prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus + {{- if .Values.prometheus.agentMode }} + app.kubernetes.io/name: prometheus-agent + {{- else }} + app.kubernetes.io/name: prometheus + {{- end }} + operator.prometheus.io/name: {{ template "prometheus-operator.prometheus.crname" . }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml index 6d1a170208..ec5c5604db 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/podmonitors.yaml @@ -1,7 +1,3 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} {{- if and .Values.prometheus.enabled .Values.prometheus.additionalPodMonitors }} apiVersion: v1 kind: List @@ -11,7 +7,7 @@ items: kind: PodMonitor metadata: name: {{ .name }} - namespace: {{ .Values.namespace }} + namespace: {{ $.Release.Namespace }} labels: app: {{ template "prometheus-operator.name" $ }}-prometheus {{ include "prometheus-operator.labels" $ | indent 8 }} @@ -19,6 +15,7 @@ items: {{ toYaml .additionalLabels | indent 8 }} {{- end }} spec: + {{- include "servicemonitor.scrapeLimits" . | nindent 6 }} podMetricsEndpoints: {{ toYaml .podMetricsEndpoints | indent 8 }} {{- if .jobLabel }} @@ -39,4 +36,3 @@ items: {{- end }} {{- end }} {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml index 9829c620b0..d51414651c 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/prometheus.yaml @@ -1,13 +1,14 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} {{- if .Values.prometheus.enabled }} +{{- if .Values.prometheus.agentMode }} +apiVersion: monitoring.coreos.com/v1alpha1 +kind: PrometheusAgent +{{- else }} apiVersion: monitoring.coreos.com/v1 kind: Prometheus +{{- end }} metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus {{ include "prometheus-operator.labels" . | indent 4 }} @@ -16,35 +17,52 @@ metadata: {{ toYaml .Values.prometheus.annotations | indent 4 }} {{- end }} spec: +{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.alertingEndpoints .Values.alertmanager.enabled) }} alerting: alertmanagers: {{- if .Values.prometheus.prometheusSpec.alertingEndpoints }} {{ toYaml .Values.prometheus.prometheusSpec.alertingEndpoints | indent 6 }} {{- else if .Values.alertmanager.enabled }} - - namespace: {{ .Values.namespace }} + - namespace: {{ template "prometheus-operator.namespace" . }} name: {{ template "prometheus-operator.fullname" . }}-alertmanager port: {{ .Values.alertmanager.alertmanagerSpec.portName }} {{- if .Values.alertmanager.alertmanagerSpec.routePrefix }} pathPrefix: "{{ .Values.alertmanager.alertmanagerSpec.routePrefix }}" + {{- end }} + {{- if .Values.alertmanager.alertmanagerSpec.scheme }} + scheme: {{ .Values.alertmanager.alertmanagerSpec.scheme }} + {{- end }} + {{- if .Values.alertmanager.alertmanagerSpec.tlsConfig }} + tlsConfig: +{{ toYaml .Values.alertmanager.alertmanagerSpec.tlsConfig | indent 10 }} {{- end }} apiVersion: {{ .Values.alertmanager.apiVersion }} -{{- else }} - [] {{- end }} - additionalScrapeConfigs: - name: additional-scrape-configs - key: additional-scrape-configs.yaml +{{- end }} {{- if .Values.prometheus.prometheusSpec.apiserverConfig }} apiserverConfig: {{ toYaml .Values.prometheus.prometheusSpec.apiserverConfig | indent 4}} {{- end }} {{- if .Values.prometheus.prometheusSpec.image }} - baseImage: {{ .Values.prometheus.prometheusSpec.image.repository }} - version: {{ .Values.prometheus.prometheusSpec.image.tag }} -{{- end }} + {{- $registry := .Values.global.imageRegistry | default .Values.prometheus.prometheusSpec.image.registry -}} + {{- if and .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.image.sha }} + image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}" + {{- else if .Values.prometheus.prometheusSpec.image.sha }} + image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}@sha256:{{ .Values.prometheus.prometheusSpec.image.sha }}" + {{- else if .Values.prometheus.prometheusSpec.image.tag }} + image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}:{{ .Values.prometheus.prometheusSpec.image.tag }}" + {{- else }} + image: "{{ $registry }}/{{ .Values.prometheus.prometheusSpec.image.repository }}" + {{- end }} + version: {{ default .Values.prometheus.prometheusSpec.image.tag .Values.prometheus.prometheusSpec.version }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalArgs }} + additionalArgs: +{{ toYaml .Values.prometheus.prometheusSpec.additionalArgs | indent 4}} +{{- end -}} {{- if .Values.prometheus.prometheusSpec.externalLabels }} externalLabels: -{{ toYaml .Values.prometheus.prometheusSpec.externalLabels | indent 4}} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.externalLabels | indent 4) . }} {{- end }} {{- if .Values.prometheus.prometheusSpec.prometheusExternalLabelNameClear }} prometheusExternalLabelName: "" @@ -56,12 +74,15 @@ spec: {{- else if .Values.prometheus.prometheusSpec.replicaExternalLabelName }} replicaExternalLabelName: "{{ .Values.prometheus.prometheusSpec.replicaExternalLabelName }}" {{- end }} +{{- if .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }} + enableRemoteWriteReceiver: {{ .Values.prometheus.prometheusSpec.enableRemoteWriteReceiver }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.externalUrl }} - externalUrl: "{{ .Values.prometheus.prometheusSpec.externalUrl }}" + externalUrl: "{{ tpl .Values.prometheus.prometheusSpec.externalUrl . }}" {{- else if and .Values.prometheus.ingress.enabled .Values.prometheus.ingress.hosts }} - externalUrl: "http://{{ index .Values.prometheus.ingress.hosts 0 }}{{ .Values.prometheus.prometheusSpec.routePrefix }}" + externalUrl: "http://{{ tpl (index .Values.prometheus.ingress.hosts 0) . }}{{ .Values.prometheus.prometheusSpec.routePrefix }}" {{- else }} - externalUrl: http://{{ template "prometheus-operator.fullname" . }}-prometheus.{{ .Values.namespace }}:{{ .Values.prometheus.service.port }} + externalUrl: http://{{ template "prometheus-operator.fullname" . }}-prometheus.{{ template "prometheus-operator.namespace" . }}:{{ .Values.prometheus.service.port }} {{- end }} {{- if .Values.prometheus.prometheusSpec.nodeSelector }} nodeSelector: @@ -72,23 +93,46 @@ spec: logLevel: {{ .Values.prometheus.prometheusSpec.logLevel }} logFormat: {{ .Values.prometheus.prometheusSpec.logFormat }} listenLocal: {{ .Values.prometheus.prometheusSpec.listenLocal }} +{{- if not .Values.prometheus.agentMode }} enableAdminAPI: {{ .Values.prometheus.prometheusSpec.enableAdminAPI }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.web }} + web: +{{ toYaml .Values.prometheus.prometheusSpec.web | indent 4 }} +{{- end }} +{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.exemplars }} + exemplars: + {{ toYaml .Values.prometheus.prometheusSpec.exemplars | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enableFeatures }} + enableFeatures: +{{- range $enableFeatures := .Values.prometheus.prometheusSpec.enableFeatures }} + - {{ tpl $enableFeatures $ }} +{{- end }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.scrapeInterval }} scrapeInterval: {{ .Values.prometheus.prometheusSpec.scrapeInterval }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.evaluationInterval }} +{{- if .Values.prometheus.prometheusSpec.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.prometheusSpec.scrapeTimeout }} +{{- end }} +{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.evaluationInterval }} evaluationInterval: {{ .Values.prometheus.prometheusSpec.evaluationInterval }} {{- end }} {{- if .Values.prometheus.prometheusSpec.resources }} resources: {{ toYaml .Values.prometheus.prometheusSpec.resources | indent 4 }} {{- end }} +{{- if not .Values.prometheus.agentMode }} retention: {{ .Values.prometheus.prometheusSpec.retention | quote }} {{- if .Values.prometheus.prometheusSpec.retentionSize }} retentionSize: {{ .Values.prometheus.prometheusSpec.retentionSize | quote }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.walCompression }} - walCompression: {{ .Values.prometheus.prometheusSpec.walCompression }} +{{- end }} +{{- if eq .Values.prometheus.prometheusSpec.walCompression false }} + walCompression: false +{{ else }} + walCompression: true {{- end }} {{- if .Values.prometheus.prometheusSpec.routePrefix }} routePrefix: {{ .Values.prometheus.prometheusSpec.routePrefix | quote }} @@ -104,7 +148,7 @@ spec: serviceAccountName: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} {{- if .Values.prometheus.prometheusSpec.serviceMonitorSelector }} serviceMonitorSelector: -{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorSelector | indent 4) . }} {{ else if .Values.prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues }} serviceMonitorSelector: matchLabels: @@ -114,13 +158,13 @@ spec: {{- end }} {{- if .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector }} serviceMonitorNamespaceSelector: -{{ toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.serviceMonitorNamespaceSelector | indent 4) . }} {{ else }} serviceMonitorNamespaceSelector: {} {{- end }} {{- if .Values.prometheus.prometheusSpec.podMonitorSelector }} podMonitorSelector: -{{ toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorSelector | indent 4) . }} {{ else if .Values.prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues }} podMonitorSelector: matchLabels: @@ -130,47 +174,59 @@ spec: {{- end }} {{- if .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector }} podMonitorNamespaceSelector: -{{ toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMonitorNamespaceSelector | indent 4) . }} {{ else }} podMonitorNamespaceSelector: {} {{- end }} -{{- if .Values.prometheus.prometheusSpec.remoteRead }} +{{- if and (not .Values.prometheus.agentMode) (or .Values.prometheus.prometheusSpec.remoteRead .Values.prometheus.prometheusSpec.additionalRemoteRead) }} remoteRead: -{{ toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4 }} +{{- if .Values.prometheus.prometheusSpec.remoteRead }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteRead | indent 4) . }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.remoteWrite }} +{{- if .Values.prometheus.prometheusSpec.additionalRemoteRead }} +{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteRead | indent 4 }} +{{- end }} +{{- end }} +{{- if (or .Values.prometheus.prometheusSpec.remoteWrite .Values.prometheus.prometheusSpec.additionalRemoteWrite) }} remoteWrite: -{{ toYaml .Values.prometheus.prometheusSpec.remoteWrite | indent 4 }} +{{- if .Values.prometheus.prometheusSpec.remoteWrite }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.remoteWrite | indent 4) . }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalRemoteWrite }} +{{ toYaml .Values.prometheus.prometheusSpec.additionalRemoteWrite | indent 4 }} +{{- end }} {{- end }} {{- if .Values.prometheus.prometheusSpec.securityContext }} securityContext: {{ toYaml .Values.prometheus.prometheusSpec.securityContext | indent 4 }} {{- end }} +{{- if not .Values.prometheus.agentMode }} {{- if .Values.prometheus.prometheusSpec.ruleNamespaceSelector }} ruleNamespaceSelector: -{{ toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleNamespaceSelector | indent 4) . }} {{ else }} ruleNamespaceSelector: {} {{- end }} {{- if .Values.prometheus.prometheusSpec.ruleSelector }} ruleSelector: -{{ toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4}} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.ruleSelector | indent 4) . }} {{- else if .Values.prometheus.prometheusSpec.ruleSelectorNilUsesHelmValues }} ruleSelector: matchLabels: - app: {{ template "prometheus-operator.name" . }} + release: {{ $.Release.Name | quote }} {{ else }} ruleSelector: {} {{- end }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.storageSpec }} storage: -{{ toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.storageSpec | indent 4) . }} {{- end }} {{- if .Values.prometheus.prometheusSpec.podMetadata }} podMetadata: -{{ toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4 }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.podMetadata | indent 4) . }} {{- end }} -{{- if .Values.prometheus.prometheusSpec.query }} +{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.query }} query: {{ toYaml .Values.prometheus.prometheusSpec.query | indent 4}} {{- end }} @@ -184,9 +240,9 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: - topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }} labelSelector: - matchLabels: - app: prometheus - prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus + matchExpressions: + - {key: app.kubernetes.io/name, operator: In, values: [prometheus]} + - {key: prometheus, operator: In, values: [{{ template "prometheus-operator.prometheus.crname" . }}]} {{- else if eq .Values.prometheus.prometheusSpec.podAntiAffinity "soft" }} podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: @@ -194,34 +250,59 @@ spec: podAffinityTerm: topologyKey: {{ .Values.prometheus.prometheusSpec.podAntiAffinityTopologyKey }} labelSelector: - matchLabels: - app: prometheus - prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus + matchExpressions: + - {key: app.kubernetes.io/name, operator: In, values: [prometheus]} + - {key: prometheus, operator: In, values: [{{ template "prometheus-operator.prometheus.crname" . }}]} {{- end }} {{- end }} {{- if .Values.prometheus.prometheusSpec.tolerations }} tolerations: {{ toYaml .Values.prometheus.prometheusSpec.tolerations | indent 4 }} {{- end }} +{{- if .Values.prometheus.prometheusSpec.topologySpreadConstraints }} + topologySpreadConstraints: +{{ toYaml .Values.prometheus.prometheusSpec.topologySpreadConstraints | indent 4 }} +{{- end }} {{- if .Values.global.imagePullSecrets }} imagePullSecrets: -{{ toYaml .Values.global.imagePullSecrets | indent 4 }} +{{ include "prometheus-operator.imagePullSecrets" . | trim | indent 4 }} {{- end }} -{{- if or .Values.prometheus.prometheusSpec.additionalScrapeConfigs .Values.prometheus.prometheusSpec.additionalScrapeConfigsExternal }} +{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigs }} additionalScrapeConfigs: name: {{ template "prometheus-operator.fullname" . }}-prometheus-scrape-confg key: additional-scrape-configs.yaml {{- end }} -{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }} +{{- if .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.enabled }} + additionalScrapeConfigs: + name: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.name }} + key: {{ .Values.prometheus.prometheusSpec.additionalScrapeConfigsSecret.key }} +{{- end }} +{{- if not .Values.prometheus.agentMode }} +{{- if or .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }} additionalAlertManagerConfigs: +{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigs }} name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-confg key: additional-alertmanager-configs.yaml {{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret }} + name: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.name }} + key: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.key }} + {{- if hasKey .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret "optional" }} + optional: {{ .Values.prometheus.prometheusSpec.additionalAlertManagerConfigsSecret.optional }} + {{- end }} +{{- end }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigs }} additionalAlertRelabelConfigs: name: {{ template "prometheus-operator.fullname" . }}-prometheus-am-relabel-confg key: additional-alert-relabel-configs.yaml {{- end }} +{{- if .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret }} + additionalAlertRelabelConfigs: + name: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.name }} + key: {{ .Values.prometheus.prometheusSpec.additionalAlertRelabelConfigsSecret.key }} +{{- end }} +{{- end }} {{- if .Values.prometheus.prometheusSpec.containers }} containers: {{ toYaml .Values.prometheus.prometheusSpec.containers | indent 4 }} @@ -233,16 +314,91 @@ spec: {{- if .Values.prometheus.prometheusSpec.priorityClassName }} priorityClassName: {{ .Values.prometheus.prometheusSpec.priorityClassName }} {{- end }} +{{- if not .Values.prometheus.agentMode }} {{- if .Values.prometheus.prometheusSpec.thanos }} thanos: {{ toYaml .Values.prometheus.prometheusSpec.thanos | indent 4 }} {{- end }} {{- if .Values.prometheus.prometheusSpec.disableCompaction }} disableCompaction: {{ .Values.prometheus.prometheusSpec.disableCompaction }} +{{- end }} {{- end }} portName: {{ .Values.prometheus.prometheusSpec.portName }} +{{- if .Values.prometheus.prometheusSpec.volumes }} + volumes: +{{ toYaml .Values.prometheus.prometheusSpec.volumes | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.volumeMounts }} + volumeMounts: +{{ toYaml .Values.prometheus.prometheusSpec.volumeMounts | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs }} + arbitraryFSAccessThroughSMs: +{{ toYaml .Values.prometheus.prometheusSpec.arbitraryFSAccessThroughSMs | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.overrideHonorLabels }} + overrideHonorLabels: {{ .Values.prometheus.prometheusSpec.overrideHonorLabels }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.overrideHonorTimestamps }} + overrideHonorTimestamps: {{ .Values.prometheus.prometheusSpec.overrideHonorTimestamps }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }} + ignoreNamespaceSelectors: {{ .Values.prometheus.prometheusSpec.ignoreNamespaceSelectors }} {{- end }} {{- if .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} enforcedNamespaceLabel: {{ .Values.prometheus.prometheusSpec.enforcedNamespaceLabel }} +{{- $prometheusDefaultRulesExcludedFromEnforce := (include "rules.names" .) | fromYaml }} +{{- if not .Values.prometheus.agentMode }} + prometheusRulesExcludedFromEnforce: +{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }} + - ruleNamespace: "{{ template "prometheus-operator.namespace" $ }}" + ruleName: "{{ printf "%s-%s" (include "prometheus-operator.fullname" $) . | trunc 63 | trimSuffix "-" }}" +{{- end }} +{{- if .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce }} +{{ toYaml .Values.prometheus.prometheusSpec.prometheusRulesExcludedFromEnforce | indent 4 }} +{{- end }} +{{- end }} + excludedFromEnforcement: +{{- range $prometheusDefaultRulesExcludedFromEnforce.rules }} + - group: monitoring.coreos.com + resource: prometheusrules + namespace: "{{ template "prometheus-operator.namespace" $ }}" + name: "{{ printf "%s-%s" (include "prometheus-operator.fullname" $) . | trunc 63 | trimSuffix "-" }}" +{{- end }} +{{- if .Values.prometheus.prometheusSpec.excludedFromEnforcement }} +{{ tpl (toYaml .Values.prometheus.prometheusSpec.excludedFromEnforcement | indent 4) . }} +{{- end }} +{{- end }} +{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.queryLogFile }} + queryLogFile: {{ .Values.prometheus.prometheusSpec.queryLogFile }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enforcedSampleLimit }} + enforcedSampleLimit: {{ .Values.prometheus.prometheusSpec.enforcedSampleLimit }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enforcedTargetLimit }} + enforcedTargetLimit: {{ .Values.prometheus.prometheusSpec.enforcedTargetLimit }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enforcedLabelLimit }} + enforcedLabelLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelLimit }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit }} + enforcedLabelNameLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelNameLengthLimit }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit}} + enforcedLabelValueLengthLimit: {{ .Values.prometheus.prometheusSpec.enforcedLabelValueLengthLimit }} +{{- end }} +{{- if and (not .Values.prometheus.agentMode) .Values.prometheus.prometheusSpec.allowOverlappingBlocks }} + allowOverlappingBlocks: {{ .Values.prometheus.prometheusSpec.allowOverlappingBlocks }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.minReadySeconds }} + minReadySeconds: {{ .Values.prometheus.prometheusSpec.minReadySeconds }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.hostAliases }} + hostAliases: +{{ toYaml .Values.prometheus.prometheusSpec.hostAliases | indent 4 }} +{{- end }} +{{- if .Values.prometheus.prometheusSpec.tracingConfig }} + tracingConfig: +{{ toYaml .Values.prometheus.prometheusSpec.tracingConfig | indent 4 }} {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml index d5523d662c..023992618e 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrole.yaml @@ -1,4 +1,5 @@ {{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: @@ -18,3 +19,4 @@ rules: resourceNames: - {{ template "prometheus-operator.fullname" . }}-prometheus {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml index 7a9b5a8172..f19c4b626a 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp-clusterrolebinding.yaml @@ -1,4 +1,5 @@ {{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -13,6 +14,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} +{{- end }} {{- end }} - diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml index 0843ad4b6b..911afb43e7 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/psp.yaml @@ -1,20 +1,18 @@ {{- if and .Values.prometheus.enabled .Values.global.rbac.create .Values.global.rbac.pspEnabled }} +{{- if .Capabilities.APIVersions.Has "policy/v1beta1/PodSecurityPolicy" }} apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus - namespace: {{ .Values.namespace }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus +{{- if .Values.global.rbac.pspAnnotations }} + annotations: +{{ toYaml .Values.global.rbac.pspAnnotations | indent 4 }} +{{- end }} {{ include "prometheus-operator.labels" . | indent 4 }} spec: privileged: false - # Required to prevent escalations to root. - # allowPrivilegeEscalation: false - # This is redundant with non-root + disallow privilege escalation, - # but we can provide it for defense in depth. - #requiredDropCapabilities: - # - ALL # Allow core volume types. volumes: - 'configMap' @@ -23,6 +21,9 @@ spec: - 'secret' - 'downwardAPI' - 'persistentVolumeClaim' +{{- if .Values.prometheus.podSecurityPolicy.volumes }} +{{ toYaml .Values.prometheus.podSecurityPolicy.volumes | indent 4 }} +{{- end }} hostNetwork: false hostIPC: false hostPID: false @@ -35,13 +36,13 @@ spec: supplementalGroups: rule: 'MustRunAs' ranges: - # Forbid adding the root group. + # Allow adding the root group. - min: 0 max: 65535 fsGroup: rule: 'MustRunAs' ranges: - # Forbid adding the root group. + # Allow adding the root group. - min: 0 max: 65535 readOnlyRootFilesystem: false @@ -49,4 +50,9 @@ spec: allowedCapabilities: {{ toYaml .Values.prometheus.podSecurityPolicy.allowedCapabilities | indent 4 }} {{- end }} +{{- if .Values.prometheus.podSecurityPolicy.allowedHostPaths }} + allowedHostPaths: +{{ toYaml .Values.prometheus.podSecurityPolicy.allowedHostPaths | indent 4 }} +{{- end }} +{{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml deleted file mode 100644 index 5444023970..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/alertmanager.rules.yaml +++ /dev/null @@ -1,54 +0,0 @@ -{{- /* -Generated from 'alertmanager.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.alertmanager }} -{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} -{{- $alertmanagerJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} -{{- $namespace := printf "%s" (include "prometheus-operator.namespace" .) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: alertmanager.rules - rules: - - alert: AlertmanagerConfigInconsistent - annotations: - message: The configuration of the instances of the Alertmanager cluster `{{`{{`}}$labels.service{{`}}`}}` are out of sync. - expr: count_values("config_hash", alertmanager_config_hash{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}) BY (service) / ON(service) GROUP_LEFT() label_replace(max(prometheus_operator_spec_replicas{job="{{ $operatorJob }}",namespace="{{ $namespace }}",controller="alertmanager"}) by (name, job, namespace, controller), "service", "$1", "name", "(.*)") != 1 - for: 5m - labels: - severity: critical - - alert: AlertmanagerFailedReload - annotations: - message: Reloading Alertmanager's configuration has failed for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}}. - expr: alertmanager_config_last_reload_successful{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} == 0 - for: 10m - labels: - severity: warning - - alert: AlertmanagerMembersInconsistent - annotations: - message: Alertmanager has not found all other members of the cluster. - expr: |- - alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} - != on (service) GROUP_LEFT() - count by (service) (alertmanager_cluster_members{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"}) - for: 5m - labels: - severity: critical -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml deleted file mode 100644 index 6abda2d31b..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/etcd.yaml +++ /dev/null @@ -1,155 +0,0 @@ -{{- /* -Generated from 'etcd' group from https://raw.githubusercontent.com/etcd-io/etcd/master/Documentation/op-guide/etcd3_alert.rules.yml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeEtcd.enabled .Values.defaultRules.rules.etcd }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "etcd" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: etcd - rules: - - alert: etcdMembersDown - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": members are down ({{`{{`}} $value {{`}}`}}).' - expr: |- - max by (job) ( - sum by (job) (up{job=~".*etcd.*"} == bool 0) - or - count by (job,endpoint) ( - sum by (job,endpoint,To) (rate(etcd_network_peer_sent_failures_total{job=~".*etcd.*"}[3m])) > 0.01 - ) - ) - > 0 - for: 3m - labels: - severity: critical - - alert: etcdInsufficientMembers - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": insufficient members ({{`{{`}} $value {{`}}`}}).' - expr: sum(up{job=~".*etcd.*"} == bool 1) by (job) < ((count(up{job=~".*etcd.*"}) by (job) + 1) / 2) - for: 3m - labels: - severity: critical - - alert: etcdNoLeader - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member {{`{{`}} $labels.instance {{`}}`}} has no leader.' - expr: etcd_server_has_leader{job=~".*etcd.*"} == 0 - for: 1m - labels: - severity: critical - - alert: etcdHighNumberOfLeaderChanges - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} leader changes within the last 15 minutes. Frequent elections may be a sign of insufficient resources, high network latency, or disruptions by other components and should be investigated.' - expr: increase((max by (job) (etcd_server_leader_changes_seen_total{job=~".*etcd.*"}) or 0*absent(etcd_server_leader_changes_seen_total{job=~".*etcd.*"}))[15m:1m]) >= 3 - for: 5m - labels: - severity: warning - - alert: etcdHighNumberOfFailedGRPCRequests - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code!="OK"}[5m])) BY (job, instance, grpc_service, grpc_method) - / - sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) BY (job, instance, grpc_service, grpc_method) - > 1 - for: 10m - labels: - severity: warning - - alert: etcdHighNumberOfFailedGRPCRequests - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.grpc_method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - 100 * sum(rate(grpc_server_handled_total{job=~".*etcd.*", grpc_code!="OK"}[5m])) BY (job, instance, grpc_service, grpc_method) - / - sum(rate(grpc_server_handled_total{job=~".*etcd.*"}[5m])) BY (job, instance, grpc_service, grpc_method) - > 5 - for: 5m - labels: - severity: critical - - alert: etcdGRPCRequestsSlow - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": gRPC requests to {{`{{`}} $labels.grpc_method {{`}}`}} are taking {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - histogram_quantile(0.99, sum(rate(grpc_server_handling_seconds_bucket{job=~".*etcd.*", grpc_type="unary"}[5m])) by (job, instance, grpc_service, grpc_method, le)) - > 0.15 - for: 10m - labels: - severity: critical - - alert: etcdMemberCommunicationSlow - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": member communication with {{`{{`}} $labels.To {{`}}`}} is taking {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - histogram_quantile(0.99, rate(etcd_network_peer_round_trip_time_seconds_bucket{job=~".*etcd.*"}[5m])) - > 0.15 - for: 10m - labels: - severity: warning - - alert: etcdHighNumberOfFailedProposals - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": {{`{{`}} $value {{`}}`}} proposal failures within the last 30 minutes on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: rate(etcd_server_proposals_failed_total{job=~".*etcd.*"}[15m]) > 5 - for: 15m - labels: - severity: warning - - alert: etcdHighFsyncDurations - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile fync durations are {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - histogram_quantile(0.99, rate(etcd_disk_wal_fsync_duration_seconds_bucket{job=~".*etcd.*"}[5m])) - > 0.5 - for: 10m - labels: - severity: warning - - alert: etcdHighCommitDurations - annotations: - message: 'etcd cluster "{{`{{`}} $labels.job {{`}}`}}": 99th percentile commit durations {{`{{`}} $value {{`}}`}}s on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - histogram_quantile(0.99, rate(etcd_disk_backend_commit_duration_seconds_bucket{job=~".*etcd.*"}[5m])) - > 0.25 - for: 10m - labels: - severity: warning - - alert: etcdHighNumberOfFailedHTTPRequests - annotations: - message: '{{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}' - expr: |- - sum(rate(etcd_http_failed_total{job=~".*etcd.*", code!="404"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job=~".*etcd.*"}[5m])) - BY (method) > 0.01 - for: 10m - labels: - severity: warning - - alert: etcdHighNumberOfFailedHTTPRequests - annotations: - message: '{{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.method {{`}}`}} failed on etcd instance {{`{{`}} $labels.instance {{`}}`}}.' - expr: |- - sum(rate(etcd_http_failed_total{job=~".*etcd.*", code!="404"}[5m])) BY (method) / sum(rate(etcd_http_received_total{job=~".*etcd.*"}[5m])) - BY (method) > 0.05 - for: 10m - labels: - severity: critical - - alert: etcdHTTPRequestsSlow - annotations: - message: etcd instance {{`{{`}} $labels.instance {{`}}`}} HTTP requests to {{`{{`}} $labels.method {{`}}`}} are slow. - expr: |- - histogram_quantile(0.99, rate(etcd_http_successful_duration_seconds_bucket[5m])) - > 0.15 - for: 10m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml deleted file mode 100644 index d220cb3898..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/general.rules.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- /* -Generated from 'general.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.general }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "general.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: general.rules - rules: - - alert: TargetDown - annotations: - message: '{{`{{`}} $value {{`}}`}}% of the {{`{{`}} $labels.job {{`}}`}} targets are down.' - expr: 100 * (count(up == 0) BY (job) / count(up) BY (job)) > 10 - for: 10m - labels: - severity: warning - - alert: Watchdog - annotations: - message: 'This is an alert meant to ensure that the entire alerting pipeline is functional. - - This alert is always firing, therefore it should always be firing in Alertmanager - - and always fire against a receiver. There are integrations with various notification - - mechanisms that send a notification when this alert is not firing. For example the - - "DeadMansSnitch" integration in PagerDuty. - - ' - expr: vector(1) - labels: - severity: none -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml deleted file mode 100644 index 71c75fcc4f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/k8s.rules.yaml +++ /dev/null @@ -1,83 +0,0 @@ -{{- /* -Generated from 'k8s.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.k8s }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "k8s.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: k8s.rules - rules: - - expr: sum(rate(container_cpu_usage_seconds_total{job="kubelet", image!="", container_name!=""}[5m])) by (namespace) - record: namespace:container_cpu_usage_seconds_total:sum_rate - - expr: sum(container_memory_usage_bytes{job="kubelet", image!="", container_name!=""}) by (namespace) - record: namespace:container_memory_usage_bytes:sum - - expr: |- - sum by (namespace, pod_name, container_name) ( - rate(container_cpu_usage_seconds_total{job="kubelet", image!="", container_name!=""}[5m]) - ) - record: namespace_pod_name_container_name:container_cpu_usage_seconds_total:sum_rate - - expr: |- - sum by(namespace) ( - kube_pod_container_resource_requests_memory_bytes{job="kube-state-metrics"} - * on (endpoint, instance, job, namespace, pod, service) - group_left(phase) (kube_pod_status_phase{phase=~"^(Pending|Running)$"} == 1) - ) - record: namespace_name:kube_pod_container_resource_requests_memory_bytes:sum - - expr: |- - sum by (namespace) ( - kube_pod_container_resource_requests_cpu_cores{job="kube-state-metrics"} - * on (endpoint, instance, job, namespace, pod, service) - group_left(phase) (kube_pod_status_phase{phase=~"^(Pending|Running)$"} == 1) - ) - record: namespace_name:kube_pod_container_resource_requests_cpu_cores:sum - - expr: |- - sum( - label_replace( - label_replace( - kube_pod_owner{job="kube-state-metrics", owner_kind="ReplicaSet"}, - "replicaset", "$1", "owner_name", "(.*)" - ) * on(replicaset, namespace) group_left(owner_name) kube_replicaset_owner{job="kube-state-metrics"}, - "workload", "$1", "owner_name", "(.*)" - ) - ) by (namespace, workload, pod) - labels: - workload_type: deployment - record: mixin_pod_workload - - expr: |- - sum( - label_replace( - kube_pod_owner{job="kube-state-metrics", owner_kind="DaemonSet"}, - "workload", "$1", "owner_name", "(.*)" - ) - ) by (namespace, workload, pod) - labels: - workload_type: daemonset - record: mixin_pod_workload - - expr: |- - sum( - label_replace( - kube_pod_owner{job="kube-state-metrics", owner_kind="StatefulSet"}, - "workload", "$1", "owner_name", "(.*)" - ) - ) by (namespace, workload, pod) - labels: - workload_type: statefulset - record: mixin_pod_workload -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml deleted file mode 100644 index 5e565317b9..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-apiserver.rules.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- /* -Generated from 'kube-apiserver.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeApiServer.enabled .Values.defaultRules.rules.kubeApiserver }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-apiserver.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kube-apiserver.rules - rules: - - expr: histogram_quantile(0.99, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.99' - record: cluster_quantile:apiserver_request_latencies:histogram_quantile - - expr: histogram_quantile(0.9, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.9' - record: cluster_quantile:apiserver_request_latencies:histogram_quantile - - expr: histogram_quantile(0.5, sum(rate(apiserver_request_latencies_bucket{job="apiserver"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.5' - record: cluster_quantile:apiserver_request_latencies:histogram_quantile -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml deleted file mode 100644 index 09a7c754ae..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-alerting.rules.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- /* -Generated from 'kube-prometheus-node-alerting.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeAlerting }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-prometheus-node-alerting.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kube-prometheus-node-alerting.rules - rules: - - alert: NodeDiskRunningFull - annotations: - message: Device {{`{{`}} $labels.device {{`}}`}} of node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} will be full within the next 24 hours. - expr: '(node:node_filesystem_usage: > 0.85) and (predict_linear(node:node_filesystem_avail:[6h], 3600 * 24) < 0)' - for: 30m - labels: - severity: warning - - alert: NodeDiskRunningFull - annotations: - message: Device {{`{{`}} $labels.device {{`}}`}} of node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} will be full within the next 2 hours. - expr: '(node:node_filesystem_usage: > 0.85) and (predict_linear(node:node_filesystem_avail:[30m], 3600 * 2) < 0)' - for: 10m - labels: - severity: critical -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml deleted file mode 100644 index fc0f48305f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-prometheus-node-recording.rules.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- /* -Generated from 'kube-prometheus-node-recording.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubePrometheusNodeRecording }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-prometheus-node-recording.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kube-prometheus-node-recording.rules - rules: - - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[3m])) BY (instance) - record: instance:node_cpu:rate:sum - - expr: sum((node_filesystem_size_bytes{mountpoint="/"} - node_filesystem_free_bytes{mountpoint="/"})) BY (instance) - record: instance:node_filesystem_usage:sum - - expr: sum(rate(node_network_receive_bytes_total[3m])) BY (instance) - record: instance:node_network_receive_bytes:rate:sum - - expr: sum(rate(node_network_transmit_bytes_total[3m])) BY (instance) - record: instance:node_network_transmit_bytes:rate:sum - - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[5m])) WITHOUT (cpu, mode) / ON(instance) GROUP_LEFT() count(sum(node_cpu_seconds_total) BY (instance, cpu)) BY (instance) - record: instance:node_cpu:ratio - - expr: sum(rate(node_cpu_seconds_total{mode!="idle",mode!="iowait"}[5m])) - record: cluster:node_cpu:sum_rate5m - - expr: cluster:node_cpu_seconds_total:rate5m / count(sum(node_cpu_seconds_total) BY (instance, cpu)) - record: cluster:node_cpu:ratio -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml deleted file mode 100644 index 3861fa6398..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kube-scheduler.rules.yaml +++ /dev/null @@ -1,63 +0,0 @@ -{{- /* -Generated from 'kube-scheduler.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeScheduler.enabled .Values.defaultRules.rules.kubeScheduler }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kube-scheduler.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kube-scheduler.rules - rules: - - expr: histogram_quantile(0.99, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.99' - record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile - - expr: histogram_quantile(0.99, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.99' - record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile - - expr: histogram_quantile(0.99, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.99' - record: cluster_quantile:scheduler_binding_latency:histogram_quantile - - expr: histogram_quantile(0.9, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.9' - record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile - - expr: histogram_quantile(0.9, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.9' - record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile - - expr: histogram_quantile(0.9, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.9' - record: cluster_quantile:scheduler_binding_latency:histogram_quantile - - expr: histogram_quantile(0.5, sum(rate(scheduler_e2e_scheduling_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.5' - record: cluster_quantile:scheduler_e2e_scheduling_latency:histogram_quantile - - expr: histogram_quantile(0.5, sum(rate(scheduler_scheduling_algorithm_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.5' - record: cluster_quantile:scheduler_scheduling_algorithm_latency:histogram_quantile - - expr: histogram_quantile(0.5, sum(rate(scheduler_binding_latency_microseconds_bucket{job="kube-scheduler"}[5m])) without(instance, pod)) / 1e+06 - labels: - quantile: '0.5' - record: cluster_quantile:scheduler_binding_latency:histogram_quantile -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml deleted file mode 100644 index 7391f16ba3..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-absent.yaml +++ /dev/null @@ -1,129 +0,0 @@ -{{- /* -Generated from 'kubernetes-absent' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesAbsent }} -{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} -{{- $prometheusJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} -{{- $alertmanagerJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "alertmanager" }} -{{- $namespace := printf "%s" (include "prometheus-operator.namespace" .) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-absent" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kubernetes-absent - rules: -{{- if .Values.alertmanager.enabled }} - - alert: AlertmanagerDown - annotations: - message: Alertmanager has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-alertmanagerdown - expr: absent(up{job="{{ $alertmanagerJob }}",namespace="{{ $namespace }}"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.kubeDns.enabled }} - - alert: CoreDNSDown - annotations: - message: CoreDNS has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-corednsdown - expr: absent(up{job="kube-dns"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.kubeApiServer.enabled }} - - alert: KubeAPIDown - annotations: - message: KubeAPI has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapidown - expr: absent(up{job="apiserver"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.kubeControllerManager.enabled }} - - alert: KubeControllerManagerDown - annotations: - message: KubeControllerManager has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubecontrollermanagerdown - expr: absent(up{job="kube-controller-manager"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.kubeScheduler.enabled }} - - alert: KubeSchedulerDown - annotations: - message: KubeScheduler has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeschedulerdown - expr: absent(up{job="kube-scheduler"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.kubeStateMetrics.enabled }} - - alert: KubeStateMetricsDown - annotations: - message: KubeStateMetrics has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubestatemetricsdown - expr: absent(up{job="kube-state-metrics"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.prometheusOperator.kubeletService.enabled }} - - alert: KubeletDown - annotations: - message: Kubelet has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeletdown - expr: absent(up{job="kubelet"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- if .Values.nodeExporter.enabled }} - - alert: NodeExporterDown - annotations: - message: NodeExporter has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-nodeexporterdown - expr: absent(up{job="node-exporter"} == 1) - for: 15m - labels: - severity: critical -{{- end }} - - alert: PrometheusDown - annotations: - message: Prometheus has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-prometheusdown - expr: absent(up{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} == 1) - for: 15m - labels: - severity: critical -{{- if .Values.prometheusOperator.enabled }} - - alert: PrometheusOperatorDown - annotations: - message: PrometheusOperator has disappeared from Prometheus target discovery. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-prometheusoperatordown - expr: absent(up{job="{{ $operatorJob }}",namespace="{{ $namespace }}"} == 1) - for: 15m - labels: - severity: critical -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml deleted file mode 100644 index fa82f0811f..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-apps.yaml +++ /dev/null @@ -1,161 +0,0 @@ -{{- /* -Generated from 'kubernetes-apps' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.kubeStateMetrics.enabled .Values.defaultRules.rules.kubernetesApps }} -{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-apps" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kubernetes-apps - rules: - - alert: KubePodCrashLooping - annotations: - message: Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} ({{`{{`}} $labels.container {{`}}`}}) is restarting {{`{{`}} printf "%.2f" $value {{`}}`}} times / 5 minutes. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepodcrashlooping - expr: rate(kube_pod_container_status_restarts_total{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"}[15m]) * 60 * 5 > 0 - for: 1h - labels: - severity: critical - - alert: KubePodNotReady - annotations: - message: Pod {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}} has been in a non-ready state for longer than an hour. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepodnotready - expr: sum by (namespace, pod) (kube_pod_status_phase{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}", phase=~"Pending|Unknown"}) > 0 - for: 1h - labels: - severity: critical - - alert: KubeDeploymentGenerationMismatch - annotations: - message: Deployment generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} does not match, this indicates that the Deployment has failed but has not been rolled back. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubedeploymentgenerationmismatch - expr: |- - kube_deployment_status_observed_generation{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - != - kube_deployment_metadata_generation{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - for: 15m - labels: - severity: critical - - alert: KubeDeploymentReplicasMismatch - annotations: - message: Deployment {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.deployment {{`}}`}} has not matched the expected number of replicas for longer than an hour. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubedeploymentreplicasmismatch - expr: |- - kube_deployment_spec_replicas{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - != - kube_deployment_status_replicas_available{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - for: 1h - labels: - severity: critical - - alert: KubeStatefulSetReplicasMismatch - annotations: - message: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} has not matched the expected number of replicas for longer than 15 minutes. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubestatefulsetreplicasmismatch - expr: |- - kube_statefulset_status_replicas_ready{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - != - kube_statefulset_status_replicas{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - for: 15m - labels: - severity: critical - - alert: KubeStatefulSetGenerationMismatch - annotations: - message: StatefulSet generation for {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} does not match, this indicates that the StatefulSet has failed but has not been rolled back. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubestatefulsetgenerationmismatch - expr: |- - kube_statefulset_status_observed_generation{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - != - kube_statefulset_metadata_generation{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - for: 15m - labels: - severity: critical - - alert: KubeStatefulSetUpdateNotRolledOut - annotations: - message: StatefulSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.statefulset {{`}}`}} update has not been rolled out. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubestatefulsetupdatenotrolledout - expr: |- - max without (revision) ( - kube_statefulset_status_current_revision{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - unless - kube_statefulset_status_update_revision{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - ) - * - ( - kube_statefulset_replicas{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - != - kube_statefulset_status_replicas_updated{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - ) - for: 15m - labels: - severity: critical - - alert: KubeDaemonSetRolloutStuck - annotations: - message: Only {{`{{`}} $value {{`}}`}}% of the desired Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are scheduled and ready. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubedaemonsetrolloutstuck - expr: |- - kube_daemonset_status_number_ready{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - / - kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} * 100 < 100 - for: 15m - labels: - severity: critical - - alert: KubeDaemonSetNotScheduled - annotations: - message: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are not scheduled.' - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubedaemonsetnotscheduled - expr: |- - kube_daemonset_status_desired_number_scheduled{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - - - kube_daemonset_status_current_number_scheduled{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} > 0 - for: 10m - labels: - severity: warning - - alert: KubeDaemonSetMisScheduled - annotations: - message: '{{`{{`}} $value {{`}}`}} Pods of DaemonSet {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.daemonset {{`}}`}} are running where they are not supposed to run.' - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubedaemonsetmisscheduled - expr: kube_daemonset_status_number_misscheduled{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} > 0 - for: 10m - labels: - severity: warning - - alert: KubeCronJobRunning - annotations: - message: CronJob {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.cronjob {{`}}`}} is taking more than 1h to complete. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubecronjobrunning - expr: time() - kube_cronjob_next_schedule_time{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} > 3600 - for: 1h - labels: - severity: warning - - alert: KubeJobCompletion - annotations: - message: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} is taking more than one hour to complete. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubejobcompletion - expr: kube_job_spec_completions{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} - kube_job_status_succeeded{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} > 0 - for: 1h - labels: - severity: warning - - alert: KubeJobFailed - annotations: - message: Job {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.job_name {{`}}`}} failed to complete. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubejobfailed - expr: kube_job_status_failed{job="kube-state-metrics", namespace=~"{{ $targetNamespace }}"} > 0 - for: 1h - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml deleted file mode 100644 index ee51ebd072..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-resources.yaml +++ /dev/null @@ -1,103 +0,0 @@ -{{- /* -Generated from 'kubernetes-resources' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesResources }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-resources" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kubernetes-resources - rules: - - alert: KubeCPUOvercommit - annotations: - message: Cluster has overcommitted CPU resource requests for Pods and cannot tolerate node failure. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubecpuovercommit - expr: |- - sum(namespace_name:kube_pod_container_resource_requests_cpu_cores:sum) - / - sum(node:node_num_cpu:sum) - > - (count(node:node_num_cpu:sum)-1) / count(node:node_num_cpu:sum) - for: 5m - labels: - severity: warning - - alert: KubeMemOvercommit - annotations: - message: Cluster has overcommitted memory resource requests for Pods and cannot tolerate node failure. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubememovercommit - expr: |- - sum(namespace_name:kube_pod_container_resource_requests_memory_bytes:sum) - / - sum(node_memory_MemTotal_bytes) - > - (count(node:node_num_cpu:sum)-1) - / - count(node:node_num_cpu:sum) - for: 5m - labels: - severity: warning - - alert: KubeCPUOvercommit - annotations: - message: Cluster has overcommitted CPU resource requests for Namespaces. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubecpuovercommit - expr: |- - sum(kube_resourcequota{job="kube-state-metrics", type="hard", resource="cpu"}) - / - sum(node:node_num_cpu:sum) - > 1.5 - for: 5m - labels: - severity: warning - - alert: KubeMemOvercommit - annotations: - message: Cluster has overcommitted memory resource requests for Namespaces. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubememovercommit - expr: |- - sum(kube_resourcequota{job="kube-state-metrics", type="hard", resource="memory"}) - / - sum(node_memory_MemTotal_bytes{job="node-exporter"}) - > 1.5 - for: 5m - labels: - severity: warning - - alert: KubeQuotaExceeded - annotations: - message: Namespace {{`{{`}} $labels.namespace {{`}}`}} is using {{`{{`}} printf "%0.0f" $value {{`}}`}}% of its {{`{{`}} $labels.resource {{`}}`}} quota. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubequotaexceeded - expr: |- - 100 * kube_resourcequota{job="kube-state-metrics", type="used"} - / ignoring(instance, job, type) - (kube_resourcequota{job="kube-state-metrics", type="hard"} > 0) - > 90 - for: 15m - labels: - severity: warning - - alert: CPUThrottlingHigh - annotations: - message: '{{`{{`}} printf "%0.0f" $value {{`}}`}}% throttling of CPU in namespace {{`{{`}} $labels.namespace {{`}}`}} for container {{`{{`}} $labels.container_name {{`}}`}} in pod {{`{{`}} $labels.pod_name {{`}}`}}.' - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-cputhrottlinghigh - expr: |- - 100 * sum(increase(container_cpu_cfs_throttled_periods_total{container_name!="", }[5m])) by (container_name, pod_name, namespace) - / - sum(increase(container_cpu_cfs_periods_total{}[5m])) by (container_name, pod_name, namespace) - > 25 - for: 15m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml deleted file mode 100644 index 84bf43eed8..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-storage.yaml +++ /dev/null @@ -1,75 +0,0 @@ -{{- /* -Generated from 'kubernetes-storage' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesStorage }} -{{- $targetNamespace := .Values.defaultRules.appNamespacesTarget }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-storage" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kubernetes-storage - rules: - - alert: KubePersistentVolumeUsageCritical - annotations: - message: The PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} is only {{`{{`}} printf "%0.2f" $value {{`}}`}}% free. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumeusagecritical - expr: |- - 100 * kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} - / - kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} - < 3 - for: 1m - labels: - severity: critical - - alert: KubePersistentVolumeFullInFourDays - annotations: - message: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} is expected to fill up within four days. Currently {{`{{`}} printf "%0.2f" $value {{`}}`}}% is available. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumefullinfourdays - expr: |- - 100 * ( - kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} - / - kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} - ) < 15 - and - predict_linear(kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"}[6h], 4 * 24 * 3600) < 0 - for: 5m - labels: - severity: critical - - alert: KubePersistentVolumeErrors - annotations: - message: The persistent volume {{`{{`}} $labels.persistentvolume {{`}}`}} has status {{`{{`}} $labels.phase {{`}}`}}. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumeerrors - expr: kube_persistentvolume_status_phase{phase=~"Failed|Pending",job="kube-state-metrics"} > 0 - for: 5m - labels: - severity: critical - - alert: KubePersistentVolumeFull - annotations: - message: Based on recent sampling, the PersistentVolume claimed by {{`{{`}} $labels.persistentvolumeclaim {{`}}`}} in Namespace {{`{{`}} $labels.namespace {{`}}`}} is occupied 80% of storage. Currently {{`{{`}} printf "%0.2f" $value {{`}}`}}% is available. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubepersistentvolumefull - expr: |- - 100 * (1 - ( - kubelet_volume_stats_available_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"} - / - kubelet_volume_stats_capacity_bytes{job="kubelet", namespace=~"{{ $targetNamespace }}"})) >= 80 - for: 5m - labels: - severity: critical -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml deleted file mode 100644 index 36a1193145..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/kubernetes-system.yaml +++ /dev/null @@ -1,145 +0,0 @@ -{{- /* -Generated from 'kubernetes-system' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.kubernetesSystem }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "kubernetes-system" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: kubernetes-system - rules: - - alert: KubeNodeNotReady - annotations: - message: '{{`{{`}} $labels.node {{`}}`}} has been unready for more than an hour.' - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubenodenotready - expr: kube_node_status_condition{job="kube-state-metrics",condition="Ready",status="true"} == 0 - for: 1h - labels: - severity: warning - - alert: KubeVersionMismatch - annotations: - message: There are {{`{{`}} $value {{`}}`}} different semantic versions of Kubernetes components running. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeversionmismatch - expr: count(count by (gitVersion) (label_replace(kubernetes_build_info{job!~"kube-dns|coredns"},"gitVersion","$1","gitVersion","(v[0-9]*.[0-9]*.[0-9]*).*"))) > 1 - for: 1h - labels: - severity: warning - - alert: KubeClientErrors - annotations: - message: Kubernetes API server client '{{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.instance {{`}}`}}' is experiencing {{`{{`}} printf "%0.0f" $value {{`}}`}}% errors.' - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeclienterrors - expr: |- - (sum(rate(rest_client_requests_total{code=~"5.."}[5m])) by (instance, job) - / - sum(rate(rest_client_requests_total[5m])) by (instance, job)) - * 100 > 1 - for: 15m - labels: - severity: warning - - alert: KubeClientErrors - annotations: - message: Kubernetes API server client '{{`{{`}} $labels.job {{`}}`}}/{{`{{`}} $labels.instance {{`}}`}}' is experiencing {{`{{`}} printf "%0.0f" $value {{`}}`}} errors / second. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeclienterrors - expr: sum(rate(ksm_scrape_error_total{job="kube-state-metrics"}[5m])) by (instance, job) > 0.1 - for: 15m - labels: - severity: warning - - alert: KubeletTooManyPods - annotations: - message: Kubelet {{`{{`}} $labels.instance {{`}}`}} is running {{`{{`}} $value {{`}}`}} Pods, close to the limit of 110. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubelettoomanypods - expr: kubelet_running_pod_count{job="kubelet"} > 110 * 0.9 - for: 15m - labels: - severity: warning - - alert: KubeAPILatencyHigh - annotations: - message: The API server has a 99th percentile latency of {{`{{`}} $value {{`}}`}} seconds for {{`{{`}} $labels.verb {{`}}`}} {{`{{`}} $labels.resource {{`}}`}}. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapilatencyhigh - expr: cluster_quantile:apiserver_request_latencies:histogram_quantile{job="apiserver",quantile="0.99",subresource!="log",verb!~"^(?:LIST|WATCH|WATCHLIST|PROXY|CONNECT)$"} > 1 - for: 10m - labels: - severity: warning - - alert: KubeAPILatencyHigh - annotations: - message: The API server has a 99th percentile latency of {{`{{`}} $value {{`}}`}} seconds for {{`{{`}} $labels.verb {{`}}`}} {{`{{`}} $labels.resource {{`}}`}}. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapilatencyhigh - expr: cluster_quantile:apiserver_request_latencies:histogram_quantile{job="apiserver",quantile="0.99",subresource!="log",verb!~"^(?:LIST|WATCH|WATCHLIST|PROXY|CONNECT)$"} > 4 - for: 10m - labels: - severity: critical - - alert: KubeAPIErrorsHigh - annotations: - message: API server is returning errors for {{`{{`}} $value {{`}}`}}% of requests. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapierrorshigh - expr: |- - sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) - / - sum(rate(apiserver_request_count{job="apiserver"}[5m])) * 100 > 3 - for: 10m - labels: - severity: critical - - alert: KubeAPIErrorsHigh - annotations: - message: API server is returning errors for {{`{{`}} $value {{`}}`}}% of requests. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapierrorshigh - expr: |- - sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) - / - sum(rate(apiserver_request_count{job="apiserver"}[5m])) * 100 > 1 - for: 10m - labels: - severity: warning - - alert: KubeAPIErrorsHigh - annotations: - message: API server is returning errors for {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.verb {{`}}`}} {{`{{`}} $labels.resource {{`}}`}} {{`{{`}} $labels.subresource {{`}}`}}. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapierrorshigh - expr: |- - sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) by (resource,subresource,verb) - / - sum(rate(apiserver_request_count{job="apiserver"}[5m])) by (resource,subresource,verb) * 100 > 10 - for: 10m - labels: - severity: critical - - alert: KubeAPIErrorsHigh - annotations: - message: API server is returning errors for {{`{{`}} $value {{`}}`}}% of requests for {{`{{`}} $labels.verb {{`}}`}} {{`{{`}} $labels.resource {{`}}`}} {{`{{`}} $labels.subresource {{`}}`}}. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeapierrorshigh - expr: |- - sum(rate(apiserver_request_count{job="apiserver",code=~"^(?:5..)$"}[5m])) by (resource,subresource,verb) - / - sum(rate(apiserver_request_count{job="apiserver"}[5m])) by (resource,subresource,verb) * 100 > 5 - for: 10m - labels: - severity: warning - - alert: KubeClientCertificateExpiration - annotations: - message: A client certificate used to authenticate to the apiserver is expiring in less than 7.0 days. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeclientcertificateexpiration - expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 604800 - labels: - severity: warning - - alert: KubeClientCertificateExpiration - annotations: - message: A client certificate used to authenticate to the apiserver is expiring in less than 24.0 hours. - runbook_url: {{ .Values.defaultRules.runbookUrl }}alert-name-kubeclientcertificateexpiration - expr: apiserver_client_certificate_expiration_seconds_count{job="apiserver"} > 0 and histogram_quantile(0.01, sum by (job, le) (rate(apiserver_client_certificate_expiration_seconds_bucket{job="apiserver"}[5m]))) < 86400 - labels: - severity: critical -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml deleted file mode 100644 index 1de2a621c1..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-network.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- /* -Generated from 'node-network' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.network }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "node-network" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: node-network - rules: - - alert: NetworkReceiveErrors - annotations: - message: Network interface "{{`{{`}} $labels.device {{`}}`}}" showing receive errors on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}" - expr: rate(node_network_receive_errs_total{job="node-exporter",device!~"veth.+"}[2m]) > 0 - for: 2m - labels: - severity: warning - - alert: NetworkTransmitErrors - annotations: - message: Network interface "{{`{{`}} $labels.device {{`}}`}}" showing transmit errors on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}" - expr: rate(node_network_transmit_errs_total{job="node-exporter",device!~"veth.+"}[2m]) > 0 - for: 2m - labels: - severity: warning - - alert: NodeNetworkInterfaceFlapping - annotations: - message: Network interface "{{`{{`}} $labels.device {{`}}`}}" changing it's up status often on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}" - expr: changes(node_network_up{job="node-exporter",device!~"veth.+"}[2m]) > 2 - for: 2m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml deleted file mode 100644 index b53a6af2c6..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node-time.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{- /* -Generated from 'node-time' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.time }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "node-time" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: node-time - rules: - - alert: ClockSkewDetected - annotations: - message: Clock skew detected on node-exporter {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod {{`}}`}}. Ensure NTP is configured correctly on this host. - expr: abs(node_timex_offset_seconds{job="node-exporter"}) > 0.03 - for: 2m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml deleted file mode 100644 index bd2c50fe5a..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/node.rules.yaml +++ /dev/null @@ -1,202 +0,0 @@ -{{- /* -Generated from 'node.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.nodeExporter.enabled .Values.defaultRules.rules.node }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "node.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: node.rules - rules: - - expr: sum(min(kube_pod_info) by (node)) - record: ':kube_pod_info_node_count:' - - expr: max(label_replace(kube_pod_info{job="kube-state-metrics"}, "pod", "$1", "pod", "(.*)")) by (node, namespace, pod) - record: 'node_namespace_pod:kube_pod_info:' - - expr: |- - count by (node) (sum by (node, cpu) ( - node_cpu_seconds_total{job="node-exporter"} - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - )) - record: node:node_num_cpu:sum - - expr: 1 - avg(rate(node_cpu_seconds_total{job="node-exporter",mode="idle"}[1m])) - record: :node_cpu_utilisation:avg1m - - expr: |- - 1 - avg by (node) ( - rate(node_cpu_seconds_total{job="node-exporter",mode="idle"}[1m]) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info:) - record: node:node_cpu_utilisation:avg1m - - expr: |- - node:node_cpu_utilisation:avg1m - * - node:node_num_cpu:sum - / - scalar(sum(node:node_num_cpu:sum)) - record: node:cluster_cpu_utilisation:ratio - - expr: |- - sum(node_load1{job="node-exporter"}) - / - sum(node:node_num_cpu:sum) - record: ':node_cpu_saturation_load1:' - - expr: |- - sum by (node) ( - node_load1{job="node-exporter"} - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - / - node:node_num_cpu:sum - record: 'node:node_cpu_saturation_load1:' - - expr: |- - 1 - - sum(node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) - / - sum(node_memory_MemTotal_bytes{job="node-exporter"}) - record: ':node_memory_utilisation:' - - expr: sum(node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) - record: :node_memory_MemFreeCachedBuffers_bytes:sum - - expr: sum(node_memory_MemTotal_bytes{job="node-exporter"}) - record: :node_memory_MemTotal_bytes:sum - - expr: |- - sum by (node) ( - (node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_memory_bytes_available:sum - - expr: |- - sum by (node) ( - node_memory_MemTotal_bytes{job="node-exporter"} - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_memory_bytes_total:sum - - expr: |- - (node:node_memory_bytes_total:sum - node:node_memory_bytes_available:sum) - / - node:node_memory_bytes_total:sum - record: node:node_memory_utilisation:ratio - - expr: |- - (node:node_memory_bytes_total:sum - node:node_memory_bytes_available:sum) - / - scalar(sum(node:node_memory_bytes_total:sum)) - record: node:cluster_memory_utilisation:ratio - - expr: |- - 1e3 * sum( - (rate(node_vmstat_pgpgin{job="node-exporter"}[1m]) - + rate(node_vmstat_pgpgout{job="node-exporter"}[1m])) - ) - record: :node_memory_swap_io_bytes:sum_rate - - expr: |- - 1 - - sum by (node) ( - (node_memory_MemFree_bytes{job="node-exporter"} + node_memory_Cached_bytes{job="node-exporter"} + node_memory_Buffers_bytes{job="node-exporter"}) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - / - sum by (node) ( - node_memory_MemTotal_bytes{job="node-exporter"} - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: 'node:node_memory_utilisation:' - - expr: 1 - (node:node_memory_bytes_available:sum / node:node_memory_bytes_total:sum) - record: 'node:node_memory_utilisation_2:' - - expr: |- - 1e3 * sum by (node) ( - (rate(node_vmstat_pgpgin{job="node-exporter"}[1m]) - + rate(node_vmstat_pgpgout{job="node-exporter"}[1m])) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_memory_swap_io_bytes:sum_rate - - expr: avg(irate(node_disk_io_time_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+"}[1m])) - record: :node_disk_utilisation:avg_irate - - expr: |- - avg by (node) ( - irate(node_disk_io_time_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+"}[1m]) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_disk_utilisation:avg_irate - - expr: avg(irate(node_disk_io_time_weighted_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+"}[1m])) - record: :node_disk_saturation:avg_irate - - expr: |- - avg by (node) ( - irate(node_disk_io_time_weighted_seconds_total{job="node-exporter",device=~"nvme.+|rbd.+|sd.+|vd.+|xvd.+|dm-.+"}[1m]) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_disk_saturation:avg_irate - - expr: |- - max by (instance, namespace, pod, device) ((node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} - - node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) - / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) - record: 'node:node_filesystem_usage:' - - expr: max by (instance, namespace, pod, device) (node_filesystem_avail_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"} / node_filesystem_size_bytes{fstype=~"ext[234]|btrfs|xfs|zfs"}) - record: 'node:node_filesystem_avail:' - - expr: |- - sum(irate(node_network_receive_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) + - sum(irate(node_network_transmit_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) - record: :node_net_utilisation:sum_irate - - expr: |- - sum by (node) ( - (irate(node_network_receive_bytes_total{job="node-exporter",device!~"veth.+"}[1m]) + - irate(node_network_transmit_bytes_total{job="node-exporter",device!~"veth.+"}[1m])) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_net_utilisation:sum_irate - - expr: |- - sum(irate(node_network_receive_drop_total{job="node-exporter",device!~"veth.+"}[1m])) + - sum(irate(node_network_transmit_drop_total{job="node-exporter",device!~"veth.+"}[1m])) - record: :node_net_saturation:sum_irate - - expr: |- - sum by (node) ( - (irate(node_network_receive_drop_total{job="node-exporter",device!~"veth.+"}[1m]) + - irate(node_network_transmit_drop_total{job="node-exporter",device!~"veth.+"}[1m])) - * on (namespace, pod) group_left(node) - node_namespace_pod:kube_pod_info: - ) - record: node:node_net_saturation:sum_irate - - expr: |- - max( - max( - kube_pod_info{job="kube-state-metrics", host_ip!=""} - ) by (node, host_ip) - * on (host_ip) group_right (node) - label_replace( - (max(node_filesystem_files{job="node-exporter", mountpoint="/"}) by (instance)), "host_ip", "$1", "instance", "(.*):.*" - ) - ) by (node) - record: 'node:node_inodes_total:' - - expr: |- - max( - max( - kube_pod_info{job="kube-state-metrics", host_ip!=""} - ) by (node, host_ip) - * on (host_ip) group_right (node) - label_replace( - (max(node_filesystem_files_free{job="node-exporter", mountpoint="/"}) by (instance)), "host_ip", "$1", "instance", "(.*):.*" - ) - ) by (node) - record: 'node:node_inodes_free:' -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml deleted file mode 100644 index 9975be3691..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus-operator.yaml +++ /dev/null @@ -1,43 +0,0 @@ -{{- /* -Generated from 'prometheus-operator' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheusOperator }} -{{- $operatorJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "operator" }} -{{- $namespace := printf "%s" (include "prometheus-operator.namespace" .) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus-operator" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: prometheus-operator - rules: - - alert: PrometheusOperatorReconcileErrors - annotations: - message: Errors while reconciling {{`{{`}} $labels.controller {{`}}`}} in {{`{{`}} $labels.namespace {{`}}`}} Namespace. - expr: rate(prometheus_operator_reconcile_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1 - for: 10m - labels: - severity: warning - - alert: PrometheusOperatorNodeLookupErrors - annotations: - message: Errors while reconciling Prometheus in {{`{{`}} $labels.namespace {{`}}`}} Namespace. - expr: rate(prometheus_operator_node_address_lookup_errors_total{job="{{ $operatorJob }}",namespace="{{ $namespace }}"}[5m]) > 0.1 - for: 10m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml deleted file mode 100644 index 9cd2eea08c..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/rules/prometheus.rules.yaml +++ /dev/null @@ -1,109 +0,0 @@ -{{- /* -Generated from 'prometheus.rules' group from https://raw.githubusercontent.com/coreos/kube-prometheus/release-0.1/manifests/prometheus-rules.yaml -Do not change in-place! In order to change this file first read following link: -https://github.com/helm/charts/tree/master/stable/prometheus-operator/hack -*/ -}} -{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} -{{- if and (semverCompare ">=1.10.0-0" $kubeTargetVersion) (semverCompare "<1.14.0-0" $kubeTargetVersion) .Values.defaultRules.create .Values.defaultRules.rules.prometheus }} -{{- $prometheusJob := printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus" }} -{{- $namespace := printf "%s" (include "prometheus-operator.namespace" .) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ printf "%s-%s" (include "prometheus-operator.fullname" .) "prometheus.rules" | trunc 63 | trimSuffix "-" }} - namespace: {{ template "prometheus-operator.namespace" . }} - labels: - app: {{ template "prometheus-operator.name" . }} -{{ include "prometheus-operator.labels" . | indent 4 }} -{{- if .Values.defaultRules.labels }} -{{ toYaml .Values.defaultRules.labels | indent 4 }} -{{- end }} -{{- if .Values.defaultRules.annotations }} - annotations: -{{ toYaml .Values.defaultRules.annotations | indent 4 }} -{{- end }} -spec: - groups: - - name: prometheus.rules - rules: - - alert: PrometheusConfigReloadFailed - annotations: - description: Reloading Prometheus' configuration has failed for {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} - summary: Reloading Prometheus' configuration failed - expr: prometheus_config_last_reload_successful{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} == 0 - for: 10m - labels: - severity: warning - - alert: PrometheusNotificationQueueRunningFull - annotations: - description: Prometheus' alert notification queue is running full for {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} - summary: Prometheus' alert notification queue is running full - expr: predict_linear(prometheus_notifications_queue_length{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m], 60 * 30) > prometheus_notifications_queue_capacity{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} - for: 10m - labels: - severity: warning - - alert: PrometheusErrorSendingAlerts - annotations: - description: Errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} to Alertmanager {{`{{`}}$labels.Alertmanager{{`}}`}} - summary: Errors while sending alert from Prometheus - expr: rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.01 - for: 10m - labels: - severity: warning - - alert: PrometheusErrorSendingAlerts - annotations: - description: Errors while sending alerts from Prometheus {{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} to Alertmanager {{`{{`}}$labels.Alertmanager{{`}}`}} - summary: Errors while sending alerts from Prometheus - expr: rate(prometheus_notifications_errors_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) / rate(prometheus_notifications_sent_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0.03 - for: 10m - labels: - severity: critical - - alert: PrometheusNotConnectedToAlertmanagers - annotations: - description: Prometheus {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} is not connected to any Alertmanagers - summary: Prometheus is not connected to any Alertmanagers - expr: prometheus_notifications_alertmanagers_discovered{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} < 1 - for: 10m - labels: - severity: warning - - alert: PrometheusTSDBReloadsFailing - annotations: - description: '{{`{{`}}$labels.job{{`}}`}} at {{`{{`}}$labels.instance{{`}}`}} had {{`{{`}}$value | humanize{{`}}`}} reload failures over the last four hours.' - summary: Prometheus has issues reloading data blocks from disk - expr: increase(prometheus_tsdb_reloads_failures_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[2h]) > 0 - for: 12h - labels: - severity: warning - - alert: PrometheusTSDBCompactionsFailing - annotations: - description: '{{`{{`}}$labels.job{{`}}`}} at {{`{{`}}$labels.instance{{`}}`}} had {{`{{`}}$value | humanize{{`}}`}} compaction failures over the last four hours.' - summary: Prometheus has issues compacting sample blocks - expr: increase(prometheus_tsdb_compactions_failed_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[2h]) > 0 - for: 12h - labels: - severity: warning - - alert: PrometheusTSDBWALCorruptions - annotations: - description: '{{`{{`}}$labels.job{{`}}`}} at {{`{{`}}$labels.instance{{`}}`}} has a corrupted write-ahead log (WAL).' - summary: Prometheus write-ahead log is corrupted - expr: prometheus_tsdb_wal_corruptions_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"} > 0 - for: 4h - labels: - severity: warning - - alert: PrometheusNotIngestingSamples - annotations: - description: Prometheus {{`{{`}} $labels.namespace {{`}}`}}/{{`{{`}} $labels.pod{{`}}`}} isn't ingesting samples. - summary: Prometheus isn't ingesting samples - expr: rate(prometheus_tsdb_head_samples_appended_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) <= 0 - for: 10m - labels: - severity: warning - - alert: PrometheusTargetScrapesDuplicate - annotations: - description: '{{`{{`}}$labels.namespace{{`}}`}}/{{`{{`}}$labels.pod{{`}}`}} has many samples rejected due to duplicate timestamps but different values' - summary: Prometheus has many samples rejected - expr: increase(prometheus_target_scrapes_sample_duplicate_timestamp_total{job="{{ $prometheusJob }}",namespace="{{ $namespace }}"}[5m]) > 0 - for: 10m - labels: - severity: warning -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml index bd8aa64d7e..cba75c86d9 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/service.yaml @@ -1,13 +1,10 @@ -{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} +{{- $kubeTargetVersion := default .Capabilities.KubeVersion.GitVersion .Values.kubeTargetVersionOverride }} {{- if .Values.prometheus.enabled }} apiVersion: v1 kind: Service metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus self-monitor: {{ .Values.prometheus.serviceMonitor.selfMonitor | quote }} @@ -35,6 +32,9 @@ spec: {{- range $cidr := .Values.prometheus.service.loadBalancerSourceRanges }} - {{ $cidr }} {{- end }} +{{- end }} +{{- if ne .Values.prometheus.service.type "ClusterIP" }} + externalTrafficPolicy: {{ .Values.prometheus.service.externalTrafficPolicy }} {{- end }} ports: - name: {{ .Values.prometheus.prometheusSpec.portName }} @@ -43,14 +43,33 @@ spec: {{- end }} port: {{ .Values.prometheus.service.port }} targetPort: {{ .Values.prometheus.service.targetPort }} + - name: reloader-web + {{- if semverCompare "> 1.20.0-0" $kubeTargetVersion }} + appProtocol: http + {{- end }} + port: 8080 + targetPort: reloader-web + {{- if .Values.prometheus.thanosIngress.enabled }} + - name: grpc + {{- if eq .Values.prometheus.service.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosIngress.nodePort }} + {{- end }} + port: {{ .Values.prometheus.thanosIngress.servicePort }} + targetPort: {{ .Values.prometheus.thanosIngress.servicePort }} + {{- end }} {{- if .Values.prometheus.service.additionalPorts }} {{ toYaml .Values.prometheus.service.additionalPorts | indent 2 }} {{- end }} + publishNotReadyAddresses: {{ .Values.prometheus.service.publishNotReadyAddresses }} selector: - prometheus: {{ template "prometheus-operator.fullname" . }}-prometheus + {{- if .Values.prometheus.agentMode }} + app.kubernetes.io/name: prometheus-agent + {{- else }} + app.kubernetes.io/name: prometheus + {{- end }} + operator.prometheus.io/name: {{ template "prometheus-operator.fullname" . }}-prometheus {{- if .Values.prometheus.service.sessionAffinity }} sessionAffinity: {{ .Values.prometheus.service.sessionAffinity }} {{- end }} type: "{{ .Values.prometheus.service.type }}" {{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecar.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecar.yaml new file mode 100644 index 0000000000..f040c96e99 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecar.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.thanosService.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-thanos-discovery + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "prometheus-operator.name" . }}-thanos-discovery +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheus.thanosService.labels }} +{{ toYaml .Values.prometheus.thanosService.labels | indent 4 }} +{{- end }} +{{- if .Values.prometheus.thanosService.annotations }} + annotations: +{{ toYaml .Values.prometheus.thanosService.annotations | indent 4 }} +{{- end }} +spec: + type: {{ .Values.prometheus.thanosService.type }} + clusterIP: {{ .Values.prometheus.thanosService.clusterIP }} +{{- if ne .Values.prometheus.thanosService.type "ClusterIP" }} + externalTrafficPolicy: {{ .Values.prometheus.thanosService.externalTrafficPolicy }} +{{- end }} + ports: + - name: {{ .Values.prometheus.thanosService.portName }} + port: {{ .Values.prometheus.thanosService.port }} + targetPort: {{ .Values.prometheus.thanosService.targetPort }} + {{- if eq .Values.prometheus.thanosService.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosService.nodePort }} + {{- end }} + - name: {{ .Values.prometheus.thanosService.httpPortName }} + port: {{ .Values.prometheus.thanosService.httpPort }} + targetPort: {{ .Values.prometheus.thanosService.targetHttpPort }} + {{- if eq .Values.prometheus.thanosService.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosService.httpNodePort }} + {{- end }} + selector: + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: {{ template "prometheus-operator.prometheus.crname" . }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecarExternal.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecarExternal.yaml new file mode 100644 index 0000000000..66aa349387 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceThanosSidecarExternal.yaml @@ -0,0 +1,46 @@ +{{- if and .Values.prometheus.enabled .Values.prometheus.thanosServiceExternal.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-operator.fullname" . }}-thanos-external + namespace: {{ $.Release.Namespace }} + labels: +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- if .Values.prometheus.thanosServiceExternal.labels }} +{{ toYaml .Values.prometheus.thanosServiceExternal.labels | indent 4 }} +{{- end }} +{{- if .Values.prometheus.thanosServiceExternal.annotations }} + annotations: +{{ toYaml .Values.prometheus.thanosServiceExternal.annotations | indent 4 }} +{{- end }} +spec: + type: {{ .Values.prometheus.thanosServiceExternal.type }} +{{- if .Values.prometheus.thanosServiceExternal.loadBalancerIP }} + loadBalancerIP: {{ .Values.prometheus.thanosServiceExternal.loadBalancerIP }} +{{- end }} +{{- if .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.prometheus.thanosServiceExternal.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} +{{- end }} +{{- if ne .Values.prometheus.thanosServiceExternal.type "ClusterIP" }} + externalTrafficPolicy: {{ .Values.prometheus.thanosServiceExternal.externalTrafficPolicy }} +{{- end }} + ports: + - name: {{ .Values.prometheus.thanosServiceExternal.portName }} + port: {{ .Values.prometheus.thanosServiceExternal.port }} + targetPort: {{ .Values.prometheus.thanosServiceExternal.targetPort }} + {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosServiceExternal.nodePort }} + {{- end }} + - name: {{ .Values.prometheus.thanosServiceExternal.httpPortName }} + port: {{ .Values.prometheus.thanosServiceExternal.httpPort }} + targetPort: {{ .Values.prometheus.thanosServiceExternal.targetHttpPort }} + {{- if eq .Values.prometheus.thanosServiceExternal.type "NodePort" }} + nodePort: {{ .Values.prometheus.thanosServiceExternal.httpNodePort }} + {{- end }} + selector: + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: {{ template "prometheus-operator.prometheus.crname" . }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml index 860840f5e2..9b7168fbb7 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceaccount.yaml @@ -3,14 +3,18 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "prometheus-operator.prometheus.serviceAccountName" . }} - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus + app.kubernetes.io/name: {{ template "prometheus-operator.name" . }}-prometheus + app.kubernetes.io/component: prometheus {{ include "prometheus-operator.labels" . | indent 4 }} {{- if .Values.prometheus.serviceAccount.annotations }} annotations: {{ toYaml .Values.prometheus.serviceAccount.annotations | indent 4 }} {{- end }} +{{- if .Values.global.imagePullSecrets }} imagePullSecrets: -{{ toYaml .Values.global.imagePullSecrets | indent 2 }} +{{ include "prometheus-operator.imagePullSecrets" . | trim | indent 2 }} +{{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml index 8bbeea695e..b8fd829f4c 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitor.yaml @@ -3,18 +3,22 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "prometheus-operator.fullname" . }}-prometheus - namespace: {{ .Values.namespace }} + namespace: {{ template "prometheus-operator.namespace" . }} labels: app: {{ template "prometheus-operator.name" . }}-prometheus {{ include "prometheus-operator.labels" . | indent 4 }} +{{- with .Values.prometheus.serviceMonitor.additionalLabels }} +{{- toYaml . | nindent 4 }} +{{- end }} spec: selector: matchLabels: app: {{ template "prometheus-operator.name" . }}-prometheus + release: {{ $.Release.Name | quote }} self-monitor: "true" namespaceSelector: matchNames: - - {{ .Values.namespace | quote }} + - {{ printf "%s" (include "prometheus-operator.namespace" .) | quote }} endpoints: - port: {{ .Values.prometheus.prometheusSpec.portName }} {{- if .Values.prometheus.serviceMonitor.interval }} @@ -37,5 +41,27 @@ spec: {{- if .Values.prometheus.serviceMonitor.relabelings }} relabelings: {{ toYaml .Values.prometheus.serviceMonitor.relabelings | indent 6 }} +{{- end }} + - port: reloader-web + {{- if .Values.prometheus.serviceMonitor.interval }} + interval: {{ .Values.prometheus.serviceMonitor.interval }} + {{- end }} + {{- if .Values.prometheus.serviceMonitor.scheme }} + scheme: {{ .Values.prometheus.serviceMonitor.scheme }} + {{- end }} + {{- if .Values.prometheus.serviceMonitor.tlsConfig }} + tlsConfig: {{ toYaml .Values.prometheus.serviceMonitor.tlsConfig | nindent 6 }} + {{- end }} + {{- if .Values.prometheus.serviceMonitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.prometheus.serviceMonitor.bearerTokenFile }} + {{- end }} + path: "/metrics" +{{- if .Values.prometheus.serviceMonitor.metricRelabelings }} + metricRelabelings: +{{ tpl (toYaml .Values.prometheus.serviceMonitor.metricRelabelings | indent 6) . }} +{{- end }} +{{- if .Values.prometheus.serviceMonitor.relabelings }} + relabelings: +{{ toYaml .Values.prometheus.serviceMonitor.relabelings | indent 6 }} {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitorThanosSidecar.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitorThanosSidecar.yaml new file mode 100644 index 0000000000..f76d4fd937 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitorThanosSidecar.yaml @@ -0,0 +1,45 @@ +{{- if and .Values.prometheus.thanosService.enabled .Values.prometheus.thanosServiceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-operator.fullname" . }}-thanos-sidecar + namespace: {{ $.Release.Namespace }} + labels: + app: {{ template "prometheus-operator.name" . }}-thanos-sidecar +{{ include "prometheus-operator.labels" . | indent 4 }} +{{- with .Values.prometheus.thanosServiceMonitor.additionalLabels }} +{{- toYaml . | nindent 4 }} +{{- end }} +spec: + {{- include "servicemonitor.scrapeLimits" .Values.prometheus.thanosServiceMonitor | nindent 2 }} + selector: + matchLabels: + app: {{ template "prometheus-operator.name" . }}-thanos-discovery + release: {{ $.Release.Name | quote }} + namespaceSelector: + matchNames: + - {{ printf "%s" (include "prometheus-operator.namespace" .) | quote }} + endpoints: + - port: {{ .Values.prometheus.thanosService.httpPortName }} + {{- if .Values.prometheus.thanosServiceMonitor.interval }} + interval: {{ .Values.prometheus.thanosServiceMonitor.interval }} + {{- end }} + {{- if .Values.prometheus.thanosServiceMonitor.scheme }} + scheme: {{ .Values.prometheus.thanosServiceMonitor.scheme }} + {{- end }} + {{- if .Values.prometheus.thanosServiceMonitor.tlsConfig }} + tlsConfig: {{ toYaml .Values.prometheus.thanosServiceMonitor.tlsConfig | nindent 6 }} + {{- end }} + {{- if .Values.prometheus.thanosServiceMonitor.bearerTokenFile }} + bearerTokenFile: {{ .Values.prometheus.thanosServiceMonitor.bearerTokenFile }} + {{- end }} + path: "/metrics" +{{- if .Values.prometheus.thanosServiceMonitor.metricRelabelings }} + metricRelabelings: +{{ tpl (toYaml .Values.prometheus.thanosServiceMonitor.metricRelabelings | indent 6) . }} +{{- end }} +{{- if .Values.prometheus.thanosServiceMonitor.relabelings }} + relabelings: +{{ toYaml .Values.prometheus.thanosServiceMonitor.relabelings | indent 6 }} +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml index 2e437e0c11..10cd55d4fe 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/servicemonitors.yaml @@ -7,7 +7,7 @@ items: kind: ServiceMonitor metadata: name: {{ .name }} - namespace: {{ .Values.namespace }} + namespace: {{ $.Release.Namespace }} labels: app: {{ template "prometheus-operator.name" $ }}-prometheus {{ include "prometheus-operator.labels" $ | indent 8 }} @@ -15,6 +15,7 @@ items: {{ toYaml .additionalLabels | indent 8 }} {{- end }} spec: + {{- include "servicemonitor.scrapeLimits" . | nindent 6 }} endpoints: {{ toYaml .endpoints | indent 8 }} {{- if .jobLabel }} @@ -30,5 +31,17 @@ items: targetLabels: {{ toYaml .targetLabels | indent 8 }} {{- end }} + {{- if .podTargetLabels }} + podTargetLabels: +{{ toYaml .podTargetLabels | indent 8 }} + {{- end }} {{- end }} + {{- if .metricRelabelings }} + metricRelabelings: +{{ toYaml .metricRelabelings | indent 8 }} + {{- end }} + {{- if .relabelings }} + relabelings: +{{ toYaml .relabelings | indent 8 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml index a57c0b2db3..bd12858480 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/templates/prometheus/serviceperreplica.yaml @@ -1,6 +1,6 @@ {{- if and .Values.prometheus.enabled .Values.prometheus.servicePerReplica.enabled }} {{- $count := .Values.prometheus.prometheusSpec.replicas | int -}} -{{- $serviceValues := .Values.prometheus.servicePerReplica -}} +{{- $serviceValues := .Values.prometheus.servicePerReplica -}} apiVersion: v1 kind: List metadata: @@ -30,6 +30,9 @@ items: - {{ $cidr }} {{- end }} {{- end }} + {{- if ne $serviceValues.type "ClusterIP" }} + externalTrafficPolicy: {{ $serviceValues.externalTrafficPolicy }} + {{- end }} ports: - name: {{ $.Values.prometheus.prometheusSpec.portName }} {{- if eq $serviceValues.type "NodePort" }} @@ -38,9 +41,14 @@ items: port: {{ $serviceValues.port }} targetPort: {{ $serviceValues.targetPort }} selector: - app: prometheus - prometheus: {{ include "prometheus-operator.fullname" $ }}-prometheus - statefulset.kubernetes.io/pod-name: prometheus-{{ include "prometheus-operator.fullname" $ }}-prometheus-{{ $i }} + {{- if $.Values.prometheus.agentMode }} + app.kubernetes.io/name: prometheus-agent + statefulset.kubernetes.io/pod-name: prom-agent-{{ include "prometheus-operator.prometheus.crname" $ }}-{{ $i }} + {{- else }} + app.kubernetes.io/name: prometheus + statefulset.kubernetes.io/pod-name: prometheus-{{ include "prometheus-operator.prometheus.crname" $ }}-{{ $i }} + {{- end }} + operator.prometheus.io/name: {{ template "prometheus-operator.prometheus.crname" $ }} type: "{{ $serviceValues.type }}" {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index 7f69e4e671..581ec57fcf 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1290,18 +1290,148 @@ prometheusOperator: ## Deploy a Prometheus instance ## +windowsMonitoring: + ## Deploys the windows-exporter and Windows-specific dashboards and rules (job name must be 'windows-exporter') + enabled: false + + prometheus: enabled: true + + ## Toggle prometheus into agent mode + ## Note many of features described below (e.g. rules, query, alerting, remote read, thanos) will not work in agent mode. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/designs/prometheus-agent.md + ## + agentMode: false + ## Annotations for Prometheus ## annotations: {} + ## Configure network policy for the prometheus + networkPolicy: + enabled: false + + ## Flavor of the network policy to use. + # Can be: + # * kubernetes for networking.k8s.io/v1/NetworkPolicy + # * cilium for cilium.io/v2/CiliumNetworkPolicy + flavor: kubernetes + + # cilium: + # endpointSelector: + # egress: + # ingress: + + # egress: + # - {} + # ingress: + # - {} + # podSelector: + # matchLabels: + # app: prometheus + ## Service account for Prometheuses to use. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ ## serviceAccount: create: true name: "" + annotations: {} + + # Service for thanos service discovery on sidecar + # Enable this can make Thanos Query can use + # `--store=dnssrv+_grpc._tcp.${kube-prometheus-stack.fullname}-thanos-discovery.${namespace}.svc.cluster.local` to discovery + # Thanos sidecar on prometheus nodes + # (Please remember to change ${kube-prometheus-stack.fullname} and ${namespace}. Not just copy and paste!) + thanosService: + enabled: false + annotations: {} + labels: {} + + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints + ## + externalTrafficPolicy: Cluster + + ## Service type + ## + type: ClusterIP + + ## gRPC port config + portName: grpc + port: 10901 + targetPort: "grpc" + + ## HTTP port config (for metrics) + httpPortName: http + httpPort: 10902 + targetHttpPort: "http" + + ## ClusterIP to assign + # Default is to make this a headless service ("None") + clusterIP: "None" + + ## Port to expose on each node, if service type is NodePort + ## + nodePort: 30901 + httpNodePort: 30902 + + # ServiceMonitor to scrape Sidecar metrics + # Needs thanosService to be enabled as well + thanosServiceMonitor: + enabled: false + interval: "" + + ## Additional labels + ## + additionalLabels: {} + + ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. + scheme: "" + + ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. + ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig + tlsConfig: {} + + bearerTokenFile: + + ## Metric relabel configs to apply to samples before ingestion. + metricRelabelings: [] + + ## relabel configs to apply to samples before ingestion. + relabelings: [] + + # Service for external access to sidecar + # Enabling this creates a service to expose thanos-sidecar outside the cluster. + thanosServiceExternal: + enabled: false + annotations: {} + labels: {} + loadBalancerIP: "" + loadBalancerSourceRanges: [] + + ## gRPC port config + portName: grpc + port: 10901 + targetPort: "grpc" + + ## HTTP port config (for metrics) + httpPortName: http + httpPort: 10902 + targetHttpPort: "http" + + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints + ## + externalTrafficPolicy: Cluster + + ## Service type + ## + type: LoadBalancer + + ## Port to expose on each node + ## + nodePort: 30901 + httpNodePort: 30902 ## Configuration for Prometheus service ## @@ -1328,13 +1458,29 @@ prometheus: nodePort: 30090 ## Loadbalancer IP - ## Only use if service.type is "loadbalancer" + ## Only use if service.type is "LoadBalancer" loadBalancerIP: "" loadBalancerSourceRanges: [] + + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints + ## + externalTrafficPolicy: Cluster + ## Service type ## type: ClusterIP + ## Additional port to define in the Service + additionalPorts: [] + # additionalPorts: + # - name: authenticated + # port: 8081 + # targetPort: 8081 + + ## Consider that all endpoints are considered "ready" even if the Pods themselves are not + ## Ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/#ServiceSpec + publishNotReadyAddresses: false + sessionAffinity: "" ## Configuration for creating a separate Service for each statefulset Prometheus replica @@ -1356,8 +1502,13 @@ prometheus: nodePort: 30091 ## Loadbalancer source IP ranges - ## Only used if servicePerReplica.type is "loadbalancer" + ## Only used if servicePerReplica.type is "LoadBalancer" loadBalancerSourceRanges: [] + + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints + ## + externalTrafficPolicy: Cluster + ## Service type ## type: ClusterIP @@ -1372,11 +1523,70 @@ prometheus: minAvailable: 1 maxUnavailable: "" + # Ingress exposes thanos sidecar outside the cluster + thanosIngress: + enabled: false + + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + + annotations: {} + labels: {} + servicePort: 10901 + + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## + nodePort: 30901 + + ## Hosts must be provided if Ingress is enabled. + ## + hosts: [] + # - thanos-gateway.domain.com + + ## Paths to use for ingress rules + ## + paths: [] + # - / + + ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched) + ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types + # pathType: ImplementationSpecific + + ## TLS configuration for Thanos Ingress + ## Secret must be manually created in the namespace + ## + tls: [] + # - secretName: thanos-gateway-tls + # hosts: + # - thanos-gateway.domain.com + # + + ## ExtraSecret can be used to store various data in an extra secret + ## (use it for example to store hashed basic auth credentials) + extraSecret: + ## if not set, name will be auto generated + # name: "" + annotations: {} + data: {} + # auth: | + # foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0 + # someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c. + ingress: enabled: false + + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + annotations: {} labels: {} + ## Redirect ingress to an additional defined port on the service + # servicePort: 8081 + ## Hostnames. ## Must be provided if Ingress is enabled. ## @@ -1389,6 +1599,10 @@ prometheus: paths: [] # - / + ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched) + ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types + # pathType: ImplementationSpecific + ## TLS configuration for Prometheus Ingress ## Secret must be manually created in the namespace ## @@ -1402,6 +1616,11 @@ prometheus: ## ingressPerReplica: enabled: false + + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + annotations: {} labels: {} @@ -1419,6 +1638,10 @@ prometheus: paths: [] # - / + ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched) + ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types + # pathType: ImplementationSpecific + ## Secret name containing the TLS certificate for Prometheus per replica ingress ## Secret must be manually created in the namespace tlsSecretName: "" @@ -1436,6 +1659,8 @@ prometheus: ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/ podSecurityPolicy: allowedCapabilities: [] + allowedHostPaths: [] + volumes: [] serviceMonitor: ## Scrape interval. If not set, the Prometheus default scrape interval is used. @@ -1443,23 +1668,47 @@ prometheus: interval: "" selfMonitor: true + ## Additional labels + ## + additionalLabels: {} + + ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + ## + sampleLimit: 0 + + ## TargetLimit defines a limit on the number of scraped targets that will be accepted. + ## + targetLimit: 0 + + ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelLimit: 0 + + ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelNameLengthLimit: 0 + + ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelValueLengthLimit: 0 + ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. scheme: "" ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. - ## Of type: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#tlsconfig + ## Of type: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#tlsconfig tlsConfig: {} bearerTokenFile: - ## metric relabel configs to apply to samples before ingestion. + ## Metric relabel configs to apply to samples before ingestion. ## metricRelabelings: [] # - action: keep # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' # sourceLabels: [__name__] - # relabel configs to apply to samples before ingestion. + # relabel configs to apply to samples before ingestion. ## relabelings: [] # - sourceLabels: [__meta_kubernetes_pod_node_name] @@ -1470,21 +1719,31 @@ prometheus: # action: replace ## Settings affecting prometheusSpec - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#prometheusspec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheusspec ## prometheusSpec: ## If true, pass --storage.tsdb.max-block-duration=2h to prometheus. This is already done if using Thanos ## disableCompaction: false ## APIServerConfig - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#apiserverconfig + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#apiserverconfig ## apiserverConfig: {} + ## Allows setting additional arguments for the Prometheus container + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#monitoring.coreos.com/v1.Prometheus + additionalArgs: [] + ## Interval between consecutive scrapes. + ## Defaults to 30s. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/release-0.44/pkg/prometheus/promcfg.go#L180-L183 ## scrapeInterval: "5m" + ## Number of seconds to wait for target to respond before erroring + ## + scrapeTimeout: "" + ## Interval between consecutive evaluations. ## evaluationInterval: "5m" @@ -1499,11 +1758,34 @@ prometheus: ## enableAdminAPI: false + ## Sets version of Prometheus overriding the Prometheus version as derived + ## from the image tag. Useful in cases where the tag does not follow semver v2. + version: "" + + ## WebTLSConfig defines the TLS parameters for HTTPS + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#webtlsconfig + web: {} + + ## Exemplars related settings that are runtime reloadable. + ## It requires to enable the exemplar storage feature to be effective. + exemplars: "" + ## Maximum number of exemplars stored in memory for all series. + ## If not set, Prometheus uses its default value. + ## A value of zero or less than zero disables the storage. + # maxSize: 100000 + + # EnableFeatures API enables access to Prometheus disabled features. + # ref: https://prometheus.io/docs/prometheus/latest/disabled_features/ + enableFeatures: [] + # - exemplar-storage + ## Image of Prometheus. ## image: - repository: quay.io/prometheus/prometheus - tag: v2.15.2 + registry: quay.io + repository: prometheus/prometheus + tag: v2.47.0 + sha: "" ## Tolerations for use with node taints ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ @@ -1514,8 +1796,19 @@ prometheus: # value: "value" # effect: "NoSchedule" + ## If specified, the pod's topology spread constraints. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # labelSelector: + # matchLabels: + # app: prometheus + ## Alertmanagers to which alerts will be sent - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#alertmanagerendpoints + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#alertmanagerendpoints ## ## Default configuration will connect to the alertmanager deployed as part of this release ## @@ -1533,6 +1826,10 @@ prometheus: ## externalLabels: {} + ## enable --web.enable-remote-write-receiver flag on prometheus-server + ## + enableRemoteWriteReceiver: false + ## Name of the external label used to denote replica name ## replicaExternalLabelName: "" @@ -1571,15 +1868,16 @@ prometheus: configMaps: [] ## QuerySpec defines the query command line flags when starting Prometheus. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#queryspec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#queryspec ## query: {} - ## Namespaces to be selected for PrometheusRules discovery. - ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery. - ## See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage - ## + ## If nil, select own namespace. Namespaces to be selected for PrometheusRules discovery. ruleNamespaceSelector: {} + ## Example which selects PrometheusRules in namespaces with label "prometheus" set to "somelabel" + # ruleNamespaceSelector: + # matchLabels: + # prometheus: somelabel ## If true, a nil or {} value for prometheus.prometheusSpec.ruleSelector will cause the ## prometheus resource to be created with selectors based on values in the helm deployment, @@ -1588,10 +1886,10 @@ prometheus: ruleSelectorNilUsesHelmValues: false ## PrometheusRules to be selected for target discovery. - ## If {}, select all ServiceMonitors + ## If {}, select all PrometheusRules ## ruleSelector: {} - ## Example which select all prometheusrules resources + ## Example which select all PrometheusRules resources ## with label "prometheus" with values any of "example-rules" or "example-rules-2" # ruleSelector: # matchExpressions: @@ -1601,7 +1899,7 @@ prometheus: # - example-rules # - example-rules-2 # - ## Example which select all prometheusrules resources with label "role" set to "example-rules" + ## Example which select all PrometheusRules resources with label "role" set to "example-rules" # ruleSelector: # matchLabels: # role: example-rules @@ -1622,9 +1920,12 @@ prometheus: # prometheus: somelabel ## Namespaces to be selected for ServiceMonitor discovery. - ## See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage ## serviceMonitorNamespaceSelector: {} + ## Example which selects ServiceMonitors in namespaces with label "prometheus" set to "somelabel" + # serviceMonitorNamespaceSelector: + # matchLabels: + # prometheus: somelabel ## If true, a nil or {} value for prometheus.prometheusSpec.podMonitorSelector will cause the ## prometheus resource to be created with selectors based on values in the helm deployment, @@ -1641,10 +1942,56 @@ prometheus: # matchLabels: # prometheus: somelabel - ## Namespaces to be selected for PodMonitor discovery. - ## See https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#namespaceselector for usage - ## + ## If nil, select own namespace. Namespaces to be selected for PodMonitor discovery. podMonitorNamespaceSelector: {} + ## Example which selects PodMonitor in namespaces with label "prometheus" set to "somelabel" + # podMonitorNamespaceSelector: + # matchLabels: + # prometheus: somelabel + + ## If true, a nil or {} value for prometheus.prometheusSpec.probeSelector will cause the + ## prometheus resource to be created with selectors based on values in the helm deployment, + ## which will also match the probes created + ## + probeSelectorNilUsesHelmValues: true + + ## Probes to be selected for target discovery. + ## If {}, select all Probes + ## + probeSelector: {} + ## Example which selects Probes with label "prometheus" set to "somelabel" + # probeSelector: + # matchLabels: + # prometheus: somelabel + + ## If nil, select own namespace. Namespaces to be selected for Probe discovery. + probeNamespaceSelector: {} + ## Example which selects Probe in namespaces with label "prometheus" set to "somelabel" + # probeNamespaceSelector: + # matchLabels: + # prometheus: somelabel + + ## If true, a nil or {} value for prometheus.prometheusSpec.scrapeConfigSelector will cause the + ## prometheus resource to be created with selectors based on values in the helm deployment, + ## which will also match the scrapeConfigs created + ## + scrapeConfigSelectorNilUsesHelmValues: true + + ## scrapeConfigs to be selected for target discovery. + ## If {}, select all scrapeConfigs + ## + scrapeConfigSelector: {} + ## Example which selects scrapeConfigs with label "prometheus" set to "somelabel" + # scrapeConfig: + # matchLabels: + # prometheus: somelabel + + ## If nil, select own namespace. Namespaces to be selected for scrapeConfig discovery. + scrapeConfigNamespaceSelector: {} + ## Example which selects scrapeConfig in namespaces with label "prometheus" set to "somelabel" + # scrapeConfigNamespaceSelector: + # matchLabels: + # prometheus: somelabel ## How long to retain metrics ## @@ -1654,6 +2001,11 @@ prometheus: ## retentionSize: "5GiB" + ## Allow out-of-order/out-of-bounds samples ingested into Prometheus for a specified duration + ## See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#tsdb + tsdb: + outOfOrderTimeWindow: 0s + ## Enable compression of the write-ahead log using Snappy. ## walCompression: false @@ -1662,10 +2014,20 @@ prometheus: ## paused: false - ## Number of Prometheus replicas desired + ## Number of replicas of each shard to deploy for a Prometheus deployment. + ## Number of replicas multiplied by shards is the total number of Pods created. ## replicas: 1 + ## EXPERIMENTAL: Number of shards to distribute targets onto. + ## Number of replicas multiplied by shards is the total number of Pods created. + ## Note that scaling down shards will not reshard data onto remaining instances, it must be manually moved. + ## Increasing shards will not reshard data either but it will continue to be available from the same instances. + ## To query globally use Thanos sidecar and Thanos querier or remote write data to a central location. + ## Sharding is done on the content of the `__address__` target meta-label. + ## + shards: 1 + ## Log level for Prometheus be configured in ## logLevel: info @@ -1679,7 +2041,7 @@ prometheus: ## routePrefix: / - ## Standard object’s metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata ## Metadata Labels and Annotations gets propagated to the prometheus pods. ## podMetadata: {} @@ -1713,21 +2075,25 @@ prometheus: # - e2e-az2 ## The remote_read spec configuration for Prometheus. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#remotereadspec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotereadspec remoteRead: [] # - url: http://remote1/read + ## additionalRemoteRead is appended to remoteRead + additionalRemoteRead: [] ## The remote_write spec configuration for Prometheus. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#remotewritespec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#remotewritespec remoteWrite: [] # - url: http://remote1/push + ## additionalRemoteWrite is appended to remoteWrite + additionalRemoteWrite: [] ## Enable/Disable Grafana dashboards provisioning for prometheus remote write feature remoteWriteDashboards: false ## Resource limits & requests - ## - resources: + ## + resources: requests: memory: 1536Mi cpu: 750m @@ -1736,9 +2102,11 @@ prometheus: cpu: "1" ## Prometheus StorageSpec for persistent data - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/storage.md + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md ## storageSpec: {} + ## Using PersistentVolumeClaim + ## # volumeClaimTemplate: # spec: # storageClassName: gluster @@ -1748,6 +2116,17 @@ prometheus: # storage: 50Gi # selector: {} + ## Using tmpfs volume + ## + # emptyDir: + # medium: Memory + + # Additional volumes on the output StatefulSet definition. + volumes: [] + + # Additional VolumeMounts on the output StatefulSet definition. + volumeMounts: [] + ## AdditionalScrapeConfigs allows specifying additional Prometheus scrape configurations. Scrape configurations ## are appended to the configurations generated by the Prometheus Operator. Job configurations must have the form ## as specified in the official Prometheus documentation: @@ -1755,8 +2134,9 @@ prometheus: ## appended, the user is responsible to make sure it is valid. Note that using this feature may expose the possibility ## to break upgrades of Prometheus. It is advised to review Prometheus release notes to ensure that no incompatible ## scrape configs are going to break Prometheus after the upgrade. + ## AdditionalScrapeConfigs can be defined as a list or as a templated string. ## - ## The scrape configuraiton example below will find master nodes, provided they have the name .*mst.*, relabel the + ## The scrape configuration example below will find master nodes, provided they have the name .*mst.*, relabel the ## port to 2379 and allow etcd scraping provided it is running on all Kubernetes master nodes ## additionalScrapeConfigs: @@ -1805,6 +2185,28 @@ prometheus: # metric_relabel_configs: # - regex: (kubernetes_io_hostname|failure_domain_beta_kubernetes_io_region|beta_kubernetes_io_os|beta_kubernetes_io_arch|beta_kubernetes_io_instance_type|failure_domain_beta_kubernetes_io_zone) # action: labeldrop + # + ## If scrape config contains a repetitive section, you may want to use a template. + ## In the following example, you can see how to define `gce_sd_configs` for multiple zones + # additionalScrapeConfigs: | + # - job_name: "node-exporter" + # gce_sd_configs: + # {{range $zone := .Values.gcp_zones}} + # - project: "project1" + # zone: "{{$zone}}" + # port: 9100 + # {{end}} + # relabel_configs: + # ... + + + ## If additional scrape configurations are already deployed in a single secret file you can use this section. + ## Expected values are the secret name and key + ## Cannot be used with additionalScrapeConfigs + additionalScrapeConfigsSecret: {} + # enabled: false + # name: + # key: ## additionalPrometheusSecretsAnnotations allows to add annotations to the kubernetes secret. This can be useful ## when deploying via spinnaker to disable versioning on the secret, strategy.spinnaker.io/versioned: 'false' @@ -1826,6 +2228,15 @@ prometheus: # services: # - metrics-prometheus-alertmanager + ## If additional alertmanager configurations are already deployed in a single secret, or you want to manage + ## them separately from the helm deployment, you can use this section. + ## Expected values are the secret name and key + ## Cannot be used with additionalAlertManagerConfigs + additionalAlertManagerConfigsSecret: {} + # name: + # key: + # optional: false + ## AdditionalAlertRelabelConfigs allows specifying Prometheus alert relabel configurations. Alert relabel configurations specified are appended ## to the configurations generated by the Prometheus Operator. Alert relabel configurations specified must have the form as specified in the ## official Prometheus documentation: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alert_relabel_configs. @@ -1839,49 +2250,161 @@ prometheus: # replacement: $1 # action: labeldrop + ## If additional alert relabel configurations are already deployed in a single secret, or you want to manage + ## them separately from the helm deployment, you can use this section. + ## Expected values are the secret name and key + ## Cannot be used with additionalAlertRelabelConfigs + additionalAlertRelabelConfigsSecret: {} + # name: + # key: + ## SecurityContext holds pod-level security attributes and common container settings. ## This defaults to non root user with uid 1000 and gid 2000. - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md + ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md ## securityContext: + runAsGroup: 2000 runAsNonRoot: true runAsUser: 1000 fsGroup: 2000 - ## Priority class assigned to the Pods + ## Priority class assigned to the Pods ## priorityClassName: "" ## Thanos configuration allows configuring various aspects of a Prometheus server in a Thanos environment. ## This section is experimental, it may change significantly without deprecation notice in any release. ## This is experimental and may change significantly without backward compatibility in any release. - ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#thanosspec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosspec ## thanos: {} + # secretProviderClass: + # provider: gcp + # parameters: + # secrets: | + # - resourceName: "projects/$PROJECT_ID/secrets/testsecret/versions/latest" + # fileName: "objstore.yaml" + # objectStorageConfigFile: /var/secrets/object-store.yaml ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to a Prometheus pod. - ## if using proxy extraContainer update targetPort with proxy container port + ## if using proxy extraContainer update targetPort with proxy container port containers: [] + # containers: + # - name: oauth-proxy + # image: quay.io/oauth2-proxy/oauth2-proxy:v7.3.0 + # args: + # - --upstream=http://127.0.0.1:9093 + # - --http-address=0.0.0.0:8081 + # - ... + # ports: + # - containerPort: 8081 + # name: oauth-proxy + # protocol: TCP + # resources: {} ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes ## (permissions, dir tree) on mounted volumes before starting prometheus initContainers: [] - ## Enable additional scrape configs that are managed externally to this chart. Note that the prometheus - ## will fail to provision if the correct secret does not exist. - ## This option requires that you are maintaining a secret in the same namespace as Prometheus with - ## a name of 'prometheus-operator-prometheus-scrape-confg' and a key of 'additional-scrape-configs.yaml' that - ## contains a list of scrape_config's. The name of the secret may vary if you utilize the "fullnameOverride". - ## This feature cannot be used in conjunction with the additionalScrapeConfigs attribute (the helm-generated - ## secret will overwrite your self-maintained secret). - ## - ## scrape_config docs: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config - ## explanation of "confg" typo: https://github.com/helm/charts/issues/13368 - additionalScrapeConfigsExternal: false - ## PortName to use for Prometheus. ## - portName: "web" + portName: "http-web" + + ## ArbitraryFSAccessThroughSMs configures whether configuration based on a service monitor can access arbitrary files + ## on the file system of the Prometheus container e.g. bearer token files. + arbitraryFSAccessThroughSMs: false + + ## OverrideHonorLabels if set to true overrides all user configured honor_labels. If HonorLabels is set in ServiceMonitor + ## or PodMonitor to true, this overrides honor_labels to false. + overrideHonorLabels: false + + ## OverrideHonorTimestamps allows to globally enforce honoring timestamps in all scrape configs. + overrideHonorTimestamps: false + + ## IgnoreNamespaceSelectors if set to true will ignore NamespaceSelector settings from the podmonitor and servicemonitor + ## configs, and they will only discover endpoints within their current namespace. Defaults to false. + ignoreNamespaceSelectors: false + + ## EnforcedNamespaceLabel enforces adding a namespace label of origin for each alert and metric that is user created. + ## The label value will always be the namespace of the object that is being created. + ## Disabled by default + enforcedNamespaceLabel: "" + + ## PrometheusRulesExcludedFromEnforce - list of prometheus rules to be excluded from enforcing of adding namespace labels. + ## Works only if enforcedNamespaceLabel set to true. Make sure both ruleNamespace and ruleName are set for each pair + ## Deprecated, use `excludedFromEnforcement` instead + prometheusRulesExcludedFromEnforce: [] + + ## ExcludedFromEnforcement - list of object references to PodMonitor, ServiceMonitor, Probe and PrometheusRule objects + ## to be excluded from enforcing a namespace label of origin. + ## Works only if enforcedNamespaceLabel set to true. + ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#objectreference + excludedFromEnforcement: [] + + ## QueryLogFile specifies the file to which PromQL queries are logged. Note that this location must be writable, + ## and can be persisted using an attached volume. Alternatively, the location can be set to a stdout location such + ## as /dev/stdout to log querie information to the default Prometheus log stream. This is only available in versions + ## of Prometheus >= 2.16.0. For more details, see the Prometheus docs (https://prometheus.io/docs/guides/query-log/) + queryLogFile: false + + ## EnforcedSampleLimit defines global limit on number of scraped samples that will be accepted. This overrides any SampleLimit + ## set per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the SampleLimit to keep overall + ## number of samples/series under the desired limit. Note that if SampleLimit is lower that value will be taken instead. + enforcedSampleLimit: false + + ## EnforcedTargetLimit defines a global limit on the number of scraped targets. This overrides any TargetLimit set + ## per ServiceMonitor or/and PodMonitor. It is meant to be used by admins to enforce the TargetLimit to keep the overall + ## number of targets under the desired limit. Note that if TargetLimit is lower, that value will be taken instead, except + ## if either value is zero, in which case the non-zero value will be used. If both values are zero, no limit is enforced. + enforcedTargetLimit: false + + + ## Per-scrape limit on number of labels that will be accepted for a sample. If more than this number of labels are present + ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions + ## 2.27.0 and newer. + enforcedLabelLimit: false + + ## Per-scrape limit on length of labels name that will be accepted for a sample. If a label name is longer than this number + ## post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus versions + ## 2.27.0 and newer. + enforcedLabelNameLengthLimit: false + + ## Per-scrape limit on length of labels value that will be accepted for a sample. If a label value is longer than this + ## number post metric-relabeling, the entire scrape will be treated as failed. 0 means no limit. Only valid in Prometheus + ## versions 2.27.0 and newer. + enforcedLabelValueLengthLimit: false + + ## AllowOverlappingBlocks enables vertical compaction and vertical query merge in Prometheus. This is still experimental + ## in Prometheus so it may change in any upcoming release. + allowOverlappingBlocks: false + + ## Minimum number of seconds for which a newly created pod should be ready without any of its container crashing for it to + ## be considered available. Defaults to 0 (pod will be considered available as soon as it is ready). + minReadySeconds: 0 + + # Required for use in managed kubernetes clusters (such as AWS EKS) with custom CNI (such as calico), + # because control-plane managed by AWS cannot communicate with pods' IP CIDR and admission webhooks are not working + # Use the host's network namespace if true. Make sure to understand the security implications if you want to enable it. + # When hostNetwork is enabled, this will set dnsPolicy to ClusterFirstWithHostNet automatically. + hostNetwork: false + + # HostAlias holds the mapping between IP and hostnames that will be injected + # as an entry in the pod’s hosts file. + hostAliases: [] + # - ip: 10.10.0.100 + # hostnames: + # - a1.app.local + # - b1.app.local + + ## TracingConfig configures tracing in Prometheus. + ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#prometheustracingconfig + tracingConfig: {} + + additionalRulesForClusterRole: [] + # - apiGroups: [ "" ] + # resources: + # - nodes/proxy + # verbs: [ "get", "list", "watch" ] additionalServiceMonitors: [] ## Name of the ServiceMonitor to create @@ -1900,7 +2423,11 @@ prometheus: ## labels to transfer from the kubernetes service to the target ## - # targetLabels: "" + # targetLabels: [] + + ## labels to transfer from the kubernetes pods to the target + ## + # podTargetLabels: [] ## Label selector for services to which this ServiceMonitor applies ## @@ -1968,6 +2495,25 @@ prometheus: ## # serverName: "" + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + # metricRelabelings: [] + # - action: keep + # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + # sourceLabels: [__name__] + + ## RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + # relabelings: [] + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # separator: ; + # regex: ^(.*)$ + # targetLabel: nodename + # replacement: $1 + # action: replace + additionalPodMonitors: [] ## Name of the PodMonitor to create ## @@ -2007,6 +2553,425 @@ prometheus: # matchNames: [] ## Endpoints of the selected pods to be monitored - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#podmetricsendpoint + ## https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#podmetricsendpoint ## # podMetricsEndpoints: [] + +## Configuration for thanosRuler +## ref: https://thanos.io/tip/components/rule.md/ +## +thanosRuler: + + ## Deploy thanosRuler + ## + enabled: false + + ## Annotations for ThanosRuler + ## + annotations: {} + + ## Service account for ThanosRuler to use. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + create: true + name: "" + annotations: {} + + ## Configure pod disruption budgets for ThanosRuler + ## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget + ## This configuration is immutable once created and will require the PDB to be deleted to be changed + ## https://github.com/kubernetes/kubernetes/issues/45398 + ## + podDisruptionBudget: + enabled: false + minAvailable: 1 + maxUnavailable: "" + + ingress: + enabled: false + + # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName + # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress + # ingressClassName: nginx + + annotations: {} + + labels: {} + + ## Hosts must be provided if Ingress is enabled. + ## + hosts: [] + # - thanosruler.domain.com + + ## Paths to use for ingress rules - one path should match the thanosruler.routePrefix + ## + paths: [] + # - / + + ## For Kubernetes >= 1.18 you should specify the pathType (determines how Ingress paths should be matched) + ## See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#better-path-matching-with-path-types + # pathType: ImplementationSpecific + + ## TLS configuration for ThanosRuler Ingress + ## Secret must be manually created in the namespace + ## + tls: [] + # - secretName: thanosruler-general-tls + # hosts: + # - thanosruler.example.com + + ## Configuration for ThanosRuler service + ## + service: + annotations: {} + labels: {} + clusterIP: "" + + ## Port for ThanosRuler Service to listen on + ## + port: 10902 + ## To be used with a proxy extraContainer port + ## + targetPort: 10902 + ## Port to expose on each node + ## Only used if service.type is 'NodePort' + ## + nodePort: 30905 + ## List of IP addresses at which the Prometheus server service is available + ## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips + ## + + ## Additional ports to open for ThanosRuler service + additionalPorts: [] + + externalIPs: [] + loadBalancerIP: "" + loadBalancerSourceRanges: [] + + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints + ## + externalTrafficPolicy: Cluster + + ## Service type + ## + type: ClusterIP + + ## If true, create a serviceMonitor for thanosRuler + ## + serviceMonitor: + ## Scrape interval. If not set, the Prometheus default scrape interval is used. + ## + interval: "" + selfMonitor: true + + ## Additional labels + ## + additionalLabels: {} + + ## SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. + ## + sampleLimit: 0 + + ## TargetLimit defines a limit on the number of scraped targets that will be accepted. + ## + targetLimit: 0 + + ## Per-scrape limit on number of labels that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelLimit: 0 + + ## Per-scrape limit on length of labels name that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelNameLengthLimit: 0 + + ## Per-scrape limit on length of labels value that will be accepted for a sample. Only valid in Prometheus versions 2.27.0 and newer. + ## + labelValueLengthLimit: 0 + + ## proxyUrl: URL of a proxy that should be used for scraping. + ## + proxyUrl: "" + + ## scheme: HTTP scheme to use for scraping. Can be used with `tlsConfig` for example if using istio mTLS. + scheme: "" + + ## tlsConfig: TLS configuration to use when scraping the endpoint. For example if using istio mTLS. + ## Of type: https://github.com/coreos/prometheus-operator/blob/main/Documentation/api.md#tlsconfig + tlsConfig: {} + + bearerTokenFile: + + ## MetricRelabelConfigs to apply to samples after scraping, but before ingestion. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + metricRelabelings: [] + # - action: keep + # regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+' + # sourceLabels: [__name__] + + ## RelabelConfigs to apply to samples before scraping + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#relabelconfig + ## + relabelings: [] + # - sourceLabels: [__meta_kubernetes_pod_node_name] + # separator: ; + # regex: ^(.*)$ + # targetLabel: nodename + # replacement: $1 + # action: replace + + ## Settings affecting thanosRulerpec + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#thanosrulerspec + ## + thanosRulerSpec: + ## Standard object's metadata. More info: https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata + ## Metadata Labels and Annotations gets propagated to the ThanosRuler pods. + ## + podMetadata: {} + + ## Image of ThanosRuler + ## + image: + registry: quay.io + repository: thanos/thanos + tag: v0.32.2 + sha: "" + + ## Namespaces to be selected for PrometheusRules discovery. + ## If nil, select own namespace. Namespaces to be selected for ServiceMonitor discovery. + ## See https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/api.md#namespaceselector for usage + ## + ruleNamespaceSelector: {} + + ## If true, a nil or {} value for thanosRuler.thanosRulerSpec.ruleSelector will cause the + ## prometheus resource to be created with selectors based on values in the helm deployment, + ## which will also match the PrometheusRule resources created + ## + ruleSelectorNilUsesHelmValues: true + + ## PrometheusRules to be selected for target discovery. + ## If {}, select all PrometheusRules + ## + ruleSelector: {} + ## Example which select all PrometheusRules resources + ## with label "prometheus" with values any of "example-rules" or "example-rules-2" + # ruleSelector: + # matchExpressions: + # - key: prometheus + # operator: In + # values: + # - example-rules + # - example-rules-2 + # + ## Example which select all PrometheusRules resources with label "role" set to "example-rules" + # ruleSelector: + # matchLabels: + # role: example-rules + + ## Define Log Format + # Use logfmt (default) or json logging + logFormat: logfmt + + ## Log level for ThanosRuler to be configured with. + ## + logLevel: info + + ## Size is the expected size of the thanosRuler cluster. The controller will eventually make the size of the + ## running cluster equal to the expected size. + replicas: 1 + + ## Time duration ThanosRuler shall retain data for. Default is '24h', and must match the regular expression + ## [0-9]+(ms|s|m|h) (milliseconds seconds minutes hours). + ## + retention: 24h + + ## Interval between consecutive evaluations. + ## + evaluationInterval: "" + + ## Storage is the definition of how storage will be used by the ThanosRuler instances. + ## ref: https://github.com/prometheus-operator/prometheus-operator/blob/main/Documentation/user-guides/storage.md + ## + storage: {} + # volumeClaimTemplate: + # spec: + # storageClassName: gluster + # accessModes: ["ReadWriteOnce"] + # resources: + # requests: + # storage: 50Gi + # selector: {} + + ## AlertmanagerConfig define configuration for connecting to alertmanager. + ## Only available with Thanos v0.10.0 and higher. Maps to the alertmanagers.config Thanos Ruler arg. + alertmanagersConfig: {} + # - api_version: v2 + # http_config: + # basic_auth: + # username: some_user + # password: some_pass + # static_configs: + # - alertmanager.thanos.io + # scheme: http + # timeout: 10s + + ## DEPRECATED. Define URLs to send alerts to Alertmanager. For Thanos v0.10.0 and higher, alertmanagersConfig should be used instead. + ## Note: this field will be ignored if alertmanagersConfig is specified. Maps to the alertmanagers.url Thanos Ruler arg. + # alertmanagersUrl: + + ## The external URL the Thanos Ruler instances will be available under. This is necessary to generate correct URLs. This is necessary if Thanos Ruler is not served from root of a DNS name. string false + ## + externalPrefix: + + ## The route prefix ThanosRuler registers HTTP handlers for. This is useful, if using ExternalURL and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, + ## but the server serves requests under a different route prefix. For example for use with kubectl proxy. + ## + routePrefix: / + + ## ObjectStorageConfig configures object storage in Thanos. Alternative to + ## ObjectStorageConfigFile, and lower order priority. + objectStorageConfig: {} + + ## ObjectStorageConfigFile specifies the path of the object storage configuration file. + ## When used alongside with ObjectStorageConfig, ObjectStorageConfigFile takes precedence. + objectStorageConfigFile: "" + + ## QueryEndpoints defines Thanos querier endpoints from which to query metrics. + ## Maps to the --query flag of thanos ruler. + queryEndpoints: [] + + ## Define configuration for connecting to thanos query instances. If this is defined, the queryEndpoints field will be ignored. + ## Maps to the query.config CLI argument. Only available with thanos v0.11.0 and higher. + queryConfig: {} + + ## Labels configure the external label pairs to ThanosRuler. A default replica + ## label `thanos_ruler_replica` will be always added as a label with the value + ## of the pod's name and it will be dropped in the alerts. + labels: {} + + ## If set to true all actions on the underlying managed objects are not going to be performed, except for delete actions. + ## + paused: false + + ## Define which Nodes the Pods are scheduled on. + ## ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + + ## Define resources requests and limits for single Pods. + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## + resources: {} + # requests: + # memory: 400Mi + + ## Pod anti-affinity can prevent the scheduler from placing Prometheus replicas on the same node. + ## The default value "soft" means that the scheduler should *prefer* to not schedule two replica pods onto the same node but no guarantee is provided. + ## The value "hard" means that the scheduler is *required* to not schedule two replica pods onto the same node. + ## The value "" will disable pod anti-affinity so that no anti-affinity rules will be configured. + ## + podAntiAffinity: "" + + ## If anti-affinity is enabled sets the topologyKey to use for anti-affinity. + ## This can be changed to, for example, failure-domain.beta.kubernetes.io/zone + ## + podAntiAffinityTopologyKey: kubernetes.io/hostname + + ## Assign custom affinity rules to the thanosRuler instance + ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + ## + affinity: {} + # nodeAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # nodeSelectorTerms: + # - matchExpressions: + # - key: kubernetes.io/e2e-az-name + # operator: In + # values: + # - e2e-az1 + # - e2e-az2 + + ## If specified, the pod's tolerations. + ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + # - key: "key" + # operator: "Equal" + # value: "value" + # effect: "NoSchedule" + + ## If specified, the pod's topology spread constraints. + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## + topologySpreadConstraints: [] + # - maxSkew: 1 + # topologyKey: topology.kubernetes.io/zone + # whenUnsatisfiable: DoNotSchedule + # labelSelector: + # matchLabels: + # app: thanos-ruler + + ## SecurityContext holds pod-level security attributes and common container settings. + ## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + ## + securityContext: + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + fsGroup: 2000 + seccompProfile: + type: RuntimeDefault + + ## ListenLocal makes the ThanosRuler server listen on loopback, so that it does not bind against the Pod IP. + ## Note this is only for the ThanosRuler UI, not the gossip communication. + ## + listenLocal: false + + ## Containers allows injecting additional containers. This is meant to allow adding an authentication proxy to an ThanosRuler pod. + ## + containers: [] + + # Additional volumes on the output StatefulSet definition. + volumes: [] + + # Additional VolumeMounts on the output StatefulSet definition. + volumeMounts: [] + + ## InitContainers allows injecting additional initContainers. This is meant to allow doing some changes + ## (permissions, dir tree) on mounted volumes before starting prometheus + initContainers: [] + + ## Priority class assigned to the Pods + ## + priorityClassName: "" + + ## PortName to use for ThanosRuler. + ## + portName: "web" + + ## ExtraSecret can be used to store various data in an extra secret + ## (use it for example to store hashed basic auth credentials) + extraSecret: + ## if not set, name will be auto generated + # name: "" + annotations: {} + data: {} + # auth: | + # foo:$apr1$OFG3Xybp$ckL0FHDAkoXYIlH9.cysT0 + # someoneelse:$apr1$DMZX2Z4q$6SbQIfyuLQd.xmo/P0m2c. + +## Setting to true produces cleaner resource names, but requires a data migration because the name of the persistent volume changes. Therefore this should only be set once on initial installation. +## +cleanPrometheusOperatorObjectNames: false + +## Extra manifests to deploy as an array +extraManifests: [] + # - apiVersion: v1 + # kind: ConfigMap + # metadata: + # labels: + # name: prometheus-extra + # data: + # extra-data: "value" From 2f8396b6eb8532b415d6bd2f374dd665e33fcc37 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 12 Oct 2023 12:10:45 +0530 Subject: [PATCH 341/742] updated egov-dervice host in unified-qa env --- .../helm/environments/unified-qa.yaml | 55 ++++++++++--------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 8ae7996570..2c853aafb7 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -45,8 +45,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -57,31 +57,31 @@ cluster-configs: data-sync-employee: "http://data-sync-employee:8080/" egov-common-masters: "http://egov-common-masters:8080/" egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" egf-voucher: "http://egf-voucher:8080/" egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -106,7 +106,7 @@ cluster-configs: pgr-master: "http://pgr-master:8080/" pgr-rest: "http://pgr-rest:8080/" pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" + report: "http://report.egov:8080/" swm-services: "http://swm-services:8080/" tenant: "http://tenant:8080/" tl-masters: "http://tl-masters:8080/" @@ -114,7 +114,7 @@ cluster-configs: tl-workflow: "http://tl-workflow:8080/" tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" + user-otp: "http://user-otp.egov:8080/" firenoc-services: "http://firenoc-services:8080/" firenoc-calculator: "http://firenoc-calculator:8080/" egov-apportion-service: "http://egov-apportion-service:8080/" @@ -130,11 +130,16 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + project: "http://project.egov:8080/" + individual: "http://individual.egov:8080/" + household: "http://household.health:8080/" + product: "http://product.health:8080/" + facility: "http://facility.health:8080/" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ From adff9c3419f391fbd940f2369aa5440f5607142b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 12 Oct 2023 12:14:10 +0530 Subject: [PATCH 342/742] updated egov-dervice host in unified-qa env --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 2c853aafb7..65262f0367 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -218,7 +218,7 @@ egov-user: citizen-otp-fixed: "123456" citizen-otp-fixed-enabled: "true" egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" + decryption-abac-enabled: "true" chatbot: kafka-topics-partition-count: 3 From dd74957ad807de4462e7f46114dbe20ea29d4225 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 12 Oct 2023 12:28:25 +0530 Subject: [PATCH 343/742] Update egov-user-values.yaml --- .../helm/charts/core-services/egov-user/egov-user-values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index 1e2d46f82a..924af961c8 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -84,7 +84,7 @@ env: | configMapKeyRef: name: egov-service-host key: egov-enc-service - - name: EGOV_STATE_LEVEL_TENANT_ID + - name: STATE_LEVEL_TENANT_ID valueFrom: configMapKeyRef: name: egov-config From 657a4699002270f5b6ff36f077d1554297675df2 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 12 Oct 2023 14:12:28 +0530 Subject: [PATCH 344/742] updated es-data-v1 memory and cpu size --- deploy-as-code/helm/environments/unified-dev.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index a4c34c1cff..335b06778d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -742,12 +742,14 @@ elasticsearch-data-v1: - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 zone: ap-south-1b ## add your respective zone eg. ap-south-1a - esJavaOpts: "-Xmx550m -Xms550m" + esJavaOpts: "-Xmx2048m -Xms2048m" resources: requests: - memory: "1Gi" + memory: "3Gi" + cpu: "1000m" limits: - memory: "1Gi" + memory: "3Gi" + cpu: "1000m" ### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> From 28718ee8a42cdb36963760360a4c5075dfbc09e1 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 12 Oct 2023 15:00:50 +0530 Subject: [PATCH 345/742] Update sanitation-qa.yaml (#2034) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 3807d1a633..636bff0b54 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -275,7 +275,7 @@ sanitation-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" sw-services: From b85e0a210087e2ae172c9c1e300c24161736f5d1 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Thu, 12 Oct 2023 16:57:34 +0530 Subject: [PATCH 346/742] added helmcharts for core ui (#2035) --- .../charts/{digit-works => }/frontend/core-ui/Chart.yaml | 2 +- .../frontend/core-ui/templates/deployment.yaml | 0 .../frontend/core-ui/templates/ingress.yaml | 0 .../frontend/core-ui/templates/service.yaml | 0 .../core-ui/templates/subfilter-injection-configmap.yaml | 0 .../charts/{digit-works => }/frontend/core-ui/values.yaml | 0 deploy-as-code/helm/environments/unified-dev.yaml | 6 ++++++ 7 files changed, 7 insertions(+), 1 deletion(-) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/Chart.yaml (96%) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/templates/service.yaml (100%) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/templates/subfilter-injection-configmap.yaml (100%) rename deploy-as-code/helm/charts/{digit-works => }/frontend/core-ui/values.yaml (100%) diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml b/deploy-as-code/helm/charts/frontend/core-ui/Chart.yaml similarity index 96% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/Chart.yaml index 64ad243520..320b024c39 100644 --- a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/Chart.yaml +++ b/deploy-as-code/helm/charts/frontend/core-ui/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../common diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/core-ui/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/deployment.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/core-ui/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/ingress.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/service.yaml b/deploy-as-code/helm/charts/frontend/core-ui/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/service.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/templates/service.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/core-ui/templates/subfilter-injection-configmap.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/templates/subfilter-injection-configmap.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/templates/subfilter-injection-configmap.yaml diff --git a/deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml b/deploy-as-code/helm/charts/frontend/core-ui/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/frontend/core-ui/values.yaml rename to deploy-as-code/helm/charts/frontend/core-ui/values.yaml diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 335b06778d..58a82b249b 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -168,6 +168,12 @@ workbench-ui: sub_filter '' ' ';" +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + storybook: custom-js-injection: | sub_filter.conf: " From 4876dd55963efeefee39064d1369ed2f05d2465f Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Thu, 12 Oct 2023 18:15:34 +0530 Subject: [PATCH 347/742] Updated the namespace for digit-Core UI and removed duplicate key \ (#2037) * added helmcharts for core ui * Update values.yaml * Update unified-dev.yaml --- deploy-as-code/helm/charts/frontend/digit-ui/values.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml index 348dc2ce79..1e4b3d7fbc 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui/values.yaml @@ -1,9 +1,10 @@ -namespace : sanitation # Common Labels labels: app: "digit-ui" group: "web" +namespace: egov + # Ingress Configs ingress: enabled: true @@ -22,7 +23,6 @@ healthChecks: livenessProbePath: "/digit-ui/" readinessProbePath: "/digit-ui/" -namespace: egov extraVolumes: | - name: js-injection configMap: diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 58a82b249b..48c892ef1d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -160,7 +160,7 @@ digit-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" workbench-ui: custom-js-injection: | From 708302517114cf5c3d8e1f85f7efcf42e5880570 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 12 Oct 2023 18:25:34 +0530 Subject: [PATCH 348/742] #SM-3176 added pqm-anomaly-finder service helm chart (#2033) * #SM-3176 added pqm-anomaly-finder service helm chart * #SM-3176 added pqm-anomaly-finder service helm chart --- .../sanitation/pqm-anomaly-finder/Chart.yaml | 26 ++++ .../templates/deployment.yaml | 2 + .../pqm-anomaly-finder/templates/ingress.yaml | 2 + .../pqm-anomaly-finder/templates/service.yaml | 2 + .../sanitation/pqm-anomaly-finder/values.yaml | 113 ++++++++++++++++++ .../helm/environments/sanitation.yaml | 7 ++ 6 files changed, 152 insertions(+) create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/Chart.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/Chart.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/Chart.yaml new file mode 100644 index 0000000000..95069c3aa5 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: pqm-anomaly-finder +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.1.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/deployment.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/ingress.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/service.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml new file mode 100644 index 0000000000..ad8958b102 --- /dev/null +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml @@ -0,0 +1,113 @@ +namespace : sanitation +# Common Labels +labels: + app: "pqm-anomaly-finder" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "pqm-anomaly-finder" + namespace : egov + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "pqm-anomaly-finder_schema" + image: + repository: "pqm-anomaly-finder-db" + +# Container Configs +image: + repository: "pqm-anomaly-finder" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/pqm-anomaly-finder/health" + readinessProbePath: "/pqm-anomaly-finder/health" +appType: "java-spring" +tracing-enabled: true +memory_limits: 512Mi +heap: "-Xmx384m -Xms256m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: PQM_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pqm + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_URL_SHORTNER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-url-shortening + - name: EGOV_PDF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-pqm-anomaly-finder + - name: PERSISTER_SAVE_FSM_TOPIC + value: save-pqm-anomaly-finder-application + - name: PERSISTER_UPDATE_FSM_TOPIC + value: update-pqm-anomaly-finder-application + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index cdb6b7c3b3..d039602d04 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -136,6 +136,7 @@ cluster-configs: vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ @@ -223,6 +224,12 @@ pqm: java-debug: true tracing-enabled: "true" +pqm-anomaly-finder: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + inbox: memory_limits: 512Mi heap: "-Xmx512m -Xms256m" From 65c002721f0e5aa5eccaf4d2447cc7e4a517a2de Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Fri, 13 Oct 2023 09:53:47 +0530 Subject: [PATCH 349/742] Added the measurement & measurement indexer changes (#2036) * Added the measurement & measurement indexer changes * Added only measurement changes * Added measurement persister & indexer changes --- deploy-as-code/helm/environments/unified-qa.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 65262f0367..59545aea80 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -289,13 +289,12 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 88d7474e5b0e7850a4cdf78e89f2a3efcbd47cd8 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 13 Oct 2023 11:11:42 +0530 Subject: [PATCH 350/742] added urban ui updated digit ui to urban ui ,removed digi-ui from health (#2038) --- .../helm/charts/urban/urban-ui/Chart.yaml | 26 ++++++++++++++ .../urban/urban-ui/templates/deployment.yaml | 2 ++ .../urban/urban-ui/templates/ingress.yaml | 2 ++ .../urban/urban-ui/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 11 ++++++ .../helm/charts/urban/urban-ui/values.yaml | 34 +++++++++++++++++++ .../helm/environments/unified-health-dev.yaml | 6 ---- .../helm/environments/unified-urban-dev.yaml | 4 +-- 8 files changed, 79 insertions(+), 8 deletions(-) create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/Chart.yaml create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/urban/urban-ui/values.yaml diff --git a/deploy-as-code/helm/charts/urban/urban-ui/Chart.yaml b/deploy-as-code/helm/charts/urban/urban-ui/Chart.yaml new file mode 100644 index 0000000000..571c1f3330 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: urban-ui +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/urban/urban-ui/templates/deployment.yaml b/deploy-as-code/helm/charts/urban/urban-ui/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/urban-ui/templates/ingress.yaml b/deploy-as-code/helm/charts/urban/urban-ui/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/urban-ui/templates/service.yaml b/deploy-as-code/helm/charts/urban/urban-ui/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/urban-ui/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/urban/urban-ui/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..98907dbc02 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,11 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection + namespace: {{ .Values.namespace }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/urban/urban-ui/values.yaml b/deploy-as-code/helm/charts/urban/urban-ui/values.yaml new file mode 100644 index 0000000000..658ef3ade9 --- /dev/null +++ b/deploy-as-code/helm/charts/urban/urban-ui/values.yaml @@ -0,0 +1,34 @@ +# Common Labels +labels: + app: 'urban-ui' + group: 'web' + +namespace: urban + +# Ingress Configs +ingress: + enabled: true + context: 'urban-ui' + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: 'urban-ui' +replicas: '1' +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: '/urban-ui/' + readinessProbePath: '/urban-ui/' + +extraVolumes: | + - name: js-injection + configMap: + name: urban-ui-js-injection + +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index fcce4d6f81..fa00632849 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -181,12 +181,6 @@ citizen: ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" health-ui: custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index fd0ce04c1b..7f85d9a74c 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -481,11 +481,11 @@ citizen: ';" -digit-ui: +urban-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" dashboard: From 3cc0dbe1b9859639511f26d3f51555a13a5f7eb0 Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Fri, 13 Oct 2023 12:13:16 +0530 Subject: [PATCH 351/742] Added all works persister & indexer changes to qa (#2039) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 59545aea80..5a0ed50ed2 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -289,12 +289,12 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 679f37392f359613b1d54a40340faa77d85fea5e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 15:19:02 +0530 Subject: [PATCH 352/742] updated branch name for configs --- .../helm/environments/sanitation-qa.yaml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 636bff0b54..b69958c41a 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -288,6 +288,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: + memory_limits: "512Mi" replicas: 1 images: - egovio/egov-mdms-service @@ -306,9 +307,8 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/sanitation/egov-perister -/pqm-persister.yml" + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" egov-persister: replicas: 1 @@ -318,7 +318,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch pgr-services: memory_limits: 512Mi @@ -327,28 +327,28 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -369,14 +369,14 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" From 361915f25946faf1560e9a392ffc89c7cf7f281a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 16:33:10 +0530 Subject: [PATCH 353/742] updated pqa-persister config link --- deploy-as-code/helm/environments/sanitation-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index b69958c41a..b06e2184dc 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -308,13 +308,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From e387b91db66bdee7f354ccdb9355989fb2d11fe0 Mon Sep 17 00:00:00 2001 From: Nipun Arora Date: Fri, 13 Oct 2023 16:43:23 +0530 Subject: [PATCH 354/742] Update sanitation.yaml (#2042) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index d039602d04..32aa9e63f8 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -171,7 +171,7 @@ sanitation-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" chatbot: From 5de38ea3e296591242e615e505fec05dad92b8b4 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 17:45:41 +0530 Subject: [PATCH 355/742] removed the extra chart --- .../referral-management/Chart.yaml | 26 --- .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../referral-management/values.yaml | 202 ------------------ 5 files changed, 234 deletions(-) delete mode 100644 deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/referral-management/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml b/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml deleted file mode 100644 index 6fa3c2fe4e..0000000000 --- a/deploy-as-code/helm/charts/health-services/referral-management/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: referralmanagement -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/referral-management/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/referral-management/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml b/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/referral-management/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referral-management/values.yaml b/deploy-as-code/helm/charts/health-services/referral-management/values.yaml deleted file mode 100644 index 8dcd761eae..0000000000 --- a/deploy-as-code/helm/charts/health-services/referral-management/values.yaml +++ /dev/null @@ -1,202 +0,0 @@ -# Common Labels -labels: - app: "referralmanagement" - group: "health" - -namespace: health - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "referralmanagement" - -namespace: health - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "referralmanagement_schema" - image: - repository: "referralmanagement-db" - -# Container Configs -image: - repository: "referralmanagement" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/referralmanagement/health" - readinessProbePath: "/referralmanagement/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" -persist-yml-path: "file:///work-dir/configs/egov-persister/referral-management-persister.yml" -indexer-yml-path: "file:///work-dir/configs/egov-indexer/referral-management-indexer.yml" - -# Additional Container Envs -env: | - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: health-referral-management - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_IDGEN_PATH - value: "egov-idgen/id/_generate" - - name: EGOV_IDGEN_INTEGRATION_ENABLED - value: "true" - - name: REFERRALMANAGEMENT.SIDEEFFECT.IDGEN.ID.FORMAT - value: "referralmanagement.sideeffect.id" - - name: REFERRALMANAGEMENT.REFERRAL.IDGEN.ID.FORMAT - value: "referralmanagement.referral.id" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user-egov - - name: EGOV_SEARCH_USER_URL - value: "/user/_search" - - name: EGOV_USER_INTEGRATION_ENABLED - value: "true" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCATION_CONTEXT_PATH - value: "/egov-location/location/v11" - - name: EGOV_LOCATION_ENDPOINT - value: "/boundarys/_search" - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: "/egov-mdms-service/v1/_search" - - name: EGOV_MDMS_INTEGRATION_ENABLED - value: "true" - - name: EGOV_MDMS_MASTER_NAME - value: "referralmanagement_master" - - name: EGOV_MDMS_MODULE_NAME - value: "referralmanagement" - - name: EGOV_HOUSEHOLD_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: household - - name: EGOV_SEARCH_HOUSEHOLD_URL - value: "/household/v1/_search" - - name: EGOV_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - - name: EGOV_SEARCH_INDIVIDUAL_URL - value: "/individual/v1/_search" - - name: EGOV_PRODUCT_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: product - - name: EGOV_SEARCH_PRODUCT_VARIANT_URL - value: "/product/variant/v1/_search" - - name: EGOV_PROJECT_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: project - - name: EGOV_SEARCH_PROJECT_TASK_URL - value: "/project/task/v1/_search" - - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL - value: "/project/beneficiary/v1/_search" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC - value: "save-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC - value: "update-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC - value: "delete-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC - value: "save-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC - value: "update-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC - value: "delete-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC - value: "save-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC - value: "update-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC - value: "delete-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC - value: "save-referral-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC - value: "update-referral-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC - value: "delete-referral-bulk-topic" - - name: SEARCH_API_LIMIT - value: "1000" - - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED - value: "false" - - name: REFERRALMANAGEMENT.DEFAULT.OFFSET - value: "0" - - name: REFERRALMANAGEMENT.DEFAULT.LIMIT - value: "100" - - name: REFERRALMANAGEMENT.SEARCH.MAX.LIMIT - value: "200" - - name: EGOV.IDGEN.PROJECT.NUMBER.NAME - value: "project.number" - - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT - value: "project.resource.id" - - name: EGOV_FACILITY_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: facility - - name: EGOV_SEARCH_FACILITY_URL - value: "/facility/v1/_search" - - name: PROJECT_MDMS_MODULE - value: "HCM-PROJECT-TYPES" - - name: EGOV_LOCATION_HIERARCHY_TYPE - value: "ADMIN" - - name: EGOV_LOCATION_CODE_QUERY_PARAM - value: "code" \ No newline at end of file From 8266b6b69e46057e562da876bb517ca36e659b48 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 17:47:45 +0530 Subject: [PATCH 356/742] added referralmanagement chart --- .../stock/referralmanagement/Chart.yaml | 26 +++ .../templates/deployment.yaml | 2 + .../referralmanagement/templates/ingress.yaml | 2 + .../referralmanagement/templates/service.yaml | 2 + .../stock/referralmanagement/values.yaml | 202 ++++++++++++++++++ 5 files changed, 234 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml new file mode 100644 index 0000000000..6fa3c2fe4e --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: referralmanagement +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml new file mode 100644 index 0000000000..8dcd761eae --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml @@ -0,0 +1,202 @@ +# Common Labels +labels: + app: "referralmanagement" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "referralmanagement" + +namespace: health + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "referralmanagement_schema" + image: + repository: "referralmanagement-db" + +# Container Configs +image: + repository: "referralmanagement" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/referralmanagement/health" + readinessProbePath: "/referralmanagement/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/configs/egov-persister/referral-management-persister.yml" +indexer-yml-path: "file:///work-dir/configs/egov-indexer/referral-management-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-referral-management + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: REFERRALMANAGEMENT.SIDEEFFECT.IDGEN.ID.FORMAT + value: "referralmanagement.sideeffect.id" + - name: REFERRALMANAGEMENT.REFERRAL.IDGEN.ID.FORMAT + value: "referralmanagement.referral.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "referralmanagement_master" + - name: EGOV_MDMS_MODULE_NAME + value: "referralmanagement" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_SEARCH_PROJECT_TASK_URL + value: "/project/task/v1/_search" + - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL + value: "/project/beneficiary/v1/_search" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC + value: "save-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC + value: "update-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC + value: "delete-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC + value: "save-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC + value: "update-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC + value: "delete-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC + value: "save-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC + value: "update-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC + value: "delete-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC + value: "save-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC + value: "update-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC + value: "delete-referral-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: REFERRALMANAGEMENT.DEFAULT.OFFSET + value: "0" + - name: REFERRALMANAGEMENT.DEFAULT.LIMIT + value: "100" + - name: REFERRALMANAGEMENT.SEARCH.MAX.LIMIT + value: "200" + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" \ No newline at end of file From f05d4bfb56ac4b21f9f71cb2625f84809bdfa11a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 17:51:38 +0530 Subject: [PATCH 357/742] added referralmanagement chart --- .../charts/health-services/stock/referralmanagement/values.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml index 8dcd761eae..bf8939baef 100644 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml @@ -11,8 +11,6 @@ ingress: zuul: true context: "referralmanagement" -namespace: health - # Init Containers Configs initContainers: dbMigration: From 191e4a998d18e7523db4ddec25f088a50d14dc94 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 13 Oct 2023 21:05:57 +0530 Subject: [PATCH 358/742] added referralmanagement chart --- .../referralmanagement/Chart.yaml | 26 +++ .../templates/deployment.yaml | 2 + .../referralmanagement/templates/ingress.yaml | 2 + .../referralmanagement/templates/service.yaml | 2 + .../referralmanagement/values.yaml | 202 ++++++++++++++++++ 5 files changed, 234 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/referralmanagement/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referralmanagement/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referralmanagement/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referralmanagement/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/Chart.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/Chart.yaml new file mode 100644 index 0000000000..6fa3c2fe4e --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: referralmanagement +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/templates/service.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml new file mode 100644 index 0000000000..8dcd761eae --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -0,0 +1,202 @@ +# Common Labels +labels: + app: "referralmanagement" + group: "health" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "referralmanagement" + +namespace: health + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "referralmanagement_schema" + image: + repository: "referralmanagement-db" + +# Container Configs +image: + repository: "referralmanagement" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/referralmanagement/health" + readinessProbePath: "/referralmanagement/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +persist-yml-path: "file:///work-dir/configs/egov-persister/referral-management-persister.yml" +indexer-yml-path: "file:///work-dir/configs/egov-indexer/referral-management-indexer.yml" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-referral-management + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: REFERRALMANAGEMENT.SIDEEFFECT.IDGEN.ID.FORMAT + value: "referralmanagement.sideeffect.id" + - name: REFERRALMANAGEMENT.REFERRAL.IDGEN.ID.FORMAT + value: "referralmanagement.referral.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "referralmanagement_master" + - name: EGOV_MDMS_MODULE_NAME + value: "referralmanagement" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_SEARCH_PROJECT_TASK_URL + value: "/project/task/v1/_search" + - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL + value: "/project/beneficiary/v1/_search" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC + value: "save-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC + value: "update-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC + value: "delete-side-effect-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC + value: "save-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC + value: "update-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC + value: "delete-side-effect-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC + value: "save-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC + value: "update-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC + value: "delete-referral-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC + value: "save-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC + value: "update-referral-bulk-topic" + - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC + value: "delete-referral-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: REFERRALMANAGEMENT.DEFAULT.OFFSET + value: "0" + - name: REFERRALMANAGEMENT.DEFAULT.LIMIT + value: "100" + - name: REFERRALMANAGEMENT.SEARCH.MAX.LIMIT + value: "200" + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" \ No newline at end of file From 66ff17b651919c7c1df8e50fdff3999960799f66 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Sun, 15 Oct 2023 19:15:08 +0530 Subject: [PATCH 359/742] Update unified-qa.yaml --- deploy-as-code/helm/environments/unified-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 5a0ed50ed2..5a7c70a4fd 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -411,6 +411,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" From 53d4f5156ef44da8a10b4b9363b70d2a861ca7f8 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Sun, 15 Oct 2023 19:23:34 +0530 Subject: [PATCH 360/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index e27da210e1..debac55ebd 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -172,6 +172,7 @@ cluster-configs: measurement-registry: "http://measurement-registry.works:8080/" estimate-service: + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true estimate-default-limit: 100 From 4805cc9f79c46841ee544001944f56bcd5e97c5a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Sun, 15 Oct 2023 19:26:03 +0530 Subject: [PATCH 361/742] Update values.yaml --- .../helm/charts/digit-works/backend/estimates/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml index 34262daad8..d821529256 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -30,6 +30,7 @@ healthChecks: readinessProbePath: "/estimate/health" appType: "java-spring" tracing-enabled: true +memory_limits: 512Mi heap: "-Xmx512m -Xms512m" java-args: "" From f17eb308e6a6a1216c77789a78b81b604f4ca829 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Sun, 15 Oct 2023 20:03:38 +0530 Subject: [PATCH 362/742] updated egov-service-host --- .../helm/environments/unified-urban-dev.yaml | 6 +- .../helm/environments/unified-urban-qa.yaml | 60 +++++++++---------- 2 files changed, 31 insertions(+), 35 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 7f85d9a74c..78ad652389 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -5,7 +5,7 @@ global: cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] rbac: - role: user @@ -17,7 +17,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation, urban ] + namespace: [ egov, monitoring, urban ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -48,7 +48,7 @@ cluster-configs: egov-service-host: - namespace: [ egov, monitoring, sanitation, urban ] + namespace: [ egov, monitoring, urban ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 509b6090a1..9e3bb91ef5 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -46,8 +46,8 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -64,25 +64,25 @@ cluster-configs: egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -95,7 +95,7 @@ cluster-configs: lams-services: "http://lams-services:8080/" lcms-workflow: "http://lcms-workflow:8080/" lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" + location: "http://location.egov:8080/" performance-assessment: "http://performance-assessment:8080/" pt-property: "http://pt-property:8080/" pt-workflow: "http://pt-workflow:8080/" @@ -115,38 +115,34 @@ cluster-configs: tl-workflow: "http://tl-workflow:8080/" tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" + user-otp: "http://user-otp.egov:8080/" firenoc-services: "http://firenoc-services:8080/" firenoc-calculator: "http://firenoc-calculator:8080/" egov-apportion-service: "http://egov-apportion-service:8080/" bpa-services: "http://bpa-services.egov:8080/" bpa-calculator: "http://bpa-calculator.egov:8080/" rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" + ws-calculator: "http://ws-calculator.urban:8080/" + ws-services: "http://ws-services.urban:8080/" + sw-services: "http://sw-services.urban:8080/" + sw-calculator: "http://sw-calculator.urban:8080/" land-services: "http://land-services.egov:8080/" noc-services: "http://noc-services.egov:8080/" minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" + inbox: "http://inbox.sanitation:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" - ws-calculator: "http://ws-calculator.urban:8080/" - ws-services: "http://ws-services.urban:8080/" - sw-services: "http://sw-services.urban:8080/" - sw-calculator: "http://sw-calculator.urban:8080/" egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" From 7c66fb5df61b61746e8d44bc6484026eae057e81 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Sun, 15 Oct 2023 21:04:40 +0530 Subject: [PATCH 363/742] updated egov-service-host --- .../helm/environments/sanitation-qa.yaml | 207 ++++++++--------- .../helm/environments/sanitation-uat.yaml | 1 + .../helm/environments/unified-health-qa.yaml | 217 +++++++++--------- .../helm/environments/unified-uat.yaml | 209 ++++++++--------- 4 files changed, 317 insertions(+), 317 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index b06e2184dc..d3e08bde9b 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -43,111 +43,108 @@ cluster-configs: egov-service-host: namespace: [ egov, monitoring, sanitation ] data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - ifms-jit: https://uat.odishatreasury.gov.in - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index b3de7890cf..cce070cc44 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -136,6 +136,7 @@ cluster-configs: vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index b3a466ac3d..c8cc45c729 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -43,114 +43,115 @@ cluster-configs: egov-service-host: namespace: [ egov, monitoring, health ] data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - pgr-services: 'http://pgr-services.health:8080/' - product: 'http://product.health:8080/' - household: 'http://household.health:8080/' - stock: 'http://stock.health:8080/' - facility: 'http://facility.health:8080/' - individual: "http://individual.health:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - project: 'http://project.health:8080/' - service-request: "http://service-request:8080/" + asset-services: 'http://asset-services:8080/' + asset-services-maha: 'http://asset-services-maha:8080/' + billing-service: 'http://billing-service.egov:8080/' + collection-services: 'http://collection-services.egov:8080/' + collection-masters: 'http://collection-masters:8080/' + collection-search-indexer: 'http://collection-search-indexer:8080/' + citizen-indexer: 'http://citizen-indexer:8080/' + citizen-services: 'http://citizen-services:8080/' + dashboard-analytics: 'http://dashboard-analytics.egov:8080/' + dashboard-ingest: 'http://dashboard-ingest.egov:8080/' + demand-services: 'http://demand-services:8080/' + data-sync-employee: 'http://data-sync-employee:8080/' + egov-common-masters: 'http://egov-common-masters:8080/' + egf-masters: 'http://egf-masters:8080/' + egf-master: 'http://egf-master:8080/' + egf-instrument: 'http://egf-instrument:8080/' + egf-voucher: 'http://egf-voucher:8080/' + egf-bill: 'http://egf-bill:8080/' + egov-enc-service: 'http://egov-enc-service.egov:8080/' + egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' + egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' + egov-user: 'http://egov-user.egov:8080/' + egov-user-egov: 'http://egov-user.egov:8080/' + egov-location: 'http://egov-location.egov:8080/' + egov-filestore: 'http://egov-filestore.egov:8080/' + egov-localization: 'http://egov-localization.egov:8080/' + egov-idgen: 'http://egov-idgen.egov:8080/' + egov-otp: 'http://egov-otp.egov:8080/' + egov-common-workflows: 'http://egov-common-workflows:8080/' + egov-mdms-service: 'http://egov-mdms-service.egov:8080/' + egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' + egov-mdms-create: 'http://egov-mdms-create.egov:8080/' + egov-eis: 'http://egov-eis:8080/' + egov-workflow: 'http://egov-workflow.egov:8080/' + egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' + egov-searcher: 'http://egov-searcher.egov:8080/' + egov-data-uploader: 'http://egov-data-uploader.egov:8080/' + egov-indexer: 'http://egov-indexer.egov:8080/' + egov-hrms: 'http://egov-hrms.egov:8080/' + es-client: 'http://elasticsearch-data-v1.es-cluster:9200' + hr-masters: 'http://hr-masters:8080/' + hr-employee: 'http://hr-employee:8080/' + hr-masters-v2: 'http://hr-masters-v2:8080/' + hr-employee-v2: 'http://hr-employee-v2:8080/' + hr-attendance: 'http://hr-attendance:8080/' + hr-leave: 'http://hr-leave:8080/' + hr-employee-movement: 'http://hr-employee-movement:8080/' + inventory-services: 'http://inventory-services:8080/' + lams-services: 'http://lams-services:8080/' + lcms-workflow: 'http://lcms-workflow:8080/' + lcms-services: 'http://lcms-services:8080/' + location: 'http://location:8080/' + performance-assessment: 'http://performance-assessment:8080/' + pt-property: 'http://pt-property:8080/' + pt-workflow: 'http://pt-workflow:8080/' + pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' + pt-calculator: 'http://pt-calculator:8080/' + pt-calculator-v2: 'http://pt-calculator-v2:8080/' + pt-services-v2: 'http://pt-services-v2:8080/' + property-services: 'http://property-services.egov:8080/' + pgr-master: 'http://pgr-master:8080/' + pgr-rest: 'http://pgr-rest:8080/' + pdf-service: 'http://pdf-service.egov:8080/' + report: 'http://report:8080/' + swm-services: 'http://swm-services:8080/' + tenant: 'http://tenant:8080/' + tl-masters: 'http://tl-masters:8080/' + tl-services: 'http://tl-services:8080/' + tl-workflow: 'http://tl-workflow:8080/' + tl-indexer: 'http://tl-indexer:8080/' + tl-calculator: 'http://tl-calculator:8080/' + user-otp: 'http://user-otp:8080/' + firenoc-services: 'http://firenoc-services:8080/' + firenoc-calculator: 'http://firenoc-calculator:8080/' + egov-apportion-service: 'http://egov-apportion-service:8080/' + bpa-services: 'http://bpa-services.egov:8080/' + bpa-calculator: 'http://bpa-calculator.egov:8080/' + rainmaker-pgr: 'http://rainmaker-pgr:8080/' + ws-calculator: 'http://ws-calculator.egov:8080/' + ws-services: 'http://ws-services.egov:8080/' + sw-services: 'http://sw-services.egov:8080/' + sw-calculator: 'http://sw-calculator.egov:8080/' + land-services: 'http://land-services.egov:8080/' + noc-services: 'http://noc-services.egov:8080/' + minio-url: 'https://minio-uat.digit.org/' + egov-user-chatbot: 'http://egov-user-chatbot:8080/' + zuul: 'http://zuul:8080/' + egov-url-shortening: 'http://egov-url-shortening.egov:8080/' + fsm-calculator: 'http://fsm-calculator.egov:8080/' + fsm: 'http://fsm.egov:8080/' + vehicle: 'http://vehicle.egov:8080' + vendor: 'http://vendor.egov:8080' + egov-edcr: 'http://egov-edcr.egov:8080/' + echallan-calculator: 'http://echallan-calculator.egov:8080/' + echallan-services: 'http://echallan-services.egov:8080/' + inbox: 'http://inbox.egov:8080/' + turn-io-adapter: 'http://turn-io-adapter.egov:8080/' + pgr-services: 'http://pgr-services.health:8080/' + birth-death-services: 'http://birth-death-services.egov:8080/' + egov-pdf: 'http://egov-pdf.egov:8080/' + health-registration-service: 'http://health-registration-service:8080/' + health-delivery-service: 'http://health-delivery-service:8080/' + project: 'http://project.egov:8080/' + product: 'http://product.health:8080/' + household: 'http://household.health:8080/' + individual: 'http://individual.egov:8080/' + stock: 'http://stock.health:8080/' + facility: 'http://facility.health:8080/' + service-request: 'http://service-request:8080/' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index b397652c13..aef1f9f06e 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -43,110 +43,111 @@ cluster-configs: egov-service-host: namespace: [ egov, monitoring ] data: - asset-services: 'http://asset-services:8080/' - asset-services-maha: 'http://asset-services-maha:8080/' - billing-service: 'http://billing-service.egov:8080/' - collection-services: 'http://collection-services.egov:8080/' - collection-masters: 'http://collection-masters:8080/' - collection-search-indexer: 'http://collection-search-indexer:8080/' - citizen-indexer: 'http://citizen-indexer:8080/' - citizen-services: 'http://citizen-services:8080/' - dashboard-analytics: 'http://dashboard-analytics.egov:8080/' - dashboard-ingest: 'http://dashboard-ingest.egov:8080/' - demand-services: 'http://demand-services:8080/' - data-sync-employee: 'http://data-sync-employee:8080/' - egov-common-masters: 'http://egov-common-masters:8080/' - egf-masters: 'http://egf-masters:8080/' - egf-master: 'http://egf-master:8080/' - egf-instrument: 'http://egf-instrument:8080/' - egf-voucher: 'http://egf-voucher:8080/' - egf-bill: 'http://egf-bill:8080/' - egov-enc-service: 'http://egov-enc-service.egov:8080/' - egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' - egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' - egov-user: 'http://egov-user.egov:8080/' - egov-user-egov: 'http://egov-user.egov:8080/' - egov-location: 'http://egov-location.egov:8080/' - egov-filestore: 'http://egov-filestore.egov:8080/' - egov-localization: 'http://egov-localization.egov:8080/' - egov-idgen: 'http://egov-idgen.egov:8080/' - egov-otp: 'http://egov-otp.egov:8080/' - egov-common-workflows: 'http://egov-common-workflows:8080/' - egov-mdms-service: 'http://egov-mdms-service.egov:8080/' - egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' - egov-mdms-create: 'http://egov-mdms-create.egov:8080/' - egov-eis: 'http://egov-eis:8080/' - egov-workflow: 'http://egov-workflow.egov:8080/' - egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' - egov-searcher: 'http://egov-searcher.egov:8080/' - egov-data-uploader: 'http://egov-data-uploader.egov:8080/' - egov-indexer: 'http://egov-indexer.egov:8080/' - egov-hrms: 'http://egov-hrms.egov:8080/' - es-client: 'http://elasticsearch-data-v1.es-cluster:9200' - hr-masters: 'http://hr-masters:8080/' - hr-employee: 'http://hr-employee:8080/' - hr-masters-v2: 'http://hr-masters-v2:8080/' - hr-employee-v2: 'http://hr-employee-v2:8080/' - hr-attendance: 'http://hr-attendance:8080/' - hr-leave: 'http://hr-leave:8080/' - hr-employee-movement: 'http://hr-employee-movement:8080/' - inventory-services: 'http://inventory-services:8080/' - lams-services: 'http://lams-services:8080/' - lcms-workflow: 'http://lcms-workflow:8080/' - lcms-services: 'http://lcms-services:8080/' - location: 'http://location:8080/' - performance-assessment: 'http://performance-assessment:8080/' - pt-property: 'http://pt-property:8080/' - pt-workflow: 'http://pt-workflow:8080/' - pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' - pt-calculator: 'http://pt-calculator:8080/' - pt-calculator-v2: 'http://pt-calculator-v2:8080/' - pt-services-v2: 'http://pt-services-v2:8080/' - property-services: 'http://property-services.egov:8080/' - pgr-master: 'http://pgr-master:8080/' - pgr-rest: 'http://pgr-rest:8080/' - pdf-service: 'http://pdf-service.egov:8080/' - report: 'http://report:8080/' - swm-services: 'http://swm-services:8080/' - tenant: 'http://tenant:8080/' - tl-masters: 'http://tl-masters:8080/' - tl-services: 'http://tl-services:8080/' - tl-workflow: 'http://tl-workflow:8080/' - tl-indexer: 'http://tl-indexer:8080/' - tl-calculator: 'http://tl-calculator:8080/' - user-otp: 'http://user-otp:8080/' - firenoc-services: 'http://firenoc-services:8080/' - firenoc-calculator: 'http://firenoc-calculator:8080/' - egov-apportion-service: 'http://egov-apportion-service:8080/' - bpa-services: 'http://bpa-services.egov:8080/' - bpa-calculator: 'http://bpa-calculator.egov:8080/' - rainmaker-pgr: 'http://rainmaker-pgr:8080/' - ws-calculator: 'http://ws-calculator.egov:8080/' - ws-services: 'http://ws-services.egov:8080/' - sw-services: 'http://sw-services.egov:8080/' - sw-calculator: 'http://sw-calculator.egov:8080/' - land-services: 'http://land-services.egov:8080/' - noc-services: 'http://noc-services.egov:8080/' - minio-url: 'https://minio-uat.digit.org/' - egov-user-chatbot: 'http://egov-user-chatbot:8080/' - zuul: 'http://zuul:8080/' - egov-url-shortening: 'http://egov-url-shortening.egov:8080/' - fsm-calculator: 'http://fsm-calculator.egov:8080/' - fsm: 'http://fsm.egov:8080/' - vehicle: 'http://vehicle.egov:8080' - vendor: 'http://vendor.egov:8080' - egov-edcr: 'http://egov-edcr.egov:8080/' - echallan-calculator: 'http://echallan-calculator.egov:8080/' - echallan-services: 'http://echallan-services.egov:8080/' - inbox: 'http://inbox.egov:8080/' - turn-io-adapter: 'http://turn-io-adapter.egov:8080/' - pgr-services: 'http://pgr-services.health:8080/' - birth-death-services: 'http://birth-death-services.egov:8080/' - egov-pdf: 'http://egov-pdf.egov:8080/' - health-registration-service: 'http://health-registration-service:8080/' - health-delivery-service: 'http://health-delivery-service:8080/' - project: 'http://project.egov:8080/' - service-request: 'http://service-request:8080/' + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report.egov:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + project: "http://project.egov:8080/" + individual: "http://individual.egov:8080/" + household: "http://household.health:8080/" + product: "http://product.health:8080/" + facility: "http://facility.health:8080/" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 1468c7c1632ec8862b0c0fdd98b7109638ba29da Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 10:00:42 +0530 Subject: [PATCH 364/742] updated memory limits for project service --- deploy-as-code/helm/environments/unified-qa.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 5a7c70a4fd..47ef62036a 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -203,6 +203,15 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" +project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + egov-user: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi From 707864892bc0c55fb3e0ac1209e816dc9e29ee5b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 10:08:32 +0530 Subject: [PATCH 365/742] updated memory limits for project service --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index debac55ebd..b01fa980ac 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -220,6 +220,8 @@ contract-service: # egov-location-hierarchy-type: "ADMIN" project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi tracing-enabled: true java-enable-debug: true project-default-offset: 0 From 770c45dd7b296fce9ef46566aa159ee0194f394d Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 16 Oct 2023 12:41:05 +0530 Subject: [PATCH 366/742] updated memory limits for extimation (#2043) Co-authored-by: Harish-egov --- deploy-as-code/helm/environments/unified-qa.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 47ef62036a..2d1d1c56f1 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -416,6 +416,12 @@ oauth2-proxy: github_team = "micro-service-qa" upstreams = [ "file:///dev/null" ] +workbench-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + zuul: replicas: 1 custom-filter-property: "false" From 5a4a30503ee26f950e47eaeb3a1653b3f4d8a0b8 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Mon, 16 Oct 2023 15:07:50 +0530 Subject: [PATCH 367/742] SM-3149 added mdmsv2 host in helm chart for pqm service (#2044) * added mdmsv2 host in helm chart for pqm service * updated helm chart for pqm --------- Co-authored-by: admin1 --- .../helm/charts/sanitation/pqm-service/values.yaml | 5 +++++ deploy-as-code/helm/environments/sanitation.yaml | 1 + 2 files changed, 6 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml index abef1c5699..e735edc5c1 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml @@ -46,6 +46,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service + - name: EGOV_MDMS_V2_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: mdms-service-v2 - name: EGOV_URL_SHORTNER_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 32aa9e63f8..9f7c807ad6 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -73,6 +73,7 @@ cluster-configs: egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" egov-mdms-service: "http://egov-mdms-service.egov:8080/" + mdms-service-v2: "http://mdms-v2.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 7112d24cf1529bdc793562262d907d4238f4e8a7 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Mon, 16 Oct 2023 16:04:43 +0530 Subject: [PATCH 368/742] debug mode to true (#2046) Co-authored-by: admin1 --- deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml index e735edc5c1..d89a1a6adf 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml @@ -111,7 +111,7 @@ env: | value: {{ index .Values "java-debug" | quote }} {{- else }} - name: JAVA_ENABLE_DEBUG - value: "false" + value: "true" {{- end }} - name: SECURITY_BASIC_ENABLED value: "false" From 61f5adf0d7d7ad880df96c7b054b0a15005b78e6 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 16 Oct 2023 17:20:37 +0530 Subject: [PATCH 369/742] #SM-3155 added path of pqm (#2047) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 48c892ef1d..554400dc06 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -341,7 +341,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 From 5f7d6105e3c1fe8230695ab452c6d8bcd8670526 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 18:03:01 +0530 Subject: [PATCH 370/742] updated tenant id --- deploy-as-code/helm/environments/sanitation-qa.yaml | 3 ++- deploy-as-code/helm/environments/unified-health-qa.yaml | 3 ++- deploy-as-code/helm/environments/unified-urban-qa.yaml | 3 ++- deploy-as-code/helm/environments/unified-works-qa.yaml | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index d3e08bde9b..e0d8a14d9e 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -18,7 +18,7 @@ cluster-configs: db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - + state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" @@ -60,6 +60,7 @@ cluster-configs: egf-master: "http://egf-master:8080/" egf-instrument: "http://egf-instrument:8080/" egf-voucher: "http://egf-voucher:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index c8cc45c729..49a054b367 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -18,7 +18,7 @@ cluster-configs: db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - + state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" @@ -70,6 +70,7 @@ cluster-configs: egov-filestore: 'http://egov-filestore.egov:8080/' egov-localization: 'http://egov-localization.egov:8080/' egov-idgen: 'http://egov-idgen.egov:8080/' + mdms-service-v2: http://mdms-v2.egov:8080/ egov-otp: 'http://egov-otp.egov:8080/' egov-common-workflows: 'http://egov-common-workflows:8080/' egov-mdms-service: 'http://egov-mdms-service.egov:8080/' diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 9e3bb91ef5..afc310247f 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -18,7 +18,7 @@ cluster-configs: db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - + state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" @@ -131,6 +131,7 @@ cluster-configs: minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ egov-url-shortening: "http://eus.egov:8080/" fsm-calculator: "http://fsm-calculator.sanitation:8080/" fsm: "http://fsm.sanitation:8080/" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index b01fa980ac..30d0db3c06 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -18,7 +18,7 @@ cluster-configs: db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - + state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" @@ -62,6 +62,7 @@ cluster-configs: egf-instrument: "http://egf-instrument.egov:8080/" egf-voucher: "http://egf-voucher:8080/" egf-bill: "http://egf-bill:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" From a68afe19788c653e33be838208c1ef6afadb058b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 18:04:58 +0530 Subject: [PATCH 371/742] updated group name --- deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml index 64b8f5564a..d5f8ae78ec 100644 --- a/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml @@ -1,6 +1,7 @@ # Common Labels labels: app: "pgadmin" + group: "pgadmin" namespace: playground # Ingress Configs From c55330116b8d430cfee7e3d65321842be78da170 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 20:45:24 +0530 Subject: [PATCH 372/742] updated pgadmin charts and configuration --- .../pgadmin/templates/configmap.yaml | 51 +++++++++ .../pgadmin/templates/pv.yaml | 58 ++++++++++ .../pgadmin/templates/pvc.yaml | 23 ++++ .../backbone-services/pgadmin/values.yaml | 101 ++++++++++++++---- .../charts/common/templates/_deployment.yaml | 11 +- .../helm/environments/unified-dev.yaml | 10 +- 6 files changed, 233 insertions(+), 21 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pv.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pvc.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/configmap.yaml new file mode 100644 index 0000000000..a80b96c963 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/configmap.yaml @@ -0,0 +1,51 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-config +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} +data: + servers.json: |- + { + "Servers": { + "1": { + "Name": "{{ .Values.environment }}_WRITE", + "Group": "{{ .Values.environment }}", + "Port": {{ .Values.dbPort }}, + "Username": "{{ index .Values "db-admin-username" }}", + "Host": "{{ .Values.dbUrl }}", + "SSLMode": "prefer", + "MaintenanceDB": "{{ index .Values "maintenance-db-name" }}" + }, + "2": { + "Name": "{{ .Values.environment }}_READ", + "Group": "{{ .Values.environment }}", + "Port": {{ .Values.dbPort }}, + "Username": "{{ index .Values "db-read-username" }}", + {{- if .Values.dbReadUrl }} + "Host": "{{ .Values.dbReadUrl }}", + {{- else }} + "Host": "{{ .Values.dbUrl }}", + {{- end }} + "SSLMode": "prefer", + "MaintenanceDB": "{{ index .Values "maintenance-db-name" }}" + } + } + } + config_local.py: | + DATA_DIR = {{ index .Values "data-dir" | quote }} + LOG_FILE = {{ index .Values "log-file-path" | quote }} + SQLITE_PATH = {{ index .Values "sqlite-path" | quote }} + SESSION_DB_PATH = {{ index .Values "session-path" | quote }} + STORAGE_DIR = {{ index .Values "storage-path" | quote }} + SERVER_MODE = True + ENHANCED_COOKIE_PROTECTION = {{ index .Values "cookie-protection" }} + LANGUAGES = {{ index .Values "ui-languages" }} + ALLOW_SAVE_PASSWORD = {{ index .Values "enable-save-password" }} + MAX_QUERY_HIST_STORED = {{ index .Values "max-query-history" }} + MAX_LOGIN_ATTEMPTS = {{ index .Values "max-login-attempts" }} + SHARED_STORAGE = {{ index .Values "shared-storage" }} + ENABLE_PSQL = True \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pv.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pv.yaml new file mode 100644 index 0000000000..4ce9917d60 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pv.yaml @@ -0,0 +1,58 @@ +{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} + {{- $baseValues := .Values | deepCopy -}} + {{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} + {{- with mustMergeOverwrite . $values -}} + {{- if .Values.persistence.enabled }} +apiVersion: v1 +kind: "PersistentVolume" +metadata: + name: {{ .Chart.Name }}-data + labels: + app: {{ .Values.labels.app }} + group: {{ .Values.labels.group }} + {{- if $.Values.persistence.aws }} + failure-domain.beta.kubernetes.io/zone: {{ $.Values.persistence.aws.zone }} + topology.kubernetes.io/zone: {{ $.Values.persistence.aws.zone }} + {{- end }} +spec: + capacity: + storage: {{ .Values.persistence.dataDirSize | quote }} + accessModes: + - {{ .Values.persistence.accessMode | quote }} + persistentVolumeReclaimPolicy: Recycle + claimRef: + {{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} + {{- else }} + namespace: {{ .Values.namespace }} + {{- end }} + name: {{ .Chart.Name }}-data + {{- if .Values.persistence.aws }} + awsElasticBlockStore: + volumeID: {{ $.Values.persistence.aws.volumeId }} + fsType: ext4 + {{- end }} + {{- if $.Values.persistence.azure }} + azureDisk: + cachingMode: ReadWrite + diskName: {{ $.Values.persistence.azure.diskName }} + diskURI: {{ $.Values.persistence.azure.diskUri }} + kind: Managed + fsType: ext4 + {{- end }} + {{- if $.Values.persistence.openstack }} + cinder: + fsType: "ext4" + volumeID: {{ $.Values.persistence.openstack }} + {{- end }} + {{- if $.Values.persistence.iscsi }} + iscsi: + targetPortal: {{ $.Values.persistence.iscsi.targetPortal }} + iqn: {{ $.Values.persistence.iscsi.iqn }} + lun: 0 + fsType: 'ext4' + readOnly: true + {{- end }} +--- +{{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pvc.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pvc.yaml new file mode 100644 index 0000000000..ab5197f5b4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/pgadmin/templates/pvc.yaml @@ -0,0 +1,23 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} +apiVersion: "v1" +kind: PersistentVolumeClaim +metadata: + name: {{ .Chart.Name }}-data +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} + labels: + app: {{ .Values.labels.app }} + group: {{ .Values.labels.group }} +spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.dataDirSize | quote }} + storageClassName: {{ .Values.persistence.storageClassName | quote }} + volumeMode: {{ .Values.persistence.volumeMode | quote }} + volumeName: {{ .Chart.Name }}-data + {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml b/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml index d5f8ae78ec..577bc47d2b 100644 --- a/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/pgadmin/values.yaml @@ -8,7 +8,12 @@ namespace: playground ingress: enabled: true context: "pgadmin" - # additionalAnnotations: | + additionalAnnotations: | + nginx.ingress.kubernetes.io/configuration-snippet: | + proxy_set_header X-Script-Name /pgadmin; + {{- if index .Values "whitelist-ips" }} + nginx.ingress.kubernetes.io/whitelist-source-range: {{ index .Values "whitelist-ips" | quote }} + {{- end }} # nginx.ingress.kubernetes.io/auth-signin: https://$host/oauth2/start?rd=$escaped_request_uri # nginx.ingress.kubernetes.io/auth-url: https://$host/oauth2/auth @@ -18,27 +23,85 @@ initContainers: {} # Container Configs image: repository: "pgadmin" - tag: "v4.1.1" + tag: "v4.7.7" + replicas: "1" -httpPort: 8080 -serverBasePath: "/pgadmin" +httpPort: "8080" dbUrl: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" +dbPort: "5432" +dbWriteUser: "read" +dbReadUser: "write" +maintenance-db-name: "postgres" +db-admin-username: "egov" +db-read-username: "readonly" environment: "DEV" -maintenance-db-name: "postgres" +data-dir: "/var/lib/pgadmin" +log-file-path: "/var/lib/pgadmin/pgadmin4.log" +sqlite-path: "/var/lib/pgadmin/pgadmin4.db" +session-path: "/var/lib/pgadmin/sessions" +storage-path: "/var/lib/pgadmin/storage" +cookie-protection: "True" +ui-languages: "{'en': 'English'}" +enable-save-password: "False" +max-query-history: "50" +max-login-attempts: "5" +shared-storage: "[{'name': 'Shared Folder', 'path': '/var/lib/pgadmin/shared_folder', 'restricted_access': True}]" + +persistence: + enabled: false + storageClassName: default + accessMode: ReadWriteOnce + volumeMode: Filesystem +# dataDirSize: 1Gi +# aws: +# volumeId: "value" +# zone: ap-south-1a +# azure: +# diskName: zookeeper-0 +# diskUri: value +# openstack: f37a03aa-6212-4c62-a805-9ce139fab180 +# iscsi: +# targetPortal: 192.0.2.100:3260 +# iqn: iqn.2017-10.local.example.server:disk1 + +extraVolumes: | + - name: config + configMap: + name: {{ .Chart.Name }}-config + - name: storage + persistentVolumeClaim: + claimName: {{ .Chart.Name }}-data + +extraVolumeMounts: | + - mountPath: /pgadmin4/servers.json + name: config + subPath: servers.json + readOnly: true + - mountPath: /pgadmin4/config_local.py + name: config + subPath: config_local.py + readOnly: true + - mountPath: /var/lib/pgadmin + name: storage + +securityContext: + fsGroup: 5050 # Additional Container Envs -env: | - - name: SERVER_HOST - value: {{ .Values.dbUrl | quote }} - - name: SERVER_PORT - value: "5432" - - name: SERVER_MODE - value: "False" - - name: SERVER_NAME - value: {{ .Values.environment | quote }} - - name: MAINTENANCE_DB_NAME - value: {{ index .Values "maintenance-db-name" | quote }} - - name: PGADMIN_PORT +env: | + - name: PGADMIN_DEFAULT_EMAIL + valueFrom: + secretKeyRef: + name: pgadmin + key: admin-email + - name: PGADMIN_DEFAULT_PASSWORD + valueFrom: + secretKeyRef: + name: pgadmin + key: admin-password + - name: CONFIG_DATABASE_CONNECTION_POOL_SIZE + value: "5" + - name: PGADMIN_LISTEN_PORT value: {{ .Values.httpPort | quote }} - - name: SCRIPT_NAME - value: {{ .Values.serverBasePath | quote }} \ No newline at end of file + - name: PGADMIN_DISABLE_POSTFIX + value: "true" diff --git a/deploy-as-code/helm/charts/common/templates/_deployment.yaml b/deploy-as-code/helm/charts/common/templates/_deployment.yaml index d002afbc13..1d9f02eefc 100644 --- a/deploy-as-code/helm/charts/common/templates/_deployment.yaml +++ b/deploy-as-code/helm/charts/common/templates/_deployment.yaml @@ -38,7 +38,16 @@ spec: {{- if .Values.initContainers.gitSync.enabled }} securityContext: fsGroup: 65533 # to make SSH key readable - {{- end }} + {{- end }} + {{- if .Values.securityContext }} + securityContext: + {{- if .Values.securityContext.fsGroup }} + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- end }} + {{- if .Values.securityContext.runAsUser }} + runAsUser: {{ .Values.securityContext.runAsUser }} + {{- end }} + {{- end }} {{- if or .Values.initContainers.gitSync.enabled .Values.extraVolumes }} volumes: {{- if .Values.initContainers.gitSync.enabled }} diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 554400dc06..77e5c22930 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -788,7 +788,15 @@ pgadmin: maintenance-db-name: "unifieddevdb" db-admin-username: "unifieddev" db-read-username: "dev_readonly" - + max-query-history: "50" + max-login-attempts: "5" + enable-save-password: "False" + persistence: + enabled: true + dataDirSize: "1Gi" + aws: + volumeId: "vol-0c86db1778f9a3b9a" + zone: ap-south-1b playground: replicas: 1 From 8598d6c884c918f943c23e3bb4d7b82cc298f962 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 16 Oct 2023 22:46:14 +0530 Subject: [PATCH 373/742] updated pgadmin config in env files --- .../helm/environments/unified-dev.yaml | 2 +- .../helm/environments/unified-qa.yaml | 17 +++++++++++++++++ .../helm/environments/unified-uat.yaml | 17 +++++++++++++++++ 3 files changed, 35 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 77e5c22930..d35c26d3ca 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -787,7 +787,7 @@ pgadmin: environment: "unified-dev" maintenance-db-name: "unifieddevdb" db-admin-username: "unifieddev" - db-read-username: "dev_readonly" + db-read-username: "unifiedread" max-query-history: "50" max-login-attempts: "5" enable-save-password: "False" diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 2d1d1c56f1..8b1c266a8e 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -467,6 +467,23 @@ rainmaker-pgr: comment-by-employee-notif-enabled: "false" notification-allowed-status: "open,assigned,rejected,resolved" +pgadmin: + dbUrl: "unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-qa" + maintenance-db-name: "unifiedqadb" + db-admin-username: "unifiedqa" + db-read-username: "readonly" + max-query-history: "50" + max-login-attempts: "5" + enable-save-password: "False" + persistence: + enabled: true + dataDirSize: "1Gi" + aws: + volumeId: "vol-044ba5223b2c80479" + zone: ap-south-1b + pt-services-v2: pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index aef1f9f06e..a1215f0725 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -384,6 +384,23 @@ egov-apportion-service: memory_limits: 512Mi heap: -Xmx256m -Xms256m +pgadmin: + dbUrl: "unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-uat" + maintenance-db-name: "unifieduatdb" + db-admin-username: "unifieduat" + db-read-username: "readonly" + max-query-history: "50" + max-login-attempts: "5" + enable-save-password: "False" + persistence: + enabled: true + dataDirSize: "1Gi" + aws: + volumeId: "vol-03858e4cedb7cf0bb" + zone: ap-south-1b + # docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> redoc: replicas: 1 From eba04679106a174dda10e28cda362337c49205cd Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Tue, 17 Oct 2023 15:46:04 +0530 Subject: [PATCH 374/742] added missing health hrms env config (#2049) --- deploy-as-code/helm/environments/unified-health-dev.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index fa00632849..a34d366eb8 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -94,6 +94,7 @@ cluster-configs: egov-data-uploader: 'http://egov-data-uploader.egov:8080/' egov-indexer: 'http://egov-indexer.egov:8080/' egov-hrms: 'http://egov-hrms.egov:8080/' + health-hrms: 'http://health-hrms.egov:8080/' es-client: 'http://elasticsearch-data-v1.es-cluster:9200' hr-masters: 'http://hr-masters:8080/' hr-employee: 'http://hr-employee:8080/' @@ -526,6 +527,12 @@ egov-hrms: heap: '-Xmx256m -Xms256m' memory_limits: 512Mi +health-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' + heap: '-Xmx256m -Xms256m' + memory_limits: 512Mi + egov-weekly-impact-notifier: mail-to-address: 'lata.naik@egovernments.org' From fe7a4a2b2dcde4cf2306152dfba36beadc47ad08 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Tue, 17 Oct 2023 17:15:41 +0530 Subject: [PATCH 375/742] health hrms changed namespace in env config (#2050) --- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index a34d366eb8..3606a38cbb 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -94,7 +94,7 @@ cluster-configs: egov-data-uploader: 'http://egov-data-uploader.egov:8080/' egov-indexer: 'http://egov-indexer.egov:8080/' egov-hrms: 'http://egov-hrms.egov:8080/' - health-hrms: 'http://health-hrms.egov:8080/' + health-hrms: 'http://health-hrms.health:8080/' es-client: 'http://elasticsearch-data-v1.es-cluster:9200' hr-masters: 'http://hr-masters:8080/' hr-employee: 'http://hr-employee:8080/' From c293b80d5324ac83ec13e45d3e8b75a08b12d0ac Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Tue, 17 Oct 2023 17:50:15 +0530 Subject: [PATCH 376/742] #SM-3152 added indexer for pqm (#2051) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d35c26d3ca..b29c22355c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -341,7 +341,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml" egov-persister: replicas: 1 From 8c2761352ad812816005a0f6c1b183f357423ed5 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Tue, 17 Oct 2023 18:08:49 +0530 Subject: [PATCH 377/742] #SM-3152 added pqm indexer (#2052) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 9f7c807ad6..d3372d80ca 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -273,7 +273,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml" egov-persister: replicas: 1 From 111e88cc5bb6b4584efb9071ff4ea6b08538c73e Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 18 Oct 2023 11:14:04 +0530 Subject: [PATCH 378/742] #SM-3155 add file path of inbox in indexer (#2054) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index d3372d80ca..73c9af128c 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -273,7 +273,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 From 610d9f1c0a3e6a4f3f6bad79ecb60b9dd447b468 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:13:46 +0530 Subject: [PATCH 379/742] health hrms ingress namespace update (#2055) --- .../helm/charts/health-services/health-hrms/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index 59d2af5294..46e6532e91 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -7,6 +7,7 @@ namespace: health # Ingress Configs ingress: + namespace: health enabled: true zuul: true context: "health-hrms" From 11e2a6cd127beac5d385f37524818ca8d0cf866d Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:46:54 +0530 Subject: [PATCH 380/742] SM-3153 (#2056) * SM-3153 * SM-3153 * SM-3153 --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 8b1c266a8e..00ceb26821 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -430,7 +430,7 @@ zuul: heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 0bc0c17486e4bbe066c2114dc7cf34ad0eba3ae7 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Wed, 18 Oct 2023 14:44:50 +0530 Subject: [PATCH 381/742] Update values.yaml (#2057) --- .../helm/charts/health-services/health-hrms/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index 46e6532e91..a0909fcaf2 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -7,7 +7,7 @@ namespace: health # Ingress Configs ingress: - namespace: health + namespace: egov enabled: true zuul: true context: "health-hrms" From 6aec6b34694f99d39537937ce42795623d097f32 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Wed, 18 Oct 2023 14:56:07 +0530 Subject: [PATCH 382/742] #SM-3179, added pqm anomaly indexer (#2058) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index b29c22355c..21a78eb155 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -341,7 +341,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 From d8bf3d5109e9fdb3e4c4cdb2a78fd2117bd3dec2 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 18 Oct 2023 16:39:51 +0530 Subject: [PATCH 383/742] added mdms tenant search criteria env variables (#2053) * added mdms tenant search criteria env variables * taking mdms tenants form state level tenant id --- .../digit-works/backend/measurement-registry/values.yaml | 4 ++++ .../digit-works/backend/measurement-service/values.yaml | 5 ++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml index 0929f3a38b..5b8887ff0e 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-registry/values.yaml @@ -101,5 +101,9 @@ env: | - name: MB_SEARCH_MAX_LIMIT value: {{ index .Values "mb-search-max-limit" | quote }} {{- end }} + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index 10af2e39bb..96c3d5028c 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -108,4 +108,7 @@ env: | - name: MEASUREMENT-SERVICE_SEARCH_MAX_LIMIT value: {{ index .Values "measurement-service-search-max-limit" | quote }} {{- end }} - + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} From 629c7307fce7cc1cc3c842d8e1945ee586fc92a1 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Wed, 18 Oct 2023 17:46:23 +0530 Subject: [PATCH 384/742] #Sm-3152, Removed pqm indexer (#2059) --- deploy-as-code/helm/environments/sanitation.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 73c9af128c..173303165e 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -273,7 +273,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 From 865f15831ae77ca7f7eee1ec03dac6633dbb834d Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 11:46:44 +0530 Subject: [PATCH 385/742] Added referral management perister file in env for unified dev (#2060) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 21a78eb155..dd374c525d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -349,7 +349,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 3606a38cbb..eb4b3d9483 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -322,7 +322,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml' + persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' initContainers: gitSync: repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url From 3ffeff7ce783bb7e04ed5404ab3f57ebd5b12540 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 13:43:44 +0530 Subject: [PATCH 386/742] Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index dd374c525d..0dc8c2cc59 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -584,6 +584,7 @@ kafka-config: topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" logging-config: es-host: "elasticsearch-client-v1.es-cluster" From 63f401ddb3f31a4726968aeef4276785bf1c3f4d Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 13:46:53 +0530 Subject: [PATCH 387/742] Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 0dc8c2cc59..291b6562ef 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -25,7 +25,6 @@ cluster-configs: es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" serializers-timezone-in-ist: "true" From 95e5cbb2191e733af528886c2ca9f3ed1d09fdb9 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 14:10:18 +0530 Subject: [PATCH 388/742] Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 291b6562ef..dd374c525d 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -25,6 +25,7 @@ cluster-configs: es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" serializers-timezone-in-ist: "true" @@ -583,7 +584,6 @@ kafka-config: topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" kafka-brokers: "kafka-v2.kafka-cluster:9092" - kafka-infra-brokers: "kafka-v2-infra-headless.kafka-cluster:9092" logging-config: es-host: "elasticsearch-client-v1.es-cluster" From f4a0fea70c927b2bc0f9a052e7c3e2a5ed0b13a0 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 19 Oct 2023 14:17:30 +0530 Subject: [PATCH 389/742] #SM-3178 added persister path of anomaly finder (#2061) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index dd374c525d..e3e249e567 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -349,7 +349,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 8788280261d72a642017f242c407ea0cbaaba8da Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 14:39:20 +0530 Subject: [PATCH 390/742] adding persister (#2062) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 00ceb26821..0cf4312d27 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From ece14cf6ed0120b9e0e0b7d45c4f087a2f4e4ee3 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 19 Oct 2023 15:02:56 +0530 Subject: [PATCH 391/742] deleted duplicate referralmanagement service chart --- .../referralmanagement/values.yaml | 4 +- .../stock/referralmanagement/Chart.yaml | 26 --- .../templates/deployment.yaml | 2 - .../referralmanagement/templates/ingress.yaml | 2 - .../referralmanagement/templates/service.yaml | 2 - .../stock/referralmanagement/values.yaml | 200 ------------------ 6 files changed, 2 insertions(+), 234 deletions(-) delete mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml index 8dcd761eae..d787f14b81 100644 --- a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -7,11 +7,11 @@ namespace: health # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "referralmanagement" - -namespace: health + # Init Containers Configs initContainers: diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml deleted file mode 100644 index 6fa3c2fe4e..0000000000 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: referralmanagement -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml deleted file mode 100644 index bf8939baef..0000000000 --- a/deploy-as-code/helm/charts/health-services/stock/referralmanagement/values.yaml +++ /dev/null @@ -1,200 +0,0 @@ -# Common Labels -labels: - app: "referralmanagement" - group: "health" - -namespace: health - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "referralmanagement" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "referralmanagement_schema" - image: - repository: "referralmanagement-db" - -# Container Configs -image: - repository: "referralmanagement" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/referralmanagement/health" - readinessProbePath: "/referralmanagement/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" -persist-yml-path: "file:///work-dir/configs/egov-persister/referral-management-persister.yml" -indexer-yml-path: "file:///work-dir/configs/egov-indexer/referral-management-indexer.yml" - -# Additional Container Envs -env: | - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: health-referral-management - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_IDGEN_PATH - value: "egov-idgen/id/_generate" - - name: EGOV_IDGEN_INTEGRATION_ENABLED - value: "true" - - name: REFERRALMANAGEMENT.SIDEEFFECT.IDGEN.ID.FORMAT - value: "referralmanagement.sideeffect.id" - - name: REFERRALMANAGEMENT.REFERRAL.IDGEN.ID.FORMAT - value: "referralmanagement.referral.id" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user-egov - - name: EGOV_SEARCH_USER_URL - value: "/user/_search" - - name: EGOV_USER_INTEGRATION_ENABLED - value: "true" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCATION_CONTEXT_PATH - value: "/egov-location/location/v11" - - name: EGOV_LOCATION_ENDPOINT - value: "/boundarys/_search" - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: "/egov-mdms-service/v1/_search" - - name: EGOV_MDMS_INTEGRATION_ENABLED - value: "true" - - name: EGOV_MDMS_MASTER_NAME - value: "referralmanagement_master" - - name: EGOV_MDMS_MODULE_NAME - value: "referralmanagement" - - name: EGOV_HOUSEHOLD_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: household - - name: EGOV_SEARCH_HOUSEHOLD_URL - value: "/household/v1/_search" - - name: EGOV_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - - name: EGOV_SEARCH_INDIVIDUAL_URL - value: "/individual/v1/_search" - - name: EGOV_PRODUCT_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: product - - name: EGOV_SEARCH_PRODUCT_VARIANT_URL - value: "/product/variant/v1/_search" - - name: EGOV_PROJECT_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: project - - name: EGOV_SEARCH_PROJECT_TASK_URL - value: "/project/task/v1/_search" - - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL - value: "/project/beneficiary/v1/_search" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC - value: "save-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC - value: "update-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC - value: "delete-side-effect-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC - value: "save-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC - value: "update-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC - value: "delete-side-effect-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC - value: "save-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC - value: "update-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC - value: "delete-referral-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC - value: "save-referral-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC - value: "update-referral-bulk-topic" - - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC - value: "delete-referral-bulk-topic" - - name: SEARCH_API_LIMIT - value: "1000" - - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED - value: "false" - - name: REFERRALMANAGEMENT.DEFAULT.OFFSET - value: "0" - - name: REFERRALMANAGEMENT.DEFAULT.LIMIT - value: "100" - - name: REFERRALMANAGEMENT.SEARCH.MAX.LIMIT - value: "200" - - name: EGOV.IDGEN.PROJECT.NUMBER.NAME - value: "project.number" - - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT - value: "project.resource.id" - - name: EGOV_FACILITY_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: facility - - name: EGOV_SEARCH_FACILITY_URL - value: "/facility/v1/_search" - - name: PROJECT_MDMS_MODULE - value: "HCM-PROJECT-TYPES" - - name: EGOV_LOCATION_HIERARCHY_TYPE - value: "ADMIN" - - name: EGOV_LOCATION_CODE_QUERY_PARAM - value: "code" \ No newline at end of file From 8dfd19aa59b0c0ab69087decf83c94c84f1d2948 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 16:35:49 +0530 Subject: [PATCH 392/742] Renamed pqm service indexer (#2064) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e3e249e567..d27f15964a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -341,7 +341,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 From 57d1f74afd42b18f70e83d70753a32af76d0b4a3 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 19 Oct 2023 18:06:19 +0530 Subject: [PATCH 393/742] adding pqm-anomaly-finder-persister.yaml (#2065) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 0cf4312d27..b6613ccff7 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From c2dacde03d0ab70c18e30ffe895384bbbb555774 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 20 Oct 2023 09:48:15 +0530 Subject: [PATCH 394/742] removed extra spaces --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index b6613ccff7..41fd53b30e 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 5d35cf35f32dbe77bc344f28ae3637bd18b6f9da Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Fri, 20 Oct 2023 12:32:13 +0530 Subject: [PATCH 395/742] [PFM-4923] Copied audit service chart configuration (#2068) --- .../core-services/audit-service/Chart.yaml | 26 ++++++++ .../audit-service/templates/deployment.yaml | 2 + .../audit-service/templates/ingress.yaml | 2 + .../audit-service/templates/service.yaml | 2 + .../core-services/audit-service/values.yaml | 61 +++++++++++++++++++ 5 files changed, 93 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml new file mode 100644 index 0000000000..c85814354f --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: audit-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/audit-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/audit-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/audit-service/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/audit-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/audit-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/audit-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml new file mode 100644 index 0000000000..b1b4835cb8 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml @@ -0,0 +1,61 @@ +# Common Labels +labels: + app: "audit-service" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "audit-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "audit_service_schema" + image: + repository: "audit-service-db" + +# Container Configs +image: + repository: "audit-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/audit-service/health" + readinessProbePath: "/audit-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx64m -Xms64m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: audit-service + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: PROCESS_AUDIT_LOGS_KAFKA_TOPIC + value: process-audit-records + - name: PERSIST_AUDIT_LOGS_KAFKA_TOPIC + value: persist-audit-records + - name: EGOV_PERSIST_YML_REPO_PATH + value: {{ index .Values "persist-yml-path" | quote }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_ENC_SIGN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service \ No newline at end of file From 0d4e4317ba993582afe5669408ef1a848dd24422 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Fri, 20 Oct 2023 12:56:52 +0530 Subject: [PATCH 396/742] SM-3155 (#2069) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 41fd53b30e..73175e22d0 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -298,7 +298,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml" egov-persister: replicas: 1 images: From 6796ac7c3752ebe64a34a7d2e61b6363ea0d143e Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Mon, 23 Oct 2023 10:21:44 +0530 Subject: [PATCH 397/742] [PFM-4923] Updated audit log config for unified-dev (#2071) Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-dev.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d27f15964a..2ec291dd0b 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -354,6 +354,12 @@ egov-persister: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UNIFIED-DEV" egov-localization: replicas: 1 From 56ea0ae666b7583abeb87ece555ede3d36420f7a Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Mon, 23 Oct 2023 17:19:23 +0530 Subject: [PATCH 398/742] Sm 3155 (#2072) * SM-3155 * SM-3155 --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 73175e22d0..ed36b3ed67 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 269bed5404824e6dd5293f7101fd1b7b6ceb06d7 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 10:54:14 +0530 Subject: [PATCH 399/742] Update unified-health-qa.yaml --- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 49a054b367..258a517b79 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 95b01023ed9e7318523d4fefa7dcecc249a943ba Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 10:55:48 +0530 Subject: [PATCH 400/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 30d0db3c06..d2b801fd54 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -25,7 +25,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 55426c6452a7027e5cc86970bf51e90979d30c78 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 10:57:40 +0530 Subject: [PATCH 401/742] Update unified-urban-qa.yaml --- deploy-as-code/helm/environments/unified-urban-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index afc310247f..1c5ced181b 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 89a547692f67b81c843ca7fa29ed0fe9a2b68025 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 10:59:32 +0530 Subject: [PATCH 402/742] Update sanitation-qa.yaml --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index e0d8a14d9e..a5f7ca23ab 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 2f42eb386eb22565b3e65456e50d686ba46e1c1a Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 12:21:26 +0530 Subject: [PATCH 403/742] Sm 3155 (#2073) * SM-3155 * SM-3155 * SM-3155 * SM-3155 --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index a5f7ca23ab..a881eb2066 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -312,7 +312,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index ed36b3ed67..b9f4fb84b6 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From eab160ab12e3b85ef8ebcd7fadf0993525a4bf13 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 12:41:22 +0530 Subject: [PATCH 404/742] Sm 3155 (#2074) * SM-3155 * SM-3155 * SM-3155 * SM-3155 * SM-3155 --- deploy-as-code/helm/environments/sanitation-qa.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index a881eb2066..c4dea78967 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -306,13 +306,12 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From d959260e5a4f669e518e70490b1bad545f53fa3f Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 15:07:58 +0530 Subject: [PATCH 405/742] Update unified-qa.yaml --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index b9f4fb84b6..64706f1ec0 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 5565ad95f3d304fb1e351676718357a98e0868df Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 25 Oct 2023 15:12:22 +0530 Subject: [PATCH 406/742] Update unified-qa.yaml From b18930c7d3a11f357c3b0334cbb5ecfc21b4d76c Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 25 Oct 2023 15:13:15 +0530 Subject: [PATCH 407/742] #SM-3177 added user-event service in unified-dev (#2075) --- .../core-services/egov-user-event/Chart.yaml | 26 ++++++ .../egov-user-event/templates/deployment.yaml | 2 + .../egov-user-event/templates/ingress.yaml | 2 + .../egov-user-event/templates/service.yaml | 2 + .../core-services/egov-user-event/values.yaml | 88 +++++++++++++++++++ .../helm/environments/sanitation.yaml | 1 + .../helm/environments/unified-dev.yaml | 1 + 7 files changed, 122 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/Chart.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/Chart.yaml new file mode 100644 index 0000000000..c3788cded3 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: egov-user-event +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/service.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml new file mode 100644 index 0000000000..03d8101bb9 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml @@ -0,0 +1,88 @@ +# Common Labels +labels: + app: "egov-user-event" + group: "rainmaker" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "egov-user-event" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "egov_user_event_schema_version" + image: + repository: "egov-user-event-db" + +# Container Configs +image: + repository: "egov-user-event" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-user-event/health" + readinessProbePath: "/egov-user-event/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: /egov-mdms-service/v1/_search + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-user-events + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: KAFKA_TOPICS_PERSISTER_SAVE_EVENTS + value: save-user-events + - name: KAFKA_TOPICS_PERSISTER_UPDATE_EVENTS + value: update-user-events + - name: KAFKA_TOPICS_LLT_DETAILS + value: user-events-llt + - name: KAFKA_TOPICS_SAVE_EVENTS + value: persist-user-events-async + - name: KAFKA_TOPICS_UPDATE_EVENTS + value: update-user-events-async + - name: MSEVA_NOTIF_SEARCH_OFFSET + value: "0" + - name: MSEVA_NOTIF_SEARCH_LIMIT + value: "200" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: "true" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_LOCALISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_LOCALISATION_IS_STATELEVEL + value: "false" + - name: MSEVA_NOTIF_SEARCH_OFFSET + value: "0" + - name: MSEVA_NOTIF_SEARCH_LIMIT + value: "200" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 173303165e..9859c302bd 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -146,6 +146,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 2ec291dd0b..c9c5656e8a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -148,6 +148,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 5ad0d975180a1a15f6846f04e1e0d5bdbe13eed9 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 26 Oct 2023 10:40:47 +0530 Subject: [PATCH 408/742] updated zuul memory size --- deploy-as-code/helm/environments/sanitation-qa.yaml | 1 + deploy-as-code/helm/environments/unified-health-qa.yaml | 1 + deploy-as-code/helm/environments/unified-urban-qa.yaml | 1 + deploy-as-code/helm/environments/unified-works-qa.yaml | 1 + 4 files changed, 4 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index c4dea78967..0bf3781035 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -421,6 +421,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 258a517b79..4f36d3ed79 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -426,6 +426,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 1c5ced181b..3f4c442b31 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -412,6 +412,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index d2b801fd54..e308910303 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -439,6 +439,7 @@ zuul: replicas: 2 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" From b267a057c356ef7ba57e3a521d28b6d0e62e8ece Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 26 Oct 2023 14:29:10 +0530 Subject: [PATCH 409/742] updated mdms branch --- .../helm/environments/unified-health-qa.yaml | 18 +++++++++--------- .../helm/environments/unified-works-qa.yaml | 14 +++++++------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 4f36d3ed79..673b190295 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -288,7 +288,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -299,7 +299,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -310,7 +310,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch pgr-services: namespace: health @@ -329,28 +329,28 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -371,14 +371,14 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index e308910303..3de4ee32b0 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -339,14 +339,14 @@ audit-service: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" egov-mdms-service: mdms-path: "/work-dir/works-mdms-data/data" initContainers: gitSync: repo: "git@github.com:egovernments/works-mdms-data" - branch: "QA" + branch: "UNIFIED-QA" mdms-folder: "works-mdms-data" java-args: -Dspring.profiles.active=monitoring masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" @@ -390,7 +390,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" egov-indexer: heap: "-Xmx512m -Xms512m" @@ -398,7 +398,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" egov-workflow-v2: @@ -475,7 +475,7 @@ pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" @@ -484,7 +484,7 @@ egov-searcher: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" # web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -521,7 +521,7 @@ dashboard-analytics: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-QA" dashboard-ingest: topic-incoming-collection: "dss-collection-update" From dcb210ff045e3b90b5fcab4e6eb6ddb58e30ada0 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 26 Oct 2023 14:33:47 +0530 Subject: [PATCH 410/742] updated persister url's --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 0bf3781035..df383ea047 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -311,7 +311,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 673b190295..4043fd4483 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -306,7 +306,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 3de4ee32b0..6fd5a6bcff 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -386,7 +386,7 @@ egov-idgen: autocreate-new-seq: "true" egov-persister: - persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" From c250feed3981827dbb3a1c60c97fde0537904858 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 26 Oct 2023 14:46:14 +0530 Subject: [PATCH 411/742] updated mdms-service branch in unified-uat env --- .../helm/environments/unified-works-uat.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index 8f9d0b3aa8..6a8e8055b2 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -334,15 +334,14 @@ audit-service: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" egov-mdms-service: mdms-path: "/work-dir/works-mdms-data/data" initContainers: gitSync: repo: "git@github.com:egovernments/works-mdms-data" - branch: "QA" - mdms-folder: "works-mdms-data" + branch: "UNIFIED-UAT" java-args: -Dspring.profiles.active=monitoring masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" @@ -385,7 +384,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" egov-indexer: heap: "-Xmx512m -Xms512m" @@ -393,7 +392,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" egov-workflow-v2: @@ -469,7 +468,7 @@ pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" @@ -478,7 +477,7 @@ egov-searcher: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" # web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -515,7 +514,7 @@ dashboard-analytics: initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" - branch: "QA" + branch: "UNIFIED-UAT" dashboard-ingest: topic-incoming-collection: "dss-collection-update" From e0ce7496d678a81ab6371b778568a2648edf1c1b Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Fri, 27 Oct 2023 14:29:07 +0530 Subject: [PATCH 412/742] SM-3162 making changes for pqm-scheduler helm chart (#2078) --- .../helm/charts/sanitation/pqm-scheduler/values.yaml | 4 ++-- deploy-as-code/helm/environments/sanitation.yaml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml index 3b6756bed4..484d3383d2 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml @@ -24,7 +24,7 @@ env: | valueFrom: configMapKeyRef: name: egov-config - key: state-level-tenant-id + key: egov-state-level-tenant-id - name: USER_SERVICE_HOST valueFrom: configMapKeyRef: @@ -34,7 +34,7 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: pqm + key: pqm-service {{- if index .Values "user-name" }} - name: USER_NAME value: {{ index .Values "user-name" | quote }} diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 9859c302bd..d696e9d361 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: "https://unified-dev.digit.org" ## Add your Domain Name egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - egov-state-level-tenant-id: "pb" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" @@ -136,7 +136,7 @@ cluster-configs: fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" + pqm-service: "http://pqm-service.sanitation:8080" pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ @@ -220,7 +220,7 @@ fsm: java-debug: true tracing-enabled: "true" -pqm: +pqm-service: memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-debug: true From 64d79dbab0f1bb61cc3b91c1fc23b2bae64db4c8 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 30 Oct 2023 15:47:29 +0530 Subject: [PATCH 413/742] Update values.yaml, changing cron job schedule (#2079) --- .../helm/charts/sanitation/pqm-scheduler/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml index 484d3383d2..d41771e02e 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml @@ -6,7 +6,7 @@ labels: namespace: sanitation cron: - schedule: "0 0 * * *" + schedule: "*/10 * * * *" # Container Configs image: @@ -42,4 +42,4 @@ env: | resources: | requests: {} - \ No newline at end of file + From 77eb75bd9e9aa07fe92ce580be2c0a71dad67a29 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Tue, 31 Oct 2023 16:51:46 +0530 Subject: [PATCH 414/742] SM-3358 (#2080) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 3 ++- deploy-as-code/helm/environments/unified-qa.yaml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index df383ea047..c2129ee02b 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -306,7 +306,8 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer +/egov-pqm-service.yml" egov-persister: replicas: 1 images: diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 64706f1ec0..61958e1b8a 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -298,7 +298,8 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer +/egov-pqm-service.yml" egov-persister: replicas: 1 images: From 9c6efb8809e39124556e262cf675d523d77d7050 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 10:39:58 +0530 Subject: [PATCH 415/742] SM-3358 (#2082) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 3 +-- deploy-as-code/helm/environments/unified-qa.yaml | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index c2129ee02b..5be7b56941 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -306,8 +306,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer -/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 images: diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 61958e1b8a..cb3478f428 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -298,8 +298,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer -/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 images: From ef775b82a9fa4d057bf6a3b90a7d7970d95404f1 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 12:26:35 +0530 Subject: [PATCH 416/742] indexer path change (#2083) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 5be7b56941..1b240dff5a 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -306,7 +306,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 images: diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index cb3478f428..e0afa1c6b4 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -298,7 +298,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" egov-persister: replicas: 1 images: From ed696440bceb484ae93f75aeb8788fbbd46948ec Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 12:45:04 +0530 Subject: [PATCH 417/742] Update sanitation.yaml --- deploy-as-code/helm/environments/sanitation.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index d696e9d361..79f00e14e2 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -136,6 +136,7 @@ cluster-configs: fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" pqm-service: "http://pqm-service.sanitation:8080" pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" From 3d859598f3e3c679ff41b988f0bcfb65bf2a9c0e Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 15:19:59 +0530 Subject: [PATCH 418/742] Update values.yaml --- deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml index 5d3aeb3790..bea231be4e 100644 --- a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml @@ -26,6 +26,7 @@ healthChecks: readinessProbePath: "/mdms-v2/health" appType: "java-spring" tracing-enabled: true +memory: 512 heap: "-Xmx512m -Xms512m" java-args: "-Dspring.profiles.active=monitoring" egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" From 66ebf56b6ce496fcf36a56a8745f06dee1b63c63 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 15:21:16 +0530 Subject: [PATCH 419/742] Update values.yaml --- deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml index bea231be4e..254eeea176 100644 --- a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml @@ -26,7 +26,7 @@ healthChecks: readinessProbePath: "/mdms-v2/health" appType: "java-spring" tracing-enabled: true -memory: 512 +memory_limits: 512Mi heap: "-Xmx512m -Xms512m" java-args: "-Dspring.profiles.active=monitoring" egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" From 6b94be473f44c8068a566e0ea36f25593c9c7314 Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 15:59:48 +0530 Subject: [PATCH 420/742] Boundary service unified env (#2085) * [DPG-1948] boundary-service helm chart * [DPG-1948] fixed kafka topic keys --- .../core-services/boundary-service/Chart.yaml | 26 +++++++ .../templates/deployment.yaml | 2 + .../boundary-service/templates/ingress.yaml | 2 + .../boundary-service/templates/service.yaml | 2 + .../boundary-service/values.yaml | 67 +++++++++++++++++++ 5 files changed, 99 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/Chart.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/Chart.yaml new file mode 100644 index 0000000000..f832e881dc --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: boundary-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/templates/ingress.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/templates/service.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml new file mode 100644 index 0000000000..5dbae73630 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml @@ -0,0 +1,67 @@ +# Common Labels +labels: + app: "boundary-service" + group: "core" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "boundary-service" + +initContainers: + dbMigration: + enabled: true + schemaTable: "boundary_service_schema" + image: + repository: "boundary-service-db" + +# Container Configs +image: + repository: "boundary-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/boundary-service/health" + readinessProbePath: "/boundary-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx512m -Xms512m" +java-args: "-Dspring.profiles.active=monitoring" +kafka-topics-create-boundary: "create-boundary-entity" +kafka-topics-update-boundary: "update-boundary-entity" +kafka-topics-create-boundary-hierarchy: "save-boundary-hierarchy-definition" +kafka-topics-update-boundary-hierarchy: "update-boundary-hierarchy-definition" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /boundary-service + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: boundary-service + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: JAVA_ENABLE_DEBUG + value: "true" + - name: KAFKA_TOPICS_CREATE_BOUNDARY + value: {{ index .Values "kafka-topics-create-boundary" | quote }} + - name: KAFKA_TOPICS_CREATE_BOUNDARY_HIERARCHY + value: {{ index .Values "kafka-topics-create-boundary-hierarchy" | quote }} + - name: KAFKA_TOPICS_UPDATE_BOUNDARY + value: {{ index .Values "kafka-topics-update-boundary" | quote }} + - name: KAFKA_TOPICS_UPDATE_BOUNDARY_HIERARCHY + value: {{ index .Values "kafka-topics-update-boundary-hierarchy" | quote }} From e2964bfde02f0b721559c7c3c0cfd95959cd1762 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 16:10:30 +0530 Subject: [PATCH 421/742] Sm 3358c (#2086) * indexer path change * adding indexer path --- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 1b240dff5a..b02b4d7b19 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -306,7 +306,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 images: diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index e0afa1c6b4..2e4b238e40 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -298,7 +298,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 images: From ce97ceafbc107bc7e4966907c372d9aa721dc815 Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Thu, 2 Nov 2023 16:54:57 +0530 Subject: [PATCH 422/742] Boundary service persister path (#2087) * [DPG-1948] boundary-service helm chart * [DPG-1948] fixed kafka topic keys * [DPG-1948] Added boundary-service persister path to UNIFIED-DEV --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index c9c5656e8a..460fead577 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -350,7 +350,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 2d0da5d4d2a4dfe32e6f0fa9b81dfa8c68c80e05 Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Fri, 3 Nov 2023 16:46:21 +0530 Subject: [PATCH 423/742] updated globalconfig change (#2090) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 6fd5a6bcff..8068a4ef1e 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -514,7 +514,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ';" + ’;” dashboard-analytics: config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" From cf33501691a15ff6365da1976dda74df36e9d270 Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Fri, 3 Nov 2023 16:58:42 +0530 Subject: [PATCH 424/742] updated globalconfig change (#2091) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 8068a4ef1e..11bb8c3203 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -514,7 +514,7 @@ works-shg-app: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ’;” + ';" dashboard-analytics: config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" From 1128e019e5caeaa34da58001ee1c1eeaea7f4e2d Mon Sep 17 00:00:00 2001 From: Gowtham-egov <112694085+Gowtham-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 08:53:34 +0530 Subject: [PATCH 425/742] Update values.yaml (#2084) Created new namespace "staging" for staging services --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 798fb2fd0f..0c6197b2d9 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: egov,sanitation,works,health +discovery_namespaces: egov,sanitation,works,health,staging # Init Containers Configs initContainers: extraInitContainers: | @@ -152,4 +152,4 @@ env: | key: redis-host {{- else }} value: "redis.backbone" - {{- end }} \ No newline at end of file + {{- end }} From 65711d515ade6a32fe6d0dc18e8f55976999b85a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 10:00:42 +0530 Subject: [PATCH 426/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 11bb8c3203..18af7c86f5 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -342,6 +342,8 @@ audit-service: branch: "UNIFIED-QA" egov-mdms-service: + memory_limits: "512Mi" + heap: "-Xmx512m -Xms512m" mdms-path: "/work-dir/works-mdms-data/data" initContainers: gitSync: From 541925cf1c0d98db20845786febe1545022784e9 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 10:07:57 +0530 Subject: [PATCH 427/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 18af7c86f5..09c8008975 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -347,7 +347,7 @@ egov-mdms-service: mdms-path: "/work-dir/works-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/works-mdms-data" + repo: "git@github.com:egovernments/egov-mdms-data" branch: "UNIFIED-QA" mdms-folder: "works-mdms-data" java-args: -Dspring.profiles.active=monitoring From c503e08feaae3056ea95b4b2e5b204cd326b34a9 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 11:02:32 +0530 Subject: [PATCH 428/742] Added household memeber search url for referral management (#2093) --- .../charts/health-services/referralmanagement/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml index d787f14b81..72ca4127e4 100644 --- a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -126,6 +126,8 @@ env: | key: household - name: EGOV_SEARCH_HOUSEHOLD_URL value: "/household/v1/_search" + - name: EGOV_SEARCH_HOUSEHOLD_MEMBER_URL + value: "/household/member/v1/_search" - name: EGOV_INDIVIDUAL_HOST valueFrom: configMapKeyRef: @@ -149,6 +151,8 @@ env: | value: "/project/task/v1/_search" - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL value: "/project/beneficiary/v1/_search" + - name: EGOV_SEARCH_PROJECT_STAFF_URL + value: "/project/staff/v1/_search" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC value: "save-side-effect-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC From ef6d38c838a2db3dc68278571545be0fd98bc6ae Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Mon, 6 Nov 2023 12:29:00 +0530 Subject: [PATCH 429/742] Added the individual perisiter changes (#2094) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 09c8008975..6a23d0a2e9 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -388,7 +388,7 @@ egov-idgen: autocreate-new-seq: "true" egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" From 69a351a7dcd3c41030097b2519f32b2b7cf521a6 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 14:03:42 +0530 Subject: [PATCH 430/742] Update unified-works-qa.yaml --- .../helm/environments/unified-works-qa.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 6a23d0a2e9..455ee4dd32 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -338,18 +338,18 @@ audit-service: persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/expense-bill-payment-persister.yaml" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" egov-mdms-service: memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" - mdms-path: "/work-dir/works-mdms-data/data" + mdms-path: "/work-dir/mdms-data/data" initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" branch: "UNIFIED-QA" - mdms-folder: "works-mdms-data" + mdms-folder: "mdms-data" java-args: -Dspring.profiles.active=monitoring masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" @@ -391,7 +391,7 @@ egov-persister: persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" egov-indexer: @@ -399,7 +399,7 @@ egov-indexer: memory_limits: "768Mi" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" @@ -476,7 +476,7 @@ pdf-service: memory_limits: 1.5Gi initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" @@ -485,7 +485,7 @@ egov-searcher: search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" @@ -522,7 +522,7 @@ dashboard-analytics: config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" initContainers: gitSync: - repo: "git@github.com:egovernments/works-configs" + repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" dashboard-ingest: From 2dc6efe2f05910936b0ca2411d540e40d085c9d5 Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Mon, 6 Nov 2023 14:32:15 +0530 Subject: [PATCH 431/742] Added the individual perisiter changes (#2095) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 2e4b238e40..1724e4b25b 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 107e0f5932dd8049bb2a25ba3a8218e61c1b993a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 15:33:14 +0530 Subject: [PATCH 432/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 455ee4dd32..168fa1770a 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -351,7 +351,7 @@ egov-mdms-service: branch: "UNIFIED-QA" mdms-folder: "mdms-data" java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" egov-filestore: is-s3-enabled: "true" From 32b03ca2739324fb7296c69edacd99d17c49b1fb Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 6 Nov 2023 16:47:37 +0530 Subject: [PATCH 433/742] Update unified-works-qa.yaml --- .../helm/environments/unified-works-qa.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 168fa1770a..c08c2eaf8d 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -344,14 +344,17 @@ audit-service: egov-mdms-service: memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" - mdms-path: "/work-dir/mdms-data/data" + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" initContainers: gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "UNIFIED-QA" - mdms-folder: "mdms-data" - java-args: -Dspring.profiles.active=monitoring + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring egov-filestore: is-s3-enabled: "true" From 5cde8abca468101ab0626ac522b4a07f9c4a8273 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 7 Nov 2023 15:04:11 +0530 Subject: [PATCH 434/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index c08c2eaf8d..c19c3d4599 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -358,7 +358,7 @@ egov-mdms-service: egov-filestore: is-s3-enabled: "true" - fixed-bucketname: "works-qa-filestore" + fixed-bucketname: "unified-works-qa-filestore" minio-enabled: false aws.s3.url : "https://s3.amazonaws.com" is-bucket-fixed: "true" From 1743e9975c07f5cf693cd5437e32a62ad8994acc Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 7 Nov 2023 16:19:06 +0530 Subject: [PATCH 435/742] Update unified-works-qa.yaml --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index c19c3d4599..e508cf995e 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -357,6 +357,8 @@ egov-mdms-service: java-args: -Dspring.profiles.active=monitoring egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi is-s3-enabled: "true" fixed-bucketname: "unified-works-qa-filestore" minio-enabled: false From 92063756e71a38c9e4fde720798346d12adfe02a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 7 Nov 2023 17:35:58 +0530 Subject: [PATCH 436/742] updated filestore secrets in unified-works-secrets.yaml --- .../unified-works-qa-secrets.yaml | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml index a6d83beff9..4b2f453a62 100644 --- a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + aws-key: ENC[AES256_GCM,data:2IQgPP5NdXSvsO1QqUgxtaZ5j7k=,iv:wrV0mKmO3/uvml6PagKqUhUXpq7cRSaDA6AXKdUIEgI=,tag:6990/TZnBku7U0CAiZUh0A==,type:str] + aws-secret-key: ENC[AES256_GCM,data:SEhJ+uBJgiJJQOXbJWR42IEzIxN2NCoq72sxtmMGZ8wE/SZRpFxkcw==,iv:M1cOIKTLn8cWZEF9qNGY1lTZbzpogQJMCPiVp8BZpgE=,tag:XwBlwDvTLQo15q8XDo8UrA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -56,12 +56,16 @@ cluster-configs: cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-09-26T16:11:43Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-09-26T16:11:43Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-09-26T16:23:25Z' - mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-11-07T12:05:04Z" + mac: ENC[AES256_GCM,data:kh2tPeZxX196a5j/Q+DdwD4AWzFtJBo7ggLC5uJPYx8UzJwKNAj4+6ejXvtMm/CelFU19mmvfLOcKkp3KLi5LfIWWuRDYIt16sAqc+/YgVtlD7IPb8gQ1o6x2rDC5tjzlDAwh79m7woK0yv2ewMox/hFf6nwrAto6jhOjt0riH0=,iv:7jw3o1bZWZlL1tNm1oXYXBfSRaWQydl6Vb5gLlYcpPg=,tag:sefjjKkB0+LXHd5bquzYBg==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.0.0 + version: 3.7.3 From b4ef07e359029d0bbd87b48ffa6c61f7b2cb9238 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 8 Nov 2023 12:34:09 +0530 Subject: [PATCH 437/742] Update unified-dev.yaml --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 460fead577..b19243dd68 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -796,7 +796,7 @@ pgadmin: db-admin-username: "unifieddev" db-read-username: "unifiedread" max-query-history: "50" - max-login-attempts: "5" + max-login-attempts: "15" enable-save-password: "False" persistence: enabled: true From f2e9e09c48cdfd36315c9f2d1d68da470a1b220b Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Wed, 8 Nov 2023 15:23:37 +0530 Subject: [PATCH 438/742] Added mdms search (#2098) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index e508cf995e..aece29daa6 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -450,7 +450,7 @@ zuul: heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" eventlog-enabled: "true" eventlog-topic: "zuul-event-log" From ff37499026086637c675c774c376a27991c0a44b Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 8 Nov 2023 15:28:33 +0530 Subject: [PATCH 439/742] SM-3406 (#2097) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 3 ++- deploy-as-code/helm/environments/unified-qa.yaml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index b02b4d7b19..78a8648e04 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -145,7 +145,8 @@ cluster-configs: turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 1724e4b25b..3d340e756a 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -148,6 +148,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 47fd6a5a823966eceaa656aeaa77d0518ba4ee89 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 9 Nov 2023 12:20:41 +0530 Subject: [PATCH 440/742] updated egov-localization memory size --- .../helm/charts/core-services/egov-localization/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml index 40785992f9..057d70c833 100644 --- a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml @@ -24,6 +24,7 @@ replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi healthChecks: enabled: true livenessProbePath: "/localization/health" From f03776caf6e34d5f54409c39ac5213931ae146e3 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 9 Nov 2023 15:00:01 +0530 Subject: [PATCH 441/742] SM-2989 (#2100) * SM-2989 * SM-2989 --- .../helm/environments/sanitation-qa.yaml | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 78a8648e04..db20237d31 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -275,7 +275,25 @@ sanitation-ui: sub_filter.conf: " sub_filter '' ' - ';" + ';" + +pqm-service: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + +pqm-anomaly-finder: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + +inbox: + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" From 4e0cf64f027becbd29b3b55918f7d5b7e2aa916f Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 14 Nov 2023 12:26:09 +0530 Subject: [PATCH 442/742] Kafka 3.6.0 (#2102) * added kafka-kraft-3.6.0 helm chart * Update unified-qa.yaml * Update unified-dev.yaml * Update unified-works-dev.yaml * Update unified-health-dev.yaml * Update sanitation.yaml --- .../backbone-services/kafka-kraft/Chart.yaml | 40 + .../backbone-services/kafka-kraft/README.md | 1444 ++++++++++ .../kafka-kraft/templates/NOTES.txt | 333 +++ .../kafka-kraft/templates/_helpers.tpl | 1802 +++++++++++++ .../templates/broker/config-secrets.yaml | 24 + .../templates/broker/configmap.yaml | 47 + .../kafka-kraft/templates/broker/pdb.yaml | 31 + .../templates/broker/statefulset.yaml | 477 ++++ .../templates/broker/svc-external-access.yaml | 63 + .../templates/broker/svc-headless.yaml | 38 + .../controller-eligible/config-secrets.yaml | 25 + .../controller-eligible/configmap.yaml | 46 + .../templates/controller-eligible/pdb.yaml | 31 + .../controller-eligible/statefulset.yaml | 470 ++++ .../svc-external-access.yaml | 65 + .../controller-eligible/svc-headless.yaml | 46 + .../kafka-kraft/templates/extra-list.yaml | 9 + .../templates/log4j-configmap.yaml | 20 + .../templates/metrics/deployment.yaml | 174 ++ .../templates/metrics/jmx-configmap.yaml | 70 + .../templates/metrics/jmx-servicemonitor.yaml | 49 + .../templates/metrics/jmx-svc.yaml | 31 + .../templates/metrics/prometheusrule.yaml | 21 + .../templates/metrics/serviceaccount.yaml | 20 + .../templates/metrics/servicemonitor.yaml | 50 + .../kafka-kraft/templates/metrics/svc.yaml | 34 + .../network-policy/networkpolicy-egress.yaml | 23 + .../network-policy/networkpolicy-ingress.yaml | 53 + .../templates/provisioning/job.yaml | 283 ++ .../provisioning/serviceaccount.yaml | 17 + .../templates/provisioning/tls-secret.yaml | 21 + .../kafka-kraft/templates/rbac/role.yaml | 26 + .../templates/rbac/rolebinding.yaml | 25 + .../templates/rbac/serviceaccount.yaml | 19 + .../templates/scripts-configmap.yaml | 373 +++ .../kafka-kraft/templates/secrets.yaml | 133 + .../kafka-kraft/templates/svc.yaml | 63 + .../kafka-kraft/templates/tls-secret.yaml | 82 + .../backbone-services/kafka-kraft/values.yaml | 2380 +++++++++++++++++ .../helm/environments/sanitation.yaml | 2 +- .../helm/environments/unified-dev.yaml | 2 +- .../helm/environments/unified-health-dev.yaml | 2 +- .../helm/environments/unified-qa.yaml | 2 +- .../helm/environments/unified-works-dev.yaml | 2 +- 44 files changed, 8963 insertions(+), 5 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/README.md create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/NOTES.txt create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/_helpers.tpl create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/config-secrets.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/pdb.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/statefulset.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-external-access.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-headless.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/config-secrets.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/pdb.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/statefulset.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-external-access.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-headless.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/extra-list.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/log4j-configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/deployment.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-servicemonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-svc.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/prometheusrule.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/servicemonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/svc.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-egress.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-ingress.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/job.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/tls-secret.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/role.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/scripts-configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/secrets.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/svc.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/tls-secret.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml new file mode 100644 index 0000000000..a9403bba14 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml @@ -0,0 +1,40 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +annotations: + category: Infrastructure + licenses: Apache-2.0 + images: | + - name: jmx-exporter + image: docker.io/bitnami/jmx-exporter:0.19.0-debian-11-r95 + - name: kafka-exporter + image: docker.io/bitnami/kafka-exporter:1.7.0-debian-11-r132 + - name: kafka + image: docker.io/bitnami/kafka:3.6.0-debian-11-r0 + - name: kubectl + image: docker.io/bitnami/kubectl:1.28.2-debian-11-r16 + - name: os-shell + image: docker.io/bitnami/os-shell:11-debian-11-r90 +apiVersion: v2 +appVersion: 3.6.0 +# dependencies: +# - condition: zookeeper.enabled +# name: zookeeper +# repository: oci://registry-1.docker.io/bitnamicharts +# version: 12.x.x +description: Apache Kafka is a distributed streaming platform designed to build real-time pipelines and can be used as a message broker or as a replacement for a log aggregation solution for big data applications. +home: https://bitnami.com +icon: https://bitnami.com/assets/stacks/kafka/img/kafka-stack-220x234.png +keywords: +- kafka +- zookeeper +- streaming +- producer +- consumer +maintainers: +- name: VMware, Inc. + url: https://github.com/bitnami/charts +name: kafka +sources: +- https://github.com/bitnami/charts/tree/main/bitnami/kafka +version: 26.2.0 diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/README.md b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/README.md new file mode 100644 index 0000000000..63113b6059 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/README.md @@ -0,0 +1,1444 @@ + + +# Apache Kafka packaged by Bitnami + +Apache Kafka is a distributed streaming platform designed to build real-time pipelines and can be used as a message broker or as a replacement for a log aggregation solution for big data applications. + +[Overview of Apache Kafka](http://kafka.apache.org/) + +Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement. + +## TL;DR + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kafka +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +## Introduction + +This chart bootstraps a [Kafka](https://github.com/bitnami/containers/tree/main/bitnami/kafka) deployment on a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +Bitnami charts can be used with [Kubeapps](https://kubeapps.dev/) for deployment and management of Helm Charts in clusters. + +Looking to use Apache Kafka in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. + +## Prerequisites + +- Kubernetes 1.23+ +- Helm 3.8.0+ +- PV provisioner support in the underlying infrastructure + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm install my-release oci://REGISTRY_NAME/REPOSITORY_NAME/kafka +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +These commands deploy Kafka on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Parameters + +### Global parameters + +| Name | Description | Value | +| ------------------------- | ----------------------------------------------- | ----- | +| `global.imageRegistry` | Global Docker image registry | `""` | +| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` | +| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` | + +### Common parameters + +| Name | Description | Value | +| ------------------------- | --------------------------------------------------------------------------------------- | --------------- | +| `kubeVersion` | Override Kubernetes version | `""` | +| `nameOverride` | String to partially override common.names.fullname | `""` | +| `fullnameOverride` | String to fully override common.names.fullname | `""` | +| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` | +| `commonLabels` | Labels to add to all deployed objects | `{}` | +| `commonAnnotations` | Annotations to add to all deployed objects | `{}` | +| `extraDeploy` | Array of extra objects to deploy with the release | `[]` | +| `serviceBindings.enabled` | Create secret for service binding (Experimental) | `false` | +| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` | +| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` | +| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` | + +### Kafka parameters + +| Name | Description | Value | +| ------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------- | +| `image.registry` | Kafka image registry | `REGISTRY_NAME` | +| `image.repository` | Kafka image repository | `REPOSITORY_NAME/kafka` | +| `image.digest` | Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `image.pullPolicy` | Kafka image pull policy | `IfNotPresent` | +| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `image.debug` | Specify if debug values should be set | `false` | +| `extraInit` | Additional content for the kafka init script, rendered as a template. | `""` | +| `config` | Configuration file for Kafka, rendered as a template. Auto-generated based on chart values when not specified. | `""` | +| `existingConfigmap` | ConfigMap with Kafka Configuration | `""` | +| `extraConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | +| `secretConfig` | Additional configuration to be appended at the end of the generated Kafka configuration file. | `""` | +| `existingSecretConfig` | Secret with additonal configuration that will be appended to the end of the generated Kafka configuration file | `""` | +| `log4j` | An optional log4j.properties file to overwrite the default of the Kafka brokers | `""` | +| `existingLog4jConfigMap` | The name of an existing ConfigMap containing a log4j.properties file | `""` | +| `heapOpts` | Kafka Java Heap size | `-Xmx1024m -Xms1024m` | +| `interBrokerProtocolVersion` | Override the setting 'inter.broker.protocol.version' during the ZK migration. | `""` | +| `listeners.client.name` | Name for the Kafka client listener | `CLIENT` | +| `listeners.client.containerPort` | Port for the Kafka client listener | `9092` | +| `listeners.client.protocol` | Security protocol for the Kafka client listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.client.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.controller.name` | Name for the Kafka controller listener | `CONTROLLER` | +| `listeners.controller.containerPort` | Port for the Kafka controller listener | `9093` | +| `listeners.controller.protocol` | Security protocol for the Kafka controller listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.controller.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.interbroker.name` | Name for the Kafka inter-broker listener | `INTERNAL` | +| `listeners.interbroker.containerPort` | Port for the Kafka inter-broker listener | `9094` | +| `listeners.interbroker.protocol` | Security protocol for the Kafka inter-broker listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.interbroker.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.external.containerPort` | Port for the Kafka external listener | `9095` | +| `listeners.external.protocol` | Security protocol for the Kafka external listener. . Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' | `SASL_PLAINTEXT` | +| `listeners.external.name` | Name for the Kafka external listener | `EXTERNAL` | +| `listeners.external.sslClientAuth` | Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.sslClientAuth for this listener. Allowed values are 'none', 'requested' and 'required' | `""` | +| `listeners.extraListeners` | Array of listener objects to be appended to already existing listeners | `[]` | +| `listeners.overrideListeners` | Overrides the Kafka 'listeners' configuration setting. | `""` | +| `listeners.advertisedListeners` | Overrides the Kafka 'advertised.listener' configuration setting. | `""` | +| `listeners.securityProtocolMap` | Overrides the Kafka 'security.protocol.map' configuration setting. | `""` | + +### Kafka SASL parameters + +| Name | Description | Value | +| ----------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------- | +| `sasl.enabledMechanisms` | Comma-separated list of allowed SASL mechanisms when SASL listeners are configured. Allowed types: `PLAIN`, `SCRAM-SHA-256`, `SCRAM-SHA-512`, `OAUTHBEARER` | `PLAIN,SCRAM-SHA-256,SCRAM-SHA-512` | +| `sasl.interBrokerMechanism` | SASL mechanism for inter broker communication. | `PLAIN` | +| `sasl.controllerMechanism` | SASL mechanism for controller communications. | `PLAIN` | +| `sasl.oauthbearer.tokenEndpointUrl` | The URL for the OAuth/OIDC identity provider | `""` | +| `sasl.oauthbearer.jwksEndpointUrl` | The OAuth/OIDC provider URL from which the provider's JWKS (JSON Web Key Set) can be retrieved | `""` | +| `sasl.oauthbearer.expectedAudience` | The comma-delimited setting for the broker to use to verify that the JWT was issued for one of the expected audiences | `""` | +| `sasl.oauthbearer.subClaimName` | The OAuth claim name for the subject. | `sub` | +| `sasl.interbroker.user` | Username for inter-broker communications when SASL is enabled | `inter_broker_user` | +| `sasl.interbroker.password` | Password for inter-broker communications when SASL is enabled. If not set and SASL is enabled for the controller listener, a random password will be generated. | `""` | +| `sasl.interbroker.clientId` | Client ID for inter-broker communications when SASL is enabled with mechanism OAUTHBEARER | `inter_broker_client` | +| `sasl.interbroker.clientSecret` | Client Secret for inter-broker communications when SASL is enabled with mechanism OAUTHBEARER. If not set and SASL is enabled for the controller listener, a random secret will be generated. | `""` | +| `sasl.controller.user` | Username for controller communications when SASL is enabled | `controller_user` | +| `sasl.controller.password` | Password for controller communications when SASL is enabled. If not set and SASL is enabled for the inter-broker listener, a random password will be generated. | `""` | +| `sasl.controller.clientId` | Client ID for controller communications when SASL is enabled with mechanism OAUTHBEARER | `controller_broker_client` | +| `sasl.controller.clientSecret` | Client Secret for controller communications when SASL is enabled with mechanism OAUTHBEARER. If not set and SASL is enabled for the inter-broker listener, a random secret will be generated. | `""` | +| `sasl.client.users` | Comma-separated list of usernames for client communications when SASL is enabled | `["user1"]` | +| `sasl.client.passwords` | Comma-separated list of passwords for client communications when SASL is enabled, must match the number of client.users | `""` | +| `sasl.zookeeper.user` | Username for zookeeper communications when SASL is enabled. | `""` | +| `sasl.zookeeper.password` | Password for zookeeper communications when SASL is enabled. | `""` | +| `sasl.existingSecret` | Name of the existing secret containing credentials for clientUsers, interBrokerUser, controllerUser and zookeeperUser | `""` | + +### Kafka TLS parameters + +| Name | Description | Value | +| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `tls.type` | Format to use for TLS certificates. Allowed types: `JKS` and `PEM` | `JKS` | +| `tls.pemChainIncluded` | Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert. | `false` | +| `tls.existingSecret` | Name of the existing secret containing the TLS certificates for the Kafka nodes. | `""` | +| `tls.autoGenerated` | Generate automatically self-signed TLS certificates for Kafka brokers. Currently only supported if `tls.type` is `PEM` | `false` | +| `tls.passwordsSecret` | Name of the secret containing the password to access the JKS files or PEM key when they are password-protected. (`key`: `password`) | `""` | +| `tls.passwordsSecretKeystoreKey` | The secret key from the tls.passwordsSecret containing the password for the Keystore. | `keystore-password` | +| `tls.passwordsSecretTruststoreKey` | The secret key from the tls.passwordsSecret containing the password for the Truststore. | `truststore-password` | +| `tls.passwordsSecretPemPasswordKey` | The secret key from the tls.passwordsSecret containing the password for the PEM key inside 'tls.passwordsSecret'. | `""` | +| `tls.keystorePassword` | Password to access the JKS keystore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. | `""` | +| `tls.truststorePassword` | Password to access the JKS truststore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. | `""` | +| `tls.keyPassword` | Password to access the PEM key when it is password-protected. | `""` | +| `tls.jksKeystoreKey` | The secret key from the `tls.existingSecret` containing the keystore | `""` | +| `tls.jksTruststoreSecret` | Name of the existing secret containing your truststore if truststore not existing or different from the one in the `tls.existingSecret` | `""` | +| `tls.jksTruststoreKey` | The secret key from the `tls.existingSecret` or `tls.jksTruststoreSecret` containing the truststore | `""` | +| `tls.endpointIdentificationAlgorithm` | The endpoint identification algorithm to validate server hostname using server certificate | `https` | +| `tls.sslClientAuth` | Sets the default value for the ssl.client.auth Kafka setting. | `required` | +| `tls.zookeeper.enabled` | Enable TLS for Zookeeper client connections. | `false` | +| `tls.zookeeper.verifyHostname` | Hostname validation. | `true` | +| `tls.zookeeper.existingSecret` | Name of the existing secret containing the TLS certificates for ZooKeeper client communications. | `""` | +| `tls.zookeeper.existingSecretKeystoreKey` | The secret key from the tls.zookeeper.existingSecret containing the Keystore. | `zookeeper.keystore.jks` | +| `tls.zookeeper.existingSecretTruststoreKey` | The secret key from the tls.zookeeper.existingSecret containing the Truststore. | `zookeeper.truststore.jks` | +| `tls.zookeeper.passwordsSecret` | Existing secret containing Keystore and Truststore passwords. | `""` | +| `tls.zookeeper.passwordsSecretKeystoreKey` | The secret key from the tls.zookeeper.passwordsSecret containing the password for the Keystore. | `keystore-password` | +| `tls.zookeeper.passwordsSecretTruststoreKey` | The secret key from the tls.zookeeper.passwordsSecret containing the password for the Truststore. | `truststore-password` | +| `tls.zookeeper.keystorePassword` | Password to access the JKS keystore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. | `""` | +| `tls.zookeeper.truststorePassword` | Password to access the JKS truststore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. | `""` | +| `extraEnvVars` | Extra environment variables to add to Kafka pods | `[]` | +| `extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `extraVolumes` | Optionally specify extra list of additional volumes for the Kafka pod(s) | `[]` | +| `extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kafka container(s) | `[]` | +| `sidecars` | Add additional sidecar containers to the Kafka pod(s) | `[]` | +| `initContainers` | Add additional Add init containers to the Kafka pod(s) | `[]` | + +### Controller-eligible statefulset parameters + +| Name | Description | Value | +| -------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `controller.replicaCount` | Number of Kafka controller-eligible nodes | `3` | +| `controller.controllerOnly` | If set to true, controller nodes will be deployed as dedicated controllers, instead of controller+broker processes. | `false` | +| `controller.minId` | Minimal node.id values for controller-eligible nodes. Do not change after first initialization. | `0` | +| `controller.zookeeperMigrationMode` | Set to true to deploy cluster controller quorum | `false` | +| `controller.config` | Configuration file for Kafka controller-eligible nodes, rendered as a template. Auto-generated based on chart values when not specified. | `""` | +| `controller.existingConfigmap` | ConfigMap with Kafka Configuration for controller-eligible nodes. | `""` | +| `controller.extraConfig` | Additional configuration to be appended at the end of the generated Kafka controller-eligible nodes configuration file. | `""` | +| `controller.secretConfig` | Additional configuration to be appended at the end of the generated Kafka controller-eligible nodes configuration file. | `""` | +| `controller.existingSecretConfig` | Secret with additonal configuration that will be appended to the end of the generated Kafka controller-eligible nodes configuration file | `""` | +| `controller.heapOpts` | Kafka Java Heap size for controller-eligible nodes | `-Xmx1024m -Xms1024m` | +| `controller.command` | Override Kafka container command | `[]` | +| `controller.args` | Override Kafka container arguments | `[]` | +| `controller.extraEnvVars` | Extra environment variables to add to Kafka pods | `[]` | +| `controller.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `controller.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `controller.extraContainerPorts` | Kafka controller-eligible extra containerPorts. | `[]` | +| `controller.livenessProbe.enabled` | Enable livenessProbe on Kafka containers | `true` | +| `controller.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `controller.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `controller.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `controller.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `controller.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `controller.readinessProbe.enabled` | Enable readinessProbe on Kafka containers | `true` | +| `controller.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `controller.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `controller.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `controller.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `controller.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `controller.startupProbe.enabled` | Enable startupProbe on Kafka containers | `false` | +| `controller.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `controller.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `controller.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `controller.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `controller.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `controller.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `controller.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `controller.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `controller.lifecycleHooks` | lifecycleHooks for the Kafka container to automate configuration before or after startup | `{}` | +| `controller.resources.limits` | The resources limits for the container | `{}` | +| `controller.resources.requests` | The requested resources for the container | `{}` | +| `controller.podSecurityContext.enabled` | Enable security context for the pods | `true` | +| `controller.podSecurityContext.fsGroup` | Set Kafka pod's Security Context fsGroup | `1001` | +| `controller.podSecurityContext.seccompProfile.type` | Set Kafka pods's Security Context seccomp profile | `RuntimeDefault` | +| `controller.containerSecurityContext.enabled` | Enable Kafka containers' Security Context | `true` | +| `controller.containerSecurityContext.runAsUser` | Set Kafka containers' Security Context runAsUser | `1001` | +| `controller.containerSecurityContext.runAsNonRoot` | Set Kafka containers' Security Context runAsNonRoot | `true` | +| `controller.containerSecurityContext.allowPrivilegeEscalation` | Force the child process to be run as non-privileged | `false` | +| `controller.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly only | `true` | +| `controller.containerSecurityContext.capabilities.drop` | Set Kafka containers' server Security Context capabilities to be dropped | `["ALL"]` | +| `controller.hostAliases` | Kafka pods host aliases | `[]` | +| `controller.hostNetwork` | Specify if host network should be enabled for Kafka pods | `false` | +| `controller.hostIPC` | Specify if host IPC should be enabled for Kafka pods | `false` | +| `controller.podLabels` | Extra labels for Kafka pods | `{}` | +| `controller.podAnnotations` | Extra annotations for Kafka pods | `{}` | +| `controller.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `controller.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `controller.nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `controller.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `controller.affinity` | Affinity for pod assignment | `{}` | +| `controller.nodeSelector` | Node labels for pod assignment | `{}` | +| `controller.tolerations` | Tolerations for pod assignment | `[]` | +| `controller.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `controller.terminationGracePeriodSeconds` | Seconds the pod needs to gracefully terminate | `""` | +| `controller.podManagementPolicy` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | `Parallel` | +| `controller.priorityClassName` | Name of the existing priority class to be used by kafka pods | `""` | +| `controller.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `controller.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `controller.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `controller.updateStrategy.type` | Kafka statefulset strategy type | `RollingUpdate` | +| `controller.extraVolumes` | Optionally specify extra list of additional volumes for the Kafka pod(s) | `[]` | +| `controller.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kafka container(s) | `[]` | +| `controller.sidecars` | Add additional sidecar containers to the Kafka pod(s) | `[]` | +| `controller.initContainers` | Add additional Add init containers to the Kafka pod(s) | `[]` | +| `controller.pdb.create` | Deploy a pdb object for the Kafka pod | `false` | +| `controller.pdb.minAvailable` | Maximum number/percentage of unavailable Kafka replicas | `""` | +| `controller.pdb.maxUnavailable` | Maximum number/percentage of unavailable Kafka replicas | `1` | +| `controller.persistence.enabled` | Enable Kafka data persistence using PVC, note that ZooKeeper persistence is unaffected | `true` | +| `controller.persistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | +| `controller.persistence.storageClass` | PVC Storage Class for Kafka data volume | `""` | +| `controller.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `controller.persistence.size` | PVC Storage Request for Kafka data volume | `8Gi` | +| `controller.persistence.annotations` | Annotations for the PVC | `{}` | +| `controller.persistence.labels` | Labels for the PVC | `{}` | +| `controller.persistence.selector` | Selector to match an existing Persistent Volume for Kafka data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` | +| `controller.persistence.mountPath` | Mount path of the Kafka data volume | `/bitnami/kafka` | +| `controller.logPersistence.enabled` | Enable Kafka logs persistence using PVC, note that ZooKeeper persistence is unaffected | `false` | +| `controller.logPersistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | +| `controller.logPersistence.storageClass` | PVC Storage Class for Kafka logs volume | `""` | +| `controller.logPersistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `controller.logPersistence.size` | PVC Storage Request for Kafka logs volume | `8Gi` | +| `controller.logPersistence.annotations` | Annotations for the PVC | `{}` | +| `controller.logPersistence.selector` | Selector to match an existing Persistent Volume for Kafka log data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` | +| `controller.logPersistence.mountPath` | Mount path of the Kafka logs volume | `/opt/bitnami/kafka/logs` | + +### Broker-only statefulset parameters + +| Name | Description | Value | +| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `broker.replicaCount` | Number of Kafka broker-only nodes | `0` | +| `broker.minId` | Minimal node.id values for broker-only nodes. Do not change after first initialization. | `100` | +| `broker.zookeeperMigrationMode` | Set to true to deploy cluster controller quorum | `false` | +| `broker.config` | Configuration file for Kafka broker-only nodes, rendered as a template. Auto-generated based on chart values when not specified. | `""` | +| `broker.existingConfigmap` | ConfigMap with Kafka Configuration for broker-only nodes. | `""` | +| `broker.extraConfig` | Additional configuration to be appended at the end of the generated Kafka broker-only nodes configuration file. | `""` | +| `broker.secretConfig` | Additional configuration to be appended at the end of the generated Kafka broker-only nodes configuration file. | `""` | +| `broker.existingSecretConfig` | Secret with additonal configuration that will be appended to the end of the generated Kafka broker-only nodes configuration file | `""` | +| `broker.heapOpts` | Kafka Java Heap size for broker-only nodes | `-Xmx1024m -Xms1024m` | +| `broker.command` | Override Kafka container command | `[]` | +| `broker.args` | Override Kafka container arguments | `[]` | +| `broker.extraEnvVars` | Extra environment variables to add to Kafka pods | `[]` | +| `broker.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `broker.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `broker.extraContainerPorts` | Kafka broker-only extra containerPorts. | `[]` | +| `broker.livenessProbe.enabled` | Enable livenessProbe on Kafka containers | `true` | +| `broker.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` | +| `broker.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` | +| `broker.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` | +| `broker.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `3` | +| `broker.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` | +| `broker.readinessProbe.enabled` | Enable readinessProbe on Kafka containers | `true` | +| `broker.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` | +| `broker.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` | +| `broker.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` | +| `broker.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` | +| `broker.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` | +| `broker.startupProbe.enabled` | Enable startupProbe on Kafka containers | `false` | +| `broker.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `30` | +| `broker.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` | +| `broker.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `1` | +| `broker.startupProbe.failureThreshold` | Failure threshold for startupProbe | `15` | +| `broker.startupProbe.successThreshold` | Success threshold for startupProbe | `1` | +| `broker.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` | +| `broker.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` | +| `broker.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` | +| `broker.lifecycleHooks` | lifecycleHooks for the Kafka container to automate configuration before or after startup | `{}` | +| `broker.resources.limits` | The resources limits for the container | `{}` | +| `broker.resources.requests` | The requested resources for the container | `{}` | +| `broker.podSecurityContext.enabled` | Enable security context for the pods | `true` | +| `broker.podSecurityContext.fsGroup` | Set Kafka pod's Security Context fsGroup | `1001` | +| `broker.podSecurityContext.seccompProfile.type` | Set Kafka pod's Security Context seccomp profile | `RuntimeDefault` | +| `broker.containerSecurityContext.enabled` | Enable Kafka containers' Security Context | `true` | +| `broker.containerSecurityContext.runAsUser` | Set Kafka containers' Security Context runAsUser | `1001` | +| `broker.containerSecurityContext.runAsNonRoot` | Set Kafka containers' Security Context runAsNonRoot | `true` | +| `broker.containerSecurityContext.allowPrivilegeEscalation` | Force the child process to be run as non-privileged | `false` | +| `broker.containerSecurityContext.readOnlyRootFilesystem` | Allows the pod to mount the RootFS as ReadOnly only | `true` | +| `broker.containerSecurityContext.capabilities.drop` | Set Kafka containers' server Security Context capabilities to be dropped | `["ALL"]` | +| `broker.hostAliases` | Kafka pods host aliases | `[]` | +| `broker.hostNetwork` | Specify if host network should be enabled for Kafka pods | `false` | +| `broker.hostIPC` | Specify if host IPC should be enabled for Kafka pods | `false` | +| `broker.podLabels` | Extra labels for Kafka pods | `{}` | +| `broker.podAnnotations` | Extra annotations for Kafka pods | `{}` | +| `broker.podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `broker.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `broker.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `broker.nodeAffinityPreset.key` | Node label key to match Ignored if `affinity` is set. | `""` | +| `broker.nodeAffinityPreset.values` | Node label values to match. Ignored if `affinity` is set. | `[]` | +| `broker.affinity` | Affinity for pod assignment | `{}` | +| `broker.nodeSelector` | Node labels for pod assignment | `{}` | +| `broker.tolerations` | Tolerations for pod assignment | `[]` | +| `broker.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | +| `broker.terminationGracePeriodSeconds` | Seconds the pod needs to gracefully terminate | `""` | +| `broker.podManagementPolicy` | StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel | `Parallel` | +| `broker.priorityClassName` | Name of the existing priority class to be used by kafka pods | `""` | +| `broker.runtimeClassName` | Name of the runtime class to be used by pod(s) | `""` | +| `broker.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `broker.schedulerName` | Name of the k8s scheduler (other than default) | `""` | +| `broker.updateStrategy.type` | Kafka statefulset strategy type | `RollingUpdate` | +| `broker.extraVolumes` | Optionally specify extra list of additional volumes for the Kafka pod(s) | `[]` | +| `broker.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kafka container(s) | `[]` | +| `broker.sidecars` | Add additional sidecar containers to the Kafka pod(s) | `[]` | +| `broker.initContainers` | Add additional Add init containers to the Kafka pod(s) | `[]` | +| `broker.pdb.create` | Deploy a pdb object for the Kafka pod | `false` | +| `broker.pdb.minAvailable` | Maximum number/percentage of unavailable Kafka replicas | `""` | +| `broker.pdb.maxUnavailable` | Maximum number/percentage of unavailable Kafka replicas | `1` | +| `broker.persistence.enabled` | Enable Kafka data persistence using PVC, note that ZooKeeper persistence is unaffected | `true` | +| `broker.persistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | +| `broker.persistence.storageClass` | PVC Storage Class for Kafka data volume | `""` | +| `broker.persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `broker.persistence.size` | PVC Storage Request for Kafka data volume | `8Gi` | +| `broker.persistence.annotations` | Annotations for the PVC | `{}` | +| `broker.persistence.labels` | Labels for the PVC | `{}` | +| `broker.persistence.selector` | Selector to match an existing Persistent Volume for Kafka data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` | +| `broker.persistence.mountPath` | Mount path of the Kafka data volume | `/bitnami/kafka` | +| `broker.logPersistence.enabled` | Enable Kafka logs persistence using PVC, note that ZooKeeper persistence is unaffected | `false` | +| `broker.logPersistence.existingClaim` | A manually managed Persistent Volume and Claim | `""` | +| `broker.logPersistence.storageClass` | PVC Storage Class for Kafka logs volume | `""` | +| `broker.logPersistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` | +| `broker.logPersistence.size` | PVC Storage Request for Kafka logs volume | `8Gi` | +| `broker.logPersistence.annotations` | Annotations for the PVC | `{}` | +| `broker.logPersistence.selector` | Selector to match an existing Persistent Volume for Kafka log data PVC. If set, the PVC can't have a PV dynamically provisioned for it | `{}` | +| `broker.logPersistence.mountPath` | Mount path of the Kafka logs volume | `/opt/bitnami/kafka/logs` | + +### Traffic Exposure parameters + +| Name | Description | Value | +| ------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.ports.client` | Kafka svc port for client connections | `9092` | +| `service.ports.controller` | Kafka svc port for controller connections. It is used if "kraft.enabled: true" | `9093` | +| `service.ports.interbroker` | Kafka svc port for inter-broker connections | `9094` | +| `service.ports.external` | Kafka svc port for external connections | `9095` | +| `service.extraPorts` | Extra ports to expose in the Kafka service (normally used with the `sidecar` value) | `[]` | +| `service.nodePorts.client` | Node port for the Kafka client connections | `""` | +| `service.nodePorts.external` | Node port for the Kafka external connections | `""` | +| `service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | +| `service.clusterIP` | Kafka service Cluster IP | `""` | +| `service.loadBalancerIP` | Kafka service Load Balancer IP | `""` | +| `service.loadBalancerSourceRanges` | Kafka service Load Balancer sources | `[]` | +| `service.externalTrafficPolicy` | Kafka service external traffic policy | `Cluster` | +| `service.annotations` | Additional custom annotations for Kafka service | `{}` | +| `service.headless.controller.annotations` | Annotations for the controller-eligible headless service. | `{}` | +| `service.headless.controller.labels` | Labels for the controller-eligible headless service. | `{}` | +| `service.headless.broker.annotations` | Annotations for the broker-only headless service. | `{}` | +| `service.headless.broker.labels` | Labels for the broker-only headless service. | `{}` | +| `externalAccess.enabled` | Enable Kubernetes external cluster access to Kafka brokers | `false` | +| `externalAccess.autoDiscovery.enabled` | Enable using an init container to auto-detect external IPs/ports by querying the K8s API | `false` | +| `externalAccess.autoDiscovery.image.registry` | Init container auto-discovery image registry | `REGISTRY_NAME` | +| `externalAccess.autoDiscovery.image.repository` | Init container auto-discovery image repository | `REPOSITORY_NAME/kubectl` | +| `externalAccess.autoDiscovery.image.digest` | Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `externalAccess.autoDiscovery.image.pullPolicy` | Init container auto-discovery image pull policy | `IfNotPresent` | +| `externalAccess.autoDiscovery.image.pullSecrets` | Init container auto-discovery image pull secrets | `[]` | +| `externalAccess.autoDiscovery.resources.limits` | The resources limits for the auto-discovery init container | `{}` | +| `externalAccess.autoDiscovery.resources.requests` | The requested resources for the auto-discovery init container | `{}` | +| `externalAccess.controller.forceExpose` | If set to true, force exposing controller-eligible nodes although they are configured as controller-only nodes | `false` | +| `externalAccess.controller.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | +| `externalAccess.controller.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | +| `externalAccess.controller.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.controller.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | +| `externalAccess.controller.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | +| `externalAccess.controller.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | +| `externalAccess.controller.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | +| `externalAccess.controller.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | +| `externalAccess.controller.service.labels` | Service labels for external access | `{}` | +| `externalAccess.controller.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.controller.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | +| `externalAccess.broker.service.type` | Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP | `LoadBalancer` | +| `externalAccess.broker.service.ports.external` | Kafka port used for external access when service type is LoadBalancer | `9094` | +| `externalAccess.broker.service.loadBalancerIPs` | Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerNames` | Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerAnnotations` | Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` | +| `externalAccess.broker.service.nodePorts` | Array of node ports used for each Kafka broker. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.externalIPs` | Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount | `[]` | +| `externalAccess.broker.service.useHostIPs` | Use service host IPs to configure Kafka external listener when service type is NodePort | `false` | +| `externalAccess.broker.service.usePodIPs` | using the MY_POD_IP address for external access. | `false` | +| `externalAccess.broker.service.domain` | Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP | `""` | +| `externalAccess.broker.service.publishNotReadyAddresses` | Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready | `false` | +| `externalAccess.broker.service.labels` | Service labels for external access | `{}` | +| `externalAccess.broker.service.annotations` | Service annotations for external access | `{}` | +| `externalAccess.broker.service.extraPorts` | Extra ports to expose in the Kafka external service | `[]` | +| `networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `networkPolicy.explicitNamespacesSelector` | A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed | `{}` | +| `networkPolicy.externalAccess.from` | customize the from section for External Access on tcp-external port | `[]` | +| `networkPolicy.egressRules.customRules` | Custom network policy rule | `{}` | + +### Volume Permissions parameters + +| Name | Description | Value | +| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------- | -------------------------- | +| `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume | `false` | +| `volumePermissions.image.registry` | Init container volume-permissions image registry | `REGISTRY_NAME` | +| `volumePermissions.image.repository` | Init container volume-permissions image repository | `REPOSITORY_NAME/os-shell` | +| `volumePermissions.image.digest` | Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | +| `volumePermissions.image.pullSecrets` | Init container volume-permissions image pull secrets | `[]` | +| `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | +| `volumePermissions.resources.requests` | Init container volume-permissions resource requests | `{}` | +| `volumePermissions.containerSecurityContext.runAsUser` | User ID for the init container | `0` | + +### Other Parameters + +| Name | Description | Value | +| --------------------------------------------- | ---------------------------------------------------------------------------------------------- | ------- | +| `serviceAccount.create` | Enable creation of ServiceAccount for Kafka pods | `true` | +| `serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | `""` | +| `serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | +| `serviceAccount.annotations` | Additional custom annotations for the ServiceAccount | `{}` | +| `rbac.create` | Whether to create & use RBAC resources or not | `false` | + +### Metrics parameters + +| Name | Description | Value | +| ----------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------- | +| `metrics.kafka.enabled` | Whether or not to create a standalone Kafka exporter to expose Kafka metrics | `false` | +| `metrics.kafka.image.registry` | Kafka exporter image registry | `REGISTRY_NAME` | +| `metrics.kafka.image.repository` | Kafka exporter image repository | `REPOSITORY_NAME/kafka-exporter` | +| `metrics.kafka.image.digest` | Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.kafka.image.pullPolicy` | Kafka exporter image pull policy | `IfNotPresent` | +| `metrics.kafka.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.kafka.certificatesSecret` | Name of the existing secret containing the optional certificate and key files | `""` | +| `metrics.kafka.tlsCert` | The secret key from the certificatesSecret if 'client-cert' key different from the default (cert-file) | `cert-file` | +| `metrics.kafka.tlsKey` | The secret key from the certificatesSecret if 'client-key' key different from the default (key-file) | `key-file` | +| `metrics.kafka.tlsCaSecret` | Name of the existing secret containing the optional ca certificate for Kafka exporter client authentication | `""` | +| `metrics.kafka.tlsCaCert` | The secret key from the certificatesSecret or tlsCaSecret if 'ca-cert' key different from the default (ca-file) | `ca-file` | +| `metrics.kafka.extraFlags` | Extra flags to be passed to Kafka exporter | `{}` | +| `metrics.kafka.command` | Override Kafka exporter container command | `[]` | +| `metrics.kafka.args` | Override Kafka exporter container arguments | `[]` | +| `metrics.kafka.containerPorts.metrics` | Kafka exporter metrics container port | `9308` | +| `metrics.kafka.resources.limits` | The resources limits for the container | `{}` | +| `metrics.kafka.resources.requests` | The requested resources for the container | `{}` | +| `metrics.kafka.podSecurityContext.enabled` | Enable security context for the pods | `true` | +| `metrics.kafka.podSecurityContext.fsGroup` | Set Kafka exporter pod's Security Context fsGroup | `1001` | +| `metrics.kafka.podSecurityContext.seccompProfile.type` | Set Kafka exporter pod's Security Context seccomp profile | `RuntimeDefault` | +| `metrics.kafka.containerSecurityContext.enabled` | Enable Kafka exporter containers' Security Context | `true` | +| `metrics.kafka.containerSecurityContext.runAsUser` | Set Kafka exporter containers' Security Context runAsUser | `1001` | +| `metrics.kafka.containerSecurityContext.runAsNonRoot` | Set Kafka exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.kafka.containerSecurityContext.allowPrivilegeEscalation` | Set Kafka exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.kafka.containerSecurityContext.readOnlyRootFilesystem` | Set Kafka exporter containers' Security Context readOnlyRootFilesystem | `true` | +| `metrics.kafka.containerSecurityContext.capabilities.drop` | Set Kafka exporter containers' Security Context capabilities to be dropped | `["ALL"]` | +| `metrics.kafka.hostAliases` | Kafka exporter pods host aliases | `[]` | +| `metrics.kafka.podLabels` | Extra labels for Kafka exporter pods | `{}` | +| `metrics.kafka.podAnnotations` | Extra annotations for Kafka exporter pods | `{}` | +| `metrics.kafka.podAffinityPreset` | Pod affinity preset. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.kafka.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` | `soft` | +| `metrics.kafka.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` | `""` | +| `metrics.kafka.nodeAffinityPreset.key` | Node label key to match Ignored if `metrics.kafka.affinity` is set. | `""` | +| `metrics.kafka.nodeAffinityPreset.values` | Node label values to match. Ignored if `metrics.kafka.affinity` is set. | `[]` | +| `metrics.kafka.affinity` | Affinity for pod assignment | `{}` | +| `metrics.kafka.nodeSelector` | Node labels for pod assignment | `{}` | +| `metrics.kafka.tolerations` | Tolerations for pod assignment | `[]` | +| `metrics.kafka.schedulerName` | Name of the k8s scheduler (other than default) for Kafka exporter | `""` | +| `metrics.kafka.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `metrics.kafka.priorityClassName` | Kafka exporter pods' priorityClassName | `""` | +| `metrics.kafka.topologySpreadConstraints` | Topology Spread Constraints for pod assignment | `[]` | +| `metrics.kafka.extraVolumes` | Optionally specify extra list of additional volumes for the Kafka exporter pod(s) | `[]` | +| `metrics.kafka.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kafka exporter container(s) | `[]` | +| `metrics.kafka.sidecars` | Add additional sidecar containers to the Kafka exporter pod(s) | `[]` | +| `metrics.kafka.initContainers` | Add init containers to the Kafka exporter pods | `[]` | +| `metrics.kafka.service.ports.metrics` | Kafka exporter metrics service port | `9308` | +| `metrics.kafka.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.kafka.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.kafka.service.annotations` | Annotations for the Kafka exporter service | `{}` | +| `metrics.kafka.serviceAccount.create` | Enable creation of ServiceAccount for Kafka exporter pods | `true` | +| `metrics.kafka.serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | `""` | +| `metrics.kafka.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | +| `metrics.jmx.enabled` | Whether or not to expose JMX metrics to Prometheus | `false` | +| `metrics.jmx.kafkaJmxPort` | JMX port where the exporter will collect metrics, exposed in the Kafka container. | `5555` | +| `metrics.jmx.image.registry` | JMX exporter image registry | `REGISTRY_NAME` | +| `metrics.jmx.image.repository` | JMX exporter image repository | `REPOSITORY_NAME/jmx-exporter` | +| `metrics.jmx.image.digest` | JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` | +| `metrics.jmx.image.pullPolicy` | JMX exporter image pull policy | `IfNotPresent` | +| `metrics.jmx.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | +| `metrics.jmx.containerSecurityContext.enabled` | Enable Prometheus JMX exporter containers' Security Context | `true` | +| `metrics.jmx.containerSecurityContext.runAsUser` | Set Prometheus JMX exporter containers' Security Context runAsUser | `1001` | +| `metrics.jmx.containerSecurityContext.runAsNonRoot` | Set Prometheus JMX exporter containers' Security Context runAsNonRoot | `true` | +| `metrics.jmx.containerSecurityContext.allowPrivilegeEscalation` | Set Prometheus JMX exporter containers' Security Context allowPrivilegeEscalation | `false` | +| `metrics.jmx.containerSecurityContext.readOnlyRootFilesystem` | Set Prometheus JMX exporter containers' Security Context readOnlyRootFilesystem | `true` | +| `metrics.jmx.containerSecurityContext.capabilities.drop` | Set Prometheus JMX exporter containers' Security Context capabilities to be dropped | `["ALL"]` | +| `metrics.jmx.containerPorts.metrics` | Prometheus JMX exporter metrics container port | `5556` | +| `metrics.jmx.resources.limits` | The resources limits for the JMX exporter container | `{}` | +| `metrics.jmx.resources.requests` | The requested resources for the JMX exporter container | `{}` | +| `metrics.jmx.service.ports.metrics` | Prometheus JMX exporter metrics service port | `5556` | +| `metrics.jmx.service.clusterIP` | Static clusterIP or None for headless services | `""` | +| `metrics.jmx.service.sessionAffinity` | Control where client requests go, to the same pod or round-robin | `None` | +| `metrics.jmx.service.annotations` | Annotations for the Prometheus JMX exporter service | `{}` | +| `metrics.jmx.whitelistObjectNames` | Allows setting which JMX objects you want to expose to via JMX stats to JMX exporter | `["kafka.controller:*","kafka.server:*","java.lang:*","kafka.network:*","kafka.log:*"]` | +| `metrics.jmx.config` | Configuration file for JMX exporter | `""` | +| `metrics.jmx.existingConfigmap` | Name of existing ConfigMap with JMX exporter configuration | `""` | +| `metrics.jmx.extraRules` | Add extra rules to JMX exporter configuration | `""` | +| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.kafka.enabled` or `metrics.jmx.enabled` to be `true`) | `false` | +| `metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.serviceMonitor.interval` | Interval at which metrics should be scraped | `""` | +| `metrics.serviceMonitor.scrapeTimeout` | Timeout after which the scrape is ended | `""` | +| `metrics.serviceMonitor.labels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | `{}` | +| `metrics.serviceMonitor.selector` | Prometheus instance selector labels | `{}` | +| `metrics.serviceMonitor.relabelings` | RelabelConfigs to apply to samples before scraping | `[]` | +| `metrics.serviceMonitor.metricRelabelings` | MetricRelabelConfigs to apply to samples before ingestion | `[]` | +| `metrics.serviceMonitor.honorLabels` | Specify honorLabels parameter to add the scrape endpoint | `false` | +| `metrics.serviceMonitor.jobLabel` | The name of the label on the target service to use as the job name in prometheus. | `""` | +| `metrics.prometheusRule.enabled` | if `true`, creates a Prometheus Operator PrometheusRule (requires `metrics.kafka.enabled` or `metrics.jmx.enabled` to be `true`) | `false` | +| `metrics.prometheusRule.namespace` | Namespace in which Prometheus is running | `""` | +| `metrics.prometheusRule.labels` | Additional labels that can be used so PrometheusRule will be discovered by Prometheus | `{}` | +| `metrics.prometheusRule.groups` | Prometheus Rule Groups for Kafka | `[]` | + +### Kafka provisioning parameters + +| Name | Description | Value | +| ---------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------- | --------------------- | +| `provisioning.enabled` | Enable kafka provisioning Job | `false` | +| `provisioning.numPartitions` | Default number of partitions for topics when unspecified | `1` | +| `provisioning.replicationFactor` | Default replication factor for topics when unspecified | `1` | +| `provisioning.topics` | Kafka topics to provision | `[]` | +| `provisioning.nodeSelector` | Node labels for pod assignment | `{}` | +| `provisioning.tolerations` | Tolerations for pod assignment | `[]` | +| `provisioning.extraProvisioningCommands` | Extra commands to run to provision cluster resources | `[]` | +| `provisioning.parallel` | Number of provisioning commands to run at the same time | `1` | +| `provisioning.preScript` | Extra bash script to run before topic provisioning. $CLIENT_CONF is path to properties file with most needed configurations | `""` | +| `provisioning.postScript` | Extra bash script to run after topic provisioning. $CLIENT_CONF is path to properties file with most needed configurations | `""` | +| `provisioning.auth.tls.type` | Format to use for TLS certificates. Allowed types: `JKS` and `PEM`. | `jks` | +| `provisioning.auth.tls.certificatesSecret` | Existing secret containing the TLS certificates for the Kafka provisioning Job. | `""` | +| `provisioning.auth.tls.cert` | The secret key from the certificatesSecret if 'cert' key different from the default (tls.crt) | `tls.crt` | +| `provisioning.auth.tls.key` | The secret key from the certificatesSecret if 'key' key different from the default (tls.key) | `tls.key` | +| `provisioning.auth.tls.caCert` | The secret key from the certificatesSecret if 'caCert' key different from the default (ca.crt) | `ca.crt` | +| `provisioning.auth.tls.keystore` | The secret key from the certificatesSecret if 'keystore' key different from the default (keystore.jks) | `keystore.jks` | +| `provisioning.auth.tls.truststore` | The secret key from the certificatesSecret if 'truststore' key different from the default (truststore.jks) | `truststore.jks` | +| `provisioning.auth.tls.passwordsSecret` | Name of the secret containing passwords to access the JKS files or PEM key when they are password-protected. | `""` | +| `provisioning.auth.tls.keyPasswordSecretKey` | The secret key from the passwordsSecret if 'keyPasswordSecretKey' key different from the default (key-password) | `key-password` | +| `provisioning.auth.tls.keystorePasswordSecretKey` | The secret key from the passwordsSecret if 'keystorePasswordSecretKey' key different from the default (keystore-password) | `keystore-password` | +| `provisioning.auth.tls.truststorePasswordSecretKey` | The secret key from the passwordsSecret if 'truststorePasswordSecretKey' key different from the default (truststore-password) | `truststore-password` | +| `provisioning.auth.tls.keyPassword` | Password to access the password-protected PEM key if necessary. Ignored if 'passwordsSecret' is provided. | `""` | +| `provisioning.auth.tls.keystorePassword` | Password to access the JKS keystore. Ignored if 'passwordsSecret' is provided. | `""` | +| `provisioning.auth.tls.truststorePassword` | Password to access the JKS truststore. Ignored if 'passwordsSecret' is provided. | `""` | +| `provisioning.command` | Override provisioning container command | `[]` | +| `provisioning.args` | Override provisioning container arguments | `[]` | +| `provisioning.extraEnvVars` | Extra environment variables to add to the provisioning pod | `[]` | +| `provisioning.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` | +| `provisioning.extraEnvVarsSecret` | Secret with extra environment variables | `""` | +| `provisioning.podAnnotations` | Extra annotations for Kafka provisioning pods | `{}` | +| `provisioning.podLabels` | Extra labels for Kafka provisioning pods | `{}` | +| `provisioning.serviceAccount.create` | Enable creation of ServiceAccount for Kafka provisioning pods | `false` | +| `provisioning.serviceAccount.name` | The name of the service account to use. If not set and `create` is `true`, a name is generated | `""` | +| `provisioning.serviceAccount.automountServiceAccountToken` | Allows auto mount of ServiceAccountToken on the serviceAccount created | `true` | +| `provisioning.resources.limits` | The resources limits for the Kafka provisioning container | `{}` | +| `provisioning.resources.requests` | The requested resources for the Kafka provisioning container | `{}` | +| `provisioning.podSecurityContext.enabled` | Enable security context for the pods | `true` | +| `provisioning.podSecurityContext.fsGroup` | Set Kafka provisioning pod's Security Context fsGroup | `1001` | +| `provisioning.podSecurityContext.seccompProfile.type` | Set Kafka provisioning pod's Security Context seccomp profile | `RuntimeDefault` | +| `provisioning.containerSecurityContext.enabled` | Enable Kafka provisioning containers' Security Context | `true` | +| `provisioning.containerSecurityContext.runAsUser` | Set Kafka provisioning containers' Security Context runAsUser | `1001` | +| `provisioning.containerSecurityContext.runAsNonRoot` | Set Kafka provisioning containers' Security Context runAsNonRoot | `true` | +| `provisioning.containerSecurityContext.allowPrivilegeEscalation` | Set Kafka provisioning containers' Security Context allowPrivilegeEscalation | `false` | +| `provisioning.containerSecurityContext.readOnlyRootFilesystem` | Set Kafka provisioning containers' Security Context readOnlyRootFilesystem | `true` | +| `provisioning.containerSecurityContext.capabilities.drop` | Set Kafka provisioning containers' Security Context capabilities to be dropped | `["ALL"]` | +| `provisioning.schedulerName` | Name of the k8s scheduler (other than default) for kafka provisioning | `""` | +| `provisioning.enableServiceLinks` | Whether information about services should be injected into pod's environment variable | `true` | +| `provisioning.extraVolumes` | Optionally specify extra list of additional volumes for the Kafka provisioning pod(s) | `[]` | +| `provisioning.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Kafka provisioning container(s) | `[]` | +| `provisioning.sidecars` | Add additional sidecar containers to the Kafka provisioning pod(s) | `[]` | +| `provisioning.initContainers` | Add additional Add init containers to the Kafka provisioning pod(s) | `[]` | +| `provisioning.waitForKafka` | If true use an init container to wait until kafka is ready before starting provisioning | `true` | + +### KRaft chart parameters + +| Name | Description | Value | +| ------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | +| `kraft.enabled` | Switch to enable or disable the KRaft mode for Kafka | `true` | +| `kraft.existingClusterIdSecret` | Name of the secret containing the cluster ID for the Kafka KRaft cluster. This is incompatible with the clusterId parameter. If both are set, the existingClusterIdSecret will be used | `""` | +| `kraft.clusterId` | Kafka Kraft cluster ID. If not set, a random cluster ID will be generated the first time Kraft is initialized. | `""` | +| `kraft.controllerQuorumVoters` | Override the Kafka controller quorum voters of the Kafka Kraft cluster. If not set, it will be automatically configured to use all controller-elegible nodes. | `""` | + +### ZooKeeper chart parameters + +| Name | Description | Value | +| --------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | +| `zookeeperChrootPath` | Path which puts data under some path in the global ZooKeeper namespace | `""` | +| `zookeeper.enabled` | Switch to enable or disable the ZooKeeper helm chart. Must be false if you use KRaft mode. | `false` | +| `zookeeper.replicaCount` | Number of ZooKeeper nodes | `1` | +| `zookeeper.auth.client.enabled` | Enable ZooKeeper auth | `false` | +| `zookeeper.auth.client.clientUser` | User that will use ZooKeeper client (zkCli.sh) to authenticate. Must exist in the serverUsers comma-separated list. | `""` | +| `zookeeper.auth.client.clientPassword` | Password that will use ZooKeeper client (zkCli.sh) to authenticate. Must exist in the serverPasswords comma-separated list. | `""` | +| `zookeeper.auth.client.serverUsers` | Comma, semicolon or whitespace separated list of user to be created. Specify them as a string, for example: "user1,user2,admin" | `""` | +| `zookeeper.auth.client.serverPasswords` | Comma, semicolon or whitespace separated list of passwords to assign to users when created. Specify them as a string, for example: "pass4user1, pass4user2, pass4admin" | `""` | +| `zookeeper.persistence.enabled` | Enable persistence on ZooKeeper using PVC(s) | `true` | +| `zookeeper.persistence.storageClass` | Persistent Volume storage class | `""` | +| `zookeeper.persistence.accessModes` | Persistent Volume access modes | `["ReadWriteOnce"]` | +| `zookeeper.persistence.size` | Persistent Volume size | `8Gi` | +| `externalZookeeper.servers` | List of external zookeeper servers to use. Typically used in combination with 'zookeeperChrootPath'. Must be empty if you use KRaft mode. | `[]` | + +```console +helm install my-release \ + --set replicaCount=3 \ + oci://REGISTRY_NAME/REPOSITORY_NAME/kafka +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +The above command deploys Kafka with 3 brokers (replicas). + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml oci://REGISTRY_NAME/REPOSITORY_NAME/kafka +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Configuration and installation details + +### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/) + +It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image. + +Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist. + +### Listeners configuration + +This chart allows you to automatically configure Kafka with 3 listeners: + +- One for inter-broker communications. +- A second one for communications with clients within the K8s cluster. +- (optional) a third listener for communications with clients outside the K8s cluster. Check [this section](#accessing-kafka-brokers-from-outside-the-cluster) for more information. + +For more complex configurations, set the `listeners`, `advertisedListeners` and `listenerSecurityProtocolMap` parameters as needed. + +### Enable security for Kafka and Zookeeper + +You can configure different authentication protocols for each listener you configure in Kafka. For instance, you can use `sasl_tls` authentication for client communications, while using `tls` for inter-broker communications. This table shows the available protocols and the security they provide: + +| Method | Authentication | Encryption via TLS | +|-----------|------------------------------|--------------------| +| plaintext | None | No | +| tls | None | Yes | +| mtls | Yes (two-way authentication) | Yes | +| sasl | Yes (via SASL) | No | +| sasl_tls | Yes (via SASL) | Yes | + +Learn more about how to configure Kafka to use the different authentication protocols in the [chart documentation](https://docs.bitnami.com/kubernetes/infrastructure/kafka/administration/enable-security/). + +If you enabled SASL authentication on any listener, you can set the SASL credentials using the parameters below: + +- `auth.sasl.jaas.clientUsers`/`auth.sasl.jaas.clientPasswords`: when enabling SASL authentication for communications with clients. +- `auth.sasl.jaas.interBrokerUser`/`auth.sasl.jaas.interBrokerPassword`: when enabling SASL authentication for inter-broker communications. +- `auth.jaas.zookeeperUser`/`auth.jaas.zookeeperPassword`: In the case that the Zookeeper chart is deployed with SASL authentication enabled. + +In order to configure TLS authentication/encryption, you **can** create a secret per Kafka broker you have in the cluster containing the Java Key Stores (JKS) files: the truststore (`kafka.truststore.jks`) and the keystore (`kafka.keystore.jks`). Then, you need pass the secret names with the `tls.existingSecret` parameter when deploying the chart. + +> **Note**: If the JKS files are password protected (recommended), you will need to provide the password to get access to the keystores. To do so, use the `tls.password` parameter to provide your password. + +For instance, to configure TLS authentication on a Kafka cluster with 2 Kafka brokers use the commands below to create the secrets: + +```console +kubectl create secret generic kafka-jks-0 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-0.keystore.jks +kubectl create secret generic kafka-jks-1 --from-file=kafka.truststore.jks=./kafka.truststore.jks --from-file=kafka.keystore.jks=./kafka-1.keystore.jks +``` + +> **Note**: the command above assumes you already created the truststore and keystores files. This [script](https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh) can help you with the JKS files generation. + +If, for some reason (like using Cert-Manager) you can not use the default JKS secret scheme, you can use the additional parameters: + +- `tls.jksTruststoreSecret` to define additional secret, where the `kafka.truststore.jks` is being kept. The truststore password **must** be the same as in `tls.password` +- `tls.jksTruststore` to overwrite the default value of the truststore key (`kafka.truststore.jks`). + +> **Note**: If you are using cert-manager, particularly when an ACME issuer is used, the `ca.crt` field is not put in the `Secret` that cert-manager creates. To handle this, the `tls.pemChainIncluded` property can be set to `true` and the initContainer created by this Chart will attempt to extract the intermediate certs from the `tls.crt` field of the secret (which is a PEM chain) +> **Note**: The truststore/keystore from above **must** be protected with the same password as in `tls.password` + +You can deploy the chart with authentication using the following parameters: + +```console +replicaCount=2 +listeners.client.client.protocol=SASL +listeners.client.interbroker.protocol=TLS +tls.existingSecret=kafka-jks +tls.password=jksPassword +sasl.client.users[0]=brokerUser +sasl.client.passwords[0]=brokerPassword +sasl.zookeeper.user=zookeeperUser +sasl.zookeeper.password=zookeeperPassword +zookeeper.auth.enabled=true +zookeeper.auth.serverUsers=zookeeperUser +zookeeper.auth.serverPasswords=zookeeperPassword +zookeeper.auth.clientUser=zookeeperUser +zookeeper.auth.clientPassword=zookeeperPassword +``` + +You can deploy the chart with AclAuthorizer using the following parameters: + +```console +replicaCount=2 +listeners.client.protocol=SASL +listeners.interbroker.protocol=SASL_TLS +tls.existingSecret=kafka-jks-0 +tls.password=jksPassword +sasl.client.users[0]=brokerUser +sasl.client.passwords[0]=brokerPassword +sasl.zookeeper.user=zookeeperUser +sasl.zookeeper.password=zookeeperPassword +zookeeper.auth.enabled=true +zookeeper.auth.serverUsers=zookeeperUser +zookeeper.auth.serverPasswords=zookeeperPassword +zookeeper.auth.clientUser=zookeeperUser +zookeeper.auth.clientPassword=zookeeperPassword +authorizerClassName=kafka.security.authorizer.AclAuthorizer +allowEveryoneIfNoAclFound=false +superUsers=User:admin +``` + +If you are using Kafka ACLs, you might encounter in kafka-authorizer.log the following event: `[...] Principal = User:ANONYMOUS is Allowed Operation [...]`. + +By setting the following parameter: `listeners.client.protocol=SSL` and `listener.client.sslClientAuth=required`, Kafka will require the clients to authenticate to Kafka brokers via certificate. + +As result, we will be able to see in kafka-authorizer.log the events specific Subject: `[...] Principal = User:CN=kafka,OU=...,O=...,L=...,C=..,ST=... is [...]`. + +If you also enable exposing metrics using the Kafka exporter, and you are using `SSL` or `SASL_SSL` security protocols protocols, you need to mount the CA certificated used to sign the brokers certificates in the exporter so it can validate the Kafka brokers. To do so, create a secret containing the CA, and set the `metrics.certificatesSecret` parameter. As an alternative, you can skip TLS validation using extra flags: + +```console +metrics.kafka.extraFlags={tls.insecure-skip-tls-verify: ""} +``` + +### Accessing Kafka brokers from outside the cluster + +In order to access Kafka Brokers from outside the cluster, an additional listener and advertised listener must be configured. Additionally, a specific service per kafka pod will be created. + +There are three ways of configuring external access. Using LoadBalancer services, using NodePort services or using ClusterIP services. + +#### Using LoadBalancer services + +You have two alternatives to use LoadBalancer services: + +- Option A) Use random load balancer IPs using an **initContainer** that waits for the IPs to be ready and discover them automatically. + +```console +externalAccess.enabled=true +externalAccess.service.broker.type=LoadBalancer +externalAccess.service.controller.type=LoadBalancer +externalAccess.service.broker.ports.external=9094 +externalAccess.service.controller.containerPorts.external=9094 +externalAccess.autoDiscovery.enabled=true +serviceAccount.create=true +rbac.create=true +``` + +Note: This option requires creating RBAC rules on clusters where RBAC policies are enabled. + +- Option B) Manually specify the load balancer IPs: + +```console +externalAccess.enabled=true +externalAccess.service.controller.type=LoadBalancer +externalAccess.service.controller.containerPorts.external=9094 +externalAccess.service.controller.loadBalancerIPs[0]='external-ip-1' +externalAccess.service.controller.loadBalancerIPs[1]='external-ip-2' +externalAccess.service.broker.type=LoadBalancer +externalAccess.service.broker.ports.external=9094 +externalAccess.service.broker.loadBalancerIPs[0]='external-ip-3' +externalAccess.service.broker.loadBalancerIPs[1]='external-ip-4' +``` + +Note: You need to know in advance the load balancer IPs so each Kafka broker advertised listener is configured with it. + +Following the aforementioned steps will also allow to connect the brokers from the outside using the cluster's default service (when `service.type` is `LoadBalancer` or `NodePort`). Use the property `service.externalPort` to specify the port used for external connections. + +#### Using NodePort services + +You have two alternatives to use NodePort services: + +- Option A) Use random node ports using an **initContainer** that discover them automatically. + + ```console + externalAccess.enabled=true + externalAccess.controller.service.type=NodePort + externalAccess.broker.service.type=NodePort + externalAccess.autoDiscovery.enabled=true + serviceAccount.create=true + rbac.create=true + ``` + + Note: This option requires creating RBAC rules on clusters where RBAC policies are enabled. + +- Option B) Manually specify the node ports: + + ```console + externalAccess.enabled=true + externalAccess.controller.service.type=NodePort + externalAccess.controller.service.nodePorts[0]='node-port-1' + externalAccess.controller.service.nodePorts[1]='node-port-2' + ``` + + Note: You need to know in advance the node ports that will be exposed so each Kafka broker advertised listener is configured with it. + + The pod will try to get the external ip of the node using `curl -s https://ipinfo.io/ip` unless `externalAccess.service.domain` or `externalAccess.service.useHostIPs` is provided. + +- Option C) Manually specify distinct external IPs (using controller+broker nodes) + + ```console + externalAccess.enabled=true + externalAccess.controller.service.type=NodePort + externalAccess.controller.service.externalIPs[0]='172.16.0.20' + externalAccess.controller.service.externalIPs[1]='172.16.0.21' + externalAccess.controller.service.externalIPs[2]='172.16.0.22' + ``` + + Note: You need to know in advance the available IP of your cluster that will be exposed so each Kafka broker advertised listener is configured with it. + +#### Using ClusterIP services + +Note: This option requires that an ingress is deployed within your cluster + +```console +externalAccess.enabled=true +externalAccess.controller.service.type=ClusterIP +externalAccess.controller.service.ports.external=9094 +externalAccess.controller.service.domain='ingress-ip' +externalAccess.broker.service.type=ClusterIP +externalAccess.broker.service.ports.external=9094 +externalAccess.broker.service.domain='ingress-ip' +``` + +Note: the deployed ingress must contain the following block: + +```console +tcp: + 9094: "{{ include "common.names.namespace" . }}/{{ include "common.names.fullname" . }}-0-external:9094" + 9095: "{{ include "common.names.namespace" . }}/{{ include "common.names.fullname" . }}-1-external:9094" + 9096: "{{ include "common.names.namespace" . }}/{{ include "common.names.fullname" . }}-2-external:9094" +``` + +#### Name resolution with External-DNS + +You can use the following values to generate External-DNS annotations which automatically creates DNS records for each ReplicaSet pod: + +```yaml +externalAccess: + service: + annotations: + external-dns.alpha.kubernetes.io/hostname: "{{ .targetPod }}.example.com" +``` + +### Sidecars + +If you have a need for additional containers to run within the same pod as Kafka (e.g. an additional metrics or logging exporter), you can do so via the `sidecars` config parameter. Simply define your container according to the Kubernetes container spec. + +```yaml +sidecars: + - name: your-image-name + image: your-image + imagePullPolicy: Always + ports: + - name: portname + containerPort: 1234 +``` + +### Setting Pod's affinity + +This chart allows you to set your custom affinity using the `affinity` parameter. Find more information about Pod's affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). + +As an alternative, you can use of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters. + +### Deploying extra resources + +There are cases where you may want to deploy extra objects, such as Kafka Connect. For covering this case, the chart allows adding the full specification of other objects using the `extraDeploy` parameter. The following example would create a deployment including a Kafka Connect deployment so you can connect Kafka with MongoDB®: + +```yaml +## Extra objects to deploy (value evaluated as a template) +## +extraDeploy: + - | + apiVersion: apps/v1 + kind: Deployment + metadata: + name: {{ include "common.names.fullname" . }}-connect + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: connector + spec: + replicas: 1 + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: connector + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/component: connector + spec: + containers: + - name: connect + image: KAFKA-CONNECT-IMAGE + imagePullPolicy: IfNotPresent + ports: + - name: connector + containerPort: 8083 + volumeMounts: + - name: configuration + mountPath: /bitnami/kafka/config + volumes: + - name: configuration + configMap: + name: {{ include "common.names.fullname" . }}-connect + - | + apiVersion: v1 + kind: ConfigMap + metadata: + name: {{ include "common.names.fullname" . }}-connect + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: connector + data: + connect-standalone.properties: |- + bootstrap.servers = {{ include "common.names.fullname" . }}-0.{{ include "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }}:{{ .Values.service.port }} + ... + mongodb.properties: |- + connection.uri=mongodb://root:password@mongodb-hostname:27017 + ... + - | + apiVersion: v1 + kind: Service + metadata: + name: {{ include "common.names.fullname" . }}-connect + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: connector + spec: + ports: + - protocol: TCP + port: 8083 + targetPort: connector + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: connector +``` + +You can create the Kafka Connect image using the Dockerfile below: + +```Dockerfile +FROM bitnami/kafka:latest +# Download MongoDB® Connector for Apache Kafka https://www.confluent.io/hub/mongodb/kafka-connect-mongodb +RUN mkdir -p /opt/bitnami/kafka/plugins && \ + cd /opt/bitnami/kafka/plugins && \ + curl --remote-name --location --silent https://search.maven.org/remotecontent?filepath=org/mongodb/kafka/mongo-kafka-connect/1.2.0/mongo-kafka-connect-1.2.0-all.jar +CMD /opt/bitnami/kafka/bin/connect-standalone.sh /opt/bitnami/kafka/config/connect-standalone.properties /opt/bitnami/kafka/config/mongo.properties +``` + +## Persistence + +The [Bitnami Kafka](https://github.com/bitnami/containers/tree/main/bitnami/kafka) image stores the Kafka data at the `/bitnami/kafka` path of the container. Persistent Volume Claims are used to keep the data across deployments. This is known to work in GCE, AWS, and minikube. + +### Adjust permissions of persistent volume mountpoint + +As the image run as non-root by default, it is necessary to adjust the ownership of the persistent volume so that the container can write data into it. + +By default, the chart is configured to use Kubernetes Security Context to automatically change the ownership of the volume. However, this feature does not work in all Kubernetes distributions. +As an alternative, this chart supports using an initContainer to change the ownership of the volume before mounting it in the final destination. + +You can enable this initContainer by setting `volumePermissions.enabled` to `true`. + +## Troubleshooting + +Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues). + +## Migrating from Zookeeper (Early access) + +This guide is an adaptation from upstream documentation: [Migrate from ZooKeeper to KRaft](https://docs.confluent.io/platform/current/installation/migrate-zk-kraft.html) + +1. Retrieve the cluster ID from Zookeeper: + + ```console + $ kubectl exec -it -- zkCli.sh get /cluster/id + /opt/bitnami/java/bin/java + Connecting to localhost:2181 + + WATCHER:: + + WatchedEvent state:SyncConnected type:None path:null + {"version":"1","id":"TEr3HVPvTqSWixWRHngP5g"} + ``` + +2. Deploy at least one Kraft controller-only in your deployment and enable `zookeeperMigrationMode=true`. The Kraft controllers will migrate the data from your Kafka ZkBroker to Kraft mode. + + To do so add the following values to your Zookeeper deployment when upgrading: + + ```yaml + controller: + replicaCount: 1 + controllerOnly: true + zookeeperMigrationMode: true + # If needed, set controllers minID to avoid conflict with your ZK brokers' ids. + # minID: 0 + broker: + zookeeperMigrationMode: true + kraft: + enabled: true + clusterId: "" + ``` + +3. Wait until until all brokers are ready. You should see the following log in the broker logs: + + ```console + INFO [KafkaServer id=100] Finished catching up on KRaft metadata log, requesting that the KRaft controller unfence this broker (kafka.server.KafkaServer) + INFO [BrokerLifecycleManager id=100 isZkBroker=true] The broker has been unfenced. Transitioning from RECOVERY to RUNNING. (kafka.server.BrokerLifecycleManager) + ``` + + In the controllers, the following message should show up: + + ```console + Transitioning ZK migration state from PRE_MIGRATION to MIGRATION (org.apache.kafka.controller.FeatureControlManager) + ``` + +4. Once all brokers have been successfully migrated, set `broker.zookeeperMigrationMode=false` to fully migrate them. + + ```yaml + broker: + zookeeperMigrationMode: false + ``` + +5. To conclude the migration, switch off migration mode on controllers and stop Zookeeper: + + ```yaml + controller: + zookeeperMigrationMode: false + zookeeper: + enabled: false + ``` + + After migration is complete, you should see the following message in your controllers: + + ```console + [2023-07-13 13:07:45,226] INFO [QuorumController id=1] Transitioning ZK migration state from MIGRATION to POST_MIGRATION (org.apache.kafka.controller.FeatureControlManager) + ``` + +6. (**Optional**) If you would like to switch to a non-dedicated cluster, set `controller.controllerOnly=false`. This will cause controller-only nodes to switch to controller+broker nodes. + + At that point, you could manually decommission broker-only nodes by reassigning its partitions to controller-eligible nodes. + + For more information about decommissioning kafka broker check the [Kafka documentation](https://www.confluent.io/blog/remove-kafka-brokers-from-any-cluster-the-easy-way/). + +## Upgrading + +### To 26.0.0 + +This major release bumps the Kafka version to 3.6 [kafka upgrade notes](https://kafka.apache.org/36/documentation.html#upgrade). + +### To 25.0.0 + +This major updates the Zookeeper subchart to it newest major, 12.0.0. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-1200). + +### To 24.0.0 + +This major version is a refactor of the Kafka chart and its architecture, to better adapt to Kraft features introduced in version 22.0.0. + +The changes introduced in this version are: + +- New architecture. The chart now has two statefulsets, one for controller-eligible nodes (controller or controller+broker) and another one for broker-only nodes. Please take a look at the subsections [Upgrading from Kraft mode](#upgrading-from-kraft-mode) and [Upgrading from Zookeeper mode](#upgrading-from-zookeeper-mode) for more information about how to upgrade this chart depending on which mode you were using. + + The new architecture is designed to support two main features: + - Deployment of dedicated nodes + - Support for Zookeeper to Kraft migration + +- Adds compatibility with `securityContext.readOnlyRootFs=true`, which is now the execution default. + - The Kafka configuration is now mounted as a ConfigMap instead of generated at runtime. + - Due to the implementation of readOnlyRootFs support, the following settings have been removed and will now rely on Kafka defaults. To override them, please use `extraConfig` to extend your Kafka configuration instead. + - `deleteTopicEnable` + - `autoCreateTopicsEnable` + - `logFlushIntervalMessages` + - `logFlushIntervalMs` + - `logRetentionBytes` + - `logRetentionCheckIntervalMs` + - `logRetentionHours` + - `logSegmentBytes` + - `logsDirs` + - `maxMessageBytes` + - `defaultReplicationFactor` + - `offsetsTopicReplicationFactor` + - `transactionStateLogReplicationFactor` + - `transactionStateLogMinIsr` + - `numIoThreads` + - `numNetworkThreads` + - `numPartitions` + - `numRecoveryThreadsPerDataDir` + - `socketReceiveBufferBytes` + - `socketRequestMaxBytes` + - `socketSendBufferBytes` + - `zookeeperConnectionTimeoutMs` + - `authorizerClassName` + - `allowEveryoneIfNoAclFound` + - `superUsers` +- All listeners are configured with protocol 'SASL_PLAINTEXT' by default. +- Support for SCRAM authentication in KRaft mode +- All statefulset settings have been moved from values' root to `controller.*` and `broker.*`. +- Refactor of listeners configuration: + - Settings `listeners`, `advertisedListeners` and `listenerSecurityProtocolMap` have been replaced with `listeners.*` object, which includes default listeners and each listener can be configured individually and extended using `listeners.extraListeners`. + - Values `interBrokerListenerName`, `allowPlaintextListener` have been removed. +- Refactor of SASL, SSL and ACL settings: + - Authentication nomenclature `plaintext,tls,mtls,sasl,sasl_tls` has been removed. Listeners are now configured using Kafka nomenclature `PLAINTEXT,SASL_PLAINTEXT,SASL_SSL,SSL` in `listeners.*.protocol`. + - mTLS is configured by default for SSL protocol listeners, while it can now also be configured for SASL_SSL listeners if `listener.*.sslClientAuth` is set. + - All SASL settings are now grouped under `sasl.*`. + - `auth.sasl.mechanisms` -> `sasl.enabledMechanisms` + - `auth.interBrokerMechanism` -> `sasl.interBrokerMechanism` + - `auth.sasl.jaas.clientUSers` -> `sasl.client.users` + - `auth.sasl.jaas.clientPasswords` -> `sasl.client.passwords` + - `auth.sasl.jaas.interBrokerUser` -> `sasl.interbroker.user` + - `auth.sasl.jaas.interBrokerPassword` -> `sasl.interbroker.password` + - `auth.sasl.jaas.zookeeperUser` -> `sasl.zookeeper.user` + - `auth.sasl.jaas.zookeeperPassword` -> `sasl.zookeeper.password` + - `auth.sasl.jaas.existingSecret` -> `sasl.existingSecret` + - Added support for Controller listener protocols other than PLAINTEXT. + - TLS settings have been moved from `auth.tls.*` to `tls.*`. + - Zookeeper TLS settings have been moved from `auth.zookeeper*` to `tls.zookeeper.*` +- Refactor externalAccess to support the new architecture: + - `externalAccess.service.*` have been renamed to `externalAccess.controller.service.*` and `externalAccess.broker.service.*`. + - Controller pods will not configure externalAccess unless either: + - `controller.controllerOnly=false` (default), meaning the pods are running as 'controller+broker' nodes; or + - `externalAccess.controller.service.forceExpose=true`, for use cases where controller-only nodes want to be exposed externally. + +#### Upgrading from Kraft mode + +If upgrading from Kraft mode, existing PVCs from Kafka containers should be reattached to 'controller' pods. + +#### Upgrading from Zookeeper mode + +If upgrading from Zookeeper mode, make sure you set 'controller.replicaCount=0' and reattach the existing PVCs to 'broker' pods. +This will allow you to perform a migration to Kraft mode in the future by following the 'Migrating from Zookeeper' section of this documentation. + +#### Retaining PersistentVolumes + +When upgrading the Kafka chart, you may want to retain your existing data. To do so, we recommend following this guide: + +**NOTE**: This guide requires the binaries 'kubectl' and 'jq'. + +```console +# Env variables +REPLICA=0 +OLD_PVC="data--kafka-${REPLICA}" +NEW_PVC="data--kafka--${REPLICA}" +PV_NAME=$(kubectl get pvc $OLD_PVC -o jsonpath="{.spec.volumeName}") +NEW_PVC_MANIFEST_FILE="$NEW_PVC.yaml" + +# Modify PV reclaim policy +kubectl patch pv $PV_NAME -p '{"spec":{"persistentVolumeReclaimPolicy":"Retain"}}' +# Manually check field 'RECLAIM POLICY' +kubectl get pv $PV_NAME + +# Create new PVC manifest +kubectl get pvc $OLD_PVC -o json | jq " + .metadata.name = \"$NEW_PVC\" + | with_entries( + select([.key] | + inside([\"metadata\", \"spec\", \"apiVersion\", \"kind\"])) + ) + | del( + .metadata.annotations, .metadata.creationTimestamp, + .metadata.finalizers, .metadata.resourceVersion, + .metadata.selfLink, .metadata.uid + ) + " > $NEW_PVC_MANIFEST_FILE +# Check manifest +cat $NEW_PVC_MANIFEST_FILE + +# Delete your old Statefulset and PVC +kubectl delete sts "-kafka" +kubectl delete pvc $OLD_PVC +# Make PV available again and create the new PVC +kubectl patch pv $PV_NAME -p '{"spec":{"claimRef": null}}' +kubectl apply -f $NEW_PVC_MANIFEST_FILE +``` + +Repeat this process for each replica you had in your Kafka cluster. Once completed, upgrade the cluster and the new Statefulset should reuse the existing PVCs. + +### To 23.0.0 + +This major updates Kafka to its newest version, 3.5.x. For more information, please refer to [kafka upgrade notes](https://kafka.apache.org/35/documentation.html#upgrade). + +### To 22.0.0 + +This major updates the Kafka's configuration to use Kraft by default. You can learn more about this configuration [here](https://developer.confluent.io/learn/kraft). Apart from seting the `kraft.enabled` parameter to `true`, we also made the following changes: + +- Renamed `minBrokerId` parameter to `minId` to set the minimum ID to use when configuring the node.id or broker.id parameter depending on the Kafka's configuration. This parameter sets the `KAFKA_CFG_NODE_ID` env var in the container. +- Updated the `containerPorts` and `service.ports` parameters to include the new controller port. + +### To 21.0.0 + +This major updates Kafka to its newest version, 3.4.x. For more information, please refer to [kafka upgrade notes](https://kafka.apache.org/34/documentation.html#upgrade). + +### To 20.0.0 + +This major updates the Zookeeper subchart to it newest major, 11.0.0. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-1100). + +### To 19.0.0 + +This major updates Kafka to its newest version, 3.3.x. For more information, please refer to [kafka upgrade notes](https://kafka.apache.org/33/documentation.html#upgrade). + +### To 18.0.0 + +This major updates the Zookeeper subchart to it newest major, 10.0.0. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-1000). + +### To 16.0.0 + +This major updates the Zookeeper subchart to it newest major, 9.0.0. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-900). + +### To 15.0.0 + +This major release bumps Kafka major version to `3.x` series. +It also renames several values in this chart and adds missing features, in order to be inline with the rest of assets in the Bitnami charts repository. Some affected values are: + +- `service.port`, `service.internalPort` and `service.externalPort` have been regrouped under the `service.ports` map. +- `metrics.kafka.service.port` has been regrouped under the `metrics.kafka.service.ports` map. +- `metrics.jmx.service.port` has been regrouped under the `metrics.jmx.service.ports` map. +- `updateStrategy` (string) and `rollingUpdatePartition` are regrouped under the `updateStrategy` map. +- Several parameters marked as deprecated `14.x.x` are not supported anymore. + +Additionally updates the ZooKeeper subchart to it newest major, `8.0.0`, which contains similar changes. + +### To 14.0.0 + +In this version, the `image` block is defined once and is used in the different templates, while in the previous version, the `image` block was duplicated for the main container and the provisioning one + +```yaml +image: + registry: docker.io + repository: bitnami/kafka + tag: 2.8.0 +``` + +VS + +```yaml +image: + registry: docker.io + repository: bitnami/kafka + tag: 2.8.0 +... +provisioning: + image: + registry: docker.io + repository: bitnami/kafka + tag: 2.8.0 +``` + +See [PR#7114](https://github.com/bitnami/charts/pull/7114) for more info about the implemented changes + +### To 13.0.0 + +This major updates the Zookeeper subchart to it newest major, 7.0.0, which renames all TLS-related settings. For more information on this subchart's major, please refer to [zookeeper upgrade notes](https://github.com/bitnami/charts/tree/main/bitnami/zookeeper#to-700). + +### To 12.2.0 + +This version also introduces `bitnami/common`, a [library chart](https://helm.sh/docs/topics/library_charts/#helm) as a dependency. More documentation about this new utility could be found [here](https://github.com/bitnami/charts/tree/main/bitnami/common#bitnami-common-library-chart). Please, make sure that you have updated the chart dependencies before executing any upgrade. + +### To 12.0.0 + +[On November 13, 2020, Helm v2 support was formally finished](https://github.com/helm/charts#status-of-the-project), this major version is the result of the required changes applied to the Helm Chart to be able to incorporate the different features added in Helm v3 and to be consistent with the Helm project itself regarding the Helm v2 EOL. + +#### What changes were introduced in this major version? + +- Previous versions of this Helm Chart use `apiVersion: v1` (installable by both Helm 2 and 3), this Helm Chart was updated to `apiVersion: v2` (installable by Helm 3 only). [Here](https://helm.sh/docs/topics/charts/#the-apiversion-field) you can find more information about the `apiVersion` field. +- Move dependency information from the *requirements.yaml* to the *Chart.yaml* +- After running `helm dependency update`, a *Chart.lock* file is generated containing the same structure used in the previous *requirements.lock* +- The different fields present in the *Chart.yaml* file has been ordered alphabetically in a homogeneous way for all the Bitnami Helm Charts + +#### Considerations when upgrading to this version + +- If you want to upgrade to this version from a previous one installed with Helm v3, you shouldn't face any issues +- If you want to upgrade to this version using Helm v2, this scenario is not supported as this version doesn't support Helm v2 anymore +- If you installed the previous version with Helm v2 and wants to upgrade to this version with Helm v3, please refer to the [official Helm documentation](https://helm.sh/docs/topics/v2_v3_migration/#migration-use-cases) about migrating from Helm v2 to v3 + +#### Useful links + +- +- +- + +### To 11.8.0 + +External access to brokers can now be achieved through the cluster's Kafka service. + +- `service.nodePort` -> deprecated in favor of `service.nodePorts.client` and `service.nodePorts.external` + +### To 11.7.0 + +The way to configure the users and passwords changed. Now it is allowed to create multiple users during the installation by providing the list of users and passwords. + +- `auth.jaas.clientUser` (string) -> deprecated in favor of `auth.jaas.clientUsers` (array). +- `auth.jaas.clientPassword` (string) -> deprecated in favor of `auth.jaas.clientPasswords` (array). + +### To 11.0.0 + +The way to configure listeners and athentication on Kafka is totally refactored allowing users to configure different authentication protocols on different listeners. Please check the [Listeners Configuration](#listeners-configuration) section for more information. + +Backwards compatibility is not guaranteed you adapt your values.yaml to the new format. Here you can find some parameters that were renamed or disappeared in favor of new ones on this major version: + +- `auth.enabled` -> deprecated in favor of `auth.clientProtocol` and `auth.interBrokerProtocol` parameters. +- `auth.ssl` -> deprecated in favor of `auth.clientProtocol` and `auth.interBrokerProtocol` parameters. +- `auth.certificatesSecret` -> renamed to `auth.jksSecret`. +- `auth.certificatesPassword` -> renamed to `auth.jksPassword`. +- `sslEndpointIdentificationAlgorithm` -> renamedo to `auth.tlsEndpointIdentificationAlgorithm`. +- `auth.interBrokerUser` -> renamed to `auth.jaas.interBrokerUser` +- `auth.interBrokerPassword` -> renamed to `auth.jaas.interBrokerPassword` +- `auth.zookeeperUser` -> renamed to `auth.jaas.zookeeperUser` +- `auth.zookeeperPassword` -> renamed to `auth.jaas.zookeeperPassword` +- `auth.existingSecret` -> renamed to `auth.jaas.existingSecret` +- `service.sslPort` -> deprecated in favor of `service.internalPort` +- `service.nodePorts.kafka` and `service.nodePorts.ssl` -> deprecated in favor of `service.nodePort` +- `metrics.kafka.extraFlag` -> new parameter +- `metrics.kafka.certificatesSecret` -> new parameter + +### To 10.0.0 + +If you are setting the `config` or `log4j` parameter, backwards compatibility is not guaranteed, because the `KAFKA_MOUNTED_CONFDIR` has moved from `/opt/bitnami/kafka/conf` to `/bitnami/kafka/config`. In order to continue using these parameters, you must also upgrade your image to `docker.io/bitnami/kafka:2.4.1-debian-10-r38` or later. + +### To 9.0.0 + +Backwards compatibility is not guaranteed you adapt your values.yaml to the new format. Here you can find some parameters that were renamed on this major version: + +```diff +- securityContext.enabled +- securityContext.fsGroup +- securityContext.fsGroup ++ podSecurityContext +- externalAccess.service.loadBalancerIP ++ externalAccess.service.loadBalancerIPs +- externalAccess.service.nodePort ++ externalAccess.service.nodePorts +- metrics.jmx.configMap.enabled +- metrics.jmx.configMap.overrideConfig ++ metrics.jmx.config +- metrics.jmx.configMap.overrideName ++ metrics.jmx.existingConfigmap +``` + +Ports names were prefixed with the protocol to comply with Istio (see ). + +### To 8.0.0 + +There is not backwards compatibility since the brokerID changes to the POD_NAME. For more information see [this PR](https://github.com/bitnami/charts/pull/2028). + +### To 7.0.0 + +Backwards compatibility is not guaranteed when Kafka metrics are enabled, unless you modify the labels used on the exporter deployments. +Use the workaround below to upgrade from versions previous to 7.0.0. The following example assumes that the release name is kafka: + +```console +helm upgrade kafka oci://REGISTRY_NAME/REPOSITORY_NAME/kafka --version 6.1.8 --set metrics.kafka.enabled=false +helm upgrade kafka oci://REGISTRY_NAME/REPOSITORY_NAME/kafka --version 7.0.0 --set metrics.kafka.enabled=true +``` + +> Note: You need to substitute the placeholders `REGISTRY_NAME` and `REPOSITORY_NAME` with a reference to your Helm chart registry and repository. For example, in the case of Bitnami, you need to use `REGISTRY_NAME=registry-1.docker.io` and `REPOSITORY_NAME=bitnamicharts`. + +### To 2.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to 2.0.0. The following example assumes that the release name is kafka: + +```console +kubectl delete statefulset kafka-kafka --cascade=false +kubectl delete statefulset kafka-zookeeper --cascade=false +``` + +### To 1.0.0 + +Backwards compatibility is not guaranteed unless you modify the labels used on the chart's deployments. +Use the workaround below to upgrade from versions previous to 1.0.0. The following example assumes that the release name is kafka: + +```console +kubectl delete statefulset kafka-kafka --cascade=false +kubectl delete statefulset kafka-zookeeper --cascade=false +``` + +## License + +Copyright © 2023 VMware, Inc. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/NOTES.txt new file mode 100644 index 0000000000..69d2859134 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/NOTES.txt @@ -0,0 +1,333 @@ +CHART NAME: {{ .Chart.Name }} +CHART VERSION: {{ .Chart.Version }} +APP VERSION: {{ .Chart.AppVersion }} + +{{- if .Values.diagnosticMode.enabled }} +The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with: + + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }} + +Get the list of pods by executing: + + kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }} + +Access the pod you want to debug by executing + + kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash + +In order to replicate the container startup scripts execute this command: + + /opt/bitnami/scripts/kafka/entrypoint.sh /opt/bitnami/scripts/kafka/run.sh + +{{- else }} + +{{- $releaseNamespace := .Release.Namespace }} +{{- $clusterDomain := .Values.clusterDomain }} +{{- $fullname := include "common.names.fullname" . }} +{{- $clientPort := int .Values.listeners.client.containerPort }} + +{{- if and (or (eq .Values.service.type "LoadBalancer") .Values.externalAccess.enabled) (eq (upper .Values.listeners.external.protocol) "PLAINTEXT") }} +--------------------------------------------------------------------------------------------- + WARNING + + By specifying "serviceType=LoadBalancer" and not configuring the authentication + you have most likely exposed the Kafka service externally without any + authentication mechanism. + + For security reasons, we strongly suggest that you switch to "ClusterIP" or + "NodePort". As alternative, you can also configure the Kafka authentication. + +--------------------------------------------------------------------------------------------- +{{- end }} + +** Please be patient while the chart is being deployed ** + +Kafka can be accessed by consumers via port {{ $clientPort }} on the following DNS name from within your cluster: + + {{ $fullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }} + +Each Kafka broker can be accessed by producers via port {{ $clientPort }} on the following DNS name(s) from within your cluster: + +{{- $brokerList := list }} +{{- range $i := until (int .Values.controller.replicaCount) }} +{{- $brokerList = append $brokerList (printf "%s-controller-%d.%s-controller-headless.%s.svc.%s:%d" $fullname $i $fullname $releaseNamespace $clusterDomain $clientPort) }} +{{- end }} +{{- range $i := until (int .Values.broker.replicaCount) }} +{{- $brokerList = append $brokerList (printf "%s-broker-%d.%s-broker-headless.%s.svc.%s:%d" $fullname $i $fullname $releaseNamespace $clusterDomain $clientPort) }} +{{- end }} +{{ join "\n" $brokerList | nindent 4 }} +{{- $clientSaslEnabled := regexFind "SASL" (upper .Values.listeners.client.protocol) }} +{{- $clientSslEnabled := regexFind "SSL" (upper .Values.listeners.client.protocol) }} +{{- $clientMTlsEnabled := or (and .Values.listeners.client.sslClientAuth (not (eq .Values.listeners.client.sslClientAuth "none"))) (and (empty .Values.listeners.client.sslClientAuth) (not (eq .Values.tls.sslClientAuth "none"))) }} +{{- if or $clientSaslEnabled $clientSslEnabled }} + +The {{ upper .Values.listeners.client.name }} listener for Kafka client connections from within your cluster have been configured with the following security settings: + {{- if $clientSaslEnabled }} + - SASL authentication + {{- end }} + {{- if $clientSslEnabled }} + - TLS encryption + {{- end }} + {{- if and $clientSslEnabled $clientMTlsEnabled }} + - mTLS authentication + {{- end }} + +To connect a client to your Kafka, you need to create the 'client.properties' configuration files with the content below: + +security.protocol={{ .Values.listeners.client.protocol }} +{{- if $clientSaslEnabled }} +{{- if regexFind "OAUTHBEARER" (upper .Values.sasl.enabledMechanisms ) }} +sasl.jaas.config="org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required"\ + clientId="" \ + password=""; +sasl.login.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerLoginCallbackHandler +sasl.oauthbearer.token.endpoint.url={{ .Values.sasl.oauthbearer.tokenEndpointUrl }} +{{- else }} +{{- if regexFind "SCRAM-SHA-256" (upper .Values.sasl.enabledMechanisms) }} +sasl.mechanism=SCRAM-SHA-256 +{{- else if regexFind "SCRAM-SHA-512" (upper .Values.sasl.enabledMechanisms) }} +sasl.mechanism=SCRAM-SHA-512 +{{- else if regexFind "PLAIN" (upper .Values.sasl.enabledMechanisms) }} +sasl.mechanism=PLAIN +{{- end }} +{{- $securityModule := ternary "org.apache.kafka.common.security.scram.ScramLoginModule required" "org.apache.kafka.common.security.plain.PlainLoginModule required" (regexMatch "SCRAM" (upper .Values.sasl.enabledMechanisms)) }} +sasl.jaas.config={{ $securityModule }} \ + username="{{ index .Values.sasl.client.users 0 }}" \ + password="$(kubectl get secret {{ $fullname }}-user-passwords --namespace {{ $releaseNamespace }} -o jsonpath='{.data.client-passwords}' | base64 -d | cut -d , -f 1)"; +{{- end }} +{{- end }} +{{- if $clientSslEnabled }} +{{- $clientTlsType := upper .Values.tls.type }} +ssl.truststore.type={{ $clientTlsType }} +{{- if eq $clientTlsType "JKS" }} +ssl.truststore.location=/tmp/kafka.truststore.jks +# Uncomment this line if your client truststore is password protected +#ssl.truststore.password= +{{- else if eq $clientTlsType "PEM" }} +ssl.truststore.certificates=-----BEGIN CERTIFICATE----- \ +... \ +-----END CERTIFICATE----- +{{- end }} +{{- if and $clientMTlsEnabled }} +ssl.keystore.type={{ $clientTlsType }} +{{- if eq $clientTlsType "JKS" }} +ssl.keystore.location=/tmp/client.keystore.jks +# Uncomment this line if your client truststore is password protected +#ssl.keystore.password= +{{- else if eq $clientTlsType "PEM" }} +ssl.keystore.certificate.chain=-----BEGIN CERTIFICATE----- \ +... \ +-----END CERTIFICATE----- +ssl.keystore.key=-----BEGIN ENCRYPTED PRIVATE KEY----- \ +... \ +-----END ENCRYPTED PRIVATE KEY----- +{{- end }} +{{- end }} +{{- if eq .Values.tls.endpointIdentificationAlgorithm "" }} +ssl.endpoint.identification.algorithm= +{{- end }} +{{- end }} +{{- end }} + +To create a pod that you can use as a Kafka client run the following commands: + + kubectl run {{ $fullname }}-client --restart='Never' --image {{ template "kafka.image" . }} --namespace {{ $releaseNamespace }} --command -- sleep infinity + {{- if or $clientSaslEnabled $clientSslEnabled }} + kubectl cp --namespace {{ $releaseNamespace }} /path/to/client.properties {{ $fullname }}-client:/tmp/client.properties + {{- end }} + {{- if and $clientSslEnabled (eq (upper .Values.tls.type) "JKS") }} + kubectl cp --namespace {{ $releaseNamespace }} ./kafka.truststore.jks {{ $fullname }}-client:/tmp/kafka.truststore.jks + {{- if $clientMTlsEnabled }} + kubectl cp --namespace {{ $releaseNamespace }} ./client.keystore.jks {{ $fullname }}-client:/tmp/client.keystore.jks + {{- end }} + {{- end }} + kubectl exec --tty -i {{ $fullname }}-client --namespace {{ $releaseNamespace }} -- bash + + PRODUCER: + kafka-console-producer.sh \ + {{- if or $clientSaslEnabled $clientSslEnabled }} + --producer.config /tmp/client.properties \ + {{- end }} + --broker-list {{ join "," $brokerList }} \ + --topic test + + CONSUMER: + kafka-console-consumer.sh \ + {{- if or $clientSaslEnabled $clientSslEnabled }} + --consumer.config /tmp/client.properties \ + {{- end }} + --bootstrap-server {{ $fullname }}.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ .Values.service.ports.client }} \ + --topic test \ + --from-beginning + +{{- if .Values.externalAccess.enabled }} +{{- if or (not .Values.kraft.enabled) (not .Values.controller.controllerOnly) .Values.externalAccess.controller.forceExpose }} + +{{- if not .Values.kraft.enabled }} +To connect to your Kafka nodes from outside the cluster, follow these instructions: +{{- else if and .Values.controller.controllerOnly .Values.externalAccess.controller.forceExpose }} +To connect to your Kafka controller-only nodes from outside the cluster, follow these instructions: +{{- else }} +To connect to your Kafka controller+broker nodes from outside the cluster, follow these instructions: +{{- end }} + +{{- if eq "NodePort" .Values.externalAccess.controller.service.type }} + {{- if .Values.externalAccess.controller.service.domain }} + Kafka brokers domain: Use your provided hostname to reach Kafka brokers, {{ .Values.externalAccess.controller.service.domain }} + + {{- else }} + Kafka brokers domain: You can get the external node IP from the Kafka configuration file with the following commands (Check the EXTERNAL listener) + + 1. Obtain the pod name: + + kubectl get pods --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka" + + 2. Obtain pod configuration: + + kubectl exec -it KAFKA_POD -- cat /opt/bitnami/kafka/config/server.properties | grep advertised.listeners + + {{- end }} + Kafka brokers port: You will have a different node port for each Kafka broker. You can get the list of configured node ports using the command below: + + echo "$(kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -o jsonpath='{.items[*].spec.ports[0].nodePort}' | tr ' ' '\n')" + +{{- else if eq "LoadBalancer" .Values.externalAccess.controller.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IPs to be available. + + Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -w' + + Kafka Brokers domain: You will have a different external IP for each Kafka broker. You can get the list of external IPs using the command below: + + echo "$(kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -o jsonpath='{.items[*].status.loadBalancer.ingress[0].ip}' | tr ' ' '\n')" + + Kafka Brokers port: {{ .Values.externalAccess.controller.service.ports.external }} + +{{- else if eq "ClusterIP" .Values.externalAccess.controller.service.type }} + Kafka brokers domain: Use your provided hostname to reach Kafka brokers, {{ .Values.externalAccess.controller.service.domain }} + + Kafka brokers port: You will have a different port for each Kafka broker starting at {{ .Values.externalAccess.controller.service.ports.external }} + +{{- end }} +{{- end }} + +{{- $brokerReplicaCount := int .Values.broker.replicaCount -}} +{{- if gt $brokerReplicaCount 0 }} +To connect to your Kafka broker nodes from outside the cluster, follow these instructions: + +{{- if eq "NodePort" .Values.externalAccess.broker.service.type }} + {{- if .Values.externalAccess.broker.service.domain }} + Kafka brokers domain: Use your provided hostname to reach Kafka brokers, {{ .Values.externalAccess.broker.service.domain }} + + {{- else }} + Kafka brokers domain: You can get the external node IP from the Kafka configuration file with the following commands (Check the EXTERNAL listener) + + 1. Obtain the pod name: + + kubectl get pods --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka" + + 2. Obtain pod configuration: + + kubectl exec -it KAFKA_POD -- cat /opt/bitnami/kafka/config/server.properties | grep advertised.listeners + + {{- end }} + Kafka brokers port: You will have a different node port for each Kafka broker. You can get the list of configured node ports using the command below: + + echo "$(kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -o jsonpath='{.items[*].spec.ports[0].nodePort}' | tr ' ' '\n')" + +{{- else if eq "LoadBalancer" .Values.externalAccess.broker.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IPs to be available. + + Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -w' + + Kafka Brokers domain: You will have a different external IP for each Kafka broker. You can get the list of external IPs using the command below: + + echo "$(kubectl get svc --namespace {{ include "common.names.namespace" . }} -l "app.kubernetes.io/name={{ template "kafka.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=kafka,pod" -o jsonpath='{.items[*].status.loadBalancer.ingress[0].ip}' | tr ' ' '\n')" + + Kafka Brokers port: {{ .Values.externalAccess.broker.service.ports.external }} + +{{- else if eq "ClusterIP" .Values.externalAccess.broker.service.type }} + Kafka brokers domain: Use your provided hostname to reach Kafka brokers, {{ .Values.externalAccess.broker.service.domain }} + + Kafka brokers port: You will have a different port for each Kafka broker starting at {{ .Values.externalAccess.broker.service.ports.external }} + +{{- end }} +{{- end }} +{{- if or $clientSaslEnabled $clientSslEnabled }} +{{- $externalSaslEnabled := regexFind "SASL" (upper .Values.listeners.external.protocol) }} +{{- $externalSslEnabled := regexFind "SSL" (upper .Values.listeners.external.protocol) }} +{{- $externalMTlsEnabled := or (and .Values.listeners.external.sslClientAuth (not (eq .Values.listeners.external.sslClientAuth "none"))) (and (empty .Values.listeners.external.sslClientAuth) (not (eq .Values.tls.sslClientAuth "none"))) }} + +The {{ upper .Values.listeners.external.name }} listener for Kafka client connections from within your cluster have been configured with the following settings: + {{- if $externalSaslEnabled }} + - SASL authentication + {{- end }} + {{- if $externalSslEnabled }} + - TLS encryption + {{- end }} + {{- if and $externalSslEnabled $externalMTlsEnabled }} + - mTLS authentication + {{- end }} + +To connect a client to your Kafka, you need to create the 'client.properties' configuration files with the content below: + +security.protocol={{ .Values.listeners.external.protocol }} +{{- if $externalSaslEnabled }} +{{- if regexFind "OAUTHBEARER" (upper .Values.sasl.enabledMechanisms ) }} +sasl.jaas.config="org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required"\ + clientId="" \ + password=""; +sasl.login.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerLoginCallbackHandler +sasl.oauthbearer.token.endpoint.url={{ .Values.sasl.oauthbearer.tokenEndpointUrl }} +{{- else }} +{{- if regexFind "SCRAM-SHA-256" (upper .Values.sasl.enabledMechanisms) }} +sasl.mechanism=SCRAM-SHA-256 +{{- else if regexFind "SCRAM-SHA-512" (upper .Values.sasl.enabledMechanisms) }} +sasl.mechanism=SCRAM-SHA-512 +{{- else }} +sasl.mechanism=PLAIN +{{- end }} +{{- $securityModule := ternary "org.apache.kafka.common.security.scram.ScramLoginModule required" "org.apache.kafka.common.security.plain.PlainLoginModule required" (regexMatch "SCRAM" (upper .Values.sasl.enabledMechanisms)) }} +sasl.jaas.config={{ $securityModule }} \ + username="{{ index .Values.sasl.client.users 0 }}" \ + password="$(kubectl get secret {{ $fullname }}-user-passwords --namespace {{ $releaseNamespace }} -o jsonpath='{.data.client-passwords}' | base64 -d | cut -d , -f 1)"; +{{- end }} +{{- end }} +{{- if $externalSslEnabled }} +{{- $clientTlsType := upper .Values.tls.type }} +ssl.truststore.type={{ $clientTlsType }} +{{- if eq $clientTlsType "JKS" }} +ssl.truststore.location=/tmp/kafka.truststore.jks +# Uncomment this line if your client truststore is password protected +#ssl.truststore.password= +{{- else if eq $clientTlsType "PEM" }} +ssl.truststore.certificates=-----BEGIN CERTIFICATE----- \ +... \ +-----END CERTIFICATE----- +{{- end }} +{{- if and $externalMTlsEnabled }} +ssl.keystore.type={{ $clientTlsType }} +{{- if eq $clientTlsType "JKS" }} +ssl.keystore.location=/tmp/client.keystore.jks +# Uncomment this line if your client truststore is password protected +#ssl.keystore.password= +{{- else if eq $clientTlsType "PEM" }} +ssl.keystore.certificate.chain=-----BEGIN CERTIFICATE----- \ +... \ +-----END CERTIFICATE----- +ssl.keystore.key=-----BEGIN ENCRYPTED PRIVATE KEY----- \ +... \ +-----END ENCRYPTED PRIVATE KEY----- +{{- end }} +{{- end }} +{{- if eq .Values.tls.endpointIdentificationAlgorithm "" }} +ssl.endpoint.identification.algorithm= +{{- end }} +{{- end }} + +{{- end }} +{{- end }} +{{- end }} + +{{- include "kafka.checkRollingTags" . }} +{{- include "kafka.validateValues" . }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/_helpers.tpl new file mode 100644 index 0000000000..d70a7e57ae --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/_helpers.tpl @@ -0,0 +1,1802 @@ +{{/* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{/* vim: set filetype=mustache: */}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "kafka.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified zookeeper name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "kafka.zookeeper.fullname" -}} +{{- if .Values.zookeeper.fullnameOverride -}} +{{- .Values.zookeeper.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default "zookeeper" .Values.zookeeper.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* + Create the name of the service account to use + */}} +{{- define "kafka.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Storage Class +{{ include "common.storage.class" ( dict "persistence" .Values.path.to.the.persistence "global" $) }} +*/}} +{{- define "common.storage.class" -}} + +{{- $storageClass := .persistence.storageClass -}} +{{- if .global -}} + {{- if .global.storageClass -}} + {{- $storageClass = .global.storageClass -}} + {{- end -}} +{{- end -}} + +{{- if $storageClass -}} + {{- if (eq "-" $storageClass) -}} + {{- printf "storageClassName: \"\"" -}} + {{- else }} + {{- printf "storageClassName: %s" $storageClass -}} + {{- end -}} +{{- end -}} + +{{- end -}} + +{{/* +Warning about using rolling tag. +Usage: +{{ include "common.warnings.rollingTag" .Values.path.to.the.imageRoot }} +*/}} +{{- define "common.warnings.rollingTag" -}} + +{{- if and (contains "bitnami/" .repository) (not (.tag | toString | regexFind "-r\\d+$|sha256:")) }} +WARNING: Rolling tag detected ({{ .repository }}:{{ .tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment. ++info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/ +{{- end }} + +{{- end -}} + +{{/* +Return the proper Kafka image name +*/}} +{{- define "kafka.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper image name (for the init container auto-discovery image) +*/}} +{{- define "kafka.externalAccess.autoDiscovery.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.externalAccess.autoDiscovery.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper image name (for the init container volume-permissions image) +*/}} +{{- define "kafka.volumePermissions.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Kafka exporter image name +*/}} +{{- define "kafka.metrics.kafka.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.metrics.kafka.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper JMX exporter image name +*/}} +{{- define "kafka.metrics.jmx.image" -}} +{{ include "common.images.image" (dict "imageRoot" .Values.metrics.jmx.image "global" .Values.global) }} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names +*/}} +{{- define "kafka.imagePullSecrets" -}} +{{ include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.externalAccess.autoDiscovery.image .Values.volumePermissions.image .Values.metrics.kafka.image .Values.metrics.jmx.image) "global" .Values.global) }} +{{- end -}} + +{{/* +Create a default fully qualified Kafka exporter name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "kafka.metrics.kafka.fullname" -}} + {{- printf "%s-exporter" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} +{{- end -}} + +{{/* + Create the name of the service account to use for Kafka exporter pods + */}} +{{- define "kafka.metrics.kafka.serviceAccountName" -}} +{{- if .Values.metrics.kafka.serviceAccount.create -}} + {{ default (include "kafka.metrics.kafka.fullname" .) .Values.metrics.kafka.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.metrics.kafka.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return true if encryption via TLS for client connections should be configured +*/}} +{{- define "kafka.sslEnabled" -}} +{{- $res := "" -}} +{{- $listeners := list .Values.listeners.client .Values.listeners.interbroker -}} +{{- range $i := .Values.listeners.extraListeners -}} +{{- $listeners = append $listeners $i -}} +{{- end -}} +{{- if and .Values.externalAccess.enabled -}} +{{- $listeners = append $listeners .Values.listeners.external -}} +{{- end -}} +{{- if and .Values.kraft.enabled -}} +{{- $listeners = append $listeners .Values.listeners.controller -}} +{{- end -}} +{{- range $listener := $listeners -}} +{{- if regexFind "SSL" (upper $listener.protocol) -}} +{{- $res = "true" -}} +{{- end -}} +{{- end -}} +{{- if $res -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if SASL connections should be configured +*/}} +{{- define "kafka.saslEnabled" -}} +{{- $res := "" -}} +{{- if (include "kafka.client.saslEnabled" .) -}} +{{- $res = "true" -}} +{{- else -}} +{{- $listeners := list .Values.listeners.interbroker -}} +{{- if and .Values.kraft.enabled -}} +{{- $listeners = append $listeners .Values.listeners.controller -}} +{{- end -}} +{{- range $listener := $listeners -}} +{{- if regexFind "SASL" (upper $listener.protocol) -}} +{{- $res = "true" -}} +{{- end -}} +{{- end -}} +{{- end -}} +{{- if $res -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if SASL connections should be configured +*/}} +{{- define "kafka.client.saslEnabled" -}} +{{- $res := "" -}} +{{- $listeners := list .Values.listeners.client -}} +{{- range $i := .Values.listeners.extraListeners -}} +{{- $listeners = append $listeners $i -}} +{{- end -}} +{{- if and .Values.externalAccess.enabled -}} +{{- $listeners = append $listeners .Values.listeners.external -}} +{{- end -}} +{{- range $listener := $listeners -}} +{{- if regexFind "SASL" (upper $listener.protocol) -}} +{{- $res = "true" -}} +{{- end -}} +{{- end -}} +{{- if $res -}} +{{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if a sasl mechanism that uses usernames and passwords is in use +*/}} +{{- define "kafka.saslUserPasswordsEnabled" -}} +{{- if (include "kafka.saslEnabled" .) -}} +{{- if or (regexFind "PLAIN" (upper .Values.sasl.enabledMechanisms)) (regexFind "SCRAM" (upper .Values.sasl.enabledMechanisms)) -}} +true +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if a sasl mechanism that uses client IDs and client secrets is in use +*/}} +{{- define "kafka.saslClientSecretsEnabled" -}} +{{- if (include "kafka.saslEnabled" .) -}} +{{- if (regexFind "OAUTHBEARER" (upper .Values.sasl.enabledMechanisms)) -}} +true +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the security module based on the provided sasl mechanism +*/}} +{{- define "kafka.saslSecurityModule" -}} +{{- if eq "PLAIN" .mechanism -}} +org.apache.kafka.common.security.plain.PlainLoginModule required +{{- else if regexFind "SCRAM" .mechanism -}} +org.apache.kafka.common.security.scram.ScramLoginModule required +{{- else if eq "OAUTHBEARER" .mechanism -}} +org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka SASL credentials secret +*/}} +{{- define "kafka.saslSecretName" -}} +{{- if .Values.sasl.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.sasl.existingSecret "context" $) -}} +{{- else -}} + {{- printf "%s-user-passwords" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a SASL credentials secret object should be created +*/}} +{{- define "kafka.createSaslSecret" -}} +{{- $secretName := .Values.sasl.existingSecret -}} +{{- if and (or (include "kafka.saslEnabled" .) (or .Values.zookeeper.auth.client.enabled .Values.sasl.zookeeper.user)) (empty $secretName) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS credentials secret object should be created +*/}} +{{- define "kafka.tlsSecretName" -}} +{{- if .Values.tls.existingSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.tls.existingSecret "context" $) -}} +{{- else -}} + {{- printf "%s-tls" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS credentials secret object should be created +*/}} +{{- define "kafka.createTlsSecret" -}} +{{- if and (include "kafka.sslEnabled" .) (empty .Values.tls.existingSecret) .Values.tls.autoGenerated -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka TLS credentials secret +*/}} +{{- define "kafka.tlsPasswordsSecretName" -}} +{{- if .Values.tls.passwordsSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.tls.passwordsSecret "context" $) -}} +{{- else -}} + {{- printf "%s-tls-passwords" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS credentials secret object should be created +*/}} +{{- define "kafka.createTlsPasswordsSecret" -}} +{{- $secretName := .Values.tls.passwordsSecret -}} +{{- if and (include "kafka.sslEnabled" .) (or (empty $secretName) .Values.tls.autoGenerated ) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka TLS credentials secret +*/}} +{{- define "kafka.zookeeper.tlsPasswordsSecretName" -}} +{{- if .Values.tls.zookeeper.passwordsSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.tls.zookeeper.passwordsSecret "context" $) -}} +{{- else -}} + {{- printf "%s-zookeeper-tls-passwords" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a TLS credentials secret object should be created +*/}} +{{- define "kafka.zookeeper.createTlsPasswordsSecret" -}} +{{- $secretName := .Values.tls.zookeeper.passwordsSecret -}} +{{- if and .Values.tls.zookeeper.enabled (or (empty $secretName) .Values.tls.zookeeper.keystorePassword .Values.tls.zookeeper.truststorePassword ) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the secret name for the Kafka Provisioning client +*/}} +{{- define "kafka.client.passwordsSecretName" -}} +{{- if .Values.provisioning.auth.tls.passwordsSecret -}} + {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.auth.tls.passwordsSecret "context" $) -}} +{{- else -}} + {{- printf "%s-client-secret" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for the Kafka Provisioning client +*/}} +{{- define "kafka.provisioning.serviceAccountName" -}} +{{- if .Values.provisioning.serviceAccount.create -}} + {{ default (include "common.names.fullname" .) .Values.provisioning.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.provisioning.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka controller-eligible configuration configmap +*/}} +{{- define "kafka.controller.configmapName" -}} +{{- if .Values.controller.existingConfigmap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.existingConfigmap "context" $) -}} +{{- else if .Values.existingConfigmap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.existingConfigmap "context" $) -}} +{{- else -}} + {{- printf "%s-controller-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka controller-eligible secret configuration +*/}} +{{- define "kafka.controller.secretConfigName" -}} +{{- if .Values.controller.existingSecretConfig -}} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.existingSecretConfig "context" $) -}} +{{- else if .Values.existingSecretConfig -}} + {{- include "common.tplvalues.render" (dict "value" .Values.existingSecretConfig "context" $) -}} +{{- else -}} + {{- printf "%s-controller-secret-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka controller-eligible secret configuration values +*/}} +{{- define "kafka.controller.secretConfig" -}} +{{- if .Values.secretConfig }} +{{- include "common.tplvalues.render" ( dict "value" .Values.secretConfig "context" $ ) }} +{{- end }} +{{- if .Values.controller.secretConfig }} +{{- include "common.tplvalues.render" ( dict "value" .Values.controller.secretConfig "context" $ ) }} +{{- end }} +{{- end -}} + +{{/* +Return true if a configmap object should be created for controller-eligible pods +*/}} +{{- define "kafka.controller.createConfigmap" -}} +{{- if and (not .Values.controller.existingConfigmap) (not .Values.existingConfigmap) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object with config should be created for controller-eligible pods +*/}} +{{- define "kafka.controller.createSecretConfig" -}} +{{- if and (or .Values.controller.secretConfig .Values.secretConfig) (and (not .Values.controller.existingSecretConfig) (not .Values.existingSecretConfig)) }} + {{- true -}} +{{- end -}} +{{- end -}} +{{/* +Return true if a secret object with config exists for controller-eligible pods +*/}} +{{- define "kafka.controller.secretConfigExists" -}} +{{- if or .Values.controller.secretConfig .Values.secretConfig .Values.controller.existingSecretConfig .Values.existingSecretConfig }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka broker configuration configmap +*/}} +{{- define "kafka.broker.configmapName" -}} +{{- if .Values.broker.existingConfigmap -}} + {{- printf "%s" (tpl .Values.broker.existingConfigmap $) -}} +{{- else if .Values.existingConfigmap -}} + {{- printf "%s" (tpl .Values.existingConfigmap $) -}} +{{- else -}} + {{- printf "%s-broker-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka broker secret configuration +*/}} +{{- define "kafka.broker.secretConfigName" -}} +{{- if .Values.broker.existingSecretConfig -}} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.existingSecretConfig "context" $) -}} +{{- else if .Values.existingSecretConfig -}} + {{- include "common.tplvalues.render" (dict "value" .Values.existingSecretConfig "context" $) -}} +{{- else -}} + {{- printf "%s-broker-secret-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka broker secret configuration values +*/}} +{{- define "kafka.broker.secretConfig" -}} +{{- if .Values.secretConfig }} +{{- include "common.tplvalues.render" ( dict "value" .Values.secretConfig "context" $ ) }} +{{- end }} +{{- if .Values.broker.secretConfig }} +{{- include "common.tplvalues.render" ( dict "value" .Values.broker.secretConfig "context" $ ) }} +{{- end }} +{{- end -}} + +{{/* +Return true if a configmap object should be created for broker pods +*/}} +{{- define "kafka.broker.createConfigmap" -}} +{{- if and (not .Values.broker.existingConfigmap) (not .Values.existingConfigmap) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object with config should be created for broker pods +*/}} +{{- define "kafka.broker.createSecretConfig" -}} +{{- if and (or .Values.broker.secretConfig .Values.secretConfig) (and (not .Values.broker.existingSecretConfig) (not .Values.existingSecretConfig)) }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a secret object with config exists for broker pods +*/}} +{{- define "kafka.broker.secretConfigExists" -}} +{{- if or .Values.broker.secretConfig .Values.secretConfig .Values.broker.existingSecretConfig .Values.existingSecretConfig }} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka log4j ConfigMap name. +*/}} +{{- define "kafka.log4j.configMapName" -}} +{{- if .Values.existingLog4jConfigMap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.existingLog4jConfigMap "context" $) -}} +{{- else -}} + {{- printf "%s-log4j-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return the SASL mechanism to use for the Kafka exporter to access Kafka +The exporter uses a different nomenclature so we need to do this hack +*/}} +{{- define "kafka.metrics.kafka.saslMechanism" -}} +{{- $saslMechanisms := .Values.sasl.enabledMechanisms }} +{{- if contains "OAUTHBEARER" (upper $saslMechanisms) }} + {{- print "oauthbearer" -}} +{{- else if contains "SCRAM-SHA-512" (upper $saslMechanisms) }} + {{- print "scram-sha512" -}} +{{- else if contains "SCRAM-SHA-256" (upper $saslMechanisms) }} + {{- print "scram-sha256" -}} +{{- else if contains "PLAIN" (upper $saslMechanisms) }} + {{- print "plain" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the Kafka configuration configmap +*/}} +{{- define "kafka.metrics.jmx.configmapName" -}} +{{- if .Values.metrics.jmx.existingConfigmap -}} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.jmx.existingConfigmap "context" $) -}} +{{- else -}} + {{ printf "%s-jmx-configuration" (include "common.names.fullname" .) -}} +{{- end -}} +{{- end -}} + +{{/* +Return true if a configmap object should be created +*/}} +{{- define "kafka.metrics.jmx.createConfigmap" -}} +{{- if and .Values.metrics.jmx.enabled .Values.metrics.jmx.config (not .Values.metrics.jmx.existingConfigmap) -}} + {{- true -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the Kafka listeners settings based on the listeners.* object +*/}} +{{- define "kafka.listeners" -}} +{{- if .context.Values.listeners.overrideListeners -}} + {{- printf "%s" .context.Values.listeners.overrideListeners -}} +{{- else -}} + {{- $listeners := list .context.Values.listeners.client .context.Values.listeners.interbroker -}} + {{- if and .context.Values.externalAccess.enabled -}} + {{- $listeners = append $listeners .context.Values.listeners.external -}} + {{- end -}} + {{- if and .context.Values.kraft.enabled .isController -}} + {{- if and .context.Values.controller.controllerOnly -}} + {{- $listeners = list .context.Values.listeners.controller -}} + {{- else -}} + {{- $listeners = append $listeners .context.Values.listeners.controller -}} + {{- end -}} + {{- end -}} + {{- $res := list -}} + {{- range $listener := $listeners -}} + {{- $res = append $res (printf "%s://:%d" (upper $listener.name) (int $listener.containerPort)) -}} + {{- end -}} + {{- printf "%s" (join "," $res) -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the list of advertised listeners, although the advertised address will be replaced during each node init time +*/}} +{{- define "kafka.advertisedListeners" -}} +{{- if .Values.listeners.advertisedListeners -}} + {{- printf "%s" .Values.listeners.advertisedListeners -}} +{{- else -}} + {{- $listeners := list .Values.listeners.client .Values.listeners.interbroker -}} + {{- range $i := .Values.listeners.extraListeners -}} + {{- $listeners = append $listeners $i -}} + {{- end -}} + {{- $res := list -}} + {{- range $listener := $listeners -}} + {{- $res = append $res (printf "%s://advertised-address-placeholder:%d" (upper $listener.name) (int $listener.containerPort)) -}} + {{- end -}} + {{- printf "%s" (join "," $res) -}} +{{- end -}} +{{- end -}} + +{{/* +Returns the value listener.security.protocol.map based on the values of 'listeners.*.protocol' +*/}} +{{- define "kafka.securityProtocolMap" -}} +{{- if .Values.listeners.securityProtocolMap -}} + {{- printf "%s" .Values.listeners.securityProtocolMap -}} +{{- else -}} + {{- $listeners := list .Values.listeners.client .Values.listeners.interbroker -}} + {{- range $i := .Values.listeners.extraListeners -}} + {{- $listeners = append $listeners $i -}} + {{- end -}} + {{- if .Values.kraft.enabled -}} + {{- $listeners = append $listeners .Values.listeners.controller -}} + {{- end -}} + {{- if and .Values.externalAccess.enabled -}} + {{- $listeners = append $listeners .Values.listeners.external -}} + {{- end -}} + {{- $res := list -}} + {{- range $listener := $listeners -}} + {{- $res = append $res (printf "%s:%s" (upper $listener.name) (upper $listener.protocol)) -}} + {{- end -}} + {{ printf "%s" (join "," $res)}} +{{- end -}} +{{- end -}} + +{{/* +Returns the containerPorts for listeneres.extraListeners +*/}} +{{- define "kafka.extraListeners.containerPorts" -}} +{{- range $listener := .Values.listeners.extraListeners -}} +- name: {{ lower $listener.name}} + containerPort: {{ $listener.containerPort }} +{{- end -}} +{{- end -}} + +{{/* +Returns the zookeeper.connect setting value +*/}} +{{- define "kafka.zookeeperConnect" -}} +{{- if .Values.zookeeper.enabled -}} +{{- printf "%s:%s%s" (include "kafka.zookeeper.fullname" .) (ternary "3181" "2181" .Values.tls.zookeeper.enabled) (tpl .Values.zookeeperChrootPath .) -}} +{{- else -}} +{{- printf "%s%s" (join "," .Values.externalZookeeper.servers) (tpl .Values.zookeeperChrootPath .) -}} +{{- end -}} +{{- end -}} + +{{/* +Renders a value that contains template perhaps with scope if the scope is present. +Usage: +{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $ ) }} +{{ include "common.tplvalues.render" ( dict "value" .Values.path.to.the.Value "context" $ "scope" $app ) }} +*/}} +{{- define "common.tplvalues.render" -}} +{{- $value := typeIs "string" .value | ternary .value (.value | toYaml) }} +{{- if contains "{{" (toJson .value) }} + {{- if .scope }} + {{- tpl (cat "{{- with $.RelativeScope -}}" $value "{{- end }}") (merge (dict "RelativeScope" .scope) .context) }} + {{- else }} + {{- tpl $value .context }} + {{- end }} +{{- else }} + {{- $value }} +{{- end }} +{{- end -}} + +{{- define "common.tplvalues.merge" -}} +{{- $dst := dict -}} +{{- range .values -}} +{{- $dst = include "common.tplvalues.render" (dict "value" . "context" $.context "scope" $.scope) | fromYaml | merge $dst -}} +{{- end -}} +{{ $dst | toYaml }} +{{- end -}} + +{{/* +Return the appropriate apiVersion for poddisruptionbudget. +*/}} +{{- define "common.capabilities.policy.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} + +{{- define "common.names.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "common.names.namespace" -}} +{{- if .Values.namespace -}} +{{- .Values.namespace | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- default .Release.Namespace .Values.namespaceOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{- define "common.names.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.names.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Kubernetes standard labels +{{ include "common.labels.standard" (dict "customLabels" .Values.commonLabels "context" $) -}} +*/}} +{{- define "common.labels.standard" -}} +{{- if and (hasKey . "customLabels") (hasKey . "context") -}} +{{- $default := dict "app.kubernetes.io/name" (include "common.names.name" .context) "helm.sh/chart" (include "common.names.chart" .context) "app.kubernetes.io/instance" .context.Release.Name "app.kubernetes.io/managed-by" .context.Release.Service -}} +{{- with .context.Chart.AppVersion -}} +{{- $_ := set $default "app.kubernetes.io/version" . -}} +{{- end -}} +{{ template "common.tplvalues.merge" (dict "values" (list .customLabels $default) "context" .context) }} +{{- else -}} +app.kubernetes.io/name: {{ include "common.names.name" . }} +helm.sh/chart: {{ include "common.names.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- with .Chart.AppVersion }} +app.kubernetes.io/version: {{ . | quote }} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Labels used on immutable fields such as deploy.spec.selector.matchLabels or svc.spec.selector +{{ include "common.labels.matchLabels" (dict "customLabels" .Values.podLabels "context" $) -}} + +We don't want to loop over custom labels appending them to the selector +since it's very likely that it will break deployments, services, etc. +However, it's important to overwrite the standard labels if the user +overwrote them on metadata.labels fields. +*/}} +{{- define "common.labels.matchLabels" -}} +{{- if and (hasKey . "customLabels") (hasKey . "context") -}} +{{ merge (pick (include "common.tplvalues.render" (dict "value" .customLabels "context" .context) | fromYaml) "app.kubernetes.io/name" "app.kubernetes.io/instance") (dict "app.kubernetes.io/name" (include "common.names.name" .context) "app.kubernetes.io/instance" .context.Release.Name ) | toYaml }} +{{- else -}} +app.kubernetes.io/name: {{ include "common.names.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end -}} +{{- end -}} + +{{/* +Return the target Kubernetes version +*/}} +{{- define "common.capabilities.kubeVersion" -}} +{{- if .Values.global }} + {{- if .Values.global.kubeVersion }} + {{- .Values.global.kubeVersion -}} + {{- else }} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} + {{- end -}} +{{- else }} +{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for networkpolicy. +*/}} +{{- define "common.capabilities.networkPolicy.apiVersion" -}} +{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for deployment. +*/}} +{{- define "common.capabilities.deployment.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Return the appropriate apiVersion for statefulset. +*/}} +{{- define "common.capabilities.statefulset.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "apps/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Generate secret password or retrieve one if already created. + +Usage: +{{ include "common.secrets.passwords.manage" (dict "secret" "secret-name" "key" "keyName" "providedValues" (list "path.to.password1" "path.to.password2") "length" 10 "strong" false "chartName" "chartName" "context" $) }} + +Params: + - secret - String - Required - Name of the 'Secret' resource where the password is stored. + - key - String - Required - Name of the key in the secret. + - providedValues - List - Required - The path to the validating value in the values.yaml, e.g: "mysql.password". Will pick first parameter with a defined value. + - length - int - Optional - Length of the generated random password. + - strong - Boolean - Optional - Whether to add symbols to the generated random password. + - chartName - String - Optional - Name of the chart used when said chart is deployed as a subchart. + - context - Context - Required - Parent context. + - failOnNew - Boolean - Optional - Default to true. If set to false, skip errors adding new keys to existing secrets. +The order in which this function returns a secret password: + 1. Already existing 'Secret' resource + (If a 'Secret' resource is found under the name provided to the 'secret' parameter to this function and that 'Secret' resource contains a key with the name passed as the 'key' parameter to this function then the value of this existing secret password will be returned) + 2. Password provided via the values.yaml + (If one of the keys passed to the 'providedValues' parameter to this function is a valid path to a key in the values.yaml and has a value, the value of the first key with a value will be returned) + 3. Randomly generated secret password + (A new random secret password with the length specified in the 'length' parameter will be generated and returned) + +*/}} +{{- define "common.secrets.passwords.manage" -}} + +{{- $password := "" }} +{{- $subchart := "" }} +{{- $failOnNew := default true .failOnNew }} +{{- $chartName := default "" .chartName }} +{{- $passwordLength := default 10 .length }} +{{- $providedPasswordKey := include "common.utils.getKeyFromList" (dict "keys" .providedValues "context" $.context) }} +{{- $providedPasswordValue := include "common.utils.getValueFromKey" (dict "key" $providedPasswordKey "context" $.context) }} +{{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .context) .secret).data }} +{{- if $secretData }} + {{- if hasKey $secretData .key }} + {{- $password = index $secretData .key | quote }} + {{- else if $failOnNew }} + {{- printf "\nPASSWORDS ERROR: The secret \"%s\" does not contain the key \"%s\"\n" .secret .key | fail -}} + {{- end -}} +{{- else if $providedPasswordValue }} + {{- $password = $providedPasswordValue | toString | b64enc | quote }} +{{- else }} + + {{- if .context.Values.enabled }} + {{- $subchart = $chartName }} + {{- end -}} + + {{- $requiredPassword := dict "valueKey" $providedPasswordKey "secret" .secret "field" .key "subchart" $subchart "context" $.context -}} + {{- $requiredPasswordError := include "common.validations.values.single.empty" $requiredPassword -}} + {{- $passwordValidationErrors := list $requiredPasswordError -}} + {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $.context) -}} + + {{- if .strong }} + {{- $subStr := list (lower (randAlpha 1)) (randNumeric 1) (upper (randAlpha 1)) | join "_" }} + {{- $password = randAscii $passwordLength }} + {{- $password = regexReplaceAllLiteral "\\W" $password "@" | substr 5 $passwordLength }} + {{- $password = printf "%s%s" $subStr $password | toString | shuffle | b64enc | quote }} + {{- else }} + {{- $password = randAlphaNum $passwordLength | b64enc | quote }} + {{- end }} +{{- end -}} +{{- printf "%s" $password -}} +{{- end -}} + +{{- define "common.errors.upgrade.passwords.empty" -}} + {{- $validationErrors := join "" .validationErrors -}} + {{- if and $validationErrors .context.Release.IsUpgrade -}} + {{- $errorString := "\nPASSWORDS ERROR: You must provide your current passwords when upgrading the release." -}} + {{- $errorString = print $errorString "\n Note that even after reinstallation, old credentials may be needed as they may be kept in persistent volume claims." -}} + {{- $errorString = print $errorString "\n Further information can be obtained at https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases" -}} + {{- $errorString = print $errorString "\n%s" -}} + {{- printf $errorString $validationErrors | fail -}} + {{- end -}} +{{- end -}} + +{{/* +Build env var name given a field +Usage: +{{ include "common.utils.fieldToEnvVar" dict "field" "my-password" }} +*/}} +{{- define "common.utils.fieldToEnvVar" -}} + {{- $fieldNameSplit := splitList "-" .field -}} + {{- $upperCaseFieldNameSplit := list -}} + + {{- range $fieldNameSplit -}} + {{- $upperCaseFieldNameSplit = append $upperCaseFieldNameSplit ( upper . ) -}} + {{- end -}} + + {{ join "_" $upperCaseFieldNameSplit }} +{{- end -}} + +{{/* +Print instructions to get a secret value. +Usage: +{{ include "common.utils.secret.getvalue" (dict "secret" "secret-name" "field" "secret-value-field" "context" $) }} +*/}} +{{- define "common.utils.secret.getvalue" -}} +{{- $varname := include "common.utils.fieldToEnvVar" . -}} +export {{ $varname }}=$(kubectl get secret --namespace {{ include "common.names.namespace" .context | quote }} {{ .secret }} -o jsonpath="{.data.{{ .field }}}" | base64 -d) +{{- end -}} + +{{- define "common.validations.values.single.empty" -}} + {{- $value := include "common.utils.getValueFromKey" (dict "key" .valueKey "context" .context) }} + {{- $subchart := ternary "" (printf "%s." .subchart) (empty .subchart) }} + + {{- if not $value -}} + {{- $varname := "my-value" -}} + {{- $getCurrentValue := "" -}} + {{- if and .secret .field -}} + {{- $varname = include "common.utils.fieldToEnvVar" . -}} + {{- $getCurrentValue = printf " To get the current value:\n\n %s\n" (include "common.utils.secret.getvalue" .) -}} + {{- end -}} + {{- printf "\n '%s' must not be empty, please add '--set %s%s=$%s' to the command.%s" .valueKey $subchart .valueKey $varname $getCurrentValue -}} + {{- end -}} +{{- end -}} + +{{/* +Gets a value from .Values given +Usage: +{{ include "common.utils.getValueFromKey" (dict "key" "path.to.key" "context" $) }} +*/}} +{{- define "common.utils.getValueFromKey" -}} +{{- $splitKey := splitList "." .key -}} +{{- $value := "" -}} +{{- $latestObj := $.context.Values -}} +{{- range $splitKey -}} + {{- if not $latestObj -}} + {{- printf "please review the entire path of '%s' exists in values" $.key | fail -}} + {{- end -}} + {{- $value = ( index $latestObj . ) -}} + {{- $latestObj = $value -}} +{{- end -}} +{{- printf "%v" (default "" $value) -}} +{{- end -}} + +{{/* +Returns first .Values key with a defined value or first of the list if all non-defined +Usage: +{{ include "common.utils.getKeyFromList" (dict "keys" (list "path.to.key1" "path.to.key2") "context" $) }} +*/}} +{{- define "common.utils.getKeyFromList" -}} +{{- $key := first .keys -}} +{{- $reverseKeys := reverse .keys }} +{{- range $reverseKeys }} + {{- $value := include "common.utils.getValueFromKey" (dict "key" . "context" $.context ) }} + {{- if $value -}} + {{- $key = . }} + {{- end -}} +{{- end -}} +{{- printf "%s" $key -}} +{{- end -}} + +{{/* +Returns the controller quorum voters based on the number of controller-eligible nodes +*/}} +{{- define "kafka.kraft.controllerQuorumVoters" -}} +{{- if .Values.kraft.controllerQuorumVoters -}} + {{- include "common.tplvalues.render" (dict "value" .Values.kraft.controllerQuorumVoters "context" $) -}} +{{- else -}} + {{- $controllerVoters := list -}} + {{- $fullname := include "common.names.fullname" . -}} + {{- $releaseNamespace := include "common.names.namespace" . -}} + {{- range $i := until (int .Values.controller.replicaCount) -}} + {{- $nodeId := add (int $i) (int $.Values.controller.minId) -}} + {{- $nodeAddress := printf "%s-controller-%d.%s-controller-headless.%s.svc.%s:%d" $fullname (int $i) $fullname $releaseNamespace $.Values.clusterDomain (int $.Values.listeners.controller.containerPort) -}} + {{- $controllerVoters = append $controllerVoters (printf "%d@%s" $nodeId $nodeAddress ) -}} + {{- end -}} + {{- join "," $controllerVoters -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper image name +{{ include "common.images.image" ( dict "imageRoot" .Values.path.to.the.image "global" .Values.global ) }} +*/}} +{{- define "common.images.image" -}} +{{- $registryName := .imageRoot.registry -}} +{{- $repositoryName := .imageRoot.repository -}} +{{- $separator := ":" -}} +{{- $termination := .imageRoot.tag | toString -}} +{{- if .global }} + {{- if .global.imageRegistry }} + {{- $registryName = .global.imageRegistry -}} + {{- end -}} +{{- end -}} +{{- if .imageRoot.digest }} + {{- $separator = "@" -}} + {{- $termination = .imageRoot.digest | toString -}} +{{- end -}} +{{- if $registryName }} + {{- printf "%s/%s%s%s" $registryName $repositoryName $separator $termination -}} +{{- else -}} + {{- printf "%s%s%s" $repositoryName $separator $termination -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper image version (ingores image revision/prerelease info & fallbacks to chart appVersion) +{{ include "common.images.version" ( dict "imageRoot" .Values.path.to.the.image "chart" .Chart ) }} +*/}} +{{- define "common.images.version" -}} +{{- $imageTag := .imageRoot.tag | toString -}} +{{/* regexp from https://github.com/Masterminds/semver/blob/23f51de38a0866c5ef0bfc42b3f735c73107b700/version.go#L41-L44 */}} +{{- if regexMatch `^([0-9]+)(\.[0-9]+)?(\.[0-9]+)?(-([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?(\+([0-9A-Za-z\-]+(\.[0-9A-Za-z\-]+)*))?$` $imageTag -}} + {{- $version := semver $imageTag -}} + {{- printf "%d.%d.%d" $version.Major $version.Minor $version.Patch -}} +{{- else -}} + {{- print .chart.AppVersion -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper Docker Image Registry Secret Names (deprecated: use common.images.renderPullSecrets instead) +{{ include "common.images.pullSecrets" ( dict "images" (list .Values.path.to.the.image1, .Values.path.to.the.image2) "global" .Values.global) }} +*/}} +{{- define "common.images.pullSecrets" -}} + {{- $pullSecrets := list }} + + {{- if .global }} + {{- range .global.imagePullSecrets -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets .name -}} + {{- else -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end }} + {{- end -}} + {{- end -}} + + {{- range .images -}} + {{- range .pullSecrets -}} + {{- if kindIs "map" . -}} + {{- $pullSecrets = append $pullSecrets .name -}} + {{- else -}} + {{- $pullSecrets = append $pullSecrets . -}} + {{- end -}} + {{- end -}} + {{- end -}} + + {{- if (not (empty $pullSecrets)) }} +imagePullSecrets: + {{- range $pullSecrets | uniq }} + - name: {{ . }} + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Return a soft nodeAffinity definition +{{ include "common.affinities.nodes.soft" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes.soft" -}} +preferredDuringSchedulingIgnoredDuringExecution: + - preference: + matchExpressions: + - key: {{ .key }} + operator: In + values: + {{- range .values }} + - {{ . | quote }} + {{- end }} + weight: 1 +{{- end -}} + +{{/* +Return a hard nodeAffinity definition +{{ include "common.affinities.nodes.hard" (dict "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes.hard" -}} +requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: {{ .key }} + operator: In + values: + {{- range .values }} + - {{ . | quote }} + {{- end }} +{{- end -}} + +{{/* +Return a nodeAffinity definition +{{ include "common.affinities.nodes" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.nodes" -}} + {{- if eq .type "soft" }} + {{- include "common.affinities.nodes.soft" . -}} + {{- else if eq .type "hard" }} + {{- include "common.affinities.nodes.hard" . -}} + {{- end -}} +{{- end -}} + +{{/* +Return a topologyKey definition +{{ include "common.affinities.topologyKey" (dict "topologyKey" "BAR") -}} +*/}} +{{- define "common.affinities.topologyKey" -}} +{{ .topologyKey | default "kubernetes.io/hostname" -}} +{{- end -}} + +{{/* +Return a soft podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods.soft" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} +*/}} +{{- define "common.affinities.pods.soft" -}} +{{- $component := default "" .component -}} +{{- $customLabels := default (dict) .customLabels -}} +{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} +preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := $extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + weight: 1 + {{- range $extraPodAffinityTerms }} + - podAffinityTerm: + labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 10 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + weight: {{ .weight | default 1 -}} + {{- end -}} +{{- end -}} + +{{/* +Return a hard podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods.hard" (dict "component" "FOO" "customLabels" .Values.podLabels "extraMatchLabels" .Values.extraMatchLabels "topologyKey" "BAR" "extraPodAffinityTerms" .Values.extraPodAffinityTerms "context" $) -}} +*/}} +{{- define "common.affinities.pods.hard" -}} +{{- $component := default "" .component -}} +{{- $customLabels := default (dict) .customLabels -}} +{{- $extraMatchLabels := default (dict) .extraMatchLabels -}} +{{- $extraPodAffinityTerms := default (list) .extraPodAffinityTerms -}} +requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" .context )) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := $extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- range $extraPodAffinityTerms }} + - labelSelector: + matchLabels: {{- (include "common.labels.matchLabels" ( dict "customLabels" $customLabels "context" $.context )) | nindent 8 }} + {{- if not (empty $component) }} + {{ printf "app.kubernetes.io/component: %s" $component }} + {{- end }} + {{- range $key, $value := .extraMatchLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + topologyKey: {{ include "common.affinities.topologyKey" (dict "topologyKey" .topologyKey) }} + {{- end -}} +{{- end -}} + +{{/* +Return a podAffinity/podAntiAffinity definition +{{ include "common.affinities.pods" (dict "type" "soft" "key" "FOO" "values" (list "BAR" "BAZ")) -}} +*/}} +{{- define "common.affinities.pods" -}} + {{- if eq .type "soft" }} + {{- include "common.affinities.pods.soft" . -}} + {{- else if eq .type "hard" }} + {{- include "common.affinities.pods.hard" . -}} + {{- end -}} +{{- end -}} + +{{/* +Section of the server.properties configmap shared by both controller-eligible and broker nodes +*/}} +{{- define "kafka.commonConfig" -}} +log.dir={{ printf "%s/data" .Values.controller.persistence.mountPath }} +{{- if or (include "kafka.saslEnabled" .) }} +sasl.enabled.mechanisms={{ upper .Values.sasl.enabledMechanisms }} +{{- end }} +# Interbroker configuration +inter.broker.listener.name={{ .Values.listeners.interbroker.name }} +{{- if regexFind "SASL" (upper .Values.listeners.interbroker.protocol) }} +sasl.mechanism.inter.broker.protocol={{ upper .Values.sasl.interBrokerMechanism }} +{{- end }} +{{- if (include "kafka.sslEnabled" .) }} +# TLS configuration +ssl.keystore.type=JKS +ssl.truststore.type=JKS +ssl.keystore.location=/opt/bitnami/kafka/config/certs/kafka.keystore.jks +ssl.truststore.location=/opt/bitnami/kafka/config/certs/kafka.truststore.jks +#ssl.keystore.password= +#ssl.truststore.password= +#ssl.key.password= +ssl.client.auth={{ .Values.tls.sslClientAuth }} +ssl.endpoint.identification.algorithm={{ .Values.tls.endpointIdentificationAlgorithm }} +{{- end }} +{{- if (include "kafka.saslEnabled" .) }} +# Listeners SASL JAAS configuration +{{- $listeners := list .Values.listeners.client .Values.listeners.interbroker }} +{{- range $i := .Values.listeners.extraListeners }} +{{- $listeners = append $listeners $i }} +{{- end }} +{{- if .Values.externalAccess.enabled }} +{{- $listeners = append $listeners .Values.listeners.external }} +{{- end }} +{{- range $listener := $listeners }} +{{- if and $listener.sslClientAuth (regexFind "SSL" (upper $listener.protocol)) }} +listener.name.{{lower $listener.name}}.ssl.client.auth={{ $listener.sslClientAuth }} +{{- end }} +{{- if regexFind "SASL" (upper $listener.protocol) }} +{{- range $mechanism := ( splitList "," $.Values.sasl.enabledMechanisms )}} + {{- $securityModule := include "kafka.saslSecurityModule" (dict "mechanism" (upper $mechanism)) }} + {{- $saslJaasConfig := list $securityModule }} + {{- if eq $listener.name $.Values.listeners.interbroker.name }} + {{- if (eq (upper $mechanism) "OAUTHBEARER") }} + {{- $saslJaasConfig = append $saslJaasConfig (printf "clientId=\"%s\"" $.Values.sasl.interbroker.clientId) }} + {{- $saslJaasConfig = append $saslJaasConfig (print "clientSecret=\"interbroker-client-secret-placeholder\"") }} +listener.name.{{lower $listener.name}}.oauthbearer.sasl.login.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerLoginCallbackHandler + {{- else }} + {{- $saslJaasConfig = append $saslJaasConfig (printf "username=\"%s\"" $.Values.sasl.interbroker.user) }} + {{- $saslJaasConfig = append $saslJaasConfig (print "password=\"interbroker-password-placeholder\"") }} + {{- end }} + {{- end }} + {{- if eq (upper $mechanism) "PLAIN" }} + {{- if eq $listener.name $.Values.listeners.interbroker.name }} + {{- $saslJaasConfig = append $saslJaasConfig (printf "user_%s=\"interbroker-password-placeholder\"" $.Values.sasl.interbroker.user) }} + {{- end }} + {{- range $i, $user := $.Values.sasl.client.users }} + {{- $saslJaasConfig = append $saslJaasConfig (printf "user_%s=\"password-placeholder-%d\"" $user (int $i)) }} + {{- end }} + {{- end }} +listener.name.{{lower $listener.name}}.{{lower $mechanism}}.sasl.jaas.config={{ join " " $saslJaasConfig }}; + {{- if eq (upper $mechanism) "OAUTHBEARER" }} +listener.name.{{lower $listener.name}}.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerValidatorCallbackHandler + {{- end }} +{{- end }} +{{- end }} +{{- end }} +{{- if regexFind "OAUTHBEARER" $.Values.sasl.enabledMechanisms }} +sasl.oauthbearer.token.endpoint.url={{ $.Values.sasl.oauthbearer.tokenEndpointUrl }} +sasl.oauthbearer.jwks.endpoint.url={{ $.Values.sasl.oauthbearer.jwksEndpointUrl }} +sasl.oauthbearer.expected.audience={{ $.Values.sasl.oauthbearer.expectedAudience }} +sasl.oauthbearer.sub.claim.name={{ $.Values.sasl.oauthbearer.subClaimName }} +{{- end }} +# End of SASL JAAS configuration +{{- end }} +{{- end -}} + +{{/* +Zookeeper connection section of the server.properties +*/}} +{{- define "kafka.zookeeperConfig" -}} +zookeeper.connect={{ include "kafka.zookeeperConnect" . }} +#broker.id= +{{- if .Values.sasl.zookeeper.user }} +sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \ + username="{{ .Values.sasl.zookeeper.user }}" \ + password="zookeeper-password-placeholder"; +{{- end }} +{{- if and .Values.tls.zookeeper.enabled .Values.tls.zookeeper.existingSecret }} +zookeeper.clientCnxnSocket=org.apache.zookeeper.ClientCnxnSocketNetty +zookeeper.ssl.client.enable=true +zookeeper.ssl.keystore.location=/opt/bitnami/kafka/config/certs/zookeeper.keystore.jks +zookeeper.ssl.truststore.location=/opt/bitnami/kafka/config/certs/zookeeper.truststore.jks +zookeeper.ssl.hostnameVerification={{ .Values.tls.zookeeper.verifyHostname }} +#zookeeper.ssl.keystore.password= +#zookeeper.ssl.truststore.password= +{{- end }} +{{- end -}} + +{{/* +Kraft section of the server.properties +*/}} +{{- define "kafka.kraftConfig" -}} +#node.id= +controller.listener.names={{ .Values.listeners.controller.name }} +controller.quorum.voters={{ include "kafka.kraft.controllerQuorumVoters" . }} +#{{- $listener := $.Values.listeners.controller }} +#{{- if and $listener.sslClientAuth (regexFind "SSL" (upper $listener.protocol)) }} +# Kraft Controller listener SSL settings +#listener.name.{{lower $listener.name}}.ssl.client.auth={{ $listener.sslClientAuth }} +#{{- end }} +#{{- if regexFind "SASL" (upper $listener.protocol) }} +# {{- $mechanism := $.Values.sasl.controllerMechanism }} +# {{- $securityModule := include "kafka.saslSecurityModule" (dict "mechanism" (upper $mechanism)) }} +# {{- $saslJaasConfig := list $securityModule }} +# {{- if (eq (upper $mechanism) "OAUTHBEARER") }} +# {{- $saslJaasConfig = append $saslJaasConfig (printf "clientId=\"%s\"" $.Values.sasl.controller.clientId) }} +# {{- $saslJaasConfig = append $saslJaasConfig (print "clientSecret=\"controller-client-secret-placeholder\"") }} +# {{- else }} +# {{- $saslJaasConfig = append $saslJaasConfig (printf "username=\"%s\"" $.Values.sasl.controller.user) }} +# {{- $saslJaasConfig = append $saslJaasConfig (print "password=\"controller-password-placeholder\"") }} +# {{- end }} +# {{- if eq (upper $mechanism) "PLAIN" }} +# {{- $saslJaasConfig = append $saslJaasConfig (printf "user_%s=\"controller-password-placeholder\"" $.Values.sasl.controller.user) }} +# {{- end }} +# Kraft Controller listener SASL settings +#sasl.mechanism.controller.protocol={{ upper $mechanism }} +#listener.name.{{lower $listener.name}}.sasl.enabled.mechanisms={{ upper $mechanism }} +#listener.name.{{lower $listener.name}}.{{lower $mechanism }}.sasl.jaas.config={{ join " " $saslJaasConfig }}; +#{{- if regexFind "OAUTHBEARER" (upper $mechanism) }} +#listener.name.{{lower $listener.name}}.oauthbearer.sasl.server.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerValidatorCallbackHandler +#listener.name.{{lower $listener.name}}.oauthbearer.sasl.login.callback.handler.class=org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerLoginCallbackHandler +#{{- end }} +#{{- end }} +{{- end -}} + +{{/* +Init container definition for Kafka initialization +*/}} +{{- define "kafka.prepareKafkaInitContainer" -}} +{{- $role := .role -}} +{{- $roleSettings := index .context.Values .role -}} +- name: kafka-init + image: {{ include "kafka.image" .context }} + imagePullPolicy: {{ .context.Values.image.pullPolicy }} + {{- if $roleSettings.containerSecurityContext.enabled }} + securityContext: {{- omit $roleSettings.containerSecurityContext "enabled" | toYaml | nindent 4 }} + {{- end }} + command: + - /bin/bash + args: + - -ec + - | + /scripts/kafka-init.sh + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .context.Values.image.debug .context.Values.diagnosticMode.enabled) | quote }} + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: KAFKA_VOLUME_DIR + value: {{ $roleSettings.persistence.mountPath | quote }} + - name: KAFKA_MIN_ID + value: {{ $roleSettings.minId | quote }} + {{- if or (and (eq .role "broker") .context.Values.externalAccess.enabled) (and (eq .role "controller") .context.Values.externalAccess.enabled (or .context.Values.externalAccess.controller.forceExpose (not .context.Values.controller.controllerOnly))) }} + {{- $externalAccess := index .context.Values.externalAccess .role }} + - name: EXTERNAL_ACCESS_ENABLED + value: "true" + {{- if eq $externalAccess.service.type "LoadBalancer" }} + {{- if not .context.Values.externalAccess.autoDiscovery.enabled }} + - name: EXTERNAL_ACCESS_HOSTS_LIST + value: {{ join "," (default $externalAccess.service.loadBalancerIPs $externalAccess.service.loadBalancerNames) | quote }} + {{- end }} + - name: EXTERNAL_ACCESS_PORT + value: {{ $externalAccess.service.ports.external | quote }} + {{- else if eq $externalAccess.service.type "NodePort" }} + {{- if $externalAccess.service.domain }} + - name: EXTERNAL_ACCESS_HOST + value: {{ $externalAccess.service.domain | quote }} + {{- else if and $externalAccess.service.usePodIPs .context.Values.externalAccess.autoDiscovery.enabled }} + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: EXTERNAL_ACCESS_HOST + value: "$(MY_POD_IP)" + {{- else if or $externalAccess.service.useHostIPs .context.Values.externalAccess.autoDiscovery.enabled }} + - name: HOST_IP + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: EXTERNAL_ACCESS_HOST + value: "$(HOST_IP)" + {{- else if and $externalAccess.service.externalIPs (not .context.Values.externalAccess.autoDiscovery.enabled) }} + - name: EXTERNAL_ACCESS_HOSTS_LIST + value: {{ join "," $externalAccess.service.externalIPs }} + {{- else }} + - name: EXTERNAL_ACCESS_HOST_USE_PUBLIC_IP + value: "true" + {{- end }} + {{- if not .context.Values.externalAccess.autoDiscovery.enabled }} + {{- if and $externalAccess.service.externalIPs (empty $externalAccess.service.nodePorts)}} + - name: EXTERNAL_ACCESS_PORT + value: {{ $externalAccess.service.ports.external | quote }} + {{- else }} + - name: EXTERNAL_ACCESS_PORTS_LIST + value: {{ join "," $externalAccess.service.nodePorts | quote }} + {{- end }} + {{- end }} + {{- else if eq $externalAccess.service.type "ClusterIP" }} + - name: EXTERNAL_ACCESS_HOST + value: {{ $externalAccess.service.domain | quote }} + - name: EXTERNAL_ACCESS_PORT + value: {{ $externalAccess.service.ports.external | quote}} + - name: EXTERNAL_ACCESS_PORT_AUTOINCREMENT + value: "true" + {{- end }} + {{- end }} + {{- if and (include "kafka.client.saslEnabled" .context ) .context.Values.sasl.client.users }} + {{- if (include "kafka.saslUserPasswordsEnabled" .context) }} + - name: KAFKA_CLIENT_USERS + value: {{ join "," .context.Values.sasl.client.users | quote }} + - name: KAFKA_CLIENT_PASSWORDS + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: client-passwords + {{- end }} + {{- end }} + {{- if regexFind "SASL" (upper .context.Values.listeners.interbroker.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .context) }} + - name: KAFKA_INTER_BROKER_USER + value: {{ .context.Values.sasl.interbroker.user | quote }} + - name: KAFKA_INTER_BROKER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: inter-broker-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .context) }} + - name: KAFKA_INTER_BROKER_CLIENT_ID + value: {{ .context.Values.sasl.interbroker.clientId | quote }} + - name: KAFKA_INTER_BROKER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: inter-broker-client-secret + {{- end }} + {{- end }} + {{- if and .context.Values.kraft.enabled (regexFind "SASL" (upper .context.Values.listeners.controller.protocol)) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .context) }} + - name: KAFKA_CONTROLLER_USER + value: {{ .context.Values.sasl.controller.user | quote }} + - name: KAFKA_CONTROLLER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: controller-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .context) }} + - name: KAFKA_CONTROLLER_CLIENT_ID + value: {{ .context.Values.sasl.controller.clientId | quote }} + - name: KAFKA_CONTROLLER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: controller-client-secret + {{- end }} + {{- end }} + {{- if (include "kafka.sslEnabled" .context ) }} + - name: KAFKA_TLS_TYPE + value: {{ ternary "PEM" "JKS" (or .context.Values.tls.autoGenerated (eq (upper .context.Values.tls.type) "PEM")) }} + - name: KAFKA_TLS_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.tlsPasswordsSecretName" .context }} + key: {{ .context.Values.tls.passwordsSecretKeystoreKey | quote }} + - name: KAFKA_TLS_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.tlsPasswordsSecretName" .context }} + key: {{ .context.Values.tls.passwordsSecretTruststoreKey | quote }} + {{- if and (not .context.Values.tls.autoGenerated) (or .context.Values.tls.keyPassword (and .context.Values.tls.passwordsSecret .context.Values.tls.passwordsSecretPemPasswordKey)) }} + - name: KAFKA_TLS_PEM_KEY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.tlsPasswordsSecretName" .context }} + key: {{ default "key-password" .context.Values.tls.passwordsSecretPemPasswordKey | quote }} + {{- end }} + {{- end }} + {{- if or .context.Values.zookeeper.enabled .context.Values.externalZookeeper.servers }} + {{- if .context.Values.sasl.zookeeper.user }} + - name: KAFKA_ZOOKEEPER_USER + value: {{ .context.Values.sasl.zookeeper.user | quote }} + - name: KAFKA_ZOOKEEPER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" .context }} + key: zookeeper-password + {{- end }} + {{- if .context.Values.tls.zookeeper.enabled }} + {{- if and .context.Values.tls.zookeeper.passwordsSecretKeystoreKey (or .context.Values.tls.zookeeper.passwordsSecret .context.Values.tls.zookeeper.keystorePassword) }} + - name: KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.zookeeper.tlsPasswordsSecretName" .context }} + key: {{ .context.Values.tls.zookeeper.passwordsSecretKeystoreKey | quote }} + {{- end }} + {{- if and .context.Values.tls.zookeeper.passwordsSecretTruststoreKey (or .context.Values.tls.zookeeper.passwordsSecret .context.Values.tls.zookeeper.truststorePassword) }} + - name: KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.zookeeper.tlsPasswordsSecretName" .context }} + key: {{ .context.Values.tls.zookeeper.passwordsSecretTruststoreKey | quote }} + {{- end }} + {{- end }} + {{- end }} + volumeMounts: + - name: data + mountPath: /bitnami/kafka + - name: kafka-config + mountPath: /config + - name: kafka-configmaps + mountPath: /configmaps + - name: kafka-secret-config + mountPath: /secret-config + - name: scripts + mountPath: /scripts + - name: tmp + mountPath: /tmp + {{- if and .context.Values.externalAccess.enabled .context.Values.externalAccess.autoDiscovery.enabled }} + - name: kafka-autodiscovery-shared + mountPath: /shared + {{- end }} + {{- if or (include "kafka.sslEnabled" .context) .context.Values.tls.zookeeper.enabled }} + - name: kafka-shared-certs + mountPath: /certs + {{- if and (include "kafka.sslEnabled" .context) (or .context.Values.tls.existingSecret .context.Values.tls.autoGenerated) }} + - name: kafka-certs + mountPath: /mounted-certs + readOnly: true + {{- end }} + {{- if and .context.Values.tls.zookeeper.enabled .context.Values.tls.zookeeper.existingSecret }} + - name: kafka-zookeeper-cert + mountPath: /zookeeper-certs + readOnly: true + {{- end }} + {{- end }} +{{- end -}} + +{{/* +Init container definition for waiting for Kubernetes autodiscovery +*/}} +{{- define "kafka.autoDiscoveryInitContainer" -}} +{{- $externalAccessService := index .context.Values.externalAccess .role }} +- name: auto-discovery + image: {{ include "kafka.externalAccess.autoDiscovery.image" .context }} + imagePullPolicy: {{ .context.Values.externalAccess.autoDiscovery.image.pullPolicy | quote }} + command: + - /scripts/auto-discovery.sh + env: + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: AUTODISCOVERY_SERVICE_TYPE + value: {{ $externalAccessService.service.type | quote }} + {{- if .context.Values.externalAccess.autoDiscovery.resources }} + resources: {{- toYaml .context.Values.externalAccess.autoDiscovery.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: scripts + mountPath: /scripts/auto-discovery.sh + subPath: auto-discovery.sh + - name: kafka-autodiscovery-shared + mountPath: /shared +{{- end -}} + +{{/* +Check if there are rolling tags in the images +*/}} +{{- define "kafka.checkRollingTags" -}} +{{- include "common.warnings.rollingTag" .Values.image }} +{{- include "common.warnings.rollingTag" .Values.externalAccess.autoDiscovery.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.kafka.image }} +{{- include "common.warnings.rollingTag" .Values.metrics.jmx.image }} +{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }} +{{- end -}} + +{{/* +Compile all warnings into a single message, and call fail. +*/}} +{{- define "kafka.validateValues" -}} +{{- $messages := list -}} +{{- $messages := append $messages (include "kafka.validateValues.listener.protocols" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.controller.nodePortListLength" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.broker.nodePortListLength" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.controller.externalIPListLength" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.broker.externalIPListLength" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.domainSpecified" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessServiceType" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessAutoDiscoveryRBAC" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessAutoDiscoveryIPsOrNames" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessServiceList" (dict "element" "loadBalancerIPs" "context" .)) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessServiceList" (dict "element" "loadBalancerNames" "context" .)) -}} +{{- $messages := append $messages (include "kafka.validateValues.externalAccessServiceList" (dict "element" "loadBalancerAnnotations" "context" . )) -}} +{{- $messages := append $messages (include "kafka.validateValues.saslMechanisms" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.tlsSecret" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.provisioning.tlsPasswords" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.kraftMode" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.kraftMissingControllers" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.zookeeperMissingBrokers" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.zookeeperNoControllers" .) -}} +{{- $messages := append $messages (include "kafka.validateValues.modeEmpty" .) -}} +{{- $messages := without $messages "" -}} +{{- $message := join "\n" $messages -}} + +{{- if $message -}} +{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - Authentication protocols for Kafka */}} +{{- define "kafka.validateValues.listener.protocols" -}} +{{- $authProtocols := list "PLAINTEXT" "SASL_PLAINTEXT" "SASL_SSL" "SSL" -}} +{{- if not .Values.listeners.securityProtocolMap -}} +{{- $listeners := list .Values.listeners.client .Values.listeners.interbroker -}} +{{- if .Values.kraft.enabled -}} +{{- $listeners = append $listeners .Values.listeners.controller -}} +{{- end -}} +{{- if and .Values.externalAccess.enabled -}} +{{- $listeners = append $listeners .Values.listeners.external -}} +{{- end -}} +{{- $error := false -}} +{{- range $listener := $listeners -}} +{{- if not (has (upper $listener.protocol) $authProtocols) -}} +{{- $error := true -}} +{{- end -}} +{{- end -}} +{{- if $error -}} +kafka: listeners.*.protocol + Available authentication protocols are "PLAINTEXT" "SASL_PLAINTEXT" "SSL" "SASL_SSL" +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - number of controller-eligible replicas must be the same as NodePort list in controller-eligible external service */}} +{{- define "kafka.validateValues.controller.nodePortListLength" -}} +{{- $replicaCount := int .Values.controller.replicaCount -}} +{{- $nodePortListLength := len .Values.externalAccess.controller.service.nodePorts -}} +{{- $nodePortListIsEmpty := empty .Values.externalAccess.controller.service.nodePorts -}} +{{- $nodePortListLengthEqualsReplicaCount := eq $nodePortListLength $replicaCount -}} +{{- $externalIPListIsEmpty := empty .Values.externalAccess.controller.service.externalIPs -}} +{{- if and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (eq .Values.externalAccess.controller.service.type "NodePort") (or (and (not $nodePortListIsEmpty) (not $nodePortListLengthEqualsReplicaCount)) (and $nodePortListIsEmpty $externalIPListIsEmpty)) -}} +kafka: .Values.externalAccess.controller.service.nodePorts + Number of controller-eligible replicas and externalAccess.controller.service.nodePorts array length must be the same. Currently: replicaCount = {{ $replicaCount }} and length nodePorts = {{ $nodePortListLength }} - {{ $externalIPListIsEmpty }} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - number of broker replicas must be the same as NodePort list in broker external service */}} +{{- define "kafka.validateValues.broker.nodePortListLength" -}} +{{- $replicaCount := int .Values.broker.replicaCount -}} +{{- $nodePortListLength := len .Values.externalAccess.broker.service.nodePorts -}} +{{- $nodePortListIsEmpty := empty .Values.externalAccess.broker.service.nodePorts -}} +{{- $nodePortListLengthEqualsReplicaCount := eq $nodePortListLength $replicaCount -}} +{{- $externalIPListIsEmpty := empty .Values.externalAccess.broker.service.externalIPs -}} +{{- if and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (eq .Values.externalAccess.broker.service.type "NodePort") (or (and (not $nodePortListIsEmpty) (not $nodePortListLengthEqualsReplicaCount)) (and $nodePortListIsEmpty $externalIPListIsEmpty)) -}} +kafka: .Values.externalAccess.broker.service.nodePorts + Number of broker replicas and externalAccess.broker.service.nodePorts array length must be the same. Currently: replicaCount = {{ $replicaCount }} and length nodePorts = {{ $nodePortListLength }} - {{ $externalIPListIsEmpty }} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - number of replicas must be the same as externalIPs list */}} +{{- define "kafka.validateValues.controller.externalIPListLength" -}} +{{- $replicaCount := int .Values.controller.replicaCount -}} +{{- $externalIPListLength := len .Values.externalAccess.controller.service.externalIPs -}} +{{- $externalIPListIsEmpty := empty .Values.externalAccess.controller.service.externalIPs -}} +{{- $externalIPListEqualsReplicaCount := eq $externalIPListLength $replicaCount -}} +{{- $nodePortListIsEmpty := empty .Values.externalAccess.controller.service.nodePorts -}} +{{- if and .Values.externalAccess.enabled (or .Values.externalAccess.controller.forceExpose (not .Values.controller.controllerOnly)) (not .Values.externalAccess.autoDiscovery.enabled) (eq .Values.externalAccess.controller.service.type "NodePort") (or (and (not $externalIPListIsEmpty) (not $externalIPListEqualsReplicaCount)) (and $externalIPListIsEmpty $nodePortListIsEmpty)) -}} +kafka: .Values.externalAccess.controller.service.externalIPs + Number of controller-eligible replicas and externalAccess.controller.service.externalIPs array length must be the same. Currently: replicaCount = {{ $replicaCount }} and length externalIPs = {{ $externalIPListLength }} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - number of replicas must be the same as externalIPs list */}} +{{- define "kafka.validateValues.broker.externalIPListLength" -}} +{{- $replicaCount := int .Values.broker.replicaCount -}} +{{- $externalIPListLength := len .Values.externalAccess.broker.service.externalIPs -}} +{{- $externalIPListIsEmpty := empty .Values.externalAccess.broker.service.externalIPs -}} +{{- $externalIPListEqualsReplicaCount := eq $externalIPListLength $replicaCount -}} +{{- $nodePortListIsEmpty := empty .Values.externalAccess.broker.service.nodePorts -}} +{{- if and .Values.externalAccess.enabled (not .Values.externalAccess.autoDiscovery.enabled) (eq .Values.externalAccess.broker.service.type "NodePort") (or (and (not $externalIPListIsEmpty) (not $externalIPListEqualsReplicaCount)) (and $externalIPListIsEmpty $nodePortListIsEmpty)) -}} +kafka: .Values.externalAccess.broker.service.externalIPs + Number of broker replicas and externalAccess.broker.service.externalIPs array length must be the same. Currently: replicaCount = {{ $replicaCount }} and length externalIPs = {{ $externalIPListLength }} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - domain must be defined if external service type ClusterIP */}} +{{- define "kafka.validateValues.domainSpecified" -}} +{{- if and (eq .Values.externalAccess.controller.service.type "ClusterIP") (empty .Values.externalAccess.controller.service.domain) -}} +kafka: .Values.externalAccess.controller.service.domain + Domain must be specified if service type ClusterIP is set for external service +{{- end -}} +{{- if and (eq .Values.externalAccess.broker.service.type "ClusterIP") (empty .Values.externalAccess.broker.service.domain) -}} +kafka: .Values.externalAccess.broker.service.domain + Domain must be specified if service type ClusterIP is set for external service +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - service type for external access */}} +{{- define "kafka.validateValues.externalAccessServiceType" -}} +{{- if and (not (eq .Values.externalAccess.controller.service.type "NodePort")) (not (eq .Values.externalAccess.controller.service.type "LoadBalancer")) (not (eq .Values.externalAccess.controller.service.type "ClusterIP")) -}} +kafka: externalAccess.controller.service.type + Available service type for external access are NodePort, LoadBalancer or ClusterIP. +{{- end -}} +{{- if and (not (eq .Values.externalAccess.broker.service.type "NodePort")) (not (eq .Values.externalAccess.broker.service.type "LoadBalancer")) (not (eq .Values.externalAccess.broker.service.type "ClusterIP")) -}} +kafka: externalAccess.broker.service.type + Available service type for external access are NodePort, LoadBalancer or ClusterIP. +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - RBAC should be enabled when autoDiscovery is enabled */}} +{{- define "kafka.validateValues.externalAccessAutoDiscoveryRBAC" -}} +{{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (not .Values.rbac.create ) }} +kafka: rbac.create + By specifying "externalAccess.enabled=true" and "externalAccess.autoDiscovery.enabled=true" + an initContainer will be used to auto-detect the external IPs/ports by querying the + K8s API. Please note this initContainer requires specific RBAC resources. You can create them + by specifying "--set rbac.create=true". +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - LoadBalancerIPs or LoadBalancerNames should be set when autoDiscovery is disabled */}} +{{- define "kafka.validateValues.externalAccessAutoDiscoveryIPsOrNames" -}} +{{- $loadBalancerNameListLength := len .Values.externalAccess.controller.service.loadBalancerNames -}} +{{- $loadBalancerIPListLength := len .Values.externalAccess.controller.service.loadBalancerIPs -}} +{{- if and .Values.externalAccess.enabled (or .Values.externalAccess.controller.forceExpose (not .Values.controller.controllerOnly)) (eq .Values.externalAccess.controller.service.type "LoadBalancer") (not .Values.externalAccess.autoDiscovery.enabled) (eq $loadBalancerNameListLength 0) (eq $loadBalancerIPListLength 0) }} +kafka: externalAccess.controller.service.loadBalancerNames or externalAccess.controller.service.loadBalancerIPs + By specifying "externalAccess.enabled=true", "externalAccess.autoDiscovery.enabled=false" and + "externalAccess.controller.service.type=LoadBalancer" at least one of externalAccess.controller.service.loadBalancerNames + or externalAccess.controller.service.loadBalancerIPs must be set and the length of those arrays must be equal + to the number of replicas. +{{- end -}} +{{- $loadBalancerNameListLength := len .Values.externalAccess.broker.service.loadBalancerNames -}} +{{- $loadBalancerIPListLength := len .Values.externalAccess.broker.service.loadBalancerIPs -}} +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if and .Values.externalAccess.enabled (gt 0 $replicaCount) (eq .Values.externalAccess.broker.service.type "LoadBalancer") (not .Values.externalAccess.autoDiscovery.enabled) (eq $loadBalancerNameListLength 0) (eq $loadBalancerIPListLength 0) }} +kafka: externalAccess.broker.service.loadBalancerNames or externalAccess.broker.service.loadBalancerIPs + By specifying "externalAccess.enabled=true", "externalAccess.autoDiscovery.enabled=false" and + "externalAccess.broker.service.type=LoadBalancer" at least one of externalAccess.broker.service.loadBalancerNames + or externalAccess.broker.service.loadBalancerIPs must be set and the length of those arrays must be equal + to the number of replicas. +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - number of replicas must be the same as loadBalancerIPs list */}} +{{- define "kafka.validateValues.externalAccessServiceList" -}} +{{- $replicaCount := int .context.Values.controller.replicaCount }} +{{- $listLength := len (get .context.Values.externalAccess.controller.service .element) -}} +{{- if and .context.Values.externalAccess.enabled (or .context.Values.externalAccess.controller.forceExpose (not .context.Values.controller.controllerOnly)) (not .context.Values.externalAccess.autoDiscovery.enabled) (eq .context.Values.externalAccess.controller.service.type "LoadBalancer") (gt $listLength 0) (not (eq $replicaCount $listLength)) }} +kafka: externalAccess.service.{{ .element }} + Number of replicas and {{ .element }} array length must be the same. Currently: replicaCount = {{ $replicaCount }} and {{ .element }} = {{ $listLength }} +{{- end -}} +{{- $replicaCount := int .context.Values.broker.replicaCount }} +{{- $listLength := len (get .context.Values.externalAccess.broker.service .element) -}} +{{- if and .context.Values.externalAccess.enabled (gt 0 $replicaCount) (not .context.Values.externalAccess.autoDiscovery.enabled) (eq .context.Values.externalAccess.broker.service.type "LoadBalancer") (gt $listLength 0) (not (eq $replicaCount $listLength)) }} +kafka: externalAccess.service.{{ .element }} + Number of replicas and {{ .element }} array length must be the same. Currently: replicaCount = {{ $replicaCount }} and {{ .element }} = {{ $listLength }} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - SASL mechanisms must be provided when using SASL */}} +{{- define "kafka.validateValues.saslMechanisms" -}} +{{- if and (include "kafka.saslEnabled" .) (not .Values.sasl.enabledMechanisms) }} +kafka: sasl.enabledMechanisms + The SASL mechanisms are required when listeners use SASL security protocol. +{{- end }} +{{- if not (contains .Values.sasl.interBrokerMechanism .Values.sasl.enabledMechanisms) }} +kafka: sasl.enabledMechanisms + sasl.interBrokerMechanism must be provided and it should be one of the specified mechanisms at sasl.enabledMechanisms +{{- end -}} +{{- if and .Values.kraft.enabled (not (contains .Values.sasl.controllerMechanism .Values.sasl.enabledMechanisms)) }} +kafka: sasl.enabledMechanisms + sasl.controllerMechanism must be provided and it should be one of the specified mechanisms at sasl.enabledMechanisms +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka - Secrets containing TLS certs must be provided when TLS authentication is enabled */}} +{{- define "kafka.validateValues.tlsSecret" -}} +{{- if and (include "kafka.sslEnabled" .) (eq (upper .Values.tls.type) "JKS") (empty .Values.tls.existingSecret) (not .Values.tls.autoGenerated) }} +kafka: tls.existingSecret + A secret containing the Kafka JKS keystores and truststore is required + when TLS encryption in enabled and TLS format is "JKS" +{{- else if and (include "kafka.sslEnabled" .) (eq (upper .Values.tls.type) "PEM") (empty .Values.tls.existingSecret) (not .Values.tls.autoGenerated) }} +kafka: tls.existingSecret + A secret containing the Kafka TLS certificates and keys is required + when TLS encryption in enabled and TLS format is "PEM" +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka provisioning - keyPasswordSecretKey, keystorePasswordSecretKey or truststorePasswordSecretKey must not be used without passwordsSecret */}} +{{- define "kafka.validateValues.provisioning.tlsPasswords" -}} +{{- if and (regexFind "SSL" (upper .Values.listeners.client.protocol)) .Values.provisioning.enabled (not .Values.provisioning.auth.tls.passwordsSecret) }} +{{- if or .Values.provisioning.auth.tls.keyPasswordSecretKey .Values.provisioning.auth.tls.keystorePasswordSecretKey .Values.provisioning.auth.tls.truststorePasswordSecretKey }} +kafka: tls.keyPasswordSecretKey,tls.keystorePasswordSecretKey,tls.truststorePasswordSecretKey + tls.keyPasswordSecretKey,tls.keystorePasswordSecretKey,tls.truststorePasswordSecretKey + must not be used without passwordsSecret setted. +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka Kraft mode. It cannot be used with Zookeeper unless migration is enabled */}} +{{- define "kafka.validateValues.kraftMode" -}} +{{- if and .Values.kraft.enabled (or .Values.zookeeper.enabled .Values.externalZookeeper.servers) (and (not .Values.controller.zookeeperMigrationMode ) (not .Values.broker.zookeeperMigrationMode )) }} +kafka: Simultaneous KRaft and Zookeeper modes + Both Zookeeper and KRaft modes have been configured simultaneously, but migration mode has not been enabled. +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka Kraft mode. At least 1 controller is configured or controller.quorum.voters is set */}} +{{- define "kafka.validateValues.kraftMissingControllers" -}} +{{- if and .Values.kraft.enabled (le (int .Values.controller.replicaCount) 0) (not .Values.kraft.controllerQuorumVoters) }} +kafka: Kraft mode - Missing controller-eligible nodes + Kraft mode has been enabled, but no controller-eligible nodes have been configured +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka Zookeper mode. At least 1 broker is configured */}} +{{- define "kafka.validateValues.zookeeperMissingBrokers" -}} +{{- if and (or .Values.zookeeper.enabled .Values.externalZookeeper.servers) (le (int .Values.broker.replicaCount) 0)}} +kafka: Zookeeper mode - No Kafka brokers configured + Zookeper mode has been enabled, but no Kafka brokers nodes have been configured +{{- end -}} +{{- end -}} + +{{/* Validate values of Kafka Zookeper mode. Controller nodes not enabled in Zookeeper mode unless migration enabled */}} +{{- define "kafka.validateValues.zookeeperNoControllers" -}} +{{- if and (or .Values.zookeeper.enabled .Values.externalZookeeper.servers) (gt (int .Values.controller.replicaCount) 0) (and (not .Values.controller.zookeeperMigrationMode ) (not .Values.broker.zookeeperMigrationMode )) }} +kafka: Zookeeper mode - Controller nodes not supported + Controller replicas have been enabled in Zookeeper mode, set controller.replicaCount to zero or enable migration mode to migrate to Kraft mode +{{- end -}} +{{- end -}} + +{{/* Validate either KRaft or Zookeeper mode are enabled */}} +{{- define "kafka.validateValues.modeEmpty" -}} +{{- if and (not .Values.kraft.enabled) (not (or .Values.zookeeper.enabled .Values.externalZookeeper.servers)) }} +kafka: Missing KRaft or Zookeeper mode settings + The Kafka chart has been deployed but neither KRaft or Zookeeper modes have been enabled. + Please configure 'kraft.enabled', 'zookeeper.enabled' or `externalZookeeper.servers` before proceeding. +{{- end -}} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/config-secrets.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/config-secrets.yaml new file mode 100644 index 0000000000..52bf1e2d4a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/config-secrets.yaml @@ -0,0 +1,24 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if and (include "kafka.broker.createSecretConfig" .) (gt $replicaCount 0) }} +{{- $secretName := printf "%s-broker-secret-configuration" (include "common.names.fullname" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + server-secret.properties: {{ include "kafka.broker.secretConfig" . | b64enc }} +{{- end }} + diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/configmap.yaml new file mode 100644 index 0000000000..12a231c9f2 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/configmap.yaml @@ -0,0 +1,47 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if and (include "kafka.broker.createConfigmap" .) (gt $replicaCount 0) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-broker-configuration" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if or .Values.config .Values.broker.config }} + server.properties: {{- include "common.tplvalues.render" ( dict "value" (coalesce .Values.broker.config .Values.config) "context" $ ) | nindent 4 }} + {{- else }} + server.properties: |- + # Listeners configuration + listeners={{ include "kafka.listeners" ( dict "isController" false "context" $ ) }} + listener.security.protocol.map={{ include "kafka.securityProtocolMap" . }} + advertised.listeners={{ include "kafka.advertisedListeners" . }} + {{- if .Values.kraft.enabled }} + {{- if not .Values.broker.zookeeperMigrationMode }} + # KRaft node role + process.roles=broker + {{- end -}} + {{- include "kafka.kraftConfig" . | nindent 4 }} + {{- end }} + {{- if or .Values.zookeeper.enabled .Values.externalZookeeper.servers }} + # Zookeeper configuration + {{- include "kafka.zookeeperConfig" . | nindent 4 }} + {{- if .Values.broker.zookeeperMigrationMode }} + zookeeper.metadata.migration.enable=true + inter.broker.protocol.version={{ default (regexFind "^[0-9].[0-9]+" .Chart.AppVersion) .Values.interBrokerProtocolVersion }} + {{- end }} + {{- end }} + {{- include "kafka.commonConfig" . | nindent 4 }} + {{- include "common.tplvalues.render" ( dict "value" .Values.extraConfig "context" $ ) | nindent 4 }} + {{- include "common.tplvalues.render" ( dict "value" .Values.broker.extraConfig "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/pdb.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/pdb.yaml new file mode 100644 index 0000000000..585ca4f19a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/pdb.yaml @@ -0,0 +1,31 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if and .Values.broker.pdb.create (gt $replicaCount 0) }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ printf "%s-broker" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.broker.pdb.minAvailable }} + minAvailable: {{ .Values.broker.pdb.minAvailable }} + {{- end }} + {{- if .Values.broker.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.broker.pdb.maxUnavailable }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.broker.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/statefulset.yaml new file mode 100644 index 0000000000..621b674fa6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/statefulset.yaml @@ -0,0 +1,477 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if gt $replicaCount 0 }} +apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ printf "%s-broker" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podManagementPolicy: {{ .Values.broker.podManagementPolicy }} + replicas: {{ .Values.broker.replicaCount }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.broker.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + serviceName: {{ printf "%s-broker-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + updateStrategy: {{- include "common.tplvalues.render" (dict "value" .Values.broker.updateStrategy "context" $ ) | nindent 4 }} + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + annotations: + {{- if (include "kafka.broker.createConfigmap" .) }} + checksum/configuration: {{ include (print $.Template.BasePath "/broker/configmap.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.createSaslSecret" .) }} + checksum/passwords-secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.createTlsSecret" .) }} + checksum/tls-secret: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.metrics.jmx.createConfigmap" .) }} + checksum/jmx-configuration: {{ include (print $.Template.BasePath "/metrics/jmx-configmap.yaml") . | sha256sum }} + {{- end }} + {{- if .Values.broker.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + {{- include "kafka.imagePullSecrets" . | nindent 6 }} + {{- if .Values.broker.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.broker.hostAliases "context" $) | nindent 8 }} + {{- end }} + hostNetwork: {{ .Values.broker.hostNetwork }} + hostIPC: {{ .Values.broker.hostIPC }} + {{- if .Values.broker.schedulerName }} + schedulerName: {{ .Values.broker.schedulerName | quote }} + {{- end }} + {{- if .Values.broker.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.broker.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.broker.podAffinityPreset "component" "broker" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.broker.podAntiAffinityPreset "component" "broker" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.broker.nodeAffinityPreset.type "key" .Values.broker.nodeAffinityPreset.key "values" .Values.broker.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.broker.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.broker.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.broker.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.broker.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.broker.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.broker.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.broker.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.broker.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.broker.priorityClassName }} + priorityClassName: {{ .Values.broker.priorityClassName }} + {{- end }} + {{- if .Values.controller.runtimeClassName }} + runtimeClassName: {{ .Values.controller.runtimeClassName }} + {{- end }} + {{- if .Values.broker.podSecurityContext.enabled }} + securityContext: {{- omit .Values.broker.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "kafka.serviceAccountName" . }} + enableServiceLinks: {{ .Values.broker.enableServiceLinks }} + initContainers: + {{- if and .Values.volumePermissions.enabled .Values.broker.persistence.enabled }} + - name: volume-permissions + image: {{ include "kafka.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + args: + - -ec + - | + mkdir -p "{{ .Values.broker.persistence.mountPath }}" "{{ .Values.broker.logPersistence.mountPath }}" + chown -R {{ .Values.broker.containerSecurityContext.runAsUser }}:{{ .Values.broker.podSecurityContext.fsGroup }} "{{ .Values.broker.persistence.mountPath }}" "{{ .Values.broker.logPersistence.mountPath }}" + find "{{ .Values.broker.persistence.mountPath }}" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.broker.containerSecurityContext.runAsUser }}:{{ .Values.broker.podSecurityContext.fsGroup }} + find "{{ .Values.broker.logPersistence.mountPath }}" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.broker.containerSecurityContext.runAsUser }}:{{ .Values.broker.podSecurityContext.fsGroup }} + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} + {{- else }} + securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.broker.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.broker.logPersistence.mountPath }} + {{- end }} + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + {{- include "kafka.autoDiscoveryInitContainer" ( dict "role" "broker" "context" $) | nindent 8 }} + {{- end }} + {{- include "kafka.prepareKafkaInitContainer" ( dict "role" "broker" "context" $) | nindent 8 }} + {{- if .Values.broker.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.broker.initContainers "context" $ ) | nindent 8 }} + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers "context" $ ) | nindent 8 }} + {{- end }} + containers: + - name: kafka + image: {{ include "kafka.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.broker.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.broker.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.broker.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.broker.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.broker.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.broker.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: KAFKA_HEAP_OPTS + value: {{ coalesce .Values.broker.heapOpts .Values.heapOpts | quote }} + {{- if .Values.kraft.enabled }} + - name: KAFKA_KRAFT_CLUSTER_ID + valueFrom: + secretKeyRef: + name: {{ default (printf "%s-kraft-cluster-id" (include "common.names.fullname" .)) .Values.kraft.existingClusterIdSecret }} + key: kraft-cluster-id + {{- if .Values.broker.zookeeperMigrationMode }} + - name: KAFKA_SKIP_KRAFT_STORAGE_INIT + value: "true" + {{- end }} + {{- end }} + {{- if and (include "kafka.saslEnabled" .) (or (regexFind "SCRAM" (upper .Values.sasl.enabledMechanisms)) (regexFind "SCRAM" (upper .Values.sasl.controllerMechanism)) (regexFind "SCRAM" (upper .Values.sasl.interBrokerMechanism))) }} + {{- if or .Values.zookeeper.enabled .Values.externalZookeeper.servers }} + - name: KAFKA_ZOOKEEPER_BOOTSTRAP_SCRAM_USERS + value: "true" + {{- else }} + - name: KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS + value: "true" + {{- end }} + {{- if and (include "kafka.client.saslEnabled" . ) .Values.sasl.client.users (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_CLIENT_USERS + value: {{ join "," .Values.sasl.client.users | quote }} + - name: KAFKA_CLIENT_PASSWORDS + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: client-passwords + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.interbroker.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_INTER_BROKER_USER + value: {{ .Values.sasl.interbroker.user | quote }} + - name: KAFKA_INTER_BROKER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: inter-broker-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + - name: KAFKA_INTER_BROKER_CLIENT_ID + value: {{ .Values.sasl.interbroker.clientId | quote }} + - name: KAFKA_INTER_BROKER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: inter-broker-client-secret + {{- end }} + {{- end }} + {{- if and .Values.kraft.enabled (regexFind "SASL" (upper .Values.listeners.controller.protocol)) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_CONTROLLER_USER + value: {{ .Values.sasl.controller.user | quote }} + - name: KAFKA_CONTROLLER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: controller-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + - name: KAFKA_CONTROLLER_CLIENT_ID + value: {{ .Values.sasl.controller.clientId | quote }} + - name: KAFKA_CONTROLLER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: controller-client-secret + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: JMX_PORT + value: {{ .Values.metrics.jmx.kafkaJmxPort | quote }} + {{- end }} + {{- if .Values.broker.extraEnvVars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.broker.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if or .Values.broker.extraEnvVarsCM .Values.extraEnvVarsCM .Values.broker.extraEnvVarsSecret .Values.extraEnvVarsSecret }} + envFrom: + {{- if .Values.broker.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.broker.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.broker.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.broker.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- end }} + ports: + - name: client + containerPort: {{ .Values.listeners.client.containerPort }} + - name: interbroker + containerPort: {{ .Values.listeners.interbroker.containerPort }} + {{- if .Values.externalAccess.enabled }} + - name: external + containerPort: {{ .Values.listeners.external.containerPort }} + {{- end }} + {{- if .Values.listeners.extraListeners }} + {{- include "kafka.extraListeners.containerPorts" . | nindent 12 }} + {{- end }} + {{- if .Values.broker.extraContainerPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.extraContainerPorts "context" $) | nindent 12 }} + {{- end }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.broker.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.broker.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.broker.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.broker.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "client" + {{- end }} + {{- if .Values.broker.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.broker.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.broker.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.broker.readinessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "client" + {{- end }} + {{- if .Values.broker.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.broker.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.broker.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.broker.startupProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "client" + {{- end }} + {{- end }} + {{- if .Values.broker.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.broker.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.broker.resources }} + resources: {{- toYaml .Values.broker.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.broker.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.broker.logPersistence.mountPath }} + - name: kafka-config + mountPath: /opt/bitnami/kafka/config/server.properties + subPath: server.properties + - name: tmp + mountPath: /tmp + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + mountPath: /opt/bitnami/kafka/config/log4j.properties + subPath: log4j.properties + {{- end }} + {{- if or .Values.tls.zookeeper.enabled (include "kafka.sslEnabled" .) }} + - name: kafka-shared-certs + mountPath: /opt/bitnami/kafka/config/certs + readOnly: true + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.broker.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-exporter + image: {{ include "kafka.metrics.jmx.image" . }} + imagePullPolicy: {{ .Values.metrics.jmx.image.pullPolicy | quote }} + {{- if .Values.metrics.jmx.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.metrics.jmx.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else }} + command: + - java + args: + - -XX:MaxRAMPercentage=100 + - -XshowSettings:vm + - -jar + - jmx_prometheus_httpserver.jar + - "5556" + - /etc/jmx-kafka/jmx-kafka-prometheus.yml + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.jmx.containerPorts.metrics }} + {{- if .Values.metrics.jmx.resources }} + resources: {{- toYaml .Values.metrics.jmx.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: jmx-config + mountPath: /etc/jmx-kafka + {{- end }} + {{- if .Values.broker.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.sidecars "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: kafka-configmaps + configMap: + name: {{ include "kafka.broker.configmapName" . }} + - name: kafka-secret-config + {{- if (include "kafka.broker.secretConfigExists" .) }} + secret: + secretName: {{ include "kafka.broker.secretConfigName" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: kafka-config + emptyDir: {} + - name: tmp + emptyDir: {} + - name: scripts + configMap: + name: {{ include "common.names.fullname" . }}-scripts + defaultMode: 0755 + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + - name: kafka-autodiscovery-shared + emptyDir: {} + {{- end }} + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + configMap: + name: {{ include "kafka.log4j.configMapName" . }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-config + configMap: + name: {{ include "kafka.metrics.jmx.configmapName" . }} + {{- end }} + {{- if or .Values.tls.zookeeper.enabled (include "kafka.sslEnabled" .) }} + - name: kafka-shared-certs + emptyDir: {} + {{- if and (include "kafka.sslEnabled" .) (or .Values.tls.existingSecret .Values.tls.autoGenerated) }} + - name: kafka-certs + projected: + defaultMode: 256 + sources: + - secret: + name: {{ include "kafka.tlsSecretName" . }} + {{- if .Values.tls.jksTruststoreSecret }} + - secret: + name: {{ .Values.tls.jksTruststoreSecret }} + {{- end }} + {{- end }} + {{- if and .Values.tls.zookeeper.enabled .Values.tls.zookeeper.existingSecret }} + - name: kafka-zookeeper-cert + secret: + secretName: {{ .Values.tls.zookeeper.existingSecret }} + defaultMode: 256 + {{- end }} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.broker.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.broker.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if not .Values.broker.persistence.enabled }} + - name: data + emptyDir: {} + {{- else if .Values.broker.persistence.existingClaim }} + - name: data + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.broker.persistence.existingClaim .) }} + {{- end }} + {{- if not .Values.broker.logPersistence.enabled }} + - name: logs + emptyDir: {} + {{- else if .Values.broker.logPersistence.existingClaim }} + - name: logs + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.broker.logPersistence.existingClaim .) }} + {{- end }} + {{- if or (and .Values.broker.persistence.enabled (not .Values.broker.persistence.existingClaim)) (and .Values.broker.logPersistence.enabled (not .Values.broker.logPersistence.existingClaim)) }} + volumeClaimTemplates: + {{- if and .Values.broker.persistence.enabled (not .Values.broker.persistence.existingClaim) }} + - metadata: + name: data + {{- if .Values.broker.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.broker.persistence.annotations "context" $) | nindent 10 }} + {{- end }} + {{- if .Values.broker.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.broker.persistence.labels "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.broker.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.broker.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.broker.persistence "global" .Values.global) | nindent 8 }} + {{- if .Values.broker.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.broker.persistence.selector "context" $) | nindent 10 }} + {{- end -}} + {{- end }} + {{- if and .Values.broker.logPersistence.enabled (not .Values.broker.logPersistence.existingClaim) }} + - metadata: + name: logs + {{- if .Values.broker.logPersistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.broker.logPersistence.annotations "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.broker.logPersistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.broker.logPersistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.broker.persistence "global" .Values.global) | nindent 8 }} + {{- if .Values.broker.logPersistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.broker.logPersistence.selector "context" $) | nindent 10 }} + {{- end -}} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-external-access.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-external-access.yaml new file mode 100644 index 0000000000..3b4367d85e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-external-access.yaml @@ -0,0 +1,63 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.externalAccess.enabled }} +{{- $fullname := include "common.names.fullname" . }} +{{- $replicaCount := .Values.broker.replicaCount | int }} +{{- range $i := until $replicaCount }} +{{- $targetPod := printf "%s-broker-%d" (printf "%s" $fullname) $i }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-broker-%d-external" (include "common.names.fullname" $) $i | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" $ | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list $.Values.externalAccess.broker.service.labels $.Values.commonLabels ) "context" $ ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + pod: {{ $targetPod }} + {{- if or $.Values.externalAccess.broker.service.annotations $.Values.commonAnnotations $.Values.externalAccess.broker.service.loadBalancerAnnotations }} + annotations: + {{- if and (not (empty $.Values.externalAccess.broker.service.loadBalancerAnnotations)) (eq (len $.Values.externalAccess.broker.service.loadBalancerAnnotations) $replicaCount) }} + {{ include "common.tplvalues.render" ( dict "value" (index $.Values.externalAccess.broker.service.loadBalancerAnnotations $i) "context" $) | nindent 4 }} + {{- end }} + {{- if or $.Values.externalAccess.broker.service.annotations $.Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list $.Values.externalAccess.broker.service.annotations $.Values.commonAnnotations ) "context" $ ) }} + {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ $.Values.externalAccess.broker.service.type }} + {{- if eq $.Values.externalAccess.broker.service.type "LoadBalancer" }} + {{- if and (not (empty $.Values.externalAccess.broker.service.loadBalancerIPs)) (eq (len $.Values.externalAccess.broker.service.loadBalancerIPs) $replicaCount) }} + loadBalancerIP: {{ index $.Values.externalAccess.broker.service.loadBalancerIPs $i }} + {{- end }} + {{- if $.Values.externalAccess.broker.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml $.Values.externalAccess.broker.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + {{- end }} + publishNotReadyAddresses: {{ $.Values.externalAccess.broker.service.publishNotReadyAddresses }} + ports: + - name: tcp-kafka + port: {{ $.Values.externalAccess.broker.service.ports.external }} + {{- if le (add $i 1) (len $.Values.externalAccess.broker.service.nodePorts) }} + nodePort: {{ index $.Values.externalAccess.broker.service.nodePorts $i }} + {{- else }} + nodePort: null + {{- end }} + targetPort: external + {{- if $.Values.externalAccess.broker.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" $.Values.externalAccess.broker.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- if and (eq $.Values.externalAccess.broker.service.type "NodePort") (le (add $i 1) (len $.Values.externalAccess.broker.service.externalIPs)) }} + externalIPs: [{{ index $.Values.externalAccess.broker.service.externalIPs $i | quote }}] + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list $.Values.broker.podLabels $.Values.commonLabels ) "context" $ ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: kafka + app.kubernetes.io/component: broker + statefulset.kubernetes.io/pod-name: {{ $targetPod }} +--- +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-headless.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-headless.yaml new file mode 100644 index 0000000000..7c373e3b8c --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/broker/svc-headless.yaml @@ -0,0 +1,38 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- if gt $replicaCount 0 }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-broker-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" . | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.externalAccess.broker.service.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka + {{- if or .Values.service.headless.broker.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.headless.broker.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp-interbroker + port: {{ .Values.service.ports.interbroker }} + protocol: TCP + targetPort: interbroker + - name: tcp-client + port: {{ .Values.service.ports.client }} + protocol: TCP + targetPort: client + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.broker.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: broker + app.kubernetes.io/part-of: kafka +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/config-secrets.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/config-secrets.yaml new file mode 100644 index 0000000000..8eaa1ac563 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/config-secrets.yaml @@ -0,0 +1,25 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- if and (include "kafka.controller.createSecretConfig" .) (gt $replicaCount 0) }} +{{- $secretName := printf "%s-controller-secret-configuration" (include "common.names.fullname" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" . | nindent 4 }} + {{- if .Values.commonLabels }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- end }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + server-secret.properties: {{ include "kafka.controller.secretConfig" . | b64enc }} +{{- end }} + diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/configmap.yaml new file mode 100644 index 0000000000..ed77b65331 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/configmap.yaml @@ -0,0 +1,46 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- if and .Values.kraft.enabled (include "kafka.controller.createConfigmap" .) (gt $replicaCount 0)}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-controller-configuration" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if or .Values.config .Values.controller.config }} + server.properties: {{- include "common.tplvalues.render" ( dict "value" (coalesce .Values.controller.config .Values.config) "context" $ ) | nindent 4 }} + {{- else }} + server.properties: |- + # Listeners configuration + listeners={{ include "kafka.listeners" ( dict "isController" true "context" $ ) }} + {{- if not .Values.controller.controllerOnly }} + advertised.listeners={{ include "kafka.advertisedListeners" . }} + {{- end }} + listener.security.protocol.map={{ include "kafka.securityProtocolMap" . }} + {{- if .Values.kraft.enabled }} + # KRaft process roles + process.roles={{ ternary "controller" "controller,broker" .Values.controller.controllerOnly }} + {{- include "kafka.kraftConfig" . | nindent 4 }} + {{- end }} + {{- if or .Values.zookeeper.enabled .Values.externalZookeeper.servers }} + # Zookeeper configuration + zookeeper.metadata.migration.enable=true + inter.broker.protocol.version=3.4 + inter.broker.protocol.version={{ default (regexFind "^[0-9].[0-9]+" .Chart.AppVersion) .Values.interBrokerProtocolVersion }} + {{- include "kafka.zookeeperConfig" . | nindent 4 }} + {{- end }} + {{- include "kafka.commonConfig" . | nindent 4 }} + {{- include "common.tplvalues.render" ( dict "value" .Values.extraConfig "context" $ ) | nindent 4 }} + {{- include "common.tplvalues.render" ( dict "value" .Values.controller.extraConfig "context" $ ) | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/pdb.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/pdb.yaml new file mode 100644 index 0000000000..4e4cd06e9a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/pdb.yaml @@ -0,0 +1,31 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- if and .Values.controller.pdb.create .Values.kraft.enabled (gt $replicaCount 0) }} +apiVersion: {{ include "common.capabilities.policy.apiVersion" . }} +kind: PodDisruptionBudget +metadata: + name: {{ printf "%s-controller" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.controller.pdb.minAvailable }} + minAvailable: {{ .Values.controller.pdb.minAvailable }} + {{- end }} + {{- if .Values.controller.pdb.maxUnavailable }} + maxUnavailable: {{ .Values.controller.pdb.maxUnavailable }} + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/statefulset.yaml new file mode 100644 index 0000000000..54bbbf58da --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/statefulset.yaml @@ -0,0 +1,470 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- if and .Values.kraft.enabled (gt $replicaCount 0) }} +apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} +kind: StatefulSet +metadata: + name: {{ printf "%s-controller" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podManagementPolicy: {{ .Values.controller.podManagementPolicy }} + replicas: {{ .Values.controller.replicaCount }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + serviceName: {{ printf "%s-controller-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + updateStrategy: {{- include "common.tplvalues.render" (dict "value" .Values.controller.updateStrategy "context" $ ) | nindent 4 }} + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + annotations: + {{- if (include "kafka.controller.createConfigmap" .) }} + checksum/configuration: {{ include (print $.Template.BasePath "/controller-eligible/configmap.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.createSaslSecret" .) }} + checksum/passwords-secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.createTlsSecret" .) }} + checksum/tls-secret: {{ include (print $.Template.BasePath "/tls-secret.yaml") . | sha256sum }} + {{- end }} + {{- if (include "kafka.metrics.jmx.createConfigmap" .) }} + checksum/jmx-configuration: {{ include (print $.Template.BasePath "/metrics/jmx-configmap.yaml") . | sha256sum }} + {{- end }} + {{- if .Values.controller.podAnnotations }} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + {{- include "kafka.imagePullSecrets" . | nindent 6 }} + {{- if .Values.controller.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.controller.hostAliases "context" $) | nindent 8 }} + {{- end }} + hostNetwork: {{ .Values.controller.hostNetwork }} + hostIPC: {{ .Values.controller.hostIPC }} + {{- if .Values.controller.schedulerName }} + schedulerName: {{ .Values.controller.schedulerName | quote }} + {{- end }} + {{- if .Values.controller.affinity }} + affinity: {{- include "common.tplvalues.render" (dict "value" .Values.controller.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAffinityPreset "component" "controller-eligible" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.controller.podAntiAffinityPreset "component" "controller-eligible" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.controller.nodeAffinityPreset.type "key" .Values.controller.nodeAffinityPreset.key "values" .Values.controller.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.controller.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.controller.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.controller.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.tolerations "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.controller.topologySpreadConstraints "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.controller.terminationGracePeriodSeconds }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} + {{- end }} + {{- if .Values.controller.priorityClassName }} + priorityClassName: {{ .Values.controller.priorityClassName }} + {{- end }} + {{- if .Values.controller.runtimeClassName }} + runtimeClassName: {{ .Values.controller.runtimeClassName }} + {{- end }} + {{- if .Values.controller.podSecurityContext.enabled }} + securityContext: {{- omit .Values.controller.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "kafka.serviceAccountName" . }} + enableServiceLinks: {{ .Values.controller.enableServiceLinks }} + initContainers: + {{- if and .Values.volumePermissions.enabled .Values.controller.persistence.enabled }} + - name: volume-permissions + image: {{ include "kafka.volumePermissions.image" . }} + imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }} + command: + - /bin/bash + args: + - -ec + - | + mkdir -p "{{ .Values.controller.persistence.mountPath }}" "{{ .Values.controller.logPersistence.mountPath }}" + chown -R {{ .Values.controller.containerSecurityContext.runAsUser }}:{{ .Values.controller.podSecurityContext.fsGroup }} "{{ .Values.controller.persistence.mountPath }}" "{{ .Values.controller.logPersistence.mountPath }}" + find "{{ .Values.controller.persistence.mountPath }}" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.controller.containerSecurityContext.runAsUser }}:{{ .Values.controller.podSecurityContext.fsGroup }} + find "{{ .Values.controller.logPersistence.mountPath }}" -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs -r chown -R {{ .Values.controller.containerSecurityContext.runAsUser }}:{{ .Values.controller.podSecurityContext.fsGroup }} + {{- if eq ( toString ( .Values.volumePermissions.containerSecurityContext.runAsUser )) "auto" }} + securityContext: {{- omit .Values.volumePermissions.containerSecurityContext "runAsUser" | toYaml | nindent 12 }} + {{- else }} + securityContext: {{- .Values.volumePermissions.containerSecurityContext | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.volumePermissions.resources }} + resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.controller.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.controller.logPersistence.mountPath }} + {{- end }} + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled (or .Values.externalAccess.controller.forceExpose (not .Values.controller.controllerOnly))}} + {{- include "kafka.autoDiscoveryInitContainer" ( dict "role" "controller" "context" $) | nindent 8 }} + {{- end }} + {{- include "kafka.prepareKafkaInitContainer" ( dict "role" "controller" "context" $) | nindent 8 }} + {{- if .Values.controller.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.controller.initContainers "context" $ ) | nindent 8 }} + {{- end }} + {{- if .Values.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.initContainers "context" $ ) | nindent 8 }} + {{- end }} + containers: + - name: kafka + image: {{ include "kafka.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.controller.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.controller.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.controller.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.controller.command "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.controller.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.controller.args "context" $) | nindent 12 }} + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + - name: KAFKA_HEAP_OPTS + value: {{ coalesce .Values.controller.heapOpts .Values.heapOpts | quote }} + - name: KAFKA_KRAFT_CLUSTER_ID + valueFrom: + secretKeyRef: + name: {{ default (printf "%s-kraft-cluster-id" (include "common.names.fullname" .)) .Values.kraft.existingClusterIdSecret }} + key: kraft-cluster-id + {{- if and (include "kafka.saslEnabled" .) (or (regexFind "SCRAM" (upper .Values.sasl.enabledMechanisms)) (regexFind "SCRAM" (upper .Values.sasl.controllerMechanism)) (regexFind "SCRAM" (upper .Values.sasl.interBrokerMechanism))) }} + - name: KAFKA_KRAFT_BOOTSTRAP_SCRAM_USERS + value: "true" + {{- if and (include "kafka.client.saslEnabled" . ) .Values.sasl.client.users (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_CLIENT_USERS + value: {{ join "," .Values.sasl.client.users | quote }} + - name: KAFKA_CLIENT_PASSWORDS + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: client-passwords + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.interbroker.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_INTER_BROKER_USER + value: {{ .Values.sasl.interbroker.user | quote }} + - name: KAFKA_INTER_BROKER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: inter-broker-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + - name: KAFKA_INTER_BROKER_CLIENT_ID + value: {{ .Values.sasl.interbroker.clientId | quote }} + - name: KAFKA_INTER_BROKER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: inter-broker-client-secret + {{- end }} + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.controller.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + - name: KAFKA_CONTROLLER_USER + value: {{ .Values.sasl.controller.user | quote }} + - name: KAFKA_CONTROLLER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: controller-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + - name: KAFKA_CONTROLLER_CLIENT_ID + value: {{ .Values.sasl.controller.clientId | quote }} + - name: KAFKA_CONTROLLER_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: controller-client-secret + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: JMX_PORT + value: {{ .Values.metrics.jmx.kafkaJmxPort | quote }} + {{- end }} + {{- if .Values.controller.extraEnvVars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.controller.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.extraEnvVars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if or .Values.controller.extraEnvVarsCM .Values.extraEnvVarsCM .Values.controller.extraEnvVarsSecret .Values.extraEnvVarsSecret }} + envFrom: + {{- if .Values.controller.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.controller.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.controller.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- if .Values.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- end }} + ports: + - name: controller + containerPort: {{ .Values.listeners.controller.containerPort }} + {{- if not .Values.controller.controllerOnly }} + - name: client + containerPort: {{ .Values.listeners.client.containerPort }} + - name: interbroker + containerPort: {{ .Values.listeners.interbroker.containerPort }} + {{- if .Values.externalAccess.enabled }} + - name: external + containerPort: {{ .Values.listeners.external.containerPort }} + {{- end }} + {{- if .Values.listeners.extraListeners }} + {{- include "kafka.extraListeners.containerPorts" . | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.controller.extraContainerPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraContainerPorts "context" $) | nindent 12 }} + {{- end }} + {{- if not .Values.diagnosticMode.enabled }} + {{- if .Values.controller.customLivenessProbe }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customLivenessProbe "context" $) | nindent 12 }} + {{- else if .Values.controller.livenessProbe.enabled }} + livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.controller.livenessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "controller" + {{- end }} + {{- if .Values.controller.customReadinessProbe }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customReadinessProbe "context" $) | nindent 12 }} + {{- else if .Values.controller.readinessProbe.enabled }} + readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.controller.readinessProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "controller" + {{- end }} + {{- if .Values.controller.customStartupProbe }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.controller.customStartupProbe "context" $) | nindent 12 }} + {{- else if .Values.controller.startupProbe.enabled }} + startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.controller.startupProbe "enabled") "context" $) | nindent 12 }} + tcpSocket: + port: "controller" + {{- end }} + {{- end }} + {{- if .Values.controller.lifecycleHooks }} + lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.controller.lifecycleHooks "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.controller.resources }} + resources: {{- toYaml .Values.controller.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: data + mountPath: {{ .Values.controller.persistence.mountPath }} + - name: logs + mountPath: {{ .Values.controller.logPersistence.mountPath }} + - name: kafka-config + mountPath: /opt/bitnami/kafka/config/server.properties + subPath: server.properties + - name: tmp + mountPath: /tmp + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + mountPath: /opt/bitnami/kafka/config/log4j.properties + subPath: log4j.properties + {{- end }} + {{- if or .Values.tls.zookeeper.enabled (include "kafka.sslEnabled" .) }} + - name: kafka-shared-certs + mountPath: /opt/bitnami/kafka/config/certs + readOnly: true + {{- end }} + {{- if .Values.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.controller.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-exporter + image: {{ include "kafka.metrics.jmx.image" . }} + imagePullPolicy: {{ .Values.metrics.jmx.image.pullPolicy | quote }} + {{- if .Values.metrics.jmx.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.metrics.jmx.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else }} + command: + - java + args: + - -XX:MaxRAMPercentage=100 + - -XshowSettings:vm + - -jar + - jmx_prometheus_httpserver.jar + - "5556" + - /etc/jmx-kafka/jmx-kafka-prometheus.yml + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.jmx.containerPorts.metrics }} + {{- if .Values.metrics.jmx.resources }} + resources: {{- toYaml .Values.metrics.jmx.resources | nindent 12 }} + {{- end }} + volumeMounts: + - name: jmx-config + mountPath: /etc/jmx-kafka + {{- end }} + {{- if .Values.controller.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.sidecars "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + - name: kafka-configmaps + configMap: + name: {{ include "kafka.controller.configmapName" . }} + - name: kafka-secret-config + {{- if (include "kafka.controller.secretConfigExists" .) }} + secret: + secretName: {{ include "kafka.controller.secretConfigName" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: kafka-config + emptyDir: {} + - name: tmp + emptyDir: {} + - name: scripts + configMap: + name: {{ include "common.names.fullname" . }}-scripts + defaultMode: 0755 + {{- if and .Values.externalAccess.enabled .Values.externalAccess.autoDiscovery.enabled }} + - name: kafka-autodiscovery-shared + emptyDir: {} + {{- end }} + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + configMap: + name: {{ include "kafka.log4j.configMapName" . }} + {{- end }} + {{- if .Values.metrics.jmx.enabled }} + - name: jmx-config + configMap: + name: {{ include "kafka.metrics.jmx.configmapName" . }} + {{- end }} + {{- if or .Values.tls.zookeeper.enabled (include "kafka.sslEnabled" .) }} + - name: kafka-shared-certs + emptyDir: {} + {{- if and (include "kafka.sslEnabled" .) (or .Values.tls.existingSecret .Values.tls.autoGenerated) }} + - name: kafka-certs + projected: + defaultMode: 256 + sources: + - secret: + name: {{ include "kafka.tlsSecretName" . }} + {{- if .Values.tls.jksTruststoreSecret }} + - secret: + name: {{ .Values.tls.jksTruststoreSecret }} + {{- end }} + {{- end }} + {{- if and .Values.tls.zookeeper.enabled .Values.tls.zookeeper.existingSecret }} + - name: kafka-zookeeper-cert + secret: + secretName: {{ .Values.tls.zookeeper.existingSecret }} + defaultMode: 256 + {{- end }} + {{- end }} + {{- if .Values.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.controller.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.controller.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if not .Values.controller.persistence.enabled }} + - name: data + emptyDir: {} + {{- else if .Values.controller.persistence.existingClaim }} + - name: data + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.controller.persistence.existingClaim .) }} + {{- end }} + {{- if not .Values.controller.logPersistence.enabled }} + - name: logs + emptyDir: {} + {{- else if .Values.controller.logPersistence.existingClaim }} + - name: logs + persistentVolumeClaim: + claimName: {{ printf "%s" (tpl .Values.controller.logPersistence.existingClaim .) }} + {{- end }} + {{- if or (and .Values.controller.persistence.enabled (not .Values.controller.persistence.existingClaim)) (and .Values.controller.logPersistence.enabled (not .Values.controller.logPersistence.existingClaim)) }} + volumeClaimTemplates: + {{- if and .Values.controller.persistence.enabled (not .Values.controller.persistence.existingClaim) }} + - metadata: + name: data + {{- if .Values.controller.persistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.persistence.annotations "context" $) | nindent 10 }} + {{- end }} + {{- if .Values.controller.persistence.labels }} + labels: {{- include "common.tplvalues.render" (dict "value" .Values.controller.persistence.labels "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.controller.persistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.controller.persistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.controller.persistence "global" .Values.global) | nindent 8 }} + {{- if .Values.controller.persistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.controller.persistence.selector "context" $) | nindent 10 }} + {{- end -}} + {{- end }} + {{- if and .Values.controller.logPersistence.enabled (not .Values.controller.logPersistence.existingClaim) }} + - metadata: + name: logs + {{- if .Values.controller.logPersistence.annotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.controller.logPersistence.annotations "context" $) | nindent 10 }} + {{- end }} + spec: + accessModes: + {{- range .Values.controller.logPersistence.accessModes }} + - {{ . | quote }} + {{- end }} + resources: + requests: + storage: {{ .Values.controller.logPersistence.size | quote }} + {{- include "common.storage.class" (dict "persistence" .Values.controller.logPersistence "global" .Values.global) | nindent 8 }} + {{- if .Values.controller.logPersistence.selector }} + selector: {{- include "common.tplvalues.render" (dict "value" .Values.controller.logPersistence.selector "context" $) | nindent 10 }} + {{- end -}} + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-external-access.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-external-access.yaml new file mode 100644 index 0000000000..68f9854c77 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-external-access.yaml @@ -0,0 +1,65 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.kraft.enabled .Values.externalAccess.enabled }} +{{- $fullname := include "common.names.fullname" . }} +{{- if or .Values.externalAccess.controller.forceExpose (not .Values.controller.controllerOnly)}} +{{- $replicaCount := .Values.controller.replicaCount | int }} +{{- range $i := until $replicaCount }} +{{- $targetPod := printf "%s-controller-%d" $fullname $i }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-controller-%d-external" $fullname $i | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" $ | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list $.Values.externalAccess.controller.service.labels $.Values.commonLabels ) "context" $ ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + pod: {{ $targetPod }} + {{- if or $.Values.externalAccess.controller.service.annotations $.Values.commonAnnotations $.Values.externalAccess.controller.service.loadBalancerAnnotations }} + annotations: + {{- if and (not (empty $.Values.externalAccess.controller.service.loadBalancerAnnotations)) (eq (len $.Values.externalAccess.controller.service.loadBalancerAnnotations) $replicaCount) }} + {{ include "common.tplvalues.render" ( dict "value" (index $.Values.externalAccess.controller.service.loadBalancerAnnotations $i) "context" $) | nindent 4 }} + {{- end }} + {{- if or $.Values.externalAccess.controller.service.annotations $.Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list $.Values.externalAccess.controller.service.annotations $.Values.commonAnnotations ) "context" $ ) }} + {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} + {{- end }} +spec: + type: {{ $.Values.externalAccess.controller.service.type }} + {{- if eq $.Values.externalAccess.controller.service.type "LoadBalancer" }} + {{- if and (not (empty $.Values.externalAccess.controller.service.loadBalancerIPs)) (eq (len $.Values.externalAccess.controller.service.loadBalancerIPs) $replicaCount) }} + loadBalancerIP: {{ index $.Values.externalAccess.controller.service.loadBalancerIPs $i }} + {{- end }} + {{- if $.Values.externalAccess.controller.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml $.Values.externalAccess.controller.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + {{- end }} + publishNotReadyAddresses: {{ $.Values.externalAccess.controller.service.publishNotReadyAddresses }} + ports: + - name: tcp-kafka + port: {{ $.Values.externalAccess.controller.service.ports.external }} + {{- if le (add $i 1) (len $.Values.externalAccess.controller.service.nodePorts) }} + nodePort: {{ index $.Values.externalAccess.controller.service.nodePorts $i }} + {{- else }} + nodePort: null + {{- end }} + targetPort: external + {{- if $.Values.externalAccess.controller.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" $.Values.externalAccess.controller.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + {{- if and (eq $.Values.externalAccess.controller.service.type "NodePort") (le (add $i 1) (len $.Values.externalAccess.controller.service.externalIPs)) }} + externalIPs: [{{ index $.Values.externalAccess.controller.service.externalIPs $i | quote }}] + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list $.Values.controller.podLabels $.Values.commonLabels ) "context" $ ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: kafka + app.kubernetes.io/component: controller-eligible + statefulset.kubernetes.io/pod-name: {{ $targetPod }} +--- +{{- end }} +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-headless.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-headless.yaml new file mode 100644 index 0000000000..7d862254f6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/controller-eligible/svc-headless.yaml @@ -0,0 +1,46 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- if and .Values.kraft.enabled (gt $replicaCount 0) }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-controller-headless" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" . | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.headless.controller.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka + {{- if or .Values.service.headless.controller.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.headless.controller.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + {{- if or (not .Values.kraft.enabled) (not .Values.controller.controllerOnly) }} + - name: tcp-interbroker + port: {{ .Values.service.ports.interbroker }} + protocol: TCP + targetPort: interbroker + - name: tcp-client + port: {{ .Values.service.ports.client }} + protocol: TCP + targetPort: client + {{- end }} + {{- if .Values.kraft.enabled }} + - name: tcp-controller + protocol: TCP + port: {{ .Values.service.ports.controller }} + targetPort: controller + {{- end }} + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.controller.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: controller-eligible + app.kubernetes.io/part-of: kafka +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/extra-list.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/extra-list.yaml new file mode 100644 index 0000000000..2d35a580e8 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/extra-list.yaml @@ -0,0 +1,9 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- range .Values.extraDeploy }} +--- +{{ include "common.tplvalues.render" (dict "value" . "context" $) }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/log4j-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/log4j-configmap.yaml new file mode 100644 index 0000000000..6d631f09d1 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/log4j-configmap.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.log4j (not .Values.existingLog4jConfigMap) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-log4j-configuration" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + log4j.properties: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.log4j "context" $ ) | nindent 4 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/deployment.yaml new file mode 100644 index 0000000000..b32b36f91e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/deployment.yaml @@ -0,0 +1,174 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.kafka.enabled }} +{{- $releaseNamespace := include "common.names.namespace" . -}} +{{- $clusterDomain := .Values.clusterDomain -}} +{{- $fullname := include "common.names.fullname" . -}} +{{- $containerPort := int .Values.listeners.client.containerPort -}} +apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} +kind: Deployment +metadata: + name: {{ include "kafka.metrics.kafka.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: cluster-metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + replicas: 1 + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.podLabels .Values.commonLabels $versionLabel ) "context" . ) }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 6 }} + app.kubernetes.io/component: cluster-metrics + template: + metadata: + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/component: cluster-metrics + {{- if .Values.metrics.kafka.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + {{- include "kafka.imagePullSecrets" . | nindent 6 }} + {{- if .Values.metrics.kafka.hostAliases }} + hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.hostAliases "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.kafka.affinity }} + affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.kafka.affinity "context" $) | nindent 8 }} + {{- else }} + affinity: + podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.metrics.kafka.podAffinityPreset "component" "cluster-metrics" "customLabels" $podLabels "context" $) | nindent 10 }} + podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.metrics.kafka.podAntiAffinityPreset "component" "cluster-metrics" "customLabels" $podLabels "context" $) | nindent 10 }} + nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.metrics.kafka.nodeAffinityPreset.type "key" .Values.metrics.kafka.nodeAffinityPreset.key "values" .Values.metrics.kafka.nodeAffinityPreset.values) | nindent 10 }} + {{- end }} + {{- if .Values.metrics.kafka.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.kafka.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.kafka.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.kafka.topologySpreadConstraints }} + topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.topologySpreadConstraints "context" .) | nindent 8 }} + {{- end }} + {{- if .Values.metrics.kafka.priorityClassName }} + priorityClassName: {{ .Values.metrics.kafka.priorityClassName }} + {{- end }} + {{- if .Values.metrics.kafka.schedulerName }} + schedulerName: {{ .Values.metrics.kafka.schedulerName }} + {{- end }} + {{- if .Values.metrics.kafka.podSecurityContext.enabled }} + securityContext: {{- omit .Values.metrics.kafka.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + serviceAccountName: {{ template "kafka.metrics.kafka.serviceAccountName" . }} + enableServiceLinks: {{ .Values.metrics.kafka.enableServiceLinks }} + {{- if .Values.metrics.kafka.initContainers }} + initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.initContainers "context" $) | nindent 8 }} + {{- end }} + containers: + - name: kafka-exporter + image: {{ include "kafka.metrics.kafka.image" . }} + imagePullPolicy: {{ .Values.metrics.kafka.image.pullPolicy | quote }} + {{- if .Values.metrics.kafka.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.metrics.kafka.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.metrics.kafka.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.command "context" $) | nindent 12 }} + {{- else }} + command: + - bash + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.metrics.kafka.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.args "context" $) | nindent 12 }} + {{- else }} + args: + - -ce + - | + kafka_exporter \ + {{- range $i := until (int .Values.controller.replicaCount) }} + --kafka.server={{ $fullname }}-controller-{{ $i }}.{{ $fullname }}-controller-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ $containerPort }} \ + {{- end }} + {{- range $i := until (int .Values.broker.replicaCount) }} + --kafka.server={{ $fullname }}-broker-{{ $i }}.{{ $fullname }}-broker-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}:{{ $containerPort }} \ + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.client.protocol) }} + --sasl.enabled \ + --sasl.username=$SASL_USERNAME \ + --sasl.password=$SASL_USER_PASSWORD \ + --sasl.mechanism={{ include "kafka.metrics.kafka.saslMechanism" . }} \ + {{- end }} + {{- if regexFind "SSL" (upper .Values.listeners.client.protocol) }} + --tls.enabled \ + {{- if .Values.metrics.kafka.certificatesSecret }} + --tls.key-file=/opt/bitnami/kafka-exporter/certs/{{ .Values.metrics.kafka.tlsKey }} \ + --tls.cert-file=/opt/bitnami/kafka-exporter/certs/{{ .Values.metrics.kafka.tlsCert }} \ + {{- if .Values.metrics.kafka.tlsCaSecret }} + --tls.ca-file=/opt/bitnami/kafka-exporter/cacert/{{ .Values.metrics.kafka.tlsCaCert }} \ + {{- else }} + --tls.ca-file=/opt/bitnami/kafka-exporter/certs/{{ .Values.metrics.kafka.tlsCaCert }} \ + {{- end }} + {{- end }} + {{- end }} + {{- range $key, $value := .Values.metrics.kafka.extraFlags }} + --{{ $key }}{{ if $value }}={{ $value }}{{ end }} \ + {{- end }} + --web.listen-address=:{{ .Values.metrics.kafka.containerPorts.metrics }} + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.client.protocol) }} + env: + - name: SASL_USERNAME + value: {{ index .Values.sasl.client.users 0 | quote }} + - name: SASL_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: system-user-password + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.metrics.kafka.containerPorts.metrics }} + {{- if .Values.metrics.kafka.resources }} + resources: {{ toYaml .Values.metrics.kafka.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if .Values.metrics.kafka.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if and (regexFind "SSL" (upper .Values.listeners.client.protocol)) .Values.metrics.kafka.certificatesSecret }} + - name: kafka-exporter-certificates + mountPath: /opt/bitnami/kafka-exporter/certs/ + readOnly: true + {{- if .Values.metrics.kafka.tlsCaSecret }} + - name: kafka-exporter-ca-certificate + mountPath: /opt/bitnami/kafka-exporter/cacert/ + readOnly: true + {{- end }} + {{- end }} + {{- if .Values.metrics.kafka.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if .Values.metrics.kafka.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.kafka.extraVolumes "context" $) | nindent 8 }} + {{- end }} + {{- if and (regexFind "SSL" (upper .Values.listeners.client.protocol)) .Values.metrics.kafka.certificatesSecret }} + - name: kafka-exporter-certificates + secret: + secretName: {{ .Values.metrics.kafka.certificatesSecret }} + defaultMode: 0440 + {{- if .Values.metrics.kafka.tlsCaSecret }} + - name: kafka-exporter-ca-certificate + secret: + secretName: {{ .Values.metrics.kafka.tlsCaSecret }} + defaultMode: 0440 + {{- end }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-configmap.yaml new file mode 100644 index 0000000000..64fad25651 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-configmap.yaml @@ -0,0 +1,70 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "kafka.metrics.jmx.createConfigmap" .) }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-jmx-configuration" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + jmx-kafka-prometheus.yml: |- + {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.jmx.config "context" $ ) | nindent 4 }} + rules: + - pattern: kafka.controller<>(Value) + name: kafka_controller_$1_$2_$4 + labels: + broker_id: "$3" + - pattern: kafka.controller<>(Value) + name: kafka_controller_$1_$2_$3 + - pattern: kafka.controller<>(Value) + name: kafka_controller_$1_$2_$3 + - pattern: kafka.controller<>(Count) + name: kafka_controller_$1_$2_$3 + - pattern : kafka.network<>(Value) + name: kafka_network_$1_$2_$4 + labels: + network_processor: $3 + - pattern : kafka.network<>(Count|Value) + name: kafka_network_$1_$2_$4 + labels: + request: $3 + - pattern : kafka.network<>(Count|Value) + name: kafka_network_$1_$2_$3 + - pattern : kafka.network<>(Count|Value) + name: kafka_network_$1_$2_$3 + - pattern: kafka.server<>(Count|OneMinuteRate) + name: kafka_server_$1_$2_$4 + labels: + topic: $3 + - pattern: kafka.server<>(Value) + name: kafka_server_$1_$2_$4 + labels: + client_id: "$3" + - pattern: kafka.server<>(Value) + name: kafka_server_$1_$2_$3_$4 + - pattern: kafka.server<>(Count|Value|OneMinuteRate) + name: kafka_server_$1_total_$2_$3 + - pattern: kafka.server<>(queue-size) + name: kafka_server_$1_$2 + - pattern: java.lang<(.+)>(\w+) + name: java_lang_$1_$4_$3_$2 + - pattern: java.lang<>(\w+) + name: java_lang_$1_$3_$2 + - pattern : java.lang + - pattern: kafka.log<>Value + name: kafka_log_$1_$2 + labels: + topic: $3 + partition: $4 + {{- if .Values.metrics.jmx.extraRules }} + {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.jmx.extraRules "context" $ ) | nindent 6 }} + {{- end }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-servicemonitor.yaml new file mode 100644 index 0000000000..13ca96c1ec --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-servicemonitor.yaml @@ -0,0 +1,49 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.jmx.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ printf "%s-jmx-metrics" (include "common.names.fullname" .) }} + namespace: {{ default (include "common.names.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + {{- end }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + {{- if .Values.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + app.kubernetes.io/component: metrics + endpoints: + - port: http-metrics + path: "/" + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-svc.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-svc.yaml new file mode 100644 index 0000000000..0b123c2d0d --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/jmx-svc.yaml @@ -0,0 +1,31 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.jmx.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-jmx-metrics" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if or .Values.metrics.jmx.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.jmx.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + sessionAffinity: {{ .Values.metrics.jmx.service.sessionAffinity }} + {{- if .Values.metrics.jmx.service.clusterIP }} + clusterIP: {{ .Values.metrics.jmx.service.clusterIP }} + {{- end }} + ports: + - name: http-metrics + port: {{ .Values.metrics.jmx.service.ports.metrics }} + protocol: TCP + targetPort: metrics + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: kafka +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/prometheusrule.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/prometheusrule.yaml new file mode 100644 index 0000000000..f59f300253 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/prometheusrule.yaml @@ -0,0 +1,21 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and (or .Values.metrics.kafka.enabled .Values.metrics.jmx.enabled) .Values.metrics.prometheusRule.enabled .Values.metrics.prometheusRule.groups }} +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ default (include "common.names.namespace" .) .Values.metrics.prometheusRule.namespace }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.prometheusRule.labels .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" .) | nindent 4 }} + {{- end }} +spec: + groups: {{- include "common.tplvalues.render" (dict "value" .Values.metrics.prometheusRule.groups "context" .) | nindent 4 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/serviceaccount.yaml new file mode 100644 index 0000000000..bd3c0a10c9 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/serviceaccount.yaml @@ -0,0 +1,20 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.kafka.enabled .Values.metrics.kafka.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kafka.metrics.kafka.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: cluster-metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.metrics.kafka.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/servicemonitor.yaml new file mode 100644 index 0000000000..1f64b9bbab --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/servicemonitor.yaml @@ -0,0 +1,50 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.metrics.kafka.enabled .Values.metrics.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) }} + namespace: {{ default (include "common.names.namespace" .) .Values.metrics.serviceMonitor.namespace | quote }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.serviceMonitor.labels .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: cluster-metrics + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + {{- if .Values.metrics.serviceMonitor.jobLabel }} + jobLabel: {{ .Values.metrics.serviceMonitor.jobLabel }} + {{- end }} + selector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + {{- if .Values.metrics.serviceMonitor.selector }} + {{- include "common.tplvalues.render" (dict "value" .Values.metrics.serviceMonitor.selector "context" $) | nindent 6 }} + {{- end }} + app.kubernetes.io/component: cluster-metrics + endpoints: + - port: http-metrics + path: "/metrics" + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.relabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- include "common.tplvalues.render" ( dict "value" .Values.metrics.serviceMonitor.metricRelabelings "context" $) | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "common.names.namespace" . }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/svc.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/svc.yaml new file mode 100644 index 0000000000..eed033e831 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/metrics/svc.yaml @@ -0,0 +1,34 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.metrics.kafka.enabled }} +apiVersion: v1 +kind: Service +metadata: + name: {{ printf "%s-metrics" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }} + namespace: {{ include "common.names.namespace" . | quote }} + {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.metrics.kafka.image "chart" .Chart ) ) }} + {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.commonLabels $versionLabel ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: cluster-metrics + {{- if or .Values.metrics.kafka.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: ClusterIP + sessionAffinity: {{ .Values.metrics.kafka.service.sessionAffinity }} + {{- if .Values.metrics.kafka.service.clusterIP }} + clusterIP: {{ .Values.metrics.kafka.service.clusterIP }} + {{- end }} + ports: + - name: http-metrics + port: {{ .Values.metrics.kafka.service.ports.metrics }} + protocol: TCP + targetPort: metrics + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.metrics.kafka.podLabels .Values.commonLabels ) "context" . ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: cluster-metrics +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-egress.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-egress.yaml new file mode 100644 index 0000000000..47b8ec1d00 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-egress.yaml @@ -0,0 +1,23 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.networkPolicy.enabled .Values.networkPolicy.egressRules.customRules }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ printf "%s-egress" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + policyTypes: + - Egress + egress: + {{- include "common.tplvalues.render" (dict "value" .Values.networkPolicy.egressRules.customRules "context" $) | nindent 4 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-ingress.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-ingress.yaml new file mode 100644 index 0000000000..47314bfcc6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/network-policy/networkpolicy-ingress.yaml @@ -0,0 +1,53 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.networkPolicy.enabled }} +kind: NetworkPolicy +apiVersion: {{ include "common.capabilities.networkPolicy.apiVersion" . }} +metadata: + name: {{ printf "%s-ingress" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 6 }} + policyTypes: + - Ingress + ingress: + # Allow client connections + - ports: + - port: {{ .Values.listeners.client.containerPort }} + {{- if not .Values.networkPolicy.allowExternal }} + from: + - podSelector: + matchLabels: + {{ template "common.names.fullname" . }}-client: "true" + {{- if .Values.networkPolicy.explicitNamespacesSelector }} + namespaceSelector: {{- toYaml .Values.networkPolicy.explicitNamespacesSelector | nindent 12 }} + {{- end }} + {{- end }} + # Allow communication inter-broker + - ports: + - port: {{ .Values.listeners.interbroker.containerPort }} + from: + - podSelector: + matchLabels: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 14 }} + # Allow External connection + {{- if .Values.externalAccess.enabled }} + - ports: + - port: {{ .Values.listeners.external.containerPort }} + {{- if .Values.networkPolicy.externalAccess.from }} + from: {{- include "common.tplvalues.render" ( dict "value" .Values.networkPolicy.externalAccess.from "context" $ ) | nindent 8 }} + {{- end }} + {{- end }} + {{- if .Values.metrics.kafka.enabled }} + # Allow prometheus scrapes + - ports: + - port: {{ .Values.metrics.kafka.containerPorts.metrics }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/job.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/job.yaml new file mode 100644 index 0000000000..82c83eb927 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/job.yaml @@ -0,0 +1,283 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.provisioning.enabled }} +kind: Job +apiVersion: batch/v1 +metadata: + name: {{ printf "%s-provisioning" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka-provisioning + annotations: + helm.sh/hook: post-install,post-upgrade + helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + {{- if .Values.commonAnnotations }} + {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +spec: + template: + metadata: + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.provisioning.podLabels .Values.commonLabels ) "context" . ) }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $podLabels "context" $ ) | nindent 8 }} + app.kubernetes.io/component: kafka-provisioning + {{- if .Values.provisioning.podAnnotations }} + annotations: {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.podAnnotations "context" $) | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ template "kafka.provisioning.serviceAccountName" . }} + enableServiceLinks: {{ .Values.provisioning.enableServiceLinks }} + {{- include "kafka.imagePullSecrets" . | nindent 6 }} + {{- if .Values.provisioning.schedulerName }} + schedulerName: {{ .Values.provisioning.schedulerName | quote }} + {{- end }} + {{- if .Values.provisioning.podSecurityContext.enabled }} + securityContext: {{- omit .Values.provisioning.podSecurityContext "enabled" | toYaml | nindent 8 }} + {{- end }} + restartPolicy: OnFailure + terminationGracePeriodSeconds: 0 + {{- if .Values.provisioning.nodeSelector }} + nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.provisioning.nodeSelector "context" $) | nindent 8 }} + {{- end }} + {{- if .Values.provisioning.tolerations }} + tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.tolerations "context" .) | nindent 8 }} + {{- end }} + {{- if or .Values.provisioning.initContainers .Values.provisioning.waitForKafka }} + initContainers: + {{- if .Values.provisioning.waitForKafka }} + - name: wait-for-available-kafka + image: {{ include "kafka.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.provisioning.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.provisioning.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + command: + - /bin/bash + args: + - -ec + - | + wait-for-port \ + --host={{ include "common.names.fullname" . }} \ + --state=inuse \ + --timeout=120 \ + {{ .Values.service.ports.client | int64 }}; + echo "Kafka is available"; + {{- if .Values.provisioning.resources }} + resources: {{- toYaml .Values.provisioning.resources | nindent 12 }} + {{- end }} + {{- end }} + {{- if .Values.provisioning.initContainers }} + {{- include "common.tplvalues.render" ( dict "value" .Values.provisioning.initContainers "context" $ ) | nindent 8 }} + {{- end }} + {{- end }} + containers: + - name: kafka-provisioning + image: {{ include "kafka.image" . }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.provisioning.containerSecurityContext.enabled }} + securityContext: {{- omit .Values.provisioning.containerSecurityContext "enabled" | toYaml | nindent 12 }} + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }} + {{- else if .Values.provisioning.command }} + command: {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.command "context" $) | nindent 12 }} + {{- else }} + command: + - /bin/bash + {{- end }} + {{- if .Values.diagnosticMode.enabled }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} + {{- else if .Values.provisioning.args }} + args: {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.args "context" $) | nindent 12 }} + {{- else }} + args: + - -ec + - | + echo "Configuring environment" + . /opt/bitnami/scripts/libkafka.sh + export CLIENT_CONF="${CLIENT_CONF:-/tmp/client.properties}" + if [ ! -f "$CLIENT_CONF" ]; then + touch $CLIENT_CONF + + kafka_common_conf_set "$CLIENT_CONF" security.protocol {{ .Values.listeners.client.protocol | quote }} + {{- if (regexFind "SSL" (upper .Values.listeners.client.protocol)) }} + kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.type {{ upper .Values.provisioning.auth.tls.type | quote }} + kafka_common_conf_set "$CLIENT_CONF" ssl.truststore.type {{ upper .Values.provisioning.auth.tls.type | quote }} + ! is_empty_value "$KAFKA_CLIENT_KEY_PASSWORD" && kafka_common_conf_set "$CLIENT_CONF" ssl.key.password "$KAFKA_CLIENT_KEY_PASSWORD" + {{- if eq (upper .Values.provisioning.auth.tls.type) "PEM" }} + {{- if .Values.provisioning.auth.tls.caCert }} + file_to_multiline_property() { + awk 'NR > 1{print line" \\"}{line=$0;}END{print $0" "}' <"${1:?missing file}" + } + kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.key "$(file_to_multiline_property "/certs/{{ .Values.provisioning.auth.tls.key }}")" + kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.certificate.chain "$(file_to_multiline_property "/certs/{{ .Values.provisioning.auth.tls.cert }}")" + kafka_common_conf_set "$CLIENT_CONF" ssl.truststore.certificates "$(file_to_multiline_property "/certs/{{ .Values.provisioning.auth.tls.caCert }}")" + {{- else }} + kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.location "/certs/{{ .Values.provisioning.auth.tls.keystore }}" + kafka_common_conf_set "$CLIENT_CONF" ssl.truststore.location "/certs/{{ .Values.provisioning.auth.tls.truststore }}" + {{- end }} + {{- else if eq (upper .Values.provisioning.auth.tls.type) "JKS" }} + kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.location "/certs/{{ .Values.provisioning.auth.tls.keystore }}" + kafka_common_conf_set "$CLIENT_CONF" ssl.truststore.location "/certs/{{ .Values.provisioning.auth.tls.truststore }}" + ! is_empty_value "$KAFKA_CLIENT_KEYSTORE_PASSWORD" && kafka_common_conf_set "$CLIENT_CONF" ssl.keystore.password "$KAFKA_CLIENT_KEYSTORE_PASSWORD" + ! is_empty_value "$KAFKA_CLIENT_TRUSTSTORE_PASSWORD" && kafka_common_conf_set "$CLIENT_CONF" ssl.truststore.password "$KAFKA_CLIENT_TRUSTSTORE_PASSWORD" + {{- end }} + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.client.protocol) }} + {{- if regexFind "PLAIN" ( upper .Values.sasl.enabledMechanisms) }} + kafka_common_conf_set "$CLIENT_CONF" sasl.mechanism PLAIN + kafka_common_conf_set "$CLIENT_CONF" sasl.jaas.config "org.apache.kafka.common.security.plain.PlainLoginModule required username=\"$SASL_USERNAME\" password=\"$SASL_USER_PASSWORD\";" + {{- else if regexFind "SCRAM-SHA-256" ( upper .Values.sasl.enabledMechanisms) }} + kafka_common_conf_set "$CLIENT_CONF" sasl.mechanism SCRAM-SHA-256 + kafka_common_conf_set "$CLIENT_CONF" sasl.jaas.config "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"$SASL_USERNAME\" password=\"$SASL_USER_PASSWORD\";" + {{- else if regexFind "SCRAM-SHA-512" ( upper .Values.sasl.enabledMechanisms) }} + kafka_common_conf_set "$CLIENT_CONF" sasl.mechanism SCRAM-SHA-512 + kafka_common_conf_set "$CLIENT_CONF" sasl.jaas.config "org.apache.kafka.common.security.scram.ScramLoginModule required username=\"$SASL_USERNAME\" password=\"$SASL_USER_PASSWORD\";" + {{- else if regexFind "OAUTHBEARER" ( upper .Values.sasl.enabledMechanisms) }} + kafka_common_conf_set "$CLIENT_CONF" sasl.mechanism OAUTHBEARER + kafka_common_conf_set "$CLIENT_CONF" sasl.jaas.config "org.apache.kafka.common.security.oauthbearer.OAuthBearerLoginModule required clientId=\"$SASL_CLIENT_ID\" password=\"$SASL_CLIENT_SECRET\";" + kafka_common_conf_set "$CLIENT_CONF" sasl.login.callback.handler.class "org.apache.kafka.common.security.oauthbearer.secured.OAuthBearerLoginCallbackHandler" + kafka_common_conf_set "$CLIENT_CONF" sasl.oauthbearer.token.endpoint.url {{ .Values.sasl.oauthbearer.tokenEndpointUrl | quote }} + {{- end }} + {{- end }} + fi + + echo "Running pre-provisioning script if any given" + {{ .Values.provisioning.preScript | nindent 14 }} + + kafka_provisioning_commands=( + {{- range $topic := .Values.provisioning.topics }} + "/opt/bitnami/kafka/bin/kafka-topics.sh \ + --create \ + --if-not-exists \ + --bootstrap-server ${KAFKA_SERVICE} \ + --replication-factor {{ $topic.replicationFactor | default $.Values.provisioning.replicationFactor }} \ + --partitions {{ $topic.partitions | default $.Values.provisioning.numPartitions }} \ + {{- range $name, $value := $topic.config }} + --config {{ $name }}={{ $value }} \ + {{- end }} + --command-config ${CLIENT_CONF} \ + --topic {{ $topic.name }}" + {{- end }} + {{- range $command := .Values.provisioning.extraProvisioningCommands }} + {{- $command | quote | nindent 16 }} + {{- end }} + ) + + echo "Starting provisioning" + for ((index=0; index < ${#kafka_provisioning_commands[@]}; index+={{ .Values.provisioning.parallel }})) + do + for j in $(seq ${index} $((${index}+{{ .Values.provisioning.parallel }}-1))) + do + ${kafka_provisioning_commands[j]} & # Async command + done + wait # Wait the end of the jobs + done + + echo "Running post-provisioning script if any given" + {{ .Values.provisioning.postScript | nindent 14 }} + + echo "Provisioning succeeded" + {{- end }} + env: + - name: BITNAMI_DEBUG + value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} + {{- if (regexFind "SSL" (upper .Values.listeners.client.protocol)) }} + - name: KAFKA_CLIENT_KEY_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "kafka.client.passwordsSecretName" . }} + key: {{ .Values.provisioning.auth.tls.keyPasswordSecretKey }} + - name: KAFKA_CLIENT_KEYSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "kafka.client.passwordsSecretName" . }} + key: {{ .Values.provisioning.auth.tls.keystorePasswordSecretKey }} + - name: KAFKA_CLIENT_TRUSTSTORE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "kafka.client.passwordsSecretName" . }} + key: {{ .Values.provisioning.auth.tls.truststorePasswordSecretKey }} + {{- end }} + - name: KAFKA_SERVICE + value: {{ printf "%s:%d" (include "common.names.fullname" .) (.Values.service.ports.client | int64) }} + {{- if regexFind "SASL" (upper .Values.listeners.client.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + - name: SASL_USERNAME + value: {{ index .Values.sasl.client.users 0 | quote }} + - name: SASL_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: system-user-password + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + - name: SASL_CLIENT_ID + value: {{ .Values.sasl.interbroker.clientId | quote }} + - name: SASL_USER_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "kafka.saslSecretName" . }} + key: inter-broker-client-secret + {{- end }} + {{- end }} + {{- if .Values.provisioning.extraEnvVars }} + {{- include "common.tplvalues.render" ( dict "value" .Values.provisioning.extraEnvVars "context" $) | nindent 12 }} + {{- end }} + {{- if or .Values.provisioning.extraEnvVarsCM .Values.provisioning.extraEnvVarsSecret }} + envFrom: + {{- if .Values.provisioning.extraEnvVarsCM }} + - configMapRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.provisioning.extraEnvVarsCM "context" $) }} + {{- end }} + {{- if .Values.provisioning.extraEnvVarsSecret }} + - secretRef: + name: {{ include "common.tplvalues.render" (dict "value" .Values.provisioning.extraEnvVarsSecret "context" $) }} + {{- end }} + {{- end }} + {{- if .Values.provisioning.resources }} + resources: {{- toYaml .Values.provisioning.resources | nindent 12 }} + {{- end }} + volumeMounts: + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + mountPath: /opt/bitnami/kafka/config/log4j.properties + subPath: log4j.properties + {{- end }} + {{- if (regexFind "SSL" (upper .Values.listeners.client.protocol)) }} + {{- if not (empty .Values.provisioning.auth.tls.certificatesSecret) }} + - name: kafka-client-certs + mountPath: /certs + readOnly: true + {{- end }} + {{- end }} + - name: tmp + mountPath: /tmp + {{- if .Values.provisioning.extraVolumeMounts }} + {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.extraVolumeMounts "context" $) | nindent 12 }} + {{- end }} + {{- if .Values.provisioning.sidecars }} + {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.sidecars "context" $) | nindent 8 }} + {{- end }} + volumes: + {{- if or .Values.log4j .Values.existingLog4jConfigMap }} + - name: log4j-config + configMap: + name: {{ include "kafka.log4j.configMapName" . }} + {{- end }} + {{- if (regexFind "SSL" (upper .Values.listeners.client.protocol)) }} + {{- if not (empty .Values.provisioning.auth.tls.certificatesSecret) }} + - name: kafka-client-certs + secret: + secretName: {{ .Values.provisioning.auth.tls.certificatesSecret }} + defaultMode: 256 + {{- end }} + {{- end }} + - name: tmp + emptyDir: {} + {{- if .Values.provisioning.extraVolumes }} + {{- include "common.tplvalues.render" (dict "value" .Values.provisioning.extraVolumes "context" $) | nindent 8 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/serviceaccount.yaml new file mode 100644 index 0000000000..dbc1776e50 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/serviceaccount.yaml @@ -0,0 +1,17 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.provisioning.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kafka.provisioning.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.provisioning.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/tls-secret.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/tls-secret.yaml new file mode 100644 index 0000000000..2da219d189 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/provisioning/tls-secret.yaml @@ -0,0 +1,21 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if and .Values.provisioning.enabled (regexFind "SSL" (upper .Values.listeners.client.protocol)) (not .Values.provisioning.auth.tls.passwordsSecret) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "kafka.client.passwordsSecretName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + truststore-password: {{ default "" .Values.provisioning.auth.tls.keystorePassword | b64enc | quote }} + keystore-password: {{ default "" .Values.provisioning.auth.tls.truststorePassword | b64enc | quote }} + key-password: {{ default "" .Values.provisioning.auth.tls.keyPassword | b64enc | quote }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/role.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/role.yaml new file mode 100644 index 0000000000..3c55fd757a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/role.yaml @@ -0,0 +1,26 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.rbac.create }} +apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} +kind: Role +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/rolebinding.yaml new file mode 100644 index 0000000000..ef6b4b10b4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/rolebinding.yaml @@ -0,0 +1,25 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.rbac.create }} +apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} +kind: RoleBinding +metadata: + name: {{ include "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +roleRef: + kind: Role + name: {{ include "common.names.fullname" . }} + apiGroup: rbac.authorization.k8s.io +subjects: + - kind: ServiceAccount + name: {{ template "kafka.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/serviceaccount.yaml new file mode 100644 index 0000000000..6b5166e4a2 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/rbac/serviceaccount.yaml @@ -0,0 +1,19 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.serviceAccount.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "kafka.serviceAccountName" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.serviceAccount.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/scripts-configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/scripts-configmap.yaml new file mode 100644 index 0000000000..4e9a9c9cc4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/scripts-configmap.yaml @@ -0,0 +1,373 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- $releaseNamespace := include "common.names.namespace" . }} +{{- $fullname := include "common.names.fullname" . }} +{{- $clusterDomain := .Values.clusterDomain }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ printf "%s-scripts" $fullname }} + namespace: {{ $releaseNamespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +data: + {{- if .Values.externalAccess.autoDiscovery.enabled }} + auto-discovery.sh: |- + #!/bin/bash + SVC_NAME="${MY_POD_NAME}-external" + AUTODISCOVERY_SERVICE_TYPE="${AUTODISCOVERY_SERVICE_TYPE:-}" + # Auxiliary functions + retry_while() { + local -r cmd="${1:?cmd is missing}" + local -r retries="${2:-12}" + local -r sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<< "$cmd" + for ((i = 1 ; i <= retries ; i+=1 )); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value + } + k8s_svc_lb_ip() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + local service_ip=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].ip}") + local service_hostname=$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.status.loadBalancer.ingress[0].hostname}") + + if [[ -n ${service_ip} ]]; then + echo "${service_ip}" + else + echo "${service_hostname}" + fi + } + k8s_svc_lb_ip_ready() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + [[ -n "$(k8s_svc_lb_ip "$namespace" "$service")" ]] + } + k8s_svc_node_port() { + local namespace=${1:?namespace is missing} + local service=${2:?service is missing} + local index=${3:-0} + local node_port="$(kubectl get svc "$service" -n "$namespace" -o jsonpath="{.spec.ports[$index].nodePort}")" + echo "$node_port" + } + + if [[ "$AUTODISCOVERY_SERVICE_TYPE" = "LoadBalancer" ]]; then + # Wait until LoadBalancer IP is ready + retry_while "k8s_svc_lb_ip_ready {{ $releaseNamespace }} $SVC_NAME" || exit 1 + # Obtain LoadBalancer external IP + k8s_svc_lb_ip "{{ $releaseNamespace }}" "$SVC_NAME" | tee "/shared/external-host.txt" + elif [[ "$AUTODISCOVERY_SERVICE_TYPE" = "NodePort" ]]; then + k8s_svc_node_port "{{ $releaseNamespace }}" "$SVC_NAME" | tee "/shared/external-port.txt" + else + echo "Unsupported autodiscovery service type: '$AUTODISCOVERY_SERVICE_TYPE'" + exit 1 + fi + {{- end }} + kafka-init.sh: |- + #!/bin/bash + + set -o errexit + set -o nounset + set -o pipefail + + error(){ + local message="${1:?missing message}" + echo "ERROR: ${message}" + exit 1 + } + + retry_while() { + local -r cmd="${1:?cmd is missing}" + local -r retries="${2:-12}" + local -r sleep_time="${3:-5}" + local return_value=1 + + read -r -a command <<< "$cmd" + for ((i = 1 ; i <= retries ; i+=1 )); do + "${command[@]}" && return_value=0 && break + sleep "$sleep_time" + done + return $return_value + } + + replace_in_file() { + local filename="${1:?filename is required}" + local match_regex="${2:?match regex is required}" + local substitute_regex="${3:?substitute regex is required}" + local posix_regex=${4:-true} + + local result + + # We should avoid using 'sed in-place' substitutions + # 1) They are not compatible with files mounted from ConfigMap(s) + # 2) We found incompatibility issues with Debian10 and "in-place" substitutions + local -r del=$'\001' # Use a non-printable character as a 'sed' delimiter to avoid issues + if [[ $posix_regex = true ]]; then + result="$(sed -E "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" + else + result="$(sed "s${del}${match_regex}${del}${substitute_regex}${del}g" "$filename")" + fi + echo "$result" > "$filename" + } + + kafka_conf_set() { + local file="${1:?missing file}" + local key="${2:?missing key}" + local value="${3:?missing value}" + + # Check if the value was set before + if grep -q "^[#\\s]*$key\s*=.*" "$file"; then + # Update the existing key + replace_in_file "$file" "^[#\\s]*${key}\s*=.*" "${key}=${value}" false + else + # Add a new key + printf '\n%s=%s' "$key" "$value" >>"$file" + fi + } + + replace_placeholder() { + local placeholder="${1:?missing placeholder value}" + local password="${2:?missing password value}" + sed -i "s/$placeholder/$password/g" "$KAFKA_CONFIG_FILE" + } + + append_file_to_kafka_conf() { + local file="${1:?missing source file}" + local conf="${2:?missing kafka conf file}" + + cat "$1" >> "$2" + } + + configure_external_access() { + # Configure external hostname + if [[ -f "/shared/external-host.txt" ]]; then + host=$(cat "/shared/external-host.txt") + elif [[ -n "${EXTERNAL_ACCESS_HOST:-}" ]]; then + host="$EXTERNAL_ACCESS_HOST" + elif [[ -n "${EXTERNAL_ACCESS_HOSTS_LIST:-}" ]]; then + read -r -a hosts <<<"$(tr ',' ' ' <<<"${EXTERNAL_ACCESS_HOSTS_LIST}")" + host="${hosts[$POD_ID]}" + elif [[ "$EXTERNAL_ACCESS_HOST_USE_PUBLIC_IP" =~ ^(yes|true)$ ]]; then + host=$(curl -s https://ipinfo.io/ip) + else + error "External access hostname not provided" + fi + + # Configure external port + if [[ -f "/shared/external-port.txt" ]]; then + port=$(cat "/shared/external-port.txt") + elif [[ -n "${EXTERNAL_ACCESS_PORT:-}" ]]; then + if [[ "${EXTERNAL_ACCESS_PORT_AUTOINCREMENT:-}" =~ ^(yes|true)$ ]]; then + port="$((EXTERNAL_ACCESS_PORT + POD_ID))" + else + port="$EXTERNAL_ACCESS_PORT" + fi + elif [[ -n "${EXTERNAL_ACCESS_PORTS_LIST:-}" ]]; then + read -r -a ports <<<"$(tr ',' ' ' <<<"${EXTERNAL_ACCESS_PORTS_LIST}")" + port="${ports[$POD_ID]}" + else + error "External access port not provided" + fi + # Configure Kafka advertised listeners + sed -i -E "s|^(advertised\.listeners=\S+)$|\1,{{ upper .Values.listeners.external.name }}://${host}:${port}|" "$KAFKA_CONFIG_FILE" + } + {{- if (include "kafka.sslEnabled" .) }} + configure_kafka_tls() { + # Remove previously existing keystores and certificates, if any + rm -f /certs/kafka.keystore.jks /certs/kafka.truststore.jks + rm -f /certs/tls.crt /certs/tls.key /certs/ca.crt + find /certs -name "xx*" -exec rm {} \; + if [[ "${KAFKA_TLS_TYPE}" = "PEM" ]]; then + # Copy PEM certificate and key + if [[ -f "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.crt" && "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.key" ]]; then + cp "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.crt" /certs/tls.crt + # Copy the PEM key ensuring the key used PEM format with PKCS#8 + openssl pkcs8 -topk8 -nocrypt -in "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.key" > /certs/tls.key + elif [[ -f /mounted-certs/kafka.crt && -f /mounted-certs/kafka.key ]]; then + cp "/mounted-certs/kafka.crt" /certs/tls.crt + # Copy the PEM key ensuring the key used PEM format with PKCS#8 + openssl pkcs8 -topk8 -nocrypt -in "/mounted-certs/kafka.key" > /certs/tls.key + elif [[ -f /mounted-certs/tls.crt && -f /mounted-certs/tls.key ]]; then + cp "/mounted-certs/tls.crt" /certs/tls.crt + # Copy the PEM key ensuring the key used PEM format with PKCS#8 + openssl pkcs8 -topk8 -nocrypt -in "/mounted-certs/tls.key" > /certs/tls.key + else + error "PEM key and cert files not found" + fi + + {{- if not .Values.tls.pemChainIncluded }} + # Copy CA certificate + if [[ -f /mounted-certs/kafka-ca.crt ]]; then + cp /mounted-certs/kafka-ca.crt /certs/ca.crt + elif [[ -f /mounted-certs/ca.crt ]]; then + cp /mounted-certs/ca.crt /certs/ca.crt + else + error "CA certificate file not found" + fi + {{- else }} + # CA certificates are also included in the same certificate + # All public certs will be included in the truststore + cp /certs/tls.crt /certs/ca.crt + {{- end }} + + # Create JKS keystore from PEM cert and key + openssl pkcs12 -export -in "/certs/tls.crt" \ + -passout pass:"${KAFKA_TLS_KEYSTORE_PASSWORD}" \ + -inkey "/certs/tls.key" \ + -out "/certs/kafka.keystore.p12" + keytool -importkeystore -srckeystore "/certs/kafka.keystore.p12" \ + -srcstoretype PKCS12 \ + -srcstorepass "${KAFKA_TLS_KEYSTORE_PASSWORD}" \ + -deststorepass "${KAFKA_TLS_KEYSTORE_PASSWORD}" \ + -destkeystore "/certs/kafka.keystore.jks" \ + -noprompt + # Create JKS truststore from CA cert + keytool -keystore /certs/kafka.truststore.jks -alias CARoot -import -file /certs/ca.crt -storepass "${KAFKA_TLS_TRUSTSTORE_PASSWORD}" -noprompt + # Remove extra files + rm -f "/certs/kafka.keystore.p12" "/certs/tls.crt" "/certs/tls.key" "/certs/ca.crt" + elif [[ "${KAFKA_TLS_TYPE}" = "JKS" ]]; then + if [[ -f "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.keystore.jks" ]]; then + cp "/mounted-certs/kafka-${POD_ROLE}-${POD_ID}.keystore.jks" /certs/kafka.keystore.jks + elif [[ -f {{ printf "/mounted-certs/%s" ( default "kafka.keystore.jks" .Values.tls.jksKeystoreKey) | quote }} ]]; then + cp {{ printf "/mounted-certs/%s" ( default "kafka.keystore.jks" .Values.tls.jksKeystoreKey) | quote }} /certs/kafka.keystore.jks + else + error "Keystore file not found" + fi + + if [[ -f {{ printf "/mounted-certs/%s" ( default "kafka.truststore.jks" .Values.tls.jksTruststoreKey) | quote }} ]]; then + cp {{ printf "/mounted-certs/%s" ( default "kafka.truststore.jks" .Values.tls.jksTruststoreKey) | quote }} /certs/kafka.truststore.jks + else + error "Truststore file not found" + fi + else + error "Invalid type ${KAFKA_TLS_TYPE}" + fi + + # Configure TLS password settings in Kafka configuration + [[ -n "${KAFKA_TLS_KEYSTORE_PASSWORD:-}" ]] && kafka_conf_set "$KAFKA_CONFIG_FILE" "ssl.keystore.password" "$KAFKA_TLS_KEYSTORE_PASSWORD" + [[ -n "${KAFKA_TLS_TRUSTSTORE_PASSWORD:-}" ]] && kafka_conf_set "$KAFKA_CONFIG_FILE" "ssl.truststore.password" "$KAFKA_TLS_TRUSTSTORE_PASSWORD" + [[ -n "${KAFKA_TLS_PEM_KEY_PASSWORD:-}" ]] && kafka_conf_set "$KAFKA_CONFIG_FILE" "ssl.key.password" "$KAFKA_TLS_PEM_KEY_PASSWORD" + # Avoid errors caused by previous checks + true + } + {{- end }} + {{- if and .Values.tls.zookeeper.enabled .Values.tls.zookeeper.existingSecret }} + configure_zookeeper_tls() { + # Remove previously existing keystores + rm -f /certs/zookeeper.keystore.jks /certs/zookeeper.truststore.jks + ZOOKEEPER_TRUSTSTORE={{ printf "/zookeeper-certs/%s" .Values.tls.zookeeper.existingSecretTruststoreKey | quote }} + ZOOKEEPER_KEYSTORE={{ printf "/zookeeper-certs/%s" .Values.tls.zookeeper.existingSecretKeystoreKey | quote }} + if [[ -f "$ZOOKEEPER_KEYSTORE" ]]; then + cp "$ZOOKEEPER_KEYSTORE" "/certs/zookeeper.keystore.jks" + else + error "Zookeeper keystore file not found" + fi + if [[ -f "$ZOOKEEPER_TRUSTSTORE" ]]; then + cp "$ZOOKEEPER_TRUSTSTORE" "/certs/zookeeper.truststore.jks" + else + error "Zookeeper keystore file not found" + fi + [[ -n "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD:-}" ]] && kafka_conf_set "$KAFKA_CONFIG_FILE" "zookeeper.ssl.keystore.password" "${KAFKA_ZOOKEEPER_TLS_KEYSTORE_PASSWORD}" + [[ -n "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD:-}" ]] && kafka_conf_set "$KAFKA_CONFIG_FILE" "zookeeper.ssl.truststore.password" "${KAFKA_ZOOKEEPER_TLS_TRUSTSTORE_PASSWORD}" + # Avoid errors caused by previous checks + true + } + {{- end }} + + {{- if (include "kafka.saslEnabled" .) }} + configure_kafka_sasl() { + + # Replace placeholders with passwords + {{- if regexFind "SASL" (upper .Values.listeners.interbroker.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + replace_placeholder "interbroker-password-placeholder" "$KAFKA_INTER_BROKER_PASSWORD" + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + replace_placeholder "interbroker-client-secret-placeholder" "$KAFKA_INTER_BROKER_CLIENT_SECRET" + {{- end }} + {{- end -}} + {{- if and .Values.kraft.enabled (regexFind "SASL" (upper .Values.listeners.controller.protocol)) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + replace_placeholder "controller-password-placeholder" "$KAFKA_CONTROLLER_PASSWORD" + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + replace_placeholder "controller-client-secret-placeholder" "$KAFKA_CONTROLLER_CLIENT_SECRET" + {{- end }} + {{- end }} + {{- if (include "kafka.client.saslEnabled" .)}} + read -r -a passwords <<<"$(tr ',;' ' ' <<<"${KAFKA_CLIENT_PASSWORDS:-}")" + for ((i = 0; i < ${#passwords[@]}; i++)); do + replace_placeholder "password-placeholder-${i}" "${passwords[i]}" + done + {{- end }} + {{- if .Values.sasl.zookeeper.user }} + replace_placeholder "zookeeper-password-placeholder" "$KAFKA_ZOOKEEPER_PASSWORD" + {{- end }} + } + {{- end }} + + {{- if .Values.externalAccess.autoDiscovery.enabled }} + # Wait for autodiscovery to finish + if [[ "${EXTERNAL_ACCESS_ENABLED:-false}" =~ ^(yes|true)$ ]]; then + retry_while "test -f /shared/external-host.txt -o -f /shared/external-port.txt" || error "Timed out waiting for autodiscovery init-container" + fi + {{- end }} + + export KAFKA_CONFIG_FILE=/config/server.properties + cp /configmaps/server.properties $KAFKA_CONFIG_FILE + + # Get pod ID and role, last and second last fields in the pod name respectively + POD_ID=$(echo "$MY_POD_NAME" | rev | cut -d'-' -f 1 | rev) + POD_ROLE=$(echo "$MY_POD_NAME" | rev | cut -d'-' -f 2 | rev) + + # Configure node.id and/or broker.id + if [[ -f "/bitnami/kafka/data/meta.properties" ]]; then + if grep -q "broker.id" /bitnami/kafka/data/meta.properties; then + ID="$(grep "broker.id" /bitnami/kafka/data/meta.properties | awk -F '=' '{print $2}')" + {{- if or (not .Values.broker.zookeeperMigrationMode) (and (not .Values.zookeeper.enabled) (not .Values.externalZookeeper.servers)) }} + kafka_conf_set "$KAFKA_CONFIG_FILE" "node.id" "$ID" + {{- else }} + kafka_conf_set "$KAFKA_CONFIG_FILE" "broker.id" "$ID" + {{- end }} + else + ID="$(grep "node.id" /bitnami/kafka/data/meta.properties | awk -F '=' '{print $2}')" + kafka_conf_set "$KAFKA_CONFIG_FILE" "node.id" "$ID" + fi + else + ID=$((POD_ID + KAFKA_MIN_ID)) + {{- if .Values.kraft.enabled }} + kafka_conf_set "$KAFKA_CONFIG_FILE" "node.id" "$ID" + {{- end }} + {{- if or .Values.zookeeper.enabled .Values.externalZookeeper.servers }} + kafka_conf_set "$KAFKA_CONFIG_FILE" "broker.id" "$ID" + {{- end }} + fi + {{- if not .Values.listeners.advertisedListeners }} + replace_placeholder "advertised-address-placeholder" "${MY_POD_NAME}.{{ $fullname }}-${POD_ROLE}-headless.{{ $releaseNamespace }}.svc.{{ $clusterDomain }}" + if [[ "${EXTERNAL_ACCESS_ENABLED:-false}" =~ ^(yes|true)$ ]]; then + configure_external_access + fi + {{- end }} + {{- if (include "kafka.sslEnabled" .) }} + configure_kafka_tls + {{- end }} + {{- if (include "kafka.saslEnabled" .) }} + configure_kafka_sasl + {{- end }} + {{- if and .Values.tls.zookeeper.enabled .Values.tls.zookeeper.existingSecret }} + configure_zookeeper_tls + {{- end }} + if [ -f /secret-config/server-secret.properties ]; then + append_file_to_kafka_conf /secret-config/server-secret.properties $KAFKA_CONFIG_FILE + fi + {{- include "common.tplvalues.render" ( dict "value" .Values.extraInit "context" $ ) | nindent 4 }} + diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/secrets.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/secrets.yaml new file mode 100644 index 0000000000..7243ee4174 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/secrets.yaml @@ -0,0 +1,133 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "kafka.createSaslSecret" .) }} +{{- $secretName := printf "%s-user-passwords" (include "common.names.fullname" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if (include "kafka.client.saslEnabled" .) }} + {{- $secretValue := "" }} + {{- $secretData := (lookup "v1" "Secret" (include "common.names.namespace" .) $secretName).data }} + {{- if and $secretData (hasKey $secretData "client-passwords")}} + {{- $secretValue = index $secretData "client-passwords" }} + {{- end }} + {{- if or (empty $secretValue) (not (eq (len .Values.sasl.client.users) (len (splitList "," (b64dec $secretValue))))) }} + {{- $clientPasswords := .Values.sasl.client.passwords }} + {{- if empty $clientPasswords }} + {{- $clientPasswords = list }} + {{- range .Values.sasl.client.users }} + {{- $clientPasswords = append $clientPasswords (randAlphaNum 10) }} + {{- end }} + {{- end }} + {{- $secretValue = join "," $clientPasswords | toString | b64enc }} + {{- end }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + client-passwords: {{ $secretValue | quote }} + system-user-password: {{ index (splitList "," (b64dec $secretValue)) 0 | b64enc | quote }} + {{- end }} + {{- end }} + {{- if or .Values.sasl.zookeeper.user .Values.zookeeper.auth.client.enabled }} + zookeeper-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "zookeeper-password" "providedValues" (list "sasl.zookeeper.password" "zookeeper.auth.client.clientPassword") "failOnNew" false "context" $) }} + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.interbroker.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + inter-broker-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "inter-broker-password" "providedValues" (list "sasl.interbroker.password") "failOnNew" false "context" $) }} + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + inter-broker-client-secret: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "inter-broker-client-secret" "providedValues" (list "sasl.interbroker.clientSecret") "failOnNew" false "context" $) }} + {{- end }} + {{- end }} + {{- if regexFind "SASL" (upper .Values.listeners.controller.protocol) }} + {{- if (include "kafka.saslUserPasswordsEnabled" .) }} + controller-password: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "controller-password" "providedValues" (list "sasl.controller.password") "failOnNew" false "context" $) }} + {{- end }} + {{- if (include "kafka.saslClientSecretsEnabled" .) }} + controller-client-secret: {{ include "common.secrets.passwords.manage" (dict "secret" $secretName "key" "controller-client-secret" "providedValues" (list "sasl.controller.clientSecret") "failOnNew" false "context" $) }} + {{- end }} + {{- end }} +{{- if .Values.serviceBindings.enabled }} + +{{- if (include "kafka.client.saslEnabled" .) }} +{{- $host := list }} +{{- $port := .Values.service.ports.client }} +{{- $bootstrapServers := list }} +{{- if not .Values.controller.controllerOnly }} + {{- range $i, $e := until (int .Values.controller.replicaCount) }} + {{- $controller := printf "%s-controller-%s.%s-headless.%s.svc.%s" (include "common.names.fullname" $) (print $i) (include "common.names.fullname" $) $.Release.Namespace $.Values.clusterDomain }} + {{- $host = append $host $controller }} + {{- $bootstrapServers = append $bootstrapServers (printf "%s:%s" $controller .Values.service.ports.client) }} + {{- end }} +{{- end }} +{{- range $i, $e := until (int .Values.broker.replicaCount) }} + {{- $broker := printf "%s-broker-%s.%s-headless.%s.svc.%s" (include "common.names.fullname" $) (print $i) (include "common.names.fullname" $) $.Release.Namespace $.Values.clusterDomain }} + {{- $host = append $host $broker }} + {{- $bootstrapServers = append $bootstrapServers (printf "%s:%s" $broker .Values.service.ports.client) }} +{{- end }} +{{- range $i, $e := until (len .Values.sasl.client.users) }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" $ }}-svcbind-user-{{ $i }} + namespace: {{ $.Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $.Values.commonLabels "context" $ ) | nindent 4 }} + {{- if $.Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $.Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: servicebinding.io/kafka +data: + provider: {{ print "bitnami" | b64enc | quote }} + type: {{ print "kafka" | b64enc | quote }} + username: {{ index .Values.sasl.client.users $i | b64enc | quote }} + password: {{ index .Values.sasl.client.passwords $i | b64enc | quote }} + host: {{ join "," $host | b64enc | quote }} + port: {{ print $port | b64enc | quote }} + bootstrap-servers: {{ join "," $bootstrapServers | b64enc | quote }} +{{- end }} +{{- else }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.names.fullname" . }}-svcbind + namespace: {{ .Release.Namespace | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: servicebinding.io/kafka +data: + provider: {{ print "bitnami" | b64enc | quote }} + type: {{ print "kafka" | b64enc | quote }} + host: {{ join "," $host | b64enc | quote }} + port: {{ print $port | b64enc | quote }} + bootstrap-servers: {{ join "," $bootstrapServers | b64enc | quote }} +{{- end }} +{{- end }} +{{- end }} +{{- if and .Values.kraft.enabled (not .Values.kraft.existingClusterIdSecret) }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-kraft-cluster-id" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + kraft-cluster-id: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-kraft-cluster-id" (include "common.names.fullname" .)) "key" "kraft-cluster-id" "providedValues" (list "kraft.clusterId") "length" 22 "context" $) }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/svc.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/svc.yaml new file mode 100644 index 0000000000..a37ba6274d --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/svc.yaml @@ -0,0 +1,63 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "common.names.fullname" . }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/component: kafka + {{- if or .Values.service.annotations .Values.commonAnnotations }} + {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.service.annotations .Values.commonAnnotations ) "context" . ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ .Values.service.type }} + {{- if and .Values.service.clusterIP (eq .Values.service.type "ClusterIP") }} + clusterIP: {{ .Values.service.clusterIP }} + {{- end }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerSourceRanges)) }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} + {{- end }} + {{- if .Values.service.sessionAffinity }} + sessionAffinity: {{ .Values.service.sessionAffinity }} + {{- end }} + {{- if .Values.service.sessionAffinityConfig }} + sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.service.sessionAffinityConfig "context" $) | nindent 4 }} + {{- end }} + ports: + - name: tcp-client + port: {{ .Values.service.ports.client }} + protocol: TCP + targetPort: client + {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.client)) }} + nodePort: {{ .Values.service.nodePorts.client }} + {{- else if eq .Values.service.type "ClusterIP" }} + nodePort: null + {{- end }} + {{- if .Values.externalAccess.enabled }} + - name: tcp-external + port: {{ .Values.service.ports.external }} + protocol: TCP + targetPort: external + {{- if (not (empty .Values.service.nodePorts.external)) }} + nodePort: {{ .Values.service.nodePorts.external }} + {{- end }} + {{- end }} + {{- if .Values.service.extraPorts }} + {{- include "common.tplvalues.render" (dict "value" .Values.service.extraPorts "context" $) | nindent 4 }} + {{- end }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + app.kubernetes.io/part-of: kafka + {{- if and .Values.kraft.enabled .Values.controller.controllerOnly }} + app.kubernetes.io/component: broker + {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/tls-secret.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/tls-secret.yaml new file mode 100644 index 0000000000..ecf2362d93 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/templates/tls-secret.yaml @@ -0,0 +1,82 @@ +{{- /* +Copyright VMware, Inc. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if (include "kafka.createTlsSecret" .) }} +{{- $releaseNamespace := include "common.names.namespace" . }} +{{- $clusterDomain := .Values.clusterDomain }} +{{- $fullname := include "common.names.fullname" . }} +{{- $secretName := printf "%s-tls" (include "common.names.fullname" .) }} +{{- $altNames := list (printf "%s.%s.svc.%s" $fullname $releaseNamespace $clusterDomain) (printf "%s.%s" $fullname $releaseNamespace) $fullname }} +{{- $replicaCount := int .Values.broker.replicaCount }} +{{- range $i := until $replicaCount }} +{{- $replicaHost := printf "%s-broker-%d.%s-broker-headless" $fullname $i $fullname }} +{{- $altNames = append $altNames (printf "%s.%s.svc.%s" $replicaHost $releaseNamespace $clusterDomain) }} +{{- $altNames = append $altNames (printf "%s.%s" $replicaHost $releaseNamespace) }} +{{- $altNames = append $altNames $replicaHost }} +{{- end }} +{{- $replicaCount := int .Values.controller.replicaCount }} +{{- range $i := until $replicaCount }} +{{- $replicaHost := printf "%s-controller-%d.%s-controller-headless" $fullname $i $fullname }} +{{- $altNames = append $altNames (printf "%s.%s.svc.%s" $replicaHost $releaseNamespace $clusterDomain) }} +{{- $altNames = append $altNames (printf "%s.%s" $replicaHost $releaseNamespace) }} +{{- $altNames = append $altNames $replicaHost }} +{{- end }} +{{- $ca := genCA "kafka-ca" 365 }} +{{- $cert := genSignedCert $fullname nil $altNames 365 $ca }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ $secretName }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + kafka.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "kafka.crt" "defaultValue" $cert.Cert "context" $) }} + kafka.key: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "kafka.key" "defaultValue" $cert.Key "context" $) }} + kafka-ca.crt: {{ include "common.secrets.lookup" (dict "secret" $secretName "key" "kafka-ca.crt" "defaultValue" $ca.Cert "context" $) }} +--- +{{- end }} +{{- if (include "kafka.createTlsPasswordsSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-tls-passwords" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{ .Values.tls.passwordsSecretKeystoreKey }}: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-tls-passwords" (include "common.names.fullname" .)) "key" .Values.tls.passwordsSecretKeystoreKey "providedValues" (list "tls.keystorePassword") "context" $) }} + {{ .Values.tls.passwordsSecretTruststoreKey }}: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-tls-passwords" (include "common.names.fullname" .)) "key" .Values.tls.passwordsSecretTruststoreKey "providedValues" (list "tls.truststorePassword") "context" $) }} + {{- if .Values.tls.keyPassword }} + {{ default "key-password" .Values.tls.passwordsSecretPemPasswordKey }}: {{ .Values.tls.keyPassword | b64enc | quote }} + {{- end }} +--- +{{- end }} +{{- if (include "kafka.zookeeper.createTlsPasswordsSecret" .) }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ printf "%s-zookeeper-tls-passwords" (include "common.names.fullname" .) }} + namespace: {{ include "common.names.namespace" . | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" .Values.commonLabels "context" $ ) | nindent 4 }} + {{- if .Values.commonAnnotations }} + annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} + {{- end }} +type: Opaque +data: + {{- if .Values.tls.zookeeper.keystorePassword }} + {{ .Values.tls.zookeeper.passwordsSecretKeystoreKey }}: {{ .Values.tls.zookeeper.keystorePassword | b64enc | quote }} + {{- end }} + {{- if .Values.tls.zookeeper.truststorePassword }} + {{ .Values.tls.zookeeper.passwordsSecretTruststoreKey }}: {{ .Values.tls.zookeeper.truststorePassword | b64enc | quote }} + {{- end }} +--- +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml new file mode 100644 index 0000000000..1f89099ffe --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml @@ -0,0 +1,2380 @@ +# Copyright VMware, Inc. +# SPDX-License-Identifier: APACHE-2.0 + +## @section Global parameters +## Global Docker image parameters +## Please, note that this will override the image parameters, including dependencies, configured to use the global value +## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass +## + +## @param global.imageRegistry Global Docker image registry +## @param global.imagePullSecrets Global Docker registry secret names as an array +## @param global.storageClass Global StorageClass for Persistent Volume(s) +## +global: + imageRegistry: "" + ## E.g. + ## imagePullSecrets: + ## - myRegistryKeySecretName + ## + imagePullSecrets: [] + storageClass: "" + +## @section Common parameters +## + +## @param kubeVersion Override Kubernetes version +## +kubeVersion: "" +## @param nameOverride String to partially override common.names.fullname +## +namespace: kafka-kraft +nameOverride: "" +## @param fullnameOverride String to fully override common.names.fullname +## +fullnameOverride: "" +## @param clusterDomain Default Kubernetes cluster domain +## +clusterDomain: cluster.local +## @param commonLabels Labels to add to all deployed objects +## +commonLabels: {} +## @param commonAnnotations Annotations to add to all deployed objects +## +commonAnnotations: {} +## @param extraDeploy Array of extra objects to deploy with the release +## +extraDeploy: [] +## @param serviceBindings.enabled Create secret for service binding (Experimental) +## Ref: https://servicebinding.io/service-provider/ +## +serviceBindings: + enabled: false +## Enable diagnostic mode in the statefulset +## +diagnosticMode: + ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) + ## + enabled: false + ## @param diagnosticMode.command Command to override all containers in the statefulset + ## + command: + - sleep + ## @param diagnosticMode.args Args to override all containers in the statefulset + ## + args: + - infinity + +## @section Kafka parameters +## + +## Bitnami Kafka image version +## ref: https://hub.docker.com/r/bitnami/kafka/tags/ +## @param image.registry [default: REGISTRY_NAME] Kafka image registry +## @param image.repository [default: REPOSITORY_NAME/kafka] Kafka image repository +## @skip image.tag Kafka image tag (immutable tags are recommended) +## @param image.digest Kafka image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag +## @param image.pullPolicy Kafka image pull policy +## @param image.pullSecrets Specify docker-registry secret names as an array +## @param image.debug Specify if debug values should be set +## +image: + registry: docker.io + repository: bitnami/kafka + tag: 3.6.0-debian-11-r0 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Set to true if you would like to see extra information on logs + ## + debug: false +## @param extraInit Additional content for the kafka init script, rendered as a template. +## +extraInit: "" +## @param config Configuration file for Kafka, rendered as a template. Auto-generated based on chart values when not specified. +## @param existingConfigmap ConfigMap with Kafka Configuration +## NOTE: This will override the configuration based on values, please act carefully +## If both are set, the existingConfigMap will be used. +## +config: "" +existingConfigmap: "" +## @param extraConfig Additional configuration to be appended at the end of the generated Kafka configuration file. +## +extraConfig: "" +## @param secretConfig Additional configuration to be appended at the end of the generated Kafka configuration file. +## This value will be stored in a secret. +## +secretConfig: "" +## @param existingSecretConfig Secret with additonal configuration that will be appended to the end of the generated Kafka configuration file +## The key for the configuration should be: server-secret.properties +## NOTE: This will override secretConfig value +## +existingSecretConfig: "" +## @param log4j An optional log4j.properties file to overwrite the default of the Kafka brokers +## An optional log4j.properties file to overwrite the default of the Kafka brokers +## ref: https://github.com/apache/kafka/blob/trunk/config/log4j.properties +## +log4j: "" +## @param existingLog4jConfigMap The name of an existing ConfigMap containing a log4j.properties file +## The name of an existing ConfigMap containing a log4j.properties file +## NOTE: this will override `log4j` +## +existingLog4jConfigMap: "" +## @param heapOpts Kafka Java Heap size +## +heapOpts: -Xmx1024m -Xms1024m +## @param interBrokerProtocolVersion Override the setting 'inter.broker.protocol.version' during the ZK migration. +## Ref. https://docs.confluent.io/platform/current/installation/migrate-zk-kraft.html +## +interBrokerProtocolVersion: "" +## Kafka listeners configuration +## +listeners: + ## @param listeners.client.name Name for the Kafka client listener + ## @param listeners.client.containerPort Port for the Kafka client listener + ## @param listeners.client.protocol Security protocol for the Kafka client listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' + ## @param listeners.client.sslClientAuth Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' + client: + containerPort: 9092 + protocol: PLAINTEXT + name: CLIENT + sslClientAuth: "" + ## @param listeners.controller.name Name for the Kafka controller listener + ## @param listeners.controller.containerPort Port for the Kafka controller listener + ## @param listeners.controller.protocol Security protocol for the Kafka controller listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' + ## @param listeners.controller.sslClientAuth Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' + ## Ref: https://cwiki.apache.org/confluence/display/KAFKA/KIP-684+-+Support+mutual+TLS+authentication+on+SASL_SSL+listeners + controller: + name: CONTROLLER + containerPort: 9093 + protocol: PLAINTEXT + sslClientAuth: "" + ## @param listeners.interbroker.name Name for the Kafka inter-broker listener + ## @param listeners.interbroker.containerPort Port for the Kafka inter-broker listener + ## @param listeners.interbroker.protocol Security protocol for the Kafka inter-broker listener. Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' + ## @param listeners.interbroker.sslClientAuth Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.authType for this listener. Allowed values are 'none', 'requested' and 'required' + interbroker: + containerPort: 9094 + protocol: PLAINTEXT + name: INTERNAL + sslClientAuth: "" + ## @param listeners.external.containerPort Port for the Kafka external listener + ## @param listeners.external.protocol Security protocol for the Kafka external listener. . Allowed values are 'PLAINTEXT', 'SASL_PLAINTEXT', 'SASL_SSL' and 'SSL' + ## @param listeners.external.name Name for the Kafka external listener + ## @param listeners.external.sslClientAuth Optional. If SASL_SSL is enabled, configure mTLS TLS authentication type. If SSL protocol is enabled, overrides tls.sslClientAuth for this listener. Allowed values are 'none', 'requested' and 'required' + external: + containerPort: 9095 + protocol: PLAINTEXT + name: EXTERNAL + sslClientAuth: "" + ## @param listeners.extraListeners Array of listener objects to be appended to already existing listeners + ## E.g. + ## extraListeners: + ## - name: CUSTOM + ## containerPort: 9097 + ## protocol: SASL_PLAINTEXT + ## sslClientAuth: "" + ## + extraListeners: [] + ## NOTE: If set, below values will override configuration set using the above values (extraListeners.*, controller.*, interbroker.*, client.* and external.*) + ## @param listeners.overrideListeners Overrides the Kafka 'listeners' configuration setting. + ## @param listeners.advertisedListeners Overrides the Kafka 'advertised.listener' configuration setting. + ## @param listeners.securityProtocolMap Overrides the Kafka 'security.protocol.map' configuration setting. + overrideListeners: "" + advertisedListeners: "" + securityProtocolMap: "" + +## @section Kafka SASL parameters +## Kafka SASL settings for authentication, required if SASL_PLAINTEXT or SASL_SSL listeners are configured +## +sasl: + ## @param sasl.enabledMechanisms Comma-separated list of allowed SASL mechanisms when SASL listeners are configured. Allowed types: `PLAIN`, `SCRAM-SHA-256`, `SCRAM-SHA-512`, `OAUTHBEARER` + ## NOTE: At the moment, Kafka Raft mode does not support SCRAM, that is why only PLAIN is configured. + ## + enabledMechanisms: "PLAIN" + ## @param sasl.interBrokerMechanism SASL mechanism for inter broker communication. + ## + interBrokerMechanism: "" + ## @param sasl.controllerMechanism SASL mechanism for controller communications. + ## + controllerMechanism: "" + ## Settings for oauthbearer mechanism + ## @param sasl.oauthbearer.tokenEndpointUrl The URL for the OAuth/OIDC identity provider + ## @param sasl.oauthbearer.jwksEndpointUrl The OAuth/OIDC provider URL from which the provider's JWKS (JSON Web Key Set) can be retrieved + ## @param sasl.oauthbearer.expectedAudience The comma-delimited setting for the broker to use to verify that the JWT was issued for one of the expected audiences + ## @param sasl.oauthbearer.subClaimName The OAuth claim name for the subject. + ## + oauthbearer: + tokenEndpointUrl: "" + jwksEndpointUrl: "" + expectedAudience: "" + subClaimName: "sub" + ## Credentials for inter-broker communications. + ## @param sasl.interbroker.user Username for inter-broker communications when SASL is enabled + ## @param sasl.interbroker.password Password for inter-broker communications when SASL is enabled. If not set and SASL is enabled for the controller listener, a random password will be generated. + ## @param sasl.interbroker.clientId Client ID for inter-broker communications when SASL is enabled with mechanism OAUTHBEARER + ## @param sasl.interbroker.clientSecret Client Secret for inter-broker communications when SASL is enabled with mechanism OAUTHBEARER. If not set and SASL is enabled for the controller listener, a random secret will be generated. + ## + interbroker: + user: inter_broker_user + password: "" + clientId: inter_broker_client + clientSecret: "" + ## Credentials for controller communications. + ## @param sasl.controller.user Username for controller communications when SASL is enabled + ## @param sasl.controller.password Password for controller communications when SASL is enabled. If not set and SASL is enabled for the inter-broker listener, a random password will be generated. + ## @param sasl.controller.clientId Client ID for controller communications when SASL is enabled with mechanism OAUTHBEARER + ## @param sasl.controller.clientSecret Client Secret for controller communications when SASL is enabled with mechanism OAUTHBEARER. If not set and SASL is enabled for the inter-broker listener, a random secret will be generated. + ## + controller: + user: controller_user + password: "" + clientId: controller_broker_client + clientSecret: "" + ## Credentials for client communications. + ## @param sasl.client.users Comma-separated list of usernames for client communications when SASL is enabled + ## @param sasl.client.passwords Comma-separated list of passwords for client communications when SASL is enabled, must match the number of client.users + ## + client: + users: + - user1 + passwords: "" + ## Credentials for Zookeeper communications. + ## @param sasl.zookeeper.user Username for zookeeper communications when SASL is enabled. + ## @param sasl.zookeeper.password Password for zookeeper communications when SASL is enabled. + ## + zookeeper: + user: "" + password: "" + ## @param sasl.existingSecret Name of the existing secret containing credentials for clientUsers, interBrokerUser, controllerUser and zookeeperUser + ## Create this secret running the command below where SECRET_NAME is the name of the secret you want to create: + ## kubectl create secret generic SECRET_NAME --from-literal=client-passwords=CLIENT_PASSWORD1,CLIENT_PASSWORD2 --from-literal=inter-broker-password=INTER_BROKER_PASSWORD --from-literal=inter-broker-client-secret=INTER_BROKER_CLIENT_SECRET --from-literal=controller-password=CONTROLLER_PASSWORD --from-literal=controller-client-secret=CONTROLLER_CLIENT_SECRET --from-literal=zookeeper-password=ZOOKEEPER_PASSWORD + ## The client secrets are only required when using oauthbearer as sasl mechanism. + ## Client, interbroker and controller passwords are only required if the sasl mechanism includes something other than oauthbearer. + ## + existingSecret: "" + +## @section Kafka TLS parameters +## Kafka TLS settings, required if SSL or SASL_SSL listeners are configured +## +tls: + ## @param tls.type Format to use for TLS certificates. Allowed types: `JKS` and `PEM` + ## + type: JKS + ## @param tls.pemChainIncluded Flag to denote that the Certificate Authority (CA) certificates are bundled with the endpoint cert. + ## Certificates must be in proper order, where the top certificate is the leaf and the bottom certificate is the top-most intermediate CA. + ## + pemChainIncluded: false + ## @param tls.existingSecret Name of the existing secret containing the TLS certificates for the Kafka nodes. + ## When using 'jks' format for certificates, each secret should contain a truststore and a keystore. + ## Create these secrets following the steps below: + ## 1) Generate your truststore and keystore files. Helpful script: https://raw.githubusercontent.com/confluentinc/confluent-platform-security-tools/master/kafka-generate-ssl.sh + ## 2) Rename your truststore to `kafka.truststore.jks`. + ## 3) Rename your keystores to `kafka--X.keystore.jks` where X is the replica number of the . + ## 4) Run the command below one time per broker to create its associated secret (SECRET_NAME_X is the name of the secret you want to create): + ## kubectl create secret generic SECRET_NAME_0 --from-file=kafka.truststore.jks=./kafka.truststore.jks \ + ## --from-file=kafka-controller-0.keystore.jks=./kafka-controller-0.keystore.jks --from-file=kafka-broker-0.keystore.jks=./kafka-broker-0.keystore.jks ... + ## + ## NOTE: Alternatively, a single keystore can be provided for all nodes under the key 'kafka.keystore.jks', this keystore will be used by all nodes unless overridden by the 'kafka--X.keystore.jks' file + ## + ## When using 'pem' format for certificates, each secret should contain a public CA certificate, a public certificate and one private key. + ## Create these secrets following the steps below: + ## 1) Create a certificate key and signing request per Kafka broker, and sign the signing request with your CA + ## 2) Rename your CA file to `kafka.ca.crt`. + ## 3) Rename your certificates to `kafka-X.tls.crt` where X is the ID of each Kafka broker. + ## 3) Rename your keys to `kafka-X.tls.key` where X is the ID of each Kafka broker. + ## 4) Run the command below one time per broker to create its associated secret (SECRET_NAME_X is the name of the secret you want to create): + ## kubectl create secret generic SECRET_NAME_0 --from-file=kafka-ca.crt=./kafka-ca.crt --from-file=kafka-controller-0.crt=./kafka-controller-0.crt --from-file=kafka-controller-0.key=./kafka-controller-0.key \ + ## --from-file=kafka-broker-0.crt=./kafka-broker-0.crt --from-file=kafka-broker-0.key=./kafka-broker-0.key ... + ## + ## NOTE: Alternatively, a single key and certificate can be provided for all nodes under the keys 'kafka.crt' and 'kafka.key'. These certificates will be used by all nodes unless overridden by the 'kafka--X.key' and 'kafka--X.crt' files + ## NOTE: Alternatively, a single key and certificate can be provided for all nodes under the keys 'tls.crt' and 'tls.key'. These certificates will be used by all nodes unless overridden by the 'kafka--X.key' and 'kafka--X.crt' files + ## + existingSecret: "" + ## @param tls.autoGenerated Generate automatically self-signed TLS certificates for Kafka brokers. Currently only supported if `tls.type` is `PEM` + ## Note: ignored when using 'jks' format or `tls.existingSecret` is not empty + ## + autoGenerated: false + ## @param tls.passwordsSecret Name of the secret containing the password to access the JKS files or PEM key when they are password-protected. (`key`: `password`) + ## + passwordsSecret: "" + ## @param tls.passwordsSecretKeystoreKey The secret key from the tls.passwordsSecret containing the password for the Keystore. + ## + passwordsSecretKeystoreKey: keystore-password + ## @param tls.passwordsSecretTruststoreKey The secret key from the tls.passwordsSecret containing the password for the Truststore. + ## + passwordsSecretTruststoreKey: truststore-password + ## @param tls.passwordsSecretPemPasswordKey The secret key from the tls.passwordsSecret containing the password for the PEM key inside 'tls.passwordsSecret'. + ## + passwordsSecretPemPasswordKey: "" + ## @param tls.keystorePassword Password to access the JKS keystore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. + ## When using tls.type=PEM, the generated keystore will use this password or randomly generate one. + ## + keystorePassword: "" + ## @param tls.truststorePassword Password to access the JKS truststore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. + ## When using tls.type=PEM, the generated keystore will use this password or randomly generate one. + ## + truststorePassword: "" + ## @param tls.keyPassword Password to access the PEM key when it is password-protected. + ## Note: ignored when using 'tls.passwordsSecret' + ## + keyPassword: "" + ## @param tls.jksKeystoreKey The secret key from the `tls.existingSecret` containing the keystore + ## Note: ignored when using 'pem' format for certificates. + ## + jksKeystoreKey: "" + ## @param tls.jksTruststoreSecret Name of the existing secret containing your truststore if truststore not existing or different from the one in the `tls.existingSecret` + ## Note: ignored when using 'pem' format for certificates. + ## + jksTruststoreSecret: "" + ## @param tls.jksTruststoreKey The secret key from the `tls.existingSecret` or `tls.jksTruststoreSecret` containing the truststore + ## Note: ignored when using 'pem' format for certificates. + ## + jksTruststoreKey: "" + ## @param tls.endpointIdentificationAlgorithm The endpoint identification algorithm to validate server hostname using server certificate + ## Disable server host name verification by setting it to an empty string. + ## ref: https://docs.confluent.io/current/kafka/authentication_ssl.html#optional-settings + ## + endpointIdentificationAlgorithm: https + ## @param tls.sslClientAuth Sets the default value for the ssl.client.auth Kafka setting. + ## ref: https://docs.confluent.io/current/kafka/authentication_ssl.html#optional-settings + ## + sslClientAuth: "none" + ## Zookeeper TLS connection configuration for Kafka + ## + zookeeper: + ## @param tls.zookeeper.enabled Enable TLS for Zookeeper client connections. + ## + enabled: false + ## @param tls.zookeeper.verifyHostname Hostname validation. + ## + verifyHostname: true + ## @param tls.zookeeper.existingSecret Name of the existing secret containing the TLS certificates for ZooKeeper client communications. + ## + existingSecret: "" + ## @param tls.zookeeper.existingSecretKeystoreKey The secret key from the tls.zookeeper.existingSecret containing the Keystore. + ## + existingSecretKeystoreKey: zookeeper.keystore.jks + ## @param tls.zookeeper.existingSecretTruststoreKey The secret key from the tls.zookeeper.existingSecret containing the Truststore. + ## + existingSecretTruststoreKey: zookeeper.truststore.jks + ## @param tls.zookeeper.passwordsSecret Existing secret containing Keystore and Truststore passwords. + ## + passwordsSecret: "" + ## @param tls.zookeeper.passwordsSecretKeystoreKey The secret key from the tls.zookeeper.passwordsSecret containing the password for the Keystore. + ## If no keystore password is included in the passwords secret, set this value to an empty string. + ## + passwordsSecretKeystoreKey: keystore-password + ## @param tls.zookeeper.passwordsSecretTruststoreKey The secret key from the tls.zookeeper.passwordsSecret containing the password for the Truststore. + ## If no truststore password is included in the passwords secret, set this value to an empty string. + ## + passwordsSecretTruststoreKey: truststore-password + ## @param tls.zookeeper.keystorePassword Password to access the JKS keystore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. + ## When using tls.type=PEM, the generated keystore will use this password or randomly generate one. + ## + keystorePassword: "" + ## @param tls.zookeeper.truststorePassword Password to access the JKS truststore when it is password-protected. Ignored when 'tls.passwordsSecret' is provided. + ## When using tls.type=PEM, the generated keystore will use this password or randomly generate one. + ## + truststorePassword: "" + +## @param extraEnvVars Extra environment variables to add to Kafka pods +## ref: https://github.com/bitnami/containers/tree/main/bitnami/kafka#configuration +## e.g: +## extraEnvVars: +## - name: KAFKA_CFG_BACKGROUND_THREADS +## value: "10" +## +extraEnvVars: [] +## @param extraEnvVarsCM ConfigMap with extra environment variables +## +extraEnvVarsCM: "" +## @param extraEnvVarsSecret Secret with extra environment variables +## +extraEnvVarsSecret: "" +## @param extraVolumes Optionally specify extra list of additional volumes for the Kafka pod(s) +## e.g: +## extraVolumes: +## - name: kafka-jaas +## secret: +## secretName: kafka-jaas +## +extraVolumes: [] +## @param extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Kafka container(s) +## extraVolumeMounts: +## - name: kafka-jaas +## mountPath: /bitnami/kafka/config/kafka_jaas.conf +## subPath: kafka_jaas.conf +## +extraVolumeMounts: [] +## @param sidecars Add additional sidecar containers to the Kafka pod(s) +## e.g: +## sidecars: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +sidecars: [] +## @param initContainers Add additional Add init containers to the Kafka pod(s) +## e.g: +## initContainers: +## - name: your-image-name +## image: your-image +## imagePullPolicy: Always +## ports: +## - name: portname +## containerPort: 1234 +## +initContainers: [] + +## @section Controller-eligible statefulset parameters +## +controller: + ## @param controller.replicaCount Number of Kafka controller-eligible nodes + ## Ignore this section if running in Zookeeper mode. + ## + replicaCount: 3 + ## @param controller.controllerOnly If set to true, controller nodes will be deployed as dedicated controllers, instead of controller+broker processes. + ## + controllerOnly: false + ## @param controller.minId Minimal node.id values for controller-eligible nodes. Do not change after first initialization. + ## Broker-only id increment their ID starting at this minimal value. + ## We recommend setting this this value high enough, as IDs under this value will be used by controller-elegible nodes + ## + minId: 0 + ## @param controller.zookeeperMigrationMode Set to true to deploy cluster controller quorum + ## This allows configuring both kraft and zookeeper modes simultaneously in order to perform the migration of the Kafka metadata. + ## Ref. https://docs.confluent.io/platform/current/installation/migrate-zk-kraft.html + ## + zookeeperMigrationMode: false + ## @param controller.config Configuration file for Kafka controller-eligible nodes, rendered as a template. Auto-generated based on chart values when not specified. + ## @param controller.existingConfigmap ConfigMap with Kafka Configuration for controller-eligible nodes. + ## NOTE: This will override the configuration based on values, please act carefully + ## If both are set, the existingConfigMap will be used. + ## + config: "" + existingConfigmap: "" + ## @param controller.extraConfig Additional configuration to be appended at the end of the generated Kafka controller-eligible nodes configuration file. + ## + extraConfig: "" + ## @param controller.secretConfig Additional configuration to be appended at the end of the generated Kafka controller-eligible nodes configuration file. + ## This value will be stored in a secret. + ## + secretConfig: "" + ## @param controller.existingSecretConfig Secret with additonal configuration that will be appended to the end of the generated Kafka controller-eligible nodes configuration file + ## The key for the configuration should be: server-secret.properties + ## NOTE: This will override controller.secretConfig value + ## + existingSecretConfig: "" + ## @param controller.heapOpts Kafka Java Heap size for controller-eligible nodes + ## + heapOpts: -Xmx1024m -Xms1024m + ## @param controller.command Override Kafka container command + ## + command: [] + ## @param controller.args Override Kafka container arguments + ## + args: [] + ## @param controller.extraEnvVars Extra environment variables to add to Kafka pods + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/kafka#configuration + ## e.g: + ## extraEnvVars: + ## - name: KAFKA_CFG_BACKGROUND_THREADS + ## value: "10" + ## + extraEnvVars: [] + ## @param controller.extraEnvVarsCM ConfigMap with extra environment variables + ## + extraEnvVarsCM: "" + ## @param controller.extraEnvVarsSecret Secret with extra environment variables + ## + extraEnvVarsSecret: "" + ## @param controller.extraContainerPorts Kafka controller-eligible extra containerPorts. + ## + extraContainerPorts: [] + ## Configure extra options for Kafka containers' liveness, readiness and startup probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + ## @param controller.livenessProbe.enabled Enable livenessProbe on Kafka containers + ## @param controller.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param controller.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param controller.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param controller.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param controller.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + ## @param controller.readinessProbe.enabled Enable readinessProbe on Kafka containers + ## @param controller.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param controller.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param controller.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param controller.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param controller.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + failureThreshold: 6 + timeoutSeconds: 5 + periodSeconds: 10 + successThreshold: 1 + ## @param controller.startupProbe.enabled Enable startupProbe on Kafka containers + ## @param controller.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param controller.startupProbe.periodSeconds Period seconds for startupProbe + ## @param controller.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param controller.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param controller.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + ## @param controller.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param controller.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param controller.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## @param controller.lifecycleHooks lifecycleHooks for the Kafka container to automate configuration before or after startup + ## + lifecycleHooks: {} + ## Kafka resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param controller.resources.limits The resources limits for the container + ## @param controller.resources.requests The requested resources for the container + ## + resources: + limits: {} + requests: {} + ## Kafka pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param controller.podSecurityContext.enabled Enable security context for the pods + ## @param controller.podSecurityContext.fsGroup Set Kafka pod's Security Context fsGroup + ## @param controller.podSecurityContext.seccompProfile.type Set Kafka pods's Security Context seccomp profile + ## + podSecurityContext: + enabled: true + fsGroup: 1001 + seccompProfile: + type: "RuntimeDefault" + ## Kafka containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param controller.containerSecurityContext.enabled Enable Kafka containers' Security Context + ## @param controller.containerSecurityContext.runAsUser Set Kafka containers' Security Context runAsUser + ## @param controller.containerSecurityContext.runAsNonRoot Set Kafka containers' Security Context runAsNonRoot + ## @param controller.containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as non-privileged + ## @param controller.containerSecurityContext.readOnlyRootFilesystem Allows the pod to mount the RootFS as ReadOnly only + ## @param controller.containerSecurityContext.capabilities.drop Set Kafka containers' server Security Context capabilities to be dropped + ## e.g: + ## containerSecurityContext: + ## enabled: true + ## capabilities: + ## drop: ["NET_RAW"] + ## readOnlyRootFilesystem: true + ## + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + ## @param controller.hostAliases Kafka pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param controller.hostNetwork Specify if host network should be enabled for Kafka pods + ## + hostNetwork: false + ## @param controller.hostIPC Specify if host IPC should be enabled for Kafka pods + ## + hostIPC: false + ## @param controller.podLabels Extra labels for Kafka pods + ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param controller.podAnnotations Extra annotations for Kafka pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param controller.podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param controller.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param controller.nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param controller.nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param controller.nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param controller.affinity Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param controller.nodeSelector Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param controller.tolerations Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param controller.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param controller.terminationGracePeriodSeconds Seconds the pod needs to gracefully terminate + ## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution + ## + terminationGracePeriodSeconds: "" + ## @param controller.podManagementPolicy StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel + ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy + ## + podManagementPolicy: Parallel + ## @param controller.priorityClassName Name of the existing priority class to be used by kafka pods + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + ## + priorityClassName: "" + ## @param controller.runtimeClassName Name of the runtime class to be used by pod(s) + ## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/ + ## + runtimeClassName: "" + ## @param controller.enableServiceLinks Whether information about services should be injected into pod's environment variable + ## The environment variables injected by service links are not used, but can lead to slow kafka boot times or slow running of the scripts when there are many services in the current namespace. + ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. + ## + enableServiceLinks: true + ## @param controller.schedulerName Name of the k8s scheduler (other than default) + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param controller.updateStrategy.type Kafka statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + type: RollingUpdate + ## @param controller.extraVolumes Optionally specify extra list of additional volumes for the Kafka pod(s) + ## e.g: + ## extraVolumes: + ## - name: kafka-jaas + ## secret: + ## secretName: kafka-jaas + ## + extraVolumes: [] + ## @param controller.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Kafka container(s) + ## extraVolumeMounts: + ## - name: kafka-jaas + ## mountPath: /bitnami/kafka/config/kafka_jaas.conf + ## subPath: kafka_jaas.conf + ## + extraVolumeMounts: [] + ## @param controller.sidecars Add additional sidecar containers to the Kafka pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param controller.initContainers Add additional Add init containers to the Kafka pod(s) + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + initContainers: [] + ## Kafka Pod Disruption Budget + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## @param controller.pdb.create Deploy a pdb object for the Kafka pod + ## @param controller.pdb.minAvailable Maximum number/percentage of unavailable Kafka replicas + ## @param controller.pdb.maxUnavailable Maximum number/percentage of unavailable Kafka replicas + ## + pdb: + create: false + minAvailable: "" + maxUnavailable: 1 + ## Enable persistence using Persistent Volume Claims + ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ + ## + persistence: + ## @param controller.persistence.enabled Enable Kafka data persistence using PVC, note that ZooKeeper persistence is unaffected + ## + enabled: true + ## @param controller.persistence.existingClaim A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: "" + ## @param controller.persistence.storageClass PVC Storage Class for Kafka data volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param controller.persistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param controller.persistence.size PVC Storage Request for Kafka data volume + ## + size: 8Gi + ## @param controller.persistence.annotations Annotations for the PVC + ## + annotations: {} + ## @param controller.persistence.labels Labels for the PVC + ## + labels: {} + ## @param controller.persistence.selector Selector to match an existing Persistent Volume for Kafka data PVC. If set, the PVC can't have a PV dynamically provisioned for it + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param controller.persistence.mountPath Mount path of the Kafka data volume + ## + mountPath: /bitnami/kafka + ## Log Persistence parameters + ## + logPersistence: + ## @param controller.logPersistence.enabled Enable Kafka logs persistence using PVC, note that ZooKeeper persistence is unaffected + ## + enabled: false + ## @param controller.logPersistence.existingClaim A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: "" + ## @param controller.logPersistence.storageClass PVC Storage Class for Kafka logs volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param controller.logPersistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param controller.logPersistence.size PVC Storage Request for Kafka logs volume + ## + size: 8Gi + ## @param controller.logPersistence.annotations Annotations for the PVC + ## + annotations: {} + ## @param controller.logPersistence.selector Selector to match an existing Persistent Volume for Kafka log data PVC. If set, the PVC can't have a PV dynamically provisioned for it + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param controller.logPersistence.mountPath Mount path of the Kafka logs volume + ## + mountPath: /opt/bitnami/kafka/logs + +## @section Broker-only statefulset parameters +## +broker: + ## @param broker.replicaCount Number of Kafka broker-only nodes + ## Ignore this section if running in Zookeeper mode. + ## + replicaCount: 0 + ## @param broker.minId Minimal node.id values for broker-only nodes. Do not change after first initialization. + ## Broker-only id increment their ID starting at this minimal value. + ## We recommend setting this this value high enough, as IDs under this value will be used by controller-eligible nodes + ## + ## + minId: 100 + ## @param broker.zookeeperMigrationMode Set to true to deploy cluster controller quorum + ## This allows configuring both kraft and zookeeper modes simultaneously in order to perform the migration of the Kafka metadata. + ## Ref. https://docs.confluent.io/platform/current/installation/migrate-zk-kraft.html + ## + zookeeperMigrationMode: false + ## @param broker.config Configuration file for Kafka broker-only nodes, rendered as a template. Auto-generated based on chart values when not specified. + ## @param broker.existingConfigmap ConfigMap with Kafka Configuration for broker-only nodes. + ## NOTE: This will override the configuration based on values, please act carefully + ## If both are set, the existingConfigMap will be used. + ## + config: "" + existingConfigmap: "" + ## @param broker.extraConfig Additional configuration to be appended at the end of the generated Kafka broker-only nodes configuration file. + ## + extraConfig: "" + ## @param broker.secretConfig Additional configuration to be appended at the end of the generated Kafka broker-only nodes configuration file. + ## This value will be stored in a secret. + ## + secretConfig: "" + ## @param broker.existingSecretConfig Secret with additonal configuration that will be appended to the end of the generated Kafka broker-only nodes configuration file + ## The key for the configuration should be: server-secret.properties + ## NOTE: This will override broker.secretConfig value + ## + existingSecretConfig: "" + ## @param broker.heapOpts Kafka Java Heap size for broker-only nodes + ## + heapOpts: -Xmx1024m -Xms1024m + ## @param broker.command Override Kafka container command + ## + command: [] + ## @param broker.args Override Kafka container arguments + ## + args: [] + ## @param broker.extraEnvVars Extra environment variables to add to Kafka pods + ## ref: https://github.com/bitnami/containers/tree/main/bitnami/kafka#configuration + ## e.g: + ## extraEnvVars: + ## - name: KAFKA_CFG_BACKGROUND_THREADS + ## value: "10" + ## + extraEnvVars: [] + ## @param broker.extraEnvVarsCM ConfigMap with extra environment variables + ## + extraEnvVarsCM: "" + ## @param broker.extraEnvVarsSecret Secret with extra environment variables + ## + extraEnvVarsSecret: "" + ## @param broker.extraContainerPorts Kafka broker-only extra containerPorts. + ## + extraContainerPorts: [] + ## Configure extra options for Kafka containers' liveness, readiness and startup probes + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/#configure-probes + ## @param broker.livenessProbe.enabled Enable livenessProbe on Kafka containers + ## @param broker.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe + ## @param broker.livenessProbe.periodSeconds Period seconds for livenessProbe + ## @param broker.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe + ## @param broker.livenessProbe.failureThreshold Failure threshold for livenessProbe + ## @param broker.livenessProbe.successThreshold Success threshold for livenessProbe + ## + livenessProbe: + enabled: true + initialDelaySeconds: 10 + timeoutSeconds: 5 + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + ## @param broker.readinessProbe.enabled Enable readinessProbe on Kafka containers + ## @param broker.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe + ## @param broker.readinessProbe.periodSeconds Period seconds for readinessProbe + ## @param broker.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe + ## @param broker.readinessProbe.failureThreshold Failure threshold for readinessProbe + ## @param broker.readinessProbe.successThreshold Success threshold for readinessProbe + ## + readinessProbe: + enabled: true + initialDelaySeconds: 5 + failureThreshold: 6 + timeoutSeconds: 5 + periodSeconds: 10 + successThreshold: 1 + ## @param broker.startupProbe.enabled Enable startupProbe on Kafka containers + ## @param broker.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe + ## @param broker.startupProbe.periodSeconds Period seconds for startupProbe + ## @param broker.startupProbe.timeoutSeconds Timeout seconds for startupProbe + ## @param broker.startupProbe.failureThreshold Failure threshold for startupProbe + ## @param broker.startupProbe.successThreshold Success threshold for startupProbe + ## + startupProbe: + enabled: false + initialDelaySeconds: 30 + periodSeconds: 10 + timeoutSeconds: 1 + failureThreshold: 15 + successThreshold: 1 + ## @param broker.customLivenessProbe Custom livenessProbe that overrides the default one + ## + customLivenessProbe: {} + ## @param broker.customReadinessProbe Custom readinessProbe that overrides the default one + ## + customReadinessProbe: {} + ## @param broker.customStartupProbe Custom startupProbe that overrides the default one + ## + customStartupProbe: {} + ## @param broker.lifecycleHooks lifecycleHooks for the Kafka container to automate configuration before or after startup + ## + lifecycleHooks: {} + ## Kafka resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param broker.resources.limits The resources limits for the container + ## @param broker.resources.requests The requested resources for the container + ## + resources: + limits: {} + requests: {} + ## Kafka pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param broker.podSecurityContext.enabled Enable security context for the pods + ## @param broker.podSecurityContext.fsGroup Set Kafka pod's Security Context fsGroup + ## @param broker.podSecurityContext.seccompProfile.type Set Kafka pod's Security Context seccomp profile + ## + podSecurityContext: + enabled: true + fsGroup: 1001 + seccompProfile: + type: "RuntimeDefault" + ## Kafka containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param broker.containerSecurityContext.enabled Enable Kafka containers' Security Context + ## @param broker.containerSecurityContext.runAsUser Set Kafka containers' Security Context runAsUser + ## @param broker.containerSecurityContext.runAsNonRoot Set Kafka containers' Security Context runAsNonRoot + ## @param broker.containerSecurityContext.allowPrivilegeEscalation Force the child process to be run as non-privileged + ## @param broker.containerSecurityContext.readOnlyRootFilesystem Allows the pod to mount the RootFS as ReadOnly only + ## @param broker.containerSecurityContext.capabilities.drop Set Kafka containers' server Security Context capabilities to be dropped + ## e.g: + ## containerSecurityContext: + ## enabled: true + ## capabilities: + ## drop: ["NET_RAW"] + ## readOnlyRootFilesystem: true + ## + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + ## @param broker.hostAliases Kafka pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param broker.hostNetwork Specify if host network should be enabled for Kafka pods + ## + hostNetwork: false + ## @param broker.hostIPC Specify if host IPC should be enabled for Kafka pods + ## + hostIPC: false + ## @param broker.podLabels Extra labels for Kafka pods + ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param broker.podAnnotations Extra annotations for Kafka pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param broker.podAffinityPreset Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param broker.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param broker.nodeAffinityPreset.type Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param broker.nodeAffinityPreset.key Node label key to match Ignored if `affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param broker.nodeAffinityPreset.values Node label values to match. Ignored if `affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param broker.affinity Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: podAffinityPreset, podAntiAffinityPreset, and nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param broker.nodeSelector Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param broker.tolerations Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param broker.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template + ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods + ## + topologySpreadConstraints: [] + ## @param broker.terminationGracePeriodSeconds Seconds the pod needs to gracefully terminate + ## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#hook-handler-execution + ## + terminationGracePeriodSeconds: "" + ## @param broker.podManagementPolicy StatefulSet controller supports relax its ordering guarantees while preserving its uniqueness and identity guarantees. There are two valid pod management policies: OrderedReady and Parallel + ## ref: https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#pod-management-policy + ## + podManagementPolicy: Parallel + ## @param broker.priorityClassName Name of the existing priority class to be used by kafka pods + ## Ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ + ## + priorityClassName: "" + ## @param broker.runtimeClassName Name of the runtime class to be used by pod(s) + ## ref: https://kubernetes.io/docs/concepts/containers/runtime-class/ + ## + runtimeClassName: "" + ## @param broker.enableServiceLinks Whether information about services should be injected into pod's environment variable + ## The environment variables injected by service links are not used, but can lead to slow kafka boot times or slow running of the scripts when there are many services in the current namespace. + ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. + ## + enableServiceLinks: true + ## @param broker.schedulerName Name of the k8s scheduler (other than default) + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param broker.updateStrategy.type Kafka statefulset strategy type + ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies + ## + updateStrategy: + type: RollingUpdate + ## @param broker.extraVolumes Optionally specify extra list of additional volumes for the Kafka pod(s) + ## e.g: + ## extraVolumes: + ## - name: kafka-jaas + ## secret: + ## secretName: kafka-jaas + ## + extraVolumes: [] + ## @param broker.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Kafka container(s) + ## extraVolumeMounts: + ## - name: kafka-jaas + ## mountPath: /bitnami/kafka/config/kafka_jaas.conf + ## subPath: kafka_jaas.conf + ## + extraVolumeMounts: [] + ## @param broker.sidecars Add additional sidecar containers to the Kafka pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param broker.initContainers Add additional Add init containers to the Kafka pod(s) + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + initContainers: [] + ## Kafka Pod Disruption Budget + ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ + ## @param broker.pdb.create Deploy a pdb object for the Kafka pod + ## @param broker.pdb.minAvailable Maximum number/percentage of unavailable Kafka replicas + ## @param broker.pdb.maxUnavailable Maximum number/percentage of unavailable Kafka replicas + ## + pdb: + create: false + minAvailable: "" + maxUnavailable: 1 + ## Enable persistence using Persistent Volume Claims + ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ + ## + persistence: + ## @param broker.persistence.enabled Enable Kafka data persistence using PVC, note that ZooKeeper persistence is unaffected + ## + enabled: true + ## @param broker.persistence.existingClaim A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: "" + ## @param broker.persistence.storageClass PVC Storage Class for Kafka data volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param broker.persistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param broker.persistence.size PVC Storage Request for Kafka data volume + ## + size: 8Gi + ## @param broker.persistence.annotations Annotations for the PVC + ## + annotations: {} + ## @param broker.persistence.labels Labels for the PVC + ## + labels: {} + ## @param broker.persistence.selector Selector to match an existing Persistent Volume for Kafka data PVC. If set, the PVC can't have a PV dynamically provisioned for it + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param broker.persistence.mountPath Mount path of the Kafka data volume + ## + mountPath: /bitnami/kafka + ## Log Persistence parameters + ## + logPersistence: + ## @param broker.logPersistence.enabled Enable Kafka logs persistence using PVC, note that ZooKeeper persistence is unaffected + ## + enabled: false + ## @param broker.logPersistence.existingClaim A manually managed Persistent Volume and Claim + ## If defined, PVC must be created manually before volume will be bound + ## The value is evaluated as a template + ## + existingClaim: "" + ## @param broker.logPersistence.storageClass PVC Storage Class for Kafka logs volume + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. + ## + storageClass: "" + ## @param broker.logPersistence.accessModes Persistent Volume Access Modes + ## + accessModes: + - ReadWriteOnce + ## @param broker.logPersistence.size PVC Storage Request for Kafka logs volume + ## + size: 8Gi + ## @param broker.logPersistence.annotations Annotations for the PVC + ## + annotations: {} + ## @param broker.logPersistence.selector Selector to match an existing Persistent Volume for Kafka log data PVC. If set, the PVC can't have a PV dynamically provisioned for it + ## selector: + ## matchLabels: + ## app: my-app + ## + selector: {} + ## @param broker.logPersistence.mountPath Mount path of the Kafka logs volume + ## + mountPath: /opt/bitnami/kafka/logs + + +## @section Traffic Exposure parameters +## + +## Service parameters +## +service: + ## @param service.type Kubernetes Service type + ## + type: ClusterIP + ## @param service.ports.client Kafka svc port for client connections + ## @param service.ports.controller Kafka svc port for controller connections. It is used if "kraft.enabled: true" + ## @param service.ports.interbroker Kafka svc port for inter-broker connections + ## @param service.ports.external Kafka svc port for external connections + ## + ports: + client: 9092 + controller: 9093 + interbroker: 9094 + external: 9095 + ## @param service.extraPorts Extra ports to expose in the Kafka service (normally used with the `sidecar` value) + ## + extraPorts: [] + ## @param service.nodePorts.client Node port for the Kafka client connections + ## @param service.nodePorts.external Node port for the Kafka external connections + ## NOTE: choose port between <30000-32767> + ## + nodePorts: + client: "" + external: "" + ## @param service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/user-guide/services/ + ## + sessionAffinity: None + ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity + ## sessionAffinityConfig: + ## clientIP: + ## timeoutSeconds: 300 + ## + sessionAffinityConfig: {} + ## @param service.clusterIP Kafka service Cluster IP + ## e.g.: + ## clusterIP: None + ## + clusterIP: "" + ## @param service.loadBalancerIP Kafka service Load Balancer IP + ## ref: https://kubernetes.io/docs/user-guide/services/#type-loadbalancer + ## + loadBalancerIP: "" + ## @param service.loadBalancerSourceRanges Kafka service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param service.externalTrafficPolicy Kafka service external traffic policy + ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## @param service.annotations Additional custom annotations for Kafka service + ## + annotations: {} + ## Headless service properties + ## + headless: + controller: + ## @param service.headless.controller.annotations Annotations for the controller-eligible headless service. + ## + annotations: {} + ## @param service.headless.controller.labels Labels for the controller-eligible headless service. + ## + labels: {} + broker: + ## @param service.headless.broker.annotations Annotations for the broker-only headless service. + ## + annotations: {} + ## @param service.headless.broker.labels Labels for the broker-only headless service. + ## + labels: {} +## External Access to Kafka brokers configuration +## +externalAccess: + ## @param externalAccess.enabled Enable Kubernetes external cluster access to Kafka brokers + ## + enabled: false + ## External IPs auto-discovery configuration + ## An init container is used to auto-detect LB IPs or node ports by querying the K8s API + ## Note: RBAC might be required + ## + autoDiscovery: + ## @param externalAccess.autoDiscovery.enabled Enable using an init container to auto-detect external IPs/ports by querying the K8s API + ## + enabled: false + ## Bitnami Kubectl image + ## ref: https://hub.docker.com/r/bitnami/kubectl/tags/ + ## @param externalAccess.autoDiscovery.image.registry [default: REGISTRY_NAME] Init container auto-discovery image registry + ## @param externalAccess.autoDiscovery.image.repository [default: REPOSITORY_NAME/kubectl] Init container auto-discovery image repository + ## @skip externalAccess.autoDiscovery.image.tag Init container auto-discovery image tag (immutable tags are recommended) + ## @param externalAccess.autoDiscovery.image.digest Kubectl image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param externalAccess.autoDiscovery.image.pullPolicy Init container auto-discovery image pull policy + ## @param externalAccess.autoDiscovery.image.pullSecrets Init container auto-discovery image pull secrets + ## + image: + registry: docker.io + repository: bitnami/kubectl + tag: 1.28.2-debian-11-r16 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init Container resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param externalAccess.autoDiscovery.resources.limits The resources limits for the auto-discovery init container + ## @param externalAccess.autoDiscovery.resources.requests The requested resources for the auto-discovery init container + ## + resources: + limits: {} + requests: {} + ## Service settings + controller: + ## @param externalAccess.controller.forceExpose If set to true, force exposing controller-eligible nodes although they are configured as controller-only nodes + ## + forceExpose: false + ## Parameters to configure K8s service(s) used to externally access Kafka brokers + ## Note: A new service per broker will be created + ## + service: + ## @param externalAccess.controller.service.type Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP + ## + type: LoadBalancer + ## @param externalAccess.controller.service.ports.external Kafka port used for external access when service type is LoadBalancer + ## + ports: + external: 9094 + ## @param externalAccess.controller.service.loadBalancerIPs Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerIPs: + ## - X.X.X.X + ## - Y.Y.Y.Y + ## + loadBalancerIPs: [] + ## @param externalAccess.controller.service.loadBalancerNames Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerNames: + ## - broker1.external.example.com + ## - broker2.external.example.com + ## + loadBalancerNames: [] + ## @param externalAccess.controller.service.loadBalancerAnnotations Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerAnnotations: + ## - external-dns.alpha.kubernetes.io/hostname: broker1.external.example.com. + ## - external-dns.alpha.kubernetes.io/hostname: broker2.external.example.com. + ## + loadBalancerAnnotations: [] + ## @param externalAccess.controller.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param externalAccess.controller.service.nodePorts Array of node ports used for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## nodePorts: + ## - 30001 + ## - 30002 + ## + nodePorts: [] + ## @param externalAccess.controller.service.externalIPs Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount + ## e.g: + ## externalIPs: + ## - X.X.X.X + ## - Y.Y.Y.Y + ## + externalIPs: [] + ## @param externalAccess.controller.service.useHostIPs Use service host IPs to configure Kafka external listener when service type is NodePort + ## + useHostIPs: false + ## @param externalAccess.controller.service.usePodIPs using the MY_POD_IP address for external access. + ## + usePodIPs: false + ## @param externalAccess.controller.service.domain Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP + ## NodePort: If not specified, the container will try to get the kubernetes node external IP + ## ClusterIP: Must be specified, ingress IP or domain where tcp for external ports is configured + ## + domain: "" + ## @param externalAccess.controller.service.publishNotReadyAddresses Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready + ## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/ + ## + publishNotReadyAddresses: false + ## @param externalAccess.controller.service.labels Service labels for external access + ## + labels: {} + ## @param externalAccess.controller.service.annotations Service annotations for external access + ## + annotations: {} + ## @param externalAccess.controller.service.extraPorts Extra ports to expose in the Kafka external service + ## + extraPorts: [] + broker: + ## Parameters to configure K8s service(s) used to externally access Kafka brokers + ## Note: A new service per broker will be created + ## + service: + ## @param externalAccess.broker.service.type Kubernetes Service type for external access. It can be NodePort, LoadBalancer or ClusterIP + ## + type: LoadBalancer + ## @param externalAccess.broker.service.ports.external Kafka port used for external access when service type is LoadBalancer + ## + ports: + external: 9094 + ## @param externalAccess.broker.service.loadBalancerIPs Array of load balancer IPs for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerIPs: + ## - X.X.X.X + ## - Y.Y.Y.Y + ## + loadBalancerIPs: [] + ## @param externalAccess.broker.service.loadBalancerNames Array of load balancer Names for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerNames: + ## - broker1.external.example.com + ## - broker2.external.example.com + ## + loadBalancerNames: [] + ## @param externalAccess.broker.service.loadBalancerAnnotations Array of load balancer annotations for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## loadBalancerAnnotations: + ## - external-dns.alpha.kubernetes.io/hostname: broker1.external.example.com. + ## - external-dns.alpha.kubernetes.io/hostname: broker2.external.example.com. + ## + loadBalancerAnnotations: [] + ## @param externalAccess.broker.service.loadBalancerSourceRanges Address(es) that are allowed when service is LoadBalancer + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param externalAccess.broker.service.nodePorts Array of node ports used for each Kafka broker. Length must be the same as replicaCount + ## e.g: + ## nodePorts: + ## - 30001 + ## - 30002 + ## + nodePorts: [] + ## @param externalAccess.broker.service.externalIPs Use distinct service host IPs to configure Kafka external listener when service type is NodePort. Length must be the same as replicaCount + ## e.g: + ## externalIPs: + ## - X.X.X.X + ## - Y.Y.Y.Y + ## + externalIPs: [] + ## @param externalAccess.broker.service.useHostIPs Use service host IPs to configure Kafka external listener when service type is NodePort + ## + useHostIPs: false + ## @param externalAccess.broker.service.usePodIPs using the MY_POD_IP address for external access. + ## + usePodIPs: false + ## @param externalAccess.broker.service.domain Domain or external ip used to configure Kafka external listener when service type is NodePort or ClusterIP + ## NodePort: If not specified, the container will try to get the kubernetes node external IP + ## ClusterIP: Must be specified, ingress IP or domain where tcp for external ports is configured + ## + domain: "" + ## @param externalAccess.broker.service.publishNotReadyAddresses Indicates that any agent which deals with endpoints for this Service should disregard any indications of ready/not-ready + ## ref: https://kubernetes.io/docs/reference/kubernetes-api/service-resources/service-v1/ + ## + publishNotReadyAddresses: false + ## @param externalAccess.broker.service.labels Service labels for external access + ## + labels: {} + ## @param externalAccess.broker.service.annotations Service annotations for external access + ## + annotations: {} + ## @param externalAccess.broker.service.extraPorts Extra ports to expose in the Kafka external service + ## + extraPorts: [] +## Network policies +## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/ +## +networkPolicy: + ## @param networkPolicy.enabled Specifies whether a NetworkPolicy should be created + ## + enabled: false + ## @param networkPolicy.allowExternal Don't require client label for connections + ## When set to false, only pods with the correct client label will have network access to the port Kafka is + ## listening on. When true, zookeeper accept connections from any source (with the correct destination port). + ## + allowExternal: true + ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed + ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace + ## and that match other criteria, the ones that have the good label, can reach the kafka. + ## But sometimes, we want the kafka to be accessible to clients from other namespaces, in this case, we can use this + ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added. + ## + ## e.g: + ## explicitNamespacesSelector: + ## matchLabels: + ## role: frontend + ## matchExpressions: + ## - {key: role, operator: In, values: [frontend]} + ## + explicitNamespacesSelector: {} + ## @param networkPolicy.externalAccess.from customize the from section for External Access on tcp-external port + ## e.g: + ## - ipBlock: + ## cidr: 172.9.0.0/16 + ## except: + ## - 172.9.1.0/24 + ## + externalAccess: + from: [] + ## @param networkPolicy.egressRules.customRules [object] Custom network policy rule + ## + egressRules: + ## Additional custom egress rules + ## e.g: + ## customRules: + ## - to: + ## - namespaceSelector: + ## matchLabels: + ## label: example + ## + customRules: [] + +## @section Volume Permissions parameters +## + +## Init containers parameters: +## volumePermissions: Change the owner and group of the persistent volume(s) mountpoint(s) to 'runAsUser:fsGroup' on each node +## +volumePermissions: + ## @param volumePermissions.enabled Enable init container that changes the owner and group of the persistent volume + ## + enabled: false + ## @param volumePermissions.image.registry [default: REGISTRY_NAME] Init container volume-permissions image registry + ## @param volumePermissions.image.repository [default: REPOSITORY_NAME/os-shell] Init container volume-permissions image repository + ## @skip volumePermissions.image.tag Init container volume-permissions image tag (immutable tags are recommended) + ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy + ## @param volumePermissions.image.pullSecrets Init container volume-permissions image pull secrets + ## + image: + registry: docker.io + repository: bitnami/os-shell + tag: 11-debian-11-r90 + digest: "" + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## Example: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Init container resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param volumePermissions.resources.limits Init container volume-permissions resource limits + ## @param volumePermissions.resources.requests Init container volume-permissions resource requests + ## + resources: + limits: {} + requests: {} + ## Init container' Security Context + ## Note: the chown of the data folder is done to containerSecurityContext.runAsUser + ## and not the below volumePermissions.containerSecurityContext.runAsUser + ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the init container + ## + containerSecurityContext: + runAsUser: 0 + +## @section Other Parameters +## + +## ServiceAccount for Kafka +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +## +serviceAccount: + ## @param serviceAccount.create Enable creation of ServiceAccount for Kafka pods + ## + create: true + ## @param serviceAccount.name The name of the service account to use. If not set and `create` is `true`, a name is generated + ## If not set and create is true, a name is generated using the kafka.serviceAccountName template + ## + name: "" + ## @param serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: true + ## @param serviceAccount.annotations Additional custom annotations for the ServiceAccount + ## + annotations: {} +## Role Based Access Control +## ref: https://kubernetes.io/docs/admin/authorization/rbac/ +## +rbac: + ## @param rbac.create Whether to create & use RBAC resources or not + ## binding Kafka ServiceAccount to a role + ## that allows Kafka pods querying the K8s API + ## + create: false + +## @section Metrics parameters +## + +## Prometheus Exporters / Metrics +## +metrics: + ## Prometheus Kafka exporter: exposes complimentary metrics to JMX exporter + ## + kafka: + ## @param metrics.kafka.enabled Whether or not to create a standalone Kafka exporter to expose Kafka metrics + ## + enabled: false + ## Bitnami Kafka exporter image + ## ref: https://hub.docker.com/r/bitnami/kafka-exporter/tags/ + ## @param metrics.kafka.image.registry [default: REGISTRY_NAME] Kafka exporter image registry + ## @param metrics.kafka.image.repository [default: REPOSITORY_NAME/kafka-exporter] Kafka exporter image repository + ## @skip metrics.kafka.image.tag Kafka exporter image tag (immutable tags are recommended) + ## @param metrics.kafka.image.digest Kafka exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param metrics.kafka.image.pullPolicy Kafka exporter image pull policy + ## @param metrics.kafka.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/kafka-exporter + tag: 1.7.0-debian-11-r132 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + + ## @param metrics.kafka.certificatesSecret Name of the existing secret containing the optional certificate and key files + ## for Kafka exporter client authentication + ## + certificatesSecret: "" + ## @param metrics.kafka.tlsCert The secret key from the certificatesSecret if 'client-cert' key different from the default (cert-file) + ## + tlsCert: cert-file + ## @param metrics.kafka.tlsKey The secret key from the certificatesSecret if 'client-key' key different from the default (key-file) + ## + tlsKey: key-file + ## @param metrics.kafka.tlsCaSecret Name of the existing secret containing the optional ca certificate for Kafka exporter client authentication + ## + tlsCaSecret: "" + ## @param metrics.kafka.tlsCaCert The secret key from the certificatesSecret or tlsCaSecret if 'ca-cert' key different from the default (ca-file) + ## + tlsCaCert: ca-file + ## @param metrics.kafka.extraFlags Extra flags to be passed to Kafka exporter + ## e.g: + ## extraFlags: + ## tls.insecure-skip-tls-verify: "" + ## web.telemetry-path: "/metrics" + ## + extraFlags: {} + ## @param metrics.kafka.command Override Kafka exporter container command + ## + command: [] + ## @param metrics.kafka.args Override Kafka exporter container arguments + ## + args: [] + ## @param metrics.kafka.containerPorts.metrics Kafka exporter metrics container port + ## + containerPorts: + metrics: 9308 + ## Kafka exporter resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param metrics.kafka.resources.limits The resources limits for the container + ## @param metrics.kafka.resources.requests The requested resources for the container + ## + resources: + limits: {} + requests: {} + ## Kafka exporter pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param metrics.kafka.podSecurityContext.enabled Enable security context for the pods + ## @param metrics.kafka.podSecurityContext.fsGroup Set Kafka exporter pod's Security Context fsGroup + ## @param metrics.kafka.podSecurityContext.seccompProfile.type Set Kafka exporter pod's Security Context seccomp profile + ## + podSecurityContext: + enabled: true + fsGroup: 1001 + seccompProfile: + type: "RuntimeDefault" + ## Kafka exporter containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param metrics.kafka.containerSecurityContext.enabled Enable Kafka exporter containers' Security Context + ## @param metrics.kafka.containerSecurityContext.runAsUser Set Kafka exporter containers' Security Context runAsUser + ## @param metrics.kafka.containerSecurityContext.runAsNonRoot Set Kafka exporter containers' Security Context runAsNonRoot + ## @param metrics.kafka.containerSecurityContext.allowPrivilegeEscalation Set Kafka exporter containers' Security Context allowPrivilegeEscalation + ## @param metrics.kafka.containerSecurityContext.readOnlyRootFilesystem Set Kafka exporter containers' Security Context readOnlyRootFilesystem + ## @param metrics.kafka.containerSecurityContext.capabilities.drop Set Kafka exporter containers' Security Context capabilities to be dropped + ## e.g: + ## containerSecurityContext: + ## enabled: true + ## capabilities: + ## drop: ["NET_RAW"] + ## readOnlyRootFilesystem: true + ## + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + ## @param metrics.kafka.hostAliases Kafka exporter pods host aliases + ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ + ## + hostAliases: [] + ## @param metrics.kafka.podLabels Extra labels for Kafka exporter pods + ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## @param metrics.kafka.podAnnotations Extra annotations for Kafka exporter pods + ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ + ## + podAnnotations: {} + ## @param metrics.kafka.podAffinityPreset Pod affinity preset. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` + ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAffinityPreset: "" + ## @param metrics.kafka.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity + ## + podAntiAffinityPreset: soft + ## Node metrics.kafka.affinity preset + ## Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity + ## + nodeAffinityPreset: + ## @param metrics.kafka.nodeAffinityPreset.type Node affinity preset type. Ignored if `metrics.kafka.affinity` is set. Allowed values: `soft` or `hard` + ## + type: "" + ## @param metrics.kafka.nodeAffinityPreset.key Node label key to match Ignored if `metrics.kafka.affinity` is set. + ## E.g. + ## key: "kubernetes.io/e2e-az-name" + ## + key: "" + ## @param metrics.kafka.nodeAffinityPreset.values Node label values to match. Ignored if `metrics.kafka.affinity` is set. + ## E.g. + ## values: + ## - e2e-az1 + ## - e2e-az2 + ## + values: [] + ## @param metrics.kafka.affinity Affinity for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + ## Note: metrics.kafka.podAffinityPreset, metrics.kafka.podAntiAffinityPreset, and metrics.kafka.nodeAffinityPreset will be ignored when it's set + ## + affinity: {} + ## @param metrics.kafka.nodeSelector Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param metrics.kafka.tolerations Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param metrics.kafka.schedulerName Name of the k8s scheduler (other than default) for Kafka exporter + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param metrics.kafka.enableServiceLinks Whether information about services should be injected into pod's environment variable + ## The environment variables injected by service links are not used, but can lead to slow kafka boot times or slow running of the scripts when there are many services in the current namespace. + ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. + ## + enableServiceLinks: true + ## @param metrics.kafka.priorityClassName Kafka exporter pods' priorityClassName + ## + priorityClassName: "" + ## @param metrics.kafka.topologySpreadConstraints Topology Spread Constraints for pod assignment + ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ + ## The value is evaluated as a template + ## + topologySpreadConstraints: [] + ## @param metrics.kafka.extraVolumes Optionally specify extra list of additional volumes for the Kafka exporter pod(s) + ## e.g: + ## extraVolumes: + ## - name: kafka-jaas + ## secret: + ## secretName: kafka-jaas + ## + extraVolumes: [] + ## @param metrics.kafka.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Kafka exporter container(s) + ## extraVolumeMounts: + ## - name: kafka-jaas + ## mountPath: /bitnami/kafka/config/kafka_jaas.conf + ## subPath: kafka_jaas.conf + ## + extraVolumeMounts: [] + ## @param metrics.kafka.sidecars Add additional sidecar containers to the Kafka exporter pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param metrics.kafka.initContainers Add init containers to the Kafka exporter pods + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + initContainers: [] + ## Kafka exporter service configuration + ## + service: + ## @param metrics.kafka.service.ports.metrics Kafka exporter metrics service port + ## + ports: + metrics: 9308 + ## @param metrics.kafka.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## + clusterIP: "" + ## @param metrics.kafka.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/user-guide/services/ + ## + sessionAffinity: None + ## @param metrics.kafka.service.annotations [object] Annotations for the Kafka exporter service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.kafka.service.ports.metrics }}" + prometheus.io/path: "/metrics" + ## Kafka exporter pods ServiceAccount + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + ## @param metrics.kafka.serviceAccount.create Enable creation of ServiceAccount for Kafka exporter pods + ## + create: true + ## @param metrics.kafka.serviceAccount.name The name of the service account to use. If not set and `create` is `true`, a name is generated + ## If not set and create is true, a name is generated using the kafka.metrics.kafka.serviceAccountName template + ## + name: "" + ## @param metrics.kafka.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: true + ## Prometheus JMX exporter: exposes the majority of Kafka metrics + ## + jmx: + ## @param metrics.jmx.enabled Whether or not to expose JMX metrics to Prometheus + ## + enabled: false + ## @param metrics.jmx.kafkaJmxPort JMX port where the exporter will collect metrics, exposed in the Kafka container. + ## + kafkaJmxPort: 5555 + ## Bitnami JMX exporter image + ## ref: https://hub.docker.com/r/bitnami/jmx-exporter/tags/ + ## @param metrics.jmx.image.registry [default: REGISTRY_NAME] JMX exporter image registry + ## @param metrics.jmx.image.repository [default: REPOSITORY_NAME/jmx-exporter] JMX exporter image repository + ## @skip metrics.jmx.image.tag JMX exporter image tag (immutable tags are recommended) + ## @param metrics.jmx.image.digest JMX exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag + ## @param metrics.jmx.image.pullPolicy JMX exporter image pull policy + ## @param metrics.jmx.image.pullSecrets Specify docker-registry secret names as an array + ## + image: + registry: docker.io + repository: bitnami/jmx-exporter + tag: 0.19.0-debian-11-r95 + digest: "" + ## Specify a imagePullPolicy + ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' + ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images + ## + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets (secrets must be manually created in the namespace) + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## e.g: + ## pullSecrets: + ## - myRegistryKeySecretName + ## + pullSecrets: [] + ## Prometheus JMX exporter containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param metrics.jmx.containerSecurityContext.enabled Enable Prometheus JMX exporter containers' Security Context + ## @param metrics.jmx.containerSecurityContext.runAsUser Set Prometheus JMX exporter containers' Security Context runAsUser + ## @param metrics.jmx.containerSecurityContext.runAsNonRoot Set Prometheus JMX exporter containers' Security Context runAsNonRoot + ## @param metrics.jmx.containerSecurityContext.allowPrivilegeEscalation Set Prometheus JMX exporter containers' Security Context allowPrivilegeEscalation + ## @param metrics.jmx.containerSecurityContext.readOnlyRootFilesystem Set Prometheus JMX exporter containers' Security Context readOnlyRootFilesystem + ## @param metrics.jmx.containerSecurityContext.capabilities.drop Set Prometheus JMX exporter containers' Security Context capabilities to be dropped + ## e.g: + ## containerSecurityContext: + ## enabled: true + ## capabilities: + ## drop: ["NET_RAW"] + ## readOnlyRootFilesystem: true + ## + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + ## @param metrics.jmx.containerPorts.metrics Prometheus JMX exporter metrics container port + ## + containerPorts: + metrics: 5556 + ## Prometheus JMX exporter resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param metrics.jmx.resources.limits The resources limits for the JMX exporter container + ## @param metrics.jmx.resources.requests The requested resources for the JMX exporter container + ## + resources: + limits: {} + requests: {} + ## Prometheus JMX exporter service configuration + ## + service: + ## @param metrics.jmx.service.ports.metrics Prometheus JMX exporter metrics service port + ## + ports: + metrics: 5556 + ## @param metrics.jmx.service.clusterIP Static clusterIP or None for headless services + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address + ## + clusterIP: "" + ## @param metrics.jmx.service.sessionAffinity Control where client requests go, to the same pod or round-robin + ## Values: ClientIP or None + ## ref: https://kubernetes.io/docs/user-guide/services/ + ## + sessionAffinity: None + ## @param metrics.jmx.service.annotations [object] Annotations for the Prometheus JMX exporter service + ## + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "{{ .Values.metrics.jmx.service.ports.metrics }}" + prometheus.io/path: "/" + ## @param metrics.jmx.whitelistObjectNames Allows setting which JMX objects you want to expose to via JMX stats to JMX exporter + ## Only whitelisted values will be exposed via JMX exporter. They must also be exposed via Rules. To expose all metrics + ## (warning its crazy excessive and they aren't formatted in a prometheus style) (1) `whitelistObjectNames: []` + ## (2) commented out above `overrideConfig`. + ## + whitelistObjectNames: + - kafka.controller:* + - kafka.server:* + - java.lang:* + - kafka.network:* + - kafka.log:* + ## @param metrics.jmx.config [string] Configuration file for JMX exporter + ## Specify content for jmx-kafka-prometheus.yml. Evaluated as a template + ## + ## Credits to the incubator/kafka chart for the JMX configuration. + ## https://github.com/helm/charts/tree/master/incubator/kafka + ## + config: |- + jmxUrl: service:jmx:rmi:///jndi/rmi://127.0.0.1:{{ .Values.metrics.jmx.kafkaJmxPort }}/jmxrmi + lowercaseOutputName: true + lowercaseOutputLabelNames: true + ssl: false + {{- if .Values.metrics.jmx.whitelistObjectNames }} + whitelistObjectNames: ["{{ join "\",\"" .Values.metrics.jmx.whitelistObjectNames }}"] + {{- end }} + ## @param metrics.jmx.existingConfigmap Name of existing ConfigMap with JMX exporter configuration + ## NOTE: This will override metrics.jmx.config + ## + existingConfigmap: "" + ## @param metrics.jmx.extraRules Add extra rules to JMX exporter configuration + ## e.g: + ## extraRules: |- + ## - pattern: kafka.server<>(connection-count) + ## name: kafka_server_socket_server_metrics_$3 + ## labels: + ## listener: $1 + ## + extraRules: "" + ## Prometheus Operator ServiceMonitor configuration + ## + serviceMonitor: + ## @param metrics.serviceMonitor.enabled if `true`, creates a Prometheus Operator ServiceMonitor (requires `metrics.kafka.enabled` or `metrics.jmx.enabled` to be `true`) + ## + enabled: false + ## @param metrics.serviceMonitor.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param metrics.serviceMonitor.interval Interval at which metrics should be scraped + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + interval: "" + ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended + ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint + ## + scrapeTimeout: "" + ## @param metrics.serviceMonitor.labels Additional labels that can be used so ServiceMonitor will be discovered by Prometheus + ## + labels: {} + ## @param metrics.serviceMonitor.selector Prometheus instance selector labels + ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration + ## + selector: {} + ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping + ## + relabelings: [] + ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion + ## + metricRelabelings: [] + ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint + ## + honorLabels: false + ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus. + ## + jobLabel: "" + + prometheusRule: + ## @param metrics.prometheusRule.enabled if `true`, creates a Prometheus Operator PrometheusRule (requires `metrics.kafka.enabled` or `metrics.jmx.enabled` to be `true`) + ## + enabled: false + ## @param metrics.prometheusRule.namespace Namespace in which Prometheus is running + ## + namespace: "" + ## @param metrics.prometheusRule.labels Additional labels that can be used so PrometheusRule will be discovered by Prometheus + ## + labels: {} + ## @param metrics.prometheusRule.groups Prometheus Rule Groups for Kafka + ## + groups: [] + +## @section Kafka provisioning parameters +## + +## Kafka provisioning +## +provisioning: + ## @param provisioning.enabled Enable kafka provisioning Job + ## + enabled: false + ## @param provisioning.numPartitions Default number of partitions for topics when unspecified + ## + numPartitions: 1 + ## @param provisioning.replicationFactor Default replication factor for topics when unspecified + ## + replicationFactor: 1 + ## @param provisioning.topics Kafka topics to provision + ## - name: topic-name + ## partitions: 1 + ## replicationFactor: 1 + ## ## https://kafka.apache.org/documentation/#topicconfigs + ## config: + ## max.message.bytes: 64000 + ## flush.messages: 1 + ## + topics: [] + ## @param provisioning.nodeSelector Node labels for pod assignment + ## Ref: https://kubernetes.io/docs/user-guide/node-selection/ + ## + nodeSelector: {} + ## @param provisioning.tolerations Tolerations for pod assignment + ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + ## + tolerations: [] + ## @param provisioning.extraProvisioningCommands Extra commands to run to provision cluster resources + ## - echo "Allow user to consume from any topic" + ## - >- + ## /opt/bitnami/kafka/bin/kafka-acls.sh + ## --bootstrap-server $KAFKA_SERVICE + ## --command-config $CLIENT_CONF + ## --add + ## --allow-principal User:user + ## --consumer --topic '*' + ## - "/opt/bitnami/kafka/bin/kafka-acls.sh + ## --bootstrap-server $KAFKA_SERVICE + ## --command-config $CLIENT_CONF + ## --list" + ## + extraProvisioningCommands: [] + ## @param provisioning.parallel Number of provisioning commands to run at the same time + ## + parallel: 1 + ## @param provisioning.preScript Extra bash script to run before topic provisioning. $CLIENT_CONF is path to properties file with most needed configurations + ## + preScript: "" + ## @param provisioning.postScript Extra bash script to run after topic provisioning. $CLIENT_CONF is path to properties file with most needed configurations + ## + postScript: "" + ## Auth Configuration for kafka provisioning Job + ## + auth: + ## TLS configuration for kafka provisioning Job + ## + tls: + ## @param provisioning.auth.tls.type Format to use for TLS certificates. Allowed types: `JKS` and `PEM`. + ## Note: ignored if auth.tls.client.protocol different from one of these values: "SSL" "SASL_SSL" + ## + type: jks + ## @param provisioning.auth.tls.certificatesSecret Existing secret containing the TLS certificates for the Kafka provisioning Job. + ## When using 'jks' format for certificates, the secret should contain a truststore and a keystore. + ## When using 'pem' format for certificates, the secret should contain one of the following: + ## 1. A public CA certificate, a public certificate and one private key. + ## 2. A truststore and a keystore in PEM format + ## If caCert is set, option 1 will be taken, otherwise option 2. + ## + certificatesSecret: "" + ## @param provisioning.auth.tls.cert The secret key from the certificatesSecret if 'cert' key different from the default (tls.crt) + ## + cert: tls.crt + ## @param provisioning.auth.tls.key The secret key from the certificatesSecret if 'key' key different from the default (tls.key) + ## + key: tls.key + ## @param provisioning.auth.tls.caCert The secret key from the certificatesSecret if 'caCert' key different from the default (ca.crt) + ## + caCert: ca.crt + ## @param provisioning.auth.tls.keystore The secret key from the certificatesSecret if 'keystore' key different from the default (keystore.jks) + ## + keystore: keystore.jks + ## @param provisioning.auth.tls.truststore The secret key from the certificatesSecret if 'truststore' key different from the default (truststore.jks) + ## + truststore: truststore.jks + ## @param provisioning.auth.tls.passwordsSecret Name of the secret containing passwords to access the JKS files or PEM key when they are password-protected. + ## It should contain two keys called "keystore-password" and "truststore-password", or "key-password" if using a password-protected PEM key. + ## + passwordsSecret: "" + ## @param provisioning.auth.tls.keyPasswordSecretKey The secret key from the passwordsSecret if 'keyPasswordSecretKey' key different from the default (key-password) + ## Note: must not be used if `passwordsSecret` is not defined. + ## + keyPasswordSecretKey: key-password + ## @param provisioning.auth.tls.keystorePasswordSecretKey The secret key from the passwordsSecret if 'keystorePasswordSecretKey' key different from the default (keystore-password) + ## Note: must not be used if `passwordsSecret` is not defined. + ## + keystorePasswordSecretKey: keystore-password + ## @param provisioning.auth.tls.truststorePasswordSecretKey The secret key from the passwordsSecret if 'truststorePasswordSecretKey' key different from the default (truststore-password) + ## Note: must not be used if `passwordsSecret` is not defined. + ## + truststorePasswordSecretKey: truststore-password + ## @param provisioning.auth.tls.keyPassword Password to access the password-protected PEM key if necessary. Ignored if 'passwordsSecret' is provided. + ## + keyPassword: "" + ## @param provisioning.auth.tls.keystorePassword Password to access the JKS keystore. Ignored if 'passwordsSecret' is provided. + ## + keystorePassword: "" + ## @param provisioning.auth.tls.truststorePassword Password to access the JKS truststore. Ignored if 'passwordsSecret' is provided. + ## + truststorePassword: "" + ## @param provisioning.command Override provisioning container command + ## + command: [] + ## @param provisioning.args Override provisioning container arguments + ## + args: [] + ## @param provisioning.extraEnvVars Extra environment variables to add to the provisioning pod + ## e.g: + ## extraEnvVars: + ## - name: KAFKA_CFG_BACKGROUND_THREADS + ## value: "10" + ## + extraEnvVars: [] + ## @param provisioning.extraEnvVarsCM ConfigMap with extra environment variables + ## + extraEnvVarsCM: "" + ## @param provisioning.extraEnvVarsSecret Secret with extra environment variables + ## + extraEnvVarsSecret: "" + ## @param provisioning.podAnnotations Extra annotations for Kafka provisioning pods + ## + podAnnotations: {} + ## @param provisioning.podLabels Extra labels for Kafka provisioning pods + ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ + ## + podLabels: {} + ## Kafka provisioning pods ServiceAccount + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + ## + serviceAccount: + ## @param provisioning.serviceAccount.create Enable creation of ServiceAccount for Kafka provisioning pods + ## + create: false + ## @param provisioning.serviceAccount.name The name of the service account to use. If not set and `create` is `true`, a name is generated + ## If not set and create is true, a name is generated using the provisioning.serviceAccount.name template + ## + name: "" + ## @param provisioning.serviceAccount.automountServiceAccountToken Allows auto mount of ServiceAccountToken on the serviceAccount created + ## Can be set to false if pods using this serviceAccount do not need to use K8s API + ## + automountServiceAccountToken: true + ## Kafka provisioning resource requests and limits + ## ref: https://kubernetes.io/docs/user-guide/compute-resources/ + ## @param provisioning.resources.limits The resources limits for the Kafka provisioning container + ## @param provisioning.resources.requests The requested resources for the Kafka provisioning container + ## + resources: + limits: {} + requests: {} + ## Kafka provisioning pods' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod + ## @param provisioning.podSecurityContext.enabled Enable security context for the pods + ## @param provisioning.podSecurityContext.fsGroup Set Kafka provisioning pod's Security Context fsGroup + ## @param provisioning.podSecurityContext.seccompProfile.type Set Kafka provisioning pod's Security Context seccomp profile + ## + podSecurityContext: + enabled: true + fsGroup: 1001 + seccompProfile: + type: "RuntimeDefault" + ## Kafka provisioning containers' Security Context + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container + ## @param provisioning.containerSecurityContext.enabled Enable Kafka provisioning containers' Security Context + ## @param provisioning.containerSecurityContext.runAsUser Set Kafka provisioning containers' Security Context runAsUser + ## @param provisioning.containerSecurityContext.runAsNonRoot Set Kafka provisioning containers' Security Context runAsNonRoot + ## @param provisioning.containerSecurityContext.allowPrivilegeEscalation Set Kafka provisioning containers' Security Context allowPrivilegeEscalation + ## @param provisioning.containerSecurityContext.readOnlyRootFilesystem Set Kafka provisioning containers' Security Context readOnlyRootFilesystem + ## @param provisioning.containerSecurityContext.capabilities.drop Set Kafka provisioning containers' Security Context capabilities to be dropped + ## e.g: + ## containerSecurityContext: + ## enabled: true + ## capabilities: + ## drop: ["NET_RAW"] + ## readOnlyRootFilesystem: true + ## + containerSecurityContext: + enabled: true + runAsUser: 1001 + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: ["ALL"] + ## @param provisioning.schedulerName Name of the k8s scheduler (other than default) for kafka provisioning + ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ + ## + schedulerName: "" + ## @param provisioning.enableServiceLinks Whether information about services should be injected into pod's environment variable + ## The environment variables injected by service links are not used, but can lead to slow kafka boot times or slow running of the scripts when there are many services in the current namespace. + ## If you experience slow pod startups or slow running of the scripts you probably want to set this to `false`. + ## + enableServiceLinks: true + ## @param provisioning.extraVolumes Optionally specify extra list of additional volumes for the Kafka provisioning pod(s) + ## e.g: + ## extraVolumes: + ## - name: kafka-jaas + ## secret: + ## secretName: kafka-jaas + ## + extraVolumes: [] + ## @param provisioning.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Kafka provisioning container(s) + ## extraVolumeMounts: + ## - name: kafka-jaas + ## mountPath: /bitnami/kafka/config/kafka_jaas.conf + ## subPath: kafka_jaas.conf + ## + extraVolumeMounts: [] + ## @param provisioning.sidecars Add additional sidecar containers to the Kafka provisioning pod(s) + ## e.g: + ## sidecars: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + sidecars: [] + ## @param provisioning.initContainers Add additional Add init containers to the Kafka provisioning pod(s) + ## e.g: + ## initContainers: + ## - name: your-image-name + ## image: your-image + ## imagePullPolicy: Always + ## ports: + ## - name: portname + ## containerPort: 1234 + ## + initContainers: [] + ## @param provisioning.waitForKafka If true use an init container to wait until kafka is ready before starting provisioning + ## + waitForKafka: true + +## @section KRaft chart parameters + +## KRaft configuration +## Kafka mode without Zookeeper. Kafka nodes can work as controllers in this mode. +## +kraft: + ## @param kraft.enabled Switch to enable or disable the KRaft mode for Kafka + ## + enabled: true + ## @param kraft.existingClusterIdSecret Name of the secret containing the cluster ID for the Kafka KRaft cluster. This is incompatible with the clusterId parameter. If both are set, the existingClusterIdSecret will be used + existingClusterIdSecret: "" + ## @param kraft.clusterId Kafka Kraft cluster ID. If not set, a random cluster ID will be generated the first time Kraft is initialized. + ## NOTE: Already initialized Kafka nodes will use cluster ID stored in their persisted storage. + ## If reusing existing PVCs or migrating from Zookeeper mode, make sure the cluster ID is set matching the stored cluster ID, otherwise new nodes will fail to join the cluster. + ## In case the cluster ID stored in the secret does not match the value stored in /bitnami/kafka/data/meta.properties, remove the secret and upgrade the chart setting the correct value. + ## + clusterId: "" + ## @param kraft.controllerQuorumVoters Override the Kafka controller quorum voters of the Kafka Kraft cluster. If not set, it will be automatically configured to use all controller-elegible nodes. + ## + controllerQuorumVoters: "" + +## @section ZooKeeper chart parameters +## +## @param zookeeperChrootPath Path which puts data under some path in the global ZooKeeper namespace +## ref: https://kafka.apache.org/documentation/#brokerconfigs_zookeeper.connect +## +zookeeperChrootPath: "" +## ZooKeeper chart configuration +## https://github.com/bitnami/charts/blob/main/bitnami/zookeeper/values.yaml +## +zookeeper: + ## @param zookeeper.enabled Switch to enable or disable the ZooKeeper helm chart. Must be false if you use KRaft mode. + ## + enabled: false + ## @param zookeeper.replicaCount Number of ZooKeeper nodes + ## + replicaCount: 1 + ## ZooKeeper authentication + ## + auth: + client: + ## @param zookeeper.auth.client.enabled Enable ZooKeeper auth + ## + enabled: false + ## @param zookeeper.auth.client.clientUser User that will use ZooKeeper client (zkCli.sh) to authenticate. Must exist in the serverUsers comma-separated list. + ## + clientUser: "" + ## @param zookeeper.auth.client.clientPassword Password that will use ZooKeeper client (zkCli.sh) to authenticate. Must exist in the serverPasswords comma-separated list. + ## + clientPassword: "" + ## @param zookeeper.auth.client.serverUsers Comma, semicolon or whitespace separated list of user to be created. Specify them as a string, for example: "user1,user2,admin" + ## + serverUsers: "" + ## @param zookeeper.auth.client.serverPasswords Comma, semicolon or whitespace separated list of passwords to assign to users when created. Specify them as a string, for example: "pass4user1, pass4user2, pass4admin" + ## + serverPasswords: "" + ## ZooKeeper Persistence parameters + ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/ + ## @param zookeeper.persistence.enabled Enable persistence on ZooKeeper using PVC(s) + ## @param zookeeper.persistence.storageClass Persistent Volume storage class + ## @param zookeeper.persistence.accessModes Persistent Volume access modes + ## @param zookeeper.persistence.size Persistent Volume size + ## + persistence: + enabled: true + storageClass: "" + accessModes: + - ReadWriteOnce + size: 8Gi + +## External Zookeeper Configuration +## +externalZookeeper: + ## @param externalZookeeper.servers List of external zookeeper servers to use. Typically used in combination with 'zookeeperChrootPath'. Must be empty if you use KRaft mode. + ## + servers: [] diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 79f00e14e2..4f60d867d2 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index b19243dd68..5e010dd721 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index eb4b3d9483..21f97756ec 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -36,7 +36,7 @@ cluster-configs: es-host: 'elasticsearch-data-v1.es-cluster' es-indexer-host: 'http://elasticsearch-data-v1.es-cluster:9200/' flyway-locations: 'filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa' - kafka-brokers: 'kafka-v2.kafka-cluster:9092' + kafka-brokers: 'release-name-kafka-controller-headless.kafka-kraft:9092' kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: 'DEBUG' mobile-validation-workaround: 'true' diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 3d340e756a..dfb1b70ce9 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 06adf0edb6..666bf7bd45 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -25,7 +25,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 2f9f26bb51983dfadeae29bb8c29fd576b077e91 Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Wed, 15 Nov 2023 12:41:07 +0530 Subject: [PATCH 443/742] updated the indexer (#2104) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index aece29daa6..a9b49cd76f 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -406,7 +406,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" - egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-workflow-v2: logging-level: "DEBUG" From 8c1f2443fcc0b61f18c552d516f45f071664df25 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 15 Nov 2023 15:03:12 +0530 Subject: [PATCH 444/742] Update values.yaml for pqm-scheduler (#2105) --- deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml index d41771e02e..ce027104b3 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-scheduler/values.yaml @@ -16,6 +16,8 @@ image: command: - "python3" - "cronJobAPIConfig.py" +args: + - "daily" # Additional Container Envs From 886846828c934743bbd86a04aff034309907a3fc Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 15 Nov 2023 17:51:45 +0530 Subject: [PATCH 445/742] Update _cronjob.yaml template (#2106) --- deploy-as-code/helm/charts/common/templates/_cronjob.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml index 2c11e8c4a2..f72aed663d 100644 --- a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml +++ b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml @@ -35,6 +35,10 @@ spec: - name: {{ template "common.name" . }} image: {{ template "common.image" (dict "Values" $.Values "repository" .Values.image.repository "tag" .Values.image.tag) }} imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- if .Values.command }} + command: + {{- toYaml .Values.command | nindent 12 }} + {{- end }} {{- if .Values.args }} args: {{- toYaml .Values.args | nindent 12 }} @@ -58,4 +62,4 @@ spec: {{- tpl .Values.resources . | nindent 14 }} {{- end }} restartPolicy: {{ .Values.cron.restartPolicy }} -{{- end -}} \ No newline at end of file +{{- end -}} From dd4d615db094b9c9db34f82f0eb5eb9e970d6d8f Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Thu, 16 Nov 2023 13:31:48 +0530 Subject: [PATCH 446/742] [DPG-1993] updated boundary service helm charts for boundary relationship (#2107) --- .../helm/charts/core-services/boundary-service/values.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml index 5dbae73630..2ca6fc194c 100644 --- a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml @@ -32,6 +32,8 @@ kafka-topics-create-boundary: "create-boundary-entity" kafka-topics-update-boundary: "update-boundary-entity" kafka-topics-create-boundary-hierarchy: "save-boundary-hierarchy-definition" kafka-topics-update-boundary-hierarchy: "update-boundary-hierarchy-definition" +kafka-topics-create-boundary-relationship: "save-boundary-relationship" +kafka-topics-update-boundary-relationship: "update-boundary-relationship" # Additional Container Envs env: | @@ -61,6 +63,10 @@ env: | value: {{ index .Values "kafka-topics-create-boundary" | quote }} - name: KAFKA_TOPICS_CREATE_BOUNDARY_HIERARCHY value: {{ index .Values "kafka-topics-create-boundary-hierarchy" | quote }} + - name: KAFKA_TOPICS_CREATE_BOUNDARY_RELATIONSHIP + value: {{ index .Values "kafka-topics-create-boundary-relationship" | quote }} + - name: KAFKA_TOPICS_UPDATE_BOUNDARY_RELATIONSHIP + value: {{ index .Values "kafka-topics-update-boundary-relationship" | quote }} - name: KAFKA_TOPICS_UPDATE_BOUNDARY value: {{ index .Values "kafka-topics-update-boundary" | quote }} - name: KAFKA_TOPICS_UPDATE_BOUNDARY_HIERARCHY From a58ef4f871a1155f006afa6517d2de55a07b3b4d Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 17 Nov 2023 12:15:20 +0530 Subject: [PATCH 447/742] added postgres-exporter charts and updated vesions (#2108) Co-authored-by: Harish-egov --- .../fluent-bit/templates/clusterrole.yaml | 2 +- .../templates/clusterrolebinding.yaml | 2 +- .../fluent-bit/templates/configmap.yaml | 18 ++ .../fluent-bit/templates/daemonset.yaml | 11 +- .../jaeger/templates/spark-cronjob.yaml | 2 +- .../postgres/templates/pvc.yaml | 2 +- .../backbone-services/postgres/values.yaml | 2 +- .../prometheus-operator/values.yaml | 3 + .../prometheus-postgres-exporter/Chart.yaml | 15 ++ .../prometheus-postgres-exporter/README.md | 91 +++++++ .../templates/NOTES.txt | 17 ++ .../templates/_helpers.tpl | 52 ++++ .../templates/configmap.yaml | 13 + .../templates/deployment.yaml | 119 +++++++++ .../templates/podsecuritypolicy.yaml | 39 +++ .../templates/role.yaml | 19 ++ .../templates/rolebinding.yaml | 18 ++ .../templates/secrets.yaml | 15 ++ .../templates/service.yaml | 27 ++ .../templates/serviceaccount.yaml | 13 + .../templates/servicemonitor.yaml | 33 +++ .../prometheus-postgres-exporter/values.yaml | 243 ++++++++++++++++++ .../helm/environments/sanitation.yaml | 3 + .../helm/environments/unified-dev.yaml | 9 + .../helm/environments/unified-qa.yaml | 22 +- .../helm/environments/unified-uat.yaml | 11 + 26 files changed, 787 insertions(+), 14 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/Chart.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/README.md create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/NOTES.txt create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/_helpers.tpl create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/podsecuritypolicy.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/role.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/secrets.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/servicemonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml index 1b07fda847..beeb0daca4 100644 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrole.yaml @@ -1,4 +1,4 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "name" . }}-read diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml index a0ec73bb33..515c03238a 100644 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/clusterrolebinding.yaml @@ -1,4 +1,4 @@ -apiVersion: rbac.authorization.k8s.io/v1beta1 +apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "name" . }}-read diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml index c5123d528e..38e71c2497 100644 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml +++ b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/configmap.yaml @@ -22,6 +22,24 @@ data: @INCLUDE filter-kubernetes.conf @INCLUDE output-kafka-egov-services.conf @INCLUDE output-kafka-infra.conf + [INPUT] + Name tail + Tag kube.* + Path /var/log/containers/*.log + Parser docker + DB /var/log/flb_kube.db + Mem_Buf_Limit 5MB + Skip_Long_Lines On + [OUTPUT] + Name es + Match * + Host elasticsearch-data-v1.es-cluster + Port 9200 + Index fluentbit-%Y.%m.%d + Type flb + Logstash_Format On + Logstash_Prefix fluentbit + input-egov-services.conf: | [INPUT] Name tail diff --git a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml index 23697ffc7b..8a009a0bf9 100644 --- a/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml +++ b/deploy-as-code/helm/charts/backbone-services/fluent-bit/templates/daemonset.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: DaemonSet metadata: name: {{ template "name" . }} @@ -7,6 +7,9 @@ metadata: app: {{ template "name" . }} kubernetes.io/cluster-service: "true" spec: + selector: # Add the selector field to specify how pods are selected + matchLabels: + app: {{ template "name" . }} template: metadata: labels: @@ -20,11 +23,11 @@ spec: - containerPort: 2020 env: - name: KAFKA_BROKERS - value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-infra-brokers" | quote }} + value: {{ index $.Values "cluster-configs" "configmaps" "egov-config" "data" "kafka-infra-brokers" | quote }} - name: KAFKA_EGOV_SERVICES_LOGS_TOPIC value: {{ index .Values "egov-services-log-topic" | quote }} - name: KAFKA_EGOV_INFRA_LOGS_TOPIC - value: {{ index .Values "egov-infra-log-topic" | quote }} + value: {{ index .Values "egov-infra-log-topic" | quote }} volumeMounts: - name: varlog mountPath: /var/log @@ -45,4 +48,4 @@ spec: configMap: name: {{ template "name" . }}-config serviceAccountName: {{ template "name" . }} - serviceAccount: {{ template "name" . }} \ No newline at end of file + serviceAccount: {{ template "name" . }} diff --git a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml index 37da33a2f4..0507049c3e 100644 --- a/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml +++ b/deploy-as-code/helm/charts/backbone-services/jaeger/templates/spark-cronjob.yaml @@ -1,5 +1,5 @@ {{- if .Values.spark.enabled -}} -apiVersion: batch/v1beta1 +apiVersion: batch/v1 kind: CronJob metadata: name: {{ template "name" . }}-spark diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml index 900adb38db..31e752bc6d 100644 --- a/deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml +++ b/deploy-as-code/helm/charts/backbone-services/postgres/templates/pvc.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-postgres - namespace: egov + namespace: monitoring labels: type: local spec: diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml index 7c3d973123..4b78045824 100644 --- a/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml @@ -1,7 +1,7 @@ labels: app: "postgres" group: "db" -namespace: egov +namespace: monitoring image: repository: "docker.io/postgres" diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index 581ec57fcf..1ccdbbabdc 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -2158,6 +2158,9 @@ prometheus: - job_name: 'kafka-exporter' static_configs: - targets: ['prometheus-kafka-exporter.kafka-cluster:9308'] + - job_name: 'postgres-exporter' + static_configs: + - targets: ['release-name-prometheus-postgres-exporter:80'] # - job_name: kube-etcd # kubernetes_sd_configs: # - role: node diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/Chart.yaml new file mode 100644 index 0000000000..e70467dba6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/Chart.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +appVersion: "0.8.0" +# The prometheus-postgres-exporter chart is deprecated and no longer maintained. For details deprecation, +# including how to un-deprecate a chart see the PROCESSES.md file. +deprecated: true +description: DEPRECATED A Helm chart for prometheus postgres-exporter +name: prometheus-postgres-exporter +version: 1.3.1 +home: https://github.com/wrouesnel/postgres_exporter +sources: +- https://github.com/wrouesnel/postgres_exporter +keywords: +- postgresql +- prometheus +- exporter diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/README.md b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/README.md new file mode 100644 index 0000000000..394fe966b9 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/README.md @@ -0,0 +1,91 @@ +# Prometheus Postgres Exporter + +DEPRECATED and moved to + +* Installs prometheus [postgres exporter](https://github.com/wrouesnel/postgres_exporter) + +## TL;DR; + +```console +$ helm install stable/prometheus-postgres-exporter +``` + +## Introduction + +This chart bootstraps a prometheus [postgres exporter](https://github.com/wrouesnel/postgres_exporter) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm install --name my-release stable/prometheus-postgres-exporter +``` + +The command deploys postgres exporter on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the postgres Exporter chart and their default values. + +| Parameter | Description | Default | +| ------------------------------- | ------------------------------------------ | ---------------------------------------------------------- | +| `image` | Image | `wrouesnel/postgres_exporter` | +| `imageTag` | Image tag | `v0.5.1` | +| `imagePullPolicy` | Image pull policy | `IfNotPresent` | +| `service.annotations` | annotations for the service | `{}` | +| `service.type` | Service type | `ClusterIP` | +| `service.port` | The service port | `80` | +| `service.targetPort` | The target port of the container | `9187` | +| `service.name` | Name of the service port | `http` | +| `service.labels` | Labels to add to the service | `{}` | +| `serviceMonitor.enabled` | Use servicemonitor from prometheus operator | `false` | +| `serviceMonitor.namespace` | Namespace thes Servicemonitor is installed in | | +| `serviceMonitor.interval` | How frequently Prometheus should scrape | | +| `serviceMonitor.telemetryPath` | path to cloudwatch-exporter telemtery-path | | +| `serviceMonitor.labels` | labels for the ServiceMonitor passed to Prometheus Operator | `{}` | +| `serviceMonitor.timeout` | Timeout after which the scrape is ended | | +| `resources` | | `{}` | +| `config.datasource` | Postgresql datasource configuration | see [values.yaml](values.yaml) | +| `config.datasourceSecret` | Postgresql datasource configuration from secret | see [values.yaml](values.yaml) | +| `config.queries` | SQL queries that the exporter will run | [postgres exporter defaults](https://github.com/wrouesnel/postgres_exporter/blob/master/queries.yaml) | +| `config.disableDefaultMetrics` | Specifies whether to use only metrics from `queries.yaml`| `false` | +| `config.autoDiscoverDatabases` | Specifies whether to autodiscover all databases | `false` | +| `config.excludeDatabases` | When autodiscover is enabled, list databases to exclude| `[]` | +| `rbac.create` | Specifies whether RBAC resources should be created.| `true` | +| `rbac.pspEnabled` | Specifies whether a PodSecurityPolicy should be created.| `true` | +| `serviceAccount.create` | Specifies whether a service account should be created.| `true` | +| `serviceAccount.name` | Name of the service account.| | +| `tolerations` | Add tolerations | `[]` | +| `nodeSelector` | node labels for pod assignment | `{}` | +| `affinity` | node/pod affinities | `{}` | +| `annotations` | Deployment annotations | `{}` | +| `podLabels` | Additional labels to add to each pod | `{}` | +| `extraContainers` | Additional sidecar containers | `""` | +| `extraVolumes` | Additional volumes for use in extraContainers | `""` | +| `securityContext` | Security options the pod should run with. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{}` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```console +$ helm install --name my-release \ + --set serviceAccount.name=postgres \ + stable/prometheus-postgres-exporter +``` + +Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example, + +```console +$ helm install --name my-release -f values.yaml stable/prometheus-postgres-exporter +``` diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/NOTES.txt new file mode 100644 index 0000000000..063fa4c941 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/NOTES.txt @@ -0,0 +1,17 @@ +DEPRECATED and moved to + +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-postgres-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-postgres-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "prometheus-postgres-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "prometheus-postgres-exporter.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:80 +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/_helpers.tpl new file mode 100644 index 0000000000..f3eadedb45 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/_helpers.tpl @@ -0,0 +1,52 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-postgres-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-postgres-exporter.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-postgres-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-postgres-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "prometheus-postgres-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + + +{{/* +Set DATA_SOURCE_URI environment variable +*/}} +{{- define "prometheus-postgres-exporter.data_source_uri" -}} +{{ printf "%s:%s/%s?sslmode=%s" .Values.config.datasource.host .Values.config.datasource.port .Values.config.datasource.database .Values.config.datasource.sslmode | quote }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/configmap.yaml new file mode 100644 index 0000000000..82c27a0d4a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/configmap.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.yaml: | +{{ printf .Values.config.queries | indent 4 }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/deployment.yaml new file mode 100644 index 0000000000..84ee8b1175 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/deployment.yaml @@ -0,0 +1,119 @@ +{{- if and .Values.config.datasource.passwordSecret .Values.config.datasource.password -}} +{{ fail (printf "ERROR: only one of .Values.config.datasource.passwordSecret and .Values.config.datasource.password must be defined") }} +{{- end -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "prometheus-postgres-exporter.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + release: {{ .Release.Name }} +{{- if .Values.podLabels }} +{{ toYaml .Values.podLabels | trim | indent 8 }} +{{- end }} + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} +{{- if .Values.annotations }} +{{ toYaml .Values.annotations | indent 8 }} +{{- end }} + spec: + serviceAccountName: {{ template "prometheus-postgres-exporter.serviceAccountName" . }} + containers: + - name: {{ .Chart.Name }} + args: + - "--extend.query-path=/etc/config.yaml" + {{- if .Values.config.disableDefaultMetrics }} + - "--disable-default-metrics" + {{- end }} + {{- if .Values.config.disableSettingsMetrics }} + - "--disable-settings-metrics" + {{- end }} + {{- if .Values.config.autoDiscoverDatabases }} + - "--auto-discover-databases" + {{- if .Values.config.excludeDatabases }} + - "--exclude-databases" + - {{ .Values.config.excludeDatabases | join "," }} + {{- end }} + {{- end }} + env: + {{- if .Values.config.datasourceSecret }} + - name: DATA_SOURCE_NAME + valueFrom: + secretKeyRef: + name: {{ .Values.config.datasourceSecret.name }} + key: {{ .Values.config.datasourceSecret.key }} + {{- else }} + - name: DATA_SOURCE_URI + value: {{ template "prometheus-postgres-exporter.data_source_uri" . }} + - name: DATA_SOURCE_USER + value: {{ .Values.config.datasource.user }} + - name: DATA_SOURCE_PASS + valueFrom: + secretKeyRef: + {{- if .Values.config.datasource.passwordSecret }} + name: {{ .Values.config.datasource.passwordSecret.name }} + key: {{ .Values.config.datasource.passwordSecret.key }} + {{- else }} + name: {{ template "prometheus-postgres-exporter.fullname" . }} + key: data_source_password + {{- end }} + {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: +{{ toYaml .Values.resources | indent 12 }} + volumeMounts: + - name: queries + mountPath: /etc/config.yaml + subPath: config.yaml +{{- with .Values.extraContainers }} +{{ tpl . $ | indent 8 }} +{{- end }} + securityContext: +{{ toYaml .Values.securityContext | indent 8 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - configMap: + defaultMode: 420 + name: {{ template "prometheus-postgres-exporter.fullname" . }} + name: queries +{{- with .Values.extraVolumes }} +{{ tpl . $ | indent 6 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/podsecuritypolicy.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/podsecuritypolicy.yaml new file mode 100644 index 0000000000..7a0a39ceec --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/podsecuritypolicy.yaml @@ -0,0 +1,39 @@ +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default' + apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'docker/default' + apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' +spec: + privileged: false + allowPrivilegeEscalation: false + requiredDropCapabilities: + - ALL + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'RunAsAny' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'RunAsAny' + fsGroup: + rule: 'RunAsAny' + readOnlyRootFilesystem: false +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/role.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/role.yaml new file mode 100644 index 0000000000..f4b75b2905 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/role.yaml @@ -0,0 +1,19 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +{{- if .Values.rbac.pspEnabled }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: [{{ template "prometheus-postgres-exporter.fullname" . }}] +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/rolebinding.yaml new file mode 100644 index 0000000000..ea4b7206cd --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/rolebinding.yaml @@ -0,0 +1,18 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "prometheus-postgres-exporter.fullname" . }} +subjects: +- kind: ServiceAccount + name: {{ template "prometheus-postgres-exporter.serviceAccountName" . }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/secrets.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/secrets.yaml new file mode 100644 index 0000000000..3e26e8a5d6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/secrets.yaml @@ -0,0 +1,15 @@ +{{- if .Values.config.datasource.password -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +type: Opaque +data: + data_source_password: {{ .Values.config.datasource.password | b64enc }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/service.yaml new file mode 100644 index 0000000000..61728aec02 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/service.yaml @@ -0,0 +1,27 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-postgres-exporter.fullname" . }} + namespace: {{ .Values.namespace }} + {{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | trim | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: {{ .Values.service.name }} + selector: + app: {{ template "prometheus-postgres-exporter.name" . }} + release: {{ .Release.Name }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/serviceaccount.yaml new file mode 100644 index 0000000000..563bd54394 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/serviceaccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-postgres-exporter.serviceAccountName" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ template "prometheus-postgres-exporter.name" . }} + chart: {{ template "prometheus-postgres-exporter.chart" . }} + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- end -}} + \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/servicemonitor.yaml new file mode 100644 index 0000000000..2e89c27e2e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/templates/servicemonitor.yaml @@ -0,0 +1,33 @@ +{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) ( .Values.serviceMonitor.enabled ) }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: +{{- if .Values.serviceMonitor.labels }} + labels: +{{ toYaml .Values.serviceMonitor.labels | indent 4}} +{{- end }} + name: {{ template "prometheus-postgres-exporter.fullname" . }} +{{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} +{{- end }} +spec: + endpoints: + - targetPort: {{ .Values.service.name }} +{{- if .Values.serviceMonitor.interval }} + interval: {{ .Values.serviceMonitor.interval }} +{{- end }} +{{- if .Values.serviceMonitor.telemetryPath }} + path: {{ .Values.serviceMonitor.telemetryPath }} +{{- end }} +{{- if .Values.serviceMonitor.timeout }} + scrapeTimeout: {{ .Values.serviceMonitor.timeout }} +{{- end }} + jobLabel: {{ template "prometheus-postgres-exporter.fullname" . }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app: {{ template "prometheus-postgres-exporter.name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/values.yaml new file mode 100644 index 0000000000..4922961801 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-postgres-exporter/values.yaml @@ -0,0 +1,243 @@ +# Default values for prometheus-postgres-exporter. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +name: postgres-exporter +replicaCount: 1 +namespace: monitoring + +image: + repository: wrouesnel/postgres_exporter + tag: v0.8.0 + pullPolicy: IfNotPresent + +service: + type: ClusterIP + port: 80 + targetPort: 9187 + name: http + labels: {} + annotations: {} + +serviceMonitor: + # When set true then use a ServiceMonitor to configure scraping + enabled: false + # Set the namespace the ServiceMonitor should be deployed + # namespace: monitoring + # Set how frequently Prometheus should scrape + # interval: 30s + # Set path to cloudwatch-exporter telemtery-path + # telemetryPath: /metrics + # Set labels for the ServiceMonitor, use this to define your scrape label for Prometheus Operator + # labels: + # Set timeout for scrape + # timeout: 10s + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +rbac: + # Specifies whether RBAC resources should be created + create: true + # Specifies whether a PodSecurityPolicy should be created + pspEnabled: false +serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + +securityContext: {} + # The securityContext this Pod should use. See https://kubernetes.io/docs/concepts/policy/security-context/ for more. + # runAsUser: 65534 + +config: + datasource: + # Specify one of both datasource or datasourceSecret + host: "unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifiedqa" + # Only one of password and passwordSecret can be specified + password: "DigitCoreQA2023" + # Specify passwordSecret if DB password is stored in secret. + passwordSecret: {} + # Secret name + # name: + # Password key inside secret + # key: + port: "5432" + database: 'unifiedqadb' + sslmode: disable + datasourceSecret: {} + # Specifies if datasource should be sourced from secret value in format: postgresql://login:password@hostname:port/dbname?sslmode=disable + # Multiple Postgres databases can be configured by comma separated postgres connection strings + # Secret name + # name: + # Connection string key inside secret + # key: + disableDefaultMetrics: false + disableSettingsMetrics: false + autoDiscoverDatabases: false + excludeDatabases: [] + # this are the defaults queries that the exporter will run, extracted from: https://github.com/wrouesnel/postgres_exporter/blob/master/queries.yaml + queries: |- + pg_replication: + query: "SELECT EXTRACT(EPOCH FROM (now() - pg_last_xact_replay_timestamp())) as lag" + master: true + metrics: + - lag: + usage: "GAUGE" + description: "Replication lag behind master in seconds" + + pg_postmaster: + query: "SELECT pg_postmaster_start_time as start_time_seconds from pg_postmaster_start_time()" + master: true + metrics: + - start_time_seconds: + usage: "GAUGE" + description: "Time at which postmaster started" + + pg_stat_user_tables: + query: "SELECT current_database() datname, schemaname, relname, seq_scan, seq_tup_read, idx_scan, idx_tup_fetch, n_tup_ins, n_tup_upd, n_tup_del, n_tup_hot_upd, n_live_tup, n_dead_tup, n_mod_since_analyze, COALESCE(last_vacuum, '1970-01-01Z'), COALESCE(last_vacuum, '1970-01-01Z') as last_vacuum, COALESCE(last_autovacuum, '1970-01-01Z') as last_autovacuum, COALESCE(last_analyze, '1970-01-01Z') as last_analyze, COALESCE(last_autoanalyze, '1970-01-01Z') as last_autoanalyze, vacuum_count, autovacuum_count, analyze_count, autoanalyze_count FROM pg_stat_user_tables" + metrics: + - datname: + usage: "LABEL" + description: "Name of current database" + - schemaname: + usage: "LABEL" + description: "Name of the schema that this table is in" + - relname: + usage: "LABEL" + description: "Name of this table" + - seq_scan: + usage: "COUNTER" + description: "Number of sequential scans initiated on this table" + - seq_tup_read: + usage: "COUNTER" + description: "Number of live rows fetched by sequential scans" + - idx_scan: + usage: "COUNTER" + description: "Number of index scans initiated on this table" + - idx_tup_fetch: + usage: "COUNTER" + description: "Number of live rows fetched by index scans" + - n_tup_ins: + usage: "COUNTER" + description: "Number of rows inserted" + - n_tup_upd: + usage: "COUNTER" + description: "Number of rows updated" + - n_tup_del: + usage: "COUNTER" + description: "Number of rows deleted" + - n_tup_hot_upd: + usage: "COUNTER" + description: "Number of rows HOT updated (i.e., with no separate index update required)" + - n_live_tup: + usage: "GAUGE" + description: "Estimated number of live rows" + - n_dead_tup: + usage: "GAUGE" + description: "Estimated number of dead rows" + - n_mod_since_analyze: + usage: "GAUGE" + description: "Estimated number of rows changed since last analyze" + - last_vacuum: + usage: "GAUGE" + description: "Last time at which this table was manually vacuumed (not counting VACUUM FULL)" + - last_autovacuum: + usage: "GAUGE" + description: "Last time at which this table was vacuumed by the autovacuum daemon" + - last_analyze: + usage: "GAUGE" + description: "Last time at which this table was manually analyzed" + - last_autoanalyze: + usage: "GAUGE" + description: "Last time at which this table was analyzed by the autovacuum daemon" + - vacuum_count: + usage: "COUNTER" + description: "Number of times this table has been manually vacuumed (not counting VACUUM FULL)" + - autovacuum_count: + usage: "COUNTER" + description: "Number of times this table has been vacuumed by the autovacuum daemon" + - analyze_count: + usage: "COUNTER" + description: "Number of times this table has been manually analyzed" + - autoanalyze_count: + usage: "COUNTER" + description: "Number of times this table has been analyzed by the autovacuum daemon" + + pg_statio_user_tables: + query: "SELECT current_database() datname, schemaname, relname, heap_blks_read, heap_blks_hit, idx_blks_read, idx_blks_hit, toast_blks_read, toast_blks_hit, tidx_blks_read, tidx_blks_hit FROM pg_statio_user_tables" + metrics: + - datname: + usage: "LABEL" + description: "Name of current database" + - schemaname: + usage: "LABEL" + description: "Name of the schema that this table is in" + - relname: + usage: "LABEL" + description: "Name of this table" + - heap_blks_read: + usage: "COUNTER" + description: "Number of disk blocks read from this table" + - heap_blks_hit: + usage: "COUNTER" + description: "Number of buffer hits in this table" + - idx_blks_read: + usage: "COUNTER" + description: "Number of disk blocks read from all indexes on this table" + - idx_blks_hit: + usage: "COUNTER" + description: "Number of buffer hits in all indexes on this table" + - toast_blks_read: + usage: "COUNTER" + description: "Number of disk blocks read from this table's TOAST table (if any)" + - toast_blks_hit: + usage: "COUNTER" + description: "Number of buffer hits in this table's TOAST table (if any)" + - tidx_blks_read: + usage: "COUNTER" + description: "Number of disk blocks read from this table's TOAST table indexes (if any)" + - tidx_blks_hit: + usage: "COUNTER" + description: "Number of buffer hits in this table's TOAST table indexes (if any)" + + pg_database: + query: "SELECT pg_database.datname, pg_database_size(pg_database.datname) as size FROM pg_database" + master: true + cache_seconds: 30 + metrics: + - datname: + usage: "LABEL" + description: "Name of the database" + - size_bytes: + usage: "GAUGE" + description: "Disk space used by the database" + cpu_metrics: + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +annotations: {} + +podLabels: {} + +# Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy +extraContainers: | + +# Additional volumes, e. g. for secrets used in an extraContainer +extraVolumes: | diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 4f60d867d2..a893c573fa 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -573,6 +573,9 @@ redis: - egovio/redis:3.2 # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +pqm-scheduler: + egov-state-level-tenant-id: "pg" + playground: replicas: 1 images: diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 5e010dd721..e95402e8f1 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -234,6 +234,15 @@ egov-idgen: heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" +prometheus-postgres-exporter: + namespace: monitoring + host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifieddev" + password: "digitCoredb08" + port: "5432" + database: 'unifieddevdb' + sslmode: disable + mdms-v2: memory_limits: 512Mi diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index dfb1b70ce9..bafe2e604f 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -180,7 +180,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-qa-s3-bucket ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" @@ -395,10 +395,14 @@ redoc: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 +ingress-nginx: + controller: + repository: quay.io/kubernetes-ingress-controller + image: nginx-ingress-controller + tag: "0.28.1" + # images: + # - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 + replicaCount: 2 default-backend-service: "egov/nginx" namespace: egov cert-issuer: "letsencrypt-prod" @@ -515,6 +519,14 @@ egov-hrms: employee-applink: "https://egov-demo.egovernments.org/employee/user/login" +prometheus-postgres-exporter: + namespace: monitoring + host: "unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifiedqa" + password: "DigitCoreQA2023" + port: "5432" + database: 'unifiedqadb' + sslmode: disable # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index a1215f0725..1868541c20 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -513,6 +513,8 @@ logging-config: es-port: "9200" jaeger: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m host: "jaeger-agent.monitoring" port: "6831" sampler-type: const @@ -590,6 +592,15 @@ playground: images: - egovio/playground:1.3 +prometheus-postgres-exporter: + namespace: monitoring + host: "unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifieduat" + password: "DigitCoreUAT2023" + port: "5432" + database: 'unifieduatdb' + sslmode: disable + # fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> fluent-bit: images: From 6f4d7c19423ace9ae5602f1b01a1c5ffb9ba0e2d Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 20 Nov 2023 14:43:50 +0530 Subject: [PATCH 448/742] updated kafka-br0kers in unified-qa andunified-uat env files (#2109) --- deploy-as-code/helm/environments/egov-demo-template.yaml | 2 +- deploy-as-code/helm/environments/egov-demo.yaml | 2 +- deploy-as-code/helm/environments/quickstart-config.yaml | 2 +- deploy-as-code/helm/environments/sanitation-qa.yaml | 2 +- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-health-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-urban-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-urban-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-urban-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-works-uat.yaml | 2 +- 13 files changed, 13 insertions(+), 13 deletions(-) diff --git a/deploy-as-code/helm/environments/egov-demo-template.yaml b/deploy-as-code/helm/environments/egov-demo-template.yaml index 52f1374152..c1703a78a8 100644 --- a/deploy-as-code/helm/environments/egov-demo-template.yaml +++ b/deploy-as-code/helm/environments/egov-demo-template.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/egov-demo.yaml b/deploy-as-code/helm/environments/egov-demo.yaml index 52b68045f4..03b6a74d9a 100644 --- a/deploy-as-code/helm/environments/egov-demo.yaml +++ b/deploy-as-code/helm/environments/egov-demo.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/quickstart-config.yaml b/deploy-as-code/helm/environments/quickstart-config.yaml index 9fb2aa7b20..054e0cebdf 100644 --- a/deploy-as-code/helm/environments/quickstart-config.yaml +++ b/deploy-as-code/helm/environments/quickstart-config.yaml @@ -22,7 +22,7 @@ cluster-configs: es-host: "elasticsearch-client-v1.es-cluster" es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index db20237d31..aba272afc4 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index cce070cc44..a91df5fc41 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 4043fd4483..7059d0d979 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index fdf03b111c..7767a32fff 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 1868541c20..49ca575a26 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 78ad652389..e1c86dbbf3 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -30,7 +30,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 3f4c442b31..d578b78179 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml index 3214f54a98..3933ebeb49 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -24,7 +24,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index a9b49cd76f..b8509b3588 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -25,7 +25,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index 6a8e8055b2..2481dc01da 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -25,7 +25,7 @@ cluster-configs: es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "kafka-v2.kafka-cluster:9092" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 logging-level-jdbc: "DEBUG" mobile-validation-workaround: "true" From 4a337e6dab5d33b2505d5843afd8619d1df41e0d Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Mon, 20 Nov 2023 17:23:12 +0530 Subject: [PATCH 449/742] SRE-426 (#2112) --- deploy-as-code/helm/charts/common/templates/_cronjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml index f72aed663d..07caa793bf 100644 --- a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml +++ b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml @@ -1,6 +1,6 @@ {{- define "common.cronjob" -}} {{- if .Capabilities.APIVersions.Has "batch/v1beta1" }} -apiVersion: batch/v1beta1 +apiVersion: batch/v1 {{- else }} apiVersion: batch/v2alpha1 {{- end }} From ae755d43c30e2788a1c69c3539d65d72c1208bb2 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 20 Nov 2023 17:55:56 +0530 Subject: [PATCH 450/742] updated memory size for persister service --- .../helm/charts/core-services/egov-persister/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml index cf048b7e10..b94827fc08 100644 --- a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml @@ -22,6 +22,7 @@ appType: "java-spring" tracing-enabled: true persist-yml-path: "file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense-persister-bpachanges.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml" heap: "-Xmx192m -Xms192m" +memory_limits: 512Mi java-args: "" # Additional Container Envs From ec9b90d0fece697ea2b17d82f5e5be54ad042309 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 21 Nov 2023 11:10:18 +0530 Subject: [PATCH 451/742] added the helm chart and env variables (#2114) * added persister path * added helm chart for hcm-moz-impl service * made suggested changes * added environment variables for hcm-moz-impl service --- .../health-services/hcm-moz-impl/Chart.yaml | 26 ++ .../hcm-moz-impl/templates/deployment.yaml | 2 + .../hcm-moz-impl/templates/ingress.yaml | 2 + .../hcm-moz-impl/templates/service.yaml | 2 + .../health-services/hcm-moz-impl/values.yaml | 402 ++++++++++++++++++ .../helm/environments/unified-health-uat.yaml | 13 + .../helm/environments/unified-uat.yaml | 2 +- 7 files changed, 448 insertions(+), 1 deletion(-) create mode 100644 deploy-as-code/helm/charts/health-services/hcm-moz-impl/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/Chart.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/Chart.yaml new file mode 100644 index 0000000000..3d7f36c7d4 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: product +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/service.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml new file mode 100644 index 0000000000..3cc8c3a57f --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -0,0 +1,402 @@ +# Common Labels +labels: + app: "hcm-moz-impl" + group: "core" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "hcm-moz-impl" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "moz_health_schema" + image: + repository: "moz-health-db" + +# Container Configs +image: + repository: "hcm-moz-impl" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/hcm-moz-impl/health" + readinessProbePath: "/hcm-moz-impl/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" +java-enable-debug: true +persist-yml-path: "file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml" +startDate: "28/08/2023" +endDate: "02/09/2023" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: hcm-moz-impl + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: EGOV_LOCALISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: DHIS2_RECORD_KAFKA_CREATE_TOPIC + value: create-dhis2-record + - name: DHIS2_RECORD_KAFKA_UPDATE_TOPIC + value: update-dhis2-record + - name: DHIS2_DIGIT_MAPPING_KAFKA_CREATE_TOPIC + value: create-dhis2-digit-mapping + - name: DHIS2_DIGIT_MAPPING_KAFKA_UPDATE_TOPIC + value: update-dhis2-digit-mapping + - name: BOUNDARY_DATA_KAFKA_CREATE_TOPIC + value: create-boundary-data + - name: DHIS2_RECORD_DEFAULT_OFFSET + value: "0" + - name: DHIS2_RECORD_DEFAULT_LIMIT + value: "10" + - name: DHIS2_RECORD_SEARCH_MAX_LIMIT + value: "50" + - name: DHIS2_JOB_KAFKA_CREATE_TOPIC + value: create-dhis2-job + - name: DHIS2_JOB_KAFKA_UPDATE_TOPIC + value: update-dhis2-job + - name: DHIS2_JOB_DEFAULT_OFFSET + value: "0" + - name: DHIS2_JOB_DEFAULT_LIMIT + value: "10" + - name: DHIS2_JOB_SEARCH_MAX_LIMIT + value: "50" + - name: DHIS2_DIGIT_SEARCH_MAX_RETRY + value: "100" + - name: EGOV_DHIS2_HOST_URL + valueFrom: + configMapKeyRef: + name: hcm-moz-impl + key: dhis2-host + - name: EGOV_DHIS2_HOST_USERNAME + valueFrom: + secretKeyRef: + name: hcm-moz-impl + key: dhis2user + - name: EGOV_DHIS2_HOST_PASSWORD + valueFrom: + secretKeyRef: + name: hcm-moz-impl + key: dhis2pass + - name: EGOV_DHIS2_PAGE_SIZE + value: "1000" + - name: EGOV_DIGIT_PAGE_SIZE + value: "30" + - name: EGOV_CAMPAIGN_STARTDATE + value: {{ index .Values "startDate" | quote }} + - name: EGOV_CAMPAIGN_ENDDATE + value: {{ index .Values "endDate" | quote }} + - name: EGOV_DIGIT_WAIT_TIMEOUT + value: "15" + - name: EGOV_KAFKA_PAGE_SIZE + value: "100" + - name: EGOV_DHIS2_USERS_ENDPOINT + value: /api/users + - name: EGOV_DHIS2_USERS_FIELDS + value: id,name,displayName,surname,firstName,userCredentials%5Busername%5D,organisationUnits,userGroups,username + - name: EGOV_DHIS2_ROLES_ENDPOINT + value: /api/userRoles + - name: EGOV_DHIS2_ROLES_FIELDS + value: :all + - name: EGOV_DHIS2_USER_GROUPS_ENDPOINT + value: /api/userGroups + - name: EGOV_DHIS2_USER_GROUPS_FIELDS + value: :all + - name: EGOV_DHIS2_PROGRAMS_ENDPOINT + value: /api/programs + - name: EGOV_DHIS2_EVENTS_ENDPOINT + value: /api/tracker/events + - name: EGOV_DHIS2_ORGANISATION_UNIT_ENDPOINT + value: /api/organisationUnits + - name: EGOV_DHIS2_ORGANISATION_UNIT_FIELDS + value: id,name,parent,path,level,children + - name: EGOV_DHIS2_ORGANISATION_UNIT_LEVEL_ENDPOINT + value: /api/organisationUnitLevels + - name: EGOV_DHIS2_ORGANISATION_UNIT_LEVEL_FIELDS + value: id,name,level + - name: EGOV_DHIS2_DATA_ELEMENT_ENDPOINT + value: /api/dataElements + - name: EGOV_DHIS2_DATA_ELEMENT_FIELDS + value: id,name,code + - name: EGOV_DHIS2_ORGANISATION_UNIT_LEVEL_ENDPOINT + value: /api/organisationUnitLevels + - name: EGOV_DHIS2_ORGANISATION_UNIT_LEVEL_FIELDS + value: id,name,level + - name: THREAD_CORE_POOL_SIZE + value: "20" + - name: THREAD_MAX_POOL_SIZE + value: "200" + - name: EGOV_DIGIT_HOST_AUTH_KEY + value: ZWdvdi11c2VyLWNsaWVudDo= + - name: EGOV_DIGIT_HOST_USERNAME + value: khushali + - name: EGOV_DIGIT_HOST_PASSWORD + value: eGov@4321 + - name: EGOV_DIGIT_HOST_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES + value: "SOFALA,NAMPULA" + - name: EGOV_PROJECT_TYPE_ID + value: dbd45c31-de9e-4e62-a9b6-abb818928fd1 + - name: EGOV_PROJECT_TYPE + value: LLIN-Default + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_FACILITY_SEARCH_PATH + value: /facility/v1/_search + - name: EGOV_FACILITY_CREATE_PATH + value: /facility/v1/bulk/_create + - name: EGOV_FACILITY_UPDATE_PATH + value: /facility/v1/bulk/_update + - name: EGOV_PROJECT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_PROJECT_SEARCH_PATH + value: /project/v1/_search + - name: EGOV_PROJECT_CREATE_PATH + value: /project/v1/_create + - name: EGOV_PROJECT_UPDATE_PATH + value: /project/v1/_update + - name: EGOV_PROJECT_STAFF_SEARCH_PATH + value: /project/staff/v1/_search + - name: EGOV_PROJECT_STAFF_CREATE_PATH + value: /project/staff/v1/_create + - name: EGOV_PROJECT_STAFF_UPDATE_PATH + value: /project/staff/v1/_update + - name: EGOV_PROJECT_FACILITY_SEARCH_PATH + value: /project/facility/v1/_search + - name: EGOV_PROJECT_FACILITY_CREATE_PATH + value: /project/facility/v1/bulk/_create + - name: EGOV_PROJECT_FACILITY_UPDATE_PATH + value: /project/facility/v1/bulk/_update + - name: EGOV_PROJECT_BENEFICIARY_SEARCH_PATH + value: /project/beneficiary/v1/_search + - name: EGOV_PROJECT_BENEFICIARY_CREATE_PATH + value: /project/beneficiary/v1/bulk/_create + - name: EGOV_PROJECT_BENEFICIARY_UPDATE_PATH + value: /project/beneficiary/v1/bulk/_update + - name: EGOV_PROJECT_TASK_SEARCH_PATH + value: /project/task/v1/_search + - name: EGOV_PROJECT_TASK_CREATE_PATH + value: /project/task/v1/bulk/_create + - name: EGOV_PROJECT_TASK_UPDATE_PATH + value: /project/task/v1/bulk/_update + - name: EGOV_PROJECT_RESOURCE_SEARCH_PATH + value: /project/resource/v1/_search + - name: EGOV_PROJECT_RESOURCE_CREATE_PATH + value: /project/resource/v1/bulk/_create + - name: EGOV_PROJECT_RESOURCE_UPDATE_PATH + value: /project/resource/v1/bulk/_update + - name: EGOV_SERVICE_REQUEST_PROJECTCODE + value: LLINMozambique2 + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_HOUSEHOLD_SEARCH_PATH + value: /household/v1/_search + value: /household/v1/_search + - name: EGOV_HOUSEHOLD_CREATE_PATH + value: /household/v1/bulk/_create + - name: EGOV_HOUSEHOLD_UPDATE_PATH + value: /household/v1/bulk/_update + - name: EGOV_HOUSEHOLD_MEMBER_SEARCH_PATH + value: /household/member/v1/_search + - name: EGOV_HOUSEHOLD_MEMBER_CREATE_PATH + value: /household/member/v1/bulk/_create + - name: EGOV_HOUSEHOLD_MEMBER_UPDATE_PATH + value: /household/member/v1/bulk/_update + - name: EGOV_HCM_HOUSEHOLD_INDIVIDUAL_UPDATE_TOPIC + value: update-individual-topic + - name: EGOV_HCM_PROJECT_TASK_UPDATE_TOPIC + value: update-project-task-topic + - name: EGOV_HCM_PROJECT_TASK_CREATE_TOPIC + value: save-project-task-topic + - name: EGOV_HCM_PROJECT_BENEFICIARY_UPDATE_TOPIC + value: update-project-beneficiary-topic + - name: EGOV_HCM_PROJECT_BENEFICIARY_CREATE_TOPIC + value: save-project-beneficiary-topic + - name: EGOV_HCM_HOUSEHOLD_MEMBER_UPDATE_TOPIC + value: update-household-member-topic + - name: EGOV_HCM_HOUSEHOLD_MEMBER_CREATE_TOPIC + value: save-household-member-topic + - name: EGOV_HCM_HOUSEHOLD_UPDATE_TOPIC + value: update-household-topic + - name: EGOV_HCM_HOUSEHOLD_CREATE_TOPIC + value: save-household-topic + - name: EGOV_HCM_INDIVIDUAL_UPDATE_TOPIC + value: update-individual-topic + - name: EGOV_HCM_INDIVIDUAL_CREATE_TOPIC + value: save-individual-topic + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_INDIVIDUAL_SEARCH_PATH + value: /individual/v1/_search + - name: EGOV_INDIVIDUAL_CREATE_PATH + value: /individual/v1/bulk/_create + - name: EGOV_INDIVIDUAL_UPDATE_PATH + value: /individual/v1/bulk/_update + - name: EGOV_STOCK_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: stock + - name: EGOV_SERVICE_REQUEST_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: service-request + - name: EGOV_STOCK_SEARCH_PATH + value: /stock/v1/_search + - name: EGOV_STOCK_CREATE_PATH + value: /stock/v1/bulk/_create + - name: EGOV_STOCK_UPDATE_PATH + value: /stock/v1/bulk/_update + - name: EGOV_BOUNDARY_NAME + value: MOZAMBIQUE + - name: EGOV_BOUNDARY_CODE + value: mz + - name: EGOV_MDMS_CREATE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-create + - name: EGOV_MDMS_CREATE_UPDATE_ENDPOINT + value: /egov-mdms-create/v1/_update + - name: EGOV_HRMS_CREATE_ENDPOINT + value: /egov-hrms/employees/_create + - name: EGOV_HRMS_UPDATE_ENDPOINT + value: /egov-hrms/employees/_update + - name: EGOV_HRMS_SEARCH_ENDPOINT + value: /egov-hrms/employees/_search + - name: EGOV_BOUNDARY_ROOT_LABEL + value: Country + - name: EGOV_BOUNDARY_MASTER_NAME + value: TenantBoundary + - name: EGOV_BOUNDARY_MODULE_NAME + value: egov-location + - name: EGOV_BOUNDARY_HIERARCHY_CODE + value: ADMIN + - name: EGOV_BOUNDARY_HIERARCHY_NAME + value: ADMIN + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_KUBE_CONFIG + valueFrom: + secretKeyRef: + name: hcm-moz-impl + key: kubeconfig + - name: EGOV_KUBE_NAMESPACE + value: egov + - name: EGOV_KUBE_MDMS_POD + value: egov-mdms-service + - name: EGOV_KUBE_IS_CLUSTER + value: "true" + - name: EGOV_KUBE_CLUSTER_NAME + valueFrom: + configMapKeyRef: + name: egov-config + key: aws-cluster-name + - name: EGOV_AWS_REGION + valueFrom: + configMapKeyRef: + name: egov-config + key: aws-region + - name: EGOV_AWS_CREDENTIALS_ACCESS_KEY + valueFrom: + secretKeyRef: + name: egov-filestore + key: awskey + - name: EGOV_AWS_CREDENTIALS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: egov-filestore + key: awssecretkey + - name: EGOV_CLUSTER_ENDPOINT_URL + valueFrom: + configMapKeyRef: + name: egov-config + key: aws-cluster-ip + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 7767a32fff..137bcf3f86 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -692,3 +692,16 @@ es-curator: jaeger-cleanup-enabled: "true" logs-to-retain: "7" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + + +hcm-moz-impl: + replicas: 1 + heap: "-Xmx1024m -Xms1024m" + memory_limits: "2Gi" + startDate: "28/08/2023" + endDate: "22/09/2023" + resources: + requests: + memory: "2Gi" + limits: + memory: "2Gi" \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 49ca575a26..0034b8085f 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -303,7 +303,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From dc5958e195d988d94592c1e51906d8c8d0316735 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 21 Nov 2023 11:28:08 +0530 Subject: [PATCH 452/742] added namespace (#2115) * added persister path * added helm chart for hcm-moz-impl service * made suggested changes * added environment variables for hcm-moz-impl service * added namespace for hcm-moz-impl service --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 3cc8c3a57f..bbba69b9d0 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -3,6 +3,8 @@ labels: app: "hcm-moz-impl" group: "core" +namespace: health + # Ingress Configs ingress: enabled: true From 8058701e502bb9d52fa288ed54dd46c306e0191d Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 12:42:43 +0530 Subject: [PATCH 453/742] updated hcm-moz-impl secrets in unified-uat env --- .../configmaps/hcm-moz-impl-configmap.yaml | 17 +++++++++++++ .../helm/charts/cluster-configs/values.yaml | 4 ++++ .../unified-health-uat-secrets.yaml | 24 +++++++------------ 3 files changed, 29 insertions(+), 16 deletions(-) create mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/configmaps/hcm-moz-impl-configmap.yaml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/hcm-moz-impl-configmap.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/hcm-moz-impl-configmap.yaml new file mode 100644 index 0000000000..ca110ef015 --- /dev/null +++ b/deploy-as-code/helm/charts/cluster-configs/templates/configmaps/hcm-moz-impl-configmap.yaml @@ -0,0 +1,17 @@ +{{- with index .Values "cluster-configs" "configmaps" "hcm-moz-impl" }} + {{- if .data }} +--- + {{- range $ns := .namespace }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ index $.Values "cluster-configs" "configmaps" "hcm-moz-impl" "name" }} + namespace: {{ $ns }} +data: + {{- range $key, $value := index $.Values "cluster-configs" "configmaps" "hcm-moz-impl" "data" }} + {{ $key }}: {{ $value | quote }} + {{- end }} +--- +{{- end }} + {{- end }} + {{- end }} diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index ef110aa8af..e625e5901f 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -13,6 +13,10 @@ cluster-configs: serviceName: citizen servicePort: 80 + hcm-moz-impl: + name: hcm-moz-impl + namespace: [health] + nginx-errors: enabled: false name: nginx-errors diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index 60d9b45184..a4d9b05b3f 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -5,18 +5,14 @@ cluster-configs: password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - egov-notification-sms: username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - egov-filestore: aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] - egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - egov-pg-service: axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] @@ -25,48 +21,44 @@ cluster-configs: axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - pgadmin: admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - egov-enc-service: master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - egov-notification-mail: mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - git-sync: ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - kibana: namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - egov-si-microservice: si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - egov-edcr-notification: edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - chatbot: valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - + hcm-moz-impl: + kubeconfig: ENC[AES256_GCM,data:Sy8lLREHDYymwXXsLY9E4J2dQ9/B3EUoZ3KsEw6G6E4cp37PQVB6fp8hzXhl5zYJXKSQ7yGEarFk53F2yhzXQ5b6tzMYvFG7MXL4my0cGA+ja7qoMxLF/SGP5EHEnbihKRRD2ZqKmCbpGFbpew07PGyd02KaIh9gkL/a56fA0p1duk0fiFEVjZ1JeMB+WVaoeDjIlOkzFiS70qjZP99UFPu0NRSS1dwRiJN97us5WOmrHIIxP6zE2KPZBFI+t4a/uDF/KhVXO3FYToKC6vVtMvsH2z10WyT1FOa3q4xiTT9u9wtThf6BJBIjF7m/toyxyXc8/bLEGqfXoRl8cnTvA+l75LVcyRz1ItybkHrDFb/So0mX3P5bRYDXHDWsXh01TPKYPk/F/RV9xFd3ZUuP9sTEW8QLB4/Hvk5aPellGkP1ZVAGdQseXNMJhN0YmOJOzFAG2rRVrHpEjyR1+wO6WYp3gNdfHiziUpPfvrbYnR0aMJRy2Bp/oxB9JrXSVkutZiGzL4bniWxg0/ZAJ7E+nb+SCMjwC7TCpUwNKMc31Zr2i+DAsT4QKYpiFh53mD2LfCqEYjEsQaHRwzwAUbvHWahGPCrxE9vG3lHDIlk/9jsyIR8jYxt61p7NdBvyEnMOourj5nR1RM6teENgZcsvfHd60J6vZcZwE1/4DGqaIWHhA42ZOYVguDpYL+QN3Y+fAhSL6p7r9bfHpY+CR8GktbnCwJ+vxDPmD0fBcnPOtIKv79lX8VUM7/9AqlTf8fHqfs7GMhmz3Bk0l3PfFOnyyXFv0zHls5t8zxSgrC+YKEo1mn2F9Abg45sbdl7Mp8EzfkrO6HdFb8l9oXmwq6WPKX04GZ0U1ht89/YuZeySdFi6A3XJ3WpFRiMgCSTVG4zaaIMHGTWKAVSGjrWH0W+dEvlZlCoIJFHO3lDJN9BVQMbg+LY+hxdNODTFAeQJtIPxDUmM3A4pgI3FIEAYkKmR5GfCnqKuQ8KEUwNJc93nFAvVe9iBmnXsi6IElLBgFbihaBFEiMAp82TZ0hZqPG0cV8m5IZkFwlx7/zyCgudr6N3dUqP36Gm1Ea/gML17m5Qwx/Nmx3aNQXWdgdI608Nx5ksePgimh4dg/LhClq3WEj2+wvuLzd6xnGFRux2nJcTGydAKs9HM2XwHz00nuXTKbhWj946cpQssI8fbdZM/nX7U1d7SzCbop/qNEB3v/C8afXzs+Kxd6QYuPOKEyjNgwlchVR7FHVfKP2xB7VTcHNpGeQzlVsoCZ4jZoSwbrPpzkmKc330typfUjBs+LTk5d7p2mRfwjRrvS9rkvRu4aHBkmyBO6IO1Sq9TDKRUebMjEyjwgxQusn+aLe4kz5WDdYLu8DNEKC+WM0GkDV9xykeXO61VPC16sSHSwgPoNb5MRyXvVZU36gNHKpJXlHZxBO7mhQTENCzb6SAiAl1w5p8o7mYoVv03FuDWFsRJ5js4vWRoTUJC3dxQkySarUK+sx8LagbBGtTiWub81cQsLvAS62Lt7St2TSiU7TA3tEMQEbxfLgQGMRlI22aIrFo1DwIUD+hlynRt4mypErv5Pli0zeDJo/Kkmpc7qgfvlrh7m9+sgbkDuvDvgmA/1PdUqfVNxbUOiTNdW/IbuKRRdOBCLyLq+QgsllKgzPi8bsGgb7R2nhvSI0EpehUEJgduWNl9JKegcQrxFXe2CpvX86N4SaN1F4GMAblIdYukypiH2fQEbT9t4UQcmRk6FJESvZjeMxDq19S4GoRZBnXh+TjD9pILlmJatrprzloPVrL2JUod6vRqH0NCgDd5YTaQoxb7xcOCij2eDcnchsAf4ngDNyzmVTERb77o97YCh2IzpOl0sIa0WKSLoZOS0oqZvPT4nOAwe589aG+4iHl6bKbczyAN/uYSa5R2LBT2fulbw10vZRt6qTksL2QX1IpI07kMNWz9UyQTe27SNASKtrQNb+ykrKe/oro5JYgG6dESct4A/nTWDsgsy8laNw6JydUGrG+wZ6D5waF/QnrZ2ILNlu4MKGZ3D19ThL4iOkE4xthNcRWXDURPP/DfCaxr+TvCrsFjr97xObslkz3a+MEKM86y+6g1Xa2P1cd/lN06aeiJw+W0nN98zt6boNk7Cdb2A27nUdoaCqUZT+g7X64Fe0MD3nCvZwGF4tbr0myyZ9+HoHh8Hrc0WYeh5tKFj9sDggkC5/ghi5mlXsBwVwFs1kUD8EbWuVUFI93qxNZIqQ468FvoTIfmArZ8y52gt1cz9yatS5f+TN3KH29Z7j5aBBgCvGLKJM53Ub0ibqeLkhGf2dap48sKzfylOE4J3mTaKqIX07VAyDL1FKB6XvV/iQY8p03ZWfwviyzAqrDx6sjZX1y/i4Z9hByK676j6XQf+47S150WGPn1kGXA3DgCslAClvs6w7KPamZHV7rufWpdaE2LsYH6J6fxxqlTqe6BV/keiA90Iq3Q+DiIr5mC9/OsYzmBItudHUyOmx/TtZqcUMKdVyciKBDKfxLYM8VTSmhjbTdZaq7FNrzC745UYvLbgqWIT7R/FpatxfeUqyYcKZMKn55cBCWjhbTDm1udRIlCFwopdvcYAYVFt8gU7xoMw1kNVVMAlAMM1h8Unq3RJ7+4z7P4XpBy1DN2/42yz/unTF4bpsC8DdPy2U+BPaEQ8EtoNUrJxIbE03bXuj3jCY0Wz6laBEEJPK2/+P90THhTDRcZu359L5KXewFABPxqK38BJo5YGdr4ICdpLJ/oXepHVJeXlj/ONn0yD5Xs/F6W/3gCT0HL+cRvfDQl1b2R31BaEvhFhw3JeD9ULnmJsXP1WuWOFUyoqzRqLX7Oc/vopIEKl7BhWtIIeldcFIEFguTgs3mOVXmrPykGBAtwbF2DpWRxtzxre7cylujnPBHWWJ4z2HrdHj8CQXBZB/duspXlGLn0QzIJd6Hjrr7T23A2P1nPN7RppTco+bAhSMA/DMSsJR6CIwW13RWIuH2FF+m1hwHIh5Jsv150aW/ps5Fdc/yAjf/OwSZLNEupAd+nn/LAL/i422cwvVzA9qdaaoKbLKXJxwblnKuCAZk0acdWgin5lUCYl7wG6JyVVzZRPn6XEgk52Zf4MnO9q8fuRT2g9LReC/cnjaznWmYWjFU6wBt3Q1frP9biyP7MEWt9TXJSTjl1P+YGGCbwyg/lk2nLvXidDy1qDDJyYbLRni2ChRj3mL/TUIWcbqkgQ3eJC7f9SQdV/Y34hytv7I5IZk0g7KNwYHu01mMcz3fMPHMzmv+OQQVyUUX+Vs/c0j0W5ZaKFpZUdH6kMfSpd9LKDVwKXmjyD44UruQpmjKQwsncnzfolHxduqZOCFuM3dGl/qTipQyxulzZH3zPZG1s0GZ6PmFVKgyAn2DxIQPdC+sF/IAFynbh+vygMHxQAbfeRdAZYjuAq2dg5el213p+5nI1Th+oPswdUspCfPtJjn9Iv/xkYmGxPbwO6hDyhUKcDLGYCsvx8rJkrITCnTbTHRydHe6CMJdib25sjLE8MfYJRBsSe/hkiwt/I522jEPdS69Kq13B0xQGbYzCTCGu2xy55EvXZPqKOMHqZIwUtLjSNAdOzqL5avkdD5pYgReJ8vI6XrpmcQ7g1Lj0qog+ioAgp6FVRtMDxSHKFLy05/5XzaA9YRr3Vy9qjC9RW5eulInXfXmuiV+SBfILMsxz67FCJMO5VfNJuUbdsUQCO22zeWUzIfWk6peZCIM4gcCM/W0OvNEokSaA/l2jUPUfFdcPOplBy3/xqWakRfqkB1oHaWRMacvB2OTZCIxW7Uivz8UwpNtUT9jONjVFsXVVYu+rNIqkgt6mD7Ya1LyYnCb+2MHy/i0mbIPmLG5zfFR2iJtF5SAYGq7kW+MIJX13cLXYWQSZynscEzST9S8TYCbRNQLlotwYQR43bESOxZ8/SWqSUKCwji6MIk/f5A3xb49AQkNGCm5XgeAzFEEHGfmqx1eEtD2NWDDE227b1rbEq/IG,iv:Hpry9OuXr8171DBywRQ8/xvYX7rMn1ND8bFqXlgJcEM=,tag:y+suKV1wGTR6jFW9o3Hvkw==,type:str] + githubusername: ENC[AES256_GCM,data:QdF7HpXRGt/LDOtZDuq1,iv:o5RCXhWmrOvc/3TG6pVjDE6FI0AyX48xrUmAOMsg36s=,tag:kAxtrzzj+9aoSTWZUFRQhw==,type:str] + githubpat: ENC[AES256_GCM,data:dJHV26UXI+6fPvIhxOk2VTu1x0IQ0cn+AAd53EUCt2x36M0uIcUuE22V1SIFAtU9i7hACn2WpdfQEWIcyb0aEJLHcU7QFEuJBfVZnOK4S7xWGPsK2yQgtq4oUbyP,iv:u1654VT85m1BPhI3xXLUcbjSJOif29xBosfoJkv5dLM=,tag:hQ7tviWhccDOrqHMSFf2cQ==,type:str] + dhis2user: ENC[AES256_GCM,data:QA1yW6E=,iv:vPUIgQ49v4ZgtjPTUliW7CKvqn7NkJ1h8O3cC5ZRbcw=,tag:bbLJWI6wQVjxA5GlfPuSSg==,type:str] + dhis2pass: ENC[AES256_GCM,data:x2yx6fyJ4z4=,iv:fT9ACdjsZ+JIAfaT+He3egG2vrrKB8iaV0ZdVbT1/bo=,tag:315zN+mEDUSfabrIZZvo1Q==,type:str] egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - oauth2-proxy: clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] @@ -107,8 +99,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-09T10:33:39Z" - mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + lastmodified: "2023-11-21T07:10:32Z" + mac: ENC[AES256_GCM,data:5DtMf0KOehIEfOT5NYDuTBOrhj4/tW5GpVMjvpVumrXvsKLRaQjPBF860C9UQmC0P0wpV2I5mHNbzOkinElDbf46nVpCqpjaoKs0zKbG8UzHbpfz9TOsE0975amv8pajP5U209gp+UW4/o+f59FwnkebfuQ4TtM4yC0Av3p5VSo=,iv:ohKWCV7beWAVy2/xhXtFVUdmxItyqkavC3R36hbyP7Y=,tag:g6aig9AQ6Rx1NCL94ZnoEA==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | From e816f24889f170e741ac31c29f46240798a6e5f7 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 12:50:27 +0530 Subject: [PATCH 454/742] updated hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 17 +++++++++++++++++ .../helm/charts/cluster-configs/values.yaml | 4 ++-- 2 files changed, 19 insertions(+), 2 deletions(-) create mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml new file mode 100644 index 0000000000..172543b591 --- /dev/null +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -0,0 +1,17 @@ + +{{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} +{{- if index . "kubeconfig" }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ .namespace }} +type: Opaque +data: + kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} + githubusername: {{ index . "githubusername" | b64enc | quote }} + githubpat: {{ index . "githubpat" | b64enc | quote }} + dhis2user: {{ index . "dhis2user" | b64enc | quote }} + dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index e625e5901f..121fbce885 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -14,8 +14,8 @@ cluster-configs: servicePort: 80 hcm-moz-impl: - name: hcm-moz-impl - namespace: [health] + namespace: health + name: hcm-moz-impl nginx-errors: enabled: false From e0f0f53297e8e02efc42271136f7d73c7c9f0283 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 12:56:12 +0530 Subject: [PATCH 455/742] updated hcm-moz-impl secrets in unified-uat env --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 121fbce885..7380de397b 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -15,7 +15,11 @@ cluster-configs: hcm-moz-impl: namespace: health - name: hcm-moz-impl + name: hcm-moz-impl + + hcm-moz-impl: + name: hcm-moz-impl + namespace: [health] nginx-errors: enabled: false From bd06404f766508b33d6c5ec0fd6e62af819cea9e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 13:02:25 +0530 Subject: [PATCH 456/742] updated hcm-moz-impl secrets in unified-uat env --- .../cluster-configs/templates/secrets/hcm-moz-impl-secret.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index 172543b591..a8f369c6a0 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -4,8 +4,8 @@ apiVersion: v1 kind: Secret metadata: - name: {{ .name }} - namespace: {{ .namespace }} + name: {{ .Values.hcm-moz-impl.name }} + namespace: {{ .Values.hcm-moz-impl.namespace }} type: Opaque data: kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} From 4ba14b8b13df229acd9d7fb8573a928e058ba52c Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 13:22:37 +0530 Subject: [PATCH 457/742] updated hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index a8f369c6a0..e503178787 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -1,4 +1,3 @@ - {{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} {{- if index . "kubeconfig" }} apiVersion: v1 @@ -9,9 +8,9 @@ metadata: type: Opaque data: kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} - githubusername: {{ index . "githubusername" | b64enc | quote }} - githubpat: {{ index . "githubpat" | b64enc | quote }} - dhis2user: {{ index . "dhis2user" | b64enc | quote }} - dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} + githubusername: {{ index . "githubusername" | b64enc | quote }} + githubpat: {{ index . "githubpat" | b64enc | quote }} + dhis2user: {{ index . "dhis2user" | b64enc | quote }} + dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 6a884b32a4ccd1dc2f8fffc62ac85bff6acc9092 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 13:25:56 +0530 Subject: [PATCH 458/742] updated hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index e503178787..633e1ab65d 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -3,14 +3,14 @@ apiVersion: v1 kind: Secret metadata: - name: {{ .Values.hcm-moz-impl.name }} - namespace: {{ .Values.hcm-moz-impl.namespace }} + name: {{ .name }} + namespace: {{ .namespace }} type: Opaque data: kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} - githubusername: {{ index . "githubusername" | b64enc | quote }} - githubpat: {{ index . "githubpat" | b64enc | quote }} - dhis2user: {{ index . "dhis2user" | b64enc | quote }} - dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} + githubusername: {{ index . "githubusername" | b64enc | quote }} + githubpat: {{ index . "githubpat" | b64enc | quote }} + dhis2user: {{ index . "dhis2user" | b64enc | quote }} + dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From d55dd66af020798d8dcc192864460b67ad67a836 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 13:33:50 +0530 Subject: [PATCH 459/742] updated hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 18 +++++++++--------- .../unified-health-uat-secrets.yaml | 6 ++++-- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index 633e1ab65d..3ad452368d 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -1,16 +1,16 @@ -{{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} -{{- if index . "kubeconfig" }} +{{- with index .Values.cluster-configs.secrets.hcm-moz-impl }} +{{- if .kubeconfig }} apiVersion: v1 kind: Secret metadata: - name: {{ .name }} - namespace: {{ .namespace }} + name: {{ .name | default "" }} + namespace: {{ .namespace | default "egov" }} type: Opaque data: - kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} - githubusername: {{ index . "githubusername" | b64enc | quote }} - githubpat: {{ index . "githubpat" | b64enc | quote }} - dhis2user: {{ index . "dhis2user" | b64enc | quote }} - dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} + kubeconfig: {{ .kubeconfig | b64enc | quote }} + githubusername: {{ .githubusername | b64enc | quote }} + githubpat: {{ .githubpat | b64enc | quote }} + dhis2user: {{ .dhis2user | b64enc | quote }} + dhis2pass: {{ .dhis2pass | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index a4d9b05b3f..020b402c1b 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -52,6 +52,8 @@ cluster-configs: valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] hcm-moz-impl: + name: ENC[AES256_GCM,data:z1BD2J5lNOYpD6Xs,iv:qe61rlD387sbF8Ik5PJVOcZJ35mrHPUtz47qRARdILA=,tag:sXSvxUkVDTuEXyEnrjDqDg==,type:str] + namespace: ENC[AES256_GCM,data:f7SPpPFD,iv:GfHS6Z0Hyp6je8GX7Hp+WnywWe33KyGgWxKMXkvnn1w=,tag:MlQJBjWxDdw5fGgSO6dEvA==,type:str] kubeconfig: ENC[AES256_GCM,data:Sy8lLREHDYymwXXsLY9E4J2dQ9/B3EUoZ3KsEw6G6E4cp37PQVB6fp8hzXhl5zYJXKSQ7yGEarFk53F2yhzXQ5b6tzMYvFG7MXL4my0cGA+ja7qoMxLF/SGP5EHEnbihKRRD2ZqKmCbpGFbpew07PGyd02KaIh9gkL/a56fA0p1duk0fiFEVjZ1JeMB+WVaoeDjIlOkzFiS70qjZP99UFPu0NRSS1dwRiJN97us5WOmrHIIxP6zE2KPZBFI+t4a/uDF/KhVXO3FYToKC6vVtMvsH2z10WyT1FOa3q4xiTT9u9wtThf6BJBIjF7m/toyxyXc8/bLEGqfXoRl8cnTvA+l75LVcyRz1ItybkHrDFb/So0mX3P5bRYDXHDWsXh01TPKYPk/F/RV9xFd3ZUuP9sTEW8QLB4/Hvk5aPellGkP1ZVAGdQseXNMJhN0YmOJOzFAG2rRVrHpEjyR1+wO6WYp3gNdfHiziUpPfvrbYnR0aMJRy2Bp/oxB9JrXSVkutZiGzL4bniWxg0/ZAJ7E+nb+SCMjwC7TCpUwNKMc31Zr2i+DAsT4QKYpiFh53mD2LfCqEYjEsQaHRwzwAUbvHWahGPCrxE9vG3lHDIlk/9jsyIR8jYxt61p7NdBvyEnMOourj5nR1RM6teENgZcsvfHd60J6vZcZwE1/4DGqaIWHhA42ZOYVguDpYL+QN3Y+fAhSL6p7r9bfHpY+CR8GktbnCwJ+vxDPmD0fBcnPOtIKv79lX8VUM7/9AqlTf8fHqfs7GMhmz3Bk0l3PfFOnyyXFv0zHls5t8zxSgrC+YKEo1mn2F9Abg45sbdl7Mp8EzfkrO6HdFb8l9oXmwq6WPKX04GZ0U1ht89/YuZeySdFi6A3XJ3WpFRiMgCSTVG4zaaIMHGTWKAVSGjrWH0W+dEvlZlCoIJFHO3lDJN9BVQMbg+LY+hxdNODTFAeQJtIPxDUmM3A4pgI3FIEAYkKmR5GfCnqKuQ8KEUwNJc93nFAvVe9iBmnXsi6IElLBgFbihaBFEiMAp82TZ0hZqPG0cV8m5IZkFwlx7/zyCgudr6N3dUqP36Gm1Ea/gML17m5Qwx/Nmx3aNQXWdgdI608Nx5ksePgimh4dg/LhClq3WEj2+wvuLzd6xnGFRux2nJcTGydAKs9HM2XwHz00nuXTKbhWj946cpQssI8fbdZM/nX7U1d7SzCbop/qNEB3v/C8afXzs+Kxd6QYuPOKEyjNgwlchVR7FHVfKP2xB7VTcHNpGeQzlVsoCZ4jZoSwbrPpzkmKc330typfUjBs+LTk5d7p2mRfwjRrvS9rkvRu4aHBkmyBO6IO1Sq9TDKRUebMjEyjwgxQusn+aLe4kz5WDdYLu8DNEKC+WM0GkDV9xykeXO61VPC16sSHSwgPoNb5MRyXvVZU36gNHKpJXlHZxBO7mhQTENCzb6SAiAl1w5p8o7mYoVv03FuDWFsRJ5js4vWRoTUJC3dxQkySarUK+sx8LagbBGtTiWub81cQsLvAS62Lt7St2TSiU7TA3tEMQEbxfLgQGMRlI22aIrFo1DwIUD+hlynRt4mypErv5Pli0zeDJo/Kkmpc7qgfvlrh7m9+sgbkDuvDvgmA/1PdUqfVNxbUOiTNdW/IbuKRRdOBCLyLq+QgsllKgzPi8bsGgb7R2nhvSI0EpehUEJgduWNl9JKegcQrxFXe2CpvX86N4SaN1F4GMAblIdYukypiH2fQEbT9t4UQcmRk6FJESvZjeMxDq19S4GoRZBnXh+TjD9pILlmJatrprzloPVrL2JUod6vRqH0NCgDd5YTaQoxb7xcOCij2eDcnchsAf4ngDNyzmVTERb77o97YCh2IzpOl0sIa0WKSLoZOS0oqZvPT4nOAwe589aG+4iHl6bKbczyAN/uYSa5R2LBT2fulbw10vZRt6qTksL2QX1IpI07kMNWz9UyQTe27SNASKtrQNb+ykrKe/oro5JYgG6dESct4A/nTWDsgsy8laNw6JydUGrG+wZ6D5waF/QnrZ2ILNlu4MKGZ3D19ThL4iOkE4xthNcRWXDURPP/DfCaxr+TvCrsFjr97xObslkz3a+MEKM86y+6g1Xa2P1cd/lN06aeiJw+W0nN98zt6boNk7Cdb2A27nUdoaCqUZT+g7X64Fe0MD3nCvZwGF4tbr0myyZ9+HoHh8Hrc0WYeh5tKFj9sDggkC5/ghi5mlXsBwVwFs1kUD8EbWuVUFI93qxNZIqQ468FvoTIfmArZ8y52gt1cz9yatS5f+TN3KH29Z7j5aBBgCvGLKJM53Ub0ibqeLkhGf2dap48sKzfylOE4J3mTaKqIX07VAyDL1FKB6XvV/iQY8p03ZWfwviyzAqrDx6sjZX1y/i4Z9hByK676j6XQf+47S150WGPn1kGXA3DgCslAClvs6w7KPamZHV7rufWpdaE2LsYH6J6fxxqlTqe6BV/keiA90Iq3Q+DiIr5mC9/OsYzmBItudHUyOmx/TtZqcUMKdVyciKBDKfxLYM8VTSmhjbTdZaq7FNrzC745UYvLbgqWIT7R/FpatxfeUqyYcKZMKn55cBCWjhbTDm1udRIlCFwopdvcYAYVFt8gU7xoMw1kNVVMAlAMM1h8Unq3RJ7+4z7P4XpBy1DN2/42yz/unTF4bpsC8DdPy2U+BPaEQ8EtoNUrJxIbE03bXuj3jCY0Wz6laBEEJPK2/+P90THhTDRcZu359L5KXewFABPxqK38BJo5YGdr4ICdpLJ/oXepHVJeXlj/ONn0yD5Xs/F6W/3gCT0HL+cRvfDQl1b2R31BaEvhFhw3JeD9ULnmJsXP1WuWOFUyoqzRqLX7Oc/vopIEKl7BhWtIIeldcFIEFguTgs3mOVXmrPykGBAtwbF2DpWRxtzxre7cylujnPBHWWJ4z2HrdHj8CQXBZB/duspXlGLn0QzIJd6Hjrr7T23A2P1nPN7RppTco+bAhSMA/DMSsJR6CIwW13RWIuH2FF+m1hwHIh5Jsv150aW/ps5Fdc/yAjf/OwSZLNEupAd+nn/LAL/i422cwvVzA9qdaaoKbLKXJxwblnKuCAZk0acdWgin5lUCYl7wG6JyVVzZRPn6XEgk52Zf4MnO9q8fuRT2g9LReC/cnjaznWmYWjFU6wBt3Q1frP9biyP7MEWt9TXJSTjl1P+YGGCbwyg/lk2nLvXidDy1qDDJyYbLRni2ChRj3mL/TUIWcbqkgQ3eJC7f9SQdV/Y34hytv7I5IZk0g7KNwYHu01mMcz3fMPHMzmv+OQQVyUUX+Vs/c0j0W5ZaKFpZUdH6kMfSpd9LKDVwKXmjyD44UruQpmjKQwsncnzfolHxduqZOCFuM3dGl/qTipQyxulzZH3zPZG1s0GZ6PmFVKgyAn2DxIQPdC+sF/IAFynbh+vygMHxQAbfeRdAZYjuAq2dg5el213p+5nI1Th+oPswdUspCfPtJjn9Iv/xkYmGxPbwO6hDyhUKcDLGYCsvx8rJkrITCnTbTHRydHe6CMJdib25sjLE8MfYJRBsSe/hkiwt/I522jEPdS69Kq13B0xQGbYzCTCGu2xy55EvXZPqKOMHqZIwUtLjSNAdOzqL5avkdD5pYgReJ8vI6XrpmcQ7g1Lj0qog+ioAgp6FVRtMDxSHKFLy05/5XzaA9YRr3Vy9qjC9RW5eulInXfXmuiV+SBfILMsxz67FCJMO5VfNJuUbdsUQCO22zeWUzIfWk6peZCIM4gcCM/W0OvNEokSaA/l2jUPUfFdcPOplBy3/xqWakRfqkB1oHaWRMacvB2OTZCIxW7Uivz8UwpNtUT9jONjVFsXVVYu+rNIqkgt6mD7Ya1LyYnCb+2MHy/i0mbIPmLG5zfFR2iJtF5SAYGq7kW+MIJX13cLXYWQSZynscEzST9S8TYCbRNQLlotwYQR43bESOxZ8/SWqSUKCwji6MIk/f5A3xb49AQkNGCm5XgeAzFEEHGfmqx1eEtD2NWDDE227b1rbEq/IG,iv:Hpry9OuXr8171DBywRQ8/xvYX7rMn1ND8bFqXlgJcEM=,tag:y+suKV1wGTR6jFW9o3Hvkw==,type:str] githubusername: ENC[AES256_GCM,data:QdF7HpXRGt/LDOtZDuq1,iv:o5RCXhWmrOvc/3TG6pVjDE6FI0AyX48xrUmAOMsg36s=,tag:kAxtrzzj+9aoSTWZUFRQhw==,type:str] githubpat: ENC[AES256_GCM,data:dJHV26UXI+6fPvIhxOk2VTu1x0IQ0cn+AAd53EUCt2x36M0uIcUuE22V1SIFAtU9i7hACn2WpdfQEWIcyb0aEJLHcU7QFEuJBfVZnOK4S7xWGPsK2yQgtq4oUbyP,iv:u1654VT85m1BPhI3xXLUcbjSJOif29xBosfoJkv5dLM=,tag:hQ7tviWhccDOrqHMSFf2cQ==,type:str] @@ -99,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-21T07:10:32Z" - mac: ENC[AES256_GCM,data:5DtMf0KOehIEfOT5NYDuTBOrhj4/tW5GpVMjvpVumrXvsKLRaQjPBF860C9UQmC0P0wpV2I5mHNbzOkinElDbf46nVpCqpjaoKs0zKbG8UzHbpfz9TOsE0975amv8pajP5U209gp+UW4/o+f59FwnkebfuQ4TtM4yC0Av3p5VSo=,iv:ohKWCV7beWAVy2/xhXtFVUdmxItyqkavC3R36hbyP7Y=,tag:g6aig9AQ6Rx1NCL94ZnoEA==,type:str] + lastmodified: "2023-11-21T08:02:55Z" + mac: ENC[AES256_GCM,data:0TXTYnudLahQb1ATCszT6hVPafKuugjeva5Dqo77/CAigPHt7juYJSiA/Ej6BZJsc+tp4BwN5dyZbTIOhnpU1NTU/XN3hfqt5DuNjybmyiTKGesqcALgnvEnS1rss8midbFK3GcOYMr/uS+e9+HsZKXOXubO0TWKmj6JDJMvoWY=,iv:ols08b1DGohG75qJ+p7LXGtwpE4OhEc173eMRGN4Pg4=,tag:E3fVsQzMZROUMwcYrXBd3g==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | From 43156c85fd325c5b5db0ad2dd429e84f6cef30fb Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 13:45:02 +0530 Subject: [PATCH 460/742] updated hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index 3ad452368d..98bd6b7265 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -1,16 +1,16 @@ -{{- with index .Values.cluster-configs.secrets.hcm-moz-impl }} -{{- if .kubeconfig }} +{{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} +{{- if index . "kubeconfig" }} apiVersion: v1 kind: Secret metadata: - name: {{ .name | default "" }} - namespace: {{ .namespace | default "egov" }} + name: {{ .name | default .Values.hcm-moz-impl.name }} + namespace: {{ .namespace | default .Values.hcm-moz-impl.namespace }} type: Opaque data: - kubeconfig: {{ .kubeconfig | b64enc | quote }} - githubusername: {{ .githubusername | b64enc | quote }} - githubpat: {{ .githubpat | b64enc | quote }} - dhis2user: {{ .dhis2user | b64enc | quote }} - dhis2pass: {{ .dhis2pass | b64enc | quote }} + kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} + githubusername: {{ index . "githubusername" | b64enc | quote }} + githubpat: {{ index . "githubpat" | b64enc | quote }} + dhis2user: {{ index . "dhis2user" | b64enc | quote }} + dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} +{{- end }} {{- end }} -{{- end }} \ No newline at end of file From ef4c643a20225b3df841c41610283d610f2c0b8a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 14:02:15 +0530 Subject: [PATCH 461/742] deleted hcm-moz-impl secrets in unified-uat env --- .../templates/secrets/hcm-moz-impl-secret.yml | 16 ---------------- .../helm/charts/cluster-configs/values.yaml | 8 -------- .../environments/unified-health-uat-secrets.yaml | 12 ++---------- 3 files changed, 2 insertions(+), 34 deletions(-) delete mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml deleted file mode 100644 index 98bd6b7265..0000000000 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ /dev/null @@ -1,16 +0,0 @@ -{{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} -{{- if index . "kubeconfig" }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ .name | default .Values.hcm-moz-impl.name }} - namespace: {{ .namespace | default .Values.hcm-moz-impl.namespace }} -type: Opaque -data: - kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} - githubusername: {{ index . "githubusername" | b64enc | quote }} - githubpat: {{ index . "githubpat" | b64enc | quote }} - dhis2user: {{ index . "dhis2user" | b64enc | quote }} - dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} -{{- end }} -{{- end }} diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 7380de397b..e4899a96f4 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -12,14 +12,6 @@ cluster-configs: appRoot: citizen serviceName: citizen servicePort: 80 - - hcm-moz-impl: - namespace: health - name: hcm-moz-impl - - hcm-moz-impl: - name: hcm-moz-impl - namespace: [health] nginx-errors: enabled: false diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index 020b402c1b..9bb99dde52 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -51,14 +51,6 @@ cluster-configs: chatbot: valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - hcm-moz-impl: - name: ENC[AES256_GCM,data:z1BD2J5lNOYpD6Xs,iv:qe61rlD387sbF8Ik5PJVOcZJ35mrHPUtz47qRARdILA=,tag:sXSvxUkVDTuEXyEnrjDqDg==,type:str] - namespace: ENC[AES256_GCM,data:f7SPpPFD,iv:GfHS6Z0Hyp6je8GX7Hp+WnywWe33KyGgWxKMXkvnn1w=,tag:MlQJBjWxDdw5fGgSO6dEvA==,type:str] - kubeconfig: ENC[AES256_GCM,data:Sy8lLREHDYymwXXsLY9E4J2dQ9/B3EUoZ3KsEw6G6E4cp37PQVB6fp8hzXhl5zYJXKSQ7yGEarFk53F2yhzXQ5b6tzMYvFG7MXL4my0cGA+ja7qoMxLF/SGP5EHEnbihKRRD2ZqKmCbpGFbpew07PGyd02KaIh9gkL/a56fA0p1duk0fiFEVjZ1JeMB+WVaoeDjIlOkzFiS70qjZP99UFPu0NRSS1dwRiJN97us5WOmrHIIxP6zE2KPZBFI+t4a/uDF/KhVXO3FYToKC6vVtMvsH2z10WyT1FOa3q4xiTT9u9wtThf6BJBIjF7m/toyxyXc8/bLEGqfXoRl8cnTvA+l75LVcyRz1ItybkHrDFb/So0mX3P5bRYDXHDWsXh01TPKYPk/F/RV9xFd3ZUuP9sTEW8QLB4/Hvk5aPellGkP1ZVAGdQseXNMJhN0YmOJOzFAG2rRVrHpEjyR1+wO6WYp3gNdfHiziUpPfvrbYnR0aMJRy2Bp/oxB9JrXSVkutZiGzL4bniWxg0/ZAJ7E+nb+SCMjwC7TCpUwNKMc31Zr2i+DAsT4QKYpiFh53mD2LfCqEYjEsQaHRwzwAUbvHWahGPCrxE9vG3lHDIlk/9jsyIR8jYxt61p7NdBvyEnMOourj5nR1RM6teENgZcsvfHd60J6vZcZwE1/4DGqaIWHhA42ZOYVguDpYL+QN3Y+fAhSL6p7r9bfHpY+CR8GktbnCwJ+vxDPmD0fBcnPOtIKv79lX8VUM7/9AqlTf8fHqfs7GMhmz3Bk0l3PfFOnyyXFv0zHls5t8zxSgrC+YKEo1mn2F9Abg45sbdl7Mp8EzfkrO6HdFb8l9oXmwq6WPKX04GZ0U1ht89/YuZeySdFi6A3XJ3WpFRiMgCSTVG4zaaIMHGTWKAVSGjrWH0W+dEvlZlCoIJFHO3lDJN9BVQMbg+LY+hxdNODTFAeQJtIPxDUmM3A4pgI3FIEAYkKmR5GfCnqKuQ8KEUwNJc93nFAvVe9iBmnXsi6IElLBgFbihaBFEiMAp82TZ0hZqPG0cV8m5IZkFwlx7/zyCgudr6N3dUqP36Gm1Ea/gML17m5Qwx/Nmx3aNQXWdgdI608Nx5ksePgimh4dg/LhClq3WEj2+wvuLzd6xnGFRux2nJcTGydAKs9HM2XwHz00nuXTKbhWj946cpQssI8fbdZM/nX7U1d7SzCbop/qNEB3v/C8afXzs+Kxd6QYuPOKEyjNgwlchVR7FHVfKP2xB7VTcHNpGeQzlVsoCZ4jZoSwbrPpzkmKc330typfUjBs+LTk5d7p2mRfwjRrvS9rkvRu4aHBkmyBO6IO1Sq9TDKRUebMjEyjwgxQusn+aLe4kz5WDdYLu8DNEKC+WM0GkDV9xykeXO61VPC16sSHSwgPoNb5MRyXvVZU36gNHKpJXlHZxBO7mhQTENCzb6SAiAl1w5p8o7mYoVv03FuDWFsRJ5js4vWRoTUJC3dxQkySarUK+sx8LagbBGtTiWub81cQsLvAS62Lt7St2TSiU7TA3tEMQEbxfLgQGMRlI22aIrFo1DwIUD+hlynRt4mypErv5Pli0zeDJo/Kkmpc7qgfvlrh7m9+sgbkDuvDvgmA/1PdUqfVNxbUOiTNdW/IbuKRRdOBCLyLq+QgsllKgzPi8bsGgb7R2nhvSI0EpehUEJgduWNl9JKegcQrxFXe2CpvX86N4SaN1F4GMAblIdYukypiH2fQEbT9t4UQcmRk6FJESvZjeMxDq19S4GoRZBnXh+TjD9pILlmJatrprzloPVrL2JUod6vRqH0NCgDd5YTaQoxb7xcOCij2eDcnchsAf4ngDNyzmVTERb77o97YCh2IzpOl0sIa0WKSLoZOS0oqZvPT4nOAwe589aG+4iHl6bKbczyAN/uYSa5R2LBT2fulbw10vZRt6qTksL2QX1IpI07kMNWz9UyQTe27SNASKtrQNb+ykrKe/oro5JYgG6dESct4A/nTWDsgsy8laNw6JydUGrG+wZ6D5waF/QnrZ2ILNlu4MKGZ3D19ThL4iOkE4xthNcRWXDURPP/DfCaxr+TvCrsFjr97xObslkz3a+MEKM86y+6g1Xa2P1cd/lN06aeiJw+W0nN98zt6boNk7Cdb2A27nUdoaCqUZT+g7X64Fe0MD3nCvZwGF4tbr0myyZ9+HoHh8Hrc0WYeh5tKFj9sDggkC5/ghi5mlXsBwVwFs1kUD8EbWuVUFI93qxNZIqQ468FvoTIfmArZ8y52gt1cz9yatS5f+TN3KH29Z7j5aBBgCvGLKJM53Ub0ibqeLkhGf2dap48sKzfylOE4J3mTaKqIX07VAyDL1FKB6XvV/iQY8p03ZWfwviyzAqrDx6sjZX1y/i4Z9hByK676j6XQf+47S150WGPn1kGXA3DgCslAClvs6w7KPamZHV7rufWpdaE2LsYH6J6fxxqlTqe6BV/keiA90Iq3Q+DiIr5mC9/OsYzmBItudHUyOmx/TtZqcUMKdVyciKBDKfxLYM8VTSmhjbTdZaq7FNrzC745UYvLbgqWIT7R/FpatxfeUqyYcKZMKn55cBCWjhbTDm1udRIlCFwopdvcYAYVFt8gU7xoMw1kNVVMAlAMM1h8Unq3RJ7+4z7P4XpBy1DN2/42yz/unTF4bpsC8DdPy2U+BPaEQ8EtoNUrJxIbE03bXuj3jCY0Wz6laBEEJPK2/+P90THhTDRcZu359L5KXewFABPxqK38BJo5YGdr4ICdpLJ/oXepHVJeXlj/ONn0yD5Xs/F6W/3gCT0HL+cRvfDQl1b2R31BaEvhFhw3JeD9ULnmJsXP1WuWOFUyoqzRqLX7Oc/vopIEKl7BhWtIIeldcFIEFguTgs3mOVXmrPykGBAtwbF2DpWRxtzxre7cylujnPBHWWJ4z2HrdHj8CQXBZB/duspXlGLn0QzIJd6Hjrr7T23A2P1nPN7RppTco+bAhSMA/DMSsJR6CIwW13RWIuH2FF+m1hwHIh5Jsv150aW/ps5Fdc/yAjf/OwSZLNEupAd+nn/LAL/i422cwvVzA9qdaaoKbLKXJxwblnKuCAZk0acdWgin5lUCYl7wG6JyVVzZRPn6XEgk52Zf4MnO9q8fuRT2g9LReC/cnjaznWmYWjFU6wBt3Q1frP9biyP7MEWt9TXJSTjl1P+YGGCbwyg/lk2nLvXidDy1qDDJyYbLRni2ChRj3mL/TUIWcbqkgQ3eJC7f9SQdV/Y34hytv7I5IZk0g7KNwYHu01mMcz3fMPHMzmv+OQQVyUUX+Vs/c0j0W5ZaKFpZUdH6kMfSpd9LKDVwKXmjyD44UruQpmjKQwsncnzfolHxduqZOCFuM3dGl/qTipQyxulzZH3zPZG1s0GZ6PmFVKgyAn2DxIQPdC+sF/IAFynbh+vygMHxQAbfeRdAZYjuAq2dg5el213p+5nI1Th+oPswdUspCfPtJjn9Iv/xkYmGxPbwO6hDyhUKcDLGYCsvx8rJkrITCnTbTHRydHe6CMJdib25sjLE8MfYJRBsSe/hkiwt/I522jEPdS69Kq13B0xQGbYzCTCGu2xy55EvXZPqKOMHqZIwUtLjSNAdOzqL5avkdD5pYgReJ8vI6XrpmcQ7g1Lj0qog+ioAgp6FVRtMDxSHKFLy05/5XzaA9YRr3Vy9qjC9RW5eulInXfXmuiV+SBfILMsxz67FCJMO5VfNJuUbdsUQCO22zeWUzIfWk6peZCIM4gcCM/W0OvNEokSaA/l2jUPUfFdcPOplBy3/xqWakRfqkB1oHaWRMacvB2OTZCIxW7Uivz8UwpNtUT9jONjVFsXVVYu+rNIqkgt6mD7Ya1LyYnCb+2MHy/i0mbIPmLG5zfFR2iJtF5SAYGq7kW+MIJX13cLXYWQSZynscEzST9S8TYCbRNQLlotwYQR43bESOxZ8/SWqSUKCwji6MIk/f5A3xb49AQkNGCm5XgeAzFEEHGfmqx1eEtD2NWDDE227b1rbEq/IG,iv:Hpry9OuXr8171DBywRQ8/xvYX7rMn1ND8bFqXlgJcEM=,tag:y+suKV1wGTR6jFW9o3Hvkw==,type:str] - githubusername: ENC[AES256_GCM,data:QdF7HpXRGt/LDOtZDuq1,iv:o5RCXhWmrOvc/3TG6pVjDE6FI0AyX48xrUmAOMsg36s=,tag:kAxtrzzj+9aoSTWZUFRQhw==,type:str] - githubpat: ENC[AES256_GCM,data:dJHV26UXI+6fPvIhxOk2VTu1x0IQ0cn+AAd53EUCt2x36M0uIcUuE22V1SIFAtU9i7hACn2WpdfQEWIcyb0aEJLHcU7QFEuJBfVZnOK4S7xWGPsK2yQgtq4oUbyP,iv:u1654VT85m1BPhI3xXLUcbjSJOif29xBosfoJkv5dLM=,tag:hQ7tviWhccDOrqHMSFf2cQ==,type:str] - dhis2user: ENC[AES256_GCM,data:QA1yW6E=,iv:vPUIgQ49v4ZgtjPTUliW7CKvqn7NkJ1h8O3cC5ZRbcw=,tag:bbLJWI6wQVjxA5GlfPuSSg==,type:str] - dhis2pass: ENC[AES256_GCM,data:x2yx6fyJ4z4=,iv:fT9ACdjsZ+JIAfaT+He3egG2vrrKB8iaV0ZdVbT1/bo=,tag:315zN+mEDUSfabrIZZvo1Q==,type:str] egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] oauth2-proxy: @@ -101,8 +93,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-21T08:02:55Z" - mac: ENC[AES256_GCM,data:0TXTYnudLahQb1ATCszT6hVPafKuugjeva5Dqo77/CAigPHt7juYJSiA/Ej6BZJsc+tp4BwN5dyZbTIOhnpU1NTU/XN3hfqt5DuNjybmyiTKGesqcALgnvEnS1rss8midbFK3GcOYMr/uS+e9+HsZKXOXubO0TWKmj6JDJMvoWY=,iv:ols08b1DGohG75qJ+p7LXGtwpE4OhEc173eMRGN4Pg4=,tag:E3fVsQzMZROUMwcYrXBd3g==,type:str] + lastmodified: "2023-11-21T08:31:34Z" + mac: ENC[AES256_GCM,data:Pkvzkly0uqsRK/B0xGzLFVzYP1pd+cJW0GXd+0ubzsRKds/l/zRYfNIJm+dH9lSHzxDxKhevxh7dHwfmUJH/ImfQHO4kDjtb8ekekrum5Y3ED/Glmjp3w/KI4cv6QQRs74aUuXN0e6m3WxsYJMxO7I1bJYfnvrtgJfd+tN6WueI=,iv:H1umrz022eUWP9bI3HFGrlVwsdMZevoWHps2q0/iZ6A=,tag:vxZJutcOPiwBEP989flGGg==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | From 4f34e1e92633f0bb531551f9e13f80c3fe95c946 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 21 Nov 2023 15:40:53 +0530 Subject: [PATCH 462/742] #SM-3437 Updated schematable name (#2117) --- .../helm/charts/sanitation/pqm-anomaly-finder/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml index ad8958b102..31456199ab 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml @@ -15,7 +15,7 @@ ingress: initContainers: dbMigration: enabled: true - schemaTable: "pqm-anomaly-finder_schema" + schemaTable: "pqm_anomaly_finder_schema" image: repository: "pqm-anomaly-finder-db" From bfedef38f4f01ef864c9db1580435f08e7e9e5c0 Mon Sep 17 00:00:00 2001 From: Anil Singha <99383116+anilsingha-eGov@users.noreply.github.com> Date: Tue, 21 Nov 2023 16:44:20 +0530 Subject: [PATCH 463/742] HLM-4478:Updated values.yaml, Added mdms persister for health (#2111) * Updated values.yaml, Added mdms persister * HLM-4478: Updated file path to configs/health * HLM-4478: Updated unfied-health-uat.yaml file and undo changes for dev * HLM-4478: Reverted back to previous changes for referral management * HLM-4478: Updated file path for referral management values.yaml * Update values.yaml * Update unified-health-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../charts/health-services/referralmanagement/values.yaml | 2 +- deploy-as-code/helm/environments/unified-health-uat.yaml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml index 72ca4127e4..5642be8628 100644 --- a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -203,4 +203,4 @@ env: | - name: EGOV_LOCATION_HIERARCHY_TYPE value: "ADMIN" - name: EGOV_LOCATION_CODE_QUERY_PARAM - value: "code" \ No newline at end of file + value: "code" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 137bcf3f86..171b6f5a46 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -291,13 +291,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -353,7 +353,7 @@ report: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + report-locationsfile-path: "file:///work-dir/configs/health/reports/reportFileLocationsv1.txt" pdf-service: initContainers: From acf3664c330eaae74d0d8c91cfb2e4cb61fb1b08 Mon Sep 17 00:00:00 2001 From: Anil Singha <99383116+anilsingha-eGov@users.noreply.github.com> Date: Tue, 21 Nov 2023 17:45:27 +0530 Subject: [PATCH 464/742] HLM-4478: Added error-handler file (#2118) --- .../health-services/error-handler/Chart.yaml | 26 +++++++++++ .../error-handler/templates/deployment.yaml | 2 + .../error-handler/templates/ingress.yaml | 2 + .../error-handler/templates/service.yaml | 2 + .../health-services/error-handler/values.yaml | 46 +++++++++++++++++++ 5 files changed, 78 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/error-handler/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/error-handler/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/error-handler/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/error-handler/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/error-handler/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/error-handler/Chart.yaml b/deploy-as-code/helm/charts/health-services/error-handler/Chart.yaml new file mode 100644 index 0000000000..c5367551ad --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/error-handler/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: error-handler +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/error-handler/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/error-handler/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/error-handler/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/error-handler/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/error-handler/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/error-handler/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/error-handler/templates/service.yaml b/deploy-as-code/helm/charts/health-services/error-handler/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/error-handler/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/error-handler/values.yaml b/deploy-as-code/helm/charts/health-services/error-handler/values.yaml new file mode 100644 index 0000000000..dda999cd65 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/error-handler/values.yaml @@ -0,0 +1,46 @@ +# Common Labels +labels: + app: "error-handler" + group: "core" + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "error-handler" + +# Container Configs +image: + repository: "error-handler" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/error-handler/health" + readinessProbePath: "/error-handler/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /error-handler + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: error-handler-consumer-group + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" From 0ad70415bf0b9373e68e332359e69f2c5685085e Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Tue, 21 Nov 2023 18:04:51 +0530 Subject: [PATCH 465/742] HLM-4469 Update the integration of Location service with mdms v1 (#2116) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * Update unified-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../health-services/health-mdms-v1/Chart.yaml | 26 +++++++ .../health-mdms-v1/templates/deployment.yaml | 2 + .../health-mdms-v1/templates/ingress.yaml | 2 + .../health-mdms-v1/templates/service.yaml | 2 + .../health-mdms-v1/values.yaml | 72 +++++++++++++++++++ .../health-services/health-mdms-v2/Chart.yaml | 26 +++++++ .../health-mdms-v2/templates/deployment.yaml | 2 + .../health-mdms-v2/templates/ingress.yaml | 2 + .../health-mdms-v2/templates/service.yaml | 2 + .../health-mdms-v2/values.yaml | 64 +++++++++++++++++ .../helm/environments/unified-health-uat.yaml | 7 +- .../helm/environments/unified-uat.yaml | 3 +- 12 files changed, 208 insertions(+), 2 deletions(-) create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v1/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v2/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/Chart.yaml new file mode 100644 index 0000000000..81d263f527 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-mdms-v1 +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml new file mode 100644 index 0000000000..c2790fbfd0 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml @@ -0,0 +1,72 @@ +# Common Labels +labels: + app: "health-mdms-v1" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "egov-mdms-service-legacy" + +# Init Containers Configs +initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "master" + +# Container Configs +image: + repository: "health-mdms-v1" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-mdms-service-legacy/health" + readinessProbePath: "/egov-mdms-service-legacy/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" +mdms-path: "/work-dir/egov-mdms-data/data" +mdms-git-url: "" +mdms-folder: "egov-mdms-data" +masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" +branch: "master" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /egov-mdms-service-legacy + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-mdms-service-consumer-group + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: EGOV_MDMS_CONF_PATH + value: {{ index .Values "mdms-path" | quote }} + - name: EGOV_MDMS_GIT_URL + value: {{ index .Values "mdms-git-url" | quote }} + - name: EGOV_MDMS_FOLDER + value: {{ index .Values "mdms-folder" | quote }} + - name: MASTERS_CONFIG_URL + value: {{ index .Values "masters-config-url" | quote }} + {{- if index .Values "branch" }} + - name: BRANCH + value: {{ index .Values "branch" | quote }} + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/Chart.yaml new file mode 100644 index 0000000000..da4c40858a --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-mdms-v2 +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml new file mode 100644 index 0000000000..d4328ea6dc --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml @@ -0,0 +1,64 @@ +# Common Labels +labels: + app: "health-mdms-v2" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "egov-mdms-service" + +initContainers: + dbMigration: + enabled: true + schemaTable: "mdms_v2_schema" + image: + repository: "health-mdms-v2-db" + +# Container Configs +image: + repository: "health-mdms-v2" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-mdms-service/health" + readinessProbePath: "/egov-mdms-service/health" +appType: "java-spring" +tracing-enabled: true +memory_limits: 512Mi +heap: "-Xmx512m -Xms512m" +java-args: "-Dspring.profiles.active=monitoring" +egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" +egov-mdms-data-save-topic: "save-mdms-data" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /egov-mdms-service + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-mdms-service-consumer-group + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: JAVA_ENABLE_DEBUG + value: "true" + - name: EGOV_MDMS_SCHEMA_DEFINITION_SAVE_TOPIC + value: {{ index .Values "egov-mdms-schema-definition-save-topic" | quote }} + - name: EGOV_MDMS_DATA_SAVE_TOPIC + value: {{ index .Values "egov-mdms-data-save-topic" | quote }} diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 171b6f5a46..e73d1d4109 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -190,6 +190,9 @@ egov-idgen: java-args: -Dspring.profiles.active=monitoring autocreate-new-seq: "true" +health-mdms-v2: + memory_limits: 512Mi + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" @@ -271,8 +274,10 @@ egov-pg-service: egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: + +health-mdms-v1: replicas: 1 + memory_limits: "512Mi" images: - egovio/egov-mdms-service mdms-path: "/work-dir/egov-mdms-data/data" diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 0034b8085f..2bbaf4443e 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -499,7 +499,8 @@ egov-hrms: java-args: -Dspring.profiles.active=monitoring employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - +mdms-v2: + memory_limits: 512Mi # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From d183e31abca4985093776d3d85f26bbdb5de80e0 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 18:44:45 +0530 Subject: [PATCH 466/742] added health namespace in git-sync --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index e4899a96f4..ddb150623e 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -72,7 +72,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov ] + namespace: [ egov, health ] name: git-creds kibana: From 72b61e7585f206ac339be266c965cfcf2d853f4b Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 18:54:14 +0530 Subject: [PATCH 467/742] added health namespace in git-sync --- .../helm/charts/health-services/health-mdms-v1/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml index c2790fbfd0..117ed10d62 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml @@ -24,8 +24,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/egov-mdms-service-legacy/health" - readinessProbePath: "/egov-mdms-service-legacy/health" + livenessProbePath: "/egov-mdms-service/health" + readinessProbePath: "/egov-mdms-service/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" From 1089c5a72c372923353590a50866550cb03ae767 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Tue, 21 Nov 2023 19:08:49 +0530 Subject: [PATCH 468/742] Hlm 4469 (#2119) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * changed context path * Update unified-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../charts/health-services/health-mdms-v2/values.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml index d4328ea6dc..330726a6fb 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml @@ -9,7 +9,7 @@ namespace: health ingress: enabled: true zuul: true - context: "egov-mdms-service" + context: "health-mdms-v2" initContainers: dbMigration: @@ -24,8 +24,9 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/egov-mdms-service/health" - readinessProbePath: "/egov-mdms-service/health" + livenessProbePath: "/health-mdms-v2/health" + readinessProbePath: "/health-mdms-v2/health" + appType: "java-spring" tracing-enabled: true memory_limits: 512Mi @@ -37,7 +38,7 @@ egov-mdms-data-save-topic: "save-mdms-data" # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH - value: /egov-mdms-service + value: /health-mdms-v2 - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: egov-mdms-service-consumer-group - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER From 3f0dfef4e5ef03192f571470c62be2ea70db6307 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:04:14 +0530 Subject: [PATCH 469/742] added hcm-moz-impl secrets --- .../templates/secrets/hcm-moz-impl-secret.yml | 16 ++++++++++++++++ .../helm/charts/cluster-configs/values.yaml | 12 ++++++++++-- .../environments/unified-health-uat-secrets.yaml | 10 ++++++++-- .../helm/environments/unified-health-uat.yaml | 4 +++- 4 files changed, 37 insertions(+), 5 deletions(-) create mode 100644 deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml new file mode 100644 index 0000000000..633e1ab65d --- /dev/null +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -0,0 +1,16 @@ +{{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} +{{- if index . "kubeconfig" }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ .name }} + namespace: {{ .namespace }} +type: Opaque +data: + kubeconfig: {{ index . "kubeconfig" | b64enc | quote }} + githubusername: {{ index . "githubusername" | b64enc | quote }} + githubpat: {{ index . "githubpat" | b64enc | quote }} + dhis2user: {{ index . "dhis2user" | b64enc | quote }} + dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index ddb150623e..1d0fbcc1be 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -34,6 +34,10 @@ cluster-configs: name: egov-service-host namespace: [ egov ] + hcm-moz-impl: + name: hcm-moz-impl + namespace: [ health ] + secrets: db: namespace: [ egov, works, health, urban, sanitation ] @@ -44,8 +48,12 @@ cluster-configs: name: egov-notification-sms egov-filestore: - namespace: egov - name: egov-filestore + namespace: [ egov, health ] + name: egov-filestore + + hcm-moz-impl: + namespace: health + name: hcm-moz-impl egov-location: namespace: egov diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index 9bb99dde52..be0adc6006 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -57,6 +57,12 @@ cluster-configs: clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] + hcm-moz-impl: + kubeconfig: ENC[AES256_GCM,data:nBw8gysBSfcxHtVSOgAa+F0Luy3vuwvZSJ5X6ID7yDGoPxsQt3iXL8C+H4zAW83pEw5CX/1cEElQ1wcXJC86nLofwC81ZttavCOhM89yag12AY2ZTcQlAbArQ99+png1tZI3VcJa5a3uGwiSRmU9PFsH5+miXmTNaVdorlVekW/8E2RSvKd1H5VAQ8WOQMTJoSMCdhK7LRB8pF9d4BdXbbrlC+tKOb+aMlzpGbPDBKlAjQ2Fapv+0SBzWnmRnlWmcrX0/VSvEPpx1G9evKpTDNR8Xo4gaR/PzGn9NNzpQNxPQOGPsphAioQ3lESNrRjYN8ErCl4nOR1SVazE+PMwGC8GzysCEl0ep7oKbqZnumbHbInoc+6Tsjot/KXG5ByZGLRx9/7+o84t8mMccdCeSGQiqqnbI8VCmfWVCjzNG2ND4KpF5fBo1eA2DaEI97XBY0/wZiKQEtPmfkpLwb6tbZ/f5AkAUT3wi1sIwi3MqpS0PbBIMia7OONdEw37MNmAn65yitz1Y8x4+6PeUo2j0kCXhThyfz8SSDOQquF9QxrhaSJTBHqDGD2WXe9LEg9YjUwoGFMRtc8ZWRS8Y33S4wwmlzZzxiKCaj/R50IyITrLqUow18bgrZxq1lY2Tb2ygWbGa0ix+XKFqCUBIOO7cwN66GyeLxFwnqjsnu2uHXioY42HHLIlbaMWtU1FGAcltAzDKQBLn2DGCg4BQXh9ycMijurO0MAlpibI4eDjb98agyisSrGEfSUH2k7fGls3v5uhJJOve/dL0oHkUi2LqnN8xwkRz5GtZJUIbJQCjIyKt5/YcGeMgYXSHXQxo+TpngVi27eouZd9J20IF7kn0cc8FHDgX9MmIH91BQ3UmTUogy3QfQHT3PKjMk2z/8/DtgOB3DUjJp1gsQivNeEoufgzXcaxXz3uyKCnzIyR8SIRbvY9U5uspLQJWjQcbHkvi2vSxLE64rsHI6OLH9OBMKAVluIxLMRrQXX2tzJG0c/Y9g+QxiSNVn7cIWzbdOlJsDz6qfD2HBZyfW6jjtymD/1NX7eCbnTw+iyDzFqZ/tKnnaj1vGak62/XGRwT0jrBt8td7N1Ebj/xMmLsd66nuSfF9TZXXVa3gWhqx9xQrXo5hLStQvNQt5UlvOZBhArVdp2gZ2hHNH2azSgLSf9HegZmLfil5H0Mt1uqqV/eZYo1PkgClNalzv/Bq/RO0ig53aIv6ko3xYUYZjhttYPxZ6q33KzDTJJG+2tC7h+XeMDfNKmb5MsuNA4b2znXAuz6g5DT0qgPVL6BnrR8ZER8C6FD0oA+xhc3faWlS4JkQIMtfXme2OQhG1rq2hSMzfG1kUfhFrtZjiyP0hRx47GEZbWeCOiFVRdjOQYq/+KxReSzxKAOEY6HEVwunxIA4Xe+bLXTs3VMJOdg9nPQBy0qwNVThtb5r01sghmDObPZnXRNbGUU5qi37dVHPy3iQSrL05Nwj2KOClRo54n9NbIB62bqvi51Gep+6qeL/KMo90XRQcWZgn/oZibZNovK8xmCvZ+QFeTJa8H+AdjaBeJWxc8DfLdGY0gHwFnZUrrBJv4YdLVnpXrbwbWaOrIDJ9ktej4v9ae/r2QS/4xzLryYK4gw6bp6A7uKGBeytYDfY8G3xK8jB50AD2sIBBPRpf/BwsORJGCHQCRGHfHXsKI3V6RF1Pi+7WDBndKQQMmyurfpsPY2rgLftTqc++39CjjGqt/kQ9ntgA//xl1ahdIxqCeMkFfsI+gxCXXN+Jdm7Ynu509wi9bb8R//G3UIReLkJkJv5xtl6DBLLLXzYdvBAR8Q6UHxihLX0yugxonXuFu0iED/OukAt6etmjgpITVidBwdo3FqC6mByk7BXk4QgKrulKnJKMqiIQt6ry920uOldiHzqeHJpdo+VbzSrUrKOonr+iWC+szl7gaWt7kz+7U0nxcwkZQXwAg1gTl2NG1ptaPyaeEFCT7eprmHgDKfiK0P8bI6gykZUo837zCHGttsHHWQC29pQdtHBIUW0NYwyIVkptswriA2t3Q78PSgjoWV8fN0dDO34CXdRJEfvBZqy0rp1Kyk6vesNg6kdi9xrAIm4B8yWs7DLxTcl4wRvdZziYB+0F1QzJ7fiqzbfVYgSy7VYcweGSskqJYYrfdphDQY6Dfqr6MUjNqvMKw3looNXZ0JuWq1Qbr/sUdZV3nVOVeKfZFweDK4Ft3mYBwk7Oh8UVPeE1NHOjxnFIGRLS9Hb1IFyqk4zwZ0IcF17PfDZquY9ar+TjKbwS3P7tCsJ73Qx6O1RUgUPhUJDOUbxn/uC0X69jzyzK/FpXVBKGnDZ71kMQlomhvbOTXP+e3pa8lsXfoKk/boghGw026tRHXtxANQsUvg43/TiKjDd71tfmm8k0/wvrN4gg7mA4m9wSzHgxRORWC0Ekda1esV9WkrCvgVd+hUBcO5QUr0d6GZHKjESI2oJnSZDT4ItbVVKplAaWpA6p2OPph7MYggntTYssQz4lP2JM8LPoZ3FBDaWtE0ti9FDV9WbaWPQshF1H0fvXVrLBshP5JMBNY7V9dlSAuJn9b5EP9I1YCqvUnCGJKTJlcCBtAggMk6ayxeU8hfhlI7qhCDfwzlcVbSysdvPwdWcJQY9IJJhMztDY4F0sJBoGA7Dbh5MPIF0YmuHVRTGy1M9rWM0dWBBUXjEJWb9uCrLYjltitKVW2E8+g+EPoY6Q2N+XEIKk+bd6fJToiJLVh9jKdAe9Sq9Qn1NySt3H61e2fgQn9fdbvPtZLYvDXBOjCdUcC1uL1MQUqW3vCgA7mvUSeRcDbEMaPBprOEYKy4+wJGIanpXDs/cqilo7My6yJZY1KXkyLFpXyB55L+2SWAf/MfxBVzOrQeh58tlqhHCyrAn22lUCRaGamklDRL7ygWxz41M4Juee+tZh7bSs8l1m6WQRmqtZRVRUAiKD1o60DWOYynIOfijSnzGBA68KxpHOhwR04c7aVoLKUqZfUn5+quImqsWonqFbS17oDet/4JVVoEsXOlTkLSyBJt6uur7DgEvhlmRcT4DcjeOCNfg6fjmoVa9+tiHEvFHhnuFMdtCdZHhv+vOHaPvxQeU2eNgFJmUtD/18NhXUbKWUH2mrA+brpWDLJBwFbERWQS8GD8tAFisRiryBuT9aIV3HHel6ficKLYdm4vVgHCo1h5C8eseubTfFWshj9BRty+VBB98u5eOVmYv/iiAdESzQu377VYqX8T3xe6aofPAmprLmeEElwoWUpZAwX+fhTfGozlpKndJCtgNxgVUe3eTTjZlhyywGabHn01V1ZbHaTR7QpBQKWPX8FVyaZfx56THB7n5fdnh8artPuDT20GBxrYejfcQUg6svDJ+MP+VoNZV6zDXxsiqCpeN7I0MAwow3gDAe1bPJWqcG93EyutoFnipbrv9IIAUv8XR6WQEosXy/ZyK+8kzyae57ugH8gkGo5eUaXTjlfXMWnd5FOGPukn4ADBzT9kheTJyXmgJwXZDbqMl/e719gM6sKflc6jlP/z1IVVwEM2m4jQE/+Tg1phEJSLJI6zJ4SzoFK9xdDlakgo9yP63/RPejFHryeVJJVajHVXfEZw4agaZVolLOhg30QXKms+J6GBzDUKBaO3ehuphU1yC8L8FBYIp3SB6VwgA9gjLZQ6qvczdSsebZgAx2Yw1shovsDnB3jksMRGVa0zEDGOCdLwOnNhOpJ/4ihb9UfoS1h+mY5HU67kNHPL7Uvr9zYAgjLEaTfh/qvVHrVohZSj9cxAa5NHFKphYZ3hKTCNpNZ0cEVrl6wI6oHzcLK2yxZcnIe2hCOfVIpFmoB9D75axF3a9lstQWy8aoiMwPvwOGpVokcOmJZUXyUuzMklAQ5qd24c8FyTzL1zaxAnYnmhSUE19fAqZV44WeIojTcpFrFEG8nf1tXzUvy1KZibIA/UvXK41rr07FeD4TSgYhUIRT8sy/L28+WNqZe74ZrNcJfhwYAUXLZyPojS,iv:hZ/WYNkgLj17HrACE7irq7vFze1Z99bS/D4Gax2FhQE=,tag:Wk4LwC6bcor1BZRNU5wZOA==,type:str] + githubusername: ENC[AES256_GCM,data:VirKE/ScXrSxIyLYDztA,iv:JBfxOxDulrUa94rAU0clRNay8xsU9tpR0FqKl4XiyUc=,tag:JOBcsstbBnuyhwA2et8qsg==,type:str] + githubpat: ENC[AES256_GCM,data:nnzYNsG1M6Elx/cfEXKlrSxPpJ1WyieiN27Jw9HSO2e9rYsRAIV0GshexjdxgEsJCIIBmKFtqwD9s7HC5HzH40/8gjvXGuiUg962n8EN0JbaUxpawFoyDeLQDNty,iv:6L2FYcaWPf/GS2A4r4aaGFBUuM4dpt7muc+fER5HYPU=,tag:s64J1jkbf5nj1jKUsN7Siw==,type:str] + dhis2user: ENC[AES256_GCM,data:JodZLOU=,iv:5b9QSaojlc3P7TGXq/kS7T+WyAWx2NdVz8I7MS57FAM=,tag:83O+P8+9Xz+8CpvB4IuYDw==,type:str] + dhis2pass: ENC[AES256_GCM,data:MHHsqW3AXoA=,iv:+tsavoR/G7BGBWcE99zulaFw8y6YXYg33BCX2B6X4yg=,tag:v5rW4utuMVRT6w6nJmn+jg==,type:str] alertmanager: config: global: @@ -93,8 +99,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-21T08:31:34Z" - mac: ENC[AES256_GCM,data:Pkvzkly0uqsRK/B0xGzLFVzYP1pd+cJW0GXd+0ubzsRKds/l/zRYfNIJm+dH9lSHzxDxKhevxh7dHwfmUJH/ImfQHO4kDjtb8ekekrum5Y3ED/Glmjp3w/KI4cv6QQRs74aUuXN0e6m3WxsYJMxO7I1bJYfnvrtgJfd+tN6WueI=,iv:H1umrz022eUWP9bI3HFGrlVwsdMZevoWHps2q0/iZ6A=,tag:vxZJutcOPiwBEP989flGGg==,type:str] + lastmodified: "2023-11-21T14:25:23Z" + mac: ENC[AES256_GCM,data:w6h3JNDmJTKuEXk1P3gslzgOKHi5D7l2Z9vRtyR62cHcjddQ0pf851ytgNsVA1NWFr5AABIu8vu4SZGzqFpst+TLNOFZp/Y54jr2OJYKyMirI9nq0cAdD48u5mhZTqf0CWoeRy/rp33Vo1UGkpdQOWXcYBRmJzkgrYoST376xs8=,iv:We9x07zfI2vI+TMcQoTFwxafv/RZCJfQAB5KJ7Q6+Q4=,tag:M5d0HyYUduJn49cs7Aeizg==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index e73d1d4109..83923c03b7 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -17,8 +17,10 @@ cluster-configs: db-name: unifieduatdb ## Add db-name db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-uat.digit.org ## Add your Domain Name + aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ + aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ + aws-region: ap-south-1 egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" From 34d255a85b6aef73a94824f80ff64a913b31e168 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:09:56 +0530 Subject: [PATCH 470/742] added hcm-moz-impl secrets --- .../cluster-configs/templates/secrets/egov-filestore-secret.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml index 1eab7a3ea7..d69dcc6d79 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml @@ -1,4 +1,3 @@ - {{- with index .Values "cluster-configs" "secrets" "egov-filestore" }} {{- if index . "aws-secret-key" }} apiVersion: v1 From 6e09ce41382867e1c1c07ebebe1feed56992f3f5 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:17:35 +0530 Subject: [PATCH 471/742] added hcm-moz-impl secrets --- .../templates/secrets/egov-filestore-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml index d69dcc6d79..772ab1fdde 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml @@ -4,10 +4,10 @@ apiVersion: v1 kind: Secret metadata: name: {{ .name }} - namespace: {{ .namespace }} + namespace: {{ .namespace | quote }} type: Opaque data: awskey: {{ index . "aws-key" | b64enc | quote }} - awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} + awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 88705bd12ab821e96ad0d0e183c4005fa5562391 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:24:50 +0530 Subject: [PATCH 472/742] added hcm-moz-impl secrets --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 1d0fbcc1be..4beb2efb39 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -47,7 +47,7 @@ cluster-configs: namespace: egov name: egov-notification-sms - egov-filestore: + egov-filestore: namespace: [ egov, health ] name: egov-filestore From 9d4d97269ba924066ed4633c0872a7d2f8a9a0ba Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:32:32 +0530 Subject: [PATCH 473/742] added hcm-moz-impl secrets --- .../templates/secrets/egov-filestore-secret.yaml | 12 +++++------- .../helm/charts/cluster-configs/values.yaml | 2 +- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml index 772ab1fdde..532a62398d 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml @@ -1,13 +1,11 @@ -{{- with index .Values "cluster-configs" "secrets" "egov-filestore" }} -{{- if index . "aws-secret-key" }} +{{- range .Values.cluster-configs.secrets.egov-filestore.namespace }} apiVersion: v1 kind: Secret metadata: - name: {{ .name }} - namespace: {{ .namespace | quote }} + name: {{ $.Values.cluster-configs.secrets.egov-filestore.name }} + namespace: {{ . | quote }} type: Opaque data: - awskey: {{ index . "aws-key" | b64enc | quote }} - awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} -{{- end }} + awskey: {{ index $.Values.cluster-configs.secrets.egov-filestore "aws-key" | b64enc | quote }} + awssecretkey: {{ index $.Values.cluster-configs.secrets.egov-filestore "aws-secret-key" | b64enc | quote }} {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 4beb2efb39..8f1cc3a3d5 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -49,7 +49,7 @@ cluster-configs: egov-filestore: namespace: [ egov, health ] - name: egov-filestore + name: egov-filestore hcm-moz-impl: namespace: health From 25a2adc23a9d2f748e31ab4267cd421e04c85377 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:35:08 +0530 Subject: [PATCH 474/742] added hcm-moz-impl secrets --- .../templates/secrets/egov-filestore-secret.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml index 532a62398d..772ab1fdde 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml @@ -1,11 +1,13 @@ -{{- range .Values.cluster-configs.secrets.egov-filestore.namespace }} +{{- with index .Values "cluster-configs" "secrets" "egov-filestore" }} +{{- if index . "aws-secret-key" }} apiVersion: v1 kind: Secret metadata: - name: {{ $.Values.cluster-configs.secrets.egov-filestore.name }} - namespace: {{ . | quote }} + name: {{ .name }} + namespace: {{ .namespace | quote }} type: Opaque data: - awskey: {{ index $.Values.cluster-configs.secrets.egov-filestore "aws-key" | b64enc | quote }} - awssecretkey: {{ index $.Values.cluster-configs.secrets.egov-filestore "aws-secret-key" | b64enc | quote }} + awskey: {{ index . "aws-key" | b64enc | quote }} + awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} +{{- end }} {{- end }} \ No newline at end of file From d28a1374161325cc96b1bff9e4dff3685c61bf54 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:37:10 +0530 Subject: [PATCH 475/742] added hcm-moz-impl secrets --- .../templates/secrets/egov-filestore-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml index 772ab1fdde..d69dcc6d79 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/egov-filestore-secret.yaml @@ -4,10 +4,10 @@ apiVersion: v1 kind: Secret metadata: name: {{ .name }} - namespace: {{ .namespace | quote }} + namespace: {{ .namespace }} type: Opaque data: awskey: {{ index . "aws-key" | b64enc | quote }} - awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} + awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 1dae4de62ee1c7ad08a59dc83d7147da58b7060d Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 21 Nov 2023 20:48:16 +0530 Subject: [PATCH 476/742] added hcm-moz-impl secrets --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 8f1cc3a3d5..7c5065d2f5 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -48,7 +48,7 @@ cluster-configs: name: egov-notification-sms egov-filestore: - namespace: [ egov, health ] + namespace: egov name: egov-filestore hcm-moz-impl: From d391d45c82c9ef4d6890160ae94ebe74c73c78d0 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 22 Nov 2023 10:46:46 +0530 Subject: [PATCH 477/742] updated memory size for zuul --- deploy-as-code/helm/environments/unified-health-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 83923c03b7..c1f457a04d 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -412,6 +412,7 @@ cert-manager: zuul: replicas: 1 + memory_limits: 512Mi custom-filter-property: "false" tracing-enabled: "true" heap: "-Xmx704m -Xms512m" From cc2a4a9e027da0cc03da944ea18c184bdd3014e0 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 11:06:40 +0530 Subject: [PATCH 478/742] Hlm 4469 (#2120) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * changed context path * added individual service * added charts for workbench and health ui --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../helm/environments/unified-health-uat.yaml | 18 ++++++++++++++++++ .../helm/environments/unified-uat.yaml | 7 +++++++ 2 files changed, 25 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index c1f457a04d..af41ce1348 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -175,6 +175,14 @@ citizen: ';" + s +health-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" @@ -275,6 +283,16 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" +individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "mz" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> health-mdms-v1: diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 2bbaf4443e..7eee7a8289 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -170,6 +170,13 @@ citizen: ';" + +workbench-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" From 835283b3567a8cb038e3d25270428c29aeba860e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 22 Nov 2023 12:17:03 +0530 Subject: [PATCH 479/742] added service-host in the unified-health-uat env --- deploy-as-code/helm/environments/unified-health-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index af41ce1348..dd22faaed4 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -70,6 +70,7 @@ cluster-configs: egov-user-egov: 'http://egov-user.egov:8080/' egov-location: 'http://egov-location.egov:8080/' egov-filestore: 'http://egov-filestore.egov:8080/' + hcm-moz-impl: "http://hcm-moz-impl.health:8080/" egov-localization: 'http://egov-localization.egov:8080/' egov-idgen: 'http://egov-idgen.egov:8080/' egov-otp: 'http://egov-otp.egov:8080/' From 2ba3111e34294dbc078e59c7724a62c019e1163d Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 22 Nov 2023 12:21:50 +0530 Subject: [PATCH 480/742] added service-host in the unified-health-uat env --- .../helm/environments/unified-health-uat.yaml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index dd22faaed4..0b7a2c124a 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -723,12 +723,12 @@ es-curator: hcm-moz-impl: replicas: 1 - heap: "-Xmx1024m -Xms1024m" - memory_limits: "2Gi" - startDate: "28/08/2023" - endDate: "22/09/2023" - resources: - requests: - memory: "2Gi" - limits: - memory: "2Gi" \ No newline at end of file + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + # startDate: "28/08/2023" + # endDate: "22/09/2023" + # resources: + # requests: + # memory: "2Gi" + # limits: + # memory: "2Gi" \ No newline at end of file From 5c1805bffee250749375c108c6e1fc7d47444fc6 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 14:04:59 +0530 Subject: [PATCH 481/742] added servlet config (#2122) --- .../helm/charts/health-services/health-mdms-v1/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml index 117ed10d62..b1fdafd465 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml @@ -40,6 +40,8 @@ branch: "master" env: | - name: SERVER_CONTEXT_PATH value: /egov-mdms-service-legacy + - name: SERVER_SERVLET_CONTEXT_PATH + value: /egov-mdms-service-legacy - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: egov-mdms-service-consumer-group - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER From 942d425e3fa417a286c218cbed5ff3e9beacac54 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 14:17:12 +0530 Subject: [PATCH 482/742] HCM Added servlet paths for mdms v2 (#2123) * added servlet config * added servlet paths --- .../helm/charts/health-services/health-mdms-v1/values.yaml | 4 ++-- .../helm/charts/health-services/health-mdms-v2/values.yaml | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml index b1fdafd465..b7854c5659 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml @@ -24,8 +24,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/egov-mdms-service/health" - readinessProbePath: "/egov-mdms-service/health" + livenessProbePath: "/egov-mdms-service-legacy/health" + readinessProbePath: "/egov-mdms-service-legacy/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml index 330726a6fb..2add66cea9 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml @@ -39,6 +39,8 @@ egov-mdms-data-save-topic: "save-mdms-data" env: | - name: SERVER_CONTEXT_PATH value: /health-mdms-v2 + - name: SERVER_SERVLET_CONTEXT_PATH + value: /health-mdms-v2 - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: egov-mdms-service-consumer-group - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER From 1d00af5a65cd0ad4f116aa455d04df587c0673c2 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 22 Nov 2023 15:25:17 +0530 Subject: [PATCH 483/742] added service-host in the unified-health-uat env --- deploy-as-code/helm/environments/unified-uat.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 7eee7a8289..089b66bf10 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -434,6 +434,8 @@ cert-manager: zuul: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" tracing-enabled: "true" From ac715f70c8139a18ba399a145febfab26b57822e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 22 Nov 2023 15:27:31 +0530 Subject: [PATCH 484/742] updated zuul memory size --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 ++ deploy-as-code/helm/environments/unified-health-uat.yaml | 2 ++ deploy-as-code/helm/environments/unified-urban-uat.yaml | 2 ++ deploy-as-code/helm/environments/unified-works-uat.yaml | 4 +++- 4 files changed, 9 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index a91df5fc41..552539e7e9 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -416,6 +416,8 @@ cert-manager: zuul: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" tracing-enabled: "true" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 0b7a2c124a..17c8758de5 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -430,6 +430,8 @@ cert-manager: zuul: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m replicas: 1 memory_limits: 512Mi custom-filter-property: "false" diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml index 3933ebeb49..89689f5e0f 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -396,6 +396,8 @@ cert-manager: zuul: + memory_limits: 512Mi + heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" tracing-enabled: "true" diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index 2481dc01da..30a944d1fa 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -430,7 +430,9 @@ egov-notification-sms: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> zuul: - replicas: 2 + memory_limits: 512Mi + heap: -Xmx256m -Xms256m + replicas: 1 custom-filter-property: "false" tracing-enabled: "true" heap: "-Xmx704m -Xms512m" From cb748efb6c5d5ad3b688963e595e4e91c50ef08a Mon Sep 17 00:00:00 2001 From: Anil Singha <99383116+anilsingha-eGov@users.noreply.github.com> Date: Wed, 22 Nov 2023 16:12:06 +0530 Subject: [PATCH 485/742] HLM-4478 : Added config for localization & health -hrms (#2124) * HLM-4478: Added health-hrms path * HLM-4478: Added egov localization * HLM-4478: Added egov localization * HLM-4478: updated path for indexer and added localisation * HLM-4478: updated path for persister path * Hlm 4469 (#2125) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * changed context path * added individual service * added charts for workbench and health ui --------- Co-authored-by: Bhavya-egov --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Co-authored-by: Bhavya-egov --- .../helm/environments/unified-health-uat.yaml | 2 -- .../helm/environments/unified-uat.yaml | 16 +++++++++++----- 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 17c8758de5..97d95750c9 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -505,8 +505,6 @@ egov-hrms: java-args: -Dspring.profiles.active=monitoring employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-config: diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 089b66bf10..ca947a38d9 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring ] + namespace: [ egov, monitoring, health ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring ] + namespace: [ egov, monitoring, health ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" @@ -304,13 +304,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -366,7 +366,13 @@ report: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + report-locationsfile-path: "file:///work-dir/configs/health/reports/reportFileLocationsv1.txt" + + +egov-localization: + replicas: 1 + heap: '-Xmx256m -Xms256m' + memory_limits: 512Mi pdf-service: initContainers: From 44538073e9f7ad8ab2b18a2df566957f2764de4b Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 16:21:18 +0530 Subject: [PATCH 486/742] updated the configs (#2121) --- deploy-as-code/helm/environments/unified-health-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 97d95750c9..e13465d481 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -181,7 +181,7 @@ health-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" egov-filestore: diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index ca947a38d9..75e5f7e8ab 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -175,7 +175,7 @@ workbench-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - ';" + ';" egov-filestore: volume: /opt/eGov/filestore From 4e5eaa7fd6b24a672572b2acf612c5d1851948a8 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 16:56:51 +0530 Subject: [PATCH 487/742] HLM 4469 (#2126) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * changed context path * added individual service * HLM-4469:added egov-mdms-legacy in whitelist --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 75e5f7e8ab..5cf4c14f76 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -448,7 +448,7 @@ zuul: heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,egov-mdms-service-legacy/v1/_search" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 626354b727aec705377d56f1325debc652de9e3c Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Wed, 22 Nov 2023 17:36:41 +0530 Subject: [PATCH 488/742] HLM 4469: Added namespace (#2127) * HLM-4469 Update the integration of Location service with mdms v1 * changed the name of folders * changes * added memory_limit * changed context path * added individual service * HLM-4469:added egov-mdms-legacy in whitelist * HLM-4469:added namespace in mdms ingress --- .../helm/charts/health-services/health-mdms-v1/values.yaml | 1 + .../helm/charts/health-services/health-mdms-v2/values.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml index b7854c5659..c104ae4732 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v1/values.yaml @@ -7,6 +7,7 @@ namespace: health # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "egov-mdms-service-legacy" diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml index 2add66cea9..2165aef923 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml @@ -7,6 +7,7 @@ namespace: health # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "health-mdms-v2" From 94e8d072af9c3bd09821e7bc1d23b3d54c4a7b97 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Thu, 23 Nov 2023 12:24:08 +0530 Subject: [PATCH 489/742] updated the path (#2129) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 5cf4c14f76..cc48d704f1 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -448,7 +448,7 @@ zuul: heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,egov-mdms-service-legacy/v1/_search" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/egov-mdms-service-legacy/v1/_search" egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From c68aed95ffe6d6b056d19c0d7e1d44408eab41e7 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 23 Nov 2023 14:14:54 +0530 Subject: [PATCH 490/742] added pqm-service host --- deploy-as-code/helm/environments/sanitation-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index aba272afc4..96e7dfebf4 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -51,6 +51,7 @@ cluster-configs: collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" citizen-services: "http://citizen-services:8080/" + pqm-service: "http://pqm-service.sanitation:8080" dashboard-analytics: http://dashboard-analytics.egov:8080/ dashboard-ingest: http://dashboard-ingest.egov:8080/ demand-services: "http://demand-services:8080/" From aa91e3b6b0b5684548a17b769ecc7ceb4ffebc24 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:18:41 +0530 Subject: [PATCH 491/742] SM-3162 (#2130) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 96e7dfebf4..4061a30a74 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -138,6 +138,7 @@ cluster-configs: vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" pqm: "http://pqm.sanitation:8080" + pqm-service: "http://pqm-service.sanitation:8080" pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ From 63f21c2255053bc336ccf182759d3c5d369bec31 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:58:18 +0530 Subject: [PATCH 492/742] HLM4469 mdms legacy (#2128) --- deploy-as-code/helm/environments/unified-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index cc48d704f1..2528d4961a 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -73,6 +73,7 @@ cluster-configs: egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-legacy: "http://egov-mdms-service-legacy.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 0fcb8b5bac612ec94ba2a2b0ea83cd57223b7865 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Thu, 23 Nov 2023 14:58:29 +0530 Subject: [PATCH 493/742] added health-location (#2131) --- .../health-location/Chart.yaml | 26 +++++++ .../health-location/templates/deployment.yaml | 2 + .../health-location/templates/ingress.yaml | 2 + .../health-location/templates/service.yaml | 2 + .../health-location/values.yaml | 72 +++++++++++++++++++ 5 files changed, 104 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/health-location/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-location/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml new file mode 100644 index 0000000000..4b5bde206d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-location +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/values.yaml b/deploy-as-code/helm/charts/health-services/health-location/values.yaml new file mode 100644 index 0000000000..a3325b64fc --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-location/values.yaml @@ -0,0 +1,72 @@ +# Common Labels +labels: + app: "health-location" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "health-location" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "health_location_schema" + image: + repository: "health-location-db" + +# Container Configs +image: + repository: "health-location" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-location/health" + readinessProbePath: "/egov-location/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" +gmaps: true +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-location-consumer-group + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: SERVER_PORT + value: "8080" + - name: EGOV_SERVICES_EGOV_MDMS_HOSTNAME + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service-legacy + - name: EGOV_SERVICES_EGOV_MDMS_SEARCHPATH + value: "egov-mdms-service-legacy/v1/_search" + {{- if index .Values "gmaps" }} + - name: GMAPS_API_KEY + valueFrom: + secretKeyRef: + name: egov-location + key: gmapskey + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} From 5ac793d064d1ccd1505d1f7e4d787bb568433680 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 23 Nov 2023 16:16:48 +0530 Subject: [PATCH 494/742] uodated filestore credentials --- deploy-as-code/helm/environments/unified-qa-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-qa.yaml | 4 +++- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml index 7f391b6f06..ac206d73f4 100644 --- a/deploy-as-code/helm/environments/unified-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + aws-key: ENC[AES256_GCM,data:ulrU7jET1IQknZw0395So0RygRE=,iv:Vyu5wzG3VSJiyPAqZ5akhfFkiP2enrcf+873zVN+D3U=,tag:bPIj8wGenus3XIglZG7l+Q==,type:str] + aws-secret-key: ENC[AES256_GCM,data:CbPT6R83xSOlDk6iZ+MkY5OTJqk2SY+PACUqLPlKTp6SOcMR8dx23w==,iv:0LVB13htQ/5brm83N4WIYVOw8AnXThaCpeKN/hrDG4E=,tag:FK5H82FqtpjDhMvBUYrAGA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -90,8 +90,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-03T11:52:40Z" - mac: ENC[AES256_GCM,data:IDD4AtVQAkRR9L5IQJXoWxxD1+hU6qQ5FQ6B0flCnvnbxdVBqBHqg5QveHpfpIotzi01sviTK0pv0T8p/anxfH6f/XDu8wh7NgPm0dQ7JXzdHjRg2bzRB+Q3aVMJaWR/An6Td53E/J0ibUDXEroyX4FzMNyfDcTOdvJPuGor+Jk=,iv:QmZd4hsRzBdATZdxRDaNTGlvPuG1ovNY446gkRFgOEA=,tag:BkevFWOcTwgP2u143+foVw==,type:str] + lastmodified: "2023-11-23T10:44:00Z" + mac: ENC[AES256_GCM,data:fGbHOICdSDpj568M/tkmItMjZd7JAGspTrxItLOxThgdtQwwftRWbfJiEjSZZTttV7igbMz2OQjNfXGDiVw0Dx/Iz06VmECgWs1IRzjCFQcYLd1onRcugMP9dLhPNC6zKdlzvw1GGx2BFQnuyMyhFp5+t1THflLXw+p+1d3I2L0=,iv:WLW6E8pLI5zihLISfufwxqDweFFcAyPOa7hFw8Zy+cU=,tag:K6n/Wd7JHNCUbmB84Pws4g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index bafe2e604f..4e7292fd36 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -171,6 +171,8 @@ citizen: ';" egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -180,7 +182,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: unified-qa-s3-bucket ## Add filestore bucket name + fixed-bucketname: unified-qa-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" From 563ba2d8ecaa9425f01f76c98a9df44677486b74 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 23 Nov 2023 16:22:02 +0530 Subject: [PATCH 495/742] uodated filestore credentials --- .../environments/sanitation-qa-secrets.yaml | 20 +++++++++++-------- .../helm/environments/sanitation-qa.yaml | 4 +++- .../unified-health-qa-secrets.yaml | 20 +++++++++++-------- .../helm/environments/unified-health-qa.yaml | 4 +++- .../unified-urban-qa-secrets.yaml | 20 +++++++++++-------- .../helm/environments/unified-urban-qa.yaml | 4 +++- .../unified-works-qa-secrets.yaml | 8 ++++---- .../helm/environments/unified-works-qa.yaml | 12 ++++++----- 8 files changed, 56 insertions(+), 36 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml index a6d83beff9..50cc849d9b 100644 --- a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + aws-key: ENC[AES256_GCM,data:Ltjuy6j9lAv14jYFz+aAjHsoEG0=,iv:Jokzsmrf4Ng7iwrhzjDT2AhgfAzghujRQntP0HwFkZc=,tag:zp8kq5vjmwwU471XrZkBmQ==,type:str] + aws-secret-key: ENC[AES256_GCM,data:plLsGSna3i99HP6cItdeaCKRSwjG5tWWRc/yJ1pGIk4PYICQshDeSA==,iv:VTBdjdOfFRB1LMqMFqzS+L+PCn53fsmg+Mud16OyK2U=,tag:ROLdsP8J/l7LKD/gCcY9SA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -56,12 +56,16 @@ cluster-configs: cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-09-26T16:11:43Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-09-26T16:11:43Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-09-26T16:23:25Z' - mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-11-23T10:50:47Z" + mac: ENC[AES256_GCM,data:6CYftV71uF3LPgaNPygxiqRKecr88Z/xMefE5JvjMj9GA5d/f/Pp3ZTWUZ8esZ9Y7Wd/cDZrhnJA+Vplb0Ixf0rgUH1Lod8C+6Zqj3U099pdokzGVjFIW2mmCW/fMsg+2att875VaS/gG8iTQm5nnSqTjveyCeNKzaBGCG7TqiM=,iv:WHoexlRORPzAp1spCIRSNkCvviTYDhihymLaCnhQylM=,tag:0W4su1CJI0bUBSwAqj1XVQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.0.0 + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 4061a30a74..32dccd70ee 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -172,6 +172,8 @@ citizen: ';" egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -181,7 +183,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-qa-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml index a6d83beff9..77b1a57c8e 100644 --- a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + aws-key: ENC[AES256_GCM,data:RP1P19XQ93Gymb0yVp9HeX4+Ab0=,iv:afS7ffocVZvxU3WT+lQLCzvOq1o6Q2Z8kEPMdHYLwSU=,tag:1w1HfvnUxRw1ds06OIOwbA==,type:str] + aws-secret-key: ENC[AES256_GCM,data:DnnmNC2wUDaOeDqiTQN6A+cNAZWi1tFgs9qyElqTZfTTpvDqBprRlw==,iv:5w/IYvtrpZFEWbS+zwuLFJuLt/nHAG7mgxvWTXBxmzU=,tag:00SXlRkwvCRbLVkYJOzv2w==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -56,12 +56,16 @@ cluster-configs: cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-09-26T16:11:43Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-09-26T16:11:43Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-09-26T16:23:25Z' - mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-11-23T10:51:04Z" + mac: ENC[AES256_GCM,data:mps+eZMjfSbbuBdh3+v8exkuRN3fDhDqg/L0YFYJEXlkFWZVnDFmoaxjfuusWgtEWHYC/G+7PsXDprWZA86Dgp0Z63EYNt5aUHA13gmOvyDYjKxKlfMlrCpdig8+dOPQjxkdMwkZVXimVoFSisNukxcufqslVd5x1qRbp2McShA=,iv:z6Hoh7IhJf/9qT/PkkVVlW12gehDjSfUOGPe55Y6/1w=,tag:oKCsNNFExDeXqMKISmPq/A==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.0.0 + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 7059d0d979..786e08fb75 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -183,6 +183,8 @@ health-ui: ';" egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -192,7 +194,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-qa-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml index a6d83beff9..6778a136e6 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:Zhm/gTthQOYWEQ==,iv:tgJstX5Q1nLOVDC5FBYizs25tTSw1aSz4c1kZwAchhg=,tag:PeWpyZUPdQPPJPrZAjtU3g==,type:str] - aws-secret-key: ENC[AES256_GCM,data:S5Yj5Cm4SBvl3A==,iv:6tMYK3qmXe0c/kl5a/9oJkNYM/HZhXPGAEdJFgIHLSk=,tag:r+drt0GLWKRRohn2wAVo8A==,type:str] + aws-key: ENC[AES256_GCM,data:SDoqgYTGoNhkwp9nfYdaC5ETStQ=,iv:3iYDfY/1vB2pxYfEWklsxebfr9PHiCts8OlZ45nlinI=,tag:h38e4ohxD+bXf0/R7FzLGQ==,type:str] + aws-secret-key: ENC[AES256_GCM,data:MPAhLsxrIRPiGZ0CYxfE8DjNISGntKybxDdT3ZDqsnHpHerI4FiSSg==,iv:9bLy/8wdnCCTomAeNX6AH0tJ+nE82Q1TBTqQfqJVBwI=,tag:o9RV2S+LF975f1t6uURJDA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -56,12 +56,16 @@ cluster-configs: cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-09-26T16:11:43Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2023-09-26T16:11:43Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-09-26T16:23:25Z' - mac: ENC[AES256_GCM,data:Xo9ZRq5r1vK3yp2PFo3Jty44j9gQn0mIVxTeYrOkcLGq/D8G0v3m38b++HByJMZsDtUNTvuDuWVw5NMXsOTyGk0meOneskLFa5ws8MUmJ9riRAXgNr3AnXAY9MNM2DAtQM6HxL7djJPMuAchfvGLhj+5x20r7/QNrgyZn6EpM20=,iv:2FuoRKgGPADjg4D4r2saWbGI9/vZ0xQdfMZ0rnPTGnQ=,tag:xvE7XxaO5WKNAOjWxPWY8g==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-11-23T10:51:19Z" + mac: ENC[AES256_GCM,data:p6K5c1j12fp8PFSSysHUB3EA72QrIeSAtTdWwLsxZInbVowweSWr1xdkAOjpAlRcJ6M0FOMG+QQnExtJE/ISWiWkpTvhNhEN/d77inUqzHfx1gk7TAIixNvVCUSeXeavKZMUqUgg2fqp83peayHUtBxhnHAu+dbtaQqkmZ0EqPs=,iv:QZDFeRY1Ei2eeumCYQK61rKpbVBaIcyaEeLhWGXt/ZM=,tag:Y4G0pC9U5COQgMzaA3Rk7Q==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.0.0 + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index d578b78179..e43313ec82 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -167,6 +167,8 @@ citizen: ';" egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -176,7 +178,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-qa-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml index 4b2f453a62..7d83287019 100644 --- a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:2IQgPP5NdXSvsO1QqUgxtaZ5j7k=,iv:wrV0mKmO3/uvml6PagKqUhUXpq7cRSaDA6AXKdUIEgI=,tag:6990/TZnBku7U0CAiZUh0A==,type:str] - aws-secret-key: ENC[AES256_GCM,data:SEhJ+uBJgiJJQOXbJWR42IEzIxN2NCoq72sxtmMGZ8wE/SZRpFxkcw==,iv:M1cOIKTLn8cWZEF9qNGY1lTZbzpogQJMCPiVp8BZpgE=,tag:XwBlwDvTLQo15q8XDo8UrA==,type:str] + aws-key: ENC[AES256_GCM,data:E4DNPYHCvJc5ymH8iDJm9juMSr0=,iv:SV3SoDQxL2BaPutf53p7iCzup6oRbefVmkniYWA+zfM=,tag:eIigvkSUsBfLKDiipx698A==,type:str] + aws-secret-key: ENC[AES256_GCM,data:WEwi4htbp3WVRkYc7uYS/eQ8rrz9eM4re1Sls/uI87glE1uwkM+xfg==,iv:Teg6jzoiJLfheKxo6JvQP9Cq5uXeVa/B6oo4hsquW/k=,tag:ciYkzywrM+qIGF3QvdUFog==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] egov-pg-service: @@ -64,8 +64,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-07T12:05:04Z" - mac: ENC[AES256_GCM,data:kh2tPeZxX196a5j/Q+DdwD4AWzFtJBo7ggLC5uJPYx8UzJwKNAj4+6ejXvtMm/CelFU19mmvfLOcKkp3KLi5LfIWWuRDYIt16sAqc+/YgVtlD7IPb8gQ1o6x2rDC5tjzlDAwh79m7woK0yv2ewMox/hFf6nwrAto6jhOjt0riH0=,iv:7jw3o1bZWZlL1tNm1oXYXBfSRaWQydl6Vb5gLlYcpPg=,tag:sefjjKkB0+LXHd5bquzYBg==,type:str] + lastmodified: "2023-11-23T10:51:40Z" + mac: ENC[AES256_GCM,data:HijI/3Y0wCFctELqmsoey2QKlWjrIgWr8lT1OHjLKb7s374Fb0C2GqUvaB/nYVrWJSKl/vEjlecmDpvofgq6zbbtL/UgWJVulsE2IAU7vIb0Db87+L5/I+D0otB/CF3GRlQPPsp1fVOZYnvpD8drY/OxxjThYYt6yZS2CA9uiyM=,iv:HSRsrsngS64QY0QZmLD8VO55OTlfTOzh/8lfg6mwho4=,tag:6fu14/cGv1ZD6hNv5QEOGQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index b8509b3588..d14e765ead 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -358,15 +358,17 @@ egov-mdms-service: egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + memory_limits: 512Mi + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" - fixed-bucketname: "unified-works-qa-filestore" minio-enabled: false - aws.s3.url : "https://s3.amazonaws.com" - is-bucket-fixed: "true" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 + fixed-bucketname: unified-qa-filestore ## Add filestore bucket name egov-user: replicas: "1" From b1502648c038ed2dc8133ee72068617fa939674b Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Thu, 23 Nov 2023 16:58:04 +0530 Subject: [PATCH 496/742] updated path (#2132) --- .../helm/charts/health-services/health-location/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-location/values.yaml b/deploy-as-code/helm/charts/health-services/health-location/values.yaml index a3325b64fc..50427e5033 100644 --- a/deploy-as-code/helm/charts/health-services/health-location/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-location/values.yaml @@ -25,8 +25,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/egov-location/health" - readinessProbePath: "/egov-location/health" + livenessProbePath: "/health-location/health" + readinessProbePath: "/health-location/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" From 82e6bf74ffc581f0ca21d474e69897188a3df1e9 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 23 Nov 2023 17:10:24 +0530 Subject: [PATCH 497/742] updated oauth2-proxy secrets --- .../helm/environments/sanitation-qa-secrets.yaml | 8 ++++---- .../helm/environments/unified-health-qa-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-qa-secrets.yaml | 6 +++--- .../helm/environments/unified-urban-qa-secrets.yaml | 8 ++++---- .../helm/environments/unified-works-qa-secrets.yaml | 8 ++++---- 5 files changed, 19 insertions(+), 19 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml index 50cc849d9b..5f477728bd 100644 --- a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml @@ -51,8 +51,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] - clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + clientID: ENC[AES256_GCM,data:jNk3oWWYpGnulA52AExvtk6XH/s=,iv:HJBJt0ULa6uRBhKojp6rIYh0FDf1+gRSTRVTtt1tlOo=,tag:8OVI2YzyCgTNMf0JbrQQrA==,type:str] + clientSecret: ENC[AES256_GCM,data:87SgqZoocll84SsgIHrHz0uHZcdMgKZkyDFJV2Y+ZbkKQ5ejcRBCEQ==,iv:kPPSMc0kiCuzaGx9GCDej47+8KFK63R0twnhYI3iOJo=,tag:YkyXudnkyUcUkujN2Wch+w==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: @@ -64,8 +64,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-23T10:50:47Z" - mac: ENC[AES256_GCM,data:6CYftV71uF3LPgaNPygxiqRKecr88Z/xMefE5JvjMj9GA5d/f/Pp3ZTWUZ8esZ9Y7Wd/cDZrhnJA+Vplb0Ixf0rgUH1Lod8C+6Zqj3U099pdokzGVjFIW2mmCW/fMsg+2att875VaS/gG8iTQm5nnSqTjveyCeNKzaBGCG7TqiM=,iv:WHoexlRORPzAp1spCIRSNkCvviTYDhihymLaCnhQylM=,tag:0W4su1CJI0bUBSwAqj1XVQ==,type:str] + lastmodified: "2023-11-23T11:38:14Z" + mac: ENC[AES256_GCM,data:F9lxx5KUFQzE7HJLjXtijQgQDXX0p8L8imlnk39gTMew1BeI8PlkHQw59AIjp0aKnbakQpoCHzrhQHOHWLy/CPJVefkFasCfSQVNt4mTny3IkBBR/M3Ye6g/Ohj0dn7feSoBMhBEa+47LlsvOJEgjh4zm7j+jeULvTHZIBTX7fU=,iv:oc1D1t3lI/H4Y4mvu9DS0Gpv0wCHx7OoznJkpJvwN0g=,tag:FCz+fqAaqpgYfUBOV4IjeQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml index 77b1a57c8e..73d127b9fe 100644 --- a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml @@ -51,8 +51,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] - clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + clientID: ENC[AES256_GCM,data:U9rsNwn20caZ4MhndJ/haTpwo5w=,iv:8yE09RZIhs2KnB5Tn/jP58iyoZbfwU8X6YQ8KjbhoaQ=,tag:MeSM0Db73C46BsozPJfu7g==,type:str] + clientSecret: ENC[AES256_GCM,data:nd+UHk6I4gsyCLzbcNbo63QT7+FUZEtIBXOXA9zXUXIJxy9eYxjfhw==,iv:X+LW8tHbGGl9w76OSJeuCuA0b6XqIuntOWU9qSaUEBc=,tag:BrKbVr8cMEN7SWx0Nbhsig==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: @@ -64,8 +64,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-23T10:51:04Z" - mac: ENC[AES256_GCM,data:mps+eZMjfSbbuBdh3+v8exkuRN3fDhDqg/L0YFYJEXlkFWZVnDFmoaxjfuusWgtEWHYC/G+7PsXDprWZA86Dgp0Z63EYNt5aUHA13gmOvyDYjKxKlfMlrCpdig8+dOPQjxkdMwkZVXimVoFSisNukxcufqslVd5x1qRbp2McShA=,iv:z6Hoh7IhJf/9qT/PkkVVlW12gehDjSfUOGPe55Y6/1w=,tag:oKCsNNFExDeXqMKISmPq/A==,type:str] + lastmodified: "2023-11-23T11:38:39Z" + mac: ENC[AES256_GCM,data:hJlk0W6G8nRQ2B9ruxhkkBMZROPihskQX5lW2otprG0+Ad1THVqTlYycVCc6UvFINrlkeNT4htwbBpIUiT7u28AtGB0BCPLjsb+wmlP936GfSUWJUpD3s2dAqgKKOXeCovweW0Ah4ExwPX1nMwOkXE5EgaPQ34Ag2/L1zn270Sg=,iv:LDhwwooegSCzgjOH71qf4hd8G5HNf6wNlWcsA3wsFRw=,tag:1d2VI+trqgibQK8r8pvpiA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml index ac206d73f4..ad5905450b 100644 --- a/deploy-as-code/helm/environments/unified-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-qa-secrets.yaml @@ -52,7 +52,7 @@ cluster-configs: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: clientID: ENC[AES256_GCM,data:63LswFTU8hO4dPN23VUDw1SefcA=,iv:t6aRfonLQGwgw1eo9tf8KJ+8n9DfLIyBFCC6PU+2LH0=,tag:OkZTlZFIUOmsNtyg5DF58A==,type:str] - clientSecret: ENC[AES256_GCM,data:nkT2zh02dhSa8YiTwIKWySG846VJ7lHpYkgEURDHnkWtpPevE7+0pg==,iv:qVg22Im0sIRYoZsTBQWvft56VgUxWZSYHFg/xgjSuGU=,tag:rY+DWG+eIA1w2oEvjcgpvg==,type:str] + clientSecret: ENC[AES256_GCM,data:Z/jbNMxbVPTnHJIcHslxrzGh1K7JAlRwX/fXhdjwXWr3Yn0b6flDKg==,iv:/d6Ivz6TAiHx5mFPYqFoLTcBs2FxUnR2zGXiudPjxhM=,tag:2sMlXiDstzU7QRg8hHCODA==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] alertmanager: config: @@ -90,8 +90,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-23T10:44:00Z" - mac: ENC[AES256_GCM,data:fGbHOICdSDpj568M/tkmItMjZd7JAGspTrxItLOxThgdtQwwftRWbfJiEjSZZTttV7igbMz2OQjNfXGDiVw0Dx/Iz06VmECgWs1IRzjCFQcYLd1onRcugMP9dLhPNC6zKdlzvw1GGx2BFQnuyMyhFp5+t1THflLXw+p+1d3I2L0=,iv:WLW6E8pLI5zihLISfufwxqDweFFcAyPOa7hFw8Zy+cU=,tag:K6n/Wd7JHNCUbmB84Pws4g==,type:str] + lastmodified: "2023-11-23T11:39:06Z" + mac: ENC[AES256_GCM,data:XVozUuyRMdJBvezGJiEHPCDzTqGggN+pSaYWNmqt1k7Zna4vAYCIn3KtxMB7vVZ8DrOhdyOFm8sm22uUJPcc6LDQHBpL+qf5scJ1KUxGKf4/d+GZMSAXTyLN98xQO0pGeaesU47u3K/1ObjtOlBUkWSXBk2kNraIKyO9a1SWsDs=,iv:vUjP6+9bSbJrK301XvScvuTuXpXd4d/VKx1g1W3Gztw=,tag:y+1KiZjJDigCIDyE1wQKEA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml index 6778a136e6..4d10acebf6 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml @@ -51,8 +51,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] - clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + clientID: ENC[AES256_GCM,data:b0Nm5XRP67SyAiS7iXbpFerrD+8=,iv:Ha5OkYoAKN1WawR4vC8rha3DfUMDLokA/efKl9ct0/U=,tag:e1Xxz1LdJBxI0rYXy2hcKQ==,type:str] + clientSecret: ENC[AES256_GCM,data:o2D8qcrn1hRnD6XrTrEEdJlE49yxw29sA4kEK74q0U0QQFNusL76aQ==,iv:K2hcTpvEwVk2rbzv0qFRrlShayr9q4pbNjyIeGXewy0=,tag:GYGpEmzahiGCP52cq91ibA==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: @@ -64,8 +64,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-23T10:51:19Z" - mac: ENC[AES256_GCM,data:p6K5c1j12fp8PFSSysHUB3EA72QrIeSAtTdWwLsxZInbVowweSWr1xdkAOjpAlRcJ6M0FOMG+QQnExtJE/ISWiWkpTvhNhEN/d77inUqzHfx1gk7TAIixNvVCUSeXeavKZMUqUgg2fqp83peayHUtBxhnHAu+dbtaQqkmZ0EqPs=,iv:QZDFeRY1Ei2eeumCYQK61rKpbVBaIcyaEeLhWGXt/ZM=,tag:Y4G0pC9U5COQgMzaA3Rk7Q==,type:str] + lastmodified: "2023-11-23T11:39:30Z" + mac: ENC[AES256_GCM,data:rMvlfhPnEVtNxCgfqJfamHJBAD2yb2zHzL7Tvus7auhjjZHDhJ5BFIC0ws7PTQlBRcUw3yuQRS5sEWEPx2gqfzq6A0YtTL8/EQKUdYcTm5CWfu//t8lYSi0K3/9KW/87ShPbhtLXXVLwHJjk/JKhIxM0KLDaXRR8q6Xlb7dRhUs=,iv:mmtntSlbILibKX3PHV2vo7RGOUULAx0nR70rriiTubM=,tag:qyCz8fx9Wtmcd1zPGRg6ZQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml index 7d83287019..f50112de2c 100644 --- a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml @@ -51,8 +51,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:fg38S+sHbwnor4FO,iv:qeDCxEQ0YR9AZtP8BtRfldnvAztFFTzZBHPvDHEOyis=,tag:mso73X7G4p8LArz+nmyTSA==,type:str] - clientSecret: ENC[AES256_GCM,data:QCjr40CECtQMdY2OjJojy46c6mIvOF9fPt0ILzRrfIQ/xKyOWA==,iv:xwbjzW8Xi6ukOgMgX42ojoIXX7NfDRHQm3PvFYrbBmA=,tag:Nb7f7kD7NmKyux8KSyYJgA==,type:str] + clientID: ENC[AES256_GCM,data:5A6q0glmodHx9s3rx4EhDAuYhL8=,iv:gmc5Vp8urSmR7v4tQnmHXkD/R4SfvqMuiyvBW4VKAdw=,tag:vlGXvsVOx64pv+23d+Wx1A==,type:str] + clientSecret: ENC[AES256_GCM,data:SFzkPN8A0OND8uHjbdCqPCTg777ocnXGYxSWnteLefmtuaLfLEsFLQ==,iv:OZRqnhjjmgYBZsNhZANXi3nAAjr704r4bWR0bsJo2VU=,tag:rWMIzE0DVRIxmQsFt+hHaw==,type:str] cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] sops: kms: @@ -64,8 +64,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-23T10:51:40Z" - mac: ENC[AES256_GCM,data:HijI/3Y0wCFctELqmsoey2QKlWjrIgWr8lT1OHjLKb7s374Fb0C2GqUvaB/nYVrWJSKl/vEjlecmDpvofgq6zbbtL/UgWJVulsE2IAU7vIb0Db87+L5/I+D0otB/CF3GRlQPPsp1fVOZYnvpD8drY/OxxjThYYt6yZS2CA9uiyM=,iv:HSRsrsngS64QY0QZmLD8VO55OTlfTOzh/8lfg6mwho4=,tag:6fu14/cGv1ZD6hNv5QEOGQ==,type:str] + lastmodified: "2023-11-23T11:40:08Z" + mac: ENC[AES256_GCM,data:wroLS5HZdx3z2Hx/xfBD9yCHpm3wrr1ryDPwH7tqldfaO5QAfA8kA8w01KNIDHWJCGoVsOQY62wuoR7gmEY08VDTLFElCdfKHpssQFqBWhyjCUMBMXK9pPgy9txAF8rei+sVdB5Wsl96Pd9dzEn0uJSYBneyKOom89BMbfIRO+0=,iv:iP3YmOrd0+w9cYixGMB/NbIGNwKsR01uLVS5d+PT7Mg=,tag:e6VrobiSp5FB7NrtqfaSBg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 From 36532e3a14e46959e9f849427b92e3bcbcb3dcbd Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 24 Nov 2023 09:31:29 +0530 Subject: [PATCH 498/742] added the search path (#2133) --- .../helm/charts/health-services/health-location/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-location/values.yaml b/deploy-as-code/helm/charts/health-services/health-location/values.yaml index 50427e5033..e1d6106731 100644 --- a/deploy-as-code/helm/charts/health-services/health-location/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-location/values.yaml @@ -49,7 +49,7 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service-legacy - - name: EGOV_SERVICES_EGOV_MDMS_SEARCHPATH + - name: EGOV_SERVICES_EGOV_MDMS_SEARCHPATH value: "egov-mdms-service-legacy/v1/_search" {{- if index .Values "gmaps" }} - name: GMAPS_API_KEY From 82bb4a6f04e41b40443078bfba0d8ca541519d03 Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Fri, 24 Nov 2023 12:24:01 +0530 Subject: [PATCH 499/742] Updated config path of audit-service (#2134) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index d14e765ead..73dda2794e 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -335,7 +335,7 @@ works-inbox-service: #########---core-services---######### audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/expense-bill-payment-persister.yaml" + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/expense-bill-payment-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" From 8e3f18c89deb0aa05342416376c11e63ff487f1e Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Fri, 24 Nov 2023 16:17:07 +0530 Subject: [PATCH 500/742] HCM location svc Updated values.yaml #2138 (#2138) Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../helm/charts/health-services/health-location/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-location/values.yaml b/deploy-as-code/helm/charts/health-services/health-location/values.yaml index e1d6106731..ec30b97b8b 100644 --- a/deploy-as-code/helm/charts/health-services/health-location/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-location/values.yaml @@ -15,7 +15,7 @@ ingress: initContainers: dbMigration: enabled: true - schemaTable: "health_location_schema" + schemaTable: "egov_location_schema" image: repository: "health-location-db" From 75717abea363cda2b739d10221b44af3169c0ce6 Mon Sep 17 00:00:00 2001 From: Bhavya-egov <137176879+Bhavya-egov@users.noreply.github.com> Date: Fri, 24 Nov 2023 17:56:03 +0530 Subject: [PATCH 501/742] updated audit service in unified-UAT (#2139) * updated audit service in unified-UAT * Updated unified-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-uat.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 2528d4961a..88e4fbc385 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -45,6 +45,7 @@ cluster-configs: data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" + audit-service: "http://audit-service.egov:8080/" billing-service: "http://billing-service.egov:8080/" collection-services: "http://collection-services.egov:8080/" collection-masters: "http://collection-masters:8080/" @@ -284,6 +285,14 @@ egov-pg-service: egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/audit-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/household-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/hcm-moz-impl-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/facility-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/referral-management-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/egov-persister/mdms-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UNIFIED-UAT" + egov-mdms-service: replicas: 1 memory_limits: "512Mi" From 549eda4a85177d481403f4df9cc29f4c8e4a7dcd Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Sun, 26 Nov 2023 17:02:47 +0530 Subject: [PATCH 502/742] updated inbox config --- deploy-as-code/helm/environments/sanitation-qa.yaml | 9 +++++++++ deploy-as-code/helm/environments/unified-health-qa.yaml | 9 +++++++++ deploy-as-code/helm/environments/unified-qa.yaml | 9 +++++++++ deploy-as-code/helm/environments/unified-urban-qa.yaml | 9 +++++++++ deploy-as-code/helm/environments/unified-works-qa.yaml | 9 +++++++++ 5 files changed, 45 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 32dccd70ee..42ac81ee9d 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -392,6 +392,15 @@ report: branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + pdf-service: initContainers: gitSync: diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 786e08fb75..a3b3b8bbb2 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -182,6 +182,15 @@ health-ui: ';" +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + egov-filestore: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 4e7292fd36..57b3aa8222 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -215,6 +215,15 @@ project: project-default-limit: 100 project-search-max-limit: 200 +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + egov-user: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index e43313ec82..40d4f29da4 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -185,6 +185,15 @@ egov-idgen: java-args: -Dspring.profiles.active=monitoring autocreate-new-seq: "true" +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 73dda2794e..d93d521a51 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -275,6 +275,15 @@ works-management-service: tracing-enabled: true java-enable-debug: true +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + ifms-adapter: tracing-enabled: true java-enable-debug: true From 0b51b1e02dba3011b5663989365c2678aeb2fc79 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 27 Nov 2023 17:11:40 +0530 Subject: [PATCH 503/742] helm changes for revised contract (#2141) --- .../digit-works/backend/contracts/values.yaml | 13 +++++++++++++ .../helm/environments/unified-works-dev.yaml | 2 ++ 2 files changed, 15 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml index c3d6255358..fd1f03b948 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml @@ -114,6 +114,11 @@ env: | configMapKeyRef: name: egov-service-host key: muster-roll-service + - name: WORKS_MEASUREMENT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: measurement-service - name: CONTRACT_KAFKA_CREATE_TOPIC value: "save-contract" - name: CONTRACT_KAFKA_UPDATE_TOPIC @@ -159,4 +164,12 @@ env: | {{- if index .Values "contract-cbo-url-endpoint" }} - name: CONTRACT_CBO_URL_ENDPOINT value: {{ index .Values "contract-cbo-url-endpoint" | quote }} + {{- end }} + {{- if index .Values "contract-revision-measurement-validation" }} + - name: CONTRACT_REVISION_MEASUREMENT_VALIDATION + value: {{ index .Values "contract-revision-measurement-validation" | quote }} + {{- end }} + {{- if index .Values "contract-revision-max-limit" }} + - name: CONTRACT_REVISION_MAX_LIMIT + value: {{ index .Values "contract-revision-max-limit" | quote }} {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 666bf7bd45..41c7f14575 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -219,6 +219,8 @@ contract-service: works-contract-service-code: "WORKS-CONTRACT" contract-workflow-business-service: "CONTRACT" contract-workflow-revision-business-service: "CONTRACT-REVISION" + contract-revision-measurement-validation: true + contract-revision-max-limit: 2 contracts-revision-topic: "contracts-revision" contract-workflow-module-name: "contract-service" contract-cbo-url-host : "https://unified-dev.digit.org" From 1f68ca9dcb4b27689c32f2026a4ea0de3761a88d Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Mon, 27 Nov 2023 17:12:33 +0530 Subject: [PATCH 504/742] added helm chart config for revision estimate (#2140) * added helm chart config for revision estimate * added values for estimate --- .../charts/digit-works/backend/estimates/values.yaml | 10 ++++++++++ .../helm/environments/unified-works-dev.yaml | 3 +++ 2 files changed, 13 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml index d821529256..e8491e138f 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -84,6 +84,16 @@ env: | configMapKeyRef: name: egov-service-host key: egov-location + - name: EGOV_CONTRACT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: contract-service + - name: EGOV_MEASUREMENTSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: measurement-service - name: EGOV_MDMS_HOST_V2 valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 41c7f14575..2cb8e5e8ab 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -622,6 +622,9 @@ estimates: estimate-default-limit: 100 estimate-search-max-limit: 200 estimate-workflow-business-service: "ESTIMATE" + estimate-revision-workflow-business-service: "REVISION-ESTIMATE" + estimate-revision-measurement-validation: "true" + estimate-revision-max-limit: 3 heap: "-Xmx512m -Xms512m" memory_limits: 512Mi From c27f5891c316ad5bfe02ecffa70ccc1408c8bdd9 Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Tue, 28 Nov 2023 12:37:33 +0530 Subject: [PATCH 505/742] [DPG-2011] Increased the memory_limit of boundary-service to 512 (#2144) --- deploy-as-code/helm/environments/unified-dev.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e95402e8f1..81aa367a36 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -246,6 +246,9 @@ prometheus-postgres-exporter: mdms-v2: memory_limits: 512Mi +boundary-service: + memory_limits: 512Mi + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" From ca91de8a0ae82989a8d3469bb4642435d1ed9970 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 28 Nov 2023 14:47:17 +0530 Subject: [PATCH 506/742] added helm chart for egov-mdms-create service (#2145) --- .../egov-mdms-create/Chart.yaml | 26 ++++ .../templates/deployment.yaml | 2 + .../egov-mdms-create/templates/ingress.yaml | 2 + .../egov-mdms-create/templates/service.yaml | 2 + .../egov-mdms-create/values.yaml | 115 ++++++++++++++++++ .../helm/environments/unified-health-uat.yaml | 16 +++ 6 files changed, 163 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/egov-mdms-create/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/Chart.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/Chart.yaml new file mode 100644 index 0000000000..1d648fe452 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: egov-mdms-create +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/service.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml new file mode 100644 index 0000000000..2eb12da08d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml @@ -0,0 +1,115 @@ +# Common Labels +labels: + app: "egov-mdms-create" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "egov-mdms-create" + +# Init Containers Configs +initContainers: + gitSync: + enabled: true + repo: "git@github.com:egovernments/egov-mdms-data" + branch: "master" + +# Container Configs +image: + repository: "egov-mdms-create" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/egov-mdms-create/health" + readinessProbePath: "/egov-mdms-create/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" +mdms-path: "/work-dir/egov-mdms-data/data" +mdms-git-url: "" +mdms-folder: "egov-mdms-data" +masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" +git-repo-path: "file:///work-dir/egov-mdms-data/" +egov-repo-branch: "DEV" +branch: "master" + +# Additional Container Envs +env: | + - name: SERVER_CONTEXT_PATH + value: /egov-mdms-create + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: mdms-service-create + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SERVER_PORT + value: "8080" + - name: EGOV_MDMS_CONF_PATH + value: {{ index .Values "mdms-path" | quote }} + - name: EGOV_DATA_ROOT_FOLDER + value: data + - name: EGOV_REPO_OWNER + value: egovernments + - name: EGOV_REPO + value: {{ index .Values "mdms-folder" | quote }} + - name: EGOV_REPO_BRANCH + value: {{ index .Values "egov-repo-branch" | quote }} + - name: EGOV_MDMS_GIT_URL + value: {{ index .Values "mdms-git-url" | quote }} + - name: EGOV_MDMS_FOLDER + value: {{ index .Values "mdms-folder" | quote }} + - name: MASTERS_CONFIG_URL + value: {{ index .Values "masters-config-url" | quote }} + - name: GIT_REPO_PATH + value: {{ index .Values "git-repo-path" | quote }} + - name: RELOAD_PATH_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: RELOAD_PATH_ENDPOINT + value: /egov-mdms-service/v1/_reload + - name: RELOADOBJ_PATH_ENDPOINT + value: /egov-mdms-service/v1/_reloadobj + - name: SEARCH_PATH_ENDPOINT + value: /egov-mdms-service/v1/_search + - name: FILEPATH_RELOAD + value: "false" + - name: RELOAD_ENABLED + value: "false" + - name: CACHE_FETCH_ENABLED + value: "true" + - name: EGOV_GITHUB_USER + valueFrom: + secretKeyRef: + name: hcm-moz-impl + key: githubusername + - name: EGOV_GITHUB_PASS + valueFrom: + secretKeyRef: + name: hcm-moz-impl + key: githubpat + - name: EGOV_KAFKA_TOPICS_GITPUSHPROCESS + value: mdms.create.gitpushprocess + - name: EGOV_KAFKA_TOPICS_GITPUSHPROCESS_KEY + value: mdms.create.gitpushprocess.key + {{- if index .Values "branch" }} + - name: BRANCH + value: {{ index .Values "branch" | quote }} + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index e13465d481..f82454a9a2 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -310,6 +310,22 @@ health-mdms-v1: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring +egov-mdms-create: + heap: "-Xmx256m -Xms256m" + replicas: 1 + images: + - egovio/egov-mdms-create + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + git-repo-path: "file:///work-dir/egov-mdms-data/" + egov-repo-branch: "UNIFIED-UAT" + java-args: -Dspring.profiles.active=monitoring + egov-indexer: heap: "-Xmx512m -Xms512m" memory_limits: "768Mi" From 9da0e6580534ff14be4c8faaf5e8cdf407f9c3d8 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 28 Nov 2023 15:40:40 +0530 Subject: [PATCH 507/742] added ingress in egov namespace for egov-create service (#2146) --- .../helm/charts/health-services/egov-mdms-create/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml index 2eb12da08d..f82d770ca6 100644 --- a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml @@ -10,6 +10,7 @@ ingress: enabled: true zuul: true context: "egov-mdms-create" + namespace: egov # Init Containers Configs initContainers: From 410fed10180d9f95986cc321cb2dbe3d12b5b62b Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Tue, 28 Nov 2023 15:57:34 +0530 Subject: [PATCH 508/742] Added the end point for fileStore service (#2147) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index bbba69b9d0..5fee505308 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -190,6 +190,8 @@ env: | configMapKeyRef: name: egov-config key: egov-services-fqdn-name + - name: FILE_STORE_SERVICE_END_POINT + value: filestore/v1/files/url - name: JAVA_OPTS value: {{ index .Values "heap" | quote }} - name: JAVA_ARGS From 339bc2674d68e654eacb3700ec1cc23e6105c429 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 29 Nov 2023 12:34:30 +0530 Subject: [PATCH 509/742] Update values.yaml, adding individual host to vendor-service (#2149) --- deploy-as-code/helm/charts/sanitation/vendor/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml index 6a47108122..f2611dfc57 100644 --- a/deploy-as-code/helm/charts/sanitation/vendor/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/vendor/values.yaml @@ -60,6 +60,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-hrms + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: egov-vendor-services - name: PERSISTER_SAVE_VENDOR_TOPIC From 77127a27ee7d809c3639ba7bf80f97ebd29ff1f9 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Wed, 29 Nov 2023 12:39:27 +0530 Subject: [PATCH 510/742] updated secret-ref for hcm-moz-impl service (#2150) --- .../cluster-configs/templates/secrets/hcm-moz-impl-secret.yml | 2 ++ .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml index 633e1ab65d..e7ad3b5d04 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml @@ -12,5 +12,7 @@ data: githubpat: {{ index . "githubpat" | b64enc | quote }} dhis2user: {{ index . "dhis2user" | b64enc | quote }} dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} + awskey: {{ index . "aws-key" | b64enc | quote }} + awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 5fee505308..8a8255bbeb 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -387,12 +387,12 @@ env: | - name: EGOV_AWS_CREDENTIALS_ACCESS_KEY valueFrom: secretKeyRef: - name: egov-filestore + name: hcm-moz-impl key: awskey - name: EGOV_AWS_CREDENTIALS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: - name: egov-filestore + name: hcm-moz-impl key: awssecretkey - name: EGOV_CLUSTER_ENDPOINT_URL valueFrom: From 200f4661f41bc4a333734042cff13eb80eca17a8 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 29 Nov 2023 14:00:51 +0530 Subject: [PATCH 511/742] updated hcm-moz-impl sercrets in unified-health-uat env --- .../helm/environments/unified-health-uat-secrets.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index be0adc6006..5d9bd3539b 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -63,6 +63,8 @@ cluster-configs: githubpat: ENC[AES256_GCM,data:nnzYNsG1M6Elx/cfEXKlrSxPpJ1WyieiN27Jw9HSO2e9rYsRAIV0GshexjdxgEsJCIIBmKFtqwD9s7HC5HzH40/8gjvXGuiUg962n8EN0JbaUxpawFoyDeLQDNty,iv:6L2FYcaWPf/GS2A4r4aaGFBUuM4dpt7muc+fER5HYPU=,tag:s64J1jkbf5nj1jKUsN7Siw==,type:str] dhis2user: ENC[AES256_GCM,data:JodZLOU=,iv:5b9QSaojlc3P7TGXq/kS7T+WyAWx2NdVz8I7MS57FAM=,tag:83O+P8+9Xz+8CpvB4IuYDw==,type:str] dhis2pass: ENC[AES256_GCM,data:MHHsqW3AXoA=,iv:+tsavoR/G7BGBWcE99zulaFw8y6YXYg33BCX2B6X4yg=,tag:v5rW4utuMVRT6w6nJmn+jg==,type:str] + awskey: ENC[AES256_GCM,data:nsHGnr4nD8AQvjj466T9y72/qZo=,iv:b42Hw6M3TqMV4O5/teLWZqXbLuqIPtogEwxMuefOqQY=,tag:BoZyY/yMqQXnXMc+5m/3pQ==,type:str] + awssecretkey: ENC[AES256_GCM,data:Ra2F9b9NBKdCBudwxF2eMJXaHvhw0qiWJwxyvdwaBBtlzNwgPW6AaA==,iv:u8KbQkc9d+xlXCyqQyWjDlxYoD2I5pcrqyWRD90cdz0=,tag:Sst6smerbo3xVQf9FSdafA==,type:str] alertmanager: config: global: @@ -99,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-21T14:25:23Z" - mac: ENC[AES256_GCM,data:w6h3JNDmJTKuEXk1P3gslzgOKHi5D7l2Z9vRtyR62cHcjddQ0pf851ytgNsVA1NWFr5AABIu8vu4SZGzqFpst+TLNOFZp/Y54jr2OJYKyMirI9nq0cAdD48u5mhZTqf0CWoeRy/rp33Vo1UGkpdQOWXcYBRmJzkgrYoST376xs8=,iv:We9x07zfI2vI+TMcQoTFwxafv/RZCJfQAB5KJ7Q6+Q4=,tag:M5d0HyYUduJn49cs7Aeizg==,type:str] + lastmodified: "2023-11-29T08:30:05Z" + mac: ENC[AES256_GCM,data:dY/f+O40cRxc+FyEvT5XkEauMSZShHvMq3W6Wfy74g7bpa1Ai2rB/WCkb9ufWQqhbZdHQRGaX6uQKlSPgq2rY4cLvQ4GcFdW5DqMpL+3Niw0lhP138qrFf02Oz262kimY7oTM7Ph0cLrJwE6+j4LavbiOBOpBPtLRTfpzW0c2VQ=,iv:zjVcVBV+NX9NmOZb7K2KUAWWfSKxtMTEfpM47LqlNhM=,tag:D8uUfqH5CGwvijqICZs/qg==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | From 756c8e06ee27a6cbba0ac7b4cbf318dd0585522c Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 29 Nov 2023 15:03:52 +0530 Subject: [PATCH 512/742] updated hcm-moz-impl sercrets in unified-health-uat env --- .../helm/environments/unified-health-uat-secrets.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index 5d9bd3539b..0f70a7d953 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] hcm-moz-impl: kubeconfig: ENC[AES256_GCM,data:nBw8gysBSfcxHtVSOgAa+F0Luy3vuwvZSJ5X6ID7yDGoPxsQt3iXL8C+H4zAW83pEw5CX/1cEElQ1wcXJC86nLofwC81ZttavCOhM89yag12AY2ZTcQlAbArQ99+png1tZI3VcJa5a3uGwiSRmU9PFsH5+miXmTNaVdorlVekW/8E2RSvKd1H5VAQ8WOQMTJoSMCdhK7LRB8pF9d4BdXbbrlC+tKOb+aMlzpGbPDBKlAjQ2Fapv+0SBzWnmRnlWmcrX0/VSvEPpx1G9evKpTDNR8Xo4gaR/PzGn9NNzpQNxPQOGPsphAioQ3lESNrRjYN8ErCl4nOR1SVazE+PMwGC8GzysCEl0ep7oKbqZnumbHbInoc+6Tsjot/KXG5ByZGLRx9/7+o84t8mMccdCeSGQiqqnbI8VCmfWVCjzNG2ND4KpF5fBo1eA2DaEI97XBY0/wZiKQEtPmfkpLwb6tbZ/f5AkAUT3wi1sIwi3MqpS0PbBIMia7OONdEw37MNmAn65yitz1Y8x4+6PeUo2j0kCXhThyfz8SSDOQquF9QxrhaSJTBHqDGD2WXe9LEg9YjUwoGFMRtc8ZWRS8Y33S4wwmlzZzxiKCaj/R50IyITrLqUow18bgrZxq1lY2Tb2ygWbGa0ix+XKFqCUBIOO7cwN66GyeLxFwnqjsnu2uHXioY42HHLIlbaMWtU1FGAcltAzDKQBLn2DGCg4BQXh9ycMijurO0MAlpibI4eDjb98agyisSrGEfSUH2k7fGls3v5uhJJOve/dL0oHkUi2LqnN8xwkRz5GtZJUIbJQCjIyKt5/YcGeMgYXSHXQxo+TpngVi27eouZd9J20IF7kn0cc8FHDgX9MmIH91BQ3UmTUogy3QfQHT3PKjMk2z/8/DtgOB3DUjJp1gsQivNeEoufgzXcaxXz3uyKCnzIyR8SIRbvY9U5uspLQJWjQcbHkvi2vSxLE64rsHI6OLH9OBMKAVluIxLMRrQXX2tzJG0c/Y9g+QxiSNVn7cIWzbdOlJsDz6qfD2HBZyfW6jjtymD/1NX7eCbnTw+iyDzFqZ/tKnnaj1vGak62/XGRwT0jrBt8td7N1Ebj/xMmLsd66nuSfF9TZXXVa3gWhqx9xQrXo5hLStQvNQt5UlvOZBhArVdp2gZ2hHNH2azSgLSf9HegZmLfil5H0Mt1uqqV/eZYo1PkgClNalzv/Bq/RO0ig53aIv6ko3xYUYZjhttYPxZ6q33KzDTJJG+2tC7h+XeMDfNKmb5MsuNA4b2znXAuz6g5DT0qgPVL6BnrR8ZER8C6FD0oA+xhc3faWlS4JkQIMtfXme2OQhG1rq2hSMzfG1kUfhFrtZjiyP0hRx47GEZbWeCOiFVRdjOQYq/+KxReSzxKAOEY6HEVwunxIA4Xe+bLXTs3VMJOdg9nPQBy0qwNVThtb5r01sghmDObPZnXRNbGUU5qi37dVHPy3iQSrL05Nwj2KOClRo54n9NbIB62bqvi51Gep+6qeL/KMo90XRQcWZgn/oZibZNovK8xmCvZ+QFeTJa8H+AdjaBeJWxc8DfLdGY0gHwFnZUrrBJv4YdLVnpXrbwbWaOrIDJ9ktej4v9ae/r2QS/4xzLryYK4gw6bp6A7uKGBeytYDfY8G3xK8jB50AD2sIBBPRpf/BwsORJGCHQCRGHfHXsKI3V6RF1Pi+7WDBndKQQMmyurfpsPY2rgLftTqc++39CjjGqt/kQ9ntgA//xl1ahdIxqCeMkFfsI+gxCXXN+Jdm7Ynu509wi9bb8R//G3UIReLkJkJv5xtl6DBLLLXzYdvBAR8Q6UHxihLX0yugxonXuFu0iED/OukAt6etmjgpITVidBwdo3FqC6mByk7BXk4QgKrulKnJKMqiIQt6ry920uOldiHzqeHJpdo+VbzSrUrKOonr+iWC+szl7gaWt7kz+7U0nxcwkZQXwAg1gTl2NG1ptaPyaeEFCT7eprmHgDKfiK0P8bI6gykZUo837zCHGttsHHWQC29pQdtHBIUW0NYwyIVkptswriA2t3Q78PSgjoWV8fN0dDO34CXdRJEfvBZqy0rp1Kyk6vesNg6kdi9xrAIm4B8yWs7DLxTcl4wRvdZziYB+0F1QzJ7fiqzbfVYgSy7VYcweGSskqJYYrfdphDQY6Dfqr6MUjNqvMKw3looNXZ0JuWq1Qbr/sUdZV3nVOVeKfZFweDK4Ft3mYBwk7Oh8UVPeE1NHOjxnFIGRLS9Hb1IFyqk4zwZ0IcF17PfDZquY9ar+TjKbwS3P7tCsJ73Qx6O1RUgUPhUJDOUbxn/uC0X69jzyzK/FpXVBKGnDZ71kMQlomhvbOTXP+e3pa8lsXfoKk/boghGw026tRHXtxANQsUvg43/TiKjDd71tfmm8k0/wvrN4gg7mA4m9wSzHgxRORWC0Ekda1esV9WkrCvgVd+hUBcO5QUr0d6GZHKjESI2oJnSZDT4ItbVVKplAaWpA6p2OPph7MYggntTYssQz4lP2JM8LPoZ3FBDaWtE0ti9FDV9WbaWPQshF1H0fvXVrLBshP5JMBNY7V9dlSAuJn9b5EP9I1YCqvUnCGJKTJlcCBtAggMk6ayxeU8hfhlI7qhCDfwzlcVbSysdvPwdWcJQY9IJJhMztDY4F0sJBoGA7Dbh5MPIF0YmuHVRTGy1M9rWM0dWBBUXjEJWb9uCrLYjltitKVW2E8+g+EPoY6Q2N+XEIKk+bd6fJToiJLVh9jKdAe9Sq9Qn1NySt3H61e2fgQn9fdbvPtZLYvDXBOjCdUcC1uL1MQUqW3vCgA7mvUSeRcDbEMaPBprOEYKy4+wJGIanpXDs/cqilo7My6yJZY1KXkyLFpXyB55L+2SWAf/MfxBVzOrQeh58tlqhHCyrAn22lUCRaGamklDRL7ygWxz41M4Juee+tZh7bSs8l1m6WQRmqtZRVRUAiKD1o60DWOYynIOfijSnzGBA68KxpHOhwR04c7aVoLKUqZfUn5+quImqsWonqFbS17oDet/4JVVoEsXOlTkLSyBJt6uur7DgEvhlmRcT4DcjeOCNfg6fjmoVa9+tiHEvFHhnuFMdtCdZHhv+vOHaPvxQeU2eNgFJmUtD/18NhXUbKWUH2mrA+brpWDLJBwFbERWQS8GD8tAFisRiryBuT9aIV3HHel6ficKLYdm4vVgHCo1h5C8eseubTfFWshj9BRty+VBB98u5eOVmYv/iiAdESzQu377VYqX8T3xe6aofPAmprLmeEElwoWUpZAwX+fhTfGozlpKndJCtgNxgVUe3eTTjZlhyywGabHn01V1ZbHaTR7QpBQKWPX8FVyaZfx56THB7n5fdnh8artPuDT20GBxrYejfcQUg6svDJ+MP+VoNZV6zDXxsiqCpeN7I0MAwow3gDAe1bPJWqcG93EyutoFnipbrv9IIAUv8XR6WQEosXy/ZyK+8kzyae57ugH8gkGo5eUaXTjlfXMWnd5FOGPukn4ADBzT9kheTJyXmgJwXZDbqMl/e719gM6sKflc6jlP/z1IVVwEM2m4jQE/+Tg1phEJSLJI6zJ4SzoFK9xdDlakgo9yP63/RPejFHryeVJJVajHVXfEZw4agaZVolLOhg30QXKms+J6GBzDUKBaO3ehuphU1yC8L8FBYIp3SB6VwgA9gjLZQ6qvczdSsebZgAx2Yw1shovsDnB3jksMRGVa0zEDGOCdLwOnNhOpJ/4ihb9UfoS1h+mY5HU67kNHPL7Uvr9zYAgjLEaTfh/qvVHrVohZSj9cxAa5NHFKphYZ3hKTCNpNZ0cEVrl6wI6oHzcLK2yxZcnIe2hCOfVIpFmoB9D75axF3a9lstQWy8aoiMwPvwOGpVokcOmJZUXyUuzMklAQ5qd24c8FyTzL1zaxAnYnmhSUE19fAqZV44WeIojTcpFrFEG8nf1tXzUvy1KZibIA/UvXK41rr07FeD4TSgYhUIRT8sy/L28+WNqZe74ZrNcJfhwYAUXLZyPojS,iv:hZ/WYNkgLj17HrACE7irq7vFze1Z99bS/D4Gax2FhQE=,tag:Wk4LwC6bcor1BZRNU5wZOA==,type:str] - githubusername: ENC[AES256_GCM,data:VirKE/ScXrSxIyLYDztA,iv:JBfxOxDulrUa94rAU0clRNay8xsU9tpR0FqKl4XiyUc=,tag:JOBcsstbBnuyhwA2et8qsg==,type:str] - githubpat: ENC[AES256_GCM,data:nnzYNsG1M6Elx/cfEXKlrSxPpJ1WyieiN27Jw9HSO2e9rYsRAIV0GshexjdxgEsJCIIBmKFtqwD9s7HC5HzH40/8gjvXGuiUg962n8EN0JbaUxpawFoyDeLQDNty,iv:6L2FYcaWPf/GS2A4r4aaGFBUuM4dpt7muc+fER5HYPU=,tag:s64J1jkbf5nj1jKUsN7Siw==,type:str] + githubusername: ENC[AES256_GCM,data:6elpmrWFJ+XRHvI=,iv:LKy7cITD+enV9FoLGpi1aOo1T1yc8HKrT8GQiy38+a0=,tag:e1DdQDlEQRwtyU6fNetcpg==,type:str] + githubpat: ENC[AES256_GCM,data:vTv7K9zqWteNuLxO113ov4btfY7xahqSyIVKhTa+YEZCK+D97G4WmZ9r1nOlkYCyd209odfGuyx96z8pwuGMz9RTnba5W6ToiaRs7n7DridkuCbvTYfqJ8tLg+RQ,iv:dOygd+QjLImMKuecK4cXAowzUmGSc4lsZ/3erE1eBv0=,tag:MA6LKcIEaqQRNP92KufepQ==,type:str] dhis2user: ENC[AES256_GCM,data:JodZLOU=,iv:5b9QSaojlc3P7TGXq/kS7T+WyAWx2NdVz8I7MS57FAM=,tag:83O+P8+9Xz+8CpvB4IuYDw==,type:str] dhis2pass: ENC[AES256_GCM,data:MHHsqW3AXoA=,iv:+tsavoR/G7BGBWcE99zulaFw8y6YXYg33BCX2B6X4yg=,tag:v5rW4utuMVRT6w6nJmn+jg==,type:str] awskey: ENC[AES256_GCM,data:nsHGnr4nD8AQvjj466T9y72/qZo=,iv:b42Hw6M3TqMV4O5/teLWZqXbLuqIPtogEwxMuefOqQY=,tag:BoZyY/yMqQXnXMc+5m/3pQ==,type:str] @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-29T08:30:05Z" - mac: ENC[AES256_GCM,data:dY/f+O40cRxc+FyEvT5XkEauMSZShHvMq3W6Wfy74g7bpa1Ai2rB/WCkb9ufWQqhbZdHQRGaX6uQKlSPgq2rY4cLvQ4GcFdW5DqMpL+3Niw0lhP138qrFf02Oz262kimY7oTM7Ph0cLrJwE6+j4LavbiOBOpBPtLRTfpzW0c2VQ=,iv:zjVcVBV+NX9NmOZb7K2KUAWWfSKxtMTEfpM47LqlNhM=,tag:D8uUfqH5CGwvijqICZs/qg==,type:str] + lastmodified: "2023-11-29T09:33:33Z" + mac: ENC[AES256_GCM,data:8IdfqxJx0wCHdVsnSUKjrkSdTnDAHOIHVPz0I0F9ioA00vzwOCfBpCo0wIm0aLGytQ7tru+hWBuXJxhNkyaoPEDfcy4imFzoTF7UZydwaTvw0RFOUdQDzG5+3IYAxZKLuco6GyWk6dV5v8WUSB/JE4pXRbx8Ta3IEItGq1wVDoE=,iv:p7WV6P+ShERARC9m7Hkf6mJL647Zah7ndWjkgfKvdn8=,tag:DBM49hnbJ+HfwuP1yq96mw==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | From 0b40d1502256a967f2da132db78954becdf9a0a7 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Wed, 29 Nov 2023 15:14:14 +0530 Subject: [PATCH 513/742] SM-3184 Update sanitation.yaml (#2151) --- deploy-as-code/helm/environments/sanitation.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index a893c573fa..833eaf7427 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -148,6 +148,8 @@ cluster-configs: birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" + individual: "http://individual.egov:8080/" + employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 1f4d98a7dc8ea946a40488c1d4012e91f5f9867f Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 29 Nov 2023 15:33:45 +0530 Subject: [PATCH 514/742] changed context path from health-mdms-v2 to egov-mdms-service (#2148) * changed context path from health-mdms-v2 to egov-mdms-service * added in env SERVER_CONTEXT_PATH to egov-mdms-service * changed path to egov-mdms-service from health-mdms-v2 --- .../charts/health-services/health-mdms-v2/values.yaml | 10 +++++----- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml index 2165aef923..85619c4770 100644 --- a/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-mdms-v2/values.yaml @@ -10,7 +10,7 @@ ingress: namespace: egov enabled: true zuul: true - context: "health-mdms-v2" + context: "egov-mdms-service" initContainers: dbMigration: @@ -25,8 +25,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/health-mdms-v2/health" - readinessProbePath: "/health-mdms-v2/health" + livenessProbePath: "/egov-mdms-service/health" + readinessProbePath: "/egov-mdms-service/health" appType: "java-spring" tracing-enabled: true @@ -39,9 +39,9 @@ egov-mdms-data-save-topic: "save-mdms-data" # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH - value: /health-mdms-v2 + value: /egov-mdms-service - name: SERVER_SERVLET_CONTEXT_PATH - value: /health-mdms-v2 + value: /egov-mdms-service - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: egov-mdms-service-consumer-group - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 88e4fbc385..e132a8a607 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -73,7 +73,7 @@ cluster-configs: egov-idgen: "http://egov-idgen.egov:8080/" egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-legacy: "http://egov-mdms-service-legacy.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" From 441a2f10454e284478b1caa5ed19bbdc3f0f9cc8 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 29 Nov 2023 16:27:04 +0530 Subject: [PATCH 515/742] updated hcm-moz-impl secrets file name --- .../secrets/{hcm-moz-impl-secret.yml => hcm-moz-impl-secret.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename deploy-as-code/helm/charts/cluster-configs/templates/secrets/{hcm-moz-impl-secret.yml => hcm-moz-impl-secret.yaml} (100%) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml similarity index 100% rename from deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yml rename to deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml From c6648c9b6b50686f2a04899309d4af3448fdc139 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 29 Nov 2023 16:37:24 +0530 Subject: [PATCH 516/742] updated hcm-moz-impl secrets file name --- .../cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml index e7ad3b5d04..633e1ab65d 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml @@ -12,7 +12,5 @@ data: githubpat: {{ index . "githubpat" | b64enc | quote }} dhis2user: {{ index . "dhis2user" | b64enc | quote }} dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} - awskey: {{ index . "aws-key" | b64enc | quote }} - awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 29845992712f92e4aa28be1417f17d1ffb03979f Mon Sep 17 00:00:00 2001 From: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> Date: Wed, 29 Nov 2023 18:46:09 +0530 Subject: [PATCH 517/742] Updated zuul config from unified-qa to unified-works-qa (#2153) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index d93d521a51..cdfda80b63 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -454,18 +454,15 @@ egov-notification-sms: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> zuul: - replicas: 2 + replicas: 1 custom-filter-property: "false" tracing-enabled: "true" memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" - egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" - eventlog-enabled: "true" - eventlog-topic: "zuul-event-log" - eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 1a63473a4280fc197f5e29f4b715e24e28d9aedf Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Thu, 30 Nov 2023 14:45:09 +0530 Subject: [PATCH 518/742] Updated the boundary service to point old mdms service in unified-uat (#2154) * updated the hostname in boundary service to point to old mdms * Update values.yaml * Update unified-uat.yaml * Update values.yaml --- .../helm/charts/core-services/egov-location/values.yaml | 4 +++- deploy-as-code/helm/environments/unified-uat.yaml | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml index 929a44c800..6b7f9267af 100644 --- a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml @@ -46,7 +46,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-mdms-service + key: {{ .Values.mdmsHost | default "egov-mdms-service" }} + - name: EGOV_SERVICES_EGOV_MDMS_SEARCHPATH + value: {{ .Values.mdmsSearchPath | default "egov-mdms-service/v1/_search" }} {{- if index .Values "gmaps" }} - name: GMAPS_API_KEY valueFrom: diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index e132a8a607..7e41a37e5c 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -378,6 +378,9 @@ report: branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/health/reports/reportFileLocationsv1.txt" +egov-location: + mdmsHost: "egov-mdms-service-legacy" + mdmsSearchPath: "egov-mdms-service-legacy/v1/_search" egov-localization: replicas: 1 From 63525202c51591f7146838bc854a40c5a30d5def Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Thu, 30 Nov 2023 19:02:18 +0530 Subject: [PATCH 519/742] Updated tenant in UAT env changed pg to mz (#2156) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 7e41a37e5c..dab57ff07c 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-uat.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" + egov-state-level-tenant-id: "mz" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From e791cfcdf5cc9ccd062a50b4b64d306ab6b2dad0 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 1 Dec 2023 11:43:42 +0530 Subject: [PATCH 520/742] updated hcm-moz-impl secrets file name --- .../cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml index 633e1ab65d..6367ba6bf9 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml @@ -1,5 +1,6 @@ {{- with index .Values "cluster-configs" "secrets" "hcm-moz-impl" }} {{- if index . "kubeconfig" }} +{{- if index . "aws-secret-key" }} apiVersion: v1 kind: Secret metadata: @@ -12,5 +13,7 @@ data: githubpat: {{ index . "githubpat" | b64enc | quote }} dhis2user: {{ index . "dhis2user" | b64enc | quote }} dhis2pass: {{ index . "dhis2pass" | b64enc | quote }} + awskey: {{ index . "aws-key" | b64enc | quote }} + awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} {{- end }} \ No newline at end of file From 7e94950d1c838774b4b17b840e141b0e41aa7fe5 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Fri, 1 Dec 2023 11:46:26 +0530 Subject: [PATCH 521/742] updated hcm-moz-impl secrets file name --- .../cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml index 6367ba6bf9..331fbfe39b 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/hcm-moz-impl-secret.yaml @@ -16,4 +16,5 @@ data: awskey: {{ index . "aws-key" | b64enc | quote }} awssecretkey: {{ index . "aws-secret-key" | b64enc | quote }} {{- end }} +{{- end }} {{- end }} \ No newline at end of file From 75d34c04c41a64d56d20898e5d397ca3c8ec85b1 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 1 Dec 2023 19:41:02 +0530 Subject: [PATCH 522/742] updated the host name --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index dab57ff07c..5993bfe5f0 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -74,7 +74,7 @@ cluster-configs: egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" egov-mdms-service: "http://health-mdms-v2.health:8080/" - egov-mdms-service-legacy: "http://egov-mdms-service-legacy.health:8080/" + egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 6bdc2a64def4c1ef1ad920fd7603201f0f2965ca Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Fri, 1 Dec 2023 19:56:51 +0530 Subject: [PATCH 523/742] Updated the MDMS Hostnames in unified-health-uat.yaml (#2159) * Update unified-health-uat.yaml updated mdms host names * Update unified-health-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-health-uat.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index f82454a9a2..2500404edd 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -75,9 +75,10 @@ cluster-configs: egov-idgen: 'http://egov-idgen.egov:8080/' egov-otp: 'http://egov-otp.egov:8080/' egov-common-workflows: 'http://egov-common-workflows:8080/' - egov-mdms-service: 'http://egov-mdms-service.egov:8080/' - egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' - egov-mdms-create: 'http://egov-mdms-create.egov:8080/' + egov-mdms-service: "http://health-mdms-v2.health:8080/" + egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test.egov:8080/" + egov-mdms-create: "http://egov-mdms-create.egov:8080/" egov-eis: 'http://egov-eis:8080/' egov-workflow: 'http://egov-workflow.egov:8080/' egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' @@ -747,4 +748,4 @@ hcm-moz-impl: # requests: # memory: "2Gi" # limits: - # memory: "2Gi" \ No newline at end of file + # memory: "2Gi" From e0f8878618c1b53a55e34ac5dfede8cd2997686f Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Mon, 4 Dec 2023 10:55:28 +0530 Subject: [PATCH 524/742] added health-hrms to unified-health-uat (#2160) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-health-uat.yaml | 7 +++++++ 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 8a8255bbeb..5a04b41d7e 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -63,7 +63,7 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-hrms + key: health-hrms - name: EGOV_LOCALISATION_HOST valueFrom: configMapKeyRef: @@ -343,11 +343,11 @@ env: | - name: EGOV_MDMS_CREATE_UPDATE_ENDPOINT value: /egov-mdms-create/v1/_update - name: EGOV_HRMS_CREATE_ENDPOINT - value: /egov-hrms/employees/_create + value: /health-hrms/employees/_create - name: EGOV_HRMS_UPDATE_ENDPOINT - value: /egov-hrms/employees/_update + value: /health-hrms/employees/_update - name: EGOV_HRMS_SEARCH_ENDPOINT - value: /egov-hrms/employees/_search + value: /health-hrms/employees/_search - name: EGOV_BOUNDARY_ROOT_LABEL value: Country - name: EGOV_BOUNDARY_MASTER_NAME diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 2500404edd..88b76af9a7 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -86,6 +86,7 @@ cluster-configs: egov-data-uploader: 'http://egov-data-uploader.egov:8080/' egov-indexer: 'http://egov-indexer.egov:8080/' egov-hrms: 'http://egov-hrms.egov:8080/' + health-hrms: 'http://health-hrms.health:8080/' es-client: 'http://elasticsearch-data-v1.es-cluster:9200' hr-masters: 'http://hr-masters:8080/' hr-employee: 'http://hr-employee:8080/' @@ -522,6 +523,12 @@ egov-hrms: java-args: -Dspring.profiles.active=monitoring employee-applink: "https://egov-demo.egovernments.org/employee/user/login" +health-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' + heap: '-Xmx256m -Xms256m' + memory_limits: 512Mi + # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-config: From e8bee1fe381e2b7819cdce5b8af627f0c0d3c843 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 4 Dec 2023 12:04:56 +0530 Subject: [PATCH 525/742] updated oauth2-proxy secrets --- .../helm/environments/sanitation-secrets.yaml | 8 ++-- .../unified-health-dev-secrets.yaml | 42 ++++++++-------- .../unified-urban-dev-secrets.yaml | 48 ++++++++++--------- .../unified-works-dev-secrets.yaml | 48 ++++++++++--------- 4 files changed, 79 insertions(+), 67 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-secrets.yaml b/deploy-as-code/helm/environments/sanitation-secrets.yaml index eaf232c97d..940d15a053 100644 --- a/deploy-as-code/helm/environments/sanitation-secrets.yaml +++ b/deploy-as-code/helm/environments/sanitation-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:yT/F7cLsWHtG89VVI7qbAmVXTxk=,iv:+/+Pp4VFN3ZCGR9XKbZNrzJPsV8lz+19fBwrC3Tvo1c=,tag:lgXlThijLj1Rwo/vBajz7Q==,type:str] - clientSecret: ENC[AES256_GCM,data:XqWk57Zv3fexIKJhWSxd7vDMAqlqDZnk2i43ctrGpcPpvVzmuPZH5Q==,iv:Lc/CBENbYMdMbPU3neUrbEnLZJaaKRUe0k3SwXSSSlo=,tag:IXiiFifxjD2B3/O6J+1PeA==,type:str] + clientID: ENC[AES256_GCM,data:Pn/QWAyDeoNVOG/0iZbD+CXiOek=,iv:3YgQsS3lGYXrEZIqCSp0IdaeihCJBu6nC8NiLgoQgeY=,tag:Evk7P8vgpqq8Z67Gg9UiXw==,type:str] + clientSecret: ENC[AES256_GCM,data:9lKcBjsMuaUocc2KOl6fDOKUjCUxb9o5lkCG5XPcVa9a8GN6kKDeYQ==,iv:t1ryCnubco7Gp+ktbIqbGR3EKWpRERee541pQCPoASI=,tag:Nj2KqKm2sxZbOrY1i0a1PQ==,type:str] cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] minio: accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-04-11T06:22:14Z" - mac: ENC[AES256_GCM,data:ja9HWlgWrIJ0z4ujxZbnDo2yMHn71oJ8J4N+vK5AEwvlfOcRyVWHpoFafGhXFx3v8wt5ld0uAK62PhJSuGJ+Cp3JROycj8jnhPLJwLRB9hF7U2c8zUjlvoM0ByartA47AjH5Kf1bNzcUIcWUoN3LS9uZttSpfORKhwl7I/qmVP4=,iv:SbYRWPWpYBwNTp+UyuTUMGmZa55MBYmdejGj+IMV2Ik=,tag:NpUjOB7JV9VSQLYGdFyHQQ==,type:str] + lastmodified: "2023-12-04T06:33:29Z" + mac: ENC[AES256_GCM,data:jrfasih7SE96SF73tYTK6H1WI0QoE25atirbR02TI7rzF3SUPzoIElv1oN4YzvZStApZZrFT+VSdr0ILzTbOWDJSCSBrhwGo0demi0wpDqxIbl1WYXTiMBzGATMdV8wxw0C+QfuoVE3Z/TMIomHqF2H0kXVQTqo5cSuBFisqetE=,iv:g8CBBM8qw1ZeD/a1m7sUxLTmJzh7dDDZVxtqcQBr1fQ=,tag:QRrVTDaKmS6OOQe55oBZrA==,type:str] pgp: - created_at: "2023-04-11T06:12:24Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml index dafc8bcc87..f8d2348ce0 100644 --- a/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:W893GnL9,iv:HnXjj4x10rawvgAaQCMxuQ5ODI/+6KEcWkoWymX5n1c=,tag:fs2XSVQ0iET6+gAS/rvhhw==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:HIsimknr8dB8ph0QdhPiHgOX/K4=,iv:snnML0VoNAWvhPSw8YIpxwWXghShCwdnCqN58ylGRYk=,tag:m9ZUR8mMvKz4MZXARKySaQ==,type:str] - clientSecret: ENC[AES256_GCM,data:PuWgeBTp1223+TASnJ79AqK69VSAXF2j1uL6BQJU+if7LeXUBo45PA==,iv:7qcMYvugbEe3+oonj6q5XoALolz6aNaSOnAOtpWeWpQ=,tag:dPKMkgHcYbfp+XNFAG1RFg==,type:str] + clientID: ENC[AES256_GCM,data:LPL+O0YRCdY2X4lA70OdFe871Ro=,iv:PVOjFdf2PB73vWk24X/I1lSnrg5iCKut1LYEJ4ZLA3s=,tag:m4tL59M2mbEPLmkbsN3wIw==,type:str] + clientSecret: ENC[AES256_GCM,data:rSsUotXkvAKPoCupJTO/VXPC8ugdZwd0SihZMqqhBeUuJ0pIKuBXWQ==,iv:Td+ScEFksaRMsU06mt7cDSFGrQ7w121Nvi1W4qFryE0=,tag:GWxqrrlI0nUCSchYKaqHtg==,type:str] cookieSecret: ENC[AES256_GCM,data:6E/+7kOTwhKpJI1tY675voIm9FRU1sCv,iv:Mma+ILgL3iz6BczjGHggfBwY+FAfPb1ddg5g4L6QNZU=,tag:Sah+SIR18ouotL5XIp3IWA==,type:str] minio: accesskey: ENC[AES256_GCM,data:dtCKbd6BqMqT/IRZWD6kkK4mm1s=,iv:a2di3OXB+n+/SEIhiBLjXuN4mLtxysypiSFaETBnTQo=,tag:dJolFzpCMxXgFrvcGyGYDg==,type:str] @@ -72,33 +72,37 @@ cluster-configs: route: receiver: ENC[AES256_GCM,data:G/vKE29k4jXX9u8hbZN+6sYvTA==,iv:2hHgfHr/9ih4mZOHG3sjxU2+deyEel6dMkiJNLnbcao=,tag:JZSeUcbg/yoZs1MUarP1xg==,type:str] group_by: - - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] + - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] routes: - - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] - match: + - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] + match: alertname: ENC[AES256_GCM,data:ajFoZp2FW1s=,iv:naL8WZhGKwwVr/3g88nC3d6AlvdfAZTVbzquP5GrvLo=,tag:aS6NMPlgVRDgYpQWotrwfw==,type:str] group_wait: ENC[AES256_GCM,data:1JCH,iv:L+6dATlYrACJW3Vic0oRc7gSZj7Cmu0h5Pvdz0fUWpU=,tag:ZVzDZfnmFMb/0lGa06A3gQ==,type:str] group_interval: ENC[AES256_GCM,data:b8Q=,iv:CMxaAvO9BjR8WvVqUMhsaMpffwEQj272nDccHRdkaCA=,tag:zoh5Ub7y8ZNWV1zKHXersg==,type:str] repeat_interval: ENC[AES256_GCM,data:SMHx,iv:/WM5JgJkAuZgvDLrktMUYwlbRGq+FbrDp0+uJCtKCZM=,tag:xy1d/IKmTJJK5Y3oeQqyTg==,type:str] receivers: - - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] - api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] - channel: ENC[AES256_GCM,data:Bp2uVjR3+mts3n2Q0RZA3jTnw34hdg==,iv:qrARYPL00Se1AIucwDUuUzebsFe6qNzZLCknFMeiN3I=,tag:SC1iaOiXoBgamMadBhB2Yg==,type:str] - username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] - title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] - text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] + - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] + api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] + channel: ENC[AES256_GCM,data:Bp2uVjR3+mts3n2Q0RZA3jTnw34hdg==,iv:qrARYPL00Se1AIucwDUuUzebsFe6qNzZLCknFMeiN3I=,tag:SC1iaOiXoBgamMadBhB2Yg==,type:str] + username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] + title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] + text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] templates: - - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] + - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c - created_at: '2022-09-28T09:15:01Z' - enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== + - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c + created_at: "2022-09-28T09:15:01Z" + enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-06-27T10:21:35Z' - mac: ENC[AES256_GCM,data:Aa0aTWz7UiE5AuOX0NKoiQ5jub4VRm+Dehi8i7yzUgioeyXeBP7ffqa8Idd0FP2N6U1XSeQRktHoC2v6PhzZRS0l31cjndX12z+8vQCqaDhJuM7mRydu2lVT5x28jnz7jEE0rnYSeqUbhqzdLVD8zZMorCfFYBP4oRDgeYr8J2w=,iv:VfosuSFuhVKnADxjJ/yixJJ1L57HUHfpSPfBAebGhpo=,tag:XjHMNbxvnnonQyViy5SbqA==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-12-04T06:33:47Z" + mac: ENC[AES256_GCM,data:Ko8voOcQUK4izbBOBvu5h1np82RAsKUr4Y+UugN37p874T5fnnJ0SnIITEYGB0bsWr24yYirnQAnZ7QjvkDjxMdurHr7ewLZ5+chLas/4NzrwY4iqFsJqg2JxTURq3HmR5pCOry34vxTcJSxR3xoDQECOGsrpgVFla1g54QmZsg=,iv:WiJA2s02CyyL7DJQLsnznECDgArWzJhxbEAD5LyqYng=,tag:sX4fE0o4UVI+MhgpL46BeA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml index 5b52ab8d15..014f6ed045 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:Wb2bU7Pmc1PAP99unifMuI+qTys=,iv:y7/SC/x++TShu5YOYH5fJgpUMBBextRsb5xzyIOB0qU=,tag:he2I+NvpDskBlI4WQ6UrxQ==,type:str] - clientSecret: ENC[AES256_GCM,data:4Vq3Jghf73pAH90xvNhLJ52sl3GH/gGA2L6+Dyk4lsy0TMmic9YIzw==,iv:STL6OnofD7p+bRaw6vKEVYd2XBJb0Wlm/RxywMQDW0Q=,tag:L3+xX3qKYRuCPFtX3Ew6VA==,type:str] + clientID: ENC[AES256_GCM,data:a5BMvMf2IjWhmhBnsGyPLI2bTsM=,iv:fWLMqXrXUiWwZcr1MGWsbPhrTX7Bd6SdTMEXTasyxeo=,tag:QrrHesMKX94KmX+5Lg38PA==,type:str] + clientSecret: ENC[AES256_GCM,data:3zHTCC90vHQ3ub0eVazjHtRQ7T20P4eEx/CQ3gFRP/OryZZlskTZHg==,iv:uG+UjpJjTdKrDb9m6tK/v0+DwtVwN4P8IBX1ASbQUC8=,tag:UBFErKLD9o4ZT5DZVRYkzw==,type:str] cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] minio: accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] @@ -72,36 +72,40 @@ cluster-configs: route: receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:48:05Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2020-11-10T06:48:05Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-06-22T05:01:45Z' - mac: ENC[AES256_GCM,data:h8dvwlX5sRvsOYhiJw0C/aQdzzXyhwxTuv2eGAO91Gqs/wKHQBdoiFtNBRk0JSNOk+067+E32K7sAaGiFyrRLvquHha7cRAxL6DqLY6/Ryx6Rur3218YOGBUABNIX3y9f+dIeEmwf5T6Q73FNClrb2nvwrwyJ9qJzheLvtsQ+ZM=,iv:9v27T1Wh1myNtRgfX4DP1QuoVghzRc6kH/1NDSN7YXw=,tag:RFQ8YXpGJa54HoIHi4ANxg==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-12-04T06:34:09Z" + mac: ENC[AES256_GCM,data:/X1eVy13YhGzOOHGKBVTbcON219ClN8ypku3BOg2XslVUhr409fOM2uL7u/hdgSEzyct+/q8POJdzF+doqV+u9M4t6/IjPIrjTyjsJgtXlGws3bMxzGud35iDOytik5X3wt8L5CvLYm/JqwQ3Z20YnFwL3lc7J/2tUjztu9IdWo=,iv:HWSOIeUfZ0v86+Id6Q0BSzSz0bXRWWT2z6AgOJJAmQ4=,tag:w8KoXYHqUgIfe/UliqmO+g==,type:str] pgp: - - created_at: '2020-11-10T06:48:05Z' - enc: | + - created_at: "2020-11-10T06:48:05Z" + enc: | -----BEGIN PGP MESSAGE----- hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv @@ -114,6 +118,6 @@ sops: q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== =msen -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml index 49ef61d1d5..0c20dfdfc0 100644 --- a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml @@ -59,8 +59,8 @@ cluster-configs: egov-user-chatbot: citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] oauth2-proxy: - clientID: ENC[AES256_GCM,data:Wb2bU7Pmc1PAP99unifMuI+qTys=,iv:y7/SC/x++TShu5YOYH5fJgpUMBBextRsb5xzyIOB0qU=,tag:he2I+NvpDskBlI4WQ6UrxQ==,type:str] - clientSecret: ENC[AES256_GCM,data:4Vq3Jghf73pAH90xvNhLJ52sl3GH/gGA2L6+Dyk4lsy0TMmic9YIzw==,iv:STL6OnofD7p+bRaw6vKEVYd2XBJb0Wlm/RxywMQDW0Q=,tag:L3+xX3qKYRuCPFtX3Ew6VA==,type:str] + clientID: ENC[AES256_GCM,data:Jv9IB4M/+3E8m6iHHOXj3GK+Og4=,iv:IuDvZ+ppRY3NDopFM2ka4wtCsqc86qkUIcr+09fhU04=,tag:Cgyzu6hKyNbK0vuOQ97Z3Q==,type:str] + clientSecret: ENC[AES256_GCM,data:7V6OhyCGV2KpbSeu+WR3+/EPB+YXVpnMKoF3MxJ/KsH1SYW29j4Luw==,iv:KLKOd2sFFD0PJiDEceYTOuWoJqe8yCxV192VGNzX/Zc=,tag:pBfrHKtFWIBs993SCEiGWQ==,type:str] cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] minio: accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] @@ -72,36 +72,40 @@ cluster-configs: route: receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] + - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: + - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] + match: alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] + - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] + api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] + channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] + username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] + title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] + text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] + - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] sops: kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2020-11-10T06:48:05Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2020-11-10T06:48:05Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== + aws_profile: "" gcp_kms: [] - lastmodified: '2023-08-16T12:04:22Z' - mac: ENC[AES256_GCM,data:tNpER4y2KIswW/ySaAoa4r6Mwi9mbpIi+ndSB+Q6GBW7s6wz9NXGi9bnMTkrCXFpEPi960HoCIx99iLKMBc2/pZ5J4oqzBraoThEohKd5nDRWGXKS0zeV4C83nQkrlF/lcIN03b3Bxdd4swd+cpdE1aNv9xK3PdmRLlJ2IH6K/E=,iv:dNqs1PW9FqU2z0ee/XnodXpiCMmqt45bGE0jAl3T8ds=,tag:+HdeYX6esf8s6jvep/pSTg==,type:str] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2023-12-04T06:34:26Z" + mac: ENC[AES256_GCM,data:/mgRImLMAyWcPYdv9bZrP6EhwLP1rLLMUgHaW9Atrh8DU4AagzZMCSor+jYAeJfzSQXJwdsQIm1khpctszVmFTXnog4Zd6T8PgHmAnQsn0z4XPjCLs5vChIRVhHtTW7KQOtiymY3nX50fTws2+MeJ52Oe+Is6AH2NkVCxST7ML0=,iv:ipS/Jx2UEEjg3pFPPBYBP4TIEIXSovn1YNKK8Wqzo6k=,tag:lN+QaKvrmxRt1KXccKdGQA==,type:str] pgp: - - created_at: '2020-11-10T06:48:05Z' - enc: | + - created_at: "2020-11-10T06:48:05Z" + enc: | -----BEGIN PGP MESSAGE----- hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv @@ -114,6 +118,6 @@ sops: q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== =msen -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 + fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 unencrypted_suffix: _unencrypted version: 3.7.3 From f52c05494146a8320b47d1ec1310e7c714124a8a Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Mon, 4 Dec 2023 14:43:11 +0530 Subject: [PATCH 526/742] added a environment config for core ui (#2161) --- deploy-as-code/helm/environments/unified-uat.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 5993bfe5f0..8bd602b482 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -179,6 +179,12 @@ workbench-ui: sub_filter '' ' ';" +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + egov-filestore: volume: /opt/eGov/filestore is-bucket-fixed: "true" From bef85dcc914fec5296f51314a246842e6509d126 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 4 Dec 2023 16:30:22 +0530 Subject: [PATCH 527/742] added fielstore host for document verification (#2162) --- .../helm/charts/digit-works/backend/contracts/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml index fd1f03b948..0ffba3ca17 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/contracts/values.yaml @@ -119,6 +119,11 @@ env: | configMapKeyRef: name: egov-service-host key: measurement-service + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore - name: CONTRACT_KAFKA_CREATE_TOPIC value: "save-contract" - name: CONTRACT_KAFKA_UPDATE_TOPIC From c4efad5b1f776eb8d1e9e1d0e60a6e402897f921 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Mon, 4 Dec 2023 16:34:06 +0530 Subject: [PATCH 528/742] added helm chart config for revision estimate (#2163) * added helm chart config for revision estimate * added values for estimate * added filestore helm chart values --- .../helm/charts/digit-works/backend/estimates/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml index e8491e138f..2f0ffe9e4e 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -99,6 +99,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service-v2 + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore - name: ESTIMATE_KAFKA_CREATE_TOPIC value: "save-estimate" - name: ESTIMATE_KAFKA_UPDATE_TOPIC From 5dbd90637dca020e3c483a3a670715b66b9b5bbb Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 5 Dec 2023 10:50:42 +0530 Subject: [PATCH 529/742] Update unified-health-uat.yaml --- deploy-as-code/helm/environments/unified-health-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 88b76af9a7..fd5da7f6d9 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -78,7 +78,7 @@ cluster-configs: egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test.egov:8080/" - egov-mdms-create: "http://egov-mdms-create.egov:8080/" + egov-mdms-create: "http://egov-mdms-create.health:8080/" egov-eis: 'http://egov-eis:8080/' egov-workflow: 'http://egov-workflow.egov:8080/' egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' From 6b30846749fde10a2753dc29467c8099ad9f55fc Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:22:24 +0530 Subject: [PATCH 530/742] Unified-UAT :: Updated the xlsx configuration (#2164) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 8bd602b482..beddf0fa76 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -192,7 +192,7 @@ egov-filestore: aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 fixed-bucketname: filestore bucket name ## Add filestore bucket name From 1bfc2da4f37bcfeea78356fe1603eb9c9fb62bcc Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:34:14 +0530 Subject: [PATCH 531/742] changed mdms endpoint from v2 to v1 (#2165) --- .../charts/health-services/egov-mdms-create/values.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml index f82d770ca6..e5b17d7693 100644 --- a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml @@ -79,13 +79,13 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-mdms-service + key: egov-mdms-service-legacy - name: RELOAD_PATH_ENDPOINT - value: /egov-mdms-service/v1/_reload + value: /egov-mdms-service-legacy/v1/_reload - name: RELOADOBJ_PATH_ENDPOINT - value: /egov-mdms-service/v1/_reloadobj + value: /egov-mdms-service-legacy/v1/_reloadobj - name: SEARCH_PATH_ENDPOINT - value: /egov-mdms-service/v1/_search + value: /egov-mdms-service-legacy/v1/_search - name: FILEPATH_RELOAD value: "false" - name: RELOAD_ENABLED From f463d5733adebbebe21fbc6e78f8f9cf77ea62aa Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Tue, 5 Dec 2023 12:49:20 +0530 Subject: [PATCH 532/742] HCM Ingestion service updated branch details for mdms (#2166) --- .../helm/charts/health-services/egov-mdms-create/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml index e5b17d7693..57db859ae5 100644 --- a/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml +++ b/deploy-as-code/helm/charts/health-services/egov-mdms-create/values.yaml @@ -37,7 +37,7 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" git-repo-path: "file:///work-dir/egov-mdms-data/" egov-repo-branch: "DEV" -branch: "master" +branch: "UNIFIED-UAT" # Additional Container Envs env: | From 5d8d9f8f232964332820c8dfbcf67cf5fba83b1e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 5 Dec 2023 14:32:02 +0530 Subject: [PATCH 533/742] updated filestore credentilas in the UAT env's --- .../charts/core-services/egov-url-shortening/values.yaml | 4 ++-- .../helm/environments/sanitation-uat-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- .../helm/environments/unified-health-uat-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-uat-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- deploy-as-code/helm/environments/unified-urban-qa.yaml | 2 +- .../helm/environments/unified-urban-uat-secrets.yaml | 8 ++++---- .../helm/environments/unified-works-uat-secrets.yaml | 8 ++++---- deploy-as-code/helm/environments/unified-works-uat.yaml | 2 +- 11 files changed, 27 insertions(+), 27 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index beab2a3dd9..1e47cadcaa 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -23,8 +23,8 @@ image: replicas: "1" healthChecks: enabled: true - livenessProbePath: "/egov-url-shortening/health" - readinessProbePath: "/egov-url-shortening/health" + livenessProbePath: "/eus/health" + readinessProbePath: "/eus/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" diff --git a/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml b/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml index 60d9b45184..7340afeae7 100644 --- a/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml @@ -11,8 +11,8 @@ cluster-configs: password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + aws-key: ENC[AES256_GCM,data:x5LcCTRYCzu71f/BMP5PpZAMofg=,iv:zyZnKOyzL4rRalG6jWAq7CWkb6TeYb9LLy3hw1wZUxg=,tag:lfxwDeJYky3CMBCtI94oGw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:1D2mqDJfgQLnDvVx+RhCwkIfV+rXvxbbeexEsgOLmqYpYqOtfMKBkA==,iv:FGTpiY2F7tX7xrX9yyZMdpxLIq2Yw5RkbugW3FSqB3Y=,tag:Njx6l5y1iUyItM6UMxKp8Q==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] @@ -107,8 +107,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-09T10:33:39Z" - mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + lastmodified: "2023-12-05T08:47:54Z" + mac: ENC[AES256_GCM,data:mi4U0M5XgrEsMHfFi3nVnUB6/WdImwwbpGos05HQw+7Uv5ywoMv+xBPKUjDcb0A4qEMZu5wgdIX7CYRCstJcPNg60ohpYjV51ML/78U+7ZYu/emEFdR2mzEcgUJK811Q0d4qGFLjKnU73jmDIJIVykKqWqwUOlFsbirWf83qnbk=,iv:sZLYQAlq43ryfsDfQ7ZoV8FIEBAY7HI3wUmXlij0ejQ=,tag:FMXbiik2f+v8WJ+HltpEMA==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 552539e7e9..05d46b6a16 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -176,7 +176,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-uat-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index a3b3b8bbb2..9d6d1e1073 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -203,7 +203,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: unified-qa-filestore ## Add filestore bucket name + fixed-bucketname: unified-uat-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml index 0f70a7d953..8715691a2e 100644 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + aws-key: ENC[AES256_GCM,data:8Qr2Fix+3UTvwxEzDrCf520imDA=,iv:CDO8Me7LN0IrdPkNFIoo9Ya1KgZ0qlshNeXAlCKg4Cc=,tag:RSaBvf+gDQkNVCUR3BWUXw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:LGi2v6jRQXYv8J7QivOL6FZFnoDaySbaJ+OJiU+KYxvoTWaEA+wPBQ==,iv:j4aWvYeDN3I7RsGC+GqAP3JZCLnM5kQPzT6vU9ICxZM=,tag:QDohLQ/JE1gnEV6+v0IBdA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] egov-pg-service: @@ -101,8 +101,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-11-29T09:33:33Z" - mac: ENC[AES256_GCM,data:8IdfqxJx0wCHdVsnSUKjrkSdTnDAHOIHVPz0I0F9ioA00vzwOCfBpCo0wIm0aLGytQ7tru+hWBuXJxhNkyaoPEDfcy4imFzoTF7UZydwaTvw0RFOUdQDzG5+3IYAxZKLuco6GyWk6dV5v8WUSB/JE4pXRbx8Ta3IEItGq1wVDoE=,iv:p7WV6P+ShERARC9m7Hkf6mJL647Zah7ndWjkgfKvdn8=,tag:DBM49hnbJ+HfwuP1yq96mw==,type:str] + lastmodified: "2023-12-05T08:42:12Z" + mac: ENC[AES256_GCM,data:52Ocui6/y0dHSXAdjfWFCWrjOVq8g2y/iQMPtaZcQSwTD10/Tm1/WSLZpVV1qoc7lUzDkj155gwCjyc0JGWLg8kpo/EJZLOIRLFuPnjHBqhGBTESq4mwnTHaoMGu0X0ntL7rKAgengeVx7uDeenoJvnjO3kN2ATj1HwQG6sqoEU=,iv:Dfucie575zm+3C9HIpv+2FbUgVRfA0NVe066PgEEKa4=,tag:KOKP/v0vYHObaB8BgnQ5Ug==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-uat-secrets.yaml index 89e896b143..51f78101c7 100644 --- a/deploy-as-code/helm/environments/unified-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-uat-secrets.yaml @@ -9,8 +9,8 @@ cluster-configs: username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + aws-key: ENC[AES256_GCM,data:Rlm3HhAJkxLvqE0aQliQ/kULTjI=,iv:E0EafGnD0PbZ4dpFDOBc8oSSBNHX3N/F1UJ6c3YB1U4=,tag:/fBQzRcW4j2smE+cxDbkGw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:LP+sQivgVzPvg2ztqLPrMS4ulRF0QuSz6zMvsPgX8G+S+JZ2zENkeg==,iv:klUwB2P48cYBJRqd0JK/mJG+8VahcY25rq3aFuArZUk=,tag:szZAkBCQ1jhFvaj27/5jmA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] egov-pg-service: @@ -93,8 +93,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-10T17:19:41Z" - mac: ENC[AES256_GCM,data:JWY96OBRgbeidZ/D75ixxTHJjFck8LU6aZnMbOhNR7ltSGWM+rn9qzli/TF3dVXU4IHs7qEFmJkL5mP51iMARb9j/DOiloCNWLZRWgiBuL7KhZYvc+T7hFpMNfwftWbq39Dq3N9+gLcv7WjjnFQeEZM9EhxwZu3k4LAIzikHO6I=,iv:7eFg513+4xhSDyJGlpuUv+4GLgcDL9naN++scjtNyb8=,tag:q0Y0FkihNTvnO59lxhsUEA==,type:str] + lastmodified: "2023-12-05T08:41:36Z" + mac: ENC[AES256_GCM,data:RHHP4fDWPWVgYJtwF+vlVdglfvaoYf4qiecLhU+GyxyyBZqmUJS70Skvky4T2uqLnr2GZS0CZsEe+CSiJtjBnazP8j1t09Am2NMzS7KNoUl+FVOKgBWhCXEfMjscoYfej02kXDjmMs6vm3TLASQfLAhbRXQBYW+CnNRr3LFXg/w=,iv:UMvwDTAofMKISY212OevQcprk3Hni1CXjxnR4pj1HSI=,tag:O70Bc1xoGMSgyjlTY60wIQ==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index beddf0fa76..5d1ec74ba2 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -195,7 +195,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-uat-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 40d4f29da4..c560e052c8 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -178,7 +178,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: unified-qa-filestore ## Add filestore bucket name + fixed-bucketname: unified-uat-filestore ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" diff --git a/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml index 60d9b45184..bc3a47945f 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml @@ -11,8 +11,8 @@ cluster-configs: password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + aws-key: ENC[AES256_GCM,data:bQsqek4XG9uLH3Ny7EwZrEhhayE=,iv:uq+dBkCSItAbqcTsw08ZTxSEaomZ4z9OjNkx2yF32Bc=,tag:fxrDmM8LPWPSIrn9E4gfvw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:hImkLy6dTbS2WG4tpRN06fRj7V8Fk/ikg2KZDJ9qCLDkmEorYWauCg==,iv:D1Do/bAFSqo0lLNVx6bu2ZKDdRW+oEcRSHe+Tg7BKZE=,tag:AvoZ5H2wjaVzJDUKIUkpdA==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] @@ -107,8 +107,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-09T10:33:39Z" - mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + lastmodified: "2023-12-05T08:56:01Z" + mac: ENC[AES256_GCM,data:pZ447xQUQE/UWSNbCwLKbGNLvcoVZAFvwjOZBLiKDwx3Vq7u1nWhHBLzkgoJqOScDp7YQJRwK9ktVxL2uIsxqQjIurqjJVcqvQgBYY2P62G5CTnfFtE70JWt2xHOhYjavdAXP2h6Tl3Mumu9v5PoA6BcDUcJgJuWA4+jh8I2Gl0=,iv:dfajK5YSQqZoalCyZaB+iAZB0GDwsK9T0BAHtfTLJJE=,tag:C9a758ZpBQ1J9nvZCFw3iQ==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml index 60d9b45184..d6472e7f79 100644 --- a/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml @@ -11,8 +11,8 @@ cluster-configs: password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] egov-filestore: - aws-key: ENC[AES256_GCM,data:07CsggCDNCSQow==,iv:aA0Evu9aC8vCSkGjVRa1R1BkNLaOTp0AXJuLlh0cqoM=,tag:lQxv/Uyu2YOR2tXoZnfi7w==,type:str] - aws-secret-key: ENC[AES256_GCM,data:ei/rwy/rDwZ1Kg==,iv:3uJ6upW1AxbZkSJHUlra0u3W4Y4UFiUU6aqg1J4A+3w=,tag:mTMiiw97t8D4rIKltYFXmw==,type:str] + aws-key: ENC[AES256_GCM,data:UUCDe28vk2pNLW12A0DpyHCVNuU=,iv:lLeWXfYYx1siT7kq7x4kMPiebO5tcZmhAQGiBNVuWdw=,tag:vxdABMYotBYHnpbCIBJXSg==,type:str] + aws-secret-key: ENC[AES256_GCM,data:mB9M+8qyKLizNcCfFE0LNDfGIPJA+D94fKjsIWE2RG0KJl4ALS1W9A==,iv:s9UPlD7BHuYLEpt5smwnOSW63kFrZ4FXVaArul9AQ74=,tag:QVQJE0+lVb9PsuB10JuXxw==,type:str] egov-location: gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] @@ -107,8 +107,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2023-10-09T10:33:39Z" - mac: ENC[AES256_GCM,data:pZ77QyxtNGGD+lPXPd+lSjrMvQ6KL4W3GA+hZOiK2OnbsRLb4J0qFHZ7UdrSNbYoHGnXH3WVKurF4gcGaXDpfPLuhdft7+wrcEKFg+BqCb2jZrBuQllGlWV2FgiABx5X9q0RllIZLPZzNIYheQ5WUEiLicpVy4D4XiFbJe83snA=,iv:owNVVC0gGftgmyRXnblrSMB34jvDCXEjHilJCucPjNU=,tag:CjcOX7Qg0xCAKAxvIxi0yA==,type:str] + lastmodified: "2023-12-05T08:52:38Z" + mac: ENC[AES256_GCM,data:+GHEjF3GEN8t3+8tbqKppqaHLQPhBU6ZSOQ7X9LbZ4ehBxdIMtyW3Idrr0YmMPLecJH5LaXVsl+rdYKtvXYOWi4XXSwdfGb3tRs16HGGhbhzhJeltd7VqieecPUNBlN97fsNp04QWEu09K5MyBNlza4MahjWCbFBlkLzfNmSdz8=,iv:XdxzNxBiDj/R0Fvaa3RFd5rjmmEmSCLNgQCZfaoJRPg=,tag:41ONRfd9Vf2oyWsB6WtB/Q==,type:str] pgp: - created_at: "2023-10-09T10:33:39Z" enc: | diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index 30a944d1fa..f93bb1de45 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -347,7 +347,7 @@ egov-mdms-service: egov-filestore: is-s3-enabled: "true" - fixed-bucketname: "works-qa-filestore" + fixed-bucketname: "unified-uat-filestore" minio-enabled: false aws.s3.url : "https://s3.amazonaws.com" is-bucket-fixed: "true" From 8d0c5b90988218897d99fa272207322fb521bd87 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Tue, 5 Dec 2023 15:32:39 +0530 Subject: [PATCH 534/742] Updated the Health-hrms mdms host (#2167) * updated the mdms host for health hrms service * Update values.yaml * Update unified-health-uat.yaml --- .../health-services/health-hrms/values.yaml | 4 +- .../health-location/Chart.yaml | 26 ------- .../health-location/templates/deployment.yaml | 2 - .../health-location/templates/ingress.yaml | 2 - .../health-location/templates/service.yaml | 2 - .../health-location/values.yaml | 72 ------------------- .../helm/environments/unified-health-uat.yaml | 2 + 7 files changed, 4 insertions(+), 106 deletions(-) delete mode 100644 deploy-as-code/helm/charts/health-services/health-location/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-location/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index a0909fcaf2..9783581365 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -44,9 +44,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-mdms-service + key: {{ .Values.mdmsHost | default "egov-mdms-service" }} - name: EGOV_MDMS_SEARCH_ENDPOINT - value: /egov-mdms-service/v1/_search + value: {{ .Values.mdmsSearchPath | default "/egov-mdms-service/v1/_search" }} - name: EGOV_FILESTORE_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml deleted file mode 100644 index 4b5bde206d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-location/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: health-location -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-location/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-location/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-location/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-location/values.yaml b/deploy-as-code/helm/charts/health-services/health-location/values.yaml deleted file mode 100644 index ec30b97b8b..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-location/values.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Common Labels -labels: - app: "health-location" - group: "core" - -namespace: health - -# Ingress Configs -ingress: - enabled: true - zuul: true - context: "health-location" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "egov_location_schema" - image: - repository: "health-location-db" - -# Container Configs -image: - repository: "health-location" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health-location/health" - readinessProbePath: "/health-location/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" -gmaps: true -# Additional Container Envs -env: | - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-location-consumer-group - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "serializers-timezone-in-ist" }} - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer - {{- end }} - - name: SERVER_PORT - value: "8080" - - name: EGOV_SERVICES_EGOV_MDMS_HOSTNAME - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service-legacy - - name: EGOV_SERVICES_EGOV_MDMS_SEARCHPATH - value: "egov-mdms-service-legacy/v1/_search" - {{- if index .Values "gmaps" }} - - name: GMAPS_API_KEY - valueFrom: - secretKeyRef: - name: egov-location - key: gmapskey - {{- end }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index fd5da7f6d9..905e366f43 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -528,6 +528,8 @@ health-hrms: employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' heap: '-Xmx256m -Xms256m' memory_limits: 512Mi + mdmsHost: "egov-mdms-service-legacy" + mdmsSearchPath: "/egov-mdms-service-legacy/v1/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 046be2134a8434c6791448f2a1f19105fe088c73 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Wed, 6 Dec 2023 11:09:01 +0530 Subject: [PATCH 535/742] Added hpa configuration for core-services and metrics (#2157) --- .../backbone-services/kafka-kraft/values.yaml | 4 +-- .../helm/charts/common/templates/_hpa.yaml | 30 +++++++++++++++++++ deploy-as-code/helm/charts/common/values.yaml | 12 ++++++-- .../audit-service/templates/hpa.yaml | 2 ++ .../core-services/audit-service/values.yaml | 7 ++++- .../boundary-service/templates/hpa.yaml | 2 ++ .../boundary-service/values.yaml | 7 ++++- .../core-services/chatbot/chatbot-values.yaml | 7 ++++- .../home-isolation-chatbot-values.yaml | 7 ++++- .../core-services/chatbot/templates/hpa.yaml | 2 ++ .../egov-accesscontrol/templates/hpa.yaml | 2 ++ .../egov-accesscontrol/values.yaml | 7 ++++- .../egov-common-masters/templates/hpa.yaml | 2 ++ .../egov-common-masters/values.yaml | 7 ++++- .../egov-data-uploader/templates/hpa.yaml | 2 ++ .../egov-data-uploader/values.yaml | 7 ++++- .../egov-document-uploader/templates/hpa.yaml | 2 ++ .../egov-document-uploader/values.yaml | 7 ++++- .../egov-enc-service/templates/hpa.yaml | 2 ++ .../egov-enc-service/values.yaml | 7 ++++- .../egov-filestore/templates/hpa.yaml | 2 ++ .../core-services/egov-filestore/values.yaml | 7 ++++- .../egov-idgen/templates/hpa.yaml | 2 ++ .../core-services/egov-idgen/values.yaml | 7 ++++- .../templates/hpa.yaml | 2 ++ .../egov-index-custom-consumer/values.yaml | 7 ++++- .../egov-indexer/templates/hpa.yaml | 2 ++ .../core-services/egov-indexer/values.yaml | 7 ++++- .../egov-localization/templates/hpa.yaml | 2 ++ .../egov-localization/values.yaml | 7 ++++- .../egov-location/templates/hpa.yaml | 2 ++ .../core-services/egov-location/values.yaml | 8 ++++- .../ispirit-mdms-service-values.yaml | 7 ++++- .../egov-mdms-service/templates/hpa.yaml | 2 ++ .../egov-mdms-service/tenant-a-mdms-data.yaml | 7 ++++- .../egov-mdms-service/tenant-b-mdms-data.yaml | 7 ++++- .../egov-mdms-service/values.yaml | 7 ++++- .../egov-notification-mail/templates/hpa.yaml | 2 ++ .../egov-notification-mail/values.yaml | 7 ++++- .../egov-notification-sms/templates/hpa.yaml | 2 ++ .../egov-notification-sms/values.yaml | 7 ++++- .../core-services/egov-otp/templates/hpa.yaml | 2 ++ .../charts/core-services/egov-otp/values.yaml | 7 ++++- .../core-services/egov-pdf/templates/hpa.yaml | 2 ++ .../charts/core-services/egov-pdf/values.yaml | 7 ++++- .../egov-persister/templates/hpa.yaml | 2 ++ .../core-services/egov-persister/values.yaml | 9 ++++-- .../egov-pg-service/templates/hpa.yaml | 2 ++ .../core-services/egov-pg-service/values.yaml | 7 ++++- .../egov-searcher/templates/hpa.yaml | 2 ++ .../core-services/egov-searcher/values.yaml | 7 ++++- .../templates/hpa.yaml | 2 ++ .../egov-telemetry-kafka-streams/values.yaml | 7 ++++- .../egov-url-shortening/templates/hpa.yaml | 2 ++ .../egov-url-shortening/values.yaml | 7 ++++- .../egov-user-chatbot/templates/hpa.yaml | 2 ++ .../egov-user-chatbot/values.yaml | 7 ++++- .../egov-user-event/templates/hpa.yaml | 2 ++ .../egov-user/egov-user-enc-values.yaml | 7 ++++- .../egov-user/egov-user-values.yaml | 7 ++++- .../egov-user/templates/hpa.yaml | 2 ++ .../egov-workflow-v2/templates/hpa.yaml | 2 ++ .../egov-workflow-v2/values.yaml | 7 ++++- .../egov-workflow/templates/hpa.yaml | 2 ++ .../core-services/egov-workflow/values.yaml | 7 ++++- .../core-services/inbox/templates/hpa.yaml | 2 ++ .../charts/core-services/inbox/values.yaml | 7 ++++- .../internal-gateway/templates/hpa.yaml | 2 ++ .../internal-gateway/values.yaml | 7 ++++- .../core-services/mailbot/templates/hpa.yaml | 2 ++ .../charts/core-services/mailbot/values.yaml | 7 ++++- .../core-services/mdms-v2/templates/hpa.yaml | 2 ++ .../charts/core-services/mdms-v2/values.yaml | 8 ++++- .../templates/hpa.yaml | 2 ++ .../national-dashboard-ingest/values.yaml | 7 ++++- .../templates/hpa.yaml | 2 ++ .../values.yaml | 8 ++++- .../nlp-engine/templates/hpa.yaml | 2 ++ .../core-services/nlp-engine/values.yaml | 7 ++++- .../pdf-service/templates/hpa.yaml | 2 ++ .../core-services/pdf-service/values.yaml | 8 ++++- .../core-services/report/templates/hpa.yaml | 2 ++ .../charts/core-services/report/values.yaml | 7 ++++- .../telemetry/templates/hpa.yaml | 2 ++ .../core-services/telemetry/values.yaml | 7 ++++- .../core-services/user-otp/templates/hpa.yaml | 2 ++ .../xstate-chatbot/templates/hpa.yaml | 2 ++ .../core-services/xstate-chatbot/values.yaml | 8 ++++- .../core-services/zuul/templates/hpa.yaml | 2 ++ .../charts/core-services/zuul/values.yaml | 7 ++++- .../helm/environments/sanitation-qa.yaml | 14 ++++----- .../helm/environments/sanitation-uat.yaml | 18 +++++------ .../helm/environments/sanitation.yaml | 16 +++++----- .../helm/environments/unified-dev.yaml | 28 ++++++++--------- .../helm/environments/unified-health-dev.yaml | 14 ++++----- .../helm/environments/unified-health-qa.yaml | 10 +++---- .../helm/environments/unified-health-uat.yaml | 8 ++--- .../helm/environments/unified-qa.yaml | 12 ++++---- .../helm/environments/unified-uat.yaml | 10 +++---- .../helm/environments/unified-urban-dev.yaml | 8 ++--- .../helm/environments/unified-urban-qa.yaml | 14 ++++----- .../helm/environments/unified-urban-uat.yaml | 6 ++-- .../helm/environments/unified-works-dev.yaml | 16 +++++----- .../helm/environments/unified-works-qa.yaml | 16 +++++----- .../helm/environments/unified-works-uat.yaml | 10 +++---- 105 files changed, 502 insertions(+), 150 deletions(-) create mode 100644 deploy-as-code/helm/charts/common/templates/_hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml create mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml index 1f89099ffe..6f80c6b11c 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml @@ -568,8 +568,8 @@ controller: ## @param controller.resources.requests The requested resources for the container ## resources: - limits: {} - requests: {} + limits: 2Gi + requests: 1.5Gi ## Kafka pods' Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param controller.podSecurityContext.enabled Enable security context for the pods diff --git a/deploy-as-code/helm/charts/common/templates/_hpa.yaml b/deploy-as-code/helm/charts/common/templates/_hpa.yaml new file mode 100644 index 0000000000..f4458b23bc --- /dev/null +++ b/deploy-as-code/helm/charts/common/templates/_hpa.yaml @@ -0,0 +1,30 @@ +{{- define "common.hpa" -}} +{{- if .Values.hpa.enabled -}} +--- +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: {{ template "common.name" . }} + namespace: {{ .Values.namespace }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ template "common.name" . }} + minReplicas: 1 + maxReplicas: 1 + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: 90 + - type: Resource + resource: + name: memory + target: + type: Utilization + averageValue: 90 +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index a550d2ae8f..2b3f725e07 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -109,14 +109,22 @@ lifecycle: - -c - "sleep 10" -memory_limits: "256Mi" +memory_limits: "512Mi" +memory_requests: "256Mi" +cpu_limits: "50m" +cpu_requests: "10m" resources: | {{- if eq .Values.appType "java-spring" -}} requests: - memory: {{ .Values.memory_limits | quote }} + cpu: {{ .Values.cpu_requests | quote }} + memory: {{ .Values.memory_requests | quote }} limits: + cpu: {{ .Values.cpu_limits | quote }} memory: {{ .Values.memory_limits | quote }} {{- end -}} + +hpa: + enabled: true ## Allows specification of additional environment variables extraEnv: java: | diff --git a/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml index b1b4835cb8..a156c8cc5f 100644 --- a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "audit-service" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/audit-service/health" @@ -30,6 +30,11 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml index 2ca6fc194c..811092ab86 100644 --- a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "boundary-service" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/boundary-service/health" @@ -35,6 +35,11 @@ kafka-topics-update-boundary-hierarchy: "update-boundary-hierarchy-definition" kafka-topics-create-boundary-relationship: "save-boundary-relationship" kafka-topics-update-boundary-relationship: "update-boundary-relationship" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml index 1c7d88d181..72147e6fb9 100644 --- a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml +++ b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml @@ -23,12 +23,17 @@ initContainers: # Container Configs image: repository: "chatbot" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: KAFKA_BOOTSTRAP_SERVER diff --git a/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml index fe4c54c41f..d415845830 100644 --- a/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml +++ b/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml @@ -37,11 +37,16 @@ initContainers: # Container Configs image: repository: "chatbot" -replicas: "1" +#replicas: "1" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_DATASOURCE_URL diff --git a/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml index 8c55a28ed9..c10498721a 100644 --- a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml @@ -15,7 +15,7 @@ initContainers: {} # Container Configs image: repository: "egov-accesscontrol" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/access/health" @@ -25,6 +25,11 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml index 9da2f2b906..1a43e1c3af 100644 --- a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml @@ -20,11 +20,16 @@ initContainers: # Container Configs image: repository: "egov-common-masters" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml index 899ac4e9ad..7321938a81 100644 --- a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-data-uploader" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx64m -Xms64m" @@ -27,6 +27,11 @@ upload-json-path: "" template-download-prefix: "" internal-file-folder-path: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: UPLOAD_JSON_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml index a42f47c37a..2c4663ff52 100644 --- a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-document-uploader" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-document-uploader/health" @@ -30,6 +30,11 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml index f357a4e41b..570b6e96fc 100644 --- a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-enc-service" -replicas: "1" +#replicas: "1" # healthChecks: # enabled: true # livenessProbePath: "/egov-enc-service/health" @@ -36,6 +36,11 @@ java-args: "-Dspring.profiles.active=monitoring" master-password-provider: software +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml index 51c0e5b603..f1af31230e 100644 --- a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml @@ -19,7 +19,7 @@ ingress: # Container Configs image: repository: "egov-filestore" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/filestore/health" @@ -36,6 +36,11 @@ is-s3-enabled: true persistence: enabled: false +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml index 2429c17713..ee8d3afb41 100644 --- a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-idgen" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-idgen/health" @@ -32,6 +32,11 @@ java-args: "-Dspring.profiles.active=monitoring" idformat-from-mdms: "false" autocreate-new-seq: "false" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml index 902bc1341d..217274727f 100644 --- a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml @@ -9,11 +9,16 @@ initContainers: {} # Container Configs image: repository: "egov-index-custom-consumer" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: EGOV_PT_HOST diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml index f3735385b3..b6a8b812fe 100644 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml @@ -24,7 +24,7 @@ initContainers: # Container Configs image: repository: "egov-indexer" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-indexer/health" @@ -34,6 +34,11 @@ tracing-enabled: true egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml" heap: "-Xmx192m -Xms192m" +memory_requests: "512Mi" +memory_limits: "768Mi" +cpu_limits: "50m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: EGOV_SERVICES_INFRA_INDEXER_HOST diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml index 057d70c833..c3e8abea26 100644 --- a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-localization" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx256m -Xms256m" @@ -30,6 +30,11 @@ healthChecks: livenessProbePath: "/localization/health" readinessProbePath: "/localization/health" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml index 6b7f9267af..4f652b8e6c 100644 --- a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-location" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-location/health" @@ -30,6 +30,12 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" gmaps: true + +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml index de6d21f462..a097a39515 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "ispirit-mdms-service" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/ispirit-mdms-service/health" @@ -34,6 +34,11 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml index 1347c0a845..a7dadfdd8e 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service-tenant-a" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service-tenant-a/health" @@ -34,6 +34,11 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml index 3b3fb3b153..d1028644a0 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service-tenant-b" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service-tenant-b/health" @@ -34,6 +34,11 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml index ce422599d9..e737143ffa 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service/health" @@ -34,6 +34,11 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml index 7e7986e075..e07e48546c 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml @@ -9,12 +9,17 @@ initContainers: {} # Container Configs image: repository: "egov-notification-mail" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true username: "egov-testing@egovernments.org" heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: KAFKA_TOPICS_NOTIFICATION_MAIL_NAME diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml index eb4dae3e0f..9f4a923aee 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml @@ -9,7 +9,7 @@ initContainers: {} # Container Configs image: repository: "egov-notification-sms" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" @@ -29,6 +29,11 @@ sms.error.codes: "401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,41 heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: KAFKA_TOPICS_NOTIFICATION_SMS_NAME diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml index 9a5537ba3a..dee4f85851 100644 --- a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-otp" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/otp/health" @@ -29,6 +29,11 @@ appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml index 38ca0f0906..5cbdef64de 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml @@ -12,7 +12,12 @@ ingress: # Container Configs image: repository: "egov-pdf" -replicas: "1" +#replicas: "1" + +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml index b94827fc08..6d5f092d30 100644 --- a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml @@ -13,7 +13,7 @@ initContainers: # Container Configs image: repository: "egov-persister" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/common-persist/health" @@ -22,9 +22,14 @@ appType: "java-spring" tracing-enabled: true persist-yml-path: "file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense-persister-bpachanges.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml" heap: "-Xmx192m -Xms192m" -memory_limits: 512Mi +#memory_limits: 512Mi java-args: "" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: EGOV_PERSIST_YML_REPO_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml index 2083062cfe..01c3145a95 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-pg-service" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/pg-service/health" @@ -40,6 +40,11 @@ heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" java-debug: "true" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml index 903efa0831..dd347820ae 100644 --- a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml @@ -19,12 +19,17 @@ initContainers: # Container Configs image: repository: "egov-searcher" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SEARCH_YAML_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml index d8392c7722..640e924d78 100644 --- a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml @@ -9,11 +9,16 @@ initContainers: {} # Container Configs image: repository: "egov-telemetry-kafka-streams" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: BOOTSTRAP_SERVER_CONFIG diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 1e47cadcaa..7354dad560 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-url-shortening" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/eus/health" @@ -31,6 +31,11 @@ heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" server-context: "/eus" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml index c9d97610ff..32df9b4ba7 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml @@ -6,7 +6,7 @@ labels: # Container Configs image: repository: "egov-user-chatbot" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -31,6 +31,11 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml index 6bc05edaa4..4c2bc02684 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml @@ -37,7 +37,7 @@ initContainers: # Container Configs image: repository: "egov-user" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -61,6 +61,11 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_DATASOURCE_URL diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index 924af961c8..7bdbe3369a 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-user" -replicas: "2" +#replicas: "2" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -44,6 +44,11 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml index 40df12c081..b0c0389baf 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-workflow-v2" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-workflow-v2/health" @@ -31,6 +31,11 @@ heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" workflow-statelevel: "true" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "50m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml index badcd91271..a9aa7945a4 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml @@ -14,11 +14,16 @@ initContainers: # Container Configs image: repository: "egov-workflow" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "50m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: EGOV_SERVICES_BOUNDARY_HOST diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml index f115eda3bd..706e2cafec 100644 --- a/deploy-as-code/helm/charts/core-services/inbox/values.yaml +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -14,7 +14,7 @@ ingress: # Container Configs image: repository: "inbox" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/inbox/health" @@ -25,6 +25,11 @@ memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVICES_ESINDEXER_HOST diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml index 4d305224b1..829b7c5d70 100644 --- a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml @@ -31,7 +31,7 @@ extraVolumeMounts: | # Container Configs image: repository: "zuul" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/health" @@ -52,6 +52,11 @@ eventlog-topic: "zuul-event-log" eventlog-urls-whitelist: "" home-isolation-chatbot-router-enabled: false +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml index 0434481379..2ee0285197 100644 --- a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml @@ -16,7 +16,7 @@ initContainers: # Container Configs image: repository: "mailbot" -replicas: "1" +#replicas: "1" tracing-enabled: true healthChecks: enabled: true @@ -27,6 +27,11 @@ java-args: "" config-paths: "file:///work-dir/configs/mailbot/case-management.yaml" cache-expiry-email: "10" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: STORE_HOME_ISOLATION_USERNAME diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml index 254eeea176..6337063bfe 100644 --- a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "mdms-v2" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/mdms-v2/health" @@ -32,6 +32,12 @@ java-args: "-Dspring.profiles.active=monitoring" egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" egov-mdms-data-save-topic: "save-mdms-data" + +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml index ba5f7852bd..8c1bb12973 100644 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "national-dashboard-ingest" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/national-dashboard/health" @@ -30,6 +30,11 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml index 5647316367..9f86898d56 100644 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml @@ -6,12 +6,18 @@ labels: # Container Configs image: repository: "national-dashboard-kafka-pipeline" -replicas: "3" +#replicas: "3" appType: "java-spring" tracing-enabled: true heap: "-Xmx512m -Xms512m" java-args: "-Dspring.profiles.active=monitoring" module-index-mapping: "{'PT': 'pt-national-dashboard', 'PGR': 'pgr-national-dashboard', 'WS': 'ws-national-dashboard', 'FIRENOC': 'firenoc-national-dashboard', 'TL': 'tl-national-dashboard', 'MCOLLECT': 'mcollect-national-dashboard', 'OBPS': 'obps-national-dashboard', 'COMMON': 'common-national-dashboard', 'BPA': 'bpa-national-dashboard','BIRTH':'birth-cert-national-dashboard','DEATH':'death-cert-national-dashboard'}" + +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml index a22130adb6..5d9718e9b3 100644 --- a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml +++ b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml @@ -12,10 +12,15 @@ ingress: # Container Configs image: repository: "nlp-engine" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: DEFAULT_LOCALISATION_TENANT diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml index 77ff7b5fb0..74a4152700 100644 --- a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml @@ -24,12 +24,18 @@ initContainers: # Container Configs image: repository: "pdf-service" -replicas: "1" +#replicas: "1" appType: "java-spring" tracing-enabled: true data-config-urls: "file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + + # Additional Container Envs env: | - name: NODE_ENV diff --git a/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/report/values.yaml b/deploy-as-code/helm/charts/core-services/report/values.yaml index 97931fa789..703171e025 100644 --- a/deploy-as-code/helm/charts/core-services/report/values.yaml +++ b/deploy-as-code/helm/charts/core-services/report/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "report" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/report/health" @@ -29,6 +29,11 @@ report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocations heap: "-Xmx192m -Xms192m" spring-datasource-tomcat-max-active: "5" +memory_requests: "256Mi" +memory_limits: "512Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: SERVER_CONTEXTPATH diff --git a/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml index 5b4674aa8d..c949f18575 100644 --- a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml +++ b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml @@ -14,10 +14,15 @@ initContainers: {} # Container Configs image: repository: "telemetry" -replicas: "1" +#replicas: "1" httpPort: 9001 tracing-enabled: true +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: telemetry_kafka_broker_list diff --git a/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml index 9d9b5e80b7..351a0007a2 100644 --- a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml @@ -24,9 +24,15 @@ initContainers: # Container Configs image: repository: "xstate-chatbot" -replicas: "1" +#replicas: "1" tracing-enabled: true + +memory_requests: "256Mi" +memory_limits: "256Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: KAFKA_BOOTSTRAP_SERVER diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml new file mode 100644 index 0000000000..f40ea32188 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml @@ -0,0 +1,2 @@ +# hpa.yaml +{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 0c6197b2d9..59ba3340ca 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -31,7 +31,7 @@ extraVolumeMounts: | # Container Configs image: repository: "zuul" -replicas: "1" +#replicas: "1" healthChecks: enabled: true livenessProbePath: "/health" @@ -52,6 +52,11 @@ eventlog-topic: "zuul-event-log" eventlog-urls-whitelist: "" home-isolation-chatbot-router-enabled: false +memory_requests: "512Mi" +memory_limits: "768Mi" +cpu_limits: "20m" +cpu_requests: "10m" + # Additional Container Envs env: | - name: URL_LISTS diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 42ac81ee9d..567cad5348 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -173,7 +173,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -212,7 +212,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -294,7 +294,7 @@ pqm-anomaly-finder: tracing-enabled: "true" inbox: - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -309,7 +309,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - memory_limits: "512Mi" + #memory_limits: "512Mi" replicas: 1 images: - egovio/egov-mdms-service @@ -324,7 +324,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -394,7 +394,7 @@ report: inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -453,7 +453,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 05d46b6a16..6ddc1ee6df 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -202,7 +202,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -263,7 +263,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -279,11 +279,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -293,7 +293,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" @@ -308,7 +308,7 @@ pgr-services: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-data-uploader: initContainers: @@ -416,7 +416,7 @@ cert-manager: zuul: - memory_limits: 512Mi + #memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -498,7 +498,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi + #memory_limits: 512Mi workflow-statelevel: "true" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -610,7 +610,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 833eaf7427..579ef4037b 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -236,7 +236,7 @@ pqm-anomaly-finder: tracing-enabled: "true" inbox: - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -252,7 +252,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -268,11 +268,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -282,7 +282,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" @@ -294,7 +294,7 @@ egov-persister: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-data-uploader: initContainers: @@ -473,7 +473,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi + #memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -593,7 +593,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 81aa367a36..d5812aa08c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -210,18 +210,18 @@ egov-filestore: filestore-url-validity: 3600 fixed-bucketname: "unified-dev-bucket-s3" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-url-shortening: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-url-shortner-endpoint: "/eus/shortener" hashids-salt: "randomsalt" hashids-min-length: "2" inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -244,10 +244,10 @@ prometheus-postgres-exporter: sslmode: disable mdms-v2: - memory_limits: 512Mi + #memory_limits: 512Mi boundary-service: - memory_limits: 512Mi + #memory_limits: 512Mi egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url @@ -268,7 +268,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -329,7 +329,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -345,11 +345,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -359,7 +359,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" @@ -377,7 +377,7 @@ audit-service: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi project: heap: "-Xmx256m -Xms256m" @@ -504,7 +504,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx512m -Xms512m" java-debug: "true" server-tomcat-max-threads: "350" @@ -579,7 +579,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi + #memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -696,7 +696,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 21f97756ec..179eb58ed1 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -227,7 +227,7 @@ egov-notification-sms: egov-user: heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: 'true' citizen-otp-enabled: 'true' employee-otp-enabled: 'false' @@ -309,7 +309,7 @@ egov-mdms-service: egov-indexer: heap: '-Xmx512m -Xms512m' - memory_limits: '768Mi' + #memory_limits: '768Mi' initContainers: gitSync: repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url @@ -319,7 +319,7 @@ egov-indexer: egov-persister: replicas: 1 heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi + #memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' @@ -331,7 +331,7 @@ egov-persister: egov-localization: replicas: 1 heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi + #memory_limits: 512Mi egov-data-uploader: initContainers: @@ -429,7 +429,7 @@ zuul: replicas: 1 custom-filter-property: 'false' tracing-enabled: 'true' - memory_limits: 768Mi + #memory_limits: 768Mi heap: '-Xmx512m -Xms512m' java-debug: 'true' server-tomcat-max-threads: '350' @@ -516,7 +516,7 @@ egov-workflow-v2: logging-level: 'DEBUG' java-args: -Dspring.profiles.active=monitoring heap: '-Xmx192m -Xms192m' - memory_limits: 512Mi + #memory_limits: 512Mi workflow-statelevel: 'false' host-link: 'https://egov-demo.egovernments.org/citizen/' pdf-link: '/download/epass?tenantId={TENANTID}&ids={UUID}' @@ -638,7 +638,7 @@ fluent-bit: egov-enc-service: heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi + #memory_limits: 512Mi state-level-tenant-id: 'pb' # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 9d6d1e1073..99269cf5e4 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -184,7 +184,7 @@ health-ui: inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -193,7 +193,7 @@ inbox: egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -229,7 +229,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -306,7 +306,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -437,7 +437,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 905e366f43..276d4d788e 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -225,7 +225,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -330,7 +330,7 @@ egov-mdms-create: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -448,10 +448,10 @@ cert-manager: zuul: - memory_limits: 512Mi + #memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 - memory_limits: 512Mi + #memory_limits: 512Mi custom-filter-property: "false" tracing-enabled: "true" heap: "-Xmx704m -Xms512m" diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 57b3aa8222..d78938d2f3 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -172,7 +172,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -217,7 +217,7 @@ project: inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -226,7 +226,7 @@ inbox: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -289,7 +289,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - memory_limits: "512Mi" + #memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -305,7 +305,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -442,7 +442,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 5d1ec74ba2..c7b03fea61 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -229,7 +229,7 @@ oauth2-proxy: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -301,7 +301,7 @@ audit-service: egov-mdms-service: replicas: 1 - memory_limits: "512Mi" + #memory_limits: "512Mi" images: - egovio/egov-mdms-service mdms-path: "/work-dir/egov-mdms-data/data" @@ -315,7 +315,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -459,7 +459,7 @@ cert-manager: zuul: - memory_limits: 512Mi + #memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -534,7 +534,7 @@ egov-hrms: employee-applink: "https://egov-demo.egovernments.org/employee/user/login" mdms-v2: - memory_limits: 512Mi + #memory_limits: 512Mi # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index e1c86dbbf3..6fdcf370ce 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -154,7 +154,7 @@ cluster-configs: egov-filestore: replicas: 2 heap: "-Xmx1344m -Xms1344m" - memory_limits: 1536Mi + #memory_limits: 1536Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -200,7 +200,7 @@ egov-notification-sms: egov-user: replicas: 2 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -300,7 +300,7 @@ noc-services: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" @@ -574,7 +574,7 @@ egov-hrms: pdf-service: replicas: 3 - memory_limits: 1.5Gi + #memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/configs" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index c560e052c8..fb3cfc6137 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -168,7 +168,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -187,7 +187,7 @@ egov-idgen: inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -213,7 +213,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -286,7 +286,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - memory_limits: "512Mi" + #memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -302,7 +302,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -320,7 +320,7 @@ egov-persister: branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch pgr-services: - memory_limits: 512Mi + #memory_limits: 512Mi egov-data-uploader: initContainers: @@ -423,7 +423,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml index 89689f5e0f..a9bebe88d6 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -201,7 +201,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -278,7 +278,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -396,7 +396,7 @@ cert-manager: zuul: - memory_limits: 512Mi + #memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 2cb8e5e8ab..330fa9e6d0 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -409,7 +409,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -425,11 +425,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -439,7 +439,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml" @@ -451,7 +451,7 @@ egov-persister: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi egov-data-uploader: initContainers: @@ -515,7 +515,7 @@ pdf-service: # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx128m -Xms128m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: @@ -644,7 +644,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi + #memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -756,7 +756,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index cdfda80b63..c4ac171a77 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -277,7 +277,7 @@ works-management-service: inbox: namespace: egov - memory_limits: 512Mi + #memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -351,7 +351,7 @@ audit-service: branch: "UNIFIED-QA" egov-mdms-service: - memory_limits: "512Mi" + #memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -367,7 +367,7 @@ egov-mdms-service: egov-filestore: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -382,7 +382,7 @@ egov-filestore: egov-user: replicas: "1" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -412,7 +412,7 @@ egov-persister: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" @@ -457,7 +457,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi + #memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" @@ -481,12 +481,12 @@ egov-common-workflows: egov-workflow: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi pdf-service: replicas: 1 - memory_limits: 1.5Gi + #memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/configs" diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index f93bb1de45..49f74a09f7 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -358,7 +358,7 @@ egov-filestore: egov-user: replicas: "1" heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -388,7 +388,7 @@ egov-persister: egov-indexer: heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" + #memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" @@ -430,7 +430,7 @@ egov-notification-sms: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> zuul: - memory_limits: 512Mi + #memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -461,12 +461,12 @@ egov-common-workflows: egov-workflow: heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi + #memory_limits: 512Mi pdf-service: replicas: 1 - memory_limits: 1.5Gi + #memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" From dcf2bff4a29b3a4afa88ad6b60bdcf2df542001d Mon Sep 17 00:00:00 2001 From: nikhilmulinti-egov <127198713+nikhilmulinti-egov@users.noreply.github.com> Date: Wed, 6 Dec 2023 11:22:34 +0530 Subject: [PATCH 536/742] Revert "Added hpa configuration for core-services and metrics (#2157)" (#2168) This reverts commit 046be2134a8434c6791448f2a1f19105fe088c73. --- .../backbone-services/kafka-kraft/values.yaml | 4 +-- .../helm/charts/common/templates/_hpa.yaml | 30 ------------------- deploy-as-code/helm/charts/common/values.yaml | 12 ++------ .../audit-service/templates/hpa.yaml | 2 -- .../core-services/audit-service/values.yaml | 7 +---- .../boundary-service/templates/hpa.yaml | 2 -- .../boundary-service/values.yaml | 7 +---- .../core-services/chatbot/chatbot-values.yaml | 7 +---- .../home-isolation-chatbot-values.yaml | 7 +---- .../core-services/chatbot/templates/hpa.yaml | 2 -- .../egov-accesscontrol/templates/hpa.yaml | 2 -- .../egov-accesscontrol/values.yaml | 7 +---- .../egov-common-masters/templates/hpa.yaml | 2 -- .../egov-common-masters/values.yaml | 7 +---- .../egov-data-uploader/templates/hpa.yaml | 2 -- .../egov-data-uploader/values.yaml | 7 +---- .../egov-document-uploader/templates/hpa.yaml | 2 -- .../egov-document-uploader/values.yaml | 7 +---- .../egov-enc-service/templates/hpa.yaml | 2 -- .../egov-enc-service/values.yaml | 7 +---- .../egov-filestore/templates/hpa.yaml | 2 -- .../core-services/egov-filestore/values.yaml | 7 +---- .../egov-idgen/templates/hpa.yaml | 2 -- .../core-services/egov-idgen/values.yaml | 7 +---- .../templates/hpa.yaml | 2 -- .../egov-index-custom-consumer/values.yaml | 7 +---- .../egov-indexer/templates/hpa.yaml | 2 -- .../core-services/egov-indexer/values.yaml | 7 +---- .../egov-localization/templates/hpa.yaml | 2 -- .../egov-localization/values.yaml | 7 +---- .../egov-location/templates/hpa.yaml | 2 -- .../core-services/egov-location/values.yaml | 8 +---- .../ispirit-mdms-service-values.yaml | 7 +---- .../egov-mdms-service/templates/hpa.yaml | 2 -- .../egov-mdms-service/tenant-a-mdms-data.yaml | 7 +---- .../egov-mdms-service/tenant-b-mdms-data.yaml | 7 +---- .../egov-mdms-service/values.yaml | 7 +---- .../egov-notification-mail/templates/hpa.yaml | 2 -- .../egov-notification-mail/values.yaml | 7 +---- .../egov-notification-sms/templates/hpa.yaml | 2 -- .../egov-notification-sms/values.yaml | 7 +---- .../core-services/egov-otp/templates/hpa.yaml | 2 -- .../charts/core-services/egov-otp/values.yaml | 7 +---- .../core-services/egov-pdf/templates/hpa.yaml | 2 -- .../charts/core-services/egov-pdf/values.yaml | 7 +---- .../egov-persister/templates/hpa.yaml | 2 -- .../core-services/egov-persister/values.yaml | 9 ++---- .../egov-pg-service/templates/hpa.yaml | 2 -- .../core-services/egov-pg-service/values.yaml | 7 +---- .../egov-searcher/templates/hpa.yaml | 2 -- .../core-services/egov-searcher/values.yaml | 7 +---- .../templates/hpa.yaml | 2 -- .../egov-telemetry-kafka-streams/values.yaml | 7 +---- .../egov-url-shortening/templates/hpa.yaml | 2 -- .../egov-url-shortening/values.yaml | 7 +---- .../egov-user-chatbot/templates/hpa.yaml | 2 -- .../egov-user-chatbot/values.yaml | 7 +---- .../egov-user-event/templates/hpa.yaml | 2 -- .../egov-user/egov-user-enc-values.yaml | 7 +---- .../egov-user/egov-user-values.yaml | 7 +---- .../egov-user/templates/hpa.yaml | 2 -- .../egov-workflow-v2/templates/hpa.yaml | 2 -- .../egov-workflow-v2/values.yaml | 7 +---- .../egov-workflow/templates/hpa.yaml | 2 -- .../core-services/egov-workflow/values.yaml | 7 +---- .../core-services/inbox/templates/hpa.yaml | 2 -- .../charts/core-services/inbox/values.yaml | 7 +---- .../internal-gateway/templates/hpa.yaml | 2 -- .../internal-gateway/values.yaml | 7 +---- .../core-services/mailbot/templates/hpa.yaml | 2 -- .../charts/core-services/mailbot/values.yaml | 7 +---- .../core-services/mdms-v2/templates/hpa.yaml | 2 -- .../charts/core-services/mdms-v2/values.yaml | 8 +---- .../templates/hpa.yaml | 2 -- .../national-dashboard-ingest/values.yaml | 7 +---- .../templates/hpa.yaml | 2 -- .../values.yaml | 8 +---- .../nlp-engine/templates/hpa.yaml | 2 -- .../core-services/nlp-engine/values.yaml | 7 +---- .../pdf-service/templates/hpa.yaml | 2 -- .../core-services/pdf-service/values.yaml | 8 +---- .../core-services/report/templates/hpa.yaml | 2 -- .../charts/core-services/report/values.yaml | 7 +---- .../telemetry/templates/hpa.yaml | 2 -- .../core-services/telemetry/values.yaml | 7 +---- .../core-services/user-otp/templates/hpa.yaml | 2 -- .../xstate-chatbot/templates/hpa.yaml | 2 -- .../core-services/xstate-chatbot/values.yaml | 8 +---- .../core-services/zuul/templates/hpa.yaml | 2 -- .../charts/core-services/zuul/values.yaml | 7 +---- .../helm/environments/sanitation-qa.yaml | 14 ++++----- .../helm/environments/sanitation-uat.yaml | 18 +++++------ .../helm/environments/sanitation.yaml | 16 +++++----- .../helm/environments/unified-dev.yaml | 28 ++++++++--------- .../helm/environments/unified-health-dev.yaml | 14 ++++----- .../helm/environments/unified-health-qa.yaml | 10 +++---- .../helm/environments/unified-health-uat.yaml | 8 ++--- .../helm/environments/unified-qa.yaml | 12 ++++---- .../helm/environments/unified-uat.yaml | 10 +++---- .../helm/environments/unified-urban-dev.yaml | 8 ++--- .../helm/environments/unified-urban-qa.yaml | 14 ++++----- .../helm/environments/unified-urban-uat.yaml | 6 ++-- .../helm/environments/unified-works-dev.yaml | 16 +++++----- .../helm/environments/unified-works-qa.yaml | 16 +++++----- .../helm/environments/unified-works-uat.yaml | 10 +++---- 105 files changed, 150 insertions(+), 502 deletions(-) delete mode 100644 deploy-as-code/helm/charts/common/templates/_hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml delete mode 100644 deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml index 6f80c6b11c..1f89099ffe 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml @@ -568,8 +568,8 @@ controller: ## @param controller.resources.requests The requested resources for the container ## resources: - limits: 2Gi - requests: 1.5Gi + limits: {} + requests: {} ## Kafka pods' Security Context ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod ## @param controller.podSecurityContext.enabled Enable security context for the pods diff --git a/deploy-as-code/helm/charts/common/templates/_hpa.yaml b/deploy-as-code/helm/charts/common/templates/_hpa.yaml deleted file mode 100644 index f4458b23bc..0000000000 --- a/deploy-as-code/helm/charts/common/templates/_hpa.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- define "common.hpa" -}} -{{- if .Values.hpa.enabled -}} ---- -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ template "common.name" . }} - minReplicas: 1 - maxReplicas: 1 - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: 90 - - type: Resource - resource: - name: memory - target: - type: Utilization - averageValue: 90 -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index 2b3f725e07..a550d2ae8f 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -109,22 +109,14 @@ lifecycle: - -c - "sleep 10" -memory_limits: "512Mi" -memory_requests: "256Mi" -cpu_limits: "50m" -cpu_requests: "10m" +memory_limits: "256Mi" resources: | {{- if eq .Values.appType "java-spring" -}} requests: - cpu: {{ .Values.cpu_requests | quote }} - memory: {{ .Values.memory_requests | quote }} + memory: {{ .Values.memory_limits | quote }} limits: - cpu: {{ .Values.cpu_limits | quote }} memory: {{ .Values.memory_limits | quote }} {{- end -}} - -hpa: - enabled: true ## Allows specification of additional environment variables extraEnv: java: | diff --git a/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/audit-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml index a156c8cc5f..b1b4835cb8 100644 --- a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "audit-service" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/audit-service/health" @@ -30,11 +30,6 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/boundary-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml index 811092ab86..2ca6fc194c 100644 --- a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "boundary-service" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/boundary-service/health" @@ -35,11 +35,6 @@ kafka-topics-update-boundary-hierarchy: "update-boundary-hierarchy-definition" kafka-topics-create-boundary-relationship: "save-boundary-relationship" kafka-topics-update-boundary-relationship: "update-boundary-relationship" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml index 72147e6fb9..1c7d88d181 100644 --- a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml +++ b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml @@ -23,17 +23,12 @@ initContainers: # Container Configs image: repository: "chatbot" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: KAFKA_BOOTSTRAP_SERVER diff --git a/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml index d415845830..fe4c54c41f 100644 --- a/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml +++ b/deploy-as-code/helm/charts/core-services/chatbot/home-isolation-chatbot-values.yaml @@ -37,16 +37,11 @@ initContainers: # Container Configs image: repository: "chatbot" -#replicas: "1" +replicas: "1" tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_DATASOURCE_URL diff --git a/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/chatbot/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml index c10498721a..8c55a28ed9 100644 --- a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml @@ -15,7 +15,7 @@ initContainers: {} # Container Configs image: repository: "egov-accesscontrol" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/access/health" @@ -25,11 +25,6 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-common-masters/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml index 1a43e1c3af..9da2f2b906 100644 --- a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml @@ -20,16 +20,11 @@ initContainers: # Container Configs image: repository: "egov-common-masters" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-data-uploader/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml index 7321938a81..899ac4e9ad 100644 --- a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-data-uploader" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx64m -Xms64m" @@ -27,11 +27,6 @@ upload-json-path: "" template-download-prefix: "" internal-file-folder-path: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: UPLOAD_JSON_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-document-uploader/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml index 2c4663ff52..a42f47c37a 100644 --- a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-document-uploader" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-document-uploader/health" @@ -30,11 +30,6 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-enc-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml index 570b6e96fc..f357a4e41b 100644 --- a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-enc-service" -#replicas: "1" +replicas: "1" # healthChecks: # enabled: true # livenessProbePath: "/egov-enc-service/health" @@ -36,11 +36,6 @@ java-args: "-Dspring.profiles.active=monitoring" master-password-provider: software -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-filestore/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml index f1af31230e..51c0e5b603 100644 --- a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml @@ -19,7 +19,7 @@ ingress: # Container Configs image: repository: "egov-filestore" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/filestore/health" @@ -36,11 +36,6 @@ is-s3-enabled: true persistence: enabled: false -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-idgen/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml index ee8d3afb41..2429c17713 100644 --- a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-idgen" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-idgen/health" @@ -32,11 +32,6 @@ java-args: "-Dspring.profiles.active=monitoring" idformat-from-mdms: "false" autocreate-new-seq: "false" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml index 217274727f..902bc1341d 100644 --- a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml @@ -9,16 +9,11 @@ initContainers: {} # Container Configs image: repository: "egov-index-custom-consumer" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: EGOV_PT_HOST diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml index b6a8b812fe..f3735385b3 100644 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml @@ -24,7 +24,7 @@ initContainers: # Container Configs image: repository: "egov-indexer" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-indexer/health" @@ -34,11 +34,6 @@ tracing-enabled: true egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml" heap: "-Xmx192m -Xms192m" -memory_requests: "512Mi" -memory_limits: "768Mi" -cpu_limits: "50m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: EGOV_SERVICES_INFRA_INDEXER_HOST diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-localization/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml index c3e8abea26..057d70c833 100644 --- a/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-localization/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-localization" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx256m -Xms256m" @@ -30,11 +30,6 @@ healthChecks: livenessProbePath: "/localization/health" readinessProbePath: "/localization/health" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-location/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml index 4f652b8e6c..6b7f9267af 100644 --- a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-location" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-location/health" @@ -30,12 +30,6 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" gmaps: true - -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml index a097a39515..de6d21f462 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/ispirit-mdms-service-values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "ispirit-mdms-service" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/ispirit-mdms-service/health" @@ -34,11 +34,6 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml index a7dadfdd8e..1347c0a845 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-a-mdms-data.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service-tenant-a" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service-tenant-a/health" @@ -34,11 +34,6 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml index d1028644a0..3b3fb3b153 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/tenant-b-mdms-data.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service-tenant-b" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service-tenant-b/health" @@ -34,11 +34,6 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml index e737143ffa..ce422599d9 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "egov-mdms-service" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-mdms-service/health" @@ -34,11 +34,6 @@ mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" branch: "master" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-notification-mail/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml index e07e48546c..7e7986e075 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml @@ -9,17 +9,12 @@ initContainers: {} # Container Configs image: repository: "egov-notification-mail" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true username: "egov-testing@egovernments.org" heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: KAFKA_TOPICS_NOTIFICATION_MAIL_NAME diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-notification-sms/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml index 9f4a923aee..eb4dae3e0f 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml @@ -9,7 +9,7 @@ initContainers: {} # Container Configs image: repository: "egov-notification-sms" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true sms-provider-url: "https://msdgweb.mgov.gov.in/esms/sendsmsrequest" @@ -29,11 +29,6 @@ sms.error.codes: "401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,41 heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: KAFKA_TOPICS_NOTIFICATION_SMS_NAME diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-otp/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml index dee4f85851..9a5537ba3a 100644 --- a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-otp" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/otp/health" @@ -29,11 +29,6 @@ appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-pdf/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml index 5cbdef64de..38ca0f0906 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml @@ -12,12 +12,7 @@ ingress: # Container Configs image: repository: "egov-pdf" -#replicas: "1" - -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" +replicas: "1" # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-persister/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml index 6d5f092d30..b94827fc08 100644 --- a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml @@ -13,7 +13,7 @@ initContainers: # Container Configs image: repository: "egov-persister" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/common-persist/health" @@ -22,14 +22,9 @@ appType: "java-spring" tracing-enabled: true persist-yml-path: "file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense-persister-bpachanges.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml" heap: "-Xmx192m -Xms192m" -#memory_limits: 512Mi +memory_limits: 512Mi java-args: "" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: EGOV_PERSIST_YML_REPO_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-pg-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml index 01c3145a95..2083062cfe 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-pg-service" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/pg-service/health" @@ -40,11 +40,6 @@ heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" java-debug: "true" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-searcher/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml index dd347820ae..903efa0831 100644 --- a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml @@ -19,17 +19,12 @@ initContainers: # Container Configs image: repository: "egov-searcher" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SEARCH_YAML_PATH diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml index 640e924d78..d8392c7722 100644 --- a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml @@ -9,16 +9,11 @@ initContainers: {} # Container Configs image: repository: "egov-telemetry-kafka-streams" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: BOOTSTRAP_SERVER_CONFIG diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 7354dad560..1e47cadcaa 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-url-shortening" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/eus/health" @@ -31,11 +31,6 @@ heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" server-context: "/eus" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml index 32df9b4ba7..c9d97610ff 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml @@ -6,7 +6,7 @@ labels: # Container Configs image: repository: "egov-user-chatbot" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -31,11 +31,6 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-user-event/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml index 4c2bc02684..6bc05edaa4 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-enc-values.yaml @@ -37,7 +37,7 @@ initContainers: # Container Configs image: repository: "egov-user" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -61,11 +61,6 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_DATASOURCE_URL diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index 7bdbe3369a..924af961c8 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-user" -#replicas: "2" +replicas: "2" healthChecks: enabled: true livenessProbePath: "/user/health" @@ -44,11 +44,6 @@ citizen-otp-fixed-enabled: "true" heap: "-Xmx192m -Xms192m" java-args: "" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-user/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml index b0c0389baf..40df12c081 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "egov-workflow-v2" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/egov-workflow-v2/health" @@ -31,11 +31,6 @@ heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" workflow-statelevel: "true" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "50m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/egov-workflow/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml index a9aa7945a4..badcd91271 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml @@ -14,16 +14,11 @@ initContainers: # Container Configs image: repository: "egov-workflow" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "50m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: EGOV_SERVICES_BOUNDARY_HOST diff --git a/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/inbox/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/inbox/values.yaml b/deploy-as-code/helm/charts/core-services/inbox/values.yaml index 706e2cafec..f115eda3bd 100644 --- a/deploy-as-code/helm/charts/core-services/inbox/values.yaml +++ b/deploy-as-code/helm/charts/core-services/inbox/values.yaml @@ -14,7 +14,7 @@ ingress: # Container Configs image: repository: "inbox" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/inbox/health" @@ -25,11 +25,6 @@ memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVICES_ESINDEXER_HOST diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/internal-gateway/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml index 829b7c5d70..4d305224b1 100644 --- a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml @@ -31,7 +31,7 @@ extraVolumeMounts: | # Container Configs image: repository: "zuul" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/health" @@ -52,11 +52,6 @@ eventlog-topic: "zuul-event-log" eventlog-urls-whitelist: "" home-isolation-chatbot-router-enabled: false -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_PORT diff --git a/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/mailbot/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml index 2ee0285197..0434481379 100644 --- a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml @@ -16,7 +16,7 @@ initContainers: # Container Configs image: repository: "mailbot" -#replicas: "1" +replicas: "1" tracing-enabled: true healthChecks: enabled: true @@ -27,11 +27,6 @@ java-args: "" config-paths: "file:///work-dir/configs/mailbot/case-management.yaml" cache-expiry-email: "10" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: STORE_HOME_ISOLATION_USERNAME diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/mdms-v2/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml index 6337063bfe..254eeea176 100644 --- a/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mdms-v2/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "mdms-v2" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/mdms-v2/health" @@ -32,12 +32,6 @@ java-args: "-Dspring.profiles.active=monitoring" egov-mdms-schema-definition-save-topic: "save-mdms-schema-definition" egov-mdms-data-save-topic: "save-mdms-data" - -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXT_PATH diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml index 8c1bb12973..ba5f7852bd 100644 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml @@ -20,7 +20,7 @@ initContainers: # Container Configs image: repository: "national-dashboard-ingest" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/national-dashboard/health" @@ -30,11 +30,6 @@ tracing-enabled: true heap: "-Xmx64m -Xms64m" java-args: "-Dspring.profiles.active=monitoring" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml index 9f86898d56..5647316367 100644 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-kafka-pipeline/values.yaml @@ -6,18 +6,12 @@ labels: # Container Configs image: repository: "national-dashboard-kafka-pipeline" -#replicas: "3" +replicas: "3" appType: "java-spring" tracing-enabled: true heap: "-Xmx512m -Xms512m" java-args: "-Dspring.profiles.active=monitoring" module-index-mapping: "{'PT': 'pt-national-dashboard', 'PGR': 'pgr-national-dashboard', 'WS': 'ws-national-dashboard', 'FIRENOC': 'firenoc-national-dashboard', 'TL': 'tl-national-dashboard', 'MCOLLECT': 'mcollect-national-dashboard', 'OBPS': 'obps-national-dashboard', 'COMMON': 'common-national-dashboard', 'BPA': 'bpa-national-dashboard','BIRTH':'birth-cert-national-dashboard','DEATH':'death-cert-national-dashboard'}" - -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SPRING_KAFKA_CONSUMER_GROUP_ID diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/nlp-engine/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml index 5d9718e9b3..a22130adb6 100644 --- a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml +++ b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml @@ -12,15 +12,10 @@ ingress: # Container Configs image: repository: "nlp-engine" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: DEFAULT_LOCALISATION_TENANT diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/pdf-service/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml index 74a4152700..77ff7b5fb0 100644 --- a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml @@ -24,18 +24,12 @@ initContainers: # Container Configs image: repository: "pdf-service" -#replicas: "1" +replicas: "1" appType: "java-spring" tracing-enabled: true data-config-urls: "file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - - # Additional Container Envs env: | - name: NODE_ENV diff --git a/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/report/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/report/values.yaml b/deploy-as-code/helm/charts/core-services/report/values.yaml index 703171e025..97931fa789 100644 --- a/deploy-as-code/helm/charts/core-services/report/values.yaml +++ b/deploy-as-code/helm/charts/core-services/report/values.yaml @@ -19,7 +19,7 @@ initContainers: # Container Configs image: repository: "report" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/report/health" @@ -29,11 +29,6 @@ report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocations heap: "-Xmx192m -Xms192m" spring-datasource-tomcat-max-active: "5" -memory_requests: "256Mi" -memory_limits: "512Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: SERVER_CONTEXTPATH diff --git a/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/telemetry/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml index c949f18575..5b4674aa8d 100644 --- a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml +++ b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml @@ -14,15 +14,10 @@ initContainers: {} # Container Configs image: repository: "telemetry" -#replicas: "1" +replicas: "1" httpPort: 9001 tracing-enabled: true -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: telemetry_kafka_broker_list diff --git a/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/user-otp/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/xstate-chatbot/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml index 351a0007a2..9d9b5e80b7 100644 --- a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml @@ -24,15 +24,9 @@ initContainers: # Container Configs image: repository: "xstate-chatbot" -#replicas: "1" +replicas: "1" tracing-enabled: true - -memory_requests: "256Mi" -memory_limits: "256Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: KAFKA_BOOTSTRAP_SERVER diff --git a/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml b/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml deleted file mode 100644 index f40ea32188..0000000000 --- a/deploy-as-code/helm/charts/core-services/zuul/templates/hpa.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# hpa.yaml -{{- template "common.hpa" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 59ba3340ca..0c6197b2d9 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -31,7 +31,7 @@ extraVolumeMounts: | # Container Configs image: repository: "zuul" -#replicas: "1" +replicas: "1" healthChecks: enabled: true livenessProbePath: "/health" @@ -52,11 +52,6 @@ eventlog-topic: "zuul-event-log" eventlog-urls-whitelist: "" home-isolation-chatbot-router-enabled: false -memory_requests: "512Mi" -memory_limits: "768Mi" -cpu_limits: "20m" -cpu_requests: "10m" - # Additional Container Envs env: | - name: URL_LISTS diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 567cad5348..42ac81ee9d 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -173,7 +173,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -212,7 +212,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -294,7 +294,7 @@ pqm-anomaly-finder: tracing-enabled: "true" inbox: - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -309,7 +309,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - #memory_limits: "512Mi" + memory_limits: "512Mi" replicas: 1 images: - egovio/egov-mdms-service @@ -324,7 +324,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -394,7 +394,7 @@ report: inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -453,7 +453,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 6ddc1ee6df..05d46b6a16 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -202,7 +202,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -263,7 +263,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -279,11 +279,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -293,7 +293,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" @@ -308,7 +308,7 @@ pgr-services: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-data-uploader: initContainers: @@ -416,7 +416,7 @@ cert-manager: zuul: - #memory_limits: 512Mi + memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -498,7 +498,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - #memory_limits: 512Mi + memory_limits: 512Mi workflow-statelevel: "true" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -610,7 +610,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 579ef4037b..833eaf7427 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -236,7 +236,7 @@ pqm-anomaly-finder: tracing-enabled: "true" inbox: - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -252,7 +252,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -268,11 +268,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -282,7 +282,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" @@ -294,7 +294,7 @@ egov-persister: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-data-uploader: initContainers: @@ -473,7 +473,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - #memory_limits: 512Mi + memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -593,7 +593,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d5812aa08c..81aa367a36 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -210,18 +210,18 @@ egov-filestore: filestore-url-validity: 3600 fixed-bucketname: "unified-dev-bucket-s3" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-url-shortening: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-url-shortner-endpoint: "/eus/shortener" hashids-salt: "randomsalt" hashids-min-length: "2" inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -244,10 +244,10 @@ prometheus-postgres-exporter: sslmode: disable mdms-v2: - #memory_limits: 512Mi + memory_limits: 512Mi boundary-service: - #memory_limits: 512Mi + memory_limits: 512Mi egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url @@ -268,7 +268,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -329,7 +329,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -345,11 +345,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -359,7 +359,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" @@ -377,7 +377,7 @@ audit-service: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi project: heap: "-Xmx256m -Xms256m" @@ -504,7 +504,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx512m -Xms512m" java-debug: "true" server-tomcat-max-threads: "350" @@ -579,7 +579,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - #memory_limits: 512Mi + memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -696,7 +696,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 179eb58ed1..21f97756ec 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -227,7 +227,7 @@ egov-notification-sms: egov-user: heap: '-Xmx256m -Xms256m' - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: 'true' citizen-otp-enabled: 'true' employee-otp-enabled: 'false' @@ -309,7 +309,7 @@ egov-mdms-service: egov-indexer: heap: '-Xmx512m -Xms512m' - #memory_limits: '768Mi' + memory_limits: '768Mi' initContainers: gitSync: repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url @@ -319,7 +319,7 @@ egov-indexer: egov-persister: replicas: 1 heap: '-Xmx256m -Xms256m' - #memory_limits: 512Mi + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' @@ -331,7 +331,7 @@ egov-persister: egov-localization: replicas: 1 heap: '-Xmx256m -Xms256m' - #memory_limits: 512Mi + memory_limits: 512Mi egov-data-uploader: initContainers: @@ -429,7 +429,7 @@ zuul: replicas: 1 custom-filter-property: 'false' tracing-enabled: 'true' - #memory_limits: 768Mi + memory_limits: 768Mi heap: '-Xmx512m -Xms512m' java-debug: 'true' server-tomcat-max-threads: '350' @@ -516,7 +516,7 @@ egov-workflow-v2: logging-level: 'DEBUG' java-args: -Dspring.profiles.active=monitoring heap: '-Xmx192m -Xms192m' - #memory_limits: 512Mi + memory_limits: 512Mi workflow-statelevel: 'false' host-link: 'https://egov-demo.egovernments.org/citizen/' pdf-link: '/download/epass?tenantId={TENANTID}&ids={UUID}' @@ -638,7 +638,7 @@ fluent-bit: egov-enc-service: heap: '-Xmx256m -Xms256m' - #memory_limits: 512Mi + memory_limits: 512Mi state-level-tenant-id: 'pb' # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 99269cf5e4..9d6d1e1073 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -184,7 +184,7 @@ health-ui: inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -193,7 +193,7 @@ inbox: egov-filestore: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -229,7 +229,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -306,7 +306,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -437,7 +437,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 276d4d788e..905e366f43 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -225,7 +225,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -330,7 +330,7 @@ egov-mdms-create: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -448,10 +448,10 @@ cert-manager: zuul: - #memory_limits: 512Mi + memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 - #memory_limits: 512Mi + memory_limits: 512Mi custom-filter-property: "false" tracing-enabled: "true" heap: "-Xmx704m -Xms512m" diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index d78938d2f3..57b3aa8222 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -172,7 +172,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -217,7 +217,7 @@ project: inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -226,7 +226,7 @@ inbox: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -289,7 +289,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - #memory_limits: "512Mi" + memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -305,7 +305,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -442,7 +442,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index c7b03fea61..5d1ec74ba2 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -229,7 +229,7 @@ oauth2-proxy: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -301,7 +301,7 @@ audit-service: egov-mdms-service: replicas: 1 - #memory_limits: "512Mi" + memory_limits: "512Mi" images: - egovio/egov-mdms-service mdms-path: "/work-dir/egov-mdms-data/data" @@ -315,7 +315,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -459,7 +459,7 @@ cert-manager: zuul: - #memory_limits: 512Mi + memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -534,7 +534,7 @@ egov-hrms: employee-applink: "https://egov-demo.egovernments.org/employee/user/login" mdms-v2: - #memory_limits: 512Mi + memory_limits: 512Mi # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 6fdcf370ce..e1c86dbbf3 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -154,7 +154,7 @@ cluster-configs: egov-filestore: replicas: 2 heap: "-Xmx1344m -Xms1344m" - #memory_limits: 1536Mi + memory_limits: 1536Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -200,7 +200,7 @@ egov-notification-sms: egov-user: replicas: 2 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -300,7 +300,7 @@ noc-services: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" @@ -574,7 +574,7 @@ egov-hrms: pdf-service: replicas: 3 - #memory_limits: 1.5Gi + memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/configs" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index fb3cfc6137..c560e052c8 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -168,7 +168,7 @@ citizen: ';" egov-filestore: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -187,7 +187,7 @@ egov-idgen: inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -213,7 +213,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -286,7 +286,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - #memory_limits: "512Mi" + memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -302,7 +302,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -320,7 +320,7 @@ egov-persister: branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch pgr-services: - #memory_limits: 512Mi + memory_limits: 512Mi egov-data-uploader: initContainers: @@ -423,7 +423,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml index a9bebe88d6..89689f5e0f 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -201,7 +201,7 @@ egov-notification-sms: egov-user: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -278,7 +278,7 @@ egov-mdms-service: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -396,7 +396,7 @@ cert-manager: zuul: - #memory_limits: 512Mi + memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 330fa9e6d0..2cb8e5e8ab 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -409,7 +409,7 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: @@ -425,11 +425,11 @@ egov-mdms-service: masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -439,7 +439,7 @@ egov-indexer: egov-persister: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi images: - egovio/egov-persister persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml" @@ -451,7 +451,7 @@ egov-persister: egov-localization: replicas: 1 heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi egov-data-uploader: initContainers: @@ -515,7 +515,7 @@ pdf-service: # financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> egf-master: - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx128m -Xms128m" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< egov-custom-consumer: @@ -644,7 +644,7 @@ egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring heap: "-Xmx192m -Xms192m" - #memory_limits: 512Mi + memory_limits: 512Mi workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" @@ -756,7 +756,7 @@ fluent-bit: egov-enc-service: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi state-level-tenant-id: "pb" # kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index c4ac171a77..cdfda80b63 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -277,7 +277,7 @@ works-management-service: inbox: namespace: egov - #memory_limits: 512Mi + memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true tracing-enabled: "true" @@ -351,7 +351,7 @@ audit-service: branch: "UNIFIED-QA" egov-mdms-service: - #memory_limits: "512Mi" + memory_limits: "512Mi" heap: "-Xmx512m -Xms512m" replicas: 1 images: @@ -367,7 +367,7 @@ egov-mdms-service: egov-filestore: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -382,7 +382,7 @@ egov-filestore: egov-user: replicas: "1" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -412,7 +412,7 @@ egov-persister: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/configs" @@ -457,7 +457,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - #memory_limits: 768Mi + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" @@ -481,12 +481,12 @@ egov-common-workflows: egov-workflow: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi pdf-service: replicas: 1 - #memory_limits: 1.5Gi + memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/configs" diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index 49f74a09f7..f93bb1de45 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -358,7 +358,7 @@ egov-filestore: egov-user: replicas: "1" heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi otp-validation: "true" citizen-otp-enabled: "true" employee-otp-enabled: "false" @@ -388,7 +388,7 @@ egov-persister: egov-indexer: heap: "-Xmx512m -Xms512m" - #memory_limits: "768Mi" + memory_limits: "768Mi" initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" @@ -430,7 +430,7 @@ egov-notification-sms: # gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> zuul: - #memory_limits: 512Mi + memory_limits: 512Mi heap: -Xmx256m -Xms256m replicas: 1 custom-filter-property: "false" @@ -461,12 +461,12 @@ egov-common-workflows: egov-workflow: heap: "-Xmx256m -Xms256m" - #memory_limits: 512Mi + memory_limits: 512Mi pdf-service: replicas: 1 - #memory_limits: 1.5Gi + memory_limits: 1.5Gi initContainers: gitSync: repo: "git@github.com:egovernments/works-configs" From 2758c15fb5ca35d71bcf892f947f7fb663181841 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Thu, 7 Dec 2023 11:45:43 +0530 Subject: [PATCH 537/742] Update values.yaml adding pqm-anomaly host (#2169) --- .../helm/charts/sanitation/pqm-service/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml index d89a1a6adf..e7327c998f 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml @@ -86,6 +86,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-workflow-v2 + - name: EGOV_PQM_ANOMALY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pqm-anomaly-finder - name: WORKFLOW_TRANSITION_PATH value: "egov-workflow-v2/egov-wf/process/_transition" - name: SPRING_KAFKA_CONSUMER_GROUP_ID From f1bac4fa0e69d677c4e961d6faf280b9bfb578ce Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 7 Dec 2023 13:24:34 +0530 Subject: [PATCH 538/742] Added mdms-v2 path (#2170) --- deploy-as-code/helm/environments/unified-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 81aa367a36..8839c97d4c 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -149,6 +149,7 @@ cluster-configs: birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" + mdms-service-v2: "http://mdms-v2.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 7daefa723cd997c2327c98d2064133846bd2033c Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Thu, 7 Dec 2023 16:19:50 +0530 Subject: [PATCH 539/742] Update values.yaml, of project helm chart (#2171) Added EGOV.USER.ID.VALIDATOR --- .../helm/charts/common-services/project/values.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/common-services/project/values.yaml b/deploy-as-code/helm/charts/common-services/project/values.yaml index c690a65af2..a5037f1b94 100644 --- a/deploy-as-code/helm/charts/common-services/project/values.yaml +++ b/deploy-as-code/helm/charts/common-services/project/values.yaml @@ -229,6 +229,8 @@ env: | value: "create-project-facility-bulk-topic" - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC value: "update-project-facility-bulk-topic" + - name: EGOV.USER.ID.VALIDATOR + value: egov-user - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: @@ -241,4 +243,4 @@ env: | - name: EGOV_LOCATION_HIERARCHY_TYPE value: "ADMIN" - name: EGOV_LOCATION_CODE_QUERY_PARAM - value: "code" \ No newline at end of file + value: "code" From 5eab57f83d0509ab0bc65fe28dd780c97d65f778 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Thu, 7 Dec 2023 17:40:24 +0530 Subject: [PATCH 540/742] added file path for deviation-statement pdf (#2172) * added filr path for deviation-statement pdf * added file path for deviation-statement pdf --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 8839c97d4c..b3a5168c1b 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -453,8 +453,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 8a6faecebf1554877dbfe99a17de7b24efb3f1cc Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 7 Dec 2023 20:57:32 +0530 Subject: [PATCH 541/742] SM-3288 doing devops promotion to UAT (#2173) --- .../helm/environments/sanitation-uat.yaml | 192 +++++++++++++++++- 1 file changed, 190 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 05d46b6a16..bb54cff4d8 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -6,6 +6,142 @@ cluster-configs: namespaces: create: true values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifiedqadb ## Add db-name + db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-qa.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name + state-level-tenant-id: "pg" + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + pqm-service: "http://pqm-service.sanitation:8080" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + pqm-service: "http://pqm-service.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" root-ingress: cert-issuer: letsencrypt-prod @@ -167,6 +303,8 @@ citizen: ';" egov-filestore: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -183,6 +321,9 @@ egov-idgen: java-args: -Dspring.profiles.active=monitoring autocreate-new-seq: "true" +estimate-service: + memory_limits: 512Mi + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" @@ -217,6 +358,15 @@ egov-user: egov-state-level-tenant-id: "in" decryption-abac-enabled: "false" +individual: +namespace: works +tracing-enabled: true +java-enable-debug: true +state-level-tenant-id: "pg" +aadhaar-pattern: "\\d{12}" +mobile-pattern: "\\d+" +notification-sms-disabled-roles: "ORG_ADMIN" + chatbot: kafka-topics-partition-count: 3 kafka-topics-replication-factor: 2 @@ -255,6 +405,33 @@ bpa-calculator: java-debug: true tracing-enabled: "true" + +sanitation-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + +pqm-service: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + +pqm-anomaly-finder: + memory_limits: 512Mi + heap: "-Xmx256m -Xms256m" + java-debug: true + tracing-enabled: "true" + +inbox: + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + + sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" @@ -267,6 +444,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: + memory_limits: "512Mi" replicas: 1 images: - egovio/egov-mdms-service @@ -288,7 +466,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 @@ -296,7 +474,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url @@ -359,6 +537,15 @@ report: branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + sanitation-ui: namespace: sanitation custom-js-injection: | @@ -421,6 +608,7 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" + memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" From 3544dd58be9c361b5dba0e7b0c13111e42ab9c69 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Fri, 8 Dec 2023 10:39:51 +0530 Subject: [PATCH 542/742] updated unified-dev.yaml, unified-qa.yaml for HCM (#2174) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index b3a5168c1b..fb63ef8d9a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 57b3aa8222..70a9e41843 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -315,7 +315,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 9a4d5a7f97ad8fa7894f91a0047a548501b8220b Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Mon, 11 Dec 2023 10:35:25 +0530 Subject: [PATCH 543/742] Update unified-qa.yaml, (#2175) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 70a9e41843..0f3bd612d8 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -315,7 +315,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 7b22a343ef58b2f4a5887b1f4fb029741389fd8b Mon Sep 17 00:00:00 2001 From: Nipun Arora Date: Tue, 12 Dec 2023 12:33:16 +0530 Subject: [PATCH 544/742] Update sanitation-uat.yaml (#2176) Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index bb54cff4d8..83605e1f8a 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -410,7 +410,7 @@ sanitation-ui: custom-js-injection: | sub_filter.conf: " sub_filter '' ' - + ';" pqm-service: From f2e9fba5f3c4127d65dd4d69c1d34cef11878242 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 12 Dec 2023 13:16:21 +0530 Subject: [PATCH 545/742] Update sanitation-uat.yaml (#2177) --- .../helm/environments/sanitation-uat.yaml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 83605e1f8a..ab8db37a5d 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -13,12 +13,14 @@ cluster-configs: egov-config: namespace: [ egov, monitoring, sanitation ] data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - state-level-tenant-id: "pg" + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com + aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat + aws-region: ap-south-1 egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" @@ -40,7 +42,12 @@ cluster-configs: egov-bnd-freedownload-tenants: "pg.testing" egov-bnd-live-citizen-tenants: "pg.testing" - + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" citizen-services: "http://citizen-services:8080/" From def0d18b4ef997acd5568a55b6ece7f347294442 Mon Sep 17 00:00:00 2001 From: Nipun Arora Date: Tue, 12 Dec 2023 13:50:43 +0530 Subject: [PATCH 546/742] removed duplicate config for sanitation ui (#2178) Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/sanitation-uat.yaml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index ab8db37a5d..d838138339 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -414,6 +414,7 @@ bpa-calculator: sanitation-ui: + namespace: sanitation custom-js-injection: | sub_filter.conf: " sub_filter '' ' @@ -553,13 +554,6 @@ inbox: service-map : '{}' bs-service-map : '{}' -sanitation-ui: - namespace: sanitation - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" pdf-service: initContainers: From 366bf2d432e260db8624f5ca4ffed7292c047863 Mon Sep 17 00:00:00 2001 From: Nipun Arora Date: Tue, 12 Dec 2023 15:39:42 +0530 Subject: [PATCH 547/742] Added the Sanitation UI environment config (#2179) * updated sanitaion-ui * Update unified-uat.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-uat.yaml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 5d1ec74ba2..93b9ecac38 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -164,7 +164,16 @@ digit-ui: sub_filter.conf: " sub_filter '' ' - ';" + ';" + +sanitation-ui: + namespace: sanitation + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + citizen: custom-js-injection: | sub_filter.conf: " From 7bd52283409937611165072197325a761ffd93ac Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 12 Dec 2023 17:35:53 +0530 Subject: [PATCH 548/742] Update sanitation-uat.yaml (#2180) --- .../helm/environments/sanitation-uat.yaml | 417 ++++++------------ 1 file changed, 137 insertions(+), 280 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index d838138339..b09ec156db 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -8,286 +8,143 @@ cluster-configs: values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring, sanitation ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com - aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat - aws-region: ap-south-1 - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - pqm-service: "http://pqm-service.sanitation:8080" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-service: "http://pqm-service.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring, sanitation ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 42ba47ce09404cd2840bf1041ce8a28ebd521387 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 12 Dec 2023 17:55:17 +0530 Subject: [PATCH 549/742] Update sanitation-uat.yaml (#2182) --- .../helm/environments/sanitation-uat.yaml | 353 +++++++++--------- 1 file changed, 184 insertions(+), 169 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index b09ec156db..8f98ffae57 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -1,150 +1,153 @@ global: - domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup + domain: + unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup cluster-configs: - namespaces: + namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] - + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring, sanitation ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ egov, monitoring, sanitation ] + data: + db-host: + unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: + jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ egov, monitoring, sanitation ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -171,8 +174,8 @@ egov-filestore: memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" + minio.url: "http://minio.backbone:9000/" + aws.s3.url: "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" @@ -186,12 +189,12 @@ egov-idgen: autocreate-new-seq: "true" estimate-service: - memory_limits: 512Mi + memory_limits: 512Mi egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" + sms.provider.contentType: "application/x-www-form-urlencoded" sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" sms-gateway-to-use: "sms provider name" ## Add sms provider name sms-sender: "sms sender" ## Add sms sender @@ -289,20 +292,20 @@ pqm-anomaly-finder: heap: "-Xmx256m -Xms256m" java-debug: true tracing-enabled: "true" - + inbox: memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true - tracing-enabled: "true" + tracing-enabled: "true" sw-services: scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" + is-external-workflow-enabled: "true" egov-pg-service: - axis: true + axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" heap: "-Xmx256m -Xms256m" memory_limits: 512Mi @@ -407,9 +410,9 @@ inbox: memory_limits: 512Mi heap: "-Xmx512m -Xms256m" java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' + tracing-enabled: "true" + service-map: '{}' + bs-service-map: '{}' pdf-service: @@ -458,8 +461,8 @@ nginx-ingress: cert-manager: email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - + + zuul: memory_limits: 512Mi heap: -Xmx256m -Xms256m @@ -667,11 +670,14 @@ kafka-v2: enabled: true aws: - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. + zone: + ap-south-1b ## REPLACE: add respective zone. - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -691,7 +697,7 @@ kafka-v2: ### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-connect: image: - tag: "5.4.1" + tag: "5.4.1" # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -702,11 +708,14 @@ zookeeper-v2: enabled: true aws: - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -727,11 +736,14 @@ elasticsearch-data-v1: enabled: true aws: - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + zone: + ap-south-1b ## REPLACE: add zone esJavaOpts: "-Xmx1g -Xms1g" resources: @@ -752,12 +764,15 @@ elasticsearch-master-v1: enabled: true aws: - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone + zone: + ap-south-1b ##REPLACE: add zone - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone + zone: + ap-south-1b ##REPLACE: add zone - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - + zone: + ap-south-1b ## REPLACE: add zone + esJavaOpts: "-Xmx448m -Xms448m" resources: requests: From 3cd638e2c0025a716a423dfd965fdd48cdeec335 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 12 Dec 2023 18:14:57 +0530 Subject: [PATCH 550/742] Update sanitation-uat.yaml (#2183) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 8f98ffae57..86daae9977 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -63,6 +63,7 @@ cluster-configs: egf-master: "http://egf-master:8080/" egf-instrument: "http://egf-instrument:8080/" egf-voucher: "http://egf-voucher:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" From 312123b78bbc31caaafcc82d78cec1a8df5e7740 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 12 Dec 2023 18:55:55 +0530 Subject: [PATCH 551/742] updated namespace for pqm-service --- deploy-as-code/helm/environments/sanitation-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 86daae9977..f4a581127e 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -283,6 +283,7 @@ sanitation-ui: ';" pqm-service: + namespace: sanitation memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-debug: true From 5942b1ec988c77f032028f29f5a21c1203a35d72 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 12 Dec 2023 19:03:42 +0530 Subject: [PATCH 552/742] updated namespace for pqm-service --- deploy-as-code/helm/environments/sanitation-uat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index f4a581127e..4541ff004e 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -12,7 +12,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation ] + namespace: sanitation data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com @@ -44,7 +44,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, sanitation ] + namespace: sanitation data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" From 816c91452cd35c27578571deb2ca57c829c5d58e Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 12 Dec 2023 19:10:31 +0530 Subject: [PATCH 553/742] updated secrets in sanitation-uat --- .../helm/environments/sanitation-uat.yaml | 280 +++++++++--------- 1 file changed, 138 insertions(+), 142 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 4541ff004e..813c39e5e7 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -6,149 +6,145 @@ global: cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: sanitation + data: + db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieduatdb ## Add db-name + db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: unified-uat.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: sanitation - data: - db-host: - unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: - jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: sanitation - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" + egov-service-host: + namespace: sanitation + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master:8080/" + egf-instrument: "http://egf-instrument:8080/" + egf-voucher: "http://egf-voucher:8080/" + mdms-service-v2: http://mdms-v2.egov:8080/ + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus.egov:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + pqm: "http://pqm.sanitation:8080" + pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From d63f1b81ad2f6125d01c1b7aa80de9ca71baaf08 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 12 Dec 2023 19:13:24 +0530 Subject: [PATCH 554/742] updated secrets in sanitation-uat --- deploy-as-code/helm/environments/sanitation-uat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 813c39e5e7..b97385dfac 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: sanitation + namespace: [ egov, sanitation ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -40,7 +40,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: sanitation + namespace: [ egov, sanitation ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" From fa5cb71781832d58a7a788ff742176f0f4b80048 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 12 Dec 2023 19:42:18 +0530 Subject: [PATCH 555/742] Update sanitation-uat.yaml (#2184) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index b97385dfac..db7bac9eaf 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -136,6 +136,7 @@ cluster-configs: vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" pqm: "http://pqm.sanitation:8080" + pqm-service: "http://pqm-service.sanitation:8080" pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ From 9ae126dde31a02f9a9ae77fca22418e85a21a719 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:17:31 +0530 Subject: [PATCH 556/742] added new healm charts for health namespace (#2193) Co-authored-by: Harish-egov --- deploy-as-code/helm/charts/common/values.yaml | 15 +- .../health-attendance/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../health-attendance/templates/ingress.yaml | 2 + .../health-attendance/templates/service.yaml | 2 + .../health-attendance/values.yaml | 128 +++++++++ .../health-individual/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../health-individual/templates/ingress.yaml | 2 + .../health-individual/templates/service.yaml | 2 + .../health-individual/values.yaml | 157 +++++++++++ .../health-pgr-services/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../health-pgr-services/values.yaml | 172 ++++++++++++ .../health-services/health-project/Chart.yaml | 26 ++ .../health-project/templates/deployment.yaml | 2 + .../health-project/templates/ingress.yaml | 2 + .../health-project/templates/service.yaml | 2 + .../health-project/values.yaml | 248 ++++++++++++++++++ .../helm/environments/unified-health-qa.yaml | 1 + 22 files changed, 845 insertions(+), 4 deletions(-) create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/values.yaml diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index a550d2ae8f..6bbf912586 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,12 +38,19 @@ initContainers: tag: latest env: | - name: "DB_URL" - valueFrom: - configMapKeyRef: + value: {{- if eq .Values.namespace "health" }} + valueFrom: + configMapKeyRef: name: egov-config - key: db-url + key: health-db-url + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + {{- end }} - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - name: "FLYWAY_USER" valueFrom: secretKeyRef: diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml new file mode 100644 index 0000000000..df77fa831c --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-attendance +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml new file mode 100644 index 0000000000..1011779f0d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml @@ -0,0 +1,128 @@ +# Common Labels +labels: + app: "health-attendance" + group: "digit-works" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "health-attendance" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "attendance_schema" + image: + repository: "health-attendance-db" + +# Container Configs +image: + repository: "health-attendance" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-attendance/health" + readinessProbePath: "/health-attendance/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-attendance" + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /attendance + - name: SERVER_SERVLET_CONTEXT-PATH + value: /attendance + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: ATTENDANCE_LOG_KAFKA_CREATE_TOPIC + value: "save-attendance-log" + - name: ATTENDANCE_LOG_KAFKA_UPDATE_TOPIC + value: "update-attendance-log" + - name: ATTENDANCE_REGISTER_KAFKA_CREATE_TOPIC + value: "save-attendance" + - name: ATTENDANCE_REGISTER_KAFKA_UPDATE_TOPIC + value: "update-attendance" + - name: ATTENDANCE_STAFF_KAFKA_CREATE_TOPIC + value: "save-staff" + - name: ATTENDANCE_STAFF_KAFKA_UPDATE_TOPIC + value: "update-staff" + - name: ATTENDANCE_ATTENDEE_KAFKA_CREATE_TOPIC + value: "save-attendee" + - name: ATTENDANCE_ATTENDEE_KAFKA_UPDATE_TOPIC + value: "update-attendee" + {{- if index .Values "attendance-register-default-offset" }} + - name: ATTENDANCE_REGISTER_DEFAULT_OFFSET + value: {{ index .Values "attendance-register-default-offset" | quote }} + {{- end }} + {{- if index .Values "attendance-register-default-limit" }} + - name: ATTENDANCE_REGISTER_DEFAULT_LIMIT + value: {{ index .Values "attendance-register-default-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-register-search-max-limit" }} + - name: ATTENDANCE_REGISTER_SEARCH_MAX_LIMIT + value: {{ index .Values "attendance-register-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-individual-service-integration-required" }} + - name: ATTENDANCE_INDIVIDUAL_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-individual-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-staff-service-integration-required" }} + - name: ATTENDANCE_STAFF_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-staff-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-document-id-verification-required" }} + - name: ATTENDANCE_DOCUMENT_ID_VERIFICATION_REQUIRED + value: {{ index .Values "attendance-document-id-verification-required" | quote }} + {{- end }} + {{- if index .Values "attendance-register-open-search-enabled-roles" }} + - name: ATTENDANCE_REGISTER_OPEN_SEARCH_ENABLED_ROLES + value: {{ index .Values "attendance-register-open-search-enabled-roles" | quote }} + {{- end }} + {{- if index .Values "works-individual-search-endpoint" }} + - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT + value: {{ index .Values "works-individual-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "organisation-contact-details-update-topic" }} + - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC + value: {{ index .Values "organisation-contact-details-update-topic" | quote }} + {{- end }} + {{- if index .Values "contracts-revision-topic" }} + - name: CONTRACTS_REVISION_TOPIC + value: {{ index .Values "contracts-revision-topic" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml new file mode 100644 index 0000000000..2d818ea4a1 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-individual +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml new file mode 100644 index 0000000000..04d43b9e3a --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml @@ -0,0 +1,157 @@ +# Common Labels +labels: + app: "health-individual" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "health-individual" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "individual_schema" + image: + repository: "health-individual-db" + +# Container Configs +image: + repository: "health-individual" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-individual/health" + readinessProbePath: "/health-individual/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-individual" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-individual + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: IDGEN.INDIVIDUAL.ID.FORMAT + value: "individual.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC + value: "individual-consumer-bulk-create-topic" + - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC + value: "individual-consumer-bulk-update-topic" + - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC + value: "individual-consumer-bulk-delete-topic" + - name: INDIVIDUAL.PRODUCER.SAVE.TOPIC + value: "save-individual-topic" + - name: INDIVIDUAL.PRODUCER.UPDATE.TOPIC + value: "update-individual-topic" + - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC + value: "delete-individual-topic" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} + {{- if index .Values "notification-sms-disabled-roles" }} + - name: NOTIFICATION_SMS_DISABLED_ROLES + value: {{ index .Values "notification-sms-disabled-roles" | quote }} + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_ENC_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_ENC_ENCRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_encrypt" + - name: EGOV_ENC_DECRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_decrypt" + - name: AADHAAR_PATTERN + value: "\\d{12}" + - name: MOBILE_PATTERN + value: "\\d+" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_CREATE_USER_URL + value: "/user/users/_createnovalidate" + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_UPDATE_USER_URL + value: "/user/users/_updatenovalidate" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: USER_SYNC_ENABLED + value: "true" + - name: USER_SERVICE_USER_TYPE + value: "CITIZEN" + - name: USER_SERVICE_ACCOUNT_LOCKED + value: "false" + - name: INDIVIDUAL_PRODUCER_UPDATE_USER_ID_TOPIC + value: "update-user-id-topic" + - name: NOTIFICATION_SMS_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml new file mode 100644 index 0000000000..dad869be1b --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-pgr-services +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml new file mode 100644 index 0000000000..d87f55253e --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml @@ -0,0 +1,172 @@ +# Common Labels +labels: + app: "-health-pgr-services" + group: "rainmaker" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "health-pgr-services" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "pgr_services_schema" + image: + repository: "health-pgr-services-db" + +# Container Configs +image: + repository: "health-pgr-services" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-pgr-services/health" + readinessProbePath: "/health-pgr-services/health" +appType: "java-spring" +tracing-enabled: true +notification-sms-enabled: "true" +notification-email-enabled: "false" +new-complaint-enabled: "true" +reassign-complaint-enabled: "true" +reopen-complaint-enabled: "true" +comment-by-employee-notif-enabled: "false" +notification-allowed-status: "open,assigned,rejected,resolved" +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-pgr-services" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-pgr-services + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_INFRA_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher + - name: EGOV_COMMON_MASTERS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-common-masters + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: NOTIFICATION_SMS_ENABLED + value: {{ index .Values "notification-sms-enabled" | quote }} + - name: NOTIFICATION_EMAIL_ENABLED + value: {{ index .Values "notification-email-enabled" | quote }} + - name: NEW_COMPLAINT_ENABLED + value: {{ index .Values "new-complaint-enabled" | quote }} + - name: REASSIGN_COMPLAINT_ENABLED + value: {{ index .Values "reassign-complaint-enabled" | quote }} + - name: REOPEN_COMPLAINT_ENABLED + value: {{ index .Values "reopen-complaint-enabled" | quote }} + - name: COMMENT_BY_EMPLOYEE_NOTIF_ENABLED + value: {{ index .Values "comment-by-employee-notif-enabled" | quote }} + - name: EGOV_PGR_APP_PLAYSTORE_LINK + value: "https://goo.gl/ArDyQ1" + - name: NOTIFICATION_ALLOWED_ON_STATUS + value: {{ index .Values "notification-allowed-status" | quote }} + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_USR_EVENTS_NOTIFICATION_ENABLED + value: "true" + - name: EGOV_USR_EVENTS_CREATE_TOPIC + value: "persist-user-events-async" + - name: EGOV_USR_EVENTS_RATE_LINK + value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=feedback/$servicerequestid" + - name: EGOV_USR_EVENTS_REOPEN_LINK + value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=reopen-complaint/$servicerequestid" + - name: EGOV_USR_EVENTS_RATE_CODE + value: "RATE" + - name: EGOV_USR_EVENTS_REOPEN_CODE + value: "REOPEN" + - name: PGR_STATELEVEL_TENANTID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "time-before-closing-complaint" }} + - name: PGR_COMPLAIN_IDLE_TIME + value: {{ index .Values "time-before-closing-complaint" | quote }} + {{- end }} + + + diff --git a/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml new file mode 100644 index 0000000000..4e1f905962 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-project +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml new file mode 100644 index 0000000000..880e6d00ca --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/values.yaml @@ -0,0 +1,248 @@ +# Common Labels +labels: + app: "health-project" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "health-project" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "project_schema" + image: + repository: "health-project-db" + +# Container Configs +image: + repository: "health-project" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-project/health" + readinessProbePath: "/health-project/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-project" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-project + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: PROJECT.STAFF.IDGEN.ID.FORMAT + value: "project.staff.id" + - name: PROJECT.FACILITY.IDGEN.ID.FORMAT + value: "project.facility.id" + - name: PROJECT.TASK.IDGEN.ID.FORMAT + value: "project.task.id" + - name: IDGEN.PROJECT.BENEFICIARY.ID.FORMAT + value: "project.beneficiary.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /project + - name: SERVER_SERVLET_CONTEXT-PATH + value: /project + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "project_master" + - name: EGOV_MDMS_MODULE_NAME + value: "project" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: PROJECT.TASK.KAFKA.CREATE.TOPIC + value: "save-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.UPDATE.TOPIC + value: "update-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.DELETE.TOPIC + value: "delete-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-task-bulk-topic" + - name: PROJECT.BENEFICIARY.KAFKA.CREATE.TOPIC + value: "save-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.UPDATE.TOPIC + value: "update-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.DELETE.TOPIC + value: "delete-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.CREATE.TOPIC + value: "project-beneficiary-consumer-bulk-create-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.UPDATE.TOPIC + value: "project-beneficiary-consumer-bulk-update-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.DELETE.TOPIC + value: "project-beneficiary-consumer-bulk-delete-topic" + - name: PROJECT.STAFF.KAFKA.DELETE.TOPIC + value: "delete-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.CREATE.TOPIC + value: "save-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.UPDATE.TOPIC + value: "update-project-staff-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-staff-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: PROJECT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC + value: "save-project" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC + value: "update-project" + {{- if index .Values "project-default-offset" }} + - name: PROJECT.DEFAULT.OFFSET + value: {{ index .Values "project-default-offset" | quote }} + {{- end }} + {{- if index .Values "project-default-limit" }} + - name: PROJECT.DEFAULT.LIMIT + value: {{ index .Values "project-default-limit" | quote }} + {{- end }} + {{- if index .Values "project-search-max-limit" }} + - name: PROJECT.SEARCH.MAX.LIMIT + value: {{ index .Values "project-search-max-limit" | quote }} + {{- end }} + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: PROJECT.RESOURCE.KAFKA.CREATE.TOPIC + value: "save-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.UPDATE.TOPIC + value: "update-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.DELETE.TOPIC + value: "delete-project-resource-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-resource-bulk-topic" + - name: PROJECT.FACILITY.KAFKA.DELETE.TOPIC + value: "delete-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.CREATE.TOPIC + value: "save-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.UPDATE.TOPIC + value: "update-project-facility-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-facility-bulk-topic" + - name: EGOV.USER.ID.VALIDATOR + value: egov-user + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 9d6d1e1073..8590c9cb2c 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -16,6 +16,7 @@ cluster-configs: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name state-level-tenant-id: "pg" From e5ba65470bb3a269c9c5004c74e25c87365badce Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 13 Dec 2023 17:29:57 +0530 Subject: [PATCH 557/742] Update mdms path (#2194) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index db7bac9eaf..801cedd4a7 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -72,7 +72,7 @@ cluster-configs: egov-idgen: "http://egov-idgen.egov:8080/" egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 3a51ee662686b8bc94fe3b6f534e7170f7a83645 Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Wed, 13 Dec 2023 18:49:30 +0530 Subject: [PATCH 558/742] Added health db url Updated the unified-health-uat (#2195) --- deploy-as-code/helm/environments/unified-health-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 905e366f43..1db1bf40d3 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -41,6 +41,7 @@ cluster-configs: tracer-errors-provideexceptionindetails: "true" egov-bnd-freedownload-tenants: "pg.testing" egov-bnd-live-citizen-tenants: "pg.testing" + health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo egov-service-host: namespace: [ egov, monitoring, health ] From 1f6cb08cfc45888751bccbe6aae5aab24947e850 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 13 Dec 2023 19:02:44 +0530 Subject: [PATCH 559/742] Revert "added new healm charts for health namespace (#2193)" (#2196) This reverts commit 9ae126dde31a02f9a9ae77fca22418e85a21a719. --- deploy-as-code/helm/charts/common/values.yaml | 15 +- .../health-attendance/Chart.yaml | 26 -- .../templates/deployment.yaml | 2 - .../health-attendance/templates/ingress.yaml | 2 - .../health-attendance/templates/service.yaml | 2 - .../health-attendance/values.yaml | 128 --------- .../health-individual/Chart.yaml | 26 -- .../templates/deployment.yaml | 2 - .../health-individual/templates/ingress.yaml | 2 - .../health-individual/templates/service.yaml | 2 - .../health-individual/values.yaml | 157 ----------- .../health-pgr-services/Chart.yaml | 26 -- .../templates/deployment.yaml | 2 - .../templates/ingress.yaml | 2 - .../templates/service.yaml | 2 - .../health-pgr-services/values.yaml | 172 ------------ .../health-services/health-project/Chart.yaml | 26 -- .../health-project/templates/deployment.yaml | 2 - .../health-project/templates/ingress.yaml | 2 - .../health-project/templates/service.yaml | 2 - .../health-project/values.yaml | 248 ------------------ .../helm/environments/unified-health-qa.yaml | 1 - 22 files changed, 4 insertions(+), 845 deletions(-) delete mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/values.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-individual/values.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-project/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/health-services/health-project/values.yaml diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index 6bbf912586..a550d2ae8f 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,19 +38,12 @@ initContainers: tag: latest env: | - name: "DB_URL" - value: {{- if eq .Values.namespace "health" }} - valueFrom: - configMapKeyRef: + valueFrom: + configMapKeyRef: name: egov-config - key: health-db-url - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - {{- end }} + key: db-url - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - name: "FLYWAY_USER" valueFrom: secretKeyRef: diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml deleted file mode 100644 index df77fa831c..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: health-attendance -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../../common diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml deleted file mode 100644 index 1011779f0d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml +++ /dev/null @@ -1,128 +0,0 @@ -# Common Labels -labels: - app: "health-attendance" - group: "digit-works" - -namespace: health - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "health-attendance" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "attendance_schema" - image: - repository: "health-attendance-db" - -# Container Configs -image: - repository: "health-attendance" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health-attendance/health" - readinessProbePath: "/health-attendance/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: SERVER_SERVLET_CONTEXT_PATH - value: "/health-attendance" - - name: SERVER_PORT - value: "8080" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: SERVER_CONTEXT_PATH - value: /attendance - - name: SERVER_SERVLET_CONTEXT-PATH - value: /attendance - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: WORKS_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - {{- if index .Values "java-enable-debug" }} - - name: JAVA_ENABLE_DEBUG - value: "true" - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: ATTENDANCE_LOG_KAFKA_CREATE_TOPIC - value: "save-attendance-log" - - name: ATTENDANCE_LOG_KAFKA_UPDATE_TOPIC - value: "update-attendance-log" - - name: ATTENDANCE_REGISTER_KAFKA_CREATE_TOPIC - value: "save-attendance" - - name: ATTENDANCE_REGISTER_KAFKA_UPDATE_TOPIC - value: "update-attendance" - - name: ATTENDANCE_STAFF_KAFKA_CREATE_TOPIC - value: "save-staff" - - name: ATTENDANCE_STAFF_KAFKA_UPDATE_TOPIC - value: "update-staff" - - name: ATTENDANCE_ATTENDEE_KAFKA_CREATE_TOPIC - value: "save-attendee" - - name: ATTENDANCE_ATTENDEE_KAFKA_UPDATE_TOPIC - value: "update-attendee" - {{- if index .Values "attendance-register-default-offset" }} - - name: ATTENDANCE_REGISTER_DEFAULT_OFFSET - value: {{ index .Values "attendance-register-default-offset" | quote }} - {{- end }} - {{- if index .Values "attendance-register-default-limit" }} - - name: ATTENDANCE_REGISTER_DEFAULT_LIMIT - value: {{ index .Values "attendance-register-default-limit" | quote }} - {{- end }} - {{- if index .Values "attendance-register-search-max-limit" }} - - name: ATTENDANCE_REGISTER_SEARCH_MAX_LIMIT - value: {{ index .Values "attendance-register-search-max-limit" | quote }} - {{- end }} - {{- if index .Values "attendance-individual-service-integration-required" }} - - name: ATTENDANCE_INDIVIDUAL_SERVICE_INTEGRATION_REQUIRED - value: {{ index .Values "attendance-individual-service-integration-required" | quote }} - {{- end }} - {{- if index .Values "attendance-staff-service-integration-required" }} - - name: ATTENDANCE_STAFF_SERVICE_INTEGRATION_REQUIRED - value: {{ index .Values "attendance-staff-service-integration-required" | quote }} - {{- end }} - {{- if index .Values "attendance-document-id-verification-required" }} - - name: ATTENDANCE_DOCUMENT_ID_VERIFICATION_REQUIRED - value: {{ index .Values "attendance-document-id-verification-required" | quote }} - {{- end }} - {{- if index .Values "attendance-register-open-search-enabled-roles" }} - - name: ATTENDANCE_REGISTER_OPEN_SEARCH_ENABLED_ROLES - value: {{ index .Values "attendance-register-open-search-enabled-roles" | quote }} - {{- end }} - {{- if index .Values "works-individual-search-endpoint" }} - - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT - value: {{ index .Values "works-individual-search-endpoint" | quote }} - {{- end }} - {{- if index .Values "organisation-contact-details-update-topic" }} - - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC - value: {{ index .Values "organisation-contact-details-update-topic" | quote }} - {{- end }} - {{- if index .Values "contracts-revision-topic" }} - - name: CONTRACTS_REVISION_TOPIC - value: {{ index .Values "contracts-revision-topic" | quote }} - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml deleted file mode 100644 index 2d818ea4a1..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: health-individual -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml deleted file mode 100644 index 04d43b9e3a..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml +++ /dev/null @@ -1,157 +0,0 @@ -# Common Labels -labels: - app: "health-individual" - group: "core" - -namespace: health - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "health-individual" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "individual_schema" - image: - repository: "health-individual-db" - -# Container Configs -image: - repository: "health-individual" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health-individual/health" - readinessProbePath: "/health-individual/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: SERVER_SERVLET_CONTEXT_PATH - value: "/health-individual" - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: health-individual - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_IDGEN_PATH - value: "egov-idgen/id/_generate" - - name: EGOV_IDGEN_INTEGRATION_ENABLED - value: "true" - - name: IDGEN.INDIVIDUAL.ID.FORMAT - value: "individual.id" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC - value: "individual-consumer-bulk-create-topic" - - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC - value: "individual-consumer-bulk-update-topic" - - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC - value: "individual-consumer-bulk-delete-topic" - - name: INDIVIDUAL.PRODUCER.SAVE.TOPIC - value: "save-individual-topic" - - name: INDIVIDUAL.PRODUCER.UPDATE.TOPIC - value: "update-individual-topic" - - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC - value: "delete-individual-topic" - - name: KAFKA_TOPICS_NOTIFICATION_SMS - value: "egov.core.notification.sms" - {{- if index .Values "state-level-tenant-id" }} - - name: STATE_LEVEL_TENANT_ID - value: {{ index .Values "state-level-tenant-id" | quote }} - {{- end }} - {{- if index .Values "notification-sms-disabled-roles" }} - - name: NOTIFICATION_SMS_DISABLED_ROLES - value: {{ index .Values "notification-sms-disabled-roles" | quote }} - {{- end }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: "/egov-mdms-service/v1/_search" - - name: EGOV_ENC_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-enc-service - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_ENC_ENCRYPT_ENDPOINT - value: "/egov-enc-service/crypto/v1/_encrypt" - - name: EGOV_ENC_DECRYPT_ENDPOINT - value: "/egov-enc-service/crypto/v1/_decrypt" - - name: AADHAAR_PATTERN - value: "\\d{12}" - - name: MOBILE_PATTERN - value: "\\d+" - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: EGOV_CREATE_USER_URL - value: "/user/users/_createnovalidate" - - name: EGOV_SEARCH_USER_URL - value: "/user/_search" - - name: EGOV_UPDATE_USER_URL - value: "/user/users/_updatenovalidate" - - name: EGOV_USER_INTEGRATION_ENABLED - value: "true" - - name: USER_SYNC_ENABLED - value: "true" - - name: USER_SERVICE_USER_TYPE - value: "CITIZEN" - - name: USER_SERVICE_ACCOUNT_LOCKED - value: "false" - - name: INDIVIDUAL_PRODUCER_UPDATE_USER_ID_TOPIC - value: "update-user-id-topic" - - name: NOTIFICATION_SMS_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml deleted file mode 100644 index dad869be1b..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: health-pgr-services -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml deleted file mode 100644 index d87f55253e..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml +++ /dev/null @@ -1,172 +0,0 @@ -# Common Labels -labels: - app: "-health-pgr-services" - group: "rainmaker" - -namespace: health - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "health-pgr-services" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "pgr_services_schema" - image: - repository: "health-pgr-services-db" - -# Container Configs -image: - repository: "health-pgr-services" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health-pgr-services/health" - readinessProbePath: "/health-pgr-services/health" -appType: "java-spring" -tracing-enabled: true -notification-sms-enabled: "true" -notification-email-enabled: "false" -new-complaint-enabled: "true" -reassign-complaint-enabled: "true" -reopen-complaint-enabled: "true" -comment-by-employee-notif-enabled: "false" -notification-allowed-status: "open,assigned,rejected,resolved" -heap: "-Xmx192m -Xms192m" -java-args: "-Dspring.profiles.active=monitoring" - -# Additional Container Envs -env: | - - name: SERVER_SERVLET_CONTEXT_PATH - value: "/health-pgr-services" - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: egov-pgr-services - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "serializers-timezone-in-ist" }} - - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER - value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_WORKFLOW_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-workflow-v2 - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_LOCALIZATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-localization - - name: EGOV_INFRA_SEARCHER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-searcher - - name: EGOV_COMMON_MASTERS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-common-masters - - name: EGOV_FILESTORE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-filestore - - name: EGOV_UI_APP_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user - - name: NOTIFICATION_SMS_ENABLED - value: {{ index .Values "notification-sms-enabled" | quote }} - - name: NOTIFICATION_EMAIL_ENABLED - value: {{ index .Values "notification-email-enabled" | quote }} - - name: NEW_COMPLAINT_ENABLED - value: {{ index .Values "new-complaint-enabled" | quote }} - - name: REASSIGN_COMPLAINT_ENABLED - value: {{ index .Values "reassign-complaint-enabled" | quote }} - - name: REOPEN_COMPLAINT_ENABLED - value: {{ index .Values "reopen-complaint-enabled" | quote }} - - name: COMMENT_BY_EMPLOYEE_NOTIF_ENABLED - value: {{ index .Values "comment-by-employee-notif-enabled" | quote }} - - name: EGOV_PGR_APP_PLAYSTORE_LINK - value: "https://goo.gl/ArDyQ1" - - name: NOTIFICATION_ALLOWED_ON_STATUS - value: {{ index .Values "notification-allowed-status" | quote }} - - name: EGOV_HRMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-hrms - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_USR_EVENTS_NOTIFICATION_ENABLED - value: "true" - - name: EGOV_USR_EVENTS_CREATE_TOPIC - value: "persist-user-events-async" - - name: EGOV_USR_EVENTS_RATE_LINK - value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=feedback/$servicerequestid" - - name: EGOV_USR_EVENTS_REOPEN_LINK - value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=reopen-complaint/$servicerequestid" - - name: EGOV_USR_EVENTS_RATE_CODE - value: "RATE" - - name: EGOV_USR_EVENTS_REOPEN_CODE - value: "REOPEN" - - name: PGR_STATELEVEL_TENANTID - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-state-level-tenant-id - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - {{- if index .Values "time-before-closing-complaint" }} - - name: PGR_COMPLAIN_IDLE_TIME - value: {{ index .Values "time-before-closing-complaint" | quote }} - {{- end }} - - - diff --git a/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml deleted file mode 100644 index 4e1f905962..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: health-project -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml deleted file mode 100644 index 880e6d00ca..0000000000 --- a/deploy-as-code/helm/charts/health-services/health-project/values.yaml +++ /dev/null @@ -1,248 +0,0 @@ -# Common Labels -labels: - app: "health-project" - group: "core" - -namespace: health - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "health-project" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "project_schema" - image: - repository: "health-project-db" - -# Container Configs -image: - repository: "health-project" -replicas: "1" -healthChecks: - enabled: true - livenessProbePath: "/health-project/health" - readinessProbePath: "/health-project/health" -appType: "java-spring" -tracing-enabled: true -heap: "-Xmx192m -Xms192m" -java-args: "" - -# Additional Container Envs -env: | - - name: SERVER_SERVLET_CONTEXT_PATH - value: "/health-project" - - name: SPRING_KAFKA_CONSUMER_GROUP_ID - value: health-project - - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER - value: org.apache.kafka.common.serialization.StringSerializer - {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} - - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS - valueFrom: - configMapKeyRef: - name: egov-config - key: tracer-errors-provideexceptionindetails - {{- end }} - - name: EGOV_IDGEN_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-idgen - - name: EGOV_IDGEN_PATH - value: "egov-idgen/id/_generate" - - name: EGOV_IDGEN_INTEGRATION_ENABLED - value: "true" - - name: PROJECT.STAFF.IDGEN.ID.FORMAT - value: "project.staff.id" - - name: PROJECT.FACILITY.IDGEN.ID.FORMAT - value: "project.facility.id" - - name: PROJECT.TASK.IDGEN.ID.FORMAT - value: "project.task.id" - - name: IDGEN.PROJECT.BENEFICIARY.ID.FORMAT - value: "project.beneficiary.id" - - name: SPRING_REDIS_HOST - value: redis.backbone - - name: SPRING_REDIS_PORT - value: "6379" - - name: SPRING_CACHE_TYPE - value: "redis" - - name: SPRING_CACHE_REDIS_TIME-TO-LIVE - value: "60" - - name: SPRING_CACHE_AUTOEXPIRY - value: "true" - - name: JAVA_OPTS - value: {{ index .Values "heap" | quote }} - - name: JAVA_ARGS - value: {{ index .Values "java-args" | quote }} - - name: JAVA_ENABLE_DEBUG - value: {{ index .Values "java-enable-debug" | quote }} - - name: SERVER_PORT - value: "8080" - - name: SECURITY_BASIC_ENABLED - value: "false" - - name: EGOV_USER_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-user-egov - - name: EGOV_SEARCH_USER_URL - value: "/user/_search" - - name: EGOV_USER_INTEGRATION_ENABLED - value: "true" - - name: MANAGEMENT_SECURITY_ENABLED - value: "false" - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - - name: SERVER_CONTEXT_PATH - value: /project - - name: SERVER_SERVLET_CONTEXT-PATH - value: /project - - name: EGOV_LOCATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-location - - name: EGOV_LOCATION_CONTEXT_PATH - value: "/egov-location/location/v11" - - name: EGOV_LOCATION_ENDPOINT - value: "/boundarys/_search" - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: EGOV_MDMS_SEARCH_ENDPOINT - value: "/egov-mdms-service/v1/_search" - - name: EGOV_MDMS_INTEGRATION_ENABLED - value: "true" - - name: EGOV_MDMS_MASTER_NAME - value: "project_master" - - name: EGOV_MDMS_MODULE_NAME - value: "project" - - name: EGOV_HOUSEHOLD_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: household - - name: EGOV_SEARCH_HOUSEHOLD_URL - value: "/household/v1/_search" - - name: EGOV_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - - name: EGOV_SEARCH_INDIVIDUAL_URL - value: "/individual/v1/_search" - - name: EGOV_PRODUCT_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: product - - name: EGOV_SEARCH_PRODUCT_VARIANT_URL - value: "/product/variant/v1/_search" - - name: PROJECT.TASK.KAFKA.CREATE.TOPIC - value: "save-project-task-topic" - - name: PROJECT.TASK.CONSUMER.BULK.CREATE.TOPIC - value: "save-project-task-bulk-topic" - - name: PROJECT.TASK.KAFKA.UPDATE.TOPIC - value: "update-project-task-topic" - - name: PROJECT.TASK.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-task-bulk-topic" - - name: PROJECT.TASK.KAFKA.DELETE.TOPIC - value: "delete-project-task-topic" - - name: PROJECT.TASK.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-task-bulk-topic" - - name: PROJECT.BENEFICIARY.KAFKA.CREATE.TOPIC - value: "save-project-beneficiary-topic" - - name: PROJECT.BENEFICIARY.KAFKA.UPDATE.TOPIC - value: "update-project-beneficiary-topic" - - name: PROJECT.BENEFICIARY.KAFKA.DELETE.TOPIC - value: "delete-project-beneficiary-topic" - - name: PROJECT.BENEFICIARY.CONSUMER.BULK.CREATE.TOPIC - value: "project-beneficiary-consumer-bulk-create-topic" - - name: PROJECT.BENEFICIARY.CONSUMER.BULK.UPDATE.TOPIC - value: "project-beneficiary-consumer-bulk-update-topic" - - name: PROJECT.BENEFICIARY.CONSUMER.BULK.DELETE.TOPIC - value: "project-beneficiary-consumer-bulk-delete-topic" - - name: PROJECT.STAFF.KAFKA.DELETE.TOPIC - value: "delete-project-staff-topic" - - name: PROJECT.STAFF.KAFKA.CREATE.TOPIC - value: "save-project-staff-topic" - - name: PROJECT.STAFF.KAFKA.UPDATE.TOPIC - value: "update-project-staff-topic" - - name: PROJECT.STAFF.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-staff-bulk-topic" - - name: PROJECT.STAFF.CONSUMER.BULK.CREATE.TOPIC - value: "create-project-staff-bulk-topic" - - name: PROJECT.STAFF.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-staff-bulk-topic" - - name: SEARCH_API_LIMIT - value: "1000" - - name: PROJECT.DOCUMENT.ID.VERIFICATION.REQUIRED - value: "false" - - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC - value: "save-project" - - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC - value: "update-project" - {{- if index .Values "project-default-offset" }} - - name: PROJECT.DEFAULT.OFFSET - value: {{ index .Values "project-default-offset" | quote }} - {{- end }} - {{- if index .Values "project-default-limit" }} - - name: PROJECT.DEFAULT.LIMIT - value: {{ index .Values "project-default-limit" | quote }} - {{- end }} - {{- if index .Values "project-search-max-limit" }} - - name: PROJECT.SEARCH.MAX.LIMIT - value: {{ index .Values "project-search-max-limit" | quote }} - {{- end }} - - name: EGOV.IDGEN.PROJECT.NUMBER.NAME - value: "project.number" - - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT - value: "project.resource.id" - - name: PROJECT.RESOURCE.KAFKA.CREATE.TOPIC - value: "save-project-resource-topic" - - name: PROJECT.RESOURCE.KAFKA.UPDATE.TOPIC - value: "update-project-resource-topic" - - name: PROJECT.RESOURCE.KAFKA.DELETE.TOPIC - value: "delete-project-resource-topic" - - name: PROJECT.RESOURCE.CONSUMER.BULK.CREATE.TOPIC - value: "save-project-resource-bulk-topic" - - name: PROJECT.RESOURCE.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-resource-bulk-topic" - - name: PROJECT.RESOURCE.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-resource-bulk-topic" - - name: PROJECT.FACILITY.KAFKA.DELETE.TOPIC - value: "delete-project-facility-topic" - - name: PROJECT.FACILITY.KAFKA.CREATE.TOPIC - value: "save-project-facility-topic" - - name: PROJECT.FACILITY.KAFKA.UPDATE.TOPIC - value: "update-project-facility-topic" - - name: PROJECT.FACILITY.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-facility-bulk-topic" - - name: PROJECT.FACILITY.CONSUMER.BULK.CREATE.TOPIC - value: "create-project-facility-bulk-topic" - - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-facility-bulk-topic" - - name: EGOV.USER.ID.VALIDATOR - value: egov-user - - name: EGOV_FACILITY_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: facility - - name: EGOV_SEARCH_FACILITY_URL - value: "/facility/v1/_search" - - name: PROJECT_MDMS_MODULE - value: "HCM-PROJECT-TYPES" - - name: EGOV_LOCATION_HIERARCHY_TYPE - value: "ADMIN" - - name: EGOV_LOCATION_CODE_QUERY_PARAM - value: "code" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 8590c9cb2c..9d6d1e1073 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -16,7 +16,6 @@ cluster-configs: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name state-level-tenant-id: "pg" From 5ab8d85be27828c7793d79bbacabd938247c8365 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Thu, 14 Dec 2023 13:13:41 +0530 Subject: [PATCH 560/742] added helm chart values in revision estimate (#2200) --- .../charts/digit-works/backend/estimates/values.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml index 2f0ffe9e4e..86cdbe86fd 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/estimates/values.yaml @@ -126,6 +126,18 @@ env: | - name: ESTIMATE_WORKFLOW_MODULE_NAME value: {{ index .Values "estimate-workflow-module-name" | quote }} {{- end }} + {{- if index .Values "estimate-revision-workflow-business-service" }} + - name: ESTIMATE_REVISION_WORKFLOW_BUSINESS_SERVICE + value: {{ index .Values "estimate-revision-workflow-business-service" | quote }} + {{- end }} + {{- if index .Values "estimate-revision-measurement-validation" }} + - name: ESTIMATE_REVISION_MEASUREMENT_VALIDATION + value: {{ index .Values "estimate-revision-measurement-validation" | quote }} + {{- end }} + {{- if index .Values "estimate-revision-max-limit" }} + - name: ESTIMATE_REVISION_MAX_LIMIT + value: {{ index .Values "estimate-revision-max-limit" | quote }} + {{- end }} - name: WORKS_PROJECT_SERVICE_HOST valueFrom: configMapKeyRef: From 966282fa976f14eb2281545dd5653d2d3ae587c8 Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Thu, 14 Dec 2023 14:18:37 +0530 Subject: [PATCH 561/742] Added config for inbox in unified-uat (#2202) --- deploy-as-code/helm/environments/unified-uat.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 93b9ecac38..27480d64d0 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -206,6 +206,15 @@ egov-filestore: filestore-url-validity: 3600 fixed-bucketname: unified-uat-filestore ## Add filestore bucket name +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring From 38a41e6d24c4a7bb56a043bf6da3749b40883ae5 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 14 Dec 2023 14:48:43 +0530 Subject: [PATCH 562/742] adding path in devops (#2198) --- deploy-as-code/helm/environments/unified-uat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 27480d64d0..93604ecbb8 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -338,13 +338,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 713a5032440c5148417e4fbfeb4cb60ad5d90cbe Mon Sep 17 00:00:00 2001 From: KeerthiBhaskara-eGov <103185483+KeerthiBhaskara-eGov@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:02:19 +0530 Subject: [PATCH 563/742] Added estimate service changes (#2201) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index cdfda80b63..f2f54ca995 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -179,6 +179,9 @@ estimate-service: estimate-default-limit: 100 estimate-search-max-limit: 200 estimate-workflow-business-service: "ESTIMATE" + estimate-revision-workflow-business-service: "REVISION-ESTIMATE" + estimate-revision-measurement-validation: "true" + estimate-revision-max-limit: 3 loi-service: tracing-enabled: true From 431a767eafc877ee9e01ccc6a50fb443e71cd533 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:11:41 +0530 Subject: [PATCH 564/742] added path for configs for mb pdf (#2203) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index fb63ef8d9a..816da77fde 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -453,8 +453,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From c8c28d7a9aed6a9581e5605baf3805059173c85c Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Thu, 14 Dec 2023 15:30:45 +0530 Subject: [PATCH 565/742] devops path (#2205) * devops path * path add in qa --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 0f3bd612d8..0c813c8886 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -310,12 +310,12 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From cd043cc15167dcdbfc4af4f5b3f3e99598a495ad Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 12:21:13 +0530 Subject: [PATCH 566/742] added host for mukta-services (#2207) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index 2cb8e5e8ab..c7216d3e93 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -170,6 +170,7 @@ cluster-configs: ifms-adapter: "http://ifms-adapter.works:8080/" measurement-service: "http://measurement-service.works:8080/" measurement-registry: "http://measurement-registry.works:8080/" + mukta-services: "http://mukta-services.works:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 518794500b16c89abc2b0095db68ab6031cd5baf Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 12:21:47 +0530 Subject: [PATCH 567/742] added values for EGOV_MEASUREMENT_HOST for mukta-service (#2208) --- .../charts/digit-works/utilities/works-pdf/values.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml index f28696f347..381d530862 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/works-pdf/values.yaml @@ -145,4 +145,9 @@ env: | valueFrom: configMapKeyRef: name: egov-config - key: egov-services-fqdn-name \ No newline at end of file + key: egov-services-fqdn-name + - name: EGOV_MEASUREMENT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: mukta-services From 8aa5215c7bf84a0e89c646233f1215ccd719ea81 Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 13:49:27 +0530 Subject: [PATCH 568/742] changed mdms host from mdms v2 to mdms v1 hcm-moz-impl service (#2209) * changed mdms host from mdms v2 to mdms v1 * added search path for mdms v1 --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 5a04b41d7e..c7196c7b40 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -73,7 +73,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-mdms-service + key: egov-mdms-service-legacy + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: /egov-mdms-service-legacy/v1/_search - name: EGOV_IDGEN_PATH value: "egov-idgen/id/_generate" - name: EGOV_IDGEN_INTEGRATION_ENABLED @@ -371,7 +373,7 @@ env: | - name: EGOV_KUBE_NAMESPACE value: egov - name: EGOV_KUBE_MDMS_POD - value: egov-mdms-service + value: health-mdms-v1 - name: EGOV_KUBE_IS_CLUSTER value: "true" - name: EGOV_KUBE_CLUSTER_NAME From 03054f49aa71d2195b1f856630d6af174817fba6 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 14:31:54 +0530 Subject: [PATCH 569/742] added indexer and persister configs to sanitation qa (#2210) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 42ac81ee9d..3ab6f6ad9a 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -329,12 +329,12 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From d8d6250c9737d928237c70bbfdb9b63c1318ae96 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 14:37:00 +0530 Subject: [PATCH 570/742] Update unified-uat.yaml --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 93604ecbb8..4085b506a8 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -76,7 +76,7 @@ cluster-configs: egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" + egov-mdms-create: "http://egov-mdms-create.health:8080/" egov-eis: "http://egov-eis:8080/" egov-workflow: "http://egov-workflow.egov:8080/" egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" From cd5057828995e76aa86135df7eaafe917a77340a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 15 Dec 2023 14:52:25 +0530 Subject: [PATCH 571/742] Update unified-uat.yaml --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 4085b506a8..93604ecbb8 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -76,7 +76,7 @@ cluster-configs: egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create.health:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" egov-workflow: "http://egov-workflow.egov:8080/" egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" From 200f639e21e79774f0ecc3ced1cf1ec8d62b3625 Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Fri, 15 Dec 2023 17:43:01 +0530 Subject: [PATCH 572/742] Added egov mdms master and module name (#2211) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index c7196c7b40..c3650bb857 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -356,6 +356,10 @@ env: | value: TenantBoundary - name: EGOV_BOUNDARY_MODULE_NAME value: egov-location + - name: EGOV_MDMS_MASTER_NAME + value: roles + - name: EGOV_MDMS_MODULE_NAME + value: ACCESSCONTROL-ROLES - name: EGOV_BOUNDARY_HIERARCHY_CODE value: ADMIN - name: EGOV_BOUNDARY_HIERARCHY_NAME From b9a9e9a9b8b8c7fa544b56afa8b5782b83b486a4 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Sat, 16 Dec 2023 17:36:17 +0530 Subject: [PATCH 573/742] added path of data config and format config for detailed estimate pdf (#2212) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 816da77fde..4a9af74574 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -453,8 +453,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From f1efed69c156502362ac36231e566136e4d3dc28 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 10:18:32 +0530 Subject: [PATCH 574/742] Update sanitation-uat.yaml mdms host update (#2213) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 801cedd4a7..0cae47f956 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -59,7 +59,7 @@ cluster-configs: egf-master: "http://egf-master:8080/" egf-instrument: "http://egf-instrument:8080/" egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ + mdms-service-v2: "http://health-mdms-v2.health:8080/" egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" From 88cf3c105ecdc4d28788e43d2b170b95c800196a Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:12:46 +0530 Subject: [PATCH 575/742] Added indexer path of fsm inbox (#2214) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 0c813c8886..89d18fbf47 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -310,7 +310,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml" egov-persister: replicas: 1 images: From 0193541c621cd7a75ec5e031c5609fa1e2ec7cf5 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:21:36 +0530 Subject: [PATCH 576/742] Update sanitation-uat.yaml updating mdms host (#2215) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 0cae47f956..875a37a828 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -59,7 +59,7 @@ cluster-configs: egf-master: "http://egf-master:8080/" egf-instrument: "http://egf-instrument:8080/" egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: "http://health-mdms-v2.health:8080/" + mdms-service-v2: "http://mdms-v2.egov:8080/" egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" From 7cbffa7993c8f624f72465c878b6fa6963176ede Mon Sep 17 00:00:00 2001 From: prerna-egov <137176760+prerna-egov@users.noreply.github.com> Date: Mon, 18 Dec 2023 11:33:38 +0530 Subject: [PATCH 577/742] HCM UAT :: added invidiual delete endpoint (#2216) --- .../helm/charts/health-services/health-hrms/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index 9783581365..5a95b15684 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -100,6 +100,8 @@ env: | value: /user/users/_updatenovalidate - name: EGOV_HRMS_EMPLOYEE_APP_LINK value: {{ index .Values "employee-applink" | quote }} + - name: EGOV.INDIVIDUAL.DELETE.ENDPOINT + value: /individual/v1/_delete - name: SPRING_KAFKA_CONSUMER_GROUP_ID value: employee-group1 - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER From 0ee94ce90ec44d27e0bd9729b73386e54187ce4b Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 18 Dec 2023 12:29:21 +0530 Subject: [PATCH 578/742] updated secrets namespace in the env (#2218) Co-authored-by: Harish-egov --- deploy-as-code/helm/environments/sanitation-qa.yaml | 4 ++-- deploy-as-code/helm/environments/sanitation-uat.yaml | 4 ++-- deploy-as-code/helm/environments/sanitation.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 6 +++--- deploy-as-code/helm/environments/unified-health-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-health-qa.yaml | 4 ++-- deploy-as-code/helm/environments/unified-health-uat.yaml | 4 ++-- deploy-as-code/helm/environments/unified-uat.yaml | 4 ++-- deploy-as-code/helm/environments/unified-urban-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-urban-qa.yaml | 4 ++-- deploy-as-code/helm/environments/unified-urban-uat.yaml | 4 ++-- deploy-as-code/helm/environments/unified-works-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-works-qa.yaml | 4 ++-- deploy-as-code/helm/environments/unified-works-uat.yaml | 4 ++-- 14 files changed, 29 insertions(+), 29 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index 3ab6f6ad9a..d4ce4ca96c 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation ] + namespace: [ monitoring, sanitation ] data: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, sanitation ] + namespace: [ monitoring, sanitation ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 875a37a828..f2f9574b9a 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, sanitation ] + namespace: [ monitoring, sanitation ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -40,7 +40,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, sanitation ] + namespace: [ monitoring, sanitation ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml index 833eaf7427..7aa9806149 100644 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ b/deploy-as-code/helm/environments/sanitation.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation ] + namespace: [ monitoring, sanitation ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, sanitation ] + namespace: [ monitoring, sanitation ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 4a9af74574..6ade4a2780 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -5,13 +5,13 @@ global: cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation, urban ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] root-ingress: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation ] + namespace: [ egov, monitoring ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, sanitation ] + namespace: [ egov, monitoring ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 21f97756ec..8be9c9da62 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -23,7 +23,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [egov, monitoring, health] + namespace: [ monitoring, health ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -53,7 +53,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: 'pg.testing' egov-service-host: - namespace: [egov, monitoring, health] + namespace: [ monitoring, health] data: asset-services: 'http://asset-services:8080/' asset-services-maha: 'http://asset-services-maha:8080/' diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 9d6d1e1073..9a322f833a 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, health ] + namespace: [ monitoring, health ] data: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, health ] + namespace: [ monitoring, health ] data: asset-services: 'http://asset-services:8080/' asset-services-maha: 'http://asset-services-maha:8080/' diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 1db1bf40d3..673f33259a 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, health ] + namespace: [ monitoring, health ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -44,7 +44,7 @@ cluster-configs: health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo egov-service-host: - namespace: [ egov, monitoring, health ] + namespace: [ monitoring, health ] data: asset-services: 'http://asset-services:8080/' asset-services-maha: 'http://asset-services-maha:8080/' diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 93604ecbb8..f178295e27 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, health ] + namespace: [ egov, monitoring ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -41,7 +41,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, health ] + namespace: [ egov, monitoring ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index e1c86dbbf3..1d1626183a 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -17,7 +17,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -48,7 +48,7 @@ cluster-configs: egov-service-host: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index c560e052c8..1cd9728d9c 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name @@ -42,7 +42,7 @@ cluster-configs: egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe egov-service-host: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml index 89689f5e0f..bee3b7ce3e 100644 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ b/deploy-as-code/helm/environments/unified-urban-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -42,7 +42,7 @@ cluster-configs: egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe egov-service-host: - namespace: [ egov, monitoring, urban ] + namespace: [ monitoring, urban ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index c7216d3e93..d304983759 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, sanitation, works ] + namespace: [ monitoring, works ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -42,7 +42,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, sanitation, works ] + namespace: [ monitoring, works ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index f2f54ca995..83460a3430 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, works ] + namespace: [ monitoring, works ] data: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name @@ -42,7 +42,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, works ] + namespace: [ monitoring, works ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml index f93bb1de45..fe016c8940 100644 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ b/deploy-as-code/helm/environments/unified-works-uat.yaml @@ -11,7 +11,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ egov, monitoring, works ] + namespace: [ monitoring, works ] data: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name @@ -42,7 +42,7 @@ cluster-configs: egov-bnd-live-citizen-tenants: "pg.testing" egov-service-host: - namespace: [ egov, monitoring, works ] + namespace: [ monitoring, works ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" From 6a04de4297bca1c4f8735d765d2518d5c8d16ab0 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 12:29:36 +0530 Subject: [PATCH 579/742] PFM-4468 Organisation encryption host and state level tenant id (#2217) --- .../digit-works/backend/organisation/values.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml index 8edcd25b6d..6ecaa74469 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/organisation/values.yaml @@ -88,6 +88,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-hrms + - name: EGOV_ENC_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service - name: ORG_KAFKA_CREATE_TOPIC value: "save-org" - name: ORG_KAFKA_UPDATE_TOPIC @@ -135,3 +140,8 @@ env: | - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC value: {{ index .Values "organisation-contact-details-update-topic" | quote }} {{- end }} + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id From f8598ded25ed33684b9905ddb2bcb41dfaa41f3a Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 12:42:43 +0530 Subject: [PATCH 580/742] Update sanitation-uat.yaml updating mdms v1 host (#2219) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index f2f9574b9a..c31cca44fa 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -72,7 +72,7 @@ cluster-configs: egov-idgen: "http://egov-idgen.egov:8080/" egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://health-mdms-v2.health:8080/" + egov-mdms-service: "http://mdms-v2.egov:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 9f1c90a9c8e01eb247d1a2c703fc088fae2f35fa Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 13:25:23 +0530 Subject: [PATCH 581/742] Update sanitation-uat.yaml revert mdms v1 search (#2220) --- deploy-as-code/helm/environments/sanitation-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index c31cca44fa..f2f9574b9a 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -72,7 +72,7 @@ cluster-configs: egov-idgen: "http://egov-idgen.egov:8080/" egov-otp: "http://egov-otp.egov:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://mdms-v2.egov:8080/" + egov-mdms-service: "http://health-mdms-v2.health:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" From 839ecabe7a7c2582fbab37bae61d78f35106411d Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Mon, 18 Dec 2023 14:34:31 +0530 Subject: [PATCH 582/742] Added path of persister and indexer config (#2221) --- deploy-as-code/helm/environments/unified-uat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index f178295e27..805de68dfa 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -338,13 +338,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml" egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 990e9b071f7298b8add583beeaebf11fd948c996 Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:13:30 +0530 Subject: [PATCH 583/742] added host for individal (#2222) --- .../helm/charts/health-services/health-hrms/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index 5a95b15684..cecb07c2e1 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -71,6 +71,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-idgen + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual - name: EGOV_SERVICES_EGOV_IDGEN_CREATEPATH value: /egov-idgen/id/_generate - name: EGOV_SERVICES_EGOV_IDGEN_EMP_CODE_NAME From 92fea68f2aa8266a2438bcb59162aa564701d0e3 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 18 Dec 2023 17:02:38 +0530 Subject: [PATCH 584/742] added new helm chart in the env branch --- .../service-request/Chart.yaml | 26 ++++++++ .../service-request/templates/deployment.yaml | 2 + .../service-request/templates/ingress.yaml | 2 + .../service-request/templates/service.yaml | 2 + .../service-request/values.yaml | 63 +++++++++++++++++++ 5 files changed, 95 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/service-request/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/service-request/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/service-request/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/service-request/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/service-request/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/service-request/Chart.yaml b/deploy-as-code/helm/charts/health-services/service-request/Chart.yaml new file mode 100644 index 0000000000..8e02807cb7 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/service-request/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +name: service-request +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/service-request/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/service-request/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/service-request/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/service-request/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/service-request/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/service-request/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/service-request/templates/service.yaml b/deploy-as-code/helm/charts/health-services/service-request/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/service-request/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml new file mode 100644 index 0000000000..07b0d58425 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -0,0 +1,63 @@ +# Common Labels +labels: + app: "service-request" + group: "rainmaker" + +namespace: health +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "service-request" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "service-request_schema" + image: + repository: "service-request-db" + +# Container Configs +image: + repository: "service-request" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/service-request/health" + readinessProbePath: "/service-request/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx64m -Xms64m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: service-request + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: EGOV_SERVICE_DEFINITION_CREATE_TOPIC + value: save-service-definition + - name: EGOV_SERVICE_CREATE_TOPIC + value: save-service + - name: EGOV_SERVICE_REQUEST_DEFAULT_OFFSET + value: "0" + - name: EGOV_SERVICE_REQUEST_DEFAULT_LIMIT + value: "10" + - name: EGOV_SERVICE_REQUEST_MAX_LIMIT + value: "100" + - name: EGOV_MAX_STRING_INPUT_SIZE + value: "8192" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SERVER_PORT + value: "8080" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" \ No newline at end of file From c71ad6dd7f533862608159cdc456dc19edde9e1e Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 19 Dec 2023 10:54:43 +0530 Subject: [PATCH 585/742] Added path of user-event-service (#2223) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 805de68dfa..c5e689cf73 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -344,7 +344,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From b8ab8a21a89ac606baf0eb08ddf77584fa9a089c Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 19 Dec 2023 11:15:55 +0530 Subject: [PATCH 586/742] added namespace in the helm charts --- .../helm/charts/health-services/service-request/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index 07b0d58425..450b760a44 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -6,6 +6,7 @@ labels: namespace: health # Ingress Configs ingress: + namespace: egov enabled: true zuul: true context: "service-request" From ee1928948e9d517af59bb2641841b18730f8747a Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Tue, 19 Dec 2023 11:16:06 +0530 Subject: [PATCH 587/742] Move fsm changes to qa (#2225) * added indexer and persister configs to sanitation qa * Added individual service key value to hosts --- deploy-as-code/helm/environments/sanitation-uat.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index f2f9574b9a..158a0000ba 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -146,6 +146,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + individual: "http://individual.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -341,7 +342,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml, file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From be806b8952a45bf373c9a064ef7017b905c524d1 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 19 Dec 2023 17:53:50 +0530 Subject: [PATCH 588/742] Update values.yaml (#2226) --- .../business-services/dashboard-analytics/values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml b/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml index 2eff6aad33..c9483d4e2c 100644 --- a/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml +++ b/deploy-as-code/helm/charts/business-services/dashboard-analytics/values.yaml @@ -80,3 +80,10 @@ env: | value: {{ index .Values "heap" | quote }} - name: JAVA_ARGS value: {{ index .Values "java-args" | quote }} + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} From 6b98f612e644c75ef31a32ece4f8ebe0e2a26c1b Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 19 Dec 2023 18:08:26 +0530 Subject: [PATCH 589/742] Update unified-uat.yaml (#2227) --- deploy-as-code/helm/environments/unified-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index c5e689cf73..e3ee378bab 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -367,6 +367,7 @@ egov-searcher: branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch dashboard-analytics: + java-debug: true config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: From 362537f06f373876ed797e0b1b6bb77903c5c9cb Mon Sep 17 00:00:00 2001 From: manastanmay-eGov <118505430+manastanmay-eGov@users.noreply.github.com> Date: Wed, 20 Dec 2023 15:00:43 +0530 Subject: [PATCH 590/742] Added Expense Calculator config (#2229) --- .../digit-works/utilities/mukta-services/values.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml index e8b1422b9c..a92ed2753f 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml @@ -92,10 +92,15 @@ env: | configMapKeyRef: name: egov-service-host key: measurement + - name: EGOV_EXPENSE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense - name: CONTEXT_PATH value: "/mukta-services" - name: EGOV_HOST valueFrom: configMapKeyRef: name: egov-config - key: egov-services-fqdn-name \ No newline at end of file + key: egov-services-fqdn-name From c7d6c6107a4a95ec35fc7d26052f2b95feb1c69e Mon Sep 17 00:00:00 2001 From: manastanmay-eGov <118505430+manastanmay-eGov@users.noreply.github.com> Date: Wed, 20 Dec 2023 18:47:34 +0530 Subject: [PATCH 591/742] Update values.yaml (#2230) --- .../charts/digit-works/utilities/mukta-services/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml index a92ed2753f..4b1231bea3 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-services/values.yaml @@ -92,11 +92,11 @@ env: | configMapKeyRef: name: egov-service-host key: measurement - - name: EGOV_EXPENSE_HOST + - name: EGOV_EXPENSE_CALCULATOR_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: expense + key: expense-calculator - name: CONTEXT_PATH value: "/mukta-services" - name: EGOV_HOST From 4ccdc7a370ea2a5d16203ec861aaaf928986917a Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Wed, 20 Dec 2023 20:49:02 +0530 Subject: [PATCH 592/742] Update unified-qa.yaml (#2231) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 89d18fbf47..6276a61319 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -378,8 +378,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 84117f891a05a2dbd89287320100a2fbcdb91b20 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Wed, 20 Dec 2023 21:02:00 +0530 Subject: [PATCH 593/742] added config path for mb pdf and deviation statement pdf (#2232) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 6276a61319..212aae9b10 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -378,8 +378,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 98a2750a05bf11e07fc114641bd01f2e16939707 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Thu, 21 Dec 2023 11:26:43 +0530 Subject: [PATCH 594/742] added key for mukta-services (#2234) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 83460a3430..bebd5ecec6 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -171,6 +171,7 @@ cluster-configs: ifms-adapter: "http://ifms-adapter.works:8080/" measurement-service: "http://measurement-service.works:8080/" measurement-registry: "http://measurement-registry.works:8080/" + mukta-services: "http://mukta-services.works:8080/" estimate-service: memory_limits: 512Mi From 85773ef0f4971fcd5c019b4d6a8ca9be36bc40b0 Mon Sep 17 00:00:00 2001 From: Lokendra-egov <137176739+Lokendra-egov@users.noreply.github.com> Date: Thu, 21 Dec 2023 12:06:12 +0530 Subject: [PATCH 595/742] added config path for mb, detailed estimate and deviation-statement pdf (#2235) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index bebd5ecec6..059649898e 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -495,8 +495,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" branch: "UNIFIED-QA" - data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" - format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" + data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" + format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" egov-searcher: search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" From cd50e6299ef42c01ec32e33ab5d760d87de71bb9 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Thu, 21 Dec 2023 12:44:06 +0530 Subject: [PATCH 596/742] Update unified-uat.yaml (#2237) added individual service configuration for unified uat environment file --- deploy-as-code/helm/environments/unified-uat.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index e3ee378bab..4cc75251e5 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -412,6 +412,16 @@ egov-localization: heap: '-Xmx256m -Xms256m' memory_limits: 512Mi +individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + pdf-service: initContainers: gitSync: From 87e5fadeaa1991a4750807c84cb0a491f48ef68a Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Thu, 21 Dec 2023 15:57:35 +0530 Subject: [PATCH 597/742] removed duplicate perister file reference for egov-persister service (#2239) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 6ade4a2780..d76e3b76fa 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 9cb056998da2546ef73dfa730104577f86344792 Mon Sep 17 00:00:00 2001 From: SivajiGanesh Nangireddy <142795334+sivajiganesh-egov@users.noreply.github.com> Date: Thu, 21 Dec 2023 16:10:09 +0530 Subject: [PATCH 598/742] Move fsm changes to qa (#2240) * added indexer and persister configs to sanitation qa * Added individual service key value to hosts * removed duplicate individual persister values * Update unified-uat.yaml --------- Co-authored-by: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 4cc75251e5..f942c5f97d 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -344,7 +344,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From b2f5799baddf5f9778bca1eca6b9d001d1b4f98a Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 26 Dec 2023 14:03:43 +0530 Subject: [PATCH 599/742] Update unified-uat.yaml (#2242) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index f942c5f97d..8dc11bc28a 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-uat.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "mz" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From 751d8ece1cd18c6c2916a8fef865c4187782faee Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 26 Dec 2023 14:32:35 +0530 Subject: [PATCH 600/742] reverted state level tenantId (#2244) --- deploy-as-code/helm/environments/unified-uat.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 8dc11bc28a..db307f3894 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-uat.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" + egov-state-level-tenant-id: "mz" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" @@ -368,6 +368,7 @@ egov-searcher: dashboard-analytics: java-debug: true + state-level-tenant-id: "pg" config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: From 19cb44ceb0a9c30cc0b1bc321d0c72942eefab3e Mon Sep 17 00:00:00 2001 From: Shivam Upadhyay <145538335+shivam-eGov@users.noreply.github.com> Date: Tue, 26 Dec 2023 15:57:28 +0530 Subject: [PATCH 601/742] Urban es changes (#2243) * urban changes for es-v8 * urban: fixed api context path --- .../charts/common/templates/_cronjob.yaml | 4 ++ .../charts/common/templates/_deployment.yaml | 4 ++ .../charts/common/templates/_ingress.yaml | 4 +- .../charts/common/templates/_service.yaml | 6 +- .../common/templates/_servicemonitor.yaml | 6 +- .../helm/environments/unified-urban-dev.yaml | 60 ++++++++++++++++--- 6 files changed, 74 insertions(+), 10 deletions(-) diff --git a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml index 07caa793bf..ff85cfcce0 100644 --- a/deploy-as-code/helm/charts/common/templates/_cronjob.yaml +++ b/deploy-as-code/helm/charts/common/templates/_cronjob.yaml @@ -7,7 +7,11 @@ apiVersion: batch/v2alpha1 kind: CronJob metadata: name: {{ template "common.name" . }} +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} namespace: {{ .Values.namespace }} +{{- end }} labels: {{- include "common.labels" . | nindent 4 }} spec: diff --git a/deploy-as-code/helm/charts/common/templates/_deployment.yaml b/deploy-as-code/helm/charts/common/templates/_deployment.yaml index 1d9f02eefc..77c4d5f122 100644 --- a/deploy-as-code/helm/charts/common/templates/_deployment.yaml +++ b/deploy-as-code/helm/charts/common/templates/_deployment.yaml @@ -7,7 +7,11 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "common.name" . }} + {{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} + {{- else }} namespace: {{ .Values.namespace }} + {{- end }} labels: {{- include "common.labels" . | nindent 4 }} spec: diff --git a/deploy-as-code/helm/charts/common/templates/_ingress.yaml b/deploy-as-code/helm/charts/common/templates/_ingress.yaml index e4cb6671e8..645d59aa9b 100644 --- a/deploy-as-code/helm/charts/common/templates/_ingress.yaml +++ b/deploy-as-code/helm/charts/common/templates/_ingress.yaml @@ -5,7 +5,9 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ template "common.name" . }} -{{- if .Values.ingress.namespace }} +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else if .Values.ingress.namespace }} namespace: {{ .Values.ingress.namespace }} {{- else }} namespace: {{ .Values.namespace }} diff --git a/deploy-as-code/helm/charts/common/templates/_service.yaml b/deploy-as-code/helm/charts/common/templates/_service.yaml index d4d57912cd..cf91149db3 100644 --- a/deploy-as-code/helm/charts/common/templates/_service.yaml +++ b/deploy-as-code/helm/charts/common/templates/_service.yaml @@ -4,7 +4,11 @@ apiVersion: v1 kind: Service metadata: name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} annotations: {{- if .Values.metrics }} prometheus.io/path: {{ .Values.metrics.path | quote }} diff --git a/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml b/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml index 6b12f9324a..76083b8044 100644 --- a/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml +++ b/deploy-as-code/helm/charts/common/templates/_servicemonitor.yaml @@ -4,7 +4,11 @@ apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "common.name" . }} - namespace: {{ .Values.namespace }} +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} labels: {{- include "common.labels" . | nindent 4 }} spec: diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 1d1626183a..903af07f79 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -1,6 +1,7 @@ global: domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup + namespace: urban cluster-configs: namespaces: @@ -17,7 +18,7 @@ cluster-configs: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ monitoring, urban ] + namespace: [ urban ] data: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name @@ -27,8 +28,8 @@ cluster-configs: egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v8.es-experimental" + es-indexer-host: "http://elasticsearch-data-v8.es-experimental:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 @@ -58,8 +59,8 @@ cluster-configs: collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ + urban-dashboard-analytics: http://urban-dashboard-analytics.urban:8080/ + urban-dashboard-ingest: http://urban-dashboard-ingest.urban:8080/ demand-services: "http://demand-services:8080/" data-sync-employee: "http://data-sync-employee:8080/" egov-common-masters: "http://egov-common-masters:8080/" @@ -87,7 +88,7 @@ cluster-configs: egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" egov-searcher: "http://egov-searcher.egov:8080/" egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" + urban-egov-indexer: "http://urban-egov-indexer.urban:8080/" egov-hrms: "http://egov-hrms.egov:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" @@ -150,6 +151,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + urban-national-dashboard-ingest: "http://urban-national-dashboard-ingest.urban:8080/" egov-filestore: replicas: 2 @@ -299,6 +301,11 @@ noc-services: java-debug: true egov-indexer: + name: "urban-egov-indexer" + replicas: 1 + appType: "java-spring" + ingress: + context: "urban-egov-indexer" heap: "-Xmx512m -Xms512m" memory_limits: "768Mi" initContainers: @@ -306,6 +313,12 @@ egov-indexer: repo: "git@github.com:egovernments/configs" branch: "qa" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" + extraEnv: + java: | + - name: SERVER_CONTEXT_PATH + value: /urban-egov-indexer + - name: SERVER_SERVLET_CONTEXT_PATH + value: /urban-egov-indexer egov-pg-service: axis: true @@ -394,14 +407,24 @@ nginx-ingress: national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" + name: "urban-national-dashboard-ingest" replicas: 1 + appType: "java-spring" + ingress: + context: "urban-national-dashboard-ingest" + heap: "-Xmx750m -Xms750m" server-tomcat-max-threads: 25 module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' master-data-index: "master-national-dashboard" module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number","noOfPropertiesPaidToday":"number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + extraEnv: + java: | + - name: SERVER_CONTEXT_PATH + value: /urban-national-dashboard-ingest + - name: SERVER_SERVLET_CONTEXT_PATH + value: /urban-national-dashboard-ingest cert-manager: email: "nithin.dv@egovernments.org" @@ -454,7 +477,11 @@ employee: ';" dashboard-analytics: + name: "urban-dashboard-analytics" replicas: 1 + appType: "java-spring" + ingress: + context: "urban-dashboard-analytics" heap: "-Xmx128m -Xms64m" memory_limits: 384Mi config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" @@ -462,8 +489,21 @@ dashboard-analytics: gitSync: repo: "git@github.com:egovernments/configs" branch: "qa" + extraEnv: + java: | + - name: SERVER_CONTEXT_PATH + value: /urban-dashboard-analytics + - name: SERVER_SERVLET_CONTEXT_PATH + value: /urban-dashboard-analytics dashboard-ingest: + name: "urban-dashboard-ingest" + replicas: 1 + appType: "java-spring" + ingress: + context: "urban-dashboard-ingest" + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" topic-incoming-collection: "dss-collection-update" es-index-name: "dss-collection_v2" es-push-direct: "true" @@ -472,6 +512,12 @@ dashboard-ingest: gitSync: repo: "git@github.com:egovernments/configs" branch: "qa" + extraEnv: + java: | + - name: SERVER_CONTEXT_PATH + value: /urban-dashboard-ingest + - name: SERVER_SERVLET_CONTEXT_PATH + value: /urban-dashboard-ingest citizen: custom-js-injection: | From b83055f1f95b9631ef3c1e61f18e77633bd4ff60 Mon Sep 17 00:00:00 2001 From: Shivam Upadhyay <145538335+shivam-eGov@users.noreply.github.com> Date: Tue, 26 Dec 2023 16:48:46 +0530 Subject: [PATCH 602/742] urban: fix git sync & config (#2246) --- .../helm/charts/cluster-configs/values.yaml | 2 +- .../helm/environments/unified-urban-dev.yaml | 21 ++++++++++--------- 2 files changed, 12 insertions(+), 11 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 7c5065d2f5..9c25b71846 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -80,7 +80,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov, health ] + namespace: [ egov, health, urban ] name: git-creds kibana: diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 903af07f79..4c42997fd1 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -276,7 +276,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" - branch: "QA" + branch: "UNIFIED-DEV" mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring @@ -311,7 +311,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" extraEnv: java: | @@ -333,7 +333,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" egov-localization: replicas: 1 @@ -342,7 +342,7 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" egov-searcher: replicas: 2 @@ -350,7 +350,7 @@ egov-searcher: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" egov-custom-consumer: erp-host: "https://mohali-qa.digit.org/" @@ -413,6 +413,7 @@ national-dashboard-ingest: ingress: context: "urban-national-dashboard-ingest" heap: "-Xmx750m -Xms750m" + memory_limits: "850Mi" server-tomcat-max-threads: 25 module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' master-data-index: "master-national-dashboard" @@ -488,7 +489,7 @@ dashboard-analytics: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" extraEnv: java: | - name: SERVER_CONTEXT_PATH @@ -511,7 +512,7 @@ dashboard-ingest: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" extraEnv: java: | - name: SERVER_CONTEXT_PATH @@ -557,7 +558,7 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @@ -624,7 +625,7 @@ pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/data-config/birth-certificate-pdf.json, file:///work-dir/configs/pdf-service/data-config/death-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-sewagedisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-seweragedisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sewerageconnectiondetails.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-metered.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-nonmetered.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/format-config/birth-certificate.json, file:///work-dir/configs/pdf-service/format-config/death-certificate.json, file:///work-dir/configs/pdf-service/format-config/ws-sewagedisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-seweragedisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-sewerageconnectiondetails.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-metered.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-nonmetered.json" persistence: @@ -978,7 +979,7 @@ grafana: gitSync: enabled: true repo: "git@github.com:egovernments/configs" - branch: "qa" + branch: "UNIFIED-DEV" # minio >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> minio: mode: distributed From c8c33ddb4ee8b865adfa6041b576078554a5221e Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 27 Dec 2023 14:14:37 +0530 Subject: [PATCH 603/742] Update unified-qa.yaml (#2247) --- deploy-as-code/helm/environments/unified-qa.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 212aae9b10..42d624cdf2 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -205,7 +205,17 @@ egov-notification-sms: sms-destination-mobile-req-param-name: "mobilenumber" sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - + +individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + project: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi From db8d37a5214f558f4cf81ee50815e0d359ca2bcb Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 27 Dec 2023 15:25:05 +0530 Subject: [PATCH 604/742] debug enable for user (#2248) --- .../charts/core-services/egov-user/egov-user-values.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index 924af961c8..c179385aa4 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -161,3 +161,10 @@ env: | - name: TRACER_OPENTRACING_ENABLED value: "true" {{- end }} + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} From c59f7e54c7208648572b5c8e381fba7f09d9b0b8 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 27 Dec 2023 15:36:02 +0530 Subject: [PATCH 605/742] Update unified-qa.yaml (#2249) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 42d624cdf2..cb6ba4d069 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -215,6 +215,10 @@ individual: aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" + +egov-user: + tracing-enabled: true + java-enable-debug: true project: heap: "-Xmx256m -Xms256m" From 5a31a2ac1b872c53ff0c4581157e12b4e7f576e3 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 27 Dec 2023 15:51:40 +0530 Subject: [PATCH 606/742] Update unified-qa.yaml (#2250) --- deploy-as-code/helm/environments/unified-qa.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index cb6ba4d069..e9532cf7ae 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -217,8 +217,7 @@ individual: notification-sms-disabled-roles: "ORG_ADMIN" egov-user: - tracing-enabled: true - java-enable-debug: true + java-debug: true project: heap: "-Xmx256m -Xms256m" From ffe2fe395133729f069d0626fc0a6e3f72e0dd52 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Wed, 27 Dec 2023 16:04:44 +0530 Subject: [PATCH 607/742] Update unified-qa.yaml (#2251) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index e9532cf7ae..44d48219e0 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -215,9 +215,6 @@ individual: aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" - -egov-user: - java-debug: true project: heap: "-Xmx256m -Xms256m" @@ -253,6 +250,7 @@ egov-user: citizen-otp-fixed-enabled: "true" egov-state-level-tenant-id: "in" decryption-abac-enabled: "true" + java-debug: true chatbot: kafka-topics-partition-count: 3 From b6a8e4b1eb5a16e09cca59ca771a2960ca47de71 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 28 Dec 2023 10:43:50 +0530 Subject: [PATCH 608/742] Update unified-qa.yaml (#2254) --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 44d48219e0..9a04f635df 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -326,7 +326,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 2f99b0978d5581b30cf10ffbae27e8d48d309948 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Thu, 28 Dec 2023 11:07:59 +0530 Subject: [PATCH 609/742] added service hosts (#2089) --- .../backend/measurement-service/values.yaml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml index 96c3d5028c..89a14df8a6 100644 --- a/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/backend/measurement-service/values.yaml @@ -70,6 +70,21 @@ env: | configMapKeyRef: name: egov-service-host key: estimate-service + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + - name: WORKS_PROJECT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: project + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization - name: EGOV_MEASUREMENT_REGISTRY_HOST valueFrom: configMapKeyRef: From 3749b0fe3311edba2a43042f5b2e1e841935ecb0 Mon Sep 17 00:00:00 2001 From: Shivam Upadhyay <145538335+shivam-eGov@users.noreply.github.com> Date: Thu, 28 Dec 2023 12:09:28 +0530 Subject: [PATCH 610/742] urban: updated config (#2252) * urban: fix config * urban: fix config * urban: fixed healthchecks config * urban: fixed egov-indexer config * urban: updated egov-indexer config * urban: added digit-ui config --- .../charts/common/templates/_deployment.yaml | 5 +++- .../core-services/egov-indexer/values.yaml | 3 ++- .../helm/environments/unified-urban-dev.yaml | 26 ++++++++++++++----- 3 files changed, 26 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/charts/common/templates/_deployment.yaml b/deploy-as-code/helm/charts/common/templates/_deployment.yaml index 77c4d5f122..7ed378f947 100644 --- a/deploy-as-code/helm/charts/common/templates/_deployment.yaml +++ b/deploy-as-code/helm/charts/common/templates/_deployment.yaml @@ -150,7 +150,7 @@ spec: {{- tpl . $ | nindent 10 }} {{- end }} {{- end }} - {{- if or .Values.env (eq .Values.appType "java-spring") (index .Values "global" "tracing-enabled") }} + {{- if or .Values.env (eq .Values.appType "java-spring") (index .Values "global" "tracing-enabled") }} env: {{- if .Values.env }} {{- tpl .Values.env . | nindent 12 }} @@ -161,6 +161,9 @@ spec: {{- if or (index .Values "global" "tracing-enabled") (index .Values "tracing-enabled") }} {{- tpl .Values.extraEnv.jaeger . | nindent 12 }} {{- end }} + {{- if .Values.extraEnv.app }} + {{- tpl .Values.extraEnv.app . | nindent 12 }} + {{- end }} {{- end }} {{- if .Values.resources }} resources: diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml index f3735385b3..561222c74f 100644 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml @@ -33,6 +33,7 @@ appType: "java-spring" tracing-enabled: true egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml" heap: "-Xmx192m -Xms192m" +indexer-host: "egov-indexer" # Additional Container Envs env: | @@ -40,7 +41,7 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: egov-indexer + key: {{ index .Values "indexer-host" }} - name: EGOV_INFRA_INDEXER_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml index 4c42997fd1..9de2115cce 100644 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ b/deploy-as-code/helm/environments/unified-urban-dev.yaml @@ -152,7 +152,14 @@ cluster-configs: birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" urban-national-dashboard-ingest: "http://urban-national-dashboard-ingest.urban:8080/" - + +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" + egov-filestore: replicas: 2 heap: "-Xmx1344m -Xms1344m" @@ -312,9 +319,13 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" branch: "UNIFIED-DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" + healthChecks: + livenessProbePath: "/urban-egov-indexer/health" + readinessProbePath: "/urban-egov-indexer/health" + indexer-host: urban-egov-indexer extraEnv: - java: | + app: | - name: SERVER_CONTEXT_PATH value: /urban-egov-indexer - name: SERVER_SERVLET_CONTEXT_PATH @@ -420,8 +431,11 @@ national-dashboard-ingest: module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number","noOfPropertiesPaidToday":"number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + healthChecks: + livenessProbePath: "/urban-national-dashboard-ingest/health" + readinessProbePath: "/urban-national-dashboard-ingest/health" extraEnv: - java: | + app: | - name: SERVER_CONTEXT_PATH value: /urban-national-dashboard-ingest - name: SERVER_SERVLET_CONTEXT_PATH @@ -491,7 +505,7 @@ dashboard-analytics: repo: "git@github.com:egovernments/configs" branch: "UNIFIED-DEV" extraEnv: - java: | + app: | - name: SERVER_CONTEXT_PATH value: /urban-dashboard-analytics - name: SERVER_SERVLET_CONTEXT_PATH @@ -514,7 +528,7 @@ dashboard-ingest: repo: "git@github.com:egovernments/configs" branch: "UNIFIED-DEV" extraEnv: - java: | + app: | - name: SERVER_CONTEXT_PATH value: /urban-dashboard-ingest - name: SERVER_SERVLET_CONTEXT_PATH From 6feb2a83028f63130754ddca81d4900a76ac8d02 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Fri, 29 Dec 2023 08:25:15 +0530 Subject: [PATCH 611/742] updated new helm charts for health services (#2255) Co-authored-by: Harish-egov --- .../health-attendance/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../health-attendance/templates/ingress.yaml | 2 + .../health-attendance/templates/service.yaml | 2 + .../health-attendance/values.yaml | 128 +++++++++ .../health-individual/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../health-individual/templates/ingress.yaml | 2 + .../health-individual/templates/service.yaml | 2 + .../health-individual/values.yaml | 157 +++++++++++ .../health-pgr-services/Chart.yaml | 26 ++ .../templates/deployment.yaml | 2 + .../templates/ingress.yaml | 2 + .../templates/service.yaml | 2 + .../health-pgr-services/values.yaml | 172 ++++++++++++ .../health-services/health-project/Chart.yaml | 26 ++ .../health-project/templates/deployment.yaml | 2 + .../health-project/templates/ingress.yaml | 2 + .../health-project/templates/service.yaml | 2 + .../health-project/values.yaml | 248 ++++++++++++++++++ .../helm/environments/unified-health-dev.yaml | 1 + .../helm/environments/unified-health-qa.yaml | 1 + .../helm/environments/unified-health-uat.yaml | 1 + 23 files changed, 836 insertions(+) create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-attendance/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-individual/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/Chart.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/health-services/health-project/values.yaml diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml new file mode 100644 index 0000000000..df77fa831c --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-attendance +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml new file mode 100644 index 0000000000..7caf19d53b --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml @@ -0,0 +1,128 @@ +# Common Labels +labels: + app: "health-attendance" + group: "digit-works" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "attendance" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "attendance_schema" + image: + repository: "health-attendance-db" + +# Container Configs +image: + repository: "health-attendance" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-attendance/health" + readinessProbePath: "/health-attendance/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-attendance" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /attendance + - name: SERVER_SERVLET_CONTEXT-PATH + value: /attendance + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: WORKS_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: ATTENDANCE_LOG_KAFKA_CREATE_TOPIC + value: "save-attendance-log" + - name: ATTENDANCE_LOG_KAFKA_UPDATE_TOPIC + value: "update-attendance-log" + - name: ATTENDANCE_REGISTER_KAFKA_CREATE_TOPIC + value: "save-attendance" + - name: ATTENDANCE_REGISTER_KAFKA_UPDATE_TOPIC + value: "update-attendance" + - name: ATTENDANCE_STAFF_KAFKA_CREATE_TOPIC + value: "save-staff" + - name: ATTENDANCE_STAFF_KAFKA_UPDATE_TOPIC + value: "update-staff" + - name: ATTENDANCE_ATTENDEE_KAFKA_CREATE_TOPIC + value: "save-attendee" + - name: ATTENDANCE_ATTENDEE_KAFKA_UPDATE_TOPIC + value: "update-attendee" + {{- if index .Values "attendance-register-default-offset" }} + - name: ATTENDANCE_REGISTER_DEFAULT_OFFSET + value: {{ index .Values "attendance-register-default-offset" | quote }} + {{- end }} + {{- if index .Values "attendance-register-default-limit" }} + - name: ATTENDANCE_REGISTER_DEFAULT_LIMIT + value: {{ index .Values "attendance-register-default-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-register-search-max-limit" }} + - name: ATTENDANCE_REGISTER_SEARCH_MAX_LIMIT + value: {{ index .Values "attendance-register-search-max-limit" | quote }} + {{- end }} + {{- if index .Values "attendance-individual-service-integration-required" }} + - name: ATTENDANCE_INDIVIDUAL_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-individual-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-staff-service-integration-required" }} + - name: ATTENDANCE_STAFF_SERVICE_INTEGRATION_REQUIRED + value: {{ index .Values "attendance-staff-service-integration-required" | quote }} + {{- end }} + {{- if index .Values "attendance-document-id-verification-required" }} + - name: ATTENDANCE_DOCUMENT_ID_VERIFICATION_REQUIRED + value: {{ index .Values "attendance-document-id-verification-required" | quote }} + {{- end }} + {{- if index .Values "attendance-register-open-search-enabled-roles" }} + - name: ATTENDANCE_REGISTER_OPEN_SEARCH_ENABLED_ROLES + value: {{ index .Values "attendance-register-open-search-enabled-roles" | quote }} + {{- end }} + {{- if index .Values "works-individual-search-endpoint" }} + - name: WORKS_INDIVIDUAL_SEARCH_ENDPOINT + value: {{ index .Values "works-individual-search-endpoint" | quote }} + {{- end }} + {{- if index .Values "organisation-contact-details-update-topic" }} + - name: ORGANISATION_CONTACT_DETAILS_UPDATE_TOPIC + value: {{ index .Values "organisation-contact-details-update-topic" | quote }} + {{- end }} + {{- if index .Values "contracts-revision-topic" }} + - name: CONTRACTS_REVISION_TOPIC + value: {{ index .Values "contracts-revision-topic" | quote }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml new file mode 100644 index 0000000000..2d818ea4a1 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-individual +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml new file mode 100644 index 0000000000..40468610bb --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml @@ -0,0 +1,157 @@ +# Common Labels +labels: + app: "health-individual" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "health-individual" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "individual_schema" + image: + repository: "health-individual-db" + +# Container Configs +image: + repository: "health-individual" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-individual/health" + readinessProbePath: "/health-individual/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-individual + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-individual" + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: IDGEN.INDIVIDUAL.ID.FORMAT + value: "individual.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC + value: "individual-consumer-bulk-create-topic" + - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC + value: "individual-consumer-bulk-update-topic" + - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC + value: "individual-consumer-bulk-delete-topic" + - name: INDIVIDUAL.PRODUCER.SAVE.TOPIC + value: "save-individual-topic" + - name: INDIVIDUAL.PRODUCER.UPDATE.TOPIC + value: "update-individual-topic" + - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC + value: "delete-individual-topic" + - name: KAFKA_TOPICS_NOTIFICATION_SMS + value: "egov.core.notification.sms" + {{- if index .Values "state-level-tenant-id" }} + - name: STATE_LEVEL_TENANT_ID + value: {{ index .Values "state-level-tenant-id" | quote }} + {{- end }} + {{- if index .Values "notification-sms-disabled-roles" }} + - name: NOTIFICATION_SMS_DISABLED_ROLES + value: {{ index .Values "notification-sms-disabled-roles" | quote }} + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_ENC_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-enc-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_ENC_ENCRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_encrypt" + - name: EGOV_ENC_DECRYPT_ENDPOINT + value: "/egov-enc-service/crypto/v1/_decrypt" + - name: AADHAAR_PATTERN + value: "\\d{12}" + - name: MOBILE_PATTERN + value: "\\d+" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_CREATE_USER_URL + value: "/user/users/_createnovalidate" + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_UPDATE_USER_URL + value: "/user/users/_updatenovalidate" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: USER_SYNC_ENABLED + value: "true" + - name: USER_SERVICE_USER_TYPE + value: "CITIZEN" + - name: USER_SERVICE_ACCOUNT_LOCKED + value: "false" + - name: INDIVIDUAL_PRODUCER_UPDATE_USER_ID_TOPIC + value: "update-user-id-topic" + - name: NOTIFICATION_SMS_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml new file mode 100644 index 0000000000..dad869be1b --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-pgr-services +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml b/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml new file mode 100644 index 0000000000..15aff63709 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-pgr-services/values.yaml @@ -0,0 +1,172 @@ +# Common Labels +labels: + app: "health-pgr-services" + group: "rainmaker" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "pgr-services" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "pgr_services_schema" + image: + repository: "health-pgr-services-db" + +# Container Configs +image: + repository: "health-pgr-services" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-pgr-services/health" + readinessProbePath: "/health-pgr-services/health" +appType: "java-spring" +tracing-enabled: true +notification-sms-enabled: "true" +notification-email-enabled: "false" +new-complaint-enabled: "true" +reassign-complaint-enabled: "true" +reopen-complaint-enabled: "true" +comment-by-employee-notif-enabled: "false" +notification-allowed-status: "open,assigned,rejected,resolved" +heap: "-Xmx192m -Xms192m" +java-args: "-Dspring.profiles.active=monitoring" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-pgr-services + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-pgr-services" + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "serializers-timezone-in-ist" }} + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.egov.tracer.kafka.serializer.ISTTimeZoneJsonSerializer + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_WORKFLOW_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-workflow-v2 + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_LOCALIZATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-localization + - name: EGOV_INFRA_SEARCHER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-searcher + - name: EGOV_COMMON_MASTERS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-common-masters + - name: EGOV_FILESTORE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: EGOV_UI_APP_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: NOTIFICATION_SMS_ENABLED + value: {{ index .Values "notification-sms-enabled" | quote }} + - name: NOTIFICATION_EMAIL_ENABLED + value: {{ index .Values "notification-email-enabled" | quote }} + - name: NEW_COMPLAINT_ENABLED + value: {{ index .Values "new-complaint-enabled" | quote }} + - name: REASSIGN_COMPLAINT_ENABLED + value: {{ index .Values "reassign-complaint-enabled" | quote }} + - name: REOPEN_COMPLAINT_ENABLED + value: {{ index .Values "reopen-complaint-enabled" | quote }} + - name: COMMENT_BY_EMPLOYEE_NOTIF_ENABLED + value: {{ index .Values "comment-by-employee-notif-enabled" | quote }} + - name: EGOV_PGR_APP_PLAYSTORE_LINK + value: "https://goo.gl/ArDyQ1" + - name: NOTIFICATION_ALLOWED_ON_STATUS + value: {{ index .Values "notification-allowed-status" | quote }} + - name: EGOV_HRMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-hrms + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_USR_EVENTS_NOTIFICATION_ENABLED + value: "true" + - name: EGOV_USR_EVENTS_CREATE_TOPIC + value: "persist-user-events-async" + - name: EGOV_USR_EVENTS_RATE_LINK + value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=feedback/$servicerequestid" + - name: EGOV_USR_EVENTS_REOPEN_LINK + value: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=reopen-complaint/$servicerequestid" + - name: EGOV_USR_EVENTS_RATE_CODE + value: "RATE" + - name: EGOV_USR_EVENTS_REOPEN_CODE + value: "REOPEN" + - name: PGR_STATELEVEL_TENANTID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "time-before-closing-complaint" }} + - name: PGR_COMPLAIN_IDLE_TIME + value: {{ index .Values "time-before-closing-complaint" | quote }} + {{- end }} + + + diff --git a/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml new file mode 100644 index 0000000000..4e1f905962 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: health-project +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml b/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml new file mode 100644 index 0000000000..a1c0c78c45 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/health-project/values.yaml @@ -0,0 +1,248 @@ +# Common Labels +labels: + app: "health-project" + group: "core" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "project" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "project_schema" + image: + repository: "health-project-db" + +# Container Configs +image: + repository: "health-project" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health-project/health" + readinessProbePath: "/health-project/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: health-project + - name: SERVER_SERVLET_CONTEXT_PATH + value: "/health-project" + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} + - name: TRACER_ERRORS_PROVIDEEXCEPTIONINDETAILS + valueFrom: + configMapKeyRef: + name: egov-config + key: tracer-errors-provideexceptionindetails + {{- end }} + - name: EGOV_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + - name: EGOV_IDGEN_PATH + value: "egov-idgen/id/_generate" + - name: EGOV_IDGEN_INTEGRATION_ENABLED + value: "true" + - name: PROJECT.STAFF.IDGEN.ID.FORMAT + value: "project.staff.id" + - name: PROJECT.FACILITY.IDGEN.ID.FORMAT + value: "project.facility.id" + - name: PROJECT.TASK.IDGEN.ID.FORMAT + value: "project.task.id" + - name: IDGEN.PROJECT.BENEFICIARY.ID.FORMAT + value: "project.beneficiary.id" + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" + - name: SPRING_CACHE_TYPE + value: "redis" + - name: SPRING_CACHE_REDIS_TIME-TO-LIVE + value: "60" + - name: SPRING_CACHE_AUTOEXPIRY + value: "true" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-enable-debug" | quote }} + - name: SERVER_PORT + value: "8080" + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-egov + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /project + - name: SERVER_SERVLET_CONTEXT-PATH + value: /project + - name: EGOV_LOCATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-location + - name: EGOV_LOCATION_CONTEXT_PATH + value: "/egov-location/location/v11" + - name: EGOV_LOCATION_ENDPOINT + value: "/boundarys/_search" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "true" + - name: EGOV_MDMS_MASTER_NAME + value: "project_master" + - name: EGOV_MDMS_MODULE_NAME + value: "project" + - name: EGOV_HOUSEHOLD_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: household + - name: EGOV_SEARCH_HOUSEHOLD_URL + value: "/household/v1/_search" + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: EGOV_SEARCH_INDIVIDUAL_URL + value: "/individual/v1/_search" + - name: EGOV_PRODUCT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: product + - name: EGOV_SEARCH_PRODUCT_VARIANT_URL + value: "/product/variant/v1/_search" + - name: PROJECT.TASK.KAFKA.CREATE.TOPIC + value: "save-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.UPDATE.TOPIC + value: "update-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-task-bulk-topic" + - name: PROJECT.TASK.KAFKA.DELETE.TOPIC + value: "delete-project-task-topic" + - name: PROJECT.TASK.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-task-bulk-topic" + - name: PROJECT.BENEFICIARY.KAFKA.CREATE.TOPIC + value: "save-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.UPDATE.TOPIC + value: "update-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.KAFKA.DELETE.TOPIC + value: "delete-project-beneficiary-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.CREATE.TOPIC + value: "project-beneficiary-consumer-bulk-create-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.UPDATE.TOPIC + value: "project-beneficiary-consumer-bulk-update-topic" + - name: PROJECT.BENEFICIARY.CONSUMER.BULK.DELETE.TOPIC + value: "project-beneficiary-consumer-bulk-delete-topic" + - name: PROJECT.STAFF.KAFKA.DELETE.TOPIC + value: "delete-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.CREATE.TOPIC + value: "save-project-staff-topic" + - name: PROJECT.STAFF.KAFKA.UPDATE.TOPIC + value: "update-project-staff-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-staff-bulk-topic" + - name: PROJECT.STAFF.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-staff-bulk-topic" + - name: SEARCH_API_LIMIT + value: "1000" + - name: PROJECT.DOCUMENT.ID.VERIFICATION.REQUIRED + value: "false" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.CREATE.TOPIC + value: "save-project" + - name: PROJECT.MANAGEMENT.SYSTEM.KAFKA.UPDATE.TOPIC + value: "update-project" + {{- if index .Values "project-default-offset" }} + - name: PROJECT.DEFAULT.OFFSET + value: {{ index .Values "project-default-offset" | quote }} + {{- end }} + {{- if index .Values "project-default-limit" }} + - name: PROJECT.DEFAULT.LIMIT + value: {{ index .Values "project-default-limit" | quote }} + {{- end }} + {{- if index .Values "project-search-max-limit" }} + - name: PROJECT.SEARCH.MAX.LIMIT + value: {{ index .Values "project-search-max-limit" | quote }} + {{- end }} + - name: EGOV.IDGEN.PROJECT.NUMBER.NAME + value: "project.number" + - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT + value: "project.resource.id" + - name: PROJECT.RESOURCE.KAFKA.CREATE.TOPIC + value: "save-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.UPDATE.TOPIC + value: "update-project-resource-topic" + - name: PROJECT.RESOURCE.KAFKA.DELETE.TOPIC + value: "delete-project-resource-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.CREATE.TOPIC + value: "save-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-resource-bulk-topic" + - name: PROJECT.RESOURCE.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-resource-bulk-topic" + - name: PROJECT.FACILITY.KAFKA.DELETE.TOPIC + value: "delete-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.CREATE.TOPIC + value: "save-project-facility-topic" + - name: PROJECT.FACILITY.KAFKA.UPDATE.TOPIC + value: "update-project-facility-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.DELETE.TOPIC + value: "delete-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.CREATE.TOPIC + value: "create-project-facility-bulk-topic" + - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC + value: "update-project-facility-bulk-topic" + - name: EGOV.USER.ID.VALIDATOR + value: egov-user + - name: EGOV_FACILITY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: facility + - name: EGOV_SEARCH_FACILITY_URL + value: "/facility/v1/_search" + - name: PROJECT_MDMS_MODULE + value: "HCM-PROJECT-TYPES" + - name: EGOV_LOCATION_HIERARCHY_TYPE + value: "ADMIN" + - name: EGOV_LOCATION_CODE_QUERY_PARAM + value: "code" diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 8be9c9da62..11db804cb0 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -28,6 +28,7 @@ cluster-configs: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health domain: 'https://unified-dev.digit.org' ## Add your Domain Name egov-services-fqdn-name: 'https://unified-dev.digit.org/' ## Add your Domain Name diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 9a322f833a..069f221e9e 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -16,6 +16,7 @@ cluster-configs: db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifiedqadb ## Add db-name db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health domain: unified-qa.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name state-level-tenant-id: "pg" diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 673f33259a..edd4ec7f96 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -16,6 +16,7 @@ cluster-configs: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health domain: unified-uat.digit.org ## Add your Domain Name aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ From 9a9a577fd3c404a9309c66313c2ef5d10cdc89a7 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Fri, 29 Dec 2023 17:21:25 +0530 Subject: [PATCH 612/742] Update values.yaml (#2256) --- deploy-as-code/helm/charts/sanitation/fsm/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml index 50d5192106..c5c589ee8a 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm/values.yaml @@ -46,6 +46,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-mdms-service + - name: EGOV_MDMS_V2_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: mdms-service-v2 - name: EGOV_URL_SHORTNER_HOST valueFrom: configMapKeyRef: From 4bc4bf32be129546b48cfa3e347ac103fde4229c Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 2 Jan 2024 10:19:50 +0530 Subject: [PATCH 613/742] updated common values.yaml --- deploy-as-code/helm/charts/common/values.yaml | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index a550d2ae8f..71745b4b25 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,17 +38,19 @@ initContainers: tag: latest env: | - name: "DB_URL" - valueFrom: - configMapKeyRef: + value: {{- if eq .Values.namespace "health" }} + valueFrom: + configMapKeyRef: name: egov-config - key: db-url + key: health-db-url + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + {{- end }} - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - - name: "FLYWAY_USER" - valueFrom: - secretKeyRef: - name: db - key: flyway-username + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - name: "FLYWAY_PASSWORD" valueFrom: secretKeyRef: From 8f6948b1b6a0024c3a4b383db9948812bd21e806 Mon Sep 17 00:00:00 2001 From: ashish-egov <137176738+ashish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 10:29:17 +0530 Subject: [PATCH 614/742] Feat : Added hcm-bff helm chart (#2233) * Feat : Added hcm-bff helm chart * Changed Namespace --- .../digit-works/utilities/hcm-bff/Chart.yaml | 26 +++++++++++ .../hcm-bff/templates/deployment.yaml | 2 + .../utilities/hcm-bff/templates/ingress.yaml | 2 + .../utilities/hcm-bff/templates/service.yaml | 2 + .../digit-works/utilities/hcm-bff/values.yaml | 44 +++++++++++++++++++ 5 files changed, 76 insertions(+) create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml new file mode 100644 index 0000000000..47e1564408 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: hcm-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml new file mode 100644 index 0000000000..2656ad9548 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml @@ -0,0 +1,44 @@ +# Common Labels +labels: + app: "hcm-bff" + group: "rainmaker" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "hcm-bff" + + +# Container Configs +image: + repository: "hcm-bff" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: EGOV_FILESTORE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: CONTEXT_PATH + value: "/egov-bff" + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name \ No newline at end of file From 1446fcc3e560f378e50f982d0f7129ed29e5351b Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 2 Jan 2024 10:33:17 +0530 Subject: [PATCH 615/742] Update unified-uat.yaml tenant id (#2257) --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index db307f3894..62fa0d2263 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -19,7 +19,7 @@ cluster-configs: domain: unified-uat.digit.org ## Add your Domain Name egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "mz" + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" From 0b2a1888f8781b8dbaaa3f601c5b4f78ec0fe542 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 2 Jan 2024 10:57:15 +0530 Subject: [PATCH 616/742] updated common values.yaml --- deploy-as-code/helm/charts/common/values.yaml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index 71745b4b25..0898b74c3b 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,17 +38,17 @@ initContainers: tag: latest env: | - name: "DB_URL" - value: {{- if eq .Values.namespace "health" }} + {{- if eq .Values.namespace "health" }} valueFrom: configMapKeyRef: name: egov-config key: health-db-url - {{- else }} - valueFrom: - configMapKeyRef: - name: egov-config - key: db-url - {{- end }} + {{- else }} + valueFrom: + configMapKeyRef: + name: egov-config + key: db-url + {{- end }} - name: "SCHEMA_TABLE" value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - name: "FLYWAY_PASSWORD" From 0126cd9c46a5052dd00efb9cec3e7b7fdff85ab9 Mon Sep 17 00:00:00 2001 From: ashish-egov <137176738+ashish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 13:11:56 +0530 Subject: [PATCH 617/742] Hcm bff helm allowedfiles (#2258) * Feat : Added hcm-bff helm chart * Changed Namespace * Feat : Added allowed file formats * Update values.yaml --- .../helm/charts/digit-works/utilities/hcm-bff/values.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml index 2656ad9548..30f563536c 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml @@ -36,9 +36,9 @@ env: | name: egov-service-host key: egov-filestore - name: CONTEXT_PATH - value: "/egov-bff" + value: "/hcm-bff" - name: EGOV_HOST valueFrom: configMapKeyRef: name: egov-config - key: egov-services-fqdn-name \ No newline at end of file + key: egov-services-fqdn-name diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index d76e3b76fa..6acaa591bb 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -206,7 +206,7 @@ egov-filestore: aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 fixed-bucketname: "unified-dev-bucket-s3" From bdfe0ecda05683b3cd7e98052764c764dd10c4f1 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 2 Jan 2024 14:53:21 +0530 Subject: [PATCH 618/742] updated common values.yaml --- deploy-as-code/helm/charts/common/values.yaml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index 0898b74c3b..a550d2ae8f 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,19 +38,17 @@ initContainers: tag: latest env: | - name: "DB_URL" - {{- if eq .Values.namespace "health" }} - valueFrom: - configMapKeyRef: - name: egov-config - key: health-db-url - {{- else }} - valueFrom: - configMapKeyRef: + valueFrom: + configMapKeyRef: name: egov-config key: db-url - {{- end }} - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + - name: "FLYWAY_USER" + valueFrom: + secretKeyRef: + name: db + key: flyway-username - name: "FLYWAY_PASSWORD" valueFrom: secretKeyRef: From 6b934a8a1e51d0dd7f5e144d01bcc4e4338e9946 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 16:26:10 +0530 Subject: [PATCH 619/742] updated common values.yaml (#2259) Co-authored-by: Harish-egov --- deploy-as-code/helm/charts/common/values.yaml | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index a550d2ae8f..b08c605f46 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -38,15 +38,22 @@ initContainers: tag: latest env: | - name: "DB_URL" - valueFrom: - configMapKeyRef: + {{- if eq .Values.namespace "health" }} + valueFrom: + configMapKeyRef: + name: egov-config + key: health-db-url + {{- else }} + valueFrom: + configMapKeyRef: name: egov-config key: db-url + {{- end }} - name: "SCHEMA_TABLE" - value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} + value: {{ .Values.initContainers.dbMigration.schemaTable | quote }} - name: "FLYWAY_USER" - valueFrom: - secretKeyRef: + valueFrom: + secretKeyRef: name: db key: flyway-username - name: "FLYWAY_PASSWORD" From 36b23940d3dfb2a5be5a9d6a475a063c11aa1e01 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 18:20:50 +0530 Subject: [PATCH 620/742] added mdms service legacy host and endpoint in health-hrms helm chart (#2261) --- .../helm/charts/health-services/health-hrms/values.yaml | 7 +++++++ deploy-as-code/helm/environments/unified-health-uat.yaml | 6 ++++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index cecb07c2e1..d46da0efa3 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -47,6 +47,13 @@ env: | key: {{ .Values.mdmsHost | default "egov-mdms-service" }} - name: EGOV_MDMS_SEARCH_ENDPOINT value: {{ .Values.mdmsSearchPath | default "/egov-mdms-service/v1/_search" }} + - name: EGOV_MDMSLEGACY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: {{ .Values.mdmsLegacyHost | default "egov-mdms-service" }} + - name: EGOV_MDMSLEGACY_SEARCH_ENDPOINT + value: {{ .Values.mdmsLegacySearchPath | default "egov-mdms-service/v1/_search" }} - name: EGOV_FILESTORE_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index edd4ec7f96..1c220255dc 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -530,8 +530,10 @@ health-hrms: employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' heap: '-Xmx256m -Xms256m' memory_limits: 512Mi - mdmsHost: "egov-mdms-service-legacy" - mdmsSearchPath: "/egov-mdms-service-legacy/v1/_search" + mdmsHost: "egov-mdms-service" + mdmsSearchPath: "/egov-mdms-service/v1/_search" + mdmsLegacyHost: "egov-mdms-service-legacy" + mdmsLegacySearchPath: "egov-mdms-service-legacy/v1/_search" # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 8ed1d75b48f598b2df7542c48655af189733ef5d Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 18:21:17 +0530 Subject: [PATCH 621/742] updated helm chart of health-hrms (#2260) --- .../helm/charts/health-services/health-hrms/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index d46da0efa3..f54258edae 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -139,4 +139,6 @@ env: | {{- if index .Values "tracing-enabled" }} - name: TRACER_OPENTRACING_ENABLED value: "true" + - name: EGOV_HRMS_AUTO_GENERATE_PASSWORD + value: "false" {{- end }} From 04ce7a0fcd230a5a11d1f962dbfe7923fe2f09ba Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 18:47:31 +0530 Subject: [PATCH 622/742] HCM removed duplicate key (#2262) --- deploy-as-code/helm/environments/unified-health-uat.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index 1c220255dc..fff8d5631d 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -16,8 +16,7 @@ cluster-configs: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health - domain: unified-uat.digit.org ## Add your Domain Name + domain: unified-uat.digit.org ## Add your Domain Name aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ aws-region: ap-south-1 From fe193966def544b4b4f84f3006a0e54fd022fb4a Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 2 Jan 2024 18:54:24 +0530 Subject: [PATCH 623/742] corrected the helmchart values for health hrms #2263(#2263) --- .../helm/charts/health-services/health-hrms/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml index f54258edae..61b0fd805a 100644 --- a/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-hrms/values.yaml @@ -47,7 +47,7 @@ env: | key: {{ .Values.mdmsHost | default "egov-mdms-service" }} - name: EGOV_MDMS_SEARCH_ENDPOINT value: {{ .Values.mdmsSearchPath | default "/egov-mdms-service/v1/_search" }} - - name: EGOV_MDMSLEGACY_HOST + - name: EGOV_MDMSLEGACY_HOST valueFrom: configMapKeyRef: name: egov-service-host From 6cd928990e7dc0c3aa77ea62e99c07ae35c5b6a1 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 3 Jan 2024 10:30:34 +0530 Subject: [PATCH 624/742] updated health-db-url's in unified env --- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-health-uat.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 11db804cb0..c664fff24a 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -28,7 +28,7 @@ cluster-configs: db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieddevdb ## Add db-name db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health + health-db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb?currentSchema=health domain: 'https://unified-dev.digit.org' ## Add your Domain Name egov-services-fqdn-name: 'https://unified-dev.digit.org/' ## Add your Domain Name diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index fff8d5631d..f633592a71 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -16,6 +16,7 @@ cluster-configs: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb?currentSchema=health domain: unified-uat.digit.org ## Add your Domain Name aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ From a2413e804aeaf91024acc895391f38088f564736 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 3 Jan 2024 12:06:39 +0530 Subject: [PATCH 625/742] updated health-project context path --- .../helm/charts/health-services/health-project/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml index a1c0c78c45..f215cdb72b 100644 --- a/deploy-as-code/helm/charts/health-services/health-project/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-project/values.yaml @@ -10,7 +10,7 @@ ingress: namespace: egov enabled: true zuul: true - context: "project" + context: "health-project" # Init Containers Configs initContainers: From 768c20f7fe2f82ffde62be675379f979b227c60a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 3 Jan 2024 13:58:39 +0530 Subject: [PATCH 626/742] Update values.yaml --- .../helm/charts/sanitation/fsm-calculator/values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml index 9c30633d91..f18391de8f 100644 --- a/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/fsm-calculator/values.yaml @@ -1,9 +1,10 @@ -namespace : sanitation # Common Labels labels: app: "fsm-calculator" group: "rainmaker" +namespace : sanitation + # Ingress Configs ingress: enabled: true From e97135f25285b53c776f1523ff64c537bfbaebf7 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 3 Jan 2024 14:04:57 +0530 Subject: [PATCH 627/742] Update sanitation-uat.yaml --- deploy-as-code/helm/environments/sanitation-uat.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 158a0000ba..4165021ab6 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -207,6 +207,9 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" +fsm-calculator: + namespace: sanitation + egov-user: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi From 7297c92034360dc01154f17d7a24c67b7326bdd5 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 4 Jan 2024 14:49:32 +0530 Subject: [PATCH 628/742] Added hrms mdms host (#2265) * Update unified-uat.yaml * Update unified-uat.yaml --- deploy-as-code/helm/environments/unified-uat.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 62fa0d2263..da49087c0d 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -562,6 +562,12 @@ egov-workflow-v2: egov-hrms: java-args: -Dspring.profiles.active=monitoring employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: '-Xmx256m -Xms256m' + memory_limits: 512Mi + mdmsHost: "egov-mdms-service" + mdmsSearchPath: "/egov-mdms-service/v1/_search" + mdmsHost: "egov-mdms-service-legacy" + mdmsSearchPath: "egov-mdms-service-legacy/v1/_search" mdms-v2: memory_limits: 512Mi From 20f884c387dc1b33b2efd6d4892cb347f45abbb4 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 4 Jan 2024 14:59:09 +0530 Subject: [PATCH 629/742] added mdms host (#2267) --- .../helm/charts/business-services/egov-hrms/values.yaml | 7 +++++++ deploy-as-code/helm/environments/unified-uat.yaml | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml b/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml index 561bf541a9..930a31329d 100644 --- a/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml +++ b/deploy-as-code/helm/charts/business-services/egov-hrms/values.yaml @@ -42,6 +42,13 @@ env: | key: egov-mdms-service - name: EGOV_MDMS_SEARCH_ENDPOINT value: /egov-mdms-service/v1/_search + - name: EGOV_MDMSLEGACY_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: {{ .Values.mdmsLegacyHost | default "egov-mdms-service" }} + - name: EGOV_MDMSLEGACY_SEARCH_ENDPOINT + value: {{ .Values.mdmsLegacySearchPath | default "egov-mdms-service/v1/_search" }} - name: EGOV_FILESTORE_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index da49087c0d..3c40ad4658 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -566,8 +566,8 @@ egov-hrms: memory_limits: 512Mi mdmsHost: "egov-mdms-service" mdmsSearchPath: "/egov-mdms-service/v1/_search" - mdmsHost: "egov-mdms-service-legacy" - mdmsSearchPath: "egov-mdms-service-legacy/v1/_search" + mdmsLegacyHost: "egov-mdms-service-legacy" + mdmsLegacySearchPath: "egov-mdms-service-legacy/v1/_search" mdms-v2: memory_limits: 512Mi From 44b51113989d64cb35c4c5159969985af2a523bb Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Thu, 4 Jan 2024 16:46:26 +0530 Subject: [PATCH 630/742] Update sms config (#2268) * Update sms config * Update unified-uat.yaml --- deploy-as-code/helm/environments/unified-uat.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 3c40ad4658..0153e2c709 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -221,12 +221,13 @@ egov-idgen: autocreate-new-seq: "true" egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url + sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" sms.provider.class: "Generic" sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms.senderid: "EGOVFS" + sms-gateway-to-use: "SMS_COUNTRY" + sms-sender: "SMSCOUNTRY" sms-sender-requesttype: "GET" sms-custom-config: "true" sms-extra-req-params: "mtype=N&DR=Y" From 7b4d765ce1913f91afb0ba43a43e19ab342e78e8 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 4 Jan 2024 19:52:44 +0530 Subject: [PATCH 631/742] updated env in common charts (#2269) Co-authored-by: Harish-egov --- deploy-as-code/helm/charts/common/values.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index b08c605f46..d69924198f 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -128,10 +128,17 @@ resources: | extraEnv: java: | - name: SPRING_DATASOURCE_URL + {{- if eq .Values.namespace "health" }} + valueFrom: + configMapKeyRef: + name: egov-config + key: health-db-url + {{- else }} valueFrom: configMapKeyRef: name: egov-config key: db-url + {{- end }} - name: FLYWAY_ENABLED value: "false" - name: SPRING_FLYWAY_ENABLED @@ -144,10 +151,17 @@ extraEnv: name: egov-config key: timezone - name: FLYWAY_URL + {{- if eq .Values.namespace "health" }} + valueFrom: + configMapKeyRef: + name: egov-config + key: health-db-url + {{- else }} valueFrom: configMapKeyRef: name: egov-config key: db-url + {{- end }} - name: SPRING_DATASOURCE_USERNAME valueFrom: secretKeyRef: From 6920e7900a0cd87eb8444cce943a412873330fa6 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Fri, 5 Jan 2024 14:33:14 +0530 Subject: [PATCH 632/742] Update unified-dev.yaml (#2270) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 6acaa591bb..afa4656327 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -453,8 +453,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 42cba7dee034f804d93b8cb31e46c5eb49628eae Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Fri, 5 Jan 2024 16:06:49 +0530 Subject: [PATCH 633/742] replaced works service-request persister for unified-health-qa env (#2271) --- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 069f221e9e..994ca14b4e 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -318,7 +318,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 5e34dcf7ad0ced1a46f212f76a2b355e9d04e1ed Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Sun, 7 Jan 2024 12:33:53 +0530 Subject: [PATCH 634/742] SM-3668 (#2272) From 65417e57afe299837c65f3d75a94852d84426d0c Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Mon, 8 Jan 2024 13:26:54 +0530 Subject: [PATCH 635/742] Updated health qa environment file for service-request persister changes (#2275) * Updated health qa environment file for service-request persister changes * updated service-request values: changed topics * updated unified-dev env file: added health folder persister config files --- .../helm/charts/health-services/service-request/values.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index 450b760a44..11fb29db01 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -41,9 +41,9 @@ env: | - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER value: org.springframework.kafka.support.serializer.JsonSerializer - name: EGOV_SERVICE_DEFINITION_CREATE_TOPIC - value: save-service-definition + value: save-health-service-definition - name: EGOV_SERVICE_CREATE_TOPIC - value: save-service + value: save-health-service - name: EGOV_SERVICE_REQUEST_DEFAULT_OFFSET value: "0" - name: EGOV_SERVICE_REQUEST_DEFAULT_LIMIT diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index afa4656327..bf0d6ebdf6 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 994ca14b4e..3db9a2ecee 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -318,7 +318,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 9a04f635df..d28e41fcb3 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -326,7 +326,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From a3211d84bf26fa9f484d73cf8f1195fc9bb7ad9a Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Mon, 8 Jan 2024 17:05:36 +0530 Subject: [PATCH 636/742] Updated health-services kafka topics to accommodate config topic changes (#2278) * Updated health-services kafka topics to accommodate config topic changes * updated charts as per code review comments --- .../health-services/facility/values.yaml | 12 ++-- .../health-individual/values.yaml | 14 ++--- .../health-project/values.yaml | 60 +++++++++---------- .../health-services/household/values.yaml | 24 ++++---- .../health-services/product/values.yaml | 8 +-- .../referralmanagement/values.yaml | 37 ++++++++---- .../service-request/values.yaml | 4 +- .../charts/health-services/stock/values.yaml | 24 ++++---- .../helm/environments/unified-dev.yaml | 2 +- .../helm/environments/unified-health-dev.yaml | 2 +- .../helm/environments/unified-uat.yaml | 2 +- 11 files changed, 101 insertions(+), 88 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/facility/values.yaml b/deploy-as-code/helm/charts/health-services/facility/values.yaml index dd4555bbd3..d1dc5ebec7 100644 --- a/deploy-as-code/helm/charts/health-services/facility/values.yaml +++ b/deploy-as-code/helm/charts/health-services/facility/values.yaml @@ -87,14 +87,14 @@ env: | {{- end }} - name: FACILITY.KAFKA.CREATE.TOPIC - value: "save-facility-topic" + value: "save-facility-health-topic" - name: FACILITY.KAFKA.UPDATE.TOPIC - value: "update-facility-topic" + value: "update-facility-health-topic" - name: FACILITY.KAFKA.DELETE.TOPIC - value: "delete-facility-topic" + value: "delete-facility-health-topic" - name: FACILITY.CONSUMER.BULK.DELETE.TOPIC - value: "delete-facility-bulk-topic" + value: "delete-facility-bulk-health-topic" - name: FACILITY.CONSUMER.BULK.CREATE.TOPIC - value: "create-facility-bulk-topic" + value: "create-facility-bulk-health-topic" - name: FACILITY.CONSUMER.BULK.UPDATE.TOPIC - value: "update-facility-bulk-topic" \ No newline at end of file + value: "update-facility-bulk-health-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml index 40468610bb..bcb973c083 100644 --- a/deploy-as-code/helm/charts/health-services/health-individual/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-individual/values.yaml @@ -70,17 +70,17 @@ env: | - name: SPRING_CACHE_AUTOEXPIRY value: "true" - name: INDIVIDUAL.CONSUMER.BULK.CREATE.TOPIC - value: "individual-consumer-bulk-create-topic" + value: "individual-consumer-bulk-create-health-topic" - name: INDIVIDUAL.CONSUMER.BULK.UPDATE.TOPIC - value: "individual-consumer-bulk-update-topic" + value: "individual-consumer-bulk-update-health-topic" - name: INDIVIDUAL.CONSUMER.BULK.DELETE.TOPIC - value: "individual-consumer-bulk-delete-topic" + value: "individual-consumer-bulk-delete-health-topic" - name: INDIVIDUAL.PRODUCER.SAVE.TOPIC - value: "save-individual-topic" + value: "save-individual-health-topic" - name: INDIVIDUAL.PRODUCER.UPDATE.TOPIC - value: "update-individual-topic" + value: "update-individual-health-topic" - name: INDIVIDUAL.PRODUCER.DELETE.TOPIC - value: "delete-individual-topic" + value: "delete-individual-health-topic" - name: KAFKA_TOPICS_NOTIFICATION_SMS value: "egov.core.notification.sms" {{- if index .Values "state-level-tenant-id" }} @@ -148,7 +148,7 @@ env: | - name: USER_SERVICE_ACCOUNT_LOCKED value: "false" - name: INDIVIDUAL_PRODUCER_UPDATE_USER_ID_TOPIC - value: "update-user-id-topic" + value: "update-user-id-health-topic" - name: NOTIFICATION_SMS_ENABLED value: "false" {{- if index .Values "tracing-enabled" }} diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml index f215cdb72b..3e6d3487d6 100644 --- a/deploy-as-code/helm/charts/health-services/health-project/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-project/values.yaml @@ -148,41 +148,41 @@ env: | - name: EGOV_SEARCH_PRODUCT_VARIANT_URL value: "/product/variant/v1/_search" - name: PROJECT.TASK.KAFKA.CREATE.TOPIC - value: "save-project-task-topic" + value: "save-project-task-health-topic" - name: PROJECT.TASK.CONSUMER.BULK.CREATE.TOPIC - value: "save-project-task-bulk-topic" + value: "save-project-task-bulk-health-topic" - name: PROJECT.TASK.KAFKA.UPDATE.TOPIC - value: "update-project-task-topic" + value: "update-project-task-health-topic" - name: PROJECT.TASK.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-task-bulk-topic" + value: "update-project-task-bulk-health-topic" - name: PROJECT.TASK.KAFKA.DELETE.TOPIC - value: "delete-project-task-topic" + value: "delete-project-task-health-topic" - name: PROJECT.TASK.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-task-bulk-topic" + value: "delete-project-task-bulk-health-topic" - name: PROJECT.BENEFICIARY.KAFKA.CREATE.TOPIC - value: "save-project-beneficiary-topic" + value: "save-project-beneficiary-health-topic" - name: PROJECT.BENEFICIARY.KAFKA.UPDATE.TOPIC - value: "update-project-beneficiary-topic" + value: "update-project-beneficiary-health-topic" - name: PROJECT.BENEFICIARY.KAFKA.DELETE.TOPIC - value: "delete-project-beneficiary-topic" + value: "delete-project-beneficiary-health-topic" - name: PROJECT.BENEFICIARY.CONSUMER.BULK.CREATE.TOPIC - value: "project-beneficiary-consumer-bulk-create-topic" + value: "project-beneficiary-consumer-health-bulk-create-topic" - name: PROJECT.BENEFICIARY.CONSUMER.BULK.UPDATE.TOPIC - value: "project-beneficiary-consumer-bulk-update-topic" + value: "project-beneficiary-consumer-health-bulk-update-topic" - name: PROJECT.BENEFICIARY.CONSUMER.BULK.DELETE.TOPIC - value: "project-beneficiary-consumer-bulk-delete-topic" + value: "project-beneficiary-consumer-health-bulk-delete-topic" - name: PROJECT.STAFF.KAFKA.DELETE.TOPIC - value: "delete-project-staff-topic" + value: "delete-project-staff-health-topic" - name: PROJECT.STAFF.KAFKA.CREATE.TOPIC - value: "save-project-staff-topic" + value: "save-project-staff-health-topic" - name: PROJECT.STAFF.KAFKA.UPDATE.TOPIC - value: "update-project-staff-topic" + value: "update-project-staff-health-topic" - name: PROJECT.STAFF.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-staff-bulk-topic" + value: "delete-project-staff-bulk-health-topic" - name: PROJECT.STAFF.CONSUMER.BULK.CREATE.TOPIC - value: "create-project-staff-bulk-topic" + value: "create-project-staff-bulk-health-topic" - name: PROJECT.STAFF.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-staff-bulk-topic" + value: "update-project-staff-bulk-health-topic" - name: SEARCH_API_LIMIT value: "1000" - name: PROJECT.DOCUMENT.ID.VERIFICATION.REQUIRED @@ -208,29 +208,29 @@ env: | - name: PROJECT.RESOURCE.IDGEN.ID.FORMAT value: "project.resource.id" - name: PROJECT.RESOURCE.KAFKA.CREATE.TOPIC - value: "save-project-resource-topic" + value: "save-project-resource-health-topic" - name: PROJECT.RESOURCE.KAFKA.UPDATE.TOPIC - value: "update-project-resource-topic" + value: "update-project-resource-health-topic" - name: PROJECT.RESOURCE.KAFKA.DELETE.TOPIC - value: "delete-project-resource-topic" + value: "delete-project-resource-health-topic" - name: PROJECT.RESOURCE.CONSUMER.BULK.CREATE.TOPIC - value: "save-project-resource-bulk-topic" + value: "save-project-resource-bulk-health-topic" - name: PROJECT.RESOURCE.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-resource-bulk-topic" + value: "update-project-resource-bulk-health-topic" - name: PROJECT.RESOURCE.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-resource-bulk-topic" + value: "delete-project-resource-bulk-health-topic" - name: PROJECT.FACILITY.KAFKA.DELETE.TOPIC - value: "delete-project-facility-topic" + value: "delete-project-facility-health-topic" - name: PROJECT.FACILITY.KAFKA.CREATE.TOPIC - value: "save-project-facility-topic" + value: "save-project-facility-health-topic" - name: PROJECT.FACILITY.KAFKA.UPDATE.TOPIC - value: "update-project-facility-topic" + value: "update-project-facility-health-topic" - name: PROJECT.FACILITY.CONSUMER.BULK.DELETE.TOPIC - value: "delete-project-facility-bulk-topic" + value: "delete-project-facility-bulk-health-topic" - name: PROJECT.FACILITY.CONSUMER.BULK.CREATE.TOPIC - value: "create-project-facility-bulk-topic" + value: "create-project-facility-bulk-health-topic" - name: PROJECT.FACILITY.CONSUMER.BULK.UPDATE.TOPIC - value: "update-project-facility-bulk-topic" + value: "update-project-facility-bulk-health-topic" - name: EGOV.USER.ID.VALIDATOR value: egov-user - name: EGOV_FACILITY_HOST diff --git a/deploy-as-code/helm/charts/health-services/household/values.yaml b/deploy-as-code/helm/charts/health-services/household/values.yaml index 2873b39b18..fd918659c6 100644 --- a/deploy-as-code/helm/charts/health-services/household/values.yaml +++ b/deploy-as-code/helm/charts/health-services/household/values.yaml @@ -87,17 +87,17 @@ env: | - name: EGOV_INDIVIDUAL_SEARCH_URL value: "/individual/v1/_search" - name: HOUSEHOLD_MEMBER_KAFKA_CREATE_TOPIC - value: "save-household-member-topic" + value: "save-household-member-health-topic" - name: HOUSEHOLD_MEMBER_KAFKA_UPDATE_TOPIC - value: "update-household-member-topic" + value: "update-household-member-health-topic" - name: HOUSEHOLD_MEMBER_KAFKA_DELETE_TOPIC - value: "delete-household-member-topic" + value: "delete-household-member-health-topic" - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.CREATE.TOPIC - value: "household-member-consumer-bulk-create-topic" + value: "household-member-consumer-bulk-create-health-topic" - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.UPDATE.TOPIC - value: "household-member-consumer-bulk-update-topic" + value: "household-member-consumer-bulk-update-health-topic" - name: HOUSEHOLD.MEMBER.CONSUMER.BULK.DELETE.TOPIC - value: "household-member-consumer-bulk-delete-topic" + value: "household-member-consumer-bulk-delete-health-topic" - name: MANAGEMENT_SECURITY_ENABLED value: "false" {{- if index .Values "tracing-enabled" }} @@ -105,14 +105,14 @@ env: | value: "true" {{- end }} - name: HOUSEHOLD.CONSUMER.BULK.DELETE.TOPIC - value: "delete-household-bulk-topic" + value: "delete-household-bulk-health-topic" - name: HOUSEHOLD.CONSUMER.BULK.CREATE.TOPIC - value: "create-household-bulk-topic" + value: "create-household-bulk-health-topic" - name: HOUSEHOLD.CONSUMER.BULK.UPDATE.TOPIC - value: "update-household-bulk-topic" + value: "update-household-bulk-health-topic" - name: HOUSEHOLD.KAFKA.CREATE.TOPIC - value: "save-household-topic" + value: "save-household-health-topic" - name: HOUSEHOLD.KAFKA.UPDATE.TOPIC - value: "update-household-topic" + value: "update-household-health-topic" - name: HOUSEHOLD.KAFKA.DELETE.TOPIC - value: "delete-household-topic" \ No newline at end of file + value: "delete-household-health-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/product/values.yaml b/deploy-as-code/helm/charts/health-services/product/values.yaml index 08fe34e935..02370138dd 100644 --- a/deploy-as-code/helm/charts/health-services/product/values.yaml +++ b/deploy-as-code/helm/charts/health-services/product/values.yaml @@ -84,10 +84,10 @@ env: | value: "true" {{- end }} - name: PRODUCT_KAFKA_CREATE_TOPIC - value: "save-product-topic" + value: "save-product-health-topic" - name: PRODUCT_KAFKA_UPDATE_TOPIC - value: "update-product-topic" + value: "update-product-health-topic" - name: PRODUCT_VARIANT_KAFKA_CREATE_TOPIC - value: "save-product-variant-topic" + value: "save-product-variant-health-topic" - name: PRODUCT_VARIANT_KAFKA_UPDATE_TOPIC - value: "update-product-variant-topic" \ No newline at end of file + value: "update-product-variant-health-topic" \ No newline at end of file diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml index 5642be8628..3c4da0de8a 100644 --- a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -154,29 +154,42 @@ env: | - name: EGOV_SEARCH_PROJECT_STAFF_URL value: "/project/staff/v1/_search" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC - value: "save-side-effect-topic" + value: "save-side-effect-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC - value: "update-side-effect-topic" + value: "update-side-effect-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.DELETE.TOPIC - value: "delete-side-effect-topic" + value: "delete-side-effect-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.CREATE.TOPIC - value: "save-side-effect-bulk-topic" + value: "save-side-effect-bulk-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.UPDATE.TOPIC - value: "update-side-effect-bulk-topic" + value: "update-side-effect-bulk-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.CONSUMER.BULK.DELETE.TOPIC - value: "delete-side-effect-bulk-topic" + value: "delete-side-effect-bulk-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.CREATE.TOPIC - value: "save-referral-topic" + value: "save-referral-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.UPDATE.TOPIC - value: "update-referral-topic" + value: "update-referral-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.KAFKA.DELETE.TOPIC - value: "delete-referral-topic" + value: "delete-referral-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.CREATE.TOPIC - value: "save-referral-bulk-topic" + value: "save-referral-bulk-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.UPDATE.TOPIC - value: "update-referral-bulk-topic" + value: "update-referral-bulk-health-topic" - name: REFERRALMANAGEMENT.REFERRAL.CONSUMER.BULK.DELETE.TOPIC - value: "delete-referral-bulk-topic" + value: "delete-referral-bulk-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.KAFKA.CREATE.TOPIC + value: "save-hfreferral-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.KAFKA.UPDATE.TOPIC + value: "update-hfreferral-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.KAFKA.DELETE.TOPIC + value: "delete-hfreferral-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.CONSUMER.BULK.CREATE.TOPIC + value: "save-hfreferral-bulk-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.CONSUMER.BULK.UPDATE.TOPIC + value: "update-hfreferral-bulk-health-topic" + - name: REFERRALMANAGEMENT.HFREFERRAL.CONSUMER.BULK.DELETE.TOPIC + value: "delete-hfreferral-bulk-health-topic" + - name: SEARCH_API_LIMIT value: "1000" - name: REFERRALMANAGEMENT.DOCUMENT.ID.VERIFICATION.REQUIRED diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index 11fb29db01..8eae35491d 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -41,9 +41,9 @@ env: | - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER value: org.springframework.kafka.support.serializer.JsonSerializer - name: EGOV_SERVICE_DEFINITION_CREATE_TOPIC - value: save-health-service-definition + value: save-service-definition-health - name: EGOV_SERVICE_CREATE_TOPIC - value: save-health-service + value: save-service-health - name: EGOV_SERVICE_REQUEST_DEFAULT_OFFSET value: "0" - name: EGOV_SERVICE_REQUEST_DEFAULT_LIMIT diff --git a/deploy-as-code/helm/charts/health-services/stock/values.yaml b/deploy-as-code/helm/charts/health-services/stock/values.yaml index 34d6e015f5..956fe74114 100644 --- a/deploy-as-code/helm/charts/health-services/stock/values.yaml +++ b/deploy-as-code/helm/charts/health-services/stock/values.yaml @@ -95,31 +95,31 @@ env: | - name: EGOV_SEARCH_PRODUCT_VARIANT_URL value: "/product/variant/v1/_search" - name: STOCK.KAFKA.CREATE.TOPIC - value: "save-stock-topic" + value: "save-stock-health-topic" - name: STOCK.KAFKA.UPDATE.TOPIC - value: "update-stock-topic" + value: "update-stock-health-topic" - name: STOCK.KAFKA.DELETE.TOPIC - value: "delete-stock-topic" + value: "delete-stock-health-topic" - name: STOCK.CONSUMER.BULK.DELETE.TOPIC - value: "delete-stock-bulk-topic" + value: "delete-stock-bulk-health-topic" - name: STOCK.CONSUMER.BULK.CREATE.TOPIC - value: "create-stock-bulk-topic" + value: "create-stock-bulk-health-topic" - name: STOCK.CONSUMER.BULK.UPDATE.TOPIC - value: "update-stock-bulk-topic" + value: "update-stock-bulk-health-topic" - name: SEARCH_API_LIMIT value: "1000" - name: STOCK.RECONCILIATION.KAFKA.CREATE.TOPIC - value: "save-stock-reconciliation-topic" + value: "save-stock-reconciliation-health-topic" - name: STOCK.RECONCILIATION.KAFKA.UPDATE.TOPIC - value: "update-stock-reconciliation-topic" + value: "update-stock-reconciliation-health-topic" - name: STOCK.RECONCILIATION.KAFKA.DELETE.TOPIC - value: "delete-stock-reconciliation-topic" + value: "delete-stock-reconciliation-health-topic" - name: STOCK.RECONCILIATION.CONSUMER.BULK.DELETE.TOPIC - value: "delete-stock-reconciliation-bulk-topic" + value: "delete-stock-reconciliation-bulk-health-topic" - name: STOCK.RECONCILIATION.CONSUMER.BULK.CREATE.TOPIC - value: "create-stock-reconciliation-bulk-topic" + value: "create-stock-reconciliation-bulk-health-topic" - name: STOCK.RECONCILIATION.CONSUMER.BULK.UPDATE.TOPIC - value: "update-stock-reconciliation-bulk-topic" + value: "update-stock-reconciliation-bulk-health-topic" - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index bf0d6ebdf6..e50af99330 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index c664fff24a..2809973339 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -323,7 +323,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' + persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' initContainers: gitSync: repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 0153e2c709..22e450d295 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -345,7 +345,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From fe4cc0b884307d8579f21284f785ad8581f7bb0a Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 9 Jan 2024 10:36:20 +0530 Subject: [PATCH 637/742] added ingress metrics url in values.yaml --- .../backbone-services/prometheus-operator/values.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml index 1ccdbbabdc..540585f702 100644 --- a/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/prometheus-operator/values.yaml @@ -1784,7 +1784,7 @@ prometheus: image: registry: quay.io repository: prometheus/prometheus - tag: v2.47.0 + tag: v2.48.0 sha: "" ## Tolerations for use with node taints @@ -2160,7 +2160,10 @@ prometheus: - targets: ['prometheus-kafka-exporter.kafka-cluster:9308'] - job_name: 'postgres-exporter' static_configs: - - targets: ['release-name-prometheus-postgres-exporter:80'] + - targets: ['release-name-prometheus-postgres-exporter:80'] + - job_name: 'nginx-ingress-metrics' + static_configs: + - targets: ['nginx-ingress-metrics.egov.svc.cluster.local:10254'] # - job_name: kube-etcd # kubernetes_sd_configs: # - role: node From 81fd65dac1d25bb33b43c3e87b754949d35bc21b Mon Sep 17 00:00:00 2001 From: Gowtham-egov <112694085+Gowtham-egov@users.noreply.github.com> Date: Tue, 9 Jan 2024 14:19:19 +0530 Subject: [PATCH 638/742] added fsm paths for unified-fsm-dev (#2282) --- deploy-as-code/helm/charts/core-services/zuul/values.yaml | 2 +- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 0c6197b2d9..38e0b1dc60 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: egov,sanitation,works,health,staging +discovery_namespaces: egov,sanitation,works,health,staging,fsm # Init Containers Configs initContainers: extraInitContainers: | diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index e50af99330..8fce225108 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -355,7 +355,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" egov-persister: replicas: 1 @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 398f82adf189bcb3971fa290d06b1488f4cb595d Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Tue, 9 Jan 2024 14:19:47 +0530 Subject: [PATCH 639/742] =?UTF-8?q?health=20unified=20qa=20egov-persister?= =?UTF-8?q?=20config=20files=20added=20for=20configs=20repo=20=E2=80=A6=20?= =?UTF-8?q?(#2281)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * health unified qa egov-persister config files added for configs repo changes * updated unified-health-qa and unified-qa persister files list --- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 3db9a2ecee..7ae5a11452 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -318,7 +318,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index d28e41fcb3..0115f75f71 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -326,7 +326,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From b884b4c2b52583b18ca64c55d693adb9de382de2 Mon Sep 17 00:00:00 2001 From: JithendarKumar-eGov <103918846+JithendarKumar-eGov@users.noreply.github.com> Date: Tue, 9 Jan 2024 15:32:43 +0530 Subject: [PATCH 640/742] Update values.yaml (#2284) --- .../helm/charts/sanitation/pqm-anomaly-finder/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml index 31456199ab..804d96c92b 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-anomaly-finder/values.yaml @@ -101,7 +101,7 @@ env: | value: {{ index .Values "java-debug" | quote }} {{- else }} - name: JAVA_ENABLE_DEBUG - value: "false" + value: "true" {{- end }} - name: SECURITY_BASIC_ENABLED value: "false" From 9ac91325ac4c2d8958271b7d76186a455b6a041f Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 9 Jan 2024 15:53:14 +0530 Subject: [PATCH 641/742] test project injestion :: changed project type id (#2285) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index c3650bb857..d31ccfcd89 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -209,7 +209,7 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818928fd1 + value: dbd45c31-de9e-4e62-a9b6-abb818900000 - name: EGOV_PROJECT_TYPE value: LLIN-Default - name: EGOV_FACILITY_HOST From 588f7e4be0aa7955aba38e57234c4df2f6fe78ab Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:34:07 +0530 Subject: [PATCH 642/742] changed project type for hcm-workbench (#2286) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index d31ccfcd89..8c907374eb 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -211,7 +211,7 @@ env: | - name: EGOV_PROJECT_TYPE_ID value: dbd45c31-de9e-4e62-a9b6-abb818900000 - name: EGOV_PROJECT_TYPE - value: LLIN-Default + value: LLIN-Default-Test - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: From f66044a40ddf7af056751b5c83a3de0e4f7588c6 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Tue, 9 Jan 2024 16:59:27 +0530 Subject: [PATCH 643/742] SM-3677 adding pdf file path (#2287) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 8fce225108..2f9910639a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -453,7 +453,7 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 3d5646665d3b7ea1402384808c7e1ea9cb508bdb Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 10 Jan 2024 12:08:42 +0530 Subject: [PATCH 644/742] updated project type and project type id (#2288) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 8c907374eb..f1b4e75b99 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -209,9 +209,9 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818900000 + value: dbd45c31-de9e-4e62-a9b6-abb818911111 - name: EGOV_PROJECT_TYPE - value: LLIN-Default-Test + value: LLIN-Default-Testing - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: From 16849b631374dffb1d96dcd3d688c3b508bbb1ab Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 10 Jan 2024 16:47:14 +0530 Subject: [PATCH 645/742] updated project type and type id in hcm-moz-impl helm chart (#2290) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index f1b4e75b99..7244ee9bef 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -209,9 +209,9 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818911111 + value: dbd45c31-de9e-4e62-a9b6-abb818922222 - name: EGOV_PROJECT_TYPE - value: LLIN-Default-Testing + value: LLIN-Default-Demo - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: From b09534dc2053ed6042ad286a118d7213979e3edb Mon Sep 17 00:00:00 2001 From: ashish-egov <137176738+ashish-egov@users.noreply.github.com> Date: Thu, 11 Jan 2024 11:37:55 +0530 Subject: [PATCH 646/742] HCM Feat : Added endpoints and template values (#2293) --- .../digit-works/utilities/hcm-bff/values.yaml | 44 ------------ .../hcm-bff/Chart.yaml | 2 +- .../hcm-bff/templates/deployment.yaml | 0 .../hcm-bff/templates/ingress.yaml | 0 .../hcm-bff/templates/service.yaml | 0 .../health-services/hcm-bff/values.yaml | 70 +++++++++++++++++++ .../helm/environments/unified-health-uat.yaml | 1 + 7 files changed, 72 insertions(+), 45 deletions(-) delete mode 100644 deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml rename deploy-as-code/helm/charts/{digit-works/utilities => health-services}/hcm-bff/Chart.yaml (96%) rename deploy-as-code/helm/charts/{digit-works/utilities => health-services}/hcm-bff/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/utilities => health-services}/hcm-bff/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/{digit-works/utilities => health-services}/hcm-bff/templates/service.yaml (100%) create mode 100644 deploy-as-code/helm/charts/health-services/hcm-bff/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml deleted file mode 100644 index 30f563536c..0000000000 --- a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/values.yaml +++ /dev/null @@ -1,44 +0,0 @@ -# Common Labels -labels: - app: "hcm-bff" - group: "rainmaker" - -namespace: health - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "hcm-bff" - - -# Container Configs -image: - repository: "hcm-bff" -replicas: "1" - -# Additional Container Envs -env: | - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: KAFKA_BROKER_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: EGOV_FILESTORE_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-filestore - - name: CONTEXT_PATH - value: "/hcm-bff" - - name: EGOV_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: egov-services-fqdn-name diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml b/deploy-as-code/helm/charts/health-services/hcm-bff/Chart.yaml similarity index 96% rename from deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml rename to deploy-as-code/helm/charts/health-services/hcm-bff/Chart.yaml index 47e1564408..2570b72d77 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/Chart.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-bff/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml b/deploy-as-code/helm/charts/health-services/hcm-bff/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/deployment.yaml rename to deploy-as-code/helm/charts/health-services/hcm-bff/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml b/deploy-as-code/helm/charts/health-services/hcm-bff/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/ingress.yaml rename to deploy-as-code/helm/charts/health-services/hcm-bff/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml b/deploy-as-code/helm/charts/health-services/hcm-bff/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/digit-works/utilities/hcm-bff/templates/service.yaml rename to deploy-as-code/helm/charts/health-services/hcm-bff/templates/service.yaml diff --git a/deploy-as-code/helm/charts/health-services/hcm-bff/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-bff/values.yaml new file mode 100644 index 0000000000..73b0d4dbc6 --- /dev/null +++ b/deploy-as-code/helm/charts/health-services/hcm-bff/values.yaml @@ -0,0 +1,70 @@ +# Common Labels +labels: + app: "hcm-bff" + group: "rainmaker" + +namespace: health + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "hcm-bff" + + +# Container Configs +image: + repository: "hcm-bff" +replicas: "1" + +# Additional Container Envs +env: | + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_FILESTORE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-filestore + - name: HCM_MOZ_IMPL_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: hcm-moz-impl + - name: EGOV_HCM_BFF_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: hcm-bff + + - name: CONTEXT_PATH + value: "/hcm-bff" + + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: egov-mdms-service/v2/_search + - name: FILE_STORE_SERVICE_END_POINT + value: filestore/v1/files + - name: HCM_MOZ_IMPL_SERVICE_ENDPOINT + value: hcm-moz-impl/v1/ingest + + - name: HCM_PARSING_TEMPLATE + value: HCM.ParsingTemplate + - name: HCM_TRANSFORM_TEMPLATE + value: HCM.TransformTemplate + - name: HCM_CAMPAIGN_TEMPLATE + value: HCM.HCMTemplate + + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index f633592a71..ceebb44ad6 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -73,6 +73,7 @@ cluster-configs: egov-location: 'http://egov-location.egov:8080/' egov-filestore: 'http://egov-filestore.egov:8080/' hcm-moz-impl: "http://hcm-moz-impl.health:8080/" + hcm-bff: "http://hcm-bff.health:8080/" egov-localization: 'http://egov-localization.egov:8080/' egov-idgen: 'http://egov-idgen.egov:8080/' egov-otp: 'http://egov-otp.egov:8080/' From 2d9f71769517d211596b0d76572da56abe73d33b Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Thu, 11 Jan 2024 18:28:14 +0530 Subject: [PATCH 647/742] Revereted back the db url by Updating unified-health-uat.yaml (#2295) --- deploy-as-code/helm/environments/unified-health-uat.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml index ceebb44ad6..53ea7da224 100644 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ b/deploy-as-code/helm/environments/unified-health-uat.yaml @@ -16,7 +16,7 @@ cluster-configs: db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com db-name: unifieduatdb ## Add db-name db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb?currentSchema=health + health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: unified-uat.digit.org ## Add your Domain Name aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ @@ -42,7 +42,6 @@ cluster-configs: tracer-errors-provideexceptionindetails: "true" egov-bnd-freedownload-tenants: "pg.testing" egov-bnd-live-citizen-tenants: "pg.testing" - health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo egov-service-host: namespace: [ monitoring, health ] From a3c562ffa7e0471507e0a37979211483447150f4 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Fri, 12 Jan 2024 11:37:26 +0530 Subject: [PATCH 648/742] Update Chart.yaml (#2296) --- .../helm/charts/health-services/health-attendance/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml index df77fa831c..ae6c63b9b7 100644 --- a/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml +++ b/deploy-as-code/helm/charts/health-services/health-attendance/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../common From b5b5efb38d5ff7459c30361ebe12498689d9fe3e Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Fri, 12 Jan 2024 15:42:00 +0530 Subject: [PATCH 649/742] Update unified-uat.yaml --- deploy-as-code/helm/environments/unified-uat.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 22e450d295..e90c914584 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -345,7 +345,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From eae61334e387168490f77d17ce7d6ddcda38a26e Mon Sep 17 00:00:00 2001 From: ashish-egov <137176738+ashish-egov@users.noreply.github.com> Date: Fri, 12 Jan 2024 20:35:10 +0530 Subject: [PATCH 650/742] Feat : added egov-bff helm to test and integrate MFORM (#2300) * Feat : added egov-bff helm * Update values.yaml * Update values.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../helm/charts/frontend/egov-bff/Chart.yaml | 26 +++++++++++ .../egov-bff/templates/deployment.yaml | 2 + .../frontend/egov-bff/templates/ingress.yaml | 2 + .../frontend/egov-bff/templates/service.yaml | 2 + .../helm/charts/frontend/egov-bff/values.yaml | 43 +++++++++++++++++++ 5 files changed, 75 insertions(+) create mode 100644 deploy-as-code/helm/charts/frontend/egov-bff/Chart.yaml create mode 100644 deploy-as-code/helm/charts/frontend/egov-bff/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/frontend/egov-bff/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/frontend/egov-bff/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/frontend/egov-bff/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/egov-bff/Chart.yaml b/deploy-as-code/helm/charts/frontend/egov-bff/Chart.yaml new file mode 100644 index 0000000000..1d789c8e17 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/egov-bff/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: egov-bff +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/frontend/egov-bff/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/egov-bff/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/egov-bff/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/egov-bff/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/egov-bff/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/egov-bff/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/egov-bff/templates/service.yaml b/deploy-as-code/helm/charts/frontend/egov-bff/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/egov-bff/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/egov-bff/values.yaml b/deploy-as-code/helm/charts/frontend/egov-bff/values.yaml new file mode 100644 index 0000000000..412456acbe --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/egov-bff/values.yaml @@ -0,0 +1,43 @@ +# Common Labels +labels: + app: "egov-bff" + group: "rainmaker" + +namespace: egov + +# Ingress Configs +ingress: + namespace: egov + enabled: true + context: "egov-bff" + + +# Container Configs +image: + repository: "egov-bff" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_V2_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: mdms-service-v2 + + - name: CONTEXT_PATH + value: "/egov-bff" + + - name: EGOV_MDMS_V2_SEARCH_ENDPOINT + value: mdms-v2/v2/_search + + - name: EGOV_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-services-fqdn-name From 34ca7aac982a1e1b207d37ea6d873ce64e7e3171 Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Fri, 12 Jan 2024 20:56:26 +0530 Subject: [PATCH 651/742] Added mdms-v2 to host to HCM MOZ Impl service #2301(#2301) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 7244ee9bef..ae360b9b06 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -76,6 +76,13 @@ env: | key: egov-mdms-service-legacy - name: EGOV_MDMS_SEARCH_ENDPOINT value: /egov-mdms-service-legacy/v1/_search + - name: EGOV_MDMS_V2_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_V2_SEARCH_ENDPOINT + value: /egov-mdms-service/v1/_search - name: EGOV_IDGEN_PATH value: "egov-idgen/id/_generate" - name: EGOV_IDGEN_INTEGRATION_ENABLED @@ -409,4 +416,4 @@ env: | - name: TRACER_OPENTRACING_ENABLED value: "true" {{- end }} - \ No newline at end of file + From 251320d877dd5df8b4cc6d18cfa5f94d2c15bee5 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 10:58:09 +0530 Subject: [PATCH 652/742] Update values.yaml (#2302) update context path for health-attendance --- .../helm/charts/health-services/health-attendance/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml index 7caf19d53b..786bc39171 100644 --- a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml @@ -10,7 +10,7 @@ ingress: namespace: egov enabled: true zuul: true - context: "attendance" + context: "health-attendance" # Init Containers Configs initContainers: @@ -125,4 +125,4 @@ env: | {{- if index .Values "contracts-revision-topic" }} - name: CONTRACTS_REVISION_TOPIC value: {{ index .Values "contracts-revision-topic" | quote }} - {{- end }} \ No newline at end of file + {{- end }} From 0c63f9639ff015a5977127f1b4411026d1e13465 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 12:19:11 +0530 Subject: [PATCH 653/742] updated values.yaml of hcm-moz-impl (#2303) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index ae360b9b06..bda1a5e271 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -216,9 +216,9 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818922222 + value: dbd45c31-de9e-4e62-a9b6-abb818933333 - name: EGOV_PROJECT_TYPE - value: LLIN-Default-Demo + value: LLIN-Default-Test2 - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: From 1ba10d1841df1f3d3ea8a8e07180ea2756bc5e7a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:08:24 +0530 Subject: [PATCH 654/742] Update sanitation-uat.yaml --- deploy-as-code/helm/environments/sanitation-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 4165021ab6..e457ed63f4 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -135,6 +135,7 @@ cluster-configs: fsm: "http://fsm.sanitation:8080/" vehicle: "http://vehicle.sanitation:8080" vendor: "http://vendor.sanitation:8080" + mdms-service-v2: "http://mdms-v2.egov:8080/" pqm: "http://pqm.sanitation:8080" pqm-service: "http://pqm-service.sanitation:8080" pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" From a845983f3baf74fdf50c5815aa80e80b26c24895 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:14:10 +0530 Subject: [PATCH 655/742] Update sanitation-uat.yaml --- deploy-as-code/helm/environments/sanitation-uat.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index e457ed63f4..90be4d1ed7 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -291,6 +291,9 @@ pqm-service: java-debug: true tracing-enabled: "true" +fsm: + namespace: sanitation + pqm-anomaly-finder: memory_limits: 512Mi heap: "-Xmx256m -Xms256m" From 142d42ca62bf31620398eaad5c3008890933e186 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:28:00 +0530 Subject: [PATCH 656/742] Update sanitation-uat.yaml --- deploy-as-code/helm/environments/sanitation-uat.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 90be4d1ed7..286444ebd0 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -257,7 +257,9 @@ chatbot: user-service-chatbot-citizen-passwrord: "123456" - +vehicle: + namespace: sanitation + ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" @@ -295,11 +297,15 @@ fsm: namespace: sanitation pqm-anomaly-finder: + namespace: sanitation memory_limits: 512Mi heap: "-Xmx256m -Xms256m" java-debug: true tracing-enabled: "true" - + +vendor: + namespace: sanitation + inbox: memory_limits: 512Mi heap: "-Xmx512m -Xms256m" From f6de55dce40a2b93ed81f0fbb69a2aa1c90b638d Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 16 Jan 2024 14:49:56 +0530 Subject: [PATCH 657/742] Update sanitation-uat.yaml --- deploy-as-code/helm/environments/sanitation-uat.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml index 286444ebd0..e1d66cfb38 100644 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ b/deploy-as-code/helm/environments/sanitation-uat.yaml @@ -260,6 +260,9 @@ chatbot: vehicle: namespace: sanitation +pqm-scheduler: + namespace: sanitation + ws-services: wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" From 171b055edad215f68bea4bfa8eecbefab52bac80 Mon Sep 17 00:00:00 2001 From: Priyanka-eGov <74049060+Priyanka-eGov@users.noreply.github.com> Date: Tue, 16 Jan 2024 16:47:36 +0530 Subject: [PATCH 658/742] SM-3677 adding pdf host variables (#2304) --- .../helm/charts/sanitation/pqm-service/values.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml index e7327c998f..314531e7ba 100644 --- a/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml +++ b/deploy-as-code/helm/charts/sanitation/pqm-service/values.yaml @@ -76,6 +76,11 @@ env: | configMapKeyRef: name: egov-service-host key: egov-localization + - name: EGOV_PDFSERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: pdf-service - name: EGOV_UI_APP_HOST valueFrom: configMapKeyRef: From 282dcb09b122123fed42128e4ccfeb75db8cf833 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 17 Jan 2024 15:29:30 +0530 Subject: [PATCH 659/742] update helm for hcm-moz-impl (#2308) * updated helm for hcm-moz-impl * updated helm for hcm-moz-impl --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index bda1a5e271..201aec0a9f 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -216,9 +216,9 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818933333 + value: dbd45c31-de9e-4e62-a9b6-abb818944444 - name: EGOV_PROJECT_TYPE - value: LLIN-Default-Test2 + value: LLIN-Default-Demo - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: @@ -272,7 +272,7 @@ env: | - name: EGOV_PROJECT_RESOURCE_UPDATE_PATH value: /project/resource/v1/bulk/_update - name: EGOV_SERVICE_REQUEST_PROJECTCODE - value: LLINMozambique2 + value: LLINDemoCampaign - name: EGOV_HOUSEHOLD_HOST valueFrom: configMapKeyRef: From be4efead3df63608f4ac8b8546a93d250b2e64be Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Wed, 17 Jan 2024 15:30:53 +0530 Subject: [PATCH 660/742] adding path (#2307) --- deploy-as-code/helm/environments/unified-uat.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index e90c914584..99d3a69451 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -150,6 +150,7 @@ cluster-configs: pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" + gov-user-event: "http://egov-user-event.egov:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From b8625d39af1bc542436f1f95f23ee3b43378e061 Mon Sep 17 00:00:00 2001 From: nitish-egov <137176807+nitish-egov@users.noreply.github.com> Date: Wed, 17 Jan 2024 17:29:53 +0530 Subject: [PATCH 661/742] updated helm for hcm-moz-impl (#2309) * updated helm for hcm-moz-impl * Update values.yaml --------- Co-authored-by: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 201aec0a9f..ebe3fbf29b 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -216,9 +216,9 @@ env: | - name: EGOV_DHIS2_ORGANISATION_UNIT_PROVINCES value: "SOFALA,NAMPULA" - name: EGOV_PROJECT_TYPE_ID - value: dbd45c31-de9e-4e62-a9b6-abb818944444 + value: dbd45c31-de9e-4e62-a9b6-abb818955555 - name: EGOV_PROJECT_TYPE - value: LLIN-Default-Demo + value: LLINWorkbenchDemoProjectType - name: EGOV_FACILITY_HOST valueFrom: configMapKeyRef: @@ -272,7 +272,7 @@ env: | - name: EGOV_PROJECT_RESOURCE_UPDATE_PATH value: /project/resource/v1/bulk/_update - name: EGOV_SERVICE_REQUEST_PROJECTCODE - value: LLINDemoCampaign + value: LLINWorkbenchDemo - name: EGOV_HOUSEHOLD_HOST valueFrom: configMapKeyRef: From a4a3220ad99e0396a6eda76bc833e5762a536d35 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Thu, 18 Jan 2024 14:13:40 +0530 Subject: [PATCH 662/742] Update values.yaml (#2313) updated stock helm chart values for mdms host and user host config --- .../charts/health-services/stock/values.yaml | 30 ++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/stock/values.yaml b/deploy-as-code/helm/charts/health-services/stock/values.yaml index 956fe74114..045f59c401 100644 --- a/deploy-as-code/helm/charts/health-services/stock/values.yaml +++ b/deploy-as-code/helm/charts/health-services/stock/values.yaml @@ -133,4 +133,32 @@ env: | name: egov-service-host key: project - name: EGOV_SEARCH_PROJECT_FACILITY_URL - value: "/project/facility/v1/_search" \ No newline at end of file + value: "/project/facility/v1/_search" + - name: EGOV_USER_INTEGRATION_ENABLED + value: "true" + - name: EGOV_USER_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: EGOV_USER_CONTEXT_PATH + value: "/user/users" + - name: EGOV_CREATE_USER_PATH + value: "/_createnovalidate" + - name: EGOV_SEARCH_USER_URL + value: "/user/_search" + - name: EGOV_UPDATE_USER_URL + value: "/_updatenovalidate" + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: EGOV_MDMS_SEARCH_ENDPOINT + value: "/egov-mdms-service/v1/_search" + - name: EGOV_MDMS_MASTER_NAME + value: "" + - name: EGOV_MDMS_MODULE_NAME + value: "" + - name: EGOV_MDMS_INTEGRATION_ENABLED + value: "false" From 00584596e8ab2d4160d5c87ff8b0576c62df26db Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Fri, 19 Jan 2024 14:10:45 +0530 Subject: [PATCH 663/742] HLM-4209: updated the helm chart and environment file for health-attendance (#2318) --- .../health-attendance/values.yaml | 16 ++++++++-------- .../helm/environments/unified-dev.yaml | 2 +- .../helm/environments/unified-health-dev.yaml | 2 +- .../helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml index 786bc39171..51d5cfbb7a 100644 --- a/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-attendance/values.yaml @@ -71,21 +71,21 @@ env: | name: egov-service-host key: egov-idgen - name: ATTENDANCE_LOG_KAFKA_CREATE_TOPIC - value: "save-attendance-log" + value: "save-attendance-log-health" - name: ATTENDANCE_LOG_KAFKA_UPDATE_TOPIC - value: "update-attendance-log" + value: "update-attendance-log-health" - name: ATTENDANCE_REGISTER_KAFKA_CREATE_TOPIC - value: "save-attendance" + value: "save-attendance-health" - name: ATTENDANCE_REGISTER_KAFKA_UPDATE_TOPIC - value: "update-attendance" + value: "update-attendance-health" - name: ATTENDANCE_STAFF_KAFKA_CREATE_TOPIC - value: "save-staff" + value: "save-staff-health" - name: ATTENDANCE_STAFF_KAFKA_UPDATE_TOPIC - value: "update-staff" + value: "update-staff-health" - name: ATTENDANCE_ATTENDEE_KAFKA_CREATE_TOPIC - value: "save-attendee" + value: "save-attendee-health" - name: ATTENDANCE_ATTENDEE_KAFKA_UPDATE_TOPIC - value: "update-attendee" + value: "update-attendee-health" {{- if index .Values "attendance-register-default-offset" }} - name: ATTENDANCE_REGISTER_DEFAULT_OFFSET value: {{ index .Values "attendance-register-default-offset" | quote }} diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 2f9910639a..71261a18f8 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 2809973339..73c838a7ae 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -323,7 +323,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml' + persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml' initContainers: gitSync: repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 7ae5a11452..6202f8a3af 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -318,7 +318,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 0115f75f71..7e67d7f7be 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -326,7 +326,7 @@ egov-persister: replicas: 1 images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" + persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url From 529ba7383ea61d8e282f605d7abbc9565ba752bb Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Mon, 22 Jan 2024 12:32:08 +0530 Subject: [PATCH 664/742] Added the Boundary and digit mapping table name #2310 (#2310) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index ebe3fbf29b..91328024d9 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -371,6 +371,10 @@ env: | value: ADMIN - name: EGOV_BOUNDARY_HIERARCHY_NAME value: ADMIN + - name: EGOV_BOUNDARY_TABLE_NAME + value: eg_dhis2_boundary + - name: EGOV_DIGIT_MAPPING_TABLE_NAME + value: eg_digit_mapping - name: EGOV_PRODUCT_HOST valueFrom: configMapKeyRef: From c54700dfd05b27272fc9bcebfcf1f4a211d693f9 Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 14:36:57 +0530 Subject: [PATCH 665/742] adding devops changes for download pdf in TQM (#2325) --- deploy-as-code/helm/environments/unified-uat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index 99d3a69451..daacd86b64 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -430,8 +430,8 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From bf3302c7ebb7abb763e0478d7836ca13f85b68bd Mon Sep 17 00:00:00 2001 From: aaradhya-egov <137176709+aaradhya-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 14:51:36 +0530 Subject: [PATCH 666/742] sample-yml-path (#2326) Co-authored-by: aaradhya-egov --- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 7e67d7f7be..3a8408304f 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -321,7 +321,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml" +egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yml" egov-persister: replicas: 1 images: From ddf6127a958a3ed7151ae5db2df8662a34914332 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 15:17:13 +0530 Subject: [PATCH 667/742] state level id added for health-individual service for unified-dev and unified-qa (#2327) --- .../helm/environments/unified-dev.yaml | 19 ++++++++++++++++++ .../helm/environments/unified-health-dev.yaml | 20 +++++++++++++++++++ .../helm/environments/unified-health-qa.yaml | 19 ++++++++++++++++++ .../helm/environments/unified-qa.yaml | 20 +++++++++++++++++++ 4 files changed, 78 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 71261a18f8..5222611bde 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -399,6 +399,25 @@ individual: mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" +health-project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +health-individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "mz" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + egov-data-uploader: initContainers: gitSync: diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 73c838a7ae..b709aa65a5 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -462,6 +462,26 @@ finance-collections-voucher-consumer: heap: '-Xmx256m -Xms256m' memory_limits: 512Mi + +health-project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +health-individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "mz" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + # rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> rainmaker-pgr: notification-sms-enabled: 'true' diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 6202f8a3af..1e8b050181 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -291,6 +291,25 @@ egov-pg-service: axis: true egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" +health-project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +health-individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "mz" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: replicas: 1 diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 3a8408304f..d5801e17bc 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -225,6 +225,26 @@ project: project-default-limit: 100 project-search-max-limit: 200 + +health-project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +health-individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "mz" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + inbox: namespace: egov memory_limits: 512Mi From 91913e40eb87058894205c720df162d1b17b8a92 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:40:02 +0530 Subject: [PATCH 668/742] Env files and configurations for ifix-dev and qa (#2319) * added new env file's for ifix namespace * added new env file's for ifix namespace --------- Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 8 + .../helm/charts/cluster-configs/values.yaml | 4 +- .../charts/core-services/zuul/values.yaml | 2 +- .../unified-ifix-dev-secrets.yaml | 122 +++ .../helm/environments/unified-ifix-dev.yaml | 835 ++++++++++++++++++ .../environments/unified-ifix-qa-secrets.yaml | 122 +++ .../helm/environments/unified-ifix-qa.yaml | 835 ++++++++++++++++++ 7 files changed, 1925 insertions(+), 3 deletions(-) create mode 100644 deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-ifix-dev.yaml create mode 100644 deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml create mode 100644 deploy-as-code/helm/environments/unified-ifix-qa.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index f7032596c9..dfb38f2763 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -31,6 +31,14 @@ creation_rules: kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-ifix\-dev\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + + - path_regex: environments/unified\-ifix\-qa\-secrets\.yaml$ + kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' + pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' + - path_regex: environments/unified\-works\-qa\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 9c25b71846..2c62bab634 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: [ egov, works, health, urban, sanitation ] + namespace: [ egov, works, health, urban, sanitation, ifix ] name: db-service port: 5432 targetPort: 5432 @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, works, health, urban, sanitation ] + namespace: [ egov, works, health, urban, sanitation, ifix ] name: db egov-notification-sms: diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 38e0b1dc60..769714f0a0 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -5,7 +5,7 @@ labels: serviceAccount: zuul namespace: egov -discovery_namespaces: egov,sanitation,works,health,staging,fsm +discovery_namespaces: egov,sanitation,works,health,staging,fsm,ifix # Init Containers Configs initContainers: extraInitContainers: | diff --git a/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml new file mode 100644 index 0000000000..54074ddad7 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml @@ -0,0 +1,122 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] + password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] + flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] + flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] + password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] + account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] + admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] + read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] + read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] + master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] + master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] + known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] + si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] + valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] + clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] + cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] + secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] + route: + receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] + group_by: + - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] + match: + alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] + group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] + group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] + repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] + receivers: + - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] + api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] + channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] + username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] + title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] + text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] + templates: + - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-04-11T06:12:24Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== + gcp_kms: [] + lastmodified: '2023-09-27T06:18:14Z' + mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] + pgp: + - created_at: '2023-04-11T06:12:24Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 + L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo + HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 + vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 + HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd + 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc + kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 + 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE + igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L + MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ + LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== + =NBp6 + -----END PGP MESSAGE----- + fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-ifix-dev.yaml b/deploy-as-code/helm/environments/unified-ifix-dev.yaml new file mode 100644 index 0000000000..20ae00f7ad --- /dev/null +++ b/deploy-as-code/helm/environments/unified-ifix-dev.yaml @@ -0,0 +1,835 @@ +global: + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, ifix ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ ifix, monitoring ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ ifix, monitoring ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report.egov:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + project: "http://project.egov:8080/" + individual: "http://individual.egov:8080/" + household: "http://household.health:8080/" + product: "http://product.health:8080/" + facility: "http://facility.health:8080/" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" + mdms-service-v2: "http://mdms-v2.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +workbench-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +storybook: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + DIGIT StoryBook + ';" + +storybook-svg: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + DIGIT SVG StoryBook + ';" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: "unified-dev-bucket-s3" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-url-shortening: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-url-shortner-endpoint: "/eus/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "2" + +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +prometheus-postgres-exporter: + namespace: monitoring + host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifieddev" + password: "digitCoredb08" + port: "5432" + database: 'unifieddevdb' + sslmode: disable + +mdms-v2: + memory_limits: 512Mi + +boundary-service: + memory_limits: 512Mi + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" + +egov-persister: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UNIFIED-DEV" + +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx128m -Xms128m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 256Mi + heap: -Xmx128m -Xms128m + +fsm: + memory_limits: 384Mi + heap: -Xmx384m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + +prometheus-blackbox-exporter: + namespace: monitoring +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + memory_limits: 768Mi + heap: "-Xmx512m -Xms512m" + java-debug: "true" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + heap: "-Xmx512m -Xms256m" + memory_limits: 768Mi + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx2048m -Xms2048m" + resources: + requests: + memory: "3Gi" + cpu: "1000m" + limits: + memory: "3Gi" + cpu: "1000m" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + + +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "unifiedread" + max-query-history: "50" + max-login-attempts: "15" + enable-save-password: "False" + persistence: + enabled: true + dataDirSize: "1Gi" + aws: + volumeId: "vol-0c86db1778f9a3b9a" + zone: ap-south-1b + +playground: + replicas: 1 + images: + - egovio/playground:v2 + + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml new file mode 100644 index 0000000000..54074ddad7 --- /dev/null +++ b/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml @@ -0,0 +1,122 @@ +cluster-configs: + secrets: + db: + username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] + password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] + flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] + flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] + egov-notification-sms: + username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] + password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] + egov-filestore: + aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] + egov-filestore-azure: + account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] + account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] + egov-location: + gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] + pgadmin: + admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] + admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] + read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] + read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] + egov-enc-service: + master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] + master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] + master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] + git-sync: + ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] + known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] + si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] + egov-edcr-bank-gateway: + edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] + edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] + edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] + edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] + valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] + clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] + cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] + minio: + accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] + secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] + alertmanager: + config: + global: + resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] + route: + receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] + group_by: + - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] + routes: + - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] + match: + alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] + group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] + group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] + repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] + receivers: + - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] + slack_configs: + - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] + api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] + channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] + username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] + title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] + text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] + templates: + - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: '2023-04-11T06:12:24Z' + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== + gcp_kms: [] + lastmodified: '2023-09-27T06:18:14Z' + mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] + pgp: + - created_at: '2023-04-11T06:12:24Z' + enc: | + -----BEGIN PGP MESSAGE----- + + hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 + L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo + HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 + vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 + HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd + 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc + kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 + 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE + igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L + MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ + LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== + =NBp6 + -----END PGP MESSAGE----- + fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-ifix-qa.yaml b/deploy-as-code/helm/environments/unified-ifix-qa.yaml new file mode 100644 index 0000000000..20ae00f7ad --- /dev/null +++ b/deploy-as-code/helm/environments/unified-ifix-qa.yaml @@ -0,0 +1,835 @@ +global: + domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + setup: fullsetup + +cluster-configs: + namespaces: + create: true + values: [ backbone, cert-manager, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, ifix ] + + root-ingress: + cert-issuer: letsencrypt-prod + configmaps: + egov-config: + namespace: [ ifix, monitoring ] + data: + db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com + db-name: unifieddevdb ## Add db-name + db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: "https://unified-dev.digit.org" ## Add your Domain Name + egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name + + egov-state-level-tenant-id: "pg" + s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" + kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 + kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 + logging-level-jdbc: "DEBUG" + mobile-validation-workaround: "true" + serializers-timezone-in-ist: "true" + server-tomcat-max-connections: "500" + server-tomcat-max-threads: "10" + sms-enabled: "true" + spring-datasource-tomcat-initialSize: "1" + spring-datasource-tomcat-max-active: "2" + spring-jpa-show-sql: "true" + timezone: Asia/Kolkata + tracer-errors-provideexceptionindetails: "true" + egov-bnd-freedownload-tenants: "pg.testing" + egov-bnd-live-citizen-tenants: "pg.testing" + + egov-service-host: + namespace: [ ifix, monitoring ] + data: + asset-services: "http://asset-services:8080/" + asset-services-maha: "http://asset-services-maha:8080/" + billing-service: "http://billing-service.egov:8080/" + collection-services: "http://collection-services.egov:8080/" + collection-masters: "http://collection-masters:8080/" + collection-search-indexer: "http://collection-search-indexer:8080/" + citizen-indexer: "http://citizen-indexer:8080/" + citizen-services: "http://citizen-services:8080/" + dashboard-analytics: http://dashboard-analytics.egov:8080/ + dashboard-ingest: http://dashboard-ingest.egov:8080/ + demand-services: "http://demand-services:8080/" + data-sync-employee: "http://data-sync-employee:8080/" + egov-common-masters: "http://egov-common-masters:8080/" + egf-masters: "http://egf-masters:8080/" + egf-master: "http://egf-master.egov:8080/" + egf-instrument: "http://egf-instrument.egov:8080/" + egf-voucher: "http://egf-voucher:8080/" + egf-bill: "http://egf-bill:8080/" + egov-enc-service: "http://egov-enc-service.egov:8080/" + egf-voucher-workflow: "http://egf-voucher-workflow:8080/" + egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" + egov-user: "http://egov-user.egov:8080/" + egov-user-egov: "http://egov-user.egov:8080/" + egov-location: "http://egov-location.egov:8080/" + egov-filestore: "http://egov-filestore.egov:8080/" + egov-localization: "http://egov-localization.egov:8080/" + egov-idgen: "http://egov-idgen.egov:8080/" + egov-otp: "http://egov-otp.egov:8080/" + egov-common-workflows: "http://egov-common-workflows:8080/" + egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service-test: "http://egov-mdms-service-test:8080/" + egov-mdms-create: "http://egov-mdms-create:8080/" + egov-eis: "http://egov-eis:8080/" + egov-workflow: "http://egov-workflow.egov:8080/" + egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" + egov-searcher: "http://egov-searcher.egov:8080/" + egov-data-uploader: "http://egov-data-uploader.egov:8080/" + egov-indexer: "http://egov-indexer.egov:8080/" + egov-hrms: "http://egov-hrms.egov:8080/" + es-client: "http://elasticsearch-data-v1.es-cluster:9200" + hr-masters: "http://hr-masters:8080/" + hr-employee: "http://hr-employee:8080/" + hr-masters-v2: "http://hr-masters-v2:8080/" + hr-employee-v2: "http://hr-employee-v2:8080/" + hr-attendance: "http://hr-attendance:8080/" + hr-leave: "http://hr-leave:8080/" + hr-employee-movement: "http://hr-employee-movement:8080/" + inventory-services: "http://inventory-services:8080/" + lams-services: "http://lams-services:8080/" + lcms-workflow: "http://lcms-workflow:8080/" + lcms-services: "http://lcms-services:8080/" + location: "http://location:8080/" + performance-assessment: "http://performance-assessment:8080/" + pt-property: "http://pt-property:8080/" + pt-workflow: "http://pt-workflow:8080/" + pt-tax-enrichment: "http://pt-tax-enrichment:8080/" + pt-calculator: "http://pt-calculator:8080/" + pt-calculator-v2: "http://pt-calculator-v2:8080/" + pt-services-v2: "http://pt-services-v2:8080/" + property-services: "http://property-services.egov:8080/" + pgr-master: "http://pgr-master:8080/" + pgr-rest: "http://pgr-rest:8080/" + pdf-service: "http://pdf-service.egov:8080/" + report: "http://report.egov:8080/" + swm-services: "http://swm-services:8080/" + tenant: "http://tenant:8080/" + tl-masters: "http://tl-masters:8080/" + tl-services: "http://tl-services:8080/" + tl-workflow: "http://tl-workflow:8080/" + tl-indexer: "http://tl-indexer:8080/" + tl-calculator: "http://tl-calculator:8080/" + user-otp: "http://user-otp.egov:8080/" + firenoc-services: "http://firenoc-services:8080/" + firenoc-calculator: "http://firenoc-calculator:8080/" + egov-apportion-service: "http://egov-apportion-service:8080/" + bpa-services: "http://bpa-services.egov:8080/" + bpa-calculator: "http://bpa-calculator.egov:8080/" + rainmaker-pgr: "http://rainmaker-pgr:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" + land-services: "http://land-services.egov:8080/" + noc-services: "http://noc-services.egov:8080/" + minio-url: "https://minio-uat.digit.org/" + egov-user-chatbot: "http://egov-user-chatbot:8080/" + zuul: "http://zuul:8080/" + egov-url-shortening: "http://eus:8080/" + fsm-calculator: "http://fsm-calculator.sanitation:8080/" + fsm: "http://fsm.sanitation:8080/" + vehicle: "http://vehicle.sanitation:8080" + vendor: "http://vendor.sanitation:8080" + project: "http://project.egov:8080/" + individual: "http://individual.egov:8080/" + household: "http://household.health:8080/" + product: "http://product.health:8080/" + facility: "http://facility.health:8080/" + egov-edcr: "http://egov-edcr.egov:8080/" + echallan-calculator: http://echallan-calculator.egov:8080/ + echallan-services: http://echallan-services.egov:8080/ + inbox: "http://inbox.egov:8080/" + turn-io-adapter: "http://turn-io-adapter.egov:8080/" + pgr-services: "http://pgr-services.egov:8080/" + birth-death-services: "http://birth-death-services.egov:8080/" + egov-pdf: "http://egov-pdf.egov:8080/" + egov-user-event: "http://egov-user-event.egov:8080/" + mdms-service-v2: "http://mdms-v2.egov:8080/" +employee: + dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +digit-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + ';" +workbench-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +core-ui: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + ';" + +storybook: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + DIGIT StoryBook + ';" + +storybook-svg: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + DIGIT SVG StoryBook + ';" + +citizen: + custom-js-injection: | + sub_filter.conf: " + sub_filter '' ' + + + ';" +egov-filestore: + volume: /opt/eGov/filestore + is-bucket-fixed: "true" + minio.url : "http://minio.backbone:9000/" + aws.s3.url : "https://s3.amazonaws.com" + is-s3-enabled: "true" + minio-enabled: false + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + filestore-url-validity: 3600 + fixed-bucketname: "unified-dev-bucket-s3" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-url-shortening: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-url-shortner-endpoint: "/eus/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "2" + +inbox: + namespace: egov + memory_limits: 512Mi + heap: "-Xmx512m -Xms256m" + java-debug: true + tracing-enabled: "true" + service-map : '{}' + bs-service-map : '{}' + +egov-idgen: + idformat-from-mdms: "true" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + autocreate-new-seq: "true" + +prometheus-postgres-exporter: + namespace: monitoring + host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + user: "unifieddev" + password: "digitCoredb08" + port: "5432" + database: 'unifieddevdb' + sslmode: disable + +mdms-v2: + memory_limits: 512Mi + +boundary-service: + memory_limits: 512Mi + +egov-notification-sms: + sms-provider-url: "sms provider url" ## Add sms provider url + sms.provider.class: "Generic" + sms.provider.contentType: "application/x-www-form-urlencoded" + sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" + sms-gateway-to-use: "sms provider name" ## Add sms provider name + sms-sender: "sms sender" ## Add sms sender + sms-sender-requesttype: "GET" + sms-custom-config: "true" + sms-extra-req-params: "mtype=N&DR=Y" + sms-sender-req-param-name: "sid" + sms-sender-username-req-param-name: "User" + sms-sender-password-req-param-name: "passwd" + sms-destination-mobile-req-param-name: "mobilenumber" + sms-message-req-param-name: "message" + sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" + +egov-user: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + otp-validation: "true" + citizen-otp-enabled: "true" + employee-otp-enabled: "false" + access-token-validity: 10080 + refresh-token-validity: 20160 + default-password-expiry: 90 + mobile-number-validation: "false" + roles-state-level: "true" + citizen-registration-withlogin: "true" + citizen-otp-fixed: "123456" + citizen-otp-fixed-enabled: "true" + egov-state-level-tenant-id: "in" + decryption-abac-enabled: "true" + +chatbot: + kafka-topics-partition-count: 3 + kafka-topics-replication-factor: 2 + kafka-consumer-poll-ms: 10 + kafka-producer-linger-ms: 5 + + contact-card-whatsapp-number: "+918744960111" + contact-card-whatsapp-name: "mSeva Punjab" + valuefirst-whatsapp-number: "918744960111" + valuefirst-notification-assigned-templateid: "194781" + valuefirst-notification-resolved-templateid: "194783" + valuefirst-notification-rejected-templateid: "194785" + valuefirst-notification-reassigned-templateid: "194787" + valuefirst-notification-commented-templateid: "194789" + valuefirst-notification-welcome-templateid: "194791" + valuefirst-notification-root-templateid: "194795" + valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" + + user-service-chatbot-citizen-passwrord: "123456" + + +ws-services: + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +bpa-services: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] + +bpa-calculator: + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + java-debug: true + tracing-enabled: "true" + +sw-services: + scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" + is-external-workflow-enabled: "true" + +egov-pg-service: + axis: true + egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +egov-mdms-service: + replicas: 1 + images: + - egovio/egov-mdms-service + mdms-path: "/work-dir/egov-mdms-data/data" + initContainers: + gitSync: + repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + mdms-folder: "egov-mdms-data" + masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +egov-indexer: + heap: "-Xmx512m -Xms512m" + memory_limits: "768Mi" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" + +egov-persister: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + images: + - egovio/egov-persister + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UNIFIED-DEV" + +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +project: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + project-default-offset: 0 + project-default-limit: 100 + project-search-max-limit: 200 + +individual: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + tracing-enabled: true + java-enable-debug: true + state-level-tenant-id: "pg" + aadhaar-pattern: "\\d{12}" + mobile-pattern: "\\d+" + notification-sms-disabled-roles: "ORG_ADMIN" + +egov-data-uploader: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +egov-searcher: + search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-analytics: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +dashboard-ingest: + config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + +# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +national-dashboard-ingest: + heap: "-Xmx750m -Xms750m" + replicas: 1 + server-tomcat-max-threads: 25 + module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' + master-data-index: "master-national-dashboard" + module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' + master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' + module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' + +report: + heap: "-Xmx512m -Xms512m" + tracing-enabled: "true" + spring-datasource-tomcat-max-active: 5 + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" + +pdf-service: + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" + +# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> + +egf-master: + memory_limits: 512Mi + heap: "-Xmx128m -Xms128m" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +egov-custom-consumer: + erp-host: "https://mohali-qa.egovernments.org/" + +egov-apportion-service: + memory_limits: 256Mi + heap: -Xmx128m -Xms128m + +fsm: + memory_limits: 384Mi + heap: -Xmx384m -Xms256m + +# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redoc: + replicas: 1 + images: + - egovio/redoc:v1.0.5 + service_type: LoadBalancer +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +nginx-ingress: + images: + - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 + replicas: 1 + default-backend-service: "egov/nginx" + namespace: egov + cert-issuer: "letsencrypt-prod" + ssl-protocols: "TLSv1.2 TLSv1.3" + ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" + ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" + +cert-manager: + email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. + +prometheus-blackbox-exporter: + namespace: monitoring +zuul: + replicas: 1 + custom-filter-property: "false" + tracing-enabled: "true" + memory_limits: 768Mi + heap: "-Xmx512m -Xms512m" + java-debug: "true" + server-tomcat-max-threads: "350" + server-tomcat-max-connections: "1500" + egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" + egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +collection-services: + receiptnumber-servicebased: "true" + receipt-search-paginate: "true" + receipt-search-defaultsize: 30 + user-create-enabled: "true" + heap: "-Xmx512m -Xms256m" + memory_limits: 768Mi + +collection-receipt-voucher-consumer: + jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" + mohali-erp-host: "https://mohali-qa.egovernments.org/" + nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" + amritsar-erp-host: "https://amritsar-qa.egovernments.org/" + kharar-erp-host: "https://kharar-qa.egovernments.org/" + zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" + +finance-collections-voucher-consumer: + erp-env-name: "qa" + erp-domain-name: "egovernments.org" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + +# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +rainmaker-pgr: + notification-sms-enabled: "true" + notification-email-enabled: "false" + new-complaint-enabled: "true" + reassign-complaint-enabled: "true" + reopen-complaint-enabled: "true" + comment-by-employee-notif-enabled: "false" + notification-allowed-status: "open,assigned,rejected,resolved" + +property-services: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" + egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" + egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" + egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" + property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" + property-decryption-abac-enabled: "true" + +pt-services-v2: + pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" + +pt-calculator-v2: + logging-level: "DEBUG" + +tl-services: + heap: "-Xmx128m -Xms64m" + memory_limits: 384Mi + java-args: -Dspring.profiles.active=monitoring + tl-application-num-format: "APP-[SEQ_EG_TL_APL]" + tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" + tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" + tl-payment-topic-name: "egov.collection.payment-create" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" + tl-search-default-limit: "100" + +egov-workflow-v2: + logging-level: "DEBUG" + java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "false" + host-link: "https://egov-demo.egovernments.org/citizen/" + pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" + +egov-hrms: + java-args: -Dspring.profiles.active=monitoring + employee-applink: "https://egov-demo.egovernments.org/employee/user/login" + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + + +egov-weekly-impact-notifier: + mail-to-address: "lata.naik@egovernments.org" + + mail-interval-in-secs: "604800" + schedule: "30 07 * * *" + +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +kafka-config: + topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" + zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" + kafka-brokers: "kafka-v2.kafka-cluster:9092" + +logging-config: + es-host: "elasticsearch-client-v1.es-cluster" + es-port: "9200" + +jaeger: + host: "jaeger-agent.monitoring" + port: "6831" + sampler-type: const + sampler-param: 1 + collector: + samplingConfig: | + { + "service_strategies": [ + { + "service": "tl-services", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "tl-calculator", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "report-service", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-services-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "pt-calculator-v2", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "collection-services", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "billing-service", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-data-uploader", + "type": "probabilistic", + "param": 0.2 + }, + { + "service": "egov-hrms", + "type": "probabilistic", + "param": 0.5 + }, + { + "service": "rainmaker-pgr", + "type": "probabilistic", + "param": 0.5 + } + ], + "default_strategy": { + "type": "probabilistic", + "param": 0.05 + } + } + +# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +redis: + replicas: 1 + images: + - egovio/redis:3.2 +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +playground: + replicas: 1 + images: + - egovio/playground:1.3 + +# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +fluent-bit: + images: + - fluent/fluent-bit:1.0.6 + egov-services-log-topic: "egov-services-logs" + egov-infra-log-topic: "egov-infra-logs" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< + +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + +# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> +kafka-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" + + heapOptions: "-Xms704M -Xmx704M" + memory_limits: 1408Mi + lingerMs: "250" + numberPartitions: "3" + replicationFactor: "2" + minInsyncReplicas: "1" + offsetsReplicationFactor: "3" + +### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +kafka-connect: + image: + tag: "5.4.1" + + +# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> +zookeeper-v2: + image: + tag: "5.4.1" + persistence: + enabled: true + aws: + - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + ## Zookeeper JVM Heap Option + heapOptions: "-Xms256M -Xmx256M" + resources: + limits: + cpu: 300m + memory: 384Mi + requests: + cpu: 300m + memory: 384Mi + + +# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> +elasticsearch-data-v1: + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx2048m -Xms2048m" + resources: + requests: + memory: "3Gi" + cpu: "1000m" + limits: + memory: "3Gi" + cpu: "1000m" + +### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> + +elasticsearch-master-v1: + replicas: 3 + image: + tag: 6.6.2 + persistence: + enabled: true + aws: + - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 + zone: ap-south-1b ## add your respective zone eg. ap-south-1a + + esJavaOpts: "-Xmx448m -Xms448m" + resources: + requests: + memory: "896Mi" + limits: + memory: "896Mi" + + +pgadmin: + dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" + port: "5432" + environment: "unified-dev" + maintenance-db-name: "unifieddevdb" + db-admin-username: "unifieddev" + db-read-username: "unifiedread" + max-query-history: "50" + max-login-attempts: "15" + enable-save-password: "False" + persistence: + enabled: true + dataDirSize: "1Gi" + aws: + volumeId: "vol-0c86db1778f9a3b9a" + zone: ap-south-1b + +playground: + replicas: 1 + images: + - egovio/playground:v2 + + +es-curator: + schedule: "45 18 * * *" + images: + - bobrik/curator:5.6.0 + es-host: "elasticsearch-client-v1.es-cluster" + logs-cleanup-enabled: "true" + jaeger-cleanup-enabled: "true" + logs-to-retain: "7" +# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From 149522166eb2486741ce4d121bdd00326c415266 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:41:36 +0530 Subject: [PATCH 669/742] Update unified-qa.yaml (#2328) --- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index d5801e17bc..758c4eb104 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -21,8 +21,8 @@ cluster-configs: egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-upgrade" + es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From 8bda15280a456e0dc5faa7247525f5e2f0e5ff94 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:41:55 +0530 Subject: [PATCH 670/742] Update sanitation-qa.yaml (#2329) --- deploy-as-code/helm/environments/sanitation-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml index d4ce4ca96c..8363c220b4 100644 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ b/deploy-as-code/helm/environments/sanitation-qa.yaml @@ -21,8 +21,8 @@ cluster-configs: state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-upgrade" + es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From 66906d1820db8b981d9c34ddcda9f14db5b154f0 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:42:16 +0530 Subject: [PATCH 671/742] Update unified-health-qa.yaml (#2330) --- deploy-as-code/helm/environments/unified-health-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 1e8b050181..5512807a2e 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -22,8 +22,8 @@ cluster-configs: state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-upgrade" + es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From 827bedcf5b7556c38930944b9f340a84a1c0a7fa Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:42:42 +0530 Subject: [PATCH 672/742] Update unified-urban-qa.yaml (#2331) --- deploy-as-code/helm/environments/unified-urban-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/unified-urban-qa.yaml index 1cd9728d9c..270fe75c88 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/unified-urban-qa.yaml @@ -21,8 +21,8 @@ cluster-configs: state-level-tenant-id: "pg" egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-upgrade" + es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From d8ef8c8f78b428b6b246341a4a2442633144ab53 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Mon, 22 Jan 2024 17:43:05 +0530 Subject: [PATCH 673/742] Update unified-works-qa.yaml (#2332) --- deploy-as-code/helm/environments/unified-works-qa.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml index 059649898e..7c175d7e53 100644 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ b/deploy-as-code/helm/environments/unified-works-qa.yaml @@ -22,8 +22,8 @@ cluster-configs: egov-state-level-tenant-id: "pg" state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-host: "elasticsearch-data-v1.es-upgrade" + es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From 3301f3c2aec3b3a13a4e0644b87129ac7e4c652c Mon Sep 17 00:00:00 2001 From: Shreya-egov <144668573+Shreya-egov@users.noreply.github.com> Date: Tue, 23 Jan 2024 15:20:30 +0530 Subject: [PATCH 674/742] adding config changes to download reciept after payment collection (#2335) * adding config changes to download reciept after payment collection * adding line --- deploy-as-code/helm/environments/unified-qa.yaml | 5 +++-- deploy-as-code/helm/environments/unified-uat.yaml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 758c4eb104..d52d13baf2 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -409,8 +409,9 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" + + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml index daacd86b64..594aebc7c9 100644 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ b/deploy-as-code/helm/environments/unified-uat.yaml @@ -430,8 +430,9 @@ pdf-service: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" + data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" + + format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> From 9513897332e1b31a9dbe215435be96dc398cbda2 Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 24 Jan 2024 11:28:41 +0530 Subject: [PATCH 675/742] digit exchange helms charts (#2338) --- .../charts/ifix/digit-exchange/Chart.yaml | 26 +++++ .../digit-exchange/templates/deployment.yaml | 2 + .../digit-exchange/templates/ingress.yaml | 2 + .../digit-exchange/templates/service.yaml | 2 + .../charts/ifix/digit-exchange/values.yaml | 104 ++++++++++++++++++ .../helm/environments/unified-ifix-dev.yaml | 14 +++ 6 files changed, 150 insertions(+) create mode 100644 deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml create mode 100644 deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml b/deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml new file mode 100644 index 0000000000..9cdbd3ae44 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: digit-exchange +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml b/deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml new file mode 100644 index 0000000000..01bd15766b --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml @@ -0,0 +1,104 @@ +# Common Labels +labels: + app: "digit-exchange" + group: "ifix" + +namespace: ifix + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "exchange" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: false + +# Container Configs +image: + repository: "digit-exchange" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/exchange/health" + readinessProbePath: "/exchange/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_CONTEXT_PATH + value: /exchange + - name: SERVER_SERVLET_CONTEXT-PATH + value: /exchange + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: DIGIT_EXCHANGE_TOPIC + value: "exchange-topic" + - name: DIGIT_EXCHANGE_ERROR_QUEUE + value: "exchange-error-queue" + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "digit-exchange" + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + {{- if index .Values "app-domain" }} + - name: APP_DOMAIN + value: {{ index .Values "app-domain" | quote }} + {{- end }} + {{- if index .Values "app-path" }} + - name: APP_PATH + value: {{ index .Values "app-path" | quote }} + {{- end }} + {{- if index .Values "app-routes-program" }} + - name: APP_ROUTES_PROGRAM + value: {{ index .Values "app-routes-program" | quote }} + {{- end }} + {{- if index .Values "app-routes-on-program" }} + - name: APP_ROUTES_ON-PROGRAM + value: {{ index .Values "app-routes-on-program" | quote }} + {{- end }} + {{- if index .Values "app-routes-sanction" }} + - name: APP_ROUTES_SANCTION + value: {{ index .Values "app-routes-sanction" | quote }} + {{- end }} + {{- if index .Values "app-routes-on-sanction" }} + - name: APP_ROUTES_ON-SANCTION + value: {{ index .Values "app-routes-on-sanction" | quote }} + {{- end }} + {{- if index .Values "app-routes-allocation" }} + - name: APP_ROUTES_ALLOCATION + value: {{ index .Values "app-routes-allocation" | quote }} + {{- end }} + {{- if index .Values "app-routes-on-allocation" }} + - name: APP_ROUTES_ON-ALLOCATION + value: {{ index .Values "app-routes-on-allocation" | quote }} + {{- end }} + {{- if index .Values "app-routes-disburse" }} + - name: APP_ROUTES_DISBURSE + value: {{ index .Values "app-routes-disburse" | quote }} + {{- end }} + {{- if index .Values "app-routes-on-disburse" }} + - name: APP_ROUTES_ON-DISBURSE + value: {{ index .Values "app-routes-on-disburse" | quote }} + {{- end }} + diff --git a/deploy-as-code/helm/environments/unified-ifix-dev.yaml b/deploy-as-code/helm/environments/unified-ifix-dev.yaml index 20ae00f7ad..eaf8818d6b 100644 --- a/deploy-as-code/helm/environments/unified-ifix-dev.yaml +++ b/deploy-as-code/helm/environments/unified-ifix-dev.yaml @@ -515,6 +515,20 @@ zuul: # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< +# ifix >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> + +digit-exchange: + app-domain: "https://unified-dev.digit.org" + app-path: "/program-service/v1" + app-routes-program: "/program" + app-routes-on-program: "/on-program" + app-routes-sanction: "/sanction" + app-routes-on-sanction: "/on-sanction" + app-routes-allocation: "/allocation" + app-routes-on-allocation: "/on-allocation" + app-routes-disburse: "/disburse" + app-routes-on-disburse: "/on-disburse" + collection-services: receiptnumber-servicebased: "true" receipt-search-paginate: "true" From ad385984082f24ed65730066df0141ff99b450bf Mon Sep 17 00:00:00 2001 From: rachana-egov <137176770+rachana-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 11:57:10 +0530 Subject: [PATCH 676/742] added deployment config for digit ui flutter components (#2340) Co-authored-by: rachana-egov --- .../frontend/digit-ui-flutter/Chart.yaml | 26 +++++++++++++++ .../templates/deployment.yaml | 2 ++ .../digit-ui-flutter/templates/ingress.yaml | 2 ++ .../digit-ui-flutter/templates/service.yaml | 2 ++ .../subfilter-injection-configmap.yaml | 15 +++++++++ .../frontend/digit-ui-flutter/values.yaml | 32 +++++++++++++++++++ 6 files changed, 79 insertions(+) create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/subfilter-injection-configmap.yaml create mode 100644 deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml new file mode 100644 index 0000000000..8ec4482d36 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: digit-ui-flutter +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/deployment.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/deployment.yaml new file mode 100644 index 0000000000..96fb6e00a0 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/ingress.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/ingress.yaml new file mode 100644 index 0000000000..cc12d64759 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/service.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/service.yaml new file mode 100644 index 0000000000..454d8db3b6 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/subfilter-injection-configmap.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/subfilter-injection-configmap.yaml new file mode 100644 index 0000000000..052e378165 --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/templates/subfilter-injection-configmap.yaml @@ -0,0 +1,15 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $_ := set . "Values" (merge .Values $envOverrides) -}} +{{- if index .Values "custom-js-injection" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-js-injection +{{- if .Values.global.namespace }} + namespace: {{ .Values.global.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} +data: +{{- index .Values "custom-js-injection" | nindent 2 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml new file mode 100644 index 0000000000..c232fd54ff --- /dev/null +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -0,0 +1,32 @@ +# Common Labels +labels: + app: "digit-ui-flutter" + group: "web" + +# Ingress Configs +ingress: + enabled: true + context: "digit-ui-flutter" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "digit-ui-flutter" +replicas: "1" +httpPort: 80 +healthChecks: + enabled: true + livenessProbePath: "/digit-ui-flutter/" + readinessProbePath: "/digit-ui-flutter/" + +namespace: egov +extraVolumes: | + - name: js-injection + configMap: + name: digit-ui-flutter-js-injection +extraVolumeMounts: | + - mountPath: /etc/nginx/conf.d/sub_filter.conf + name: js-injection + subPath: sub_filter.conf From c9768e5e7cf49dd208258c5076241610a2f25081 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 12:22:36 +0530 Subject: [PATCH 677/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 2c62bab634..4a039038f3 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, works, health, urban, sanitation, ifix ] + namespace: [ egov, works, health, urban, sanitation ] name: db egov-notification-sms: From c670c9c2264f167daadbf85769167dc54218d559 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 12:29:31 +0530 Subject: [PATCH 678/742] Update Chart.yaml --- deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml index 8ec4482d36..701243fd15 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/Chart.yaml @@ -23,4 +23,4 @@ appVersion: 1.16.0 dependencies: - name: common version: 0.0.5 - repository: file://../../../common + repository: file://../../common From a46098f16a74222beb95d45b11b889a3c4818d82 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 13:51:26 +0530 Subject: [PATCH 679/742] Update values.yaml --- .../helm/charts/frontend/digit-ui-flutter/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml index c232fd54ff..98c74ea3df 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -18,8 +18,8 @@ replicas: "1" httpPort: 80 healthChecks: enabled: true - livenessProbePath: "/digit-ui-flutter/" - readinessProbePath: "/digit-ui-flutter/" + livenessProbePath: "/digit-ui-flutter/health" + readinessProbePath: "/digit-ui-flutter/health" namespace: egov extraVolumes: | From 3a983c4624de838d8676d45bfe6a01016743926c Mon Sep 17 00:00:00 2001 From: shubhang-eGov <70943369+shubhang-eGov@users.noreply.github.com> Date: Wed, 24 Jan 2024 13:54:33 +0530 Subject: [PATCH 680/742] program service helm and folder move for digit-exchange (#2341) * program service helm and folder move for digit-exchange * added service * added service in kafka group --- .../digit-exchange/Chart.yaml | 0 .../digit-exchange/templates/deployment.yaml | 0 .../digit-exchange/templates/ingress.yaml | 0 .../digit-exchange/templates/service.yaml | 0 .../digit-exchange/values.yaml | 0 .../program-service/Chart.yaml | 26 +++++++ .../program-service/templates/deployment.yaml | 2 + .../program-service/templates/ingress.yaml | 2 + .../program-service/templates/service.yaml | 2 + .../program-service/values.yaml | 74 +++++++++++++++++++ .../helm/environments/unified-ifix-dev.yaml | 4 + 11 files changed, 110 insertions(+) rename deploy-as-code/helm/charts/ifix/{ => domain-services}/digit-exchange/Chart.yaml (100%) rename deploy-as-code/helm/charts/ifix/{ => domain-services}/digit-exchange/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/ifix/{ => domain-services}/digit-exchange/templates/ingress.yaml (100%) rename deploy-as-code/helm/charts/ifix/{ => domain-services}/digit-exchange/templates/service.yaml (100%) rename deploy-as-code/helm/charts/ifix/{ => domain-services}/digit-exchange/values.yaml (100%) create mode 100644 deploy-as-code/helm/charts/ifix/domain-services/program-service/Chart.yaml create mode 100644 deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/ifix/domain-services/program-service/values.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml b/deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/ifix/digit-exchange/Chart.yaml rename to deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/Chart.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml b/deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/ifix/digit-exchange/templates/deployment.yaml rename to deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml b/deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/ingress.yaml similarity index 100% rename from deploy-as-code/helm/charts/ifix/digit-exchange/templates/ingress.yaml rename to deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/ingress.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml b/deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/ifix/digit-exchange/templates/service.yaml rename to deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/templates/service.yaml diff --git a/deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml b/deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/ifix/digit-exchange/values.yaml rename to deploy-as-code/helm/charts/ifix/domain-services/digit-exchange/values.yaml diff --git a/deploy-as-code/helm/charts/ifix/domain-services/program-service/Chart.yaml b/deploy-as-code/helm/charts/ifix/domain-services/program-service/Chart.yaml new file mode 100644 index 0000000000..a647bdf475 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/domain-services/program-service/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: program-service +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.1 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/deployment.yaml b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/ingress.yaml b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/service.yaml b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/domain-services/program-service/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/domain-services/program-service/values.yaml b/deploy-as-code/helm/charts/ifix/domain-services/program-service/values.yaml new file mode 100644 index 0000000000..b5cbc1f69f --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/domain-services/program-service/values.yaml @@ -0,0 +1,74 @@ +# Common Labels +labels: + app: "program-service" + group: "ifix" + +namespace: ifix + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "program-service" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "program_service_schema" + image: + repository: "program-service-db" + +# Container Configs +image: + repository: "program-service" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/program-service/health" + readinessProbePath: "/program-service/health" +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SERVER_SERVLET_CONTEXT-PATH + value: /program-service + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: "program-service" + - name: KAFKA_CONFIG_BOOTSTRAP_SERVER_CONFIG + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + {{- if index .Values "config-domain" }} + - name: CONFIG_DOMAIN + value: {{ index .Values "config-domain" | quote }} + {{- end }} + - name: CONFIG_IDGEN_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-idgen + {{- if index .Values "config-idgen-idname" }} + - name: CONFIG_IDGEN_IDNAME + value: {{ index .Values "config-idgen-idname" | quote }} + {{- end }} + diff --git a/deploy-as-code/helm/environments/unified-ifix-dev.yaml b/deploy-as-code/helm/environments/unified-ifix-dev.yaml index eaf8818d6b..42969238e7 100644 --- a/deploy-as-code/helm/environments/unified-ifix-dev.yaml +++ b/deploy-as-code/helm/environments/unified-ifix-dev.yaml @@ -529,6 +529,10 @@ digit-exchange: app-routes-disburse: "/disburse" app-routes-on-disburse: "/on-disburse" +program-service: + config-domain: "https://unified-dev.digit.org/" + config-idgen-idname: "ifix.program.number" + collection-services: receiptnumber-servicebased: "true" receipt-search-paginate: "true" From 13777a2a30973b021ad17e95aef0943e09cc9e56 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:20:29 +0530 Subject: [PATCH 681/742] PFM-5389-added mukta adapter helm charts (#2339) * added mukta adapter helm charts * changed helm configs * changed helm configs --- deploy-as-code/helm/charts/ifix/Chart.yaml | 26 ++++++ .../templates/deployment.yaml | 2 + .../mukta-ifix-adapter/templates/ingress.yaml | 2 + .../mukta-ifix-adapter/templates/service.yaml | 2 + deploy-as-code/helm/charts/ifix/values.yaml | 91 +++++++++++++++++++ .../helm/environments/unified-dev.yaml | 2 +- .../helm/environments/unified-works-dev.yaml | 1 + 7 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 deploy-as-code/helm/charts/ifix/Chart.yaml create mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/ifix/values.yaml diff --git a/deploy-as-code/helm/charts/ifix/Chart.yaml b/deploy-as-code/helm/charts/ifix/Chart.yaml new file mode 100644 index 0000000000..cbb2976d95 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: mukta-ifix-adapter +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/values.yaml b/deploy-as-code/helm/charts/ifix/values.yaml new file mode 100644 index 0000000000..b820b9a521 --- /dev/null +++ b/deploy-as-code/helm/charts/ifix/values.yaml @@ -0,0 +1,91 @@ +# Common Labels +labels: + app: "mukta-ifix-adapter" + group: "works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "mukta-ifix-adapter" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "mukta_adapter_schema" + image: + repository: "mukta-ifix-adapter-db" + +# Container Configs +image: + repository: "mukta-ifix-adapter" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: DB_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: db-host + - name: DB_NAME + valueFrom: + configMapKeyRef: + name: egov-config + key: db-name + - name: DB_USER + valueFrom: + secretKeyRef: + name: db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: DB_PORT + value: "5432" + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EXPENSE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: BANKACCOUNT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: EXPENSE_CALCULATOR_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: PROGRAM_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: program-service diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 5222611bde..0e0213b746 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -363,7 +363,7 @@ egov-persister: memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/mukta-ifix-adapter-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index d304983759..c60a64bfd5 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -171,6 +171,7 @@ cluster-configs: measurement-service: "http://measurement-service.works:8080/" measurement-registry: "http://measurement-registry.works:8080/" mukta-services: "http://mukta-services.works:8080/" + program-service: "http://program-service.ifix:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 01882f8dec4ba0ccdce4a5c78770fdf409820e81 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:25:16 +0530 Subject: [PATCH 682/742] changed state level tenant id to pg for health individual (#2342) --- deploy-as-code/helm/environments/unified-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-health-dev.yaml | 2 +- deploy-as-code/helm/environments/unified-health-qa.yaml | 2 +- deploy-as-code/helm/environments/unified-qa.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 0e0213b746..3c8d83ff1a 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -413,7 +413,7 @@ health-individual: memory_limits: 512Mi tracing-enabled: true java-enable-debug: true - state-level-tenant-id: "mz" + state-level-tenant-id: "pg" aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index b709aa65a5..8dec311575 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -477,7 +477,7 @@ health-individual: memory_limits: 512Mi tracing-enabled: true java-enable-debug: true - state-level-tenant-id: "mz" + state-level-tenant-id: "pg" aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 5512807a2e..57bd4bdfd6 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -305,7 +305,7 @@ health-individual: memory_limits: 512Mi tracing-enabled: true java-enable-debug: true - state-level-tenant-id: "mz" + state-level-tenant-id: "pg" aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index d52d13baf2..79c8176fb8 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -240,7 +240,7 @@ health-individual: memory_limits: 512Mi tracing-enabled: true java-enable-debug: true - state-level-tenant-id: "mz" + state-level-tenant-id: "pg" aadhaar-pattern: "\\d{12}" mobile-pattern: "\\d+" notification-sms-disabled-roles: "ORG_ADMIN" From ff8a269373c4b4377f9402f827b42692a3f3f265 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:28:01 +0530 Subject: [PATCH 683/742] Pfm 5389 mukta adapter helm charts (#2343) * added mukta adapter helm charts * changed helm configs * changed helm configs * moved mukta-ifx-adapter to utilities * moved mukta-ifx-adapter to utilities --- .../utilities/mukta-ifix-adapter/Chart.yaml | 26 ++++++ .../templates/deployment.yaml | 2 + .../mukta-ifix-adapter/templates/ingress.yaml | 2 + .../mukta-ifix-adapter/templates/service.yaml | 2 + .../utilities/mukta-ifix-adapter/values.yaml | 91 +++++++++++++++++++ 5 files changed, 123 insertions(+) create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml new file mode 100644 index 0000000000..cbb2976d95 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: mukta-ifix-adapter +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../../common diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/ingress.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/ingress.yaml new file mode 100644 index 0000000000..9a573c0d7d --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/ingress.yaml @@ -0,0 +1,2 @@ +# ingress.yaml +{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/service.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml new file mode 100644 index 0000000000..b820b9a521 --- /dev/null +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml @@ -0,0 +1,91 @@ +# Common Labels +labels: + app: "mukta-ifix-adapter" + group: "works" + +namespace: works + +# Ingress Configs +ingress: + namespace: egov + enabled: true + zuul: true + context: "mukta-ifix-adapter" + +# Init Containers Configs +initContainers: + dbMigration: + enabled: true + schemaTable: "mukta_adapter_schema" + image: + repository: "mukta-ifix-adapter-db" + +# Container Configs +image: + repository: "mukta-ifix-adapter" +replicas: "1" + +# Additional Container Envs +env: | + - name: EGOV_MDMS_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-mdms-service + - name: DB_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: db-host + - name: DB_NAME + valueFrom: + configMapKeyRef: + name: egov-config + key: db-name + - name: DB_USER + valueFrom: + secretKeyRef: + name: db + key: username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: db + key: password + - name: KAFKA_BROKER_HOST + valueFrom: + configMapKeyRef: + name: egov-config + key: kafka-brokers + - name: DB_PORT + value: "5432" + - name: EGOV_ORGANISATION_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: organisation + - name: EXPENSE_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense + - name: BANKACCOUNT_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: bankaccounts + - name: EXPENSE_CALCULATOR_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: expense-calculator + - name: EGOV_INDIVIDUAL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: individual + - name: PROGRAM_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: program-service From a963cf3e628637ef5169319326e8da5567210ecb Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:32:16 +0530 Subject: [PATCH 684/742] deleted mukta from ifix (#2344) --- deploy-as-code/helm/charts/ifix/Chart.yaml | 26 ------ .../templates/deployment.yaml | 2 - .../mukta-ifix-adapter/templates/ingress.yaml | 2 - .../mukta-ifix-adapter/templates/service.yaml | 2 - deploy-as-code/helm/charts/ifix/values.yaml | 91 ------------------- 5 files changed, 123 deletions(-) delete mode 100644 deploy-as-code/helm/charts/ifix/Chart.yaml delete mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml delete mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml delete mode 100644 deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml delete mode 100644 deploy-as-code/helm/charts/ifix/values.yaml diff --git a/deploy-as-code/helm/charts/ifix/Chart.yaml b/deploy-as-code/helm/charts/ifix/Chart.yaml deleted file mode 100644 index cbb2976d95..0000000000 --- a/deploy-as-code/helm/charts/ifix/Chart.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: v2 -name: mukta-ifix-adapter -description: A Helm chart for Kubernetes - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -version: 0.1.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. -appVersion: 1.16.0 - -dependencies: -- name: common - version: 0.0.5 - repository: file://../../../common diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml deleted file mode 100644 index 3455c00058..0000000000 --- a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/deployment.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# deployment.yaml -{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml deleted file mode 100644 index 9a573c0d7d..0000000000 --- a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/ingress.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# ingress.yaml -{{- template "common.ingress" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml b/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml deleted file mode 100644 index 7356445764..0000000000 --- a/deploy-as-code/helm/charts/ifix/mukta-ifix-adapter/templates/service.yaml +++ /dev/null @@ -1,2 +0,0 @@ -# service.yaml -{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/ifix/values.yaml b/deploy-as-code/helm/charts/ifix/values.yaml deleted file mode 100644 index b820b9a521..0000000000 --- a/deploy-as-code/helm/charts/ifix/values.yaml +++ /dev/null @@ -1,91 +0,0 @@ -# Common Labels -labels: - app: "mukta-ifix-adapter" - group: "works" - -namespace: works - -# Ingress Configs -ingress: - namespace: egov - enabled: true - zuul: true - context: "mukta-ifix-adapter" - -# Init Containers Configs -initContainers: - dbMigration: - enabled: true - schemaTable: "mukta_adapter_schema" - image: - repository: "mukta-ifix-adapter-db" - -# Container Configs -image: - repository: "mukta-ifix-adapter" -replicas: "1" - -# Additional Container Envs -env: | - - name: EGOV_MDMS_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: egov-mdms-service - - name: DB_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: db-host - - name: DB_NAME - valueFrom: - configMapKeyRef: - name: egov-config - key: db-name - - name: DB_USER - valueFrom: - secretKeyRef: - name: db - key: username - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: db - key: password - - name: KAFKA_BROKER_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: DB_PORT - value: "5432" - - name: EGOV_ORGANISATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: organisation - - name: EXPENSE_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: expense - - name: BANKACCOUNT_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: bankaccounts - - name: EXPENSE_CALCULATOR_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: expense-calculator - - name: EGOV_INDIVIDUAL_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: individual - - name: PROGRAM_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: program-service From 91ad4a2eac79dc4fc65b27c1fd8737fc6f6c4861 Mon Sep 17 00:00:00 2001 From: himanshukeshari-eGov <137176658+himanshukeshari-eGov@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:50:30 +0530 Subject: [PATCH 685/742] Updated the namespace for auto restart values.yaml (#2345) --- .../helm/charts/health-services/hcm-moz-impl/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml index 91328024d9..62c475e10e 100644 --- a/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml +++ b/deploy-as-code/helm/charts/health-services/hcm-moz-impl/values.yaml @@ -386,7 +386,7 @@ env: | name: hcm-moz-impl key: kubeconfig - name: EGOV_KUBE_NAMESPACE - value: egov + value: health - name: EGOV_KUBE_MDMS_POD value: health-mdms-v1 - name: EGOV_KUBE_IS_CLUSTER From b5da0a5f33f9e6bb059c007eacb01d3300372528 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 15:14:15 +0530 Subject: [PATCH 686/742] Updated mukta-ifix-adapter chart (#2346) Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- .../utilities/mukta-ifix-adapter/values.yaml | 79 ++++++++++--------- 1 file changed, 43 insertions(+), 36 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml index b820b9a521..a81e79227a 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml @@ -24,67 +24,74 @@ initContainers: image: repository: "mukta-ifix-adapter" replicas: "1" +healthChecks: + enabled: false +appType: "java-spring" +tracing-enabled: true +heap: "-Xmx192m -Xms192m" +java-args: "" # Additional Container Envs env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "payment-create-topic" }} + - name: PAYMENT_CREATE_TOPIC + value: {{ index .Values "payment-create-topic" | quote }} + {{- end }} + {{- if index .Values "egov-bill-search-limit" }} + - name: EGOV_BILL_SEARCH_LIMIT + value: {{ index .Values "egov-bill-search-limit" | quote }} + {{- end }} - name: EGOV_MDMS_HOST valueFrom: configMapKeyRef: name: egov-service-host key: egov-mdms-service - - name: DB_HOST + - name: EGOV_BILL_HOST valueFrom: configMapKeyRef: - name: egov-config - key: db-host - - name: DB_NAME - valueFrom: - configMapKeyRef: - name: egov-config - key: db-name - - name: DB_USER - valueFrom: - secretKeyRef: - name: db - key: username - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: db - key: password - - name: KAFKA_BROKER_HOST - valueFrom: - configMapKeyRef: - name: egov-config - key: kafka-brokers - - name: DB_PORT - value: "5432" - - name: EGOV_ORGANISATION_HOST + name: egov-service-host + key: expense + - name: EGOV_BILL_CALCULATOR_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: organisation - - name: EXPENSE_SERVICE_HOST + key: expense-calculator + - name: EGOV_BANK_ACCOUNT_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: expense - - name: BANKACCOUNT_SERVICE_HOST + key: bankaccounts + - name: EGOV_INDIVIDUAL_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: bankaccounts - - name: EXPENSE_CALCULATOR_SERVICE_HOST + key: individual + - name: EGOV_ORGANISATION_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: expense-calculator - - name: EGOV_INDIVIDUAL_HOST + key: organisation + + - name: EGOV_ORGANISATION_HOST valueFrom: configMapKeyRef: name: egov-service-host - key: individual - - name: PROGRAM_SERVICE_HOST + key: organisation + - name: EGOV_PROGRAM_SERVICE_HOST valueFrom: configMapKeyRef: name: egov-service-host From 391227e82efe6450b093da68be58e042fb94adb6 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:17:19 +0530 Subject: [PATCH 687/742] Updated mukta-ifix-adapter chart (#2347) * Updated mukta-ifix-adapter chart * Updated mukta-ifix-adapter config --------- Co-authored-by: Shailesh Pandey <110380977+shailesh-egov@users.noreply.github.com> --- .../utilities/mukta-ifix-adapter/values.yaml | 58 +++++++++++-------- 1 file changed, 34 insertions(+), 24 deletions(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml index a81e79227a..51d9678891 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml @@ -25,7 +25,9 @@ image: repository: "mukta-ifix-adapter" replicas: "1" healthChecks: - enabled: false + enabled: true + livenessProbePath: "/mukta-ifix-adapter/health" + readinessProbePath: "/mukta-ifix-adapter/health" appType: "java-spring" tracing-enabled: true heap: "-Xmx192m -Xms192m" @@ -39,22 +41,10 @@ env: | value: {{ index .Values "heap" | quote }} - name: JAVA_ARGS value: {{ index .Values "java-args" | quote }} - {{- if index .Values "tracing-enabled" }} - - name: TRACER_OPENTRACING_ENABLED - value: "true" - {{- end }} - {{- if index .Values "java-enable-debug" }} - - name: JAVA_ENABLE_DEBUG - value: "true" - {{- end }} - {{- if index .Values "payment-create-topic" }} - - name: PAYMENT_CREATE_TOPIC - value: {{ index .Values "payment-create-topic" | quote }} - {{- end }} - {{- if index .Values "egov-bill-search-limit" }} - - name: EGOV_BILL_SEARCH_LIMIT - value: {{ index .Values "egov-bill-search-limit" | quote }} - {{- end }} + - name: SERVER_CONTEXT_PATH + value: /mukta-ifix-adapter + - name: SERVER_SERVLET_CONTEXT-PATH + value: /mukta-ifix-adapter - name: EGOV_MDMS_HOST valueFrom: configMapKeyRef: @@ -84,15 +74,35 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: organisation - - - name: EGOV_ORGANISATION_HOST - valueFrom: - configMapKeyRef: - name: egov-service-host - key: organisation + key: organisation - name: EGOV_PROGRAM_SERVICE_HOST valueFrom: configMapKeyRef: name: egov-service-host key: program-service + - name: APP_TIMEZONE + valueFrom: + configMapKeyRef: + name: egov-config + key: timezone + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + {{- if index .Values "java-enable-debug" }} + - name: JAVA_ENABLE_DEBUG + value: "true" + {{- end }} + {{- if index .Values "payment-create-topic" }} + - name: PAYMENT_CREATE_TOPIC + value: {{ index .Values "payment-create-topic" | quote }} + {{- end }} + {{- if index .Values "egov-bill-search-limit" }} + - name: EGOV_BILL_SEARCH_LIMIT + value: {{ index .Values "egov-bill-search-limit" | quote }} + {{- end }} + {{- if index .Values "disburse-create-topic" }} + - name: DISBURSE_CREATE_TOPIC + value: {{ index .Values "disburse-create-topic" | quote }} + {{- end }} + From 71c9870ccff3ace1ded0f1e181b2dc5e3c0d523a Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:33:37 +0530 Subject: [PATCH 688/742] added health-project health-individual service host (#2348) --- .../health-services/health-project/values.yaml | 4 ++-- .../charts/health-services/household/values.yaml | 4 ++-- .../health-services/referralmanagement/values.yaml | 12 ++++++------ .../helm/charts/health-services/stock/values.yaml | 4 ++-- deploy-as-code/helm/environments/unified-dev.yaml | 2 ++ .../helm/environments/unified-health-dev.yaml | 2 ++ .../helm/environments/unified-health-qa.yaml | 2 ++ deploy-as-code/helm/environments/unified-qa.yaml | 2 ++ 8 files changed, 20 insertions(+), 12 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/health-project/values.yaml b/deploy-as-code/helm/charts/health-services/health-project/values.yaml index 3e6d3487d6..5e7e205ec7 100644 --- a/deploy-as-code/helm/charts/health-services/health-project/values.yaml +++ b/deploy-as-code/helm/charts/health-services/health-project/values.yaml @@ -137,9 +137,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: individual + key: health-individual - name: EGOV_SEARCH_INDIVIDUAL_URL - value: "/individual/v1/_search" + value: "/health-individual/v1/_search" - name: EGOV_PRODUCT_HOST valueFrom: configMapKeyRef: diff --git a/deploy-as-code/helm/charts/health-services/household/values.yaml b/deploy-as-code/helm/charts/health-services/household/values.yaml index fd918659c6..334a160d26 100644 --- a/deploy-as-code/helm/charts/health-services/household/values.yaml +++ b/deploy-as-code/helm/charts/health-services/household/values.yaml @@ -83,9 +83,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: individual + key: health-individual - name: EGOV_INDIVIDUAL_SEARCH_URL - value: "/individual/v1/_search" + value: "/health-individual/v1/_search" - name: HOUSEHOLD_MEMBER_KAFKA_CREATE_TOPIC value: "save-household-member-health-topic" - name: HOUSEHOLD_MEMBER_KAFKA_UPDATE_TOPIC diff --git a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml index 3c4da0de8a..8a832386bb 100644 --- a/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml +++ b/deploy-as-code/helm/charts/health-services/referralmanagement/values.yaml @@ -132,9 +132,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: individual + key: health-individual - name: EGOV_SEARCH_INDIVIDUAL_URL - value: "/individual/v1/_search" + value: "/health-individual/v1/_search" - name: EGOV_PRODUCT_HOST valueFrom: configMapKeyRef: @@ -146,13 +146,13 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: project + key: health-project - name: EGOV_SEARCH_PROJECT_TASK_URL - value: "/project/task/v1/_search" + value: "/health-project/task/v1/_search" - name: EGOV_SEARCH_PROJECT_BENEFICIARY_URL - value: "/project/beneficiary/v1/_search" + value: "/health-project/beneficiary/v1/_search" - name: EGOV_SEARCH_PROJECT_STAFF_URL - value: "/project/staff/v1/_search" + value: "/health-project/staff/v1/_search" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.CREATE.TOPIC value: "save-side-effect-health-topic" - name: REFERRALMANAGEMENT.SIDEEFFECT.KAFKA.UPDATE.TOPIC diff --git a/deploy-as-code/helm/charts/health-services/stock/values.yaml b/deploy-as-code/helm/charts/health-services/stock/values.yaml index 045f59c401..c57153ecc5 100644 --- a/deploy-as-code/helm/charts/health-services/stock/values.yaml +++ b/deploy-as-code/helm/charts/health-services/stock/values.yaml @@ -131,9 +131,9 @@ env: | valueFrom: configMapKeyRef: name: egov-service-host - key: project + key: health-project - name: EGOV_SEARCH_PROJECT_FACILITY_URL - value: "/project/facility/v1/_search" + value: "/health-project/facility/v1/_search" - name: EGOV_USER_INTEGRATION_ENABLED value: "true" - name: EGOV_USER_HOST diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 3c8d83ff1a..9b979868f0 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -150,6 +150,8 @@ cluster-configs: egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" mdms-service-v2: "http://mdms-v2.egov:8080/" + health-project: 'http://health-project.health:8080' + health-individual: 'http://health-individual.health:8080' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index 8dec311575..e978b89128 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -166,6 +166,8 @@ cluster-configs: stock: 'http://stock.health:8080/' facility: 'http://facility.health:8080/' service-request: 'http://service-request:8080/' + health-project: 'http://health-project.health:8080' + health-individual: 'http://health-individual.health:8080' employee: dashboard-url: 'https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))' custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 57bd4bdfd6..92718673df 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -154,6 +154,8 @@ cluster-configs: stock: 'http://stock.health:8080/' facility: 'http://facility.health:8080/' service-request: 'http://service-request:8080/' + health-project: 'http://health-project.health:8080' + health-individual: 'http://health-individual.health:8080' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 79c8176fb8..7a658586e9 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -149,6 +149,8 @@ cluster-configs: birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" + health-project: 'http://health-project.health:8080' + health-individual: 'http://health-individual.health:8080' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From ff0b0a71c9ff1db092a3bb5b25722d5b30642d6e Mon Sep 17 00:00:00 2001 From: rachana-egov <137176770+rachana-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:36:12 +0530 Subject: [PATCH 689/742] Update values.yaml (#2349) --- .../helm/charts/frontend/digit-ui-flutter/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml index 98c74ea3df..c232fd54ff 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -18,8 +18,8 @@ replicas: "1" httpPort: 80 healthChecks: enabled: true - livenessProbePath: "/digit-ui-flutter/health" - readinessProbePath: "/digit-ui-flutter/health" + livenessProbePath: "/digit-ui-flutter/" + readinessProbePath: "/digit-ui-flutter/" namespace: egov extraVolumes: | From d3ce70691376bc44e92b6e70401d5ecde12690fd Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:39:58 +0530 Subject: [PATCH 690/742] changed version (#2350) --- .../charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml index cbb2976d95..4b5de3b10b 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/Chart.yaml @@ -14,7 +14,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. -version: 0.1.0 +version: 0.1.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. From da9cd9f499bdbc8e81740019b4e266d86a3921a2 Mon Sep 17 00:00:00 2001 From: rachana-egov <137176770+rachana-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:41:02 +0530 Subject: [PATCH 691/742] Update values.yaml (#2351) --- .../helm/charts/frontend/digit-ui-flutter/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml index c232fd54ff..1f272effc4 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -18,8 +18,8 @@ replicas: "1" httpPort: 80 healthChecks: enabled: true - livenessProbePath: "/digit-ui-flutter/" - readinessProbePath: "/digit-ui-flutter/" + livenessProbePath: "/" + readinessProbePath: "/" namespace: egov extraVolumes: | From 8de003d789b68b60c7ee28e251fb18a4a5d0ce5a Mon Sep 17 00:00:00 2001 From: rachana-egov <137176770+rachana-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:45:47 +0530 Subject: [PATCH 692/742] Update values.yaml (#2352) --- .../helm/charts/frontend/digit-ui-flutter/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml index 1f272effc4..0dfe67ac58 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -17,7 +17,7 @@ image: replicas: "1" httpPort: 80 healthChecks: - enabled: true + enabled: false livenessProbePath: "/" readinessProbePath: "/" From 49e51d09a7cb83d95d48bff7bcb29f8223da59e5 Mon Sep 17 00:00:00 2001 From: kanishq-egov <138671649+kanishq-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 16:58:51 +0530 Subject: [PATCH 693/742] fixed health-project health-individual service host (#2353) --- deploy-as-code/helm/environments/unified-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-health-dev.yaml | 4 ++-- deploy-as-code/helm/environments/unified-health-qa.yaml | 4 ++-- deploy-as-code/helm/environments/unified-qa.yaml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml index 9b979868f0..278ccc6ac8 100644 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ b/deploy-as-code/helm/environments/unified-dev.yaml @@ -150,8 +150,8 @@ cluster-configs: egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" mdms-service-v2: "http://mdms-v2.egov:8080/" - health-project: 'http://health-project.health:8080' - health-individual: 'http://health-individual.health:8080' + health-project: 'http://health-project.health:8080/' + health-individual: 'http://health-individual.health:8080/' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml index e978b89128..7e5ed04435 100644 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ b/deploy-as-code/helm/environments/unified-health-dev.yaml @@ -166,8 +166,8 @@ cluster-configs: stock: 'http://stock.health:8080/' facility: 'http://facility.health:8080/' service-request: 'http://service-request:8080/' - health-project: 'http://health-project.health:8080' - health-individual: 'http://health-individual.health:8080' + health-project: 'http://health-project.health:8080/' + health-individual: 'http://health-individual.health:8080/' employee: dashboard-url: 'https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))' custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml index 92718673df..bc2d16e9ee 100644 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ b/deploy-as-code/helm/environments/unified-health-qa.yaml @@ -154,8 +154,8 @@ cluster-configs: stock: 'http://stock.health:8080/' facility: 'http://facility.health:8080/' service-request: 'http://service-request:8080/' - health-project: 'http://health-project.health:8080' - health-individual: 'http://health-individual.health:8080' + health-project: 'http://health-project.health:8080/' + health-individual: 'http://health-individual.health:8080/' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml index 7a658586e9..4ad98665a8 100644 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ b/deploy-as-code/helm/environments/unified-qa.yaml @@ -141,6 +141,8 @@ cluster-configs: product: "http://product.health:8080/" facility: "http://facility.health:8080/" egov-edcr: "http://egov-edcr.egov:8080/" + health-project: 'http://health-project.health:8080/' + health-individual: 'http://health-individual.health:8080/' echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ inbox: "http://inbox.egov:8080/" @@ -149,8 +151,6 @@ cluster-configs: birth-death-services: "http://birth-death-services.egov:8080/" egov-pdf: "http://egov-pdf.egov:8080/" egov-user-event: "http://egov-user-event.egov:8080/" - health-project: 'http://health-project.health:8080' - health-individual: 'http://health-individual.health:8080' employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | From 57dd92f479eb78137442070753f600c05333341d Mon Sep 17 00:00:00 2001 From: Jagankumar <53823168+jagankumar-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 17:10:35 +0530 Subject: [PATCH 694/742] Reverted digit-ui-flutter health checks (#2354) * Revert "Update values.yaml (#2352)" This reverts commit 8de003d789b68b60c7ee28e251fb18a4a5d0ce5a. * Revert "Update values.yaml (#2351)" This reverts commit da9cd9f499bdbc8e81740019b4e266d86a3921a2. --- .../helm/charts/frontend/digit-ui-flutter/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml index 0dfe67ac58..c232fd54ff 100644 --- a/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml +++ b/deploy-as-code/helm/charts/frontend/digit-ui-flutter/values.yaml @@ -17,9 +17,9 @@ image: replicas: "1" httpPort: 80 healthChecks: - enabled: false - livenessProbePath: "/" - readinessProbePath: "/" + enabled: true + livenessProbePath: "/digit-ui-flutter/" + readinessProbePath: "/digit-ui-flutter/" namespace: egov extraVolumes: | From 7491a6a5364f13113ca848c4346558ad3b61a315 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Wed, 24 Jan 2024 17:41:38 +0530 Subject: [PATCH 695/742] changed version (#2355) * changed version * added redis --- .../digit-works/utilities/mukta-ifix-adapter/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml index 51d9678891..fdf6d4c008 100644 --- a/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml +++ b/deploy-as-code/helm/charts/digit-works/utilities/mukta-ifix-adapter/values.yaml @@ -85,6 +85,10 @@ env: | configMapKeyRef: name: egov-config key: timezone + - name: SPRING_REDIS_HOST + value: redis.backbone + - name: SPRING_REDIS_PORT + value: "6379" {{- if index .Values "tracing-enabled" }} - name: TRACER_OPENTRACING_ENABLED value: "true" From eb686f5e1e1773649cf9bedc49520769667661c2 Mon Sep 17 00:00:00 2001 From: ansh-egov <137172017+ansh-egov@users.noreply.github.com> Date: Thu, 25 Jan 2024 11:13:10 +0530 Subject: [PATCH 696/742] added java-enable-debug (#2356) --- deploy-as-code/helm/environments/unified-works-dev.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml index c60a64bfd5..9eefee62fd 100644 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ b/deploy-as-code/helm/environments/unified-works-dev.yaml @@ -172,6 +172,7 @@ cluster-configs: measurement-registry: "http://measurement-registry.works:8080/" mukta-services: "http://mukta-services.works:8080/" program-service: "http://program-service.ifix:8080/" + mukta-ifix-adapter: "http://mukta-ifix-adapter.works:8080/" employee: dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" custom-js-injection: | @@ -275,6 +276,10 @@ organisation: works-cbo-url-endpoint: "/works-shg-app" organisation-contact-details-update-topic: organisation.contact.details.update +mukta-ifix-adapter: + tracing-enabled: true + java-enable-debug: true + expense: tracing-enabled: true java-enable-debug: true From c071dd6d791ee334b259b1ccd81b654a36333928 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 29 Jan 2024 15:01:46 +0530 Subject: [PATCH 697/742] added new env (#2357) Co-authored-by: Harish-egov --- deploy-as-code/helm/.sops.yaml | 67 +- .../helm/environments/ci-demo-secrets.yaml | 139 -- deploy-as-code/helm/environments/ci-demo.yaml | 83 - .../environments/deploy-as-code/README.md | 62 + .../deploy-as-code/deployer/Dockerfile | 41 + .../deploy-as-code/deployer/cmd/deploy.go | 79 + .../deploy-as-code/deployer/cmd/root.go | 89 + .../configs/deployment_configurator.go | 1672 +++++++++++++++++ .../deployer/digit_installer.go | 319 ++++ .../deploy-as-code/deployer/full_installer.go | 893 +++++++++ .../deploy-as-code/deployer/go.mod | 20 + .../deploy-as-code/deployer/go.sum | 206 ++ .../deployer/internal/README.md | 14 + .../deployer/internal/app/_your_app_/.keep | 0 .../internal/pkg/_your_private_lib_/.keep | 0 .../deploy-as-code/deployer/main.go | 22 + .../deploy-as-code/deployer/pkg/README.md | 58 + .../deployer/pkg/cmd/deployer/deployer.go | 262 +++ .../deployer/pkg/cmd/deployer/options.go | 38 + .../deployer/standalone_installer.go | 317 ++++ .../helm/environments/digit-lts-secrets.yaml | 91 + .../{unified-urban-qa.yaml => digit-lts.yaml} | 179 +- .../helm/environments/egov-demo-secrets.yaml | 76 - .../egov-demo-template-secrets.yaml | 72 - .../helm/environments/egov-demo-template.yaml | 784 -------- .../helm/environments/egov-demo.yaml | 853 --------- .../quickstart-config-secrets.yaml | 67 - .../helm/environments/quickstart-config.yaml | 156 -- .../environments/sanitation-qa-secrets.yaml | 71 - .../helm/environments/sanitation-qa.yaml | 741 -------- .../helm/environments/sanitation-secrets.yaml | 126 -- .../environments/sanitation-uat-secrets.yaml | 129 -- .../helm/environments/sanitation-uat.yaml | 809 -------- .../helm/environments/sanitation.yaml | 721 ------- .../environments/unified-dev-secrets.yaml | 122 -- .../helm/environments/unified-dev.yaml | 856 --------- .../unified-health-dev-secrets.yaml | 108 -- .../helm/environments/unified-health-dev.yaml | 779 -------- .../unified-health-qa-secrets.yaml | 71 - .../helm/environments/unified-health-qa.yaml | 747 -------- .../unified-health-uat-secrets.yaml | 123 -- .../helm/environments/unified-health-uat.yaml | 764 -------- .../unified-ifix-dev-secrets.yaml | 122 -- .../helm/environments/unified-ifix-dev.yaml | 853 --------- .../environments/unified-ifix-qa-secrets.yaml | 122 -- .../helm/environments/unified-ifix-qa.yaml | 835 -------- .../helm/environments/unified-qa-secrets.yaml | 97 - .../helm/environments/unified-qa.yaml | 789 -------- .../environments/unified-uat-secrets.yaml | 115 -- .../helm/environments/unified-uat.yaml | 802 -------- .../unified-urban-dev-secrets.yaml | 123 -- .../helm/environments/unified-urban-dev.yaml | 1028 ---------- .../unified-urban-qa-secrets.yaml | 71 - .../unified-urban-uat-secrets.yaml | 129 -- .../helm/environments/unified-urban-uat.yaml | 688 ------- .../unified-works-dev-secrets.yaml | 123 -- .../helm/environments/unified-works-dev.yaml | 891 --------- .../unified-works-qa-secrets.yaml | 71 - .../helm/environments/unified-works-qa.yaml | 779 -------- .../unified-works-uat-secrets.yaml | 129 -- .../helm/environments/unified-works-uat.yaml | 755 -------- 61 files changed, 4262 insertions(+), 17086 deletions(-) delete mode 100644 deploy-as-code/helm/environments/ci-demo-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/ci-demo.yaml create mode 100644 deploy-as-code/helm/environments/deploy-as-code/README.md create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/main.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go create mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go create mode 100644 deploy-as-code/helm/environments/digit-lts-secrets.yaml rename deploy-as-code/helm/environments/{unified-urban-qa.yaml => digit-lts.yaml} (87%) delete mode 100644 deploy-as-code/helm/environments/egov-demo-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/egov-demo-template-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/egov-demo-template.yaml delete mode 100644 deploy-as-code/helm/environments/egov-demo.yaml delete mode 100644 deploy-as-code/helm/environments/quickstart-config-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/quickstart-config.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation-qa.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation-uat.yaml delete mode 100644 deploy-as-code/helm/environments/sanitation.yaml delete mode 100644 deploy-as-code/helm/environments/unified-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-dev.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-dev.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-qa.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-health-uat.yaml delete mode 100644 deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-ifix-dev.yaml delete mode 100644 deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-ifix-qa.yaml delete mode 100644 deploy-as-code/helm/environments/unified-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-qa.yaml delete mode 100644 deploy-as-code/helm/environments/unified-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-uat.yaml delete mode 100644 deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-urban-dev.yaml delete mode 100644 deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-urban-uat.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-dev-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-dev.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-qa-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-qa.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-uat-secrets.yaml delete mode 100644 deploy-as-code/helm/environments/unified-works-uat.yaml diff --git a/deploy-as-code/helm/.sops.yaml b/deploy-as-code/helm/.sops.yaml index dfb38f2763..b346d05123 100644 --- a/deploy-as-code/helm/.sops.yaml +++ b/deploy-as-code/helm/.sops.yaml @@ -3,70 +3,5 @@ creation_rules: # upon creation of a file that matches the pattern *dev.yaml, # KMS set A is used # eGOV Internal ------------------------------------------------------------------------------------------------------------- # - - path_regex: environments/sanitation\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:349271159511:key/29adbf26-7b85-4469-8c9e-f8050fd19a8e' - pgp: '58BE5C4525DFE047D960AFF29E8891E02D93FD9F' - - - path_regex: environments/sanitation\-qa\-secrets\.yaml$ + - path_regex: environments/digit\-lts\-secrets\.yaml$ kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/sanitation\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-works\-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-ifix\-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-ifix\-qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-works\-qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-works\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-health\-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-health\-qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-health\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-urban\-dev\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-urban\-qa\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' - - - path_regex: environments/unified\-urban\-uat\-secrets\.yaml$ - kms: 'arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2' - pgp: 'B9FF61E01273EDF7DE298B52F4D6BD77E5C66196' \ No newline at end of file diff --git a/deploy-as-code/helm/environments/ci-demo-secrets.yaml b/deploy-as-code/helm/environments/ci-demo-secrets.yaml deleted file mode 100644 index f3edcc1696..0000000000 --- a/deploy-as-code/helm/environments/ci-demo-secrets.yaml +++ /dev/null @@ -1,139 +0,0 @@ -cluster-configs: - secrets: - jenkins: - clientId: - clientSecret: - gitReadSshPrivateKey: |- - -----BEGIN RSA PRIVATE KEY----- - MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t - B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O - wvGNiLrSkqeKTbAflj/347aGOyO6tG+lDFPtGDOWI8EXQNRDKQb7zxans9fdli1u - vdXEDEF5nqzso0CLOtWjnRcOdWOghOyKdHZLvDIqwMSDvOVcnWH/zUqjMqpQJItu - bCun9tvRGxU5eSdTXCR7bs5qvm0NJR2VdJFZJNnxy9i0iQrinpLNlmoWl0LEunns - 1RJ4Lxm9sGFuM1TuqU+1hLNc2/alZtclq2R424yCjzkz00vPNF+TpOGDdlUMiLpe - 2kbgYyY/hXKrSl2dbWPe00bj0AfNhdDJgb8cDVf9lz/MniG3A/U2St4lKK4ULDgt - /BRwLJzYROP/p1NWNO3m18BvJRXt16dAsBAXy+49CVY+t3twZ4KNO+hzOC+T2bXs - RZWWZXBsSXcT8suCy8CpzsM2V6wmipjBEcTR8MOjBHa5XSSH/e7k4+c1mV2Kjdix - 5GHNEi/oYgseBlIo5SeDtgcVRRX8L07ttG7LjuKW2icrcQnWgQKCAQEA6AFeRdO4 - ajHavP9t9DZEQWs0Xl0xsa4E0BTOXCGvxOgr9mg5ZaVzy/O53aaT92Geb5LkWhJJ - UyNZ2dqITAHIGSpZLosjsb1i5GPcgxkNrRYBH96Zew9GQ87yIu9cI5FpQSA1ijiu - 6B9AozIGAkEBgHj98RgO16Wh6f9UsAyWgiyq67IP3f1cexzuH6sgPWFjvUv4+F7i - HDMZmtftA3sDfs4hFhe7PW0WcW/Ys2ucfjDVeqlOZrlLbDoUYEHZwb3/Ts+Xs5F5 - tRNtpKIPNrFvVwKCAQEA2To/WNk+7pZGZZQU/xyYHiyO9979TtkMnaXOF6Wr8bSD - UAm+4+fPBg3iKhqEOlf8Ldrz1Cc7boIJATx5RmFs+zuc8H9LU0GHp9S/AQ7xjmcG - Os6QmPI2dyQ5dFeKt1eRqZhcedAO1bsj3idnrbk64mfwfxFi86xX80oLBabmDba+ - w5cqjOfGHMfXiHebtUiuOLrxM8no3bAVpf9chzZODdSsLZT6J8Lep4A9pnPsYw+9 - vU1QgTYqk7sTL2ZTA963nm5IACrPBg866p98MRsdlagXtasduWBwnXNTnqM8nKX0 - /Wf90KtbN+ueep8/qWPF4QRZL/wj6y11nyvYIq0CUQKCAQA6dQXM8FDaKR+lWXLa - QPbg6RuLIPW0bl6CuDwdc76EpD6Yzq/izlD8EEkLn7Gq5Zwc+USNSFMOqe18r4Vf - yCIUVFnP2EDsdE0gXf8rDiVLQoC3vGstxOh1J5k0u8LjZz0qHXJq42/YKUIKJm9Q - 55pXAoIBAQCGgkfZd2Q9jnX2zjQWKBmVjZfVqpGFsmbac2HjSKXo3BL3i6FVNCQA - JralxZedHQA9ULfs5YIqkoCK8GxUBV3bT3WFgf0dh5U9ekHvoNY4jFjSLzhgTJMn - QRoGjXKKxsGel4ajsw6Mj/3MwO+1Jd5tdVj5BcYVBuHK901N6aPIWCFVsZQafiYx - ZN2SXKC6SZumRAcRdloo5jq5Qg0JDo+ltxHLeyTU/eJyY7aIojsWHm5kUlbf - -----END RSA PRIVATE KEY----- - gitReadAccessToken: - dockerConfigJson: |- - { - "auths": { - "index.docker.io": { - "username": "", - "password": "", - "email": "", - "auth": "" - } - } - } - dockerUsername: - dockerPassword: - kubeConfigs: - dev: - apiVersion: v1 - clusters: - - cluster: - server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com - certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - name: demo - contexts: - - context: - cluster: demo - user: demo - name: demo - current-context: demo - users: - - name: demo - user: - exec: - apiVersion: client.authentication.k8s.io/v1alpha1 - args: - - "token" - - "-i" - - "demo" - command: aws-iam-authenticator - env: - - name: AWS_ACCESS_KEY - value: cvbgfgbnmscvbq - - name: AWS_SECRET_ACCESS_KEY - value: 123efrghytr32sfghjf - - name: AWS_REGION - value: ap-south-1 - qa: - apiVersion: v1 - clusters: - - cluster: - server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com - certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - name: demo - contexts: - - context: - cluster: demo - user: demo - name: demo - current-context: demo - users: - - name: demo - user: - exec: - apiVersion: client.authentication.k8s.io/v1alpha1 - args: - - "token" - - "-i" - - "demo" - command: aws-iam-authenticator - env: - - name: AWS_ACCESS_KEY - value: cvbgfgbnmscvbq - - name: AWS_SECRET_ACCESS_KEY - value: 123efrghytr32sfghjf - - name: AWS_REGION - value: ap-south-1 - ci: - apiVersion: v1 - clusters: - - cluster: - server: https://238041C1234567893B3C12349FFDE9.yl4.ap-south-1.eks.amazonaws.com - certificate-authority-data: LS0tL1ekNDQWWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJeU1ETXlPVEEyTVRZek9Gb1hEVE15TURNeU5qQTJNVFl6T0Zvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBSy8xCjdwSmQyY1UvT0N2ZmlldlJWVmtWNlpFeXBIWm45MkI3bWpmbXlJbHUvK2NrOUlURVk5ZGRqWmdBL2J2M3dOTnoKRUJRdVU4RElpUW9zUFpISUZtS1F2U2g5YkxRMHlxOHFlZFFwR1dsWllQaU42WTZ3UW9zNWVCYi9nNU5vMDJ0NAo0TitGZittWHFoM0o1eUtjOG1TOEcydUNzWFNrN3V5VmM2STc2ejVyUVhmVGlDSDBtbFU1ZFZLV0F2RnlIZzNZCmx1eEllZGQzTVRNZXJaWTBDMHFoejBqWWxzQWRIWjFYcU1RYmxuZXZCNUJ3TG81SlBHVUhpbVoxRWI4cnVTRDIKRkl6QlRUNXBvUkNDb2ZuNFR4QldlTUg2bG9CWTVhQWQ1Szl4YVNoZ2x4dnc1ZWZJRzBVVmVHc01EdUM5Q0lrMApiNGp5bXJPTUNlSG1RQWFrRzFzQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZITHduMkh1ZXRLTHoxcWRUV1VGbFRCMTFGN0JNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFCQ0txamlRR2NvMGZQVVJ0U3Fkd1E4d0pSaTNqYUttODZTOGtjTHI5Y2d0WXZqMUJKbApaYUJhYjJ1OUxub0oyZmNjWVkyS08wcHpBL0RSRFhaVDUvSXBjOHhGL1hTamwvMDYvVW5yTW84QUFITTdEUXh2Cm1RWXlvUFh4WHVuV1JJRk1qSzUzcW1naDlxbXRqZzJSeldCQXZESGFZcVBoaW1Gd0ZUUVN0ZUZtMEUrVFhsUlUKSDF2akJZSlVSSDgxbUxlMExVemJKVTIzYlNFQUlVdXhUMGQvQkE2NjR6a0tSNTBXc08waTZ4dGkvZklJQlFPVQpzd202RGZneHJndSs0MlVrdm9TeG9ET0xRbmw5VnhiTnB0RWw1cFI2aE1WOThWalVieVBqbUtFNnR1WlBhTk15ClF6dFZDVTFla1pPRnVNWDZ0VUJYS0JQdnNwVUIxckJhY1lBUwotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg== - name: demo - contexts: - - context: - cluster: demo - user: demo - name: demo - current-context: demo - users: - - name: demo - user: - exec: - apiVersion: client.authentication.k8s.io/v1alpha1 - args: - - "token" - - "-i" - - "demo" - command: aws-iam-authenticator - env: - - name: AWS_ACCESS_KEY - value: cvbgfgbnmscvbq - - name: AWS_SECRET_ACCESS_KEY - value: 123efrghytr32sfghjf - - name: AWS_REGION - value: ap-south-1 diff --git a/deploy-as-code/helm/environments/ci-demo.yaml b/deploy-as-code/helm/environments/ci-demo.yaml deleted file mode 100644 index ca25a65e6c..0000000000 --- a/deploy-as-code/helm/environments/ci-demo.yaml +++ /dev/null @@ -1,83 +0,0 @@ -global: - domain: ## Add your Domain Name Eg: site.mydomain.com - setup: fullsetup - -cluster-configs: - namespaces: - create: false - values: [ jenkins, cert-manager ] - root-ingress: - namespace: jenkins - serviceName: jenkins - servicePort: 8080 - appRoot: "" - cert-issuer: "letsencrypt-prod" - -jenkins: - persistence: - enabled: true - aws: - - volumeId: "vol-060d0b69accaf9312" # Add volume id for jenkins-home - zone: ap-south-1b # Add respective availability_zones - - oauth: - enabled: true - acl: - admin: - - egovernments*micro-service-devops # Add github team. Members of this team gets admin access on jenkins - user: # Add github team. Members of this team gets login access on jenkins - - egovernments*micro-service-dev - - egovernments*micro-service-qa - - egovernments*micro-service-uat - - - jobBuilder: # Add jobBuilder repo's, add repo's ssh link - repos: >- - 'git@github.com:egovernments/core-services.git','git@github.com:egovernments/business-services.git' - deploymentJobs: # Setup deploymentJobs ACL - - name: dev # deployment job name - acl: [egovernments*micro-service-dev] # GitHub team name, Members of the team get access to deployment job - - name: qa - acl: [egovernments*micro-service-qa] - - name: uat - acl: [egovernments*micro-service-uat] - - - master: - ingress: - enabled: true - resources: - limits: - cpu: "2000m" - memory: "4096Mi" - javaOpts: "-Xms2560M -Xmx2560M -Duser.timezone=Asia/Calcutta" - -nginx-ingress: - replicas: 1 - default-backend-service: "jenkins/jenkins" - namespace: jenkins - cert-issuer: "letsencrypt-staging" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - -cert-manager: - namespace: jenkins - clusterIssuer: - stage: - acme: - email: "" # Add mail id - -cluster-autoscaler: - namespace: jenkins - cloudProvider: aws - awsRegion: ap-south-1 - autoDiscovery: - clusterName: # Add cluster name - tags: - - kubernetes.io/cluster/ # Add cluster name - diff --git a/deploy-as-code/helm/environments/deploy-as-code/README.md b/deploy-as-code/helm/environments/deploy-as-code/README.md new file mode 100644 index 0000000000..45d2767898 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/README.md @@ -0,0 +1,62 @@ + +# Digit Helm Deployment Common Chart + +The common library chart has templates which eases deployment of a service on to Digit with recommended platform defaults which can further be customized to service or environment needs while abstracting the need to know kubernetes manifest syntax. + +This helps us push defaults and changes to most, if not all, services deployed onto Digit. + +## Requirements + +The default values file [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) has defaults for all manifest files, which can be overrides by service values file or environment override file. + +The service template file [_service.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_service.yaml) used for generating a service manifest. + +The ingress template file [_ingress.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_ingress.yaml) used for generating ingress manifest. + +The deployment template file [_deployment.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_deployment.yaml) used for generating a deployment manifest. + +## Values template + +Parameter | Description | Default +--- | --- | --- +`namespace` | Default namespace for the service | `egov` +`replicas` | Number of Pods to be created | `1` +`httpPort` | Default port number for the service | `8080` +`appType` | Application Type to configure defaults for appType, "java-spring" only type with defaults for now. For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) | ` ` +`labels` | Labels for the service, for example,
`app: "egov-mdms-service"`
`group: "core"` | `''` +`ingress.enabled` | To add ingress controller for the service | `false` +`ingress.zuul` | When ingress is enabled, routes the request via Zuul API gateway | `false` +`ingress.context` | When ingress is enabled, exposes the following context path to the internet, example `user` | `` +`ingress.waf.enabled` | When ingress is enabled, Enable Web Application Firewall for the service | `true` +`image.pullPolicy` | To pull a Docker image from Docker repository, By default skip pulling an image if it already exists | `IfNotPresent` +`image.tag` | Docker image tag for the service | `latest` +`affinity.preferSpreadAcrossAZ` | To spread deployment replicas across multiple availability zones in cloud environment | `true` +`initContainers.dbMigration.enabled` | Add Flyway DB migration container for the service, requires schemaTable configuration! | `false` +`initContainers.dbMigration.schemaTable` | Schema table for the flyway db migration, required, if db migration enabled, | `''` +`initContainers.dbMigration.image.pullPolicy` | Pulls the DB migration docker images from Docker repository | `IfNotPresent` +`initContainers.dbMigration.image.tag` | Docker image tag for the initcontainer | `latest` +`initContainers.dbMigration.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "FLYWAY_USER"`
            `valueFrom:`
                `secretKeyRef:`
                        `name: db`
                        `key: flyway-username`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`initContainers.gitSync.enabled` | To add a gitSync init container which clones a repository using configured ssh read token | `false` +`initContainers.gitSync.repo` | Git repository to be checked out, required, if gitSync enabled, example, `git@github.com:egovernments/egov-mdms-data` | `''` +`initContainers.gitSync.branch` | Git repository branch to be checked out, required, if gitSync enabled, example, `master` | `''` +`gitSync.image.repository` | Docker image of the gitSync init container | `k8s.gcr.io/git-sync` +`gitSync.image.tag` | Docker image tag of the gitSync init container | `v3.1.1` +`gitSync.image.pullPolicy` | Docker image pull policy for gitSync init container | `IfNotPresent` +`gitSync.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "GIT_SYNC_REPO"`
            `value: "{{ .Values.initContainers.gitSync.repo }}"`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`healthChecks.enabled` | To enable/disable healthchecks [Liveness probes and Readiness probes] for a pod | `false` +`healthChecks.livenessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`livenessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.livenessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`healthChecks.livenessProbe.httpGet.path` | Context path of the service to check the liveness of a pod | `{{ .Values.healthChecks.livenessProbePath }}` +`healthChecks.livenessProbe.httpGet.port` | Port number of the service to check the liveness of a pod | `{{ .Values.httpPort }}` +`healthChecks.readinessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`readinessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.readinessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`healthChecks.readinessProbe.httpGet.path` | Context path of the service to check the readiness of a pod | `{{ .Values.healthChecks.readinessProbePath }}` +`healthChecks.readinessProbe.httpGet.port` | Port number of the service to check the readiness of a pod | `{{ .Values.httpPort }}` +`lifecycle.preStop.exec.command` | Executes the command in the pod before stopping | `- sh`
`- -c`
`- "sleep 10"` +`memory_limits` | To set the memory limit for the pod | `512Mi` +`resources` | To set the resource limits for the pod. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `resources: \|`
    `{{- if eq .Values.appType "java-spring" -}}`
    `requests:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `limits:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `{{- end -}}` +`extraEnv.java` | Allows the specification of additional environment variables for Java. Passed through the tpl function and thus to be configured a string | `For Eg:`
`java: \|`
        `- name: SPRING_DATASOURCE_URL`
            `valueFrom:`
                `configMapKeyRef:`
                    `name: egov-config`
                    `key: db-url`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`jaeger` | Jaeger API tracing environment variables to send traces to Jaeger Agent. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`jaeger: \|`
        `- name: JAEGER_AGENT_PORT`
            `port: 6831`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) +`extraVolumes` | To add additional volumes to the service. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumes: \|`
    `- name: new-volume`
        `configMap:`
            `name: service-new-volume` +`extraVolumeMounts` | To mount additional volumes to the service in a desired mount path. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumeMounts: \|`
    `- mountPath: /opt/service-path/file.conf`
        `configMap:`
            `name: new-volume`
            `subPath: file.conf` +`extraInitContainers` | Additional init containers, e. g. for providing themes, etc. Passed through the `tpl` function and thus to be configured a string | `""` +`extraContainers` | Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy. Passed through the `tpl` function and thus to be configured a string | `""` + diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile b/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile new file mode 100644 index 0000000000..a21992ed43 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile @@ -0,0 +1,41 @@ + +FROM golang:1.13-alpine as build + +ENV GO111MODULE=on +ENV GOCACHE=/tmp + +ARG WORK_DIR +WORKDIR /app + +COPY ${WORK_DIR}/go.mod . +COPY ${WORK_DIR}/go.sum . + +RUN go mod download + +COPY . . + +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build + + +# Create runtime image +FROM alpine:3 + +ARG KUBECTL_VERSION=v1.15.12 +ARG SOPS_VERSION=v3.5.0 +ARG HELM_VERSION=v3.2.1 + +WORKDIR /opt/egov + +RUN addgroup -S egov && adduser -S -G egov egov +COPY --chown=egov:egov --from=build /app/egov-deployer /opt/egov/ + +RUN chmod +x /opt/egov/egov-deployer +RUN wget https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl \ + && wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.12.7/2019-03-27/bin/linux/amd64/aws-iam-authenticator \ + && wget -O sops https://github.com/mozilla/sops/releases/download/$SOPS_VERSION/sops-$SOPS_VERSION.linux \ + && wget -qO- https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar xvz \ + && chmod +x ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm \ + && mv ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm /usr/local/bin \ + && rm -rf ./linux-amd64 && rm -f /var/cache/apk/* + +# USER egov diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go new file mode 100644 index 0000000000..97d2ad9643 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go @@ -0,0 +1,79 @@ +/* +Copyright © 2019 NAME HERE + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package cmd + +import ( + "errors" + "fmt" + "deployer/pkg/cmd/deployer" + + "github.com/spf13/cobra" + "github.com/spf13/viper" +) + +var options deployer.Options + +// deployCmd represents the deploy command +var deployCmd = &cobra.Command{ + Use: "deploy [IMAGES]", + Short: "Deploy a comma separated list of images", + Long: `A longer description that spans multiple lines and likely contains examples +and usage of using your command. For example: + +Cobra is a CLI library for Go that empowers applications. +This application is a tool to generate the needed files +to quickly create a Cobra application.`, + + PreRunE: func(cmd *cobra.Command, args []string) error { + if len(args) < 1 { + return errors.New("At least require one image to deploy") + } + options.Images = args[0] + + return nil + }, + Run: func(cmd *cobra.Command, args []string) { + + options.ConfigDir = viper.GetString("helm-dir") + deployer.DeployCharts(options) + fmt.Println("options.ConfigDir: " + options.ConfigDir) + + }, +} + +func init() { + // deployCmd.Flags().StringVarP(&images, "images", "i", "", "Images to be deployed") + + deployCmd.Flags().String("helm-dir", "../../config-as-code", "Helm Charts / Configs directory") + viper.BindPFlag("helm-dir", deployCmd.Flags().Lookup("helm-dir")) + + deployCmd.Flags().StringVarP(&options.Environment, "environment", "e", "", "Environment override to be applied") + deployCmd.Flags().BoolVarP(&options.ClusterConfigs, "cluster-configs", "c", false, "Deploy cluster configs") + deployCmd.Flags().BoolVarP(&options.Print, "print", "p", false, "Print templates to stdout") + // deployCmd.MarkFlagRequired("images") + deployCmd.MarkFlagRequired("environment") + rootCmd.AddCommand(deployCmd) + + // Here you will define your flags and configuration settings. + + // Cobra supports Persistent Flags which will work for this command + // and all subcommands, e.g.: + // deployCmd.PersistentFlags().String("foo", "", "A help for foo") + + // Cobra supports local flags which will only run when this command + // is called directly, e.g.: + // deployCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle") +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go new file mode 100644 index 0000000000..8c617d8b37 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go @@ -0,0 +1,89 @@ +/* +Copyright © 2019 NAME HERE + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package cmd + +import ( + "fmt" + "os" + + "github.com/spf13/cobra" + + homedir "github.com/mitchellh/go-homedir" + "github.com/spf13/viper" +) + +var cfgFile string + +// rootCmd represents the base command when called without any subcommands +var rootCmd = &cobra.Command{ + Use: "deployer", + Short: "A brief description of your application", + Long: `A longer description that spans multiple lines and likely contains +examples and usage of using your application. For example: + +Cobra is a CLI library for Go that empowers applications. +This application is a tool to generate the needed files +to quickly create a Cobra application.`, + // Uncomment the following line if your bare application + // has an action associated with it: + // Run: func(cmd *cobra.Command, args []string) { }, +} + +// Execute adds all child commands to the root command and sets flags appropriately. +// This is called by main.main(). It only needs to happen once to the rootCmd. +func Execute() { + if err := rootCmd.Execute(); err != nil { + fmt.Println(err) + os.Exit(1) + } +} + +func init() { + cobra.OnInitialize(initConfig) + + // Here you will define your flags and configuration settings. + // Cobra supports persistent flags, which, if defined here, + // will be global for your application. + + rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.deployer.yaml)") + +} + +// initConfig reads in config file and ENV variables if set. +func initConfig() { + if cfgFile != "" { + // Use config file from the flag. + viper.SetConfigFile(cfgFile) + } else { + // Find home directory. + home, err := homedir.Dir() + if err != nil { + fmt.Println(err) + os.Exit(1) + } + + // Search config in home directory with name ".deployer" (without extension). + viper.AddConfigPath(home) + viper.SetConfigName(".deployer") + } + + viper.AutomaticEnv() // read in environment variables that match + + // If a config file is found, read it in. + if err := viper.ReadInConfig(); err == nil { + fmt.Println("Using config file:", viper.ConfigFileUsed()) + } +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go new file mode 100644 index 0000000000..6fd978bf19 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go @@ -0,0 +1,1672 @@ +package configs + +import ( + "fmt" + "io/ioutil" + "log" + "strings" + + yaml "gopkg.in/yaml.v3" +) + +var region = "ap-south-1b" + +// Quickstart kubeconfig struct +type Config struct { + APIVersion string `yaml:"apiVersion"` + Clusters []struct { + Cluster struct { + CertificateAuthorityData string `yaml:"certificate-authority-data"` + Server string `yaml:"server"` + } `yaml:"cluster"` + Name string `yaml:"name"` + } `yaml:"clusters"` + Contexts []struct { + Context struct { + Cluster string `yaml:"cluster"` + User string `yaml:"user"` + } `yaml:"context"` + Name string `yaml:"name"` + } `yaml:"contexts"` + CurrentContext string `yaml:"current-context"` + Kind string `yaml:"kind"` + Preferences struct { + } `yaml:"preferences"` + Users []struct { + Name string `yaml:"name"` + User struct { + ClientCertificateData string `yaml:"client-certificate-data"` + ClientKeyData string `yaml:"client-key-data"` + } `yaml:"user"` + } `yaml:"users"` +} + +// environment secret struct +type Secret struct { + ClusterConfigs struct { + Secrets struct { + Db struct { + Username string `yaml:"username"` + Password string `yaml:"password"` + FlywayUsername string `yaml:"flywayUsername"` + FlywayPassword string `yaml:"flywayPassword"` + } `yaml:"db"` + EgovNotificationSms struct { + Username string `yaml:"username"` + Password string `yaml:"password"` + } `yaml:"egov-notification-sms"` + EgovFilestore struct { + AwsKey string `yaml:"aws-key"` + AwsSecretKey string `yaml:"aws-secret-key"` + } `yaml:"egov-filestore"` + EgovLocation struct { + Gmapskey string `yaml:"gmapskey"` + } `yaml:"egov-location"` + EgovPgService struct { + AxisMerchantID string `yaml:"axis-merchant-id"` + AxisMerchantSecretKey string `yaml:"axis-merchant-secret-key"` + AxisMerchantUser string `yaml:"axis-merchant-user"` + AxisMerchantPwd string `yaml:"axis-merchant-pwd"` + AxisMerchantAccessCode string `yaml:"axis-merchant-access-code"` + PayuMerchantKey string `yaml:"payu-merchant-key"` + PayuMerchantSalt string `yaml:"payu-merchant-salt"` + } `yaml:"egov-pg-service"` + Pgadmin struct { + AdminEmail string `yaml:"admin-email"` + AdminPassword string `yaml:"admin-password"` + ReadEmail string `yaml:"read-email"` + ReadPassword string `yaml:"read-password"` + } `yaml:"pgadmin"` + EgovEncService struct { + MasterPassword string `yaml:"master-password"` + MasterSalt string `yaml:"master-salt"` + MasterInitialvector string `yaml:"master-initialvector"` + } `yaml:"egov-enc-service"` + EgovNotificationMail struct { + Mailsenderusername string `yaml:"mailsenderusername"` + Mailsenderpassword string `yaml:"mailsenderpassword"` + } `yaml:"egov-notification-mail"` + GitSync struct { + SSH string `yaml:"ssh"` + KnownHosts string `yaml:"known-hosts"` + } `yaml:"git-sync"` + Kibana struct { + Namespace string `yaml:"namespace"` + Credentials string `yaml:"credentials"` + } `yaml:"kibana"` + EgovSiMicroservice struct { + SiMicroserviceUser string `yaml:"si-microservice-user"` + SiMicroservicePassword string `yaml:"si-microservice-password"` + MailSenderPassword string `yaml:"mail-sender-password"` + } `yaml:"egov-si-microservice"` + EgovEdcrNotification struct { + EdcrMailUsername string `yaml:"edcr-mail-username"` + EdcrMailPassword string `yaml:"edcr-mail-password"` + EdcrSmsUsername string `yaml:"edcr-sms-username"` + EdcrSmsPassword string `yaml:"edcr-sms-password"` + } `yaml:"egov-edcr-notification"` + Chatbot struct { + ValuefirstUsername string `yaml:"valuefirst-username"` + ValuefirstPassword string `yaml:"valuefirst-password"` + } `yaml:"chatbot"` + EgovUserChatbot struct { + CitizenLoginPasswordOtpFixedValue string `yaml:"citizen-login-password-otp-fixed-value"` + } `yaml:"egov-user-chatbot"` + Oauth2Proxy struct { + ClientID string `yaml:"clientID"` + ClientSecret string `yaml:"clientSecret"` + CookieSecret string `yaml:"cookieSecret"` + } `yaml:"oauth2-proxy"` + } `yaml:"secrets"` + } `yaml:"cluster-configs"` +} + +//terrafrom struct +type Output struct { + Outputs struct { + ClusterEndpoint struct { + Value string `json:"value"` + } `json:"cluster_endpoint"` + DbInstanceEndpoint struct { + Value string `json:"value"` + } `json:"db_instance_endpoint"` + DbInstanceName struct { + Value string `json:"value"` + } `json:"db_instance_name"` + DbInstancePort struct { + Value int `json:"value"` + } `json:"db_instance_port"` + DbInstanceUsername struct { + Value string `json:"value"` + } `json:"db_instance_username"` + EsDataVolumeIds struct { + Value []string `json:"value"` + } `json:"es_data_volume_ids"` + EsMasterVolumeIds struct { + Value []string `json:"value"` + } `json:"es_master_volume_ids"` + KafkaVolIds struct { + Value []string `json:"value"` + } `json:"kafka_vol_ids"` + KubectlConfig struct { + Value string `json:"value"` + } `json:"kubectl_config"` + PrivateSubnets struct { + Value []string `json:"value"` + } `json:"private_subnets"` + PublicSubnets struct { + Value []string `json:"value"` + } `json:"public_subnets"` + VpcID struct { + Value string `json:"value"` + } `json:"vpc_id"` + ZookeeperVolumeIds struct { + Value []string `json:"value"` + } `json:"zookeeper_volume_ids"` + } `json:"outputs"` +} +type Quickstart struct { + Outputs struct { + PublicIP struct { + Value string `json:"value"` + } `json:"public_ip"` + } `json:"outputs"` + Resources []struct { + Instances []struct { + Attributes struct { + PrivateIP string `json:"private_ip"` + } `json:"attributes"` + } `json:"instances"` + } `json:"resources"` +} + +func DeployConfig(Config map[string]interface{}, kvids []string, zvids []string, esdids []string, esmids []string, modules []string, smsproceed string, fileproceed string, botproceed string, flag string) { + + file, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo.yaml") + if err != nil { + log.Printf("%v", err) + } + var data map[string]interface{} + ModData := make(map[string]interface{}) + err = yaml.Unmarshal(file, &data) + if err != nil { + log.Printf("%v", err) + } + for i := range data { + if i == "global" { + Global := data[i].(map[string]interface{}) + for j := range Global { + if j == "domain" { + Global[j] = Config["Domain"] + } + } + } + if i == "cluster-configs" { + // fmt.Println("found cluster-configs") + ClusterConfigs := data[i].(map[string]interface{}) + for j := range ClusterConfigs { + if j == "configmaps" { + // fmt.Println("found configmaps") + Configmaps := ClusterConfigs[j].(map[string]interface{}) + for k := range Configmaps { + if k == "egov-config" { + // fmt.Println("found egov-config") + EgovConfig := Configmaps[k].(map[string]interface{}) + for l := range EgovConfig { + if l == "data" { + // fmt.Println("found data") + Data := EgovConfig[l].(map[string]interface{}) + for m := range Data { + if m == "db-host" { + Host := Config["db-host"].(string) + provider := Host[:strings.IndexByte(Host, ':')] + Data[m] = provider + } + if m == "db-name" { + Data[m] = Config["db_name"] + } + if m == "db-url" { + url := fmt.Sprintf("jdbc:postgresql://%s/%s", Config["db-host"], Config["db_name"]) + Data[m] = url + } + if m == "domain" { + Data[m] = Config["Domain"] + } + if m == "egov-services-fqdn-name" { + fqdn := fmt.Sprintf("https://%s/", Config["Domain"]) + Data[m] = fqdn + } + if m == "s3-assets-bucket" { + + } + if m == "es-host" { + + } + if m == "es-indexer-host" { + + } + if m == "flyway-locations" { + + } + if m == "kafka-brokers" { + + } + if m == "kafka-infra-brokers" { + + } + if m == "logging-level-jdbc" { + + } + if m == "mobile-validation-workaround" { + + } + if m == "serializers-timezone-in-ist" { + + } + if m == "server-tomcat-max-connections" { + + } + if m == "server-tomcat-max-threads" { + + } + if m == "sms-enabled" { + + } + if m == "spring-datasource-tomcat-initialSize" { + + } + if m == "spring-datasource-tomcat-max-active" { + + } + if m == "spring-jpa-show-sql" { + + } + if m == "timezone" { + + } + if m == "tracer-errors-provideexceptionindetails" { + + } + } + } + } + } + + } + } + } + } + if i == "egov-mdms-service" || i == "egov-indexer" || i == "egov-persister" || i == "egov-data-uploader" || i == "egov-searcher" || i == "dashboard-analytics" || i == "dashboard-ingest" || i == "report" || i == "pdf-service" { + // fmt.Println("in mdms") + Service := data[i].(map[string]interface{}) + for j := range Service { + if j == "search-yaml-path" { + + } + if j == "config-schema-paths" { + + } + if j == "replicas" { + + } + if j == "mdms-path" { + + } + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "mdms-path" { + + } + if j == "persist-yml-path" { + + } + if j == "initContainers" { + // fmt.Println("in init") + InitContainers := Service[j].(map[string]interface{}) + for k := range InitContainers { + if k == "gitSync" { + // fmt.Println("in git sync") + GitSync := InitContainers[k].(map[string]interface{}) + for l := range GitSync { + if l == "branch" { + GitSync[l] = Config["BranchName"] + } + if l == "repo" { + if data[i]=="egov-mdms-service"{ + GitSync[l]=Config["mdms-branch"] + }else{ + GitSync[l]=Config["configs-branch"] + } + } + } + } + } + } + if j == "mdms-folder" { + + } + if j == "masters-config-url" { + + } + if j == "java-args" { + + } + if j == "egov-indexer-yaml-repo-path" { + + } + } + } + if i == "cert-manager" { + CertManager := data[i].(map[string]interface{}) + for j := range CertManager { + if j == "email" { + CertManager[j] = "" + } + } + } + if i == "kafka-v2" { + KafkaV2 := data[i].(map[string]interface{}) + for j := range KafkaV2 { + if j == "persistence" { + Persistence := KafkaV2[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + Volume := Aws[l].(map[string]interface{}) + for m := range Volume { + if m == "volumeId" && N == l { + Volume[m] = kvids[l] + } + if m == "zone" { + Volume[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "zookeeper-v2" { + ZookeeperV2 := data[i].(map[string]interface{}) + for j := range ZookeeperV2 { + if j == "persistence" { + Persistence := ZookeeperV2[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + Volume := Aws[l].(map[string]interface{}) + for m := range Volume { + if m == "volumeId" && N == l { + Volume[m] = zvids[l] + } + if m == "zone" { + Volume[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "elasticsearch-data-v1" { + ElasticsearchDataV1 := data[i].(map[string]interface{}) + for j := range ElasticsearchDataV1 { + if j == "persistence" { + Persistence := ElasticsearchDataV1[j].(map[string]interface{}) + for k := range Persistence { + if k == "aws" { + Aws := Persistence[k].([]interface{}) + N := 0 + for l := range Aws { + NesteM := Aws[l].(map[string]interface{}) + for m := range NesteM { + if m == "volumeId" && N == l { + NesteM[m] = esdids[l] + } + if m == "zone" { + NesteM[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "elasticsearch-master-v1" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "persistence" { + nest := NestedMap[j].(map[string]interface{}) + for k := range nest { + if k == "aws" { + Neste := nest[k].([]interface{}) + N := 0 + for l := range Neste { + NesteM := Neste[l].(map[string]interface{}) + for m := range NesteM { + if m == "volumeId" && N == l { + NesteM[m] = esmids[l] + } + if m == "zone" { + NesteM[m] = region + } + } + N++ + + } + } + } + } + } + } + if i == "employee" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "dashboard-url" { + + } + if j == "custom-js-injection" { + + } + } + } + if i == "citizen" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "custom-js-injection" { + + } + } + } + if i == "digit-ui" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "custom-js-injection" { + } + } + } + if i == "egov-filestore" && fileproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "volume" { + + } + if j == "is-bucket-fixed" { + + } + if j == "minio.url" { + + } + if j == "aws.s3.url" { + + } + if j == "is-s3-enabled" { + + } + if j == "minio-enabled" { + + } + if j == "allowed-file-formats-map" { + + } + if j == "llowed-file-formats" { + + } + if j == "filestore-url-validity" { + + } + if j == "fixed-bucketname" { + NestedMap[j] = Config["fixed-bucket"] + } + } + + } + if i == "egov-notification-sms" && smsproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "sms-provider-url" { + NestedMap[j] = Config["sms-provider-url"] + } + if j == "sms.provider.class" { + + } + if j == "sms.provider.contentType" { + + } + if j == "sms-config-map" { + + } + if j == "sms-gateway-to-use" { + NestedMap[j] = Config["sms-gateway-to-use"] + } + if j == "sms-sender" { + NestedMap[j] = Config["sms-sender"] + } + if j == "sms-sender-requesttype" { + + } + if j == "sms-custom-config" { + + } + if j == "sms-extra-req-params" { + + } + if j == "sms-sender-req-param-name" { + + } + if j == "sms-sender-username-req-param-name" { + + } + if j == "sms-sender-password-req-param-name" { + + } + if j == "sms-destination-mobile-req-param-name" { + + } + if j == "sms-message-req-param-name" { + + } + if j == "sms-error-codes" { + + } + } + ModData["egov-notification-sms"] = data["egov-notification-sms"] + } + if i == "egov-user" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "otp-validation" { + + } + if j == "citizen-otp-enabled" { + + } + if j == "employee-otp-enabled" { + + } + if j == "access-token-validity" { + + } + if j == "refresh-token-validity" { + + } + if j == "default-password-expiry" { + + } + if j == "mobile-number-validation" { + + } + if j == "roles-state-level" { + + } + if j == "zen-registration-withlogin" { + + } + if j == "citizen-otp-fixed" { + + } + if j == "citizen-otp-fixed-enabled" { + + } + if j == "egov-state-level-tenant-id" { + + } + if j == "decryption-abac-enabled" { + + } + } + } + if i == "chatbot" && botproceed == "yes" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "kafka-topics-partition-count" { + + } + if j == "kafka-topics-replication-factor" { + + } + if j == "kafka-consumer-poll-ms" { + + } + if j == "kafka-producer-linger-ms" { + + } + if j == "contact-card-whatsapp-number" { + + } + if j == "contact-card-whatsapp-name" { + + } + if j == "valuefirst-whatsapp-number" { + + } + if j == "valuefirst-notification-assigned-templateid" { + + } + if j == "valuefirst-notification-resolved-templateid" { + + } + if j == "valuefirst-notification-rejected-templateid" { + + } + if j == "valuefirst-notification-reassigned-templateid" { + + } + if j == "valuefirst-notification-commented-templateid" { + + } + if j == "valuefirst-notification-welcome-templateid" { + + } + if j == "valuefirst-notification-root-templateid" { + + } + if j == "valuefirst-send-message-url" { + + } + if j == "user-service-chatbot-citizen-passwrord" { + + } + } + ModData["chatbot"] = data["chatbot"] + } + if i == "bpa-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "java-debug" { + + } + if j == "tracing-enabled" { + + } + if j == "egov.idgen.bpa.applicationNum.format" { + + } + } + } + if i == "bpa-calculator" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "java-debug" { + + } + if j == "tracing-enabled" { + + } + } + } + if i == "ws-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "wcid-format" { + + } + } + } + if i == "sw-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "scid-format" { + + } + } + } + if i == "egov-pg-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "axis" { + + } + } + } + if i == "report" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "tracing-enabled" { + + } + if j == "spring-datasource-tomcat-max-active" { + + } + if j == "initContainers" { + NestedM := NestedMap[j].(map[string]interface{}) + for k := range NestedM { + if k == "gitSync" { + Neste := NestedM[k].(map[string]interface{}) + for l := range Neste { + if l == "repo" { + + } + if l == "branch" { + Neste[l] = Config["BranchName"] + } + } + } + } + } + if j == "report-locationsfile-path" { + + } + } + } + if i == "pdf-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "initContainers" { + NestedM := NestedMap[j].(map[string]interface{}) + for k := range NestedM { + if k == "gitSync" { + Neste := NestedM[k].(map[string]interface{}) + for l := range Neste { + if l == "repo" { + + } + if l == "branch" { + Neste[l] = Config["BranchName"] + } + } + } + } + } + if j == "data-config-urls" { + + } + if j == "format-config-urls" { + + } + + } + } + if i == "egf-master" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "db-url" { + + } + if j == "memory_limits" { + + } + if j == "heap" { + + } + + } + } + if i == "egov-custom-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "erp-host" { + + } + } + } + if i == "egov-apportion-service" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "memory_limits" { + + } + if j == "heap" { + + } + } + } + if i == "redoc" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + if j == "service_type" { + + } + } + } + if i == "redoc" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "images" { + + } + if j == "replicas" { + + } + if j == "default-backend-service" { + + } + if j == "namespace" { + + } + if j == "cert-issuer" { + + } + if j == "ssl-protocols" { + + } + if j == "ssl-ciphers" { + + } + if j == "ssl-ecdh-curve" { + + } + } + } + if i == "cert-manager" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "email" { + + } + } + } + if i == "zuul" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "custom-filter-property" { + + } + if j == "tracing-enabled" { + + } + if j == "heap" { + + } + if j == "server-tomcat-max-threads" { + + } + if j == "server-tomcat-max-connections" { + + } + if j == "egov-open-endpoints-whitelist" { + + } + if j == "egov-mixed-mode-endpoints-whitelist" { + + } + } + } + if i == "collection-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "receiptnumber-servicebased" { + + } + if j == "receipt-search-paginate" { + + } + if j == "receipt-search-defaultsize" { + + } + if j == "user-create-enabled" { + + } + } + } + if i == "collection-receipt-voucher-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "jalandhar-erp-host" { + + } + if j == "mohali-erp-host" { + + } + if j == "nayagaon-erp-host" { + + } + if j == "amritsar-erp-host" { + + } + if j == "kharar-erp-host" { + + } + if j == "zirakpur-erp-host" { + + } + } + } + if i == "finance-collections-voucher-consumer" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "erp-env-name" { + + } + if j == "erp-domain-name" { + + } + } + } + if i == "rainmaker-pgr" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "notification-sms-enabled" { + + } + if j == "notification-email-enabled" { + + } + if j == "new-complaint-enabled" { + + } + if j == "reassign-complaint-enabled" { + + } + if j == "reopen-complaint-enabled" { + + } + if j == "comment-by-employee-notif-enabled" { + + } + if j == "notification-allowed-status" { + + } + } + } + if i == "pt-services-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "pt-userevents-pay-link" { + + } + } + } + if i == "pt-calculator-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "logging-level" { + + } + } + } + if i == "tl-services" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "heap" { + + } + if j == "memory_limits" { + + } + if j == "java-args" { + + } + if j == "tl-application-num-format" { + + } + if j == "tl-license-num-format" { + + } + if j == "tl-userevents-pay-link" { + + } + if j == "tl-payment-topic-name" { + + } + if j == "host-link" { + + } + if j == "pdf-link" { + + } + if j == "tl-search-default-limit" { + + } + } + } + if i == "egov-hrms" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "java-args" { + + } + if j == "heap" { + + } + if j == "employee-applink" { + + } + } + } + if i == "egov-weekly-impact-notifier" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "mail-to-address" { + + } + if j == "mail-interval-in-secs" { + + } + if j == "schedule" { + + } + } + } + if i == "kafka-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "topics" { + + } + if j == "zookeeper-connect" { + + } + if j == "kafka-brokers" { + + } + } + } + if i == "logging-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "es-host" { + + } + if j == "es-port" { + + } + } + } + if i == "jaeger-config" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "host" { + + } + if j == "port" { + + } + if j == "sampler-type" { + + } + if j == "sampler-param" { + + } + if j == "sampling-strategies" { + + } + } + } + if i == "redis" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + } + } + if i == "playground" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "replicas" { + + } + if j == "images" { + + } + } + } + if i == "fluent-bit" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "images" { + + } + if j == "egov-services-log-topic" { + + } + if j == "egov-infra-log-topic" { + + } + } + } + if i == "egov-workflow-v2" { + NestedMap := data[i].(map[string]interface{}) + for j := range NestedMap { + if j == "logging-level" { + + } + if j == "java-args" { + + } + if j == "heap" { + + } + if j == "workflow-statelevel" { + + } + if j == "host-link" { + + } + if j == "pdf-link" { + + } + } + } + } + ModData["global"] = data["global"] + ModData["cluster-configs"] = data["cluster-configs"] + ModData["employee"] = data["employee"] + ModData["citizen"] = data["citizen"] + ModData["digit-ui"] = data["digit-ui"] + ModData["egov-filestore"] = data["egov-filestore"] + ModData["egov-idgen"] = data["egov-idgen"] + ModData["egov-user"] = data["egov-user"] + ModData["egov-indexer"] = data["egov-indexer"] + ModData["egov-persister"] = data["egov-persister"] + ModData["egov-data-uploader"] = data["egov-data-uploader"] + ModData["egov-searcher"] = data["egov-searcher"] + ModData["report"] = data["report"] + ModData["pdf-service"] = data["pdf-service"] + ModData["egf-master"] = data["egf-master"] + ModData["egov-custom-consumer"] = data["egov-custom-consumer"] + ModData["egov-apportion-service"] = data["egov-apportion-service"] + ModData["redoc"] = data["redoc"] + ModData["nginx-ingress"] = data["nginx-ingress"] + ModData["cert-manager"] = data["cert-manager"] + ModData["zuul"] = data["zuul"] + ModData["collection-services"] = data["collection-services"] + ModData["collection-receipt-voucher-consumer"] = data["collection-receipt-voucher-consumer"] + ModData["finance-collections-voucher-consumer"] = data["finance-collections-voucher-consumer"] + ModData["egov-workflow-v2"] = data["egov-workflow-v2"] + ModData["egov-hrms"] = data["egov-hrms"] + ModData["egov-weekly-impact-notifier"] = data["egov-weekly-impact-notifier"] + ModData["kafka-config"] = data["kafka-config"] + ModData["logging-config"] = data["logging-config"] + ModData["jaeger-config"] = data["jaeger-config"] + ModData["redis"] = data["redis"] + ModData["playground"] = data["playground"] + ModData["fluent-bit"] = data["fluent-bit"] + ModData["kafka-v2"] = data["kafka-v2"] + ModData["zookeeper-v2"] = data["zookeeper-v2"] + ModData["elasticsearch-data-v1"] = data["elasticsearch-data-v1"] + ModData["elasticsearch-master-v1"] = data["elasticsearch-master-v1"] + ModData["es-curator"] = data["es-curator"] + for i := range modules { + if modules[i] == "m_pgr" { + ModData["egov-pg-service"] = data["egov-pg-service"] + ModData["rainmaker-pgr"] = data["rainmaker-pgr"] + } + if modules[i] == "m_property-tax" { + ModData["pt-services-v2"] = data["pt-services-v2"] + ModData["pt-calculator-v2"] = data["pt-calculator-v2"] + } + if modules[i] == "m_sewerage" { + ModData["sw-services"] = data["sw-services"] + } + if modules[i] == "m_bpa" { + ModData["bpa-services"] = data["bpa-services"] + ModData["bpa-calculator"] = data["bpa-calculator"] + } + if modules[i] == "m_trade-license" { + ModData["tl-services"] = data["tl-services"] + } + if modules[i] == "m_firenoc" { + + } + if modules[i] == "m_water-service" { + ModData["ws-services"] = data["ws-services"] + } + if modules[i] == "m_dss" { + ModData["dashboard-analytics"] = data["dashboard-analytics"] + ModData["dashboard-ingest"] = data["dashboard-ingest"] + } + if modules[i] == "m_fsm" { + + } + if modules[i] == "m_echallan" { + + } + if modules[i] == "m_edcr" { + + } + if modules[i] == "m_finance" { + + } + } + newfile, err := yaml.Marshal(&ModData) + if err != nil { + log.Printf("%v", err) + + } + filename := fmt.Sprintf("../../config-as-code/environments/%s.yaml", Config["file_name"]) + err = ioutil.WriteFile(filename, newfile, 0644) + if err != nil { + log.Printf("%v", err) + } +} + +//secrets config + +func SecretFile(cluster_name string,Ssh string,SecretConfig map[string]string) { + var sec Secret + secret, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo-secrets.yaml") + if err != nil { + log.Printf("%v", err) + } + err = yaml.Unmarshal(secret, &sec) + if err != nil { + log.Printf("%v", err) + } + eUsername := sec.ClusterConfigs.Secrets.Db.Username + fmt.Println(eUsername) + var Db_Username string + var Db_Password string + var Db_FlywayUsername string + var Db_FlywayPassword string + var EgovNotificationSms_Username string + var EgovNotificationSms_Password string + var EgovFilestore_AwsKey string + var EgovFilestore_AwsSecretKey string + var EgovLocation_Gmapskey string + var EgovPgService_AxisMerchantID string + var EgovPgService_AxisMerchantSecretKey string + var EgovPgService_AxisMerchantUser string + var EgovPgService_AxisMerchantPwd string + var EgovPgService_AxisMerchantAccessCode string + var EgovPgService_PayuMerchantKey string + var EgovPgService_PayuMerchantSalt string + var Pgadmin_AdminEmail string + var Pgadmin_AdminPassword string + var Pgadmin_ReadEmail string + var Pgadmin_ReadPassword string + var EgovEncService_MasterPassword string + var EgovEncService_MasterSalt string + var EgovEncService_MasterInitialvector string + var EgovNotificationMail_Mailsenderusername string + var EgovNotificationMail_Mailsenderpassword string + var Kibana_Namespace string + var Kibana_Credentials string + var EgovSiMicroservice_SiMicroserviceUser string + var EgovSiMicroservice_SiMicroservicePassword string + var EgovSiMicroservice_MailSenderPassword string + var EgovEdcrNotification_EdcrMailUsername string + var EgovEdcrNotification_EdcrMailPassword string + var EgovEdcrNotification_EdcrSmsUsername string + var EgovEdcrNotification_EdcrSmsPassword string + var Chatbot_ValuefirstUsername string + var Chatbot_ValuefirstPassword string + var EgovUserChatbot_CitizenLoginPasswordOtpFixedValue string + var Oauth2Proxy_ClientID string + var Oauth2Proxy_ClientSecret string + var Oauth2Proxy_CookieSecret string + + Username := sec.ClusterConfigs.Secrets.Db.Username + Password := sec.ClusterConfigs.Secrets.Db.Password + FlywayUsername := sec.ClusterConfigs.Secrets.Db.FlywayUsername + FlywayPassword := sec.ClusterConfigs.Secrets.Db.FlywayPassword + NotUsername := sec.ClusterConfigs.Secrets.EgovNotificationSms.Username + NotPassword := sec.ClusterConfigs.Secrets.EgovNotificationSms.Password + AwsKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey + AwsSecretKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey + Gmapskey := sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey + AxisMerchantID := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID + AxisMerchantSecretKey := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey + AxisMerchantUser := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser + AxisMerchantPwd := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd + AxisMerchantAccessCode := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode + PayuMerchantKey := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey + PayuMerchantSalt := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt + AdminEmail := sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail + AdminPassword := sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword + ReadEmail := sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail + ReadPassword := sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword + MasterPassword := sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword + MasterSalt := sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt + MasterInitialvector := sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector + Mailsenderusername := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername + Mailsenderpassword := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword + KnownHosts := sec.ClusterConfigs.Secrets.GitSync.KnownHosts + Namespace := sec.ClusterConfigs.Secrets.Kibana.Namespace + Credentials := sec.ClusterConfigs.Secrets.Kibana.Credentials + SiMicroserviceUser := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser + SiMicroservicePassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword + MailSenderPassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword + EdcrMailUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername + EdcrMailPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword + EdcrSmsUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername + EdcrSmsPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword + ValuefirstUsername := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername + ValuefirstPassword := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword + CitizenLoginPasswordOtpFixedValue := sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue + ClientID := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID + ClientSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret + CookieSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret + + fmt.Println("Enter Db_Username:") + fmt.Scanln(&Db_Username) + if Db_Username != "" { + sec.ClusterConfigs.Secrets.Db.Username = Db_Username + } else { + sec.ClusterConfigs.Secrets.Db.Username = Username + } + fmt.Println("Enter Db_Password:") + fmt.Scanln(&Db_Password) + if Db_Password != "" { + sec.ClusterConfigs.Secrets.Db.Password = Db_Password + } else { + sec.ClusterConfigs.Secrets.Db.Password = Password + } + fmt.Println("Enter Db_FlywayUsername:") + fmt.Scanln(&Db_FlywayUsername) + if Db_FlywayUsername != "" { + sec.ClusterConfigs.Secrets.Db.FlywayUsername = Db_FlywayUsername + } else { + sec.ClusterConfigs.Secrets.Db.FlywayUsername = FlywayUsername + } + fmt.Println("Enter Db_FlywayPassword:") + fmt.Scanln(&Db_FlywayPassword) + if Db_FlywayPassword != "" { + sec.ClusterConfigs.Secrets.Db.FlywayPassword = Db_FlywayPassword + } else { + sec.ClusterConfigs.Secrets.Db.FlywayPassword = FlywayPassword + } + if SecretConfig["EgovNotificationSms_Username"] != "" { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = SecretConfig[EgovNotificationSms_Username] + } else { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = NotUsername + } + fmt.Println("Enter EgovNotificationSms_Password:") + fmt.Scanln(&EgovNotificationSms_Password) + if EgovNotificationSms_Password != "" { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = EgovNotificationSms_Password + } else { + sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = NotPassword + } + fmt.Println("Enter EgovFilestore_AwsKey:") + fmt.Scanln(&EgovFilestore_AwsKey) + if EgovFilestore_AwsKey != "" { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = EgovFilestore_AwsKey + } else { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = AwsKey + } + fmt.Println("Enter EgovFilestore_AwsSecretKey:") + fmt.Scanln(&EgovFilestore_AwsSecretKey) + if EgovFilestore_AwsSecretKey != "" { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = EgovFilestore_AwsSecretKey + } else { + sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = AwsSecretKey + } + fmt.Println("Enter EgovLocation_Gmapskey:") + fmt.Scanln(&EgovLocation_Gmapskey) + if EgovLocation_Gmapskey != "" { + sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = EgovLocation_Gmapskey + } else { + sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = Gmapskey + } + fmt.Println("Enter EgovPgService_AxisMerchantID:") + fmt.Scanln(&EgovPgService_AxisMerchantID) + if EgovPgService_AxisMerchantID != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = EgovPgService_AxisMerchantID + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = AxisMerchantID + } + fmt.Println("Enter EgovPgService_AxisMerchantSecretKey:") + fmt.Scanln(&EgovPgService_AxisMerchantSecretKey) + if EgovPgService_AxisMerchantSecretKey != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = EgovPgService_AxisMerchantSecretKey + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = AxisMerchantSecretKey + } + fmt.Println("Enter EgovPgService_AxisMerchantUser:") + fmt.Scanln(&EgovPgService_AxisMerchantUser) + if EgovPgService_AxisMerchantUser != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = EgovPgService_AxisMerchantUser + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = AxisMerchantUser + } + fmt.Println("Enter EgovPgService_AxisMerchantPwd:") + fmt.Scanln(&EgovPgService_AxisMerchantPwd) + if EgovPgService_AxisMerchantPwd != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = EgovPgService_AxisMerchantPwd + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = AxisMerchantPwd + } + fmt.Println("Enter EgovPgService_AxisMerchantAccessCode:") + fmt.Scanln(&EgovPgService_AxisMerchantAccessCode) + if EgovPgService_AxisMerchantAccessCode != "" { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = EgovPgService_AxisMerchantAccessCode + } else { + sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = AxisMerchantAccessCode + } + fmt.Println("Enter EgovPgService_PayuMerchantKey:") + fmt.Scanln(&EgovPgService_PayuMerchantKey) + if EgovPgService_PayuMerchantKey != "" { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = EgovPgService_PayuMerchantKey + } else { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = PayuMerchantKey + } + fmt.Println("Enter EgovPgService_PayuMerchantSalt:") + fmt.Scanln(&EgovPgService_PayuMerchantSalt) + if EgovPgService_PayuMerchantSalt != "" { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = EgovPgService_PayuMerchantSalt + } else { + sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = PayuMerchantSalt + } + fmt.Println("Enter Pgadmin_AdminEmail:") + fmt.Scanln(&Pgadmin_AdminEmail) + if Pgadmin_AdminEmail != "" { + sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = Pgadmin_AdminEmail + } else { + sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = AdminEmail + } + fmt.Println("Enter Pgadmin_AdminPassword:") + fmt.Scanln(&Pgadmin_AdminPassword) + if Pgadmin_AdminPassword != "" { + sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = Pgadmin_AdminPassword + } else { + sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = AdminPassword + } + fmt.Println("Enter Pgadmin_ReadEmail:") + fmt.Scanln(&Pgadmin_ReadEmail) + if Pgadmin_ReadEmail != "" { + sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = Pgadmin_ReadEmail + } else { + sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = ReadEmail + } + fmt.Println("Enter Pgadmin_ReadPassword:") + fmt.Scanln(&Pgadmin_ReadPassword) + if Pgadmin_ReadPassword != "" { + sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = Pgadmin_ReadPassword + } else { + sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = ReadPassword + } + fmt.Println("Enter EgovEncService_MasterPassword:") + fmt.Scanln(&EgovEncService_MasterPassword) + if EgovEncService_MasterPassword != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = EgovEncService_MasterPassword + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = MasterPassword + } + fmt.Println("Enter EgovEncService_MasterSalt:") + fmt.Scanln(&EgovEncService_MasterSalt) + if EgovEncService_MasterSalt != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = EgovEncService_MasterSalt + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = MasterSalt + } + fmt.Println("Enter EgovEncService_MasterInitialvector:") + fmt.Scanln(&EgovEncService_MasterInitialvector) + if EgovEncService_MasterInitialvector != "" { + sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = EgovEncService_MasterInitialvector + } else { + sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = MasterInitialvector + } + fmt.Println("Enter EgovNotificationMail_Mailsenderusername:") + fmt.Scanln(&EgovNotificationMail_Mailsenderusername) + if EgovNotificationMail_Mailsenderusername != "" { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = EgovNotificationMail_Mailsenderusername + } else { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = Mailsenderusername + } + fmt.Println("Enter EgovNotificationMail_Mailsenderpassword:") + fmt.Scanln(&EgovNotificationMail_Mailsenderpassword) + if EgovNotificationMail_Mailsenderpassword != "" { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = EgovNotificationMail_Mailsenderpassword + } else { + sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = Mailsenderpassword + } + sec.ClusterConfigs.Secrets.GitSync.SSH = Ssh + sec.ClusterConfigs.Secrets.GitSync.KnownHosts = KnownHosts + fmt.Println("Enter Kibana_Namespace:") + fmt.Scanln(&Kibana_Namespace) + if Kibana_Namespace != "" { + sec.ClusterConfigs.Secrets.Kibana.Namespace = Kibana_Namespace + } else { + sec.ClusterConfigs.Secrets.Kibana.Namespace = Namespace + } + fmt.Println("Enter Kibana_Credentials:") + fmt.Scanln(&Kibana_Credentials) + if Kibana_Credentials != "" { + sec.ClusterConfigs.Secrets.Kibana.Credentials = Kibana_Credentials + } else { + sec.ClusterConfigs.Secrets.Kibana.Credentials = Credentials + } + fmt.Println("Enter EgovSiMicroservice_SiMicroserviceUser:") + fmt.Scanln(&EgovSiMicroservice_SiMicroserviceUser) + if EgovSiMicroservice_SiMicroserviceUser != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = EgovSiMicroservice_SiMicroserviceUser + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = SiMicroserviceUser + } + fmt.Println("Enter EgovSiMicroservice_SiMicroservicePassword:") + fmt.Scanln(&EgovSiMicroservice_SiMicroservicePassword) + if EgovSiMicroservice_SiMicroservicePassword != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = EgovSiMicroservice_SiMicroservicePassword + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = SiMicroservicePassword + } + fmt.Println("Enter EgovSiMicroservice_MailSenderPassword:") + fmt.Scanln(&EgovSiMicroservice_MailSenderPassword) + if EgovSiMicroservice_MailSenderPassword != "" { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = EgovSiMicroservice_MailSenderPassword + } else { + sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = MailSenderPassword + } + fmt.Println("Enter EgovEdcrNotification_EdcrMailUsername:") + fmt.Scanln(&EgovEdcrNotification_EdcrMailUsername) + if EgovEdcrNotification_EdcrMailUsername != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EgovEdcrNotification_EdcrMailUsername + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EdcrMailUsername + } + fmt.Println("Enter EgovEdcrNotification_EdcrMailPassword:") + fmt.Scanln(&EgovEdcrNotification_EdcrMailPassword) + if EgovEdcrNotification_EdcrMailPassword != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EgovEdcrNotification_EdcrMailPassword + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EdcrMailPassword + } + fmt.Println("Enter EgovEdcrNotification_EdcrSmsUsername:") + fmt.Scanln(&EgovEdcrNotification_EdcrSmsUsername) + if EgovEdcrNotification_EdcrSmsUsername != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EgovEdcrNotification_EdcrSmsUsername + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EdcrSmsUsername + } + fmt.Println("Enter EgovEdcrNotification_EdcrSmsPassword:") + fmt.Scanln(&EgovEdcrNotification_EdcrSmsPassword) + if EgovEdcrNotification_EdcrSmsPassword != "" { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EgovEdcrNotification_EdcrSmsPassword + } else { + sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EdcrSmsPassword + } + fmt.Println("Enter Chatbot_ValuefirstUsername:") + fmt.Scanln(&Chatbot_ValuefirstUsername) + if Chatbot_ValuefirstUsername != "" { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = Chatbot_ValuefirstUsername + } else { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = ValuefirstUsername + } + fmt.Println("Enter Chatbot_ValuefirstPassword:") + fmt.Scanln(&Chatbot_ValuefirstPassword) + if Chatbot_ValuefirstPassword != "" { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = Chatbot_ValuefirstPassword + } else { + sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = ValuefirstPassword + } + fmt.Println("Enter EgovUserChatbot_CitizenLoginPasswordOtpFixedValue:") + fmt.Scanln(&EgovUserChatbot_CitizenLoginPasswordOtpFixedValue) + if EgovUserChatbot_CitizenLoginPasswordOtpFixedValue != "" { + sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = EgovUserChatbot_CitizenLoginPasswordOtpFixedValue + } else { + sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = CitizenLoginPasswordOtpFixedValue + } + fmt.Println("Enter Oauth2Proxy_ClientID:") + fmt.Scanln(&Oauth2Proxy_ClientID) + if Oauth2Proxy_ClientID != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = Oauth2Proxy_ClientID + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = ClientID + } + fmt.Println("Enter Oauth2Proxy_ClientSecret:") + fmt.Scanln(&Oauth2Proxy_ClientSecret) + if Oauth2Proxy_ClientSecret != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = Oauth2Proxy_ClientSecret + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = ClientSecret + } + fmt.Println("Enter Oauth2Proxy_CookieSecret:") + fmt.Scanln(&Oauth2Proxy_CookieSecret) + if Oauth2Proxy_CookieSecret != "" { + sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = Oauth2Proxy_CookieSecret + } else { + sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = CookieSecret + } + secretsmar, err := yaml.Marshal(&sec) + if err != nil { + log.Printf("%v", err) + + } + secFilename := fmt.Sprintf("../../config-as-code/environments/%s-secrets.yaml", cluster_name) + err = ioutil.WriteFile(secFilename, secretsmar, 0644) + if err != nil { + log.Printf("%v", err) + } +} \ No newline at end of file diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go new file mode 100644 index 0000000000..bfa7667f1d --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go @@ -0,0 +1,319 @@ +package main + +import ( + "bytes" + "container/list" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "os" + "os/exec" + "strings" + s "strings" + + "github.com/manifoldco/promptui" + "gopkg.in/yaml.v2" +) + +var Reset = "\033[0m" +var Red = "\033[31m" +var Green = "\033[32m" +var Yellow = "\033[33m" +var Blue = "\033[34m" +var Purple = "\033[35m" +var Cyan = "\033[36m" +var Gray = "\033[37m" +var White = "\033[97m" + +// Defining a struct to parse the yaml file +type Digit struct { + Version string `yaml:"version"` + Modules []struct { + Name string `yaml:"name"` + Services []string `yaml:"services"` + Dependencies []string `yaml:"dependencies,omitempty"` + } `yaml:"modules"` +} + +type Set struct { + set map[string]bool +} + +func NewSet() *Set { + return &Set{make(map[string]bool)} +} +func (set *Set) Add(i string) bool { + _, found := set.set[i] + set.set[i] = true + return !found //False if it existed already +} +func (set *Set) Get(i string) bool { + _, found := set.set[i] + return found +} + +func main() { + var versionfiles []string + var envfiles []string + var modules []string + var selectedMod []string + svclist := list.New() + set := NewSet() + var argStr string = "" + var releaseChartDir string = "../../config-as-code/product-release-charts/" + + fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") + const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." + // Get the Proceedual of the user + fmt.Println(string(Cyan), sPreReq) + //var proceedQuestion string + preReqConfirm := []string{"Yes", "No"} + var proceed string = "" + proceed, _ = sel(preReqConfirm, "Are you good to proceed?") + if proceed == "Yes" { + contextset := setClusterContext() + if contextset { + // Get the versions from the chart and display it to user to select + file, err := os.Open(releaseChartDir) + if err != nil { + log.Fatalf("failed opening directory: %s", err) + } + defer file.Close() + + prodList, _ := file.Readdirnames(0) // 0 to read all files and folders + + var product string = "" + product, _ = sel(prodList, "Which Product would you like to install, Please Select") + if product != "" { + files, err := ioutil.ReadDir(releaseChartDir + product) + if err != nil { + log.Fatal(err) + } + + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) + } + var version string = "" + version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") + if version != "" { + argFile := releaseChartDir + product + "/dependancy_chart-" + version + ".yaml" + + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Reading file =>", argFile, err) + return + } + + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) + if err != nil { + fmt.Println("\n\tERROR: Parsing => ", argFile, err) + return + } + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) + } + } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } + + } + } + + envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/environments/") + if err != nil { + log.Fatal(err) + } + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") && !s.Contains(filename, ".DS_Store") { + log.Println(filename) + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } + } + + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") + if env != "" { + confirm := []string{"Yes", "No"} + + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") + + if preview == "Yes" { + fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") + err := execCommand(previewDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } + + } + } + } + } + } + } + } + fmt.Println("") + endScript() +} + +func getService(fullChart Digit, service string, set Set, svclist *list.List) { + for _, s := range fullChart.Modules { + if s.Name == service { + if set.Add(service) { + svclist.PushFront(service) //Add services into the list + if s.Dependencies != nil { + for _, deps := range s.Dependencies { + getService(fullChart, deps, set, svclist) + } + } + } + } + } +} + +func execCommand(command string) error { + var err error + parts := strings.Fields(command) + //log.Println("Printing full command part", parts) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + cmd := exec.Command(head, args...) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func setClusterContext() bool { + var contextset bool = false + var kubeconfig string = "kubeConfig" + + validatepath := func(input string) error { + _, err := os.Stat(input) + if os.IsNotExist(err) { + return errors.New("The File does not exist in the given path") + } + return nil + } + + validatepath(kubeconfig) + + //kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") + + if kubeconfig != "" { + getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) + err := execCommand(getcontextcmd) + if err == nil { + context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") + if context != "" { + usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) + err := execCommand(usecontextcmd) + if err == nil { + contextset = true + } + } + } + } + return contextset +} + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank You!!!") + return +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go new file mode 100644 index 0000000000..75dd8726fd --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go @@ -0,0 +1,893 @@ +package main + +import ( + "bytes" + "container/list" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "os" + "os/exec" + "strconv" + "strings" + + "github.com/jcelliott/lumber" + "github.com/manifoldco/promptui" + "golang.org/x/crypto/ssh" + yaml "gopkg.in/yaml.v3" + + //"bufio" + "deployer/configs" + "encoding/json" +) + +var cloudTemplate string // Which terraform template to choose +var repoDirRoot string +var selectedMod []string +var Flag string +var db_pswd string +var sshFile string +var cluster_name string +var SecretConfig map[string]string + +var Reset = "\033[0m" +var Red = "\033[31m" +var Green = "\033[32m" +var Yellow = "\033[33m" +var Blue = "\033[34m" +var Purple = "\033[35m" +var Cyan = "\033[36m" +var Gray = "\033[37m" +var White = "\033[97m" + +//Defining a struct to parse the yaml file +type Digit struct { + Version string `yaml:"version"` + Modules []struct { + Name string `yaml:"name"` + Services []string `yaml:"services"` + Dependencies []string `yaml:"dependencies,omitempty"` + } `yaml:"modules"` +} + +type Set struct { + set map[string]bool +} + +func NewSet() *Set { + return &Set{make(map[string]bool)} +} +func (set *Set) Add(i string) bool { + _, found := set.set[i] + set.set[i] = true + return !found //False if it existed already +} +func (set *Set) Get(i string) bool { + _, found := set.set[i] + return found +} + +func main() { + + var optedInfraType string // Infra types supported to deploy DIGIT + var servicesToDeploy string // Modules to be deployed + var number_of_worker_nodes int = 1 // No of VMs for the k8s worker nodes + var optedCloud string // Desired InfraType to deploy + var cloudLoginCredentials bool // Is there a valid cloud account and credentials + var isProductionSetup bool = false + + infraType := []string{ + "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", + "1. Pilot/POC (Just for a POC to Quickstart and explore)", + "2. DevTest Setup (To setup and build/customize and test)", + "3. Production: Bare Minimal (90% reliability), 10 gov services, 10 concurrent users/sec", + "4. Production: Medium (95% reliability), 50+ concurrent gov services 100 concurrent users/sec", + "5. Production: HA/DRS Setup (99.99% reliability), 50+ concurrent gov services 1000 concurrent users/sec", + "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} + + cloudPlatforms := []string{ + "0. Local machine/Your Existing VM", + "1. AWS-EC2 - Quickstart with a Single EC2 Instace on AWS", + "2. On-prem/Private Cloud - Quickstart with Single VM", + "3. AWS-EKS - Production grade Elastic Kubernetes Service (EKS)", + "4. AZURE-AKS - Production grade Azure Kubernetes Service (AKS)", + "5. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", + "6. On-prem/Privare Cloud - Production grade Kubernetes Cluster Setup"} + + fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n *********\n https://docs.digit.org/Infra-calculator\n") + const sPreReq = "Pre-requsites (Please Read Carefully):\n\tDIGIT comprises of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup a kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[Option a] Local/VM: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." + fmt.Println(string(Cyan), sPreReq) + + preReqConfirm := []string{"Yes", "No"} + var proceed string = "" + proceed, _ = sel(preReqConfirm, "Are you good to proceed?") + if proceed == "Yes" { + optedInfraType, _ = sel(infraType, "Select the below suitable infra option for your usecase") + switch optedInfraType { + case infraType[0]: + number_of_worker_nodes = 0 + case infraType[1]: + number_of_worker_nodes = 1 + case infraType[2]: + number_of_worker_nodes = 1 + case infraType[3]: + number_of_worker_nodes = 3 //TBD + isProductionSetup = true + case infraType[4]: + number_of_worker_nodes = 4 //TBD + isProductionSetup = true + case infraType[5]: + number_of_worker_nodes = 5 //TBD + case infraType[6]: + number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) + isProductionSetup = true + default: + number_of_worker_nodes = 0 + } + + servicesToDeploy = selectGovServicesToInstall() + + optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") + + switch optedCloud { + case cloudPlatforms[1]: + var optedAccessType string + var aws_access_key string + var aws_secret_key string + var aws_session_key string + + cloudTemplate = "quickstart-aws-ec2" + + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} + optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") + + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + + if optedAccessType == "Temprory Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + fmt.Println("\nInput the AWS Session Token") + fmt.Scanln(&aws_session_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") + } else if optedAccessType == "Root Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") + } else { + cloudLoginCredentials = awslogin("", "", "", "") + fmt.Println("Proceeding with the existing AWS profile configured") + } + case cloudPlatforms[2]: + //TBD + + case cloudPlatforms[3]: + var optedAccessType string + var aws_access_key string + var aws_secret_key string + var aws_session_key string + Flag = "aws" + cloudTemplate = "sample-aws" + + accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} + optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") + + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + + if optedAccessType == "Temprory Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + fmt.Println("\nInput the AWS Session Token") + fmt.Scanln(&aws_session_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") + } else if optedAccessType == "Root Admin" { + + fmt.Println("Input the AWS access key id") + fmt.Scanln(&aws_access_key) + + fmt.Println("\nInput the AWS secret key") + fmt.Scanln(&aws_secret_key) + + cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") + } else { + cloudLoginCredentials = awslogin("", "", "", "") + fmt.Println("Proceeding with the existing AWS profile configured") + } + + case cloudPlatforms[4]: + cloudTemplate = "sample-azure" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + azure_username := enterValue(nil, "Please enter your AZURE UserName") + azure_password := enterValue(nil, "Enter your AZURE Password") + cloudLoginCredentials = azurelogin(azure_username, azure_password) + + case cloudPlatforms[5]: + cloudTemplate = "sample-gcp" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + case cloudPlatforms[6]: + cloudTemplate = "sample-private-cloud" + fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + + default: + //fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") + //fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") + } + } + + if cloudLoginCredentials { + fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") + fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already\n") + + cluster_name = enterValue(nil, "How do you want to name the Cluster? eg: your-name_dev or your-name_poc") + + // fmt.Println("How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") + // fmt.Scanln(&cluster_name) + + repoDirRoot = "DIGIT-DevOps" + gitCmd := "" + _, err := os.Stat(repoDirRoot) + if os.IsNotExist(err) { + gitCmd = fmt.Sprintf("git clone -b release https://github.com/egovernments/DIGIT-DevOps.git %s", repoDirRoot) + } else { + gitCmd = fmt.Sprintf("git -C %s pull", repoDirRoot) + } + execCommand(gitCmd) + + if !isProductionSetup { + + sshFile = "./digit-ssh.pem" + var keyName string = "digit-aws-vm" + pubKey, _, err := GetKeyPair(sshFile) + // to pick public ip and private ip from terraform state + + if err != nil { + log.Fatalf("Failed to generate SSH Key %s\n", err) + } else { + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) + + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) + + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) + //taking public ip and private ip from terraform.tfstate + quickState, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/quickstart-aws-ec2/terraform.tfstate") + if err != nil { + log.Printf("%v", err) + } + var quick configs.Quickstart + err = json.Unmarshal(quickState, &quick) + //publicip + ip := quick.Outputs.PublicIP.Value + //privateip + privateip := quick.Resources[0].Instances[0].Attributes.PrivateIP + createK3d(cluster_name, ip, keyName, privateip) + changePrivateIp(cluster_name, privateip) + + } + + } else { + db_pswd = enterValue(nil, "What should be the database password to be created, it should be 8 char min") + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) + + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) + + execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) + + //calling funtion to write config file + Configsfile() + //calling function to create secret file + envSecretsFile() + + } + } + contextset := setClusterContext() + if contextset { + deployCharts(servicesToDeploy, cluster_name) + } + + //terraform output to a file + //replace the env values with the tf output + //save the kubetconfig and set the currentcontext + //set dns in godaddy using the api's + fmt.Println("") + endScript() +} + +func getService(fullChart Digit, service string, set Set, svclist *list.List) { + for _, s := range fullChart.Modules { + if s.Name == service { + if set.Add(service) { + svclist.PushFront(service) //Add services into the list + if s.Dependencies != nil { + for _, deps := range s.Dependencies { + getService(fullChart, deps, set, svclist) + } + } + } + } + } +} + +// create a cluster in vm +func createK3d(clusterName string, publicIp string, keyName string, privateIp string) { + commands := []string{ + "mkdir ~/kube && sudo chmod 777 ~/kube", + "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", + } + createClusterCmd := fmt.Sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) + command := fmt.Sprintf("%s&&%s&&%s", commands[0], createClusterCmd, commands[1]) + execRemoteCommand("ubuntu", publicIp, sshFile, command) + copyConfig := fmt.Sprintf("scp ubuntu@%s:%s_k3dconfig .", publicIp, clusterName) + execCommand(copyConfig) +} + +//changes the private ip in k3dconfig +func changePrivateIp(clusterName string, privateIp string) { + path := fmt.Sprintf("%s_k3dconfig", clusterName) + file, err := ioutil.ReadFile(path) + if err != nil { + log.Printf("%v", err) + } + var con configs.Config + err = yaml.Unmarshal(file, &con) + if err != nil { + log.Printf("%v", err) + } + server := fmt.Sprintf("https://%s:6550", privateIp) + con.Clusters[0].Cluster.Server = server + newfile, err := yaml.Marshal(&con) + if err != nil { + log.Printf("%v", err) + + } + err = ioutil.WriteFile("new_k3dconfig", newfile, 0644) + if err != nil { + log.Printf("%v", err) + } + +} + +func execCommand(command string) error { + var err error + parts := strings.Fields(command) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + + log.Println(string(Blue), " ==> "+command) + cmd := exec.Command(head, args...) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func setClusterContext() bool { + + validatepath := func(input string) error { + _, err := os.Stat(input) + if os.IsNotExist(err) { + return errors.New("The File does not exist in the given path") + } + return nil + } + + var kubeconfig string + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") + + if kubeconfig != "" { + getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) + err := execCommand(getcontextcmd) + if err == nil { + context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") + if context != "" { + usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) + err := execCommand(usecontextcmd) + if err == nil { + return true + } + } + } + } + return false +} + +func selectGovServicesToInstall() string { + + var versionfiles []string + var modules []string + svclist := list.New() + set := NewSet() + var argStr string = "" + var releaseChartDir string = "../../config-as-code/product-release-charts/" + + // Get the versions from the chart and display it to user to select + file, err := os.Open(releaseChartDir) + if err != nil { + log.Fatalf("failed opening directory: %s", err) + } + defer file.Close() + + prodList, _ := file.Readdirnames(0) // 0 to read all files and folders + + var optedProduct string = "" + optedProduct, _ = sel(prodList, "Choose the Gov stack services that you would you like to install") + + if optedProduct != "" { + files, err := ioutil.ReadDir(releaseChartDir + optedProduct) + if err != nil { + log.Fatal(err) + } + + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[strings.Index(name, "-")+1:strings.Index(name, ".y")]) + } + var version string = "" + version, _ = sel(versionfiles, "Which version of the selected product would like to install?") + if version != "" { + argFile := releaseChartDir + optedProduct + "/dependancy_chart-" + version + ".yaml" + + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Preparing required services details =>", argFile, err) + return "" + } + + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) + if err != nil { + fmt.Println("\n\tERROR: Sourcing the the gov services matrix for your requirement => ", argFile, err) + return "" + } + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) + } + } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT's Gov services that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, you can select multiple if you wish, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } + + } + } + } + } + } + return argStr +} + +func prepareDeploymentConfig(installType string) string { + + var targetConfig string = "" + + fmt.Sprintf("Now, you need to prepare the deployment configuration for the following infraType that you chose\n\t %s", installType) + + fmt.Sprintf("Prepare deployment configuration eessentially means the following, please read carefully and ensure it is available:\n\n\t 1. You need to specify your URL in which you want to application to be available\n\t 2. Depending the Gov services that you chose, following specific details should be configured\n\t\t\t 1. Notification services like SMS, Email, gateway details for OTPs, Notifications\n\t\t\t 2. Whatsapp Integration configuration for chartBot services\n\t\t\t 3. Payment Gateways if PT, TL services chosen for making the payment transactions\n\t\t\t 4. Google GeoCoding API credentials, for the location services\n\t\t\t 5.Your MDMS and configuration with your tenant and role access details\n\t 3. Your DB details \n\t 4. As per your Infra type and the actual cloud resource provisioning the Disk volumes should be mapped to the stateful services like ElasticService, Kafka, Zookeeper, etc") + + return targetConfig +} + +func deployCharts(argStr string, configFile string) { + + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", configFile, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + + confirm := []string{"Yes", "No"} + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") + if preview == "Yes" { + fmt.Println("That's cool... preview is getting loaded. Please review it and cross check the kubernetes manifests before the deployment") + err := execCommand(previewDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + endScript() + } + + } + +} + +func execRemoteCommand(user string, ip string, sshFileLocation string, command string) error { + var err error + sshPreFix := fmt.Sprintf("ssh %s@%s -i %s \"%s\" ", user, ip, sshFileLocation, command) + + cmd := exec.Command("sh", "-c", sshPreFix) + + log.Println(string(Blue), " ==> "+sshPreFix) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} +func execSingleCommand(command string) error { + var err error + + cmd := exec.Command("sh", "-c", command) + + log.Println(string(Blue), " ==> "+command) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +// Cloud cloudLoginCredentials functions +func awslogin(accessKey string, secretKey string, sessionToken string, profile string) bool { + + var cloudLoginCredentials bool = false + var awslogincommand string = "" + + if accessKey != "" && secretKey != "" && sessionToken == "" { + awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey) + } else if sessionToken != "" { + awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) + } else { + awsProf := "" + profile := "" + awsProf = fmt.Sprintf("aws configure list-profiles") + out, err := execCommandWithOutput(awsProf) + if err != nil { + log.Printf("%s", err) + } + profList := strings.Fields(out) + profile, _ = sel(profList, "choose the profile with right access") + awslogincommand = fmt.Sprintf("aws configure --profile %s set region \"ap-south-1\"", profile) + // execCommand(fmt.Sprintf("aws configure list")) + + } + + log.Println(awslogincommand) + err := execSingleCommand(awslogincommand) + if err == nil { + cloudLoginCredentials = true + } + return cloudLoginCredentials +} + +func azurelogin(userName string, password string) bool { + + var cloudLoginCredentials bool = false + if userName != "" && password != "" { + azurelogincommand := fmt.Sprintf("az cloudLoginCredentials -u %s -p %s", userName, password) + err := execCommand(azurelogincommand) + if err == nil { + cloudLoginCredentials = true + } + } + return cloudLoginCredentials +} + +// Input functions + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func addDNS(dnsDomain string, dnsType string, dnsName string, dnsValue string) bool { + + var headers string = "Authorization: sso-key 3mM44UcBKoVvB2_Xspi4jKZqJSQUkdouMV4Ck:3pzZiuUPNxzZKu2FfUD9Sm" + + dnsCommand := fmt.Sprintf("curl -X PATCH \"https://api.godaddy.com/v1/domains/%s/records -H %s -H Content-Type: application/json --data-raw [{\"data\":\"%s\",\"name\":\"%s\",\"type\":\"%s\"}]", dnsDomain, headers, dnsValue, dnsName, dnsType) + fmt.Println(dnsCommand) + err := execSingleCommand(dnsCommand) + if err == nil { + return true + } else { + return false + } +} + +func GetKeyPair(file string) (string, string, error) { + // read keys from file + _, err := os.Stat(file) + if err == nil { + priv, err := ioutil.ReadFile(file) + if err != nil { + lumber.Debug("Failed to read file - %s", err) + goto genKeys + } + pub, err := ioutil.ReadFile(file + ".pub") + if err != nil { + lumber.Debug("Failed to read pub file - %s", err) + goto genKeys + } + return string(pub), string(priv), nil + } + + // generate keys and save to file +genKeys: + pub, priv, err := GenKeyPair() + err = ioutil.WriteFile(file, []byte(priv), 0600) + if err != nil { + return "", "", fmt.Errorf("Failed to write file - %s", err) + } + err = ioutil.WriteFile(file+".pub", []byte(pub), 0644) + if err != nil { + return "", "", fmt.Errorf("Failed to write pub file - %s", err) + } + + return pub, priv, nil +} + +func GenKeyPair() (string, string, error) { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + return "", "", err + } + + privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)} + var private bytes.Buffer + if err := pem.Encode(&private, privateKeyPEM); err != nil { + return "", "", err + } + + // generate public key + pub, err := ssh.NewPublicKey(&privateKey.PublicKey) + if err != nil { + return "", "", err + } + + public := ssh.MarshalAuthorizedKey(pub) + return string(public), private.String(), nil +} + +// below function can be used to store output of command to variable +func execCommandWithOutput(command string) (string, error) { + + parts := strings.Fields(command) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + + log.Println(string(Blue), " ==> "+command) + cmd := exec.Command(head, args...) + out, err := cmd.Output() + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + if err != nil { + log.Fatalf("%s", err) + } + return string(out), err +} + +// write configs to environment file +func Configsfile() { + Confirm := []string{"Yes", "No"} + var out configs.Output + State, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/sample-aws/terraform.tfstate") + if err != nil { + log.Printf("%v", err) + } + err = json.Unmarshal(State, &out) + Config := make(map[string]interface{}) + Domain := enterValue(nil, "Enter a valid Domain name") + BranchName := enterValue(nil, "Enter Branch name") + Kvids := out.Outputs.KafkaVolIds.Value + Zvids := out.Outputs.ZookeeperVolumeIds.Value + Esdids := out.Outputs.EsDataVolumeIds.Value + Esmvids := out.Outputs.EsMasterVolumeIds.Value + con_branch := enterValue(nil, "Enter your configs git url") + mdms_branch := enterValue(nil, "Enter your mdms git url") + Config["Domain"] = Domain + Config["BranchName"] = BranchName + Config["db-host"] = out.Outputs.DbInstanceEndpoint.Value + Config["db_name"] = out.Outputs.DbInstanceName.Value + Config["configs-branch"]= con_branch + Config["mdms-branch"]= mdms_branch + println(out.Outputs.DbInstanceName.Value) + Config["file_name"] = cluster_name + smsproceed, _ := sel(Confirm, "Do You have your sms Gateway?") + if smsproceed == "Yes" { + SmsUrl := enterValue(nil, "Enter your SMS provider url") + SmsGateway := enterValue(nil, "Enter your SMS Gateway") + SmsSender := enterValue(nil, "Enter your SMS sender") + SmsUsername := enterValue(nil, "Enter EgovNotificationSms_Username") + + Config["sms-provider-url"] = SmsUrl + Config["sms-gateway-to-use"] = SmsGateway + Config["sms-sender"] = SmsSender + + SecretConfig["EgovNotificationSms_Username"]=SmsUsername + } + fileproceed, _ := sel(Confirm, "Do You need filestore?") + if fileproceed == "Yes" { + if Flag == "aws" { + bucket := enterValue(nil, "Enter the filestore bucket name") + Config["fixed-bucket"] = bucket + } + if Flag == "sdc" { + bucket := enterValue(nil, "Enter the filestore bucket name") + Config["fixed-bucket"] = bucket + } + } + botproceed, _ := sel(Confirm, "Do You need chatbot?") + configs.DeployConfig(Config, Kvids, Zvids, Esdids, Esmvids, selectedMod, smsproceed, fileproceed, botproceed, Flag) + +} + +// write to secrets +func envSecretsFile() { + generateSsh() + ssh := "" + ssh = fmt.Sprintf("cat private.pem") + Out, err := execCommandWithOutput(ssh) + if err != nil { + log.Printf("%s", err) + } + configs.SecretFile(cluster_name, Out,SecretConfig) +} + +// generate ssh key to configs file +func generateSsh() { + // generate key + privatekey, err := rsa.GenerateKey(rand.Reader, 2048) + if err != nil { + fmt.Printf("Cannot generate RSA keyn") + os.Exit(1) + } + publickey := &privatekey.PublicKey + + // dump private key to file + var privateKeyBytes []byte = x509.MarshalPKCS1PrivateKey(privatekey) + privateKeyBlock := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: privateKeyBytes, + } + privatePem, err := os.Create("private.pem") + if err != nil { + fmt.Printf("error when create private.pem: %s n", err) + os.Exit(1) + } + err = pem.Encode(privatePem, privateKeyBlock) + if err != nil { + fmt.Printf("error when encode private pem: %s n", err) + os.Exit(1) + } + + // dump public key to file + publicKeyBytes, err := x509.MarshalPKIXPublicKey(publickey) + if err != nil { + fmt.Printf("error when dumping publickey: %s n", err) + os.Exit(1) + } + publicKeyBlock := &pem.Block{ + Type: "PUBLIC KEY", + Bytes: publicKeyBytes, + } + publicPem, err := os.Create("public.pem") + if err != nil { + fmt.Printf("error when create public.pem: %s n", err) + os.Exit(1) + } + err = pem.Encode(publicPem, publicKeyBlock) + if err != nil { + fmt.Printf("error when encode public pem: %s n", err) + os.Exit(1) + } +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a good day !!!") + return +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod new file mode 100644 index 0000000000..4d7cba03c3 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod @@ -0,0 +1,20 @@ +module deployer + +go 1.13 + +require ( + github.com/bramvdbogaerde/go-scp v1.2.0 + github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 + github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a // indirect + github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a // indirect + github.com/manifoldco/promptui v0.9.0 + github.com/mattn/go-colorable v0.0.9 // indirect + github.com/mattn/go-isatty v0.0.4 // indirect + github.com/mitchellh/go-homedir v1.1.0 + github.com/spf13/cobra v0.0.5 + github.com/spf13/viper v1.6.1 + github.com/stretchr/testify v1.4.0 // indirect + golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a + gopkg.in/yaml.v2 v2.2.4 + gopkg.in/yaml.v3 v3.0.1 +) diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum new file mode 100644 index 0000000000..7b7cdac3d4 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum @@ -0,0 +1,206 @@ +cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= +github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= +github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/bramvdbogaerde/go-scp v1.2.0 h1:mNF1lCXQ6jQcxCBBuc2g/CQwVy/4QONaoD5Aqg9r+Zg= +github.com/bramvdbogaerde/go-scp v1.2.0/go.mod h1:s4ZldBoRAOgUg8IrRP2Urmq5qqd2yPXQTPshACY8vQ0= +github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= +github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= +github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= +github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= +github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= +github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= +github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= +github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= +github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= +github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= +github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= +github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= +github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= +github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= +github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= +github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= +github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= +github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= +github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= +github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= +github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= +github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 h1:EFT6MH3igZK/dIVqgGbTqWVvkZ7wJ5iGN03SVtvvdd8= +github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25/go.mod h1:sWkGw/wsaHtRsT9zGQ/WyJCotGWG/Anow/9hsAcBWRw= +github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= +github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= +github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= +github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= +github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= +github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= +github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= +github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= +github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= +github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= +github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= +github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= +github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= +github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= +github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= +github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= +github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= +github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= +github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= +github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= +github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= +github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= +github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= +github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= +github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= +github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= +github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= +github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= +github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= +github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= +github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= +github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= +github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= +github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= +github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= +go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= +golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= +golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= +golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= +golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= +golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= +golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea h1:+WiDlPBBaO+h9vPNZi8uJ3k4BkKQB7Iow3aqwHVA5hI= +golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= +golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= +google.golang.org/appengine v1.1.0 h1:igQkv0AAhEIvTEpD5LIpAfav2eeVO9HBTjvKHVJPRSs= +google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= +google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= +google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= +google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno= +gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= +gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= +gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md new file mode 100644 index 0000000000..f00d95b5e0 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md @@ -0,0 +1,14 @@ +# `/internal` + +Private application and library code. This is the code you don't want others importing in their applications or libraries. Note that this layout pattern is enforced by the Go compiler itself. See the Go 1.4 [`release notes`](https://golang.org/doc/go1.4#internalpackages) for more details. Note that you are not limited to the top level `internal` directory. You can have more than one `internal` directory at any level of your project tree. + +You can optionally add a bit of extra structure to your internal packages to separate your shared and non-shared internal code. It's not required (especially for smaller projects), but it's nice to have visual clues showing the intended package use. Your actual application code can go in the `/internal/app` directory (e.g., `/internal/app/myapp`) and the code shared by those apps in the `/internal/pkg` directory (e.g., `/internal/pkg/myprivlib`). + +Examples: + +* https://github.com/hashicorp/terraform/tree/master/internal +* https://github.com/influxdata/influxdb/tree/master/internal +* https://github.com/perkeep/perkeep/tree/master/internal +* https://github.com/jaegertracing/jaeger/tree/master/internal +* https://github.com/moby/moby/tree/master/internal +* https://github.com/satellity/satellity/tree/master/internal diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep new file mode 100644 index 0000000000..e69de29bb2 diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go new file mode 100644 index 0000000000..9031614abe --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go @@ -0,0 +1,22 @@ +/* +Copyright © 2019 NAME HERE + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ +package main + +import "deployer/cmd" + +func main() { + cmd.Execute() +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md new file mode 100644 index 0000000000..055207afc5 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md @@ -0,0 +1,58 @@ +# `/pkg` + +Library code that's ok to use by external applications (e.g., `/pkg/mypubliclib`). Other projects will import these libraries expecting them to work, so think twice before you put something here :-) Note that the `internal` directory is a better way to ensure your private packages are not importable because it's enforced by Go. The `/pkg` directory is still a good way to explicitly communicate that the code in that directory is safe for use by others. The [`I'll take pkg over internal`](https://travisjeffery.com/b/2019/11/i-ll-take-pkg-over-internal/) blog post by Travis Jeffery provides a good overview of the `pkg` and `internal` directories and when it might make sense to use them. + +It's also a way to group Go code in one place when your root directory contains lots of non-Go components and directories making it easier to run various Go tools (as mentioned in these talks: [`Best Practices for Industrial Programming`](https://www.youtube.com/watch?v=PTE4VJIdHPg) from GopherCon EU 2018, [GopherCon 2018: Kat Zien - How Do You Structure Your Go Apps](https://www.youtube.com/watch?v=oL6JBUk6tj0) and [GoLab 2018 - Massimiliano Pippi - Project layout patterns in Go](https://www.youtube.com/watch?v=3gQa1LWwuzk)). + +Note that this is not a universally accepted pattern and for every popular repo that uses it you can find 10 that don't. It's up to you to decide if you want to use this pattern or not. Regardless of whether or not it's a good pattern more people will know what you mean than not. It is a bit confusing for new Go devs, but it's a pretty simple confusion to resolve and that's one of the goals for this project layout repo. + +Ok not to use it if your app project is really small and where an extra level of nesting doesn't add much value (unless you really want to). Think about it when it's getting big enough and your root directory gets pretty busy (especially if you have a lot of non-Go app components). + +Examples: + +* https://github.com/gogs/gogs/tree/master/pkg +* https://github.com/prometheus/prometheus/tree/master/pkg +* https://github.com/jaegertracing/jaeger/tree/master/pkg +* https://github.com/istio/istio/tree/master/pkg +* https://github.com/google/gvisor/tree/master/pkg +* https://github.com/google/syzkaller/tree/master/pkg +* https://github.com/perkeep/perkeep/tree/master/pkg +* https://github.com/minio/minio/tree/master/pkg +* https://github.com/heptio/ark/tree/master/pkg +* https://github.com/argoproj/argo/tree/master/pkg +* https://github.com/heptio/sonobuoy/tree/master/pkg +* https://github.com/helm/helm/tree/master/pkg +* https://github.com/kubernetes/kubernetes/tree/master/pkg +* https://github.com/kubernetes/kops/tree/master/pkg +* https://github.com/moby/moby/tree/master/pkg +* https://github.com/grafana/grafana/tree/master/pkg +* https://github.com/influxdata/influxdb/tree/master/pkg +* https://github.com/cockroachdb/cockroach/tree/master/pkg +* https://github.com/derekparker/delve/tree/master/pkg +* https://github.com/etcd-io/etcd/tree/master/pkg +* https://github.com/oklog/oklog/tree/master/pkg +* https://github.com/flynn/flynn/tree/master/pkg +* https://github.com/jesseduffield/lazygit/tree/master/pkg +* https://github.com/gopasspw/gopass/tree/master/pkg +* https://github.com/sourcegraph/sourcegraph/tree/master/pkg +* https://github.com/sosedoff/pgweb/tree/master/pkg +* https://github.com/GoogleContainerTools/skaffold/tree/master/pkg +* https://github.com/knative/serving/tree/master/pkg +* https://github.com/grafana/loki/tree/master/pkg +* https://github.com/bloomberg/goldpinger/tree/master/pkg +* https://github.com/crossplaneio/crossplane/tree/master/pkg +* https://github.com/Ne0nd0g/merlin/tree/master/pkg +* https://github.com/jenkins-x/jx/tree/master/pkg +* https://github.com/DataDog/datadog-agent/tree/master/pkg +* https://github.com/dapr/dapr/tree/master/pkg +* https://github.com/cortexproject/cortex/tree/master/pkg +* https://github.com/dexidp/dex/tree/master/pkg +* https://github.com/pusher/oauth2_proxy/tree/master/pkg +* https://github.com/pdfcpu/pdfcpu/tree/master/pkg +* https://github.com/weaveworks/kured +* https://github.com/weaveworks/footloose +* https://github.com/weaveworks/ignite +* https://github.com/tmrts/boilr/tree/master/pkg + + + diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go new file mode 100644 index 0000000000..37a259d2b6 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go @@ -0,0 +1,262 @@ +package deployer + +import ( + "bytes" + "fmt" + "io/ioutil" + "log" + "os" + "os/exec" + "path/filepath" + "strings" +) + +// DeployCharts deploys render all charts using helm template and deploy them using kubectl apply --recursive +func DeployCharts(options Options) { + + configDir, _ := filepath.Abs(options.ConfigDir) + var helmDir = configDir + "/helm" + log.Println(configDir) + log.Println("Helm Directory - " + helmDir) + + index := buildIndex(helmDir) + envOverrideFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s.yaml", options.Environment)) + + if options.ClusterConfigs && !options.Print { + envSecretFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s-secrets.yaml", options.Environment)) + deployClusterConfigs(index, helmDir, envOverrideFile, envSecretFile) + } + + services := strings.Split(options.Images, ",") + for _, service := range services { + + var name, helmTemplate, args = "", "", make([]string, 0, 10) + + log.Printf("------------------------------------ DEPLOYING %s ------------------------------------", service) + repository, tag := getDockerComponents(service) + serviceChartDirectory, ok := index[repository] + + name = repository + args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) + args = append(args, fmt.Sprintf("--set name=%s", name)) + + if ok && serviceChartDirectory != "" { + log.Println(serviceChartDirectory) + } else { + log.Panicln("Service chart not found: " + repository) + } + + if tag == "" { + clusterImage := getImageTagFromCluster(name) + if clusterImage != "" { + _, tag = getDockerComponents(clusterImage) + args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) + args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) + log.Printf("Fetched image from cluster, %s:%s", repository, tag) + } + } else { + args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) + args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) + } + + altServiceOverrideFile := filepath.FromSlash(fmt.Sprintf(serviceChartDirectory+"/%s-values.yaml", name)) + if _, err := os.Stat(altServiceOverrideFile); err == nil { + args = append(args, fmt.Sprintf("-f %s", altServiceOverrideFile)) + log.Printf("Applying values from %s-values.yaml", name) + } + + helmDepUpdate := "helm dep update" + execCommand(helmDepUpdate, serviceChartDirectory) + + if !options.Print { + tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") + if err != nil { + log.Panicln("Cannot create temporary directory", err) + } + + deployCrds(serviceChartDirectory) + // Clean up folder after function exists + defer os.RemoveAll(tmpDir) + args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) + + log.Printf("Generating final manifests to directory : %s ", tmpDir) + helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) + execCommand(helmTemplate, serviceChartDirectory) + + log.Println("Applying manifests to the cluster ") + kubeApplyCmd := "kubectl apply --recursive -f ." + out := execCommand(kubeApplyCmd, tmpDir) + log.Println(out.String()) + + } else { + helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) + log.Printf("Executing %s", helmTemplate) + out := execCommand(helmTemplate, serviceChartDirectory) + fmt.Println(out.String()) + } + + } + +} + +func deployCrds(serviceChartDirectory string) { + crdsDirectory := serviceChartDirectory + string(os.PathSeparator) + "crds" + if _, err := os.Stat(crdsDirectory); err == nil { + log.Println("CRDS Directory found, applying CRDS!") + applyCrds := fmt.Sprintf("kubectl apply --recursive -f %s", serviceChartDirectory+string(os.PathSeparator)+"crds") + + out := execCommandRaw(applyCrds, serviceChartDirectory, false) + log.Println(out.String()) + } + +} + +func getImageTagFromCluster(service string) (tag string) { + kubectlGetImageCmd := fmt.Sprintf("kubectl get deployments -l app=%s --all-namespaces -o=jsonpath={.items[*].spec.template.spec.containers[:1].image}", service) + + output := execCommandRaw(kubectlGetImageCmd, "", true) + return output.String() + +} + +func deployClusterConfigs(index map[string]string, configDir string, envOverrideFile string, envSecretFile string) { + + log.Println("------------------------------------ DEPLOYING CLUSTER CONFIGS ------------------------------------") + clusterConfigDir, ok := index["cluster-configs"] + + if ok && clusterConfigDir != "" { + fmt.Println(clusterConfigDir) + } else { + log.Panicln("Cluster configs not found") + } + + var args = make([]string, 0, 10) + + args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) + + tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") + if err != nil { + log.Panicln("Failed to create temporary directory", err) + } + + tmpDecFile, err := ioutil.TempFile(tmpDir, "helm-dec-") + if err != nil { + log.Panicln("Failed to create temporary file", err) + } + // Clean up folder after function exists + defer os.RemoveAll(tmpDir) + args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) + fmt.Println("Before Trimming" + configDir) + + sopsDir := strings.Trim(configDir, "/helm") + fmt.Println("path to sops file: " + sopsDir) + if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { + fmt.Println("Sops file not found") + fmt.Println(err) + args = append(args, fmt.Sprintf("-f %s", envSecretFile)) + } else { + sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) + execCommand(sopsDecryptCmd, configDir) + args = append(args, fmt.Sprintf("-f %s", tmpDecFile.Name())) + } + + helmTemplate := fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) + log.Println(helmTemplate) + execCommand(helmTemplate, clusterConfigDir) + + kubeApplyCmd := "kubectl apply --recursive -f ." + out := execCommandRaw(kubeApplyCmd, tmpDir+string(os.PathSeparator)+"cluster-configs"+string(os.PathSeparator)+"templates", false) + log.Println(out.String()) +} + +func getDockerComponents(image string) (repository string, tag string) { + image = strings.Trim(strings.Replace(image, "-db:", ":", 1), " ") + components := strings.Split(image, ":") + + if len(components) == 2 { + tag = components[1] + } + + domainComponents := strings.Split(components[0], "/") + repository = domainComponents[len(domainComponents)-1] + + return +} + +func getServiceChartDirectory(baseDirectory string, service string) (serviceChartDirectory string, err error) { + + err = filepath.Walk(baseDirectory, + func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + if info.IsDir() && strings.EqualFold(info.Name(), service) { + serviceChartDirectory = path + } + return nil + }) + + return serviceChartDirectory, err +} + +func buildIndex(chartsDirectory string) (m map[string]string) { + m = make(map[string]string) + filepath.Walk(chartsDirectory, + func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + + if strings.Contains(info.Name(), "values.yaml") { + if strings.EqualFold(info.Name(), "values.yaml") { + addToMap(m, filepath.Base(filepath.Dir(path)), filepath.Dir(path)) + } else { + svc := strings.Replace(info.Name(), "-values.yaml", "", 1) + addToMap(m, svc, filepath.Dir(path)) + } + } + + return nil + }) + + return m + +} + +func addToMap(m map[string]string, k string, v string) { + if _, ok := m[k]; ok { + log.Printf("Duplicate service found %s! This will lead to undesired results, fix it! \n", k) + } + + m[k] = v +} + +func execCommand(command string, commandDirectory string) (out bytes.Buffer) { + return execCommandRaw(command, commandDirectory, false) +} + +func execCommandRaw(command string, commandDirectory string, suppressErrors bool) (out bytes.Buffer) { + var err error + parts := strings.Fields(command) + head := parts[0] + parts = parts[1:len(parts)] + + // fmt.Println(command) + cmd := exec.Command(head, parts...) + var output bytes.Buffer + var stderr bytes.Buffer + cmd.Stdout = &output + cmd.Stderr = &stderr + if commandDirectory != "" { + if _, err := os.Stat(commandDirectory); err == nil { + cmd.Dir = commandDirectory + } else { + log.Panicln("Error applying manifests ", err) + } + } + err = cmd.Run() + if err != nil && !suppressErrors { + log.Panicln(fmt.Sprint(err) + ": " + stderr.String()) + } + return output +} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go new file mode 100644 index 0000000000..fb56ca7032 --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go @@ -0,0 +1,38 @@ +package deployer + +type Options struct { + ConfigDir string + Images string + Environment string + ClusterConfigs bool + Print bool +} + +// func (o *Options) SetImages(images string) { +// o.images = images +// } + +// func (o Options) Images() string { +// return o.images + +// } + +// func (o Options) Environment() string { +// return o.environment + +// } + +// func (o Options) ClusterConfigs() bool { +// return o.clusterConfigs + +// } + +// func (o Options) DryRun() bool { +// return o.dryRun + +// } + +// func (o Options) Print() bool { +// return o.print + +// } diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go new file mode 100644 index 0000000000..6a6dc52a7b --- /dev/null +++ b/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go @@ -0,0 +1,317 @@ +package main + +import ( + "bytes" + "container/list" + "errors" + "fmt" + "io" + "io/ioutil" + "log" + "os" + "os/exec" + "strings" + s "strings" + + "github.com/manifoldco/promptui" + "gopkg.in/yaml.v2" +) + +var Reset = "\033[0m" +var Red = "\033[31m" +var Green = "\033[32m" +var Yellow = "\033[33m" +var Blue = "\033[34m" +var Purple = "\033[35m" +var Cyan = "\033[36m" +var Gray = "\033[37m" +var White = "\033[97m" + +//Defining a struct to parse the yaml file +type Digit struct { + Version string `yaml:"version"` + Modules []struct { + Name string `yaml:"name"` + Services []string `yaml:"services"` + Dependencies []string `yaml:"dependencies,omitempty"` + } `yaml:"modules"` +} + +type Set struct { + set map[string]bool +} + +func NewSet() *Set { + return &Set{make(map[string]bool)} +} +func (set *Set) Add(i string) bool { + _, found := set.set[i] + set.set[i] = true + return !found //False if it existed already +} +func (set *Set) Get(i string) bool { + _, found := set.set[i] + return found +} + +func main() { + var versionfiles []string + var envfiles []string + var modules []string + var selectedMod []string + svclist := list.New() + set := NewSet() + var argStr string = "" + var releaseChartDir string = "../../config-as-code/product-release-charts/" + + fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") + const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." + // Get the Proceedual of the user + fmt.Println(string(Cyan), sPreReq) + //var proceedQuestion string + preReqConfirm := []string{"Yes", "No"} + var proceed string = "" + proceed, _ = sel(preReqConfirm, "Are you good to proceed?") + if proceed == "Yes" { + contextset := setClusterContext() + if contextset { + // Get the versions from the chart and display it to user to select + file, err := os.Open(releaseChartDir) + if err != nil { + log.Fatalf("failed opening directory: %s", err) + } + defer file.Close() + + prodList, _ := file.Readdirnames(0) // 0 to read all files and folders + + var product string = "" + product, _ = sel(prodList, "Which Product would you like to install, Please Select") + if product != "" { + files, err := ioutil.ReadDir(releaseChartDir + product) + if err != nil { + log.Fatal(err) + } + + for _, f := range files { + name := f.Name() + versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) + } + var version string = "" + version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") + if version != "" { + argFile := releaseChartDir + product + "/dependancy_chart-" + version + ".yaml" + + // Decode the yaml file and assigning the values to a map + chartFile, err := ioutil.ReadFile(argFile) + if err != nil { + fmt.Println("\n\tERROR: Reading file =>", argFile, err) + return + } + + // Parse the yaml values + fullChart := Digit{} + err = yaml.Unmarshal(chartFile, &fullChart) + if err != nil { + fmt.Println("\n\tERROR: Parsing => ", argFile, err) + return + } + + // Mapping the images to servicename + var m = make(map[string][]string) + for _, s := range fullChart.Modules { + m[s.Name] = s.Services + if strings.Contains(s.Name, "m_") { + modules = append(modules, s.Name) + } + } + modules = append(modules, "Exit") + result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") + //if err == nil { + for result != "Exit" && err == nil { + selectedMod = append(selectedMod, result) + result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") + } + if selectedMod != nil { + for _, mod := range selectedMod { + getService(fullChart, mod, *set, svclist) + } + for element := svclist.Front(); element != nil; element = element.Next() { + imglist := m[element.Value.(string)] + imglistsize := len(imglist) + for i, service := range imglist { + argStr = argStr + service + if !(element.Next() == nil && i == imglistsize-1) { + argStr = argStr + "," + } + + } + } + + envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/environments/") + if err != nil { + log.Fatal(err) + } + for _, envfile := range envfilesFromDir { + filename := envfile.Name() + if !s.Contains(filename, "secrets") && !s.Contains(filename,".DS_Store") { + log.Println(filename) + envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) + } + } + + // Choose the env + var env string = "" + env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") + if env != "" { + confirm := []string{"Yes", "No"} + + var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) + var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) + + preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") + + if preview == "Yes" { + fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") + err := execCommand(previewDeployCmd) + if err == nil { + fmt.Println("You can now start actual deployment") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } else { + consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") + if consent == "Yes" { + fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") + err := execCommand(goDeployCmd) + if err == nil { + fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") + fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") + return + } else { + fmt.Println("Something went wrong, refer the error\n") + fmt.Println(err) + } + } + + } + } + } + } + } + } + } + fmt.Println("") + endScript() +} + +func getService(fullChart Digit, service string, set Set, svclist *list.List) { + for _, s := range fullChart.Modules { + if s.Name == service { + if set.Add(service) { + svclist.PushFront(service) //Add services into the list + if s.Dependencies != nil { + for _, deps := range s.Dependencies { + getService(fullChart, deps, set, svclist) + } + } + } + } + } +} + +func execCommand(command string) error { + var err error + parts := strings.Fields(command) + //log.Println("Printing full command part", parts) + // The first part is the command, the rest are the args: + head := parts[0] + args := parts[1:len(parts)] + // Format the command + cmd := exec.Command(head, args...) + + var stdoutBuf, stderrBuf bytes.Buffer + cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) + cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) + + err = cmd.Run() + if err != nil { + log.Fatalf("cmd.Run() failed with %s\n", err) + } + return err +} + +func setClusterContext() bool { + var contextset bool = false + var kubeconfig string = "" + + validatepath := func(input string) error { + _, err := os.Stat(input) + if os.IsNotExist(err) { + return errors.New("The File does not exist in the given path") + } + return nil + } + + kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") + + if kubeconfig != "" { + getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) + err := execCommand(getcontextcmd) + if err == nil { + context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") + if context != "" { + usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) + err := execCommand(usecontextcmd) + if err == nil { + contextset = true + } + } + } + } + return contextset +} + +func sel(items []string, label string) (string, error) { + var result string + var err error + prompt := promptui.Select{ + Label: label, + Items: items, + Size: 30, + } + _, result, err = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result, err +} + +func enterValue(validate promptui.ValidateFunc, label string) string { + var result string + prompt := promptui.Prompt{ + Label: label, + Validate: validate, + } + result, _ = prompt.Run() + + //if err != nil { + // fmt.Printf("Invalid Selection %v\n", err) + //} + return result +} + +func endScript() { + fmt.Println("Take your time, You can come back at any time ... Thank You!!!") + return +} diff --git a/deploy-as-code/helm/environments/digit-lts-secrets.yaml b/deploy-as-code/helm/environments/digit-lts-secrets.yaml new file mode 100644 index 0000000000..30c722ee87 --- /dev/null +++ b/deploy-as-code/helm/environments/digit-lts-secrets.yaml @@ -0,0 +1,91 @@ +cluster-configs: + secrets: + #ENC[AES256_GCM,data:t9gJfeEA/w2/66EXW9thqVYaJu+V+jN5010zY60tmDMUvIE=,iv:zzT0SnoEhSIXb9kwHiyC4z8puy/elgTJLUfNtNkwgQY=,tag:I0ErW7LFz7xu2Oe1+Ow3lg==,type:comment] + db: + username: ENC[AES256_GCM,data:oOg/YdfqOYoz+JOqDw==,iv:lrnCSzZDyR9J+m5OHP7Br1rsJMHvc6CsSgMm8EE1As0=,tag:GltwQuo3KJiIqT5HgiN6WA==,type:str] + #ENC[AES256_GCM,data:vBlfJyw6hA1FpmC+L+ChAJh09cJNc7XYi9L9Y8DzjA==,iv:a0A/52Zw4S+Yg99n5tX2AvZ2aB307Te+siaCSmYH3gg=,tag:08k4a5hX3KbHi1iSkVD8wQ==,type:comment] + password: ENC[AES256_GCM,data:YeK7R4Opyd9GDw==,iv:cbSXf+s5cG1n5UlAXZ3/+FzHooGyPOg3MhZvpzxHX0A=,tag:a/5L8/8DmAb3YzpeHXqfSg==,type:str] + flywayUsername: ENC[AES256_GCM,data:CWJbuQiNX+6opnijuQ==,iv:Ko+TgKZG41MFJiE1LAOLTq7HATqFClcLbbvG2F7M6Co=,tag:7vgP3/Od8bXGqpJy2kPx0Q==,type:str] + #ENC[AES256_GCM,data:vBlfJyw6hA1FpmC+L+ChAJh09cJNc7XYi9L9Y8DzjA==,iv:a0A/52Zw4S+Yg99n5tX2AvZ2aB307Te+siaCSmYH3gg=,tag:08k4a5hX3KbHi1iSkVD8wQ==,type:comment] + flywayPassword: ENC[AES256_GCM,data:xEauLrWpa/cp6g==,iv:TvGCf0UZGTKasTGx9ILeuyeQKXrgzqSQ/kv1X5Ufqtk=,tag:98pIqHW7ns1jt1ax9+aM1w==,type:str] + #ENC[AES256_GCM,data:COeSC0wn0WO1GB9ds7De8MnoWRPTRdszdRoNG1r/ljL+qqyts9GKhh72ApFn22+otr8mh0/t5+RLpvO68po=,iv:v9mOmr0CF3016gZEKYGsq3Ldl/ffimJo4r+URHzIPq0=,tag:siuYXC1KeF715GsoyQ6W5Q==,type:comment] + egov-notification-sms: + username: ENC[AES256_GCM,data:RwfYWA==,iv:rfQeqRB4P3Wn95UWdQhj69hQAaOY85v87FGAIU+PU9Y=,tag:veNKZG4DUZ2LlKqk4mqxng==,type:str] + password: ENC[AES256_GCM,data:SOjqKw==,iv:WxuL37b7r1F08Zftxvc290uud7aqbhDhyHzGtArTkiI=,tag:n3Dp2hmFlFMymLr8crpUrA==,type:str] + #ENC[AES256_GCM,data:jd2wusYzkI4vU531dUfGVEPXnje0PQFLuq0wNcyQ7jm3yj4zf1SuspT2eVykbe/CmCKXmvqgHrGh9um/zO4o8vKkZw2ceIM2aIJ7eSOvkUT0yrzIAhIY43hFQSbTdX1K,iv:fHQaPxX/HGpPSjzBxCnrR81tXuAl+pYFrkiHIFF7f4I=,tag:NFgO2B7hy1VbFxtr/NC6bA==,type:comment] + egov-filestore: + aws-key: ENC[AES256_GCM,data:EcAYQuerKq65rw==,iv:WX23RCCl/cNm8ZBJY0QGcFi1tqbmctTqljgUeeDEah8=,tag:68ZwiwiccmgolSNhOwkJWw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:fwF1TTuOBeWfkA==,iv:rV5gsQCA0gS85j5LpZXDu6xzcXvzbgc1YYi/4YYKcew=,tag:w9SKsUB0UDJET2PIhzjIOw==,type:str] + #ENC[AES256_GCM,data:OOXKAovA5EbWRK6Fu+jWvantUnh3o9m4NUCEcZdpsS7CD/0KHdPIUvNuwg==,iv:YRzlLqKwlLDTgRykledCVDdKbRoxGsvSSvIP3k6jxQ0=,tag:PYa4m1SEcKSZPB1oBtTnCg==,type:comment] + egov-location: + gmapskey: ENC[AES256_GCM,data:KHlI/Z1q9Oeqg1pYiEzeOYMn5w==,iv:0xvAiDB90wxs1Vesmh1fzHIZKSZnCHE/GqpACkfAL6Y=,tag:pMlGJYUhvH64gxGnoITCZg==,type:str] + #ENC[AES256_GCM,data:5GVggBFuRxTAfYqeh46nu/o/ULpqtl88gEn6/UbG66qEboacN0Nkn+H9RSvH/nVvkE2I7A==,iv:TVQL/NlYETgrvIMg2aJGQGwejd8u1Ri5t3QsFIKDy9s=,tag:0YSiNzExhF7+Fc4mqHBZpQ==,type:comment] + egov-pg-service: + axis-merchant-id: ENC[AES256_GCM,data:f5HNJQ==,iv:/WEsyCC2es41GXXvA/72ri4eSh9m1P/1db8B3oMO3iA=,tag:Qr/ahfA031pF/N+0a++96A==,type:str] + axis-merchant-secret-key: ENC[AES256_GCM,data:hjJzTA==,iv:gvfsSkmOfvBpl+gHbUzPIUuOzetM6FUMdGEZNXEsU8M=,tag:Dn3fBrBqLFTH6AuQwROQ9A==,type:str] + axis-merchant-user: ENC[AES256_GCM,data:WuCWZw==,iv:bmuzydsWirB4dymVKFEsH9CHyiZu/Y2y3GHDULSeeFs=,tag:IkHgl+VvZK7Q1N+TRJmDqg==,type:str] + axis-merchant-pwd: ENC[AES256_GCM,data:67NyMg==,iv:yaJomhh5ydukds+WyYPOvUA/+1gvKWVbuG9KkW8hHG8=,tag:glsFjGcV4YOLlqPd6GkgeQ==,type:str] + axis-merchant-access-code: ENC[AES256_GCM,data:NSQfRg==,iv:DjEusx94UY+Jx8cZ+GXDhVhwmicxYFd2iFzKAxtm00c=,tag:nGZrc8XHpbfGnLQ9gOBSlg==,type:str] + payu-merchant-key: ENC[AES256_GCM,data:PPmmPw==,iv:ONJRa+9GIxe2gZhvMT0QhlNsuaOswZksFA02rSCgmW8=,tag:gbbAMA2rFaT9hLS0z3dLGg==,type:str] + payu-merchant-salt: ENC[AES256_GCM,data:L1lVAw==,iv:pDGjp2qR5TSAlijKydRQ8mM/YriSZpvWEM3sVtXtiX4=,tag:aPvs8CrLb6HAK3EQZeF3Ig==,type:str] + #ENC[AES256_GCM,data:XxmMCpeAe4FthzQwWXKyrn+AiZH4c1bCyvHLuoJxOYmLsRNg,iv:vi6Gg5LOnxWq4iAnaedKCvgO+XdhQxSydIjC4Q3hiZw=,tag:SM4vVfTzZ/c1WGZl49XZ5A==,type:comment] + pgadmin: + admin-email: ENC[AES256_GCM,data:DdTUwE+7FrhqNrSUUQ==,iv:y44I/4P4W6tQQJf7OSeyWvZ0pyd80KN8CMrOsZqBG2I=,tag:bVIJVg2gQczKrYKrutd+Ig==,type:str] + admin-password: ENC[AES256_GCM,data:2nRnEQ==,iv:/EqIqlnZDyVIjSq/CNqgSkfKvqqRg1EWIXedprfthaw=,tag:F5k20b4ZV2WZB/d9qwOboA==,type:str] + read-email: ENC[AES256_GCM,data:A8nVcaZ3OTtYX2wZxg==,iv:KMM4Ng0dRWn6AzNWvc4BxNlsvKFY8ilvL49HCX/6h4Y=,tag:gebSxXOgCO9ZGIu9YFr1fQ==,type:str] + read-password: ENC[AES256_GCM,data:fWXIAQ==,iv:kdCTc9NiOvNa8GPtZXQxon/c8QgCK8GSL59g/mS5ugo=,tag:RXcWqGWrz6XDE4k6hRyNpQ==,type:str] + #ENC[AES256_GCM,data:nwdv54JUpZt5q5tHTMn81ohMx6y/bq1II4lkXyALxH9LBILzgI9rMNc=,iv:UStbJ5zNA/K3NYe3wUKCFJTXi63d/CyjFApqmxwiYw0=,tag:jU/IOLTkCOJywrC9nigufQ==,type:comment] + egov-enc-service: + master-password: ENC[AES256_GCM,data:A5JNmg==,iv:z0eWePl9fHlgQ8nx0tO5EaQN/4rY2Zwf1oEV56IMV6M=,tag:5L6c3k4dq+e4lT2E2n2A/g==,type:str] + master-salt: ENC[AES256_GCM,data:DyF3jtd2AaA=,iv:UwerRonQaTIDQdjSoq9AlJrrmg0+mlU2Ap4h41hb8Mc=,tag:ggqGsoe6IlmhYoWu2POzNg==,type:str] + master-initialvector: ENC[AES256_GCM,data:UxiCA7J3telIh407,iv:BKjFp4505TAdYdLEXZG6tBn98T4FHOtl+cwv3P8mcZs=,tag:DDgN+nXtfcJZpz3fETwe0g==,type:str] + #ENC[AES256_GCM,data:pA7P6ZzdH9qaYfgfrhaI4DQZKCGDww5TWmUnOjSEor7JdmTQfS9bky3H+nQ3y25vH+UyT82TxQ2gX2oPdYg=,iv:T+VqnU8XO59kOuATynvTkBX1tVZj//DMrhGrAA0ghy4=,tag:hsKmvND4UZzlrgLQCUB1xQ==,type:comment] + egov-notification-mail: + mailsenderusername: ENC[AES256_GCM,data:pdoN0j7HsvOC,iv:KFDaQlHzDbppVc0JrokOk6zl6Er8jln8s9wCH0nx5lo=,tag:kcj4Ts0Yr69xR8jw2LXXQw==,type:str] + mailsenderpassword: ENC[AES256_GCM,data:daWyGg==,iv:BWe1H2pRIGmnwUGfSPMu0bOdkC0yQSr2FDLfGvJn5zU=,tag:OhR394GFmmvVKeJBXWXfbA==,type:str] + #ENC[AES256_GCM,data:9KTX/3XVOnYUEkm1JTtE2V2MY4ZRPIWT+eUGH5efWVMHcBotXKZUqgEhFGYW2iXj6SiBXzkNyo9coKSf3++IyAtHtfPN33s3boRxaBJD5fGg4BVnZfHy7pNQRRjqHLxRLP2cpv73tosiMUV7FJQTsbJThRVape/SRllp1jI8ZSo0HwqxFRn/2kCAZeqoNM6vkxFg0Ugb,iv:vEXZaEcvRLNQMmBqSwxJ8f10A2JojhfVPNdJiGRMxkw=,tag:SeKRT+zS6DlSRr6iFPHAOg==,type:comment] + git-sync: + ssh: ENC[AES256_GCM,data:gQVLjdq7Umlbeda7E+BL785krYlNpLRe+lOp71hYnYEOBfC5Qs7l9gKjQZ0x+J1D0icwj9Z0I9zgk6SBKe44ibKlWc1uHBzfRphzAvS4ih+b8rp2QiUpPh0HQ3tEYRBm5hAj3F/vDGzcSE4lG1xu0zQiX+kdqT5cXtza65ycieesOGR00yflR4jZQDSgKE6JG2kCvYXHG3EIb6lea6mavRWBKG5YHq6xfmKyf8/0myui8E6Sp32ixZGEVynTnfbqEuFajHD1beWTiBZbo9M6gyJyFmYl0+Z442ZgTJT1M1u1EZzRY2I6GKyatKehIoaeCsILeFK13IqyYCSq6wGeDMPuogWmsDZgUR5dBpqyHBIdLfuZH0PYfaLKGHOFgzCo4DuUc2iResO0C52bLhQ5tY1OA8euuF+6ojrVan5fmJQ/BR7XtkMfN/OboHhRh7zQi8INrnu4e0hb93vcaaJE637x7bA0QXGPbCcDkiCgPJx6iAWEljG90NSbmFwzghhJPyya2DyGQP/MjegloBx6PBvlLfLeRUxsMPbOaLh4SC1VbrGv1zvuAs2M9lOqXVc3rl4H279F0bBclVeLYz4wi0npkiwFhDexrbW/vOp85iitBnDfyyxUn2HRcmVkIuvsUdycqOCg3+hiHsRDUGfOWpuevOo1LV4d7C4PeHodcPg4pq6lIWGnfUKjaacVX+46/f0nTlBeoED1Lsrd4iFMU+8AxRKg36vENv0CsYt0uXXIVM3bte4cfh+vVDvKigdQ6owJRbp4mnfdT/ppiUyKlsya3fdjx6lKWz9c1Tu+eSevExgas1eiSsnxyn4EEmLKaboV/kIG8uSZ4eBO8Ne7oCwQBhblGNudB97YUrTGZ2rX87M5Wm1t2hPuEnD9KMI2XPSh03XYq44VQkWdaeciS2sSk0YNaXx9j8vU7+486YaII1ZOk5hBoU2Y6G0E7bHwSlRVA8tkT1haKB/Ev2jia1EjZxHsvLYwZYGmJH+0HndGi3xzZSkQCz9xS5EMEY2TIqyl3yApaHQEB9nhUKCVvWB3/nMyEVH+76dQr+dy8j4v7BLISYaDaryrhipz7UdpKJN9NHb012/Q6xBpWJwMiPsKwh83V0+MF0rBk1HBxoIaLPHgDtKDrOMRHHDtFT/PnaJklnlR3qWUaSuF+YA543vygqsb9JsvKNj1eH5wIEFWJSEJABqjsi4Uk79gqL89WRmhd8bBwPBxukbhrMNC8/RDLitp3ZbsaE/nmOUKiCnWXeEoqlbErODpfD2Lamf7hRmAc5DW8+YDE2ap3hdNrnTeWzW4u7oU0gGmDAReMTbaXWtkedHvVBI+e/TzG+3dnWHaSZE0f/mtREl2t8cCeUOKWLO7ZJNgO1Gy+HYdWE6j54gxMVhIfBEHOw8lcH+8p48ecPfbT8afqJaw/5txUoLxFmxFRM5qvK4KIOX+QNFf4dBdCoGRm2h1z3bqv5BJDSHz/2kNU+9MdpX6aZF6u/0pLNK6LHMQvXnzmMyz8zMTgAc4hpuB2iR8bLVdyC1KfX9S4cO6pm5VWSI6g1vu4zWXIHUmVDZH1lRjkeTH2iqWEkdZ3cYIeFTpEnFwrvrbiMCsOA0iCclaynCTboT7ltqccyPOpY39o9NsCuJV+QAcsGJKiNlFeDucUfOX/Gg/v7pD0HhMbna+e9/WkPReQjR2iA/zX81868+2avTlKjDO7QTXWH3RvBvu/LwA7EDk+M7GnKKvOfhvk+wHMqL+dAKKz31DkIhv9vwYl9uLIeF70jbnZfnALjyjAok8Xcee+zAyPfK8OrU23n1LgkhxZy0vOdh6gjSWcAhuxGfuloHvFcL4M7vhbHew1fb4+boZweG+SeDkLrquddvPvzQ0mQ1MPtUXKHRT6WjnqQA5gK42O/cP7cLXkg75Z5s2vQkEKWU6r9Aq6nB6kD5DOwEQ5k4dhDaW0QfYw066yDFTz2AdheYW6m5mXo558FokBNeS/talMnMXckbvHQYQI7Cb7Ix0bgTSUErwf96lUnOYeKC3te5Zgx3fjZOUsAptUAMA//I9C5JmEFlrznoH5dl8Jf2Jsq9BMnay6wF1Ln6GYCnrnnGGm/DSEMe4tbepzRIuhk6rYVDzYSFKcmufoTurxXuHaTrUkRskWzCVSpnYMraC0gV0ANS7ntUHbzsY3jtAYCXS76Tu028kUG8iFcXINYbG5MDMVp4ZD0rr3sQWBIvuJOi8dGg3QITsSQ==,iv:0qW6/vJJjzO42eT8ZLRBp9r6FaOGVHQyXbXq+AVMElc=,tag:WznlLE8q+Q0gmev9hhmwHw==,type:str] + known-hosts: ENC[AES256_GCM,data:Fk6rZyK9i+B3RyvXgO42YxFq3iJ/aRIaS9fKgXQBml5ucRBm8tazNQxKjWHZSCwuVYwbEWBtadFSohLDUbn4W0tuz1HWAe8krdNbwKvbSBZsncXAdrE/F1oDMeWYTMaZYQ4BJiy2mZTx8FIemWjf6Nk7eCSksItEQgwTdS8/aWIHUIfTHy6avlYvHf7UszuMiJHYUB4bTtpNUGTjkEQ6ztSMTUjNs9uNsNWxAHyDxYhACg+HQjHR3BPhbPnHkr0gfIMDsYwlbt0UJ467wS2bUpWad0pnRM4s9oZDczlOrPDj3EGApzs2JdF8hJXteuEJzCmiqeGCQElgz3Xr2mSU/YssQKmmUFf+K2YMcthABAK9K3NQmIMnK9asF1ETo2Rnp0QcGKzEPlr1KIaD4rABSthQwmLgQjsrO0j20dmL6jQZOZ/kfZPLEZXjShkBbNo2RzPZxmoziUq1xMCW+KexTi8lTPLNbJw619Og0V/En4QnkZKDde0EZFl6x2uMUehYemFSk0eAinu7zCHKAZwQ8Y1OemMh5U6+a9xu8elvAZq30zvvDs30AqeXzbf8F/PqoLYNtWt8xeir46x733E072G6rWwa1xtDyXQY3m2Gb88TflDL8WQabjZxklz2sT2QoaTQ/nu2gUZGFZ6gLKWuoD6w0pTF0taciTEjq+pewqIpFalZ6n/oW+qPkM+MAKP8sa9ZZ5COBaN5qmpKGVPOL5BaAGDn4MfbQqVMeJ/OmuSrgSA=,iv:zFWkVDxM9SIAeHwO6f4FaBREc5FwrELM7SRqaJ07Dg8=,tag:0mscqaJX/hIn3+QwMaUBZA==,type:str] + #ENC[AES256_GCM,data:B7wn3/uVKH1SdPqAks3ZE3qW+w==,iv:SfkeU0LEBDiBt03Slsg/MPsfUfaIrnApWqkqrf4V2u0=,tag:JDnabUeWAmVPUCAMlkjSLg==,type:comment] + kibana: + namespace: ENC[AES256_GCM,data:LWcx09e9or84DA==,iv:VLL7DRohzCjrpgTIIBxedmwgsze7/qsTfgS3pHN4gHc=,tag:lHJst25g70cT6xUx2sDMpw==,type:str] + credentials: ENC[AES256_GCM,data:YL/rBg==,iv:EQECqU7G6A0SIY1P+TO+GL1iTZ5FIdwoxc+ZI+SBF3E=,tag:p7X2axEAb3VZs+vzkfg6Ug==,type:str] + #ENC[AES256_GCM,data:Rk2hCopF7Z638986++Lwv7ivCQFWkiVYe89m1Q==,iv:/YZrFPSpIX2qEuOGRP/flkcrgJ7kFL9uzwCFk5A5EEE=,tag:LLO4Sw+Uew4Gt5U+KraG5Q==,type:comment] + egov-si-microservice: + si-microservice-user: ENC[AES256_GCM,data:ZmVyLA==,iv:0SNr254qJAvxQ7Fziz2E20VM7C0tPgBW+TL7UcZqzuY=,tag:PguxKTiK3tN2fZC+Tsykpg==,type:str] + si-microservice-password: ENC[AES256_GCM,data:K39xjg==,iv:UU7EMw6IAMV9Q4qdbauhaAVCIqvIbMMIIoQGcYNo9PU=,tag:dD69TQCEcueANE9emMTTtw==,type:str] + mail-sender-password: ENC[AES256_GCM,data:tuHacw==,iv:/Yncei2UhUHmGc3qJ4Lo2BVP4KJj2ToZ5KeFtDV00W4=,tag:C36Eurx4wZF6DqJpwJNAFA==,type:str] + #ENC[AES256_GCM,data:OTgdV8qljKw3GmkV5zL8FjSrLqyDL4Mb8A==,iv:7GkVYHL4SqCcO5Zs0swjCCY5hup+J13muxinT8T3ji0=,tag:RsRC4Bub4maUVPVLZMU5XQ==,type:comment] + egov-edcr-notification: + edcr-mail-username: ENC[AES256_GCM,data:pPt5GqEI6iWXzl01ow==,iv:lZAynBmXrLULpMRrrWHBnadCrmXz8Sx+JNjnglIhRM0=,tag:EJw3ojMFxOEqveEUnIpWPA==,type:str] + edcr-mail-password: ENC[AES256_GCM,data:b1b+3w==,iv:U6JyhW6RrQJHV8sDMm7A5g9PGdjT8SM6Gy+H+uLmIAs=,tag:JttvSZoYY/FdUX5WOPu/Ug==,type:str] + edcr-sms-username: ENC[AES256_GCM,data:7KsGRA==,iv:keP16abEyL+3Fdbd10eWQeVrZKSjGGGHi30UIezVbGA=,tag:sZK0iZG1TG7JfmBw/bW44A==,type:str] + edcr-sms-password: ENC[AES256_GCM,data:62BcWw==,iv:b6ENPEE2jKC35ezbOPa6C8iXJOMp/kXDvt/IJIE8WgM=,tag:IinlhXdzVU1VgxqE+niC4Q==,type:str] + #ENC[AES256_GCM,data:W0e3r0etWVlH0QI+9RffqzdPB90=,iv:JwcPcbmif77VSxyyXmy/5ST0xtIzoZTB6xEnzlGfXU0=,tag:YdFV+3xND8nulm1hwfmemA==,type:comment] + chatbot: + valuefirst-username: ENC[AES256_GCM,data:1hAcXA==,iv:BBcOvopGLAy/0Wexmjcwz/IwXTlaz0Hr8rccdVuEV0o=,tag:4gVfqJlTz6FYeCee3Yi2BA==,type:str] + valuefirst-password: ENC[AES256_GCM,data:x2Hwlw==,iv:TiAFLQCsZBUjhGPIcuGxyXYN+Jq/anoUymFSpVH4RTY=,tag:SC2J+Mv53Nj9vhg8QhKekQ==,type:str] + #ENC[AES256_GCM,data:Pl/yvZAS8Nd38ObMW7TTZxzIJWTW4Cr1uQ==,iv:+iPW3mYUb19YttELrflIbwGVEd4FjVSVoBfR9/mKKgI=,tag:J6z0v3nndx/qydi56YHArQ==,type:comment] + egov-user-chatbot: + citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:2DvsfMzK,iv:ZnCJ7taqMHB0UEn+pIuutkTyARoNou1b8PHJP4lR6nE=,tag:FCgwGxV0kKjEodv16a3CDQ==,type:str] + #ENC[AES256_GCM,data:Df0vhDOT+rD8wInrAvmRfDnZretYTIKod6CbCEhNO1utXcSNI4Kxan1lvcKAUzXLwdexcxlBQ1cz9dOSwsmn0dIma48/QIYsBaE+uw==,iv:+eoZdmE8QycoSPvf11lMwfiNuKgMYeQ21WAMga0zCug=,tag:phO0wdttfT0x+UxGYXbDYA==,type:comment] + oauth2-proxy: + clientID: ENC[AES256_GCM,data:ARheRw/79od970pH,iv:iT8fadkvYYMlXjGL6YE/KhC0+ObmrZgj6DLM8es5JGA=,tag:b/CDHOW/hQbRyihwL/6XoQ==,type:str] + clientSecret: ENC[AES256_GCM,data:RUQ/2BcXuqBAyHRICRAIyUHzFktPLPVhic/Fr2KHEdxh+hR8OQ==,iv:giFn3qOLIfKb3nd8syhVGc2a/19L6EI67YnXZSXb7mQ=,tag:/yyN+MwoXLIhZhH3aJZr9g==,type:str] + cookieSecret: ENC[AES256_GCM,data:1MBOoa/LoxiDqgnR3nvaIx6H9kPKX9n2,iv:7h987QeLUv6giHD1W0owR3eEtEarvvqp23FDs9SNMNQ=,tag:0bUmrq3u6AkKVwXkNZkMww==,type:str] +sops: + kms: + - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 + created_at: "2024-01-29T09:21:21Z" + enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFIjQWz7GpLKRwsnOtHWMRMAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMvrdVmxxnUIgRov7qAgEQgDsumS2ragjSfAwG5xBfEJgbY0SHmpoIHyNEWO2aixx7lL+PUb5ophQ0+dsY5sjdhHtr+xH0S92tZI8Fzg== + aws_profile: "" + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-01-29T09:24:47Z" + mac: ENC[AES256_GCM,data:/b/bQ05kfEEEh1Jj5K1pU3lisDZTwhD1UwoF/6tsVVDdj0hQChSpUtK33T2kgkXkYQeblS48SyOFQXvR8u8nZBAhGfNeQk7w05TclS/qQHg9qdFnDsv2pnQPEA6y43HROQHjqiJ2zUyUQGq14v42fAUYD4EUHfS/LtjG7OmCVDc=,iv:uYqPmpaGrHC2D7VoC7HyFm8207aE43ATFBHKyIsB/4s=,tag:4YS9TgUTgSbRwF5aQRdW7w==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-qa.yaml b/deploy-as-code/helm/environments/digit-lts.yaml similarity index 87% rename from deploy-as-code/helm/environments/unified-urban-qa.yaml rename to deploy-as-code/helm/environments/digit-lts.yaml index 270fe75c88..7a7a988948 100644 --- a/deploy-as-code/helm/environments/unified-urban-qa.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -1,28 +1,28 @@ global: - domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain + domain: digit-lts.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain setup: fullsetup cluster-configs: namespaces: create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] + values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] root-ingress: cert-issuer: letsencrypt-prod configmaps: egov-config: - namespace: [ monitoring, urban ] + namespace: [ egov, monitoring ] data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - state-level-tenant-id: "pg" + db-host: ## Add db-host name eg: egov-demo.database.azure.com + db-name: ## Add db-name + db-url: jdbc:postgresql:/// ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + domain: digit-lts.digit.org ## Add your Domain Name + egov-services-fqdn-name: https://digit-lts.digit.org/ ## Add your Domain Name + egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-upgrade" - es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" + es-host: "elasticsearch-data-v1.es-cluster" + es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 @@ -39,15 +39,14 @@ cluster-configs: tracer-errors-provideexceptionindetails: "true" egov-bnd-freedownload-tenants: "pg.testing" egov-bnd-live-citizen-tenants: "pg.testing" - egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe egov-service-host: - namespace: [ monitoring, urban ] + namespace: [ egov, monitoring ] data: asset-services: "http://asset-services:8080/" asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" + billing-service: "http://billing-service:8080/" + collection-services: "http://collection-services:8080/" collection-masters: "http://collection-masters:8080/" collection-search-indexer: "http://collection-search-indexer:8080/" citizen-indexer: "http://citizen-indexer:8080/" @@ -64,25 +63,25 @@ cluster-configs: egf-bill: "http://egf-bill:8080/" egov-enc-service: "http://egov-enc-service.egov:8080/" egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" + egov-accesscontrol: "http://egov-accesscontrol:8080/" + egov-user: "http://egov-user:8080/" egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" + egov-location: "http://egov-location:8080/" + egov-filestore: "http://egov-filestore:8080/" + egov-localization: "http://egov-localization:8080/" + egov-idgen: "http://egov-idgen:8080/" + egov-otp: "http://egov-otp:8080/" egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" + egov-mdms-service: "http://egov-mdms-service:8080/" egov-mdms-service-test: "http://egov-mdms-service-test:8080/" egov-mdms-create: "http://egov-mdms-create:8080/" egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" + egov-workflow: "http://egov-workflow:8080/" + egov-workflow-v2: "http://egov-workflow-v2:8080/" + egov-searcher: "http://egov-searcher:8080/" + egov-data-uploader: "http://egov-data-uploader:8080/" + egov-indexer: "http://egov-indexer:8080/" + egov-hrms: "http://egov-hrms:8080/" es-client: "http://elasticsearch-data-v1.es-cluster:9200" hr-masters: "http://hr-masters:8080/" hr-employee: "http://hr-employee:8080/" @@ -95,7 +94,7 @@ cluster-configs: lams-services: "http://lams-services:8080/" lcms-workflow: "http://lcms-workflow:8080/" lcms-services: "http://lcms-services:8080/" - location: "http://location.egov:8080/" + location: "http://location:8080/" performance-assessment: "http://performance-assessment:8080/" pt-property: "http://pt-property:8080/" pt-workflow: "http://pt-workflow:8080/" @@ -115,32 +114,31 @@ cluster-configs: tl-workflow: "http://tl-workflow:8080/" tl-indexer: "http://tl-indexer:8080/" tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" + user-otp: "http://user-otp:8080/" firenoc-services: "http://firenoc-services:8080/" firenoc-calculator: "http://firenoc-calculator:8080/" egov-apportion-service: "http://egov-apportion-service:8080/" bpa-services: "http://bpa-services.egov:8080/" bpa-calculator: "http://bpa-calculator.egov:8080/" rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.urban:8080/" - ws-services: "http://ws-services.urban:8080/" - sw-services: "http://sw-services.urban:8080/" - sw-calculator: "http://sw-calculator.urban:8080/" + ws-calculator: "http://ws-calculator.egov:8080/" + ws-services: "http://ws-services.egov:8080/" + sw-services: "http://sw-services.egov:8080/" + sw-calculator: "http://sw-calculator.egov:8080/" land-services: "http://land-services.egov:8080/" noc-services: "http://noc-services.egov:8080/" minio-url: "https://minio-uat.digit.org/" egov-user-chatbot: "http://egov-user-chatbot:8080/" zuul: "http://zuul:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" + egov-url-shortening: "http://egov-url-shortening:8080/" + fsm-calculator: "http://fsm-calculator.egov:8080/" + fsm: "http://fsm.egov:8080/" + vehicle: "http://vehicle.egov:8080" + vendor: "http://vendor.egov:8080" egov-edcr: "http://egov-edcr.egov:8080/" echallan-calculator: http://echallan-calculator.egov:8080/ echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" + inbox: "http://inbox.egov:8080/" turn-io-adapter: "http://turn-io-adapter.egov:8080/" pgr-services: "http://pgr-services.egov:8080/" birth-death-services: "http://birth-death-services.egov:8080/" @@ -167,8 +165,6 @@ citizen: ';" egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" @@ -178,22 +174,13 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: unified-uat-filestore ## Add filestore bucket name + fixed-bucketname: filestore bucket name ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring autocreate-new-seq: "true" -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" @@ -211,6 +198,9 @@ egov-notification-sms: sms-message-req-param-name: "message" sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" +postgres: + tag: "14" + egov-user: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi @@ -228,15 +218,6 @@ egov-user: egov-state-level-tenant-id: "in" decryption-abac-enabled: "false" -property-services: - replicas: 1 - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - chatbot: kafka-topics-partition-count: 3 kafka-topics-replication-factor: 2 @@ -259,9 +240,8 @@ chatbot: ws-services: - replicas: 1 + wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" is-external-workflow-enabled: "true" - water-decryption-abac-enabled: "true" bpa-services: memory_limits: 384Mi @@ -286,8 +266,6 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: - memory_limits: "512Mi" - heap: "-Xmx512m -Xms512m" replicas: 1 images: - egovio/egov-mdms-service @@ -306,7 +284,7 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" egov-persister: @@ -317,7 +295,7 @@ egov-persister: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch pgr-services: memory_limits: 512Mi @@ -326,28 +304,28 @@ egov-data-uploader: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch egov-searcher: search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch dashboard-analytics: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch dashboard-ingest: config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch # reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -368,14 +346,14 @@ report: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" pdf-service: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UAT" ##### Change repo branch with Your fork Repo branch data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" @@ -423,7 +401,6 @@ zuul: replicas: 1 custom-filter-property: "false" tracing-enabled: "true" - memory_limits: 768Mi heap: "-Xmx704m -Xms512m" server-tomcat-max-threads: "350" server-tomcat-max-connections: "1500" @@ -599,12 +576,12 @@ kafka-v2: persistence: enabled: true aws: - - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add respective zone. + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" heapOptions: "-Xms704M -Xmx704M" @@ -624,7 +601,7 @@ kafka-v2: ### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< kafka-connect: image: - tag: "5.4.1" + tag: latest # zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> @@ -634,12 +611,12 @@ zookeeper-v2: persistence: enabled: true aws: - - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone ## Zookeeper JVM Heap Option heapOptions: "-Xms256M -Xmx256M" @@ -659,12 +636,12 @@ elasticsearch-data-v1: persistence: enabled: true aws: - - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone esJavaOpts: "-Xmx1g -Xms1g" resources: @@ -684,12 +661,12 @@ elasticsearch-master-v1: persistence: enabled: true aws: - - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ##REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ##REPLACE: add zone + - volumeId: "" ## REPLACE: add volume id + zone: ## REPLACE: add zone esJavaOpts: "-Xmx448m -Xms448m" resources: diff --git a/deploy-as-code/helm/environments/egov-demo-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-secrets.yaml deleted file mode 100644 index 034cd8234d..0000000000 --- a/deploy-as-code/helm/environments/egov-demo-secrets.yaml +++ /dev/null @@ -1,76 +0,0 @@ -cluster-configs: - secrets: - db: # update the postgres db credentials - username: demo - password: demo - flywayUsername: demo - flywayPassword: demo - egov-notification-sms: # To work sms notification service add the sms provider details - username: demo - password: demo - egov-filestore: # To work Filestore service add the IAM user details which has access on the filestore s3 bucket. - aws-key: aswedfghew - aws-secret-key: xdefghgdxc - egov-location: # To work Location service add your gmap key - gmapskey: AIzaSyAQOd09-sdfegv - egov-pg-service: # To work pg service add your respective bank details - axis-merchant-id: demo - axis-merchant-secret-key: demo - axis-merchant-user: demo - axis-merchant-pwd: demo - axis-merchant-access-code: demo - payu-merchant-key: demo - payu-merchant-salt: demo - pgadmin: # To work pgadmin service add details - admin-email: demo@demo.com - admin-password: demo - read-email: demo@demo.com - read-password: demo - egov-enc-service: # To work egov-enc service add the details - master-password: demo - master-salt: q7.fr.cr - master-initialvector: 9J&asfgrU-H2 - egov-notification-mail: # To work mail notification service add respective mail details - mailsenderusername: demo@demo - mailsenderpassword: demo - git-sync: # To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. - ssh: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t - B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O - wvGNiLrSkqeKTbAflj/j1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG - Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A - Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ - dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 - z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn - woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA - AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP - 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK - U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb - xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc - kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa - RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA - 1RJ4Lxm9sGFuM1T - -----END RSA PRIVATE KEY----- - known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - kibana: # Add Kibana details - namespace: es-cluster - credentials: demo - egov-si-microservice: # Add finance service details - si-microservice-user: demo - si-microservice-password: demo - mail-sender-password: demo - egov-edcr-notification: # Add edcr service details - edcr-mail-username: demo@demo.com - edcr-mail-password: demo - edcr-sms-username: demo - edcr-sms-password: demo - chatbot: # Add chatbot details - valuefirst-username: demo - valuefirst-password: demo - egov-user-chatbot: # Add user chatbot details - citizen-login-password-otp-fixed-value: "546941" - oauth2-proxy: # To work oauth2-proxy service, create and add your github OAuth Apps details - clientID: qwgethjymnbv - clientSecret: 3a08079easd9d8055470475696fd3baad5292 - cookieSecret: QVbnq0L8npoyfxZs96wtBg== diff --git a/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml b/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml deleted file mode 100644 index 0c182e2de0..0000000000 --- a/deploy-as-code/helm/environments/egov-demo-template-secrets.yaml +++ /dev/null @@ -1,72 +0,0 @@ -cluster-configs: - secrets: - db: // Create postgres db user and mention the details - username: ## REPLACE: Needs be the DB username provisioned during infra provisioning step - password: ## REPLACE: DB password created during infra provisioning - flywayUsername: ## REPLACE: Same as DB username above - flywayPassword: ## REPLACE: Same as DB password above - egov-notification-sms: // To work sms notification service add the sms provider details - username: ## REPLACE - password: ## REPLACE - egov-filestore: // To work Filestore service add the IAM user details which has access on the filestore s3 bucket. - aws-key: ## REPLACE - aws-secret-key: ## REPLACE - egov-location: // To work Location service add your gmap key - gmapskey: ## REPLACE - egov-pg-service: ## To work pg service add your respective bank details - axis-merchant-id: demo ## REPLACE - axis-merchant-secret-key: demo ## REPLACE - axis-merchant-user: demo ## REPLACE - axis-merchant-pwd: demo ## REPLACE - axis-merchant-access-code: demo ## REPLACE - payu-merchant-key: demo ## REPLACE - payu-merchant-salt: demo ## REPLACE - pgadmin: ## To work pgadmin service add details - admin-email: demo@demo.com ## REPLACE - admin-password: demo ## REPLACE - read-email: demo@demo.com ## REPLACE - read-password: demo ## REPLACE - egov-enc-service: ## To work egov-enc service add the details - master-password: demo ## REPLACE if needed and store it somewhere safe - master-salt: q7.fr.cr ## REPLACE if needed and store it somewhere safe - master-initialvector: 9J&asfgrU-H2 ## REPLACE if needed and store it somewhere safe - egov-notification-mail: ## To work mail notification service add respective mail details - mailsenderusername: demo@demo ## REPLACE - mailsenderpassword: demo ## REPLACE - # Dummy key below. Replace with the user's private key below. The corresponding public key needs to be in GitHub SSH keys. - git-sync: ## REPLACE To clone the config and mdms repos, Create github user and add your ssh private key below. This private should have access to config and mdms repo. - ssh: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t - B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O - wvGNiLrSkqeKTbAflj/j1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG - Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A - Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ - dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 - z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn - woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA - AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP - 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK - U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb - xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc - kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa - RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA - 1RJ4Lxm9sGFuM1T - -----END RSA PRIVATE KEY----- - known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== - kibana: ## Add Kibana details - namespace: es-cluster - credentials: demo ##REPLACE: Combination of username and password. Generate these credentials and paste here - egov-si-microservice: ## Add finance service details - si-microservice-user: demo ##REPLACE - si-microservice-password: demo ##REPLACE - mail-sender-password: demo ##REPLACE - chatbot: ## Add chatbot details - valuefirst-username: demo ##REPLACE - valuefirst-password: demo ##REPLACE - egov-user-chatbot: ## Add user chatbot details - citizen-login-password-otp-fixed-value: "546941" ##REPLACE - oauth2-proxy: ## To work oauth2-proxy service, create and add your github OAuth Apps details - clientID: qwgethjymnbv - clientSecret: 3a08079easd9d8055470475696fd3baad5292 - cookieSecret: QVbnq0L8npoyfxZs96wtBg== diff --git a/deploy-as-code/helm/environments/egov-demo-template.yaml b/deploy-as-code/helm/environments/egov-demo-template.yaml deleted file mode 100644 index c1703a78a8..0000000000 --- a/deploy-as-code/helm/environments/egov-demo-template.yaml +++ /dev/null @@ -1,784 +0,0 @@ -global: - domain: ## REPLACE: Add your Domain Name Eg: site.mydomain.com - setup: fullsetup - -cluster-configs: - namespaces: ## Set true to create muliple namespaces - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: #Please have the output of the Kubernetes cluster infra provisioning step to fill in below values - data: - db-host: "" ## REPLACE:Add db-host name eg: egov-demo.database.azure.com - db-name: "" ## REPLACE: Add db-name. - db-url: "" ## REPLACE:example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "" ## REPLACE:Add your Domain Name - egov-services-fqdn-name: "https:///" ## REPLACE:Add your Domain Name - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "" ## REPLACE:Add s3-assets-bucket name. Create this separately before adding it here. This is tenant specific. - - ## Do not Change - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: ## Change only if you know the impact - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## REPLACE: Add filestore bucket name. This has to be created separately. - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -## Below options to be configured for SMS notifications to work. Note that deployment will still go ahead -## even if these values are not filled in. -egov-notification-sms: - sms-provider-url: "sms provider url" ## REPLACE: Add sms provider url for SMS services to work - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## REPLACE: Add sms provider name - sms-sender: "sms sender" ## REPLACE: Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -## Configure MDMS GitHub repository access below. Make sure GitHub has the user's public SSH key added and user has -## access to the GitHub MDMS repository. Add corresponding private key to the corresponding egov-demo-template-secrets.yaml file. -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ### REPLACE: Change this to Your MDMS Repo. Make sure the path is right and there is no .git extension at the end - branch: "" ### REPLACE: Branch need to be changed as per your env - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -## Configure the indexer service and pass in the configs repository path. -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - - -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "" ## Add email id - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ### REPLACE: Change this to Your Config Repo - branch: "" ### REPLACE: Change this to your preferred branch name for the repo - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - - -## Below is Kafka configuration. In case of AWS, Terraform apply step would've printed all the provisioned infra. -## Please have the volume ids from that output handy to enter it here. -## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones -## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF -## variables.tf file will provision three volumes in the 3 zones above. -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add respective zone. - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - -## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#kafka-v2: -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -#kafka-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" -# storage-size: "75Gi -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - - -## Below is Zookeeper configuration. In case of AWS, Terraform apply step would've printed all the provisioned infra. -## Please have the volume ids from that output handy to enter it here. -## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones -## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF -## variables.tf file will provision three volumes in the 3 zones above. -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#zookeeper-v2: -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - - ## Zookeeper JVM Heap Option -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< -#zookeeper-v2: -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. - -# storage-size: 5Gi -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - - - -## Enter Elastic Search data volume ids. In case of AWS, Terraform apply step would've printed all the provisioned infra. -## Please have the volume ids from that output handy to enter it here. -## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones -## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF -## variables.tf file will provision three volumes in the 3 zones above. -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - memory: "2Gi" - limits: - memory: "2Gi" -## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# -# esJavaOpts: "-Xmx1g -Xms1g" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-data-v1 SDC<<<<<<<<<<<<<<< -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. -# storage-size: 25Gi -# esJavaOpts: "-Xmx1g -Xms1g" -# storage-size: 25Gi -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - - - -## Enter Elastic search master volume IDs. In case of AWS, Terraform apply step would've printed all the provisioned infra. -## Please have the volume ids from that output handy to enter it here. -## If multiple availability zones have been provided during infra provisioning, the volumes will be created in those zones -## in the same order. For eg. availability_zones=['ap-south-1a', 'ap-south-1b', 'us-east-1a'] provided in the TF -## variables.tf file will provision three volumes in the 3 zones above. -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "" ## REPLACE: add volume id - zone: ##REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ##REPLACE: add zone - - volumeId: "" ## REPLACE: add volume id - zone: ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# storage-size: 5Gi -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -# <<<<< oauth2-proxy <<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" # Repalce with github org name - github_team = "micro-service-qa,devops" # Repalce with github teams - upstreams = [ "file:///dev/null" ] diff --git a/deploy-as-code/helm/environments/egov-demo.yaml b/deploy-as-code/helm/environments/egov-demo.yaml deleted file mode 100644 index 03b6a74d9a..0000000000 --- a/deploy-as-code/helm/environments/egov-demo.yaml +++ /dev/null @@ -1,853 +0,0 @@ -global: - domain: ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring ] - data: - db-host: "" ## Add db-host name eg: egov-demo.database.azure.com - db-name: "" ## Add db-name - db-url: "" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "" ## Add your Domain Name - egov-services-fqdn-name: "https:///" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service:8080/" - collection-services: "http://collection-services:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol:8080/" - egov-user: "http://egov-user:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location:8080/" - egov-filestore: "http://egov-filestore:8080/" - egov-localization: "http://egov-localization:8080/" - egov-idgen: "http://egov-idgen:8080/" - egov-otp: "http://egov-otp:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow:8080/" - egov-workflow-v2: "http://egov-workflow-v2:8080/" - egov-searcher: "http://egov-searcher:8080/" - egov-data-uploader: "http://egov-data-uploader:8080/" - egov-indexer: "http://egov-indexer:8080/" - egov-hrms: "http://egov-hrms:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://egov-url-shortening:8080/" - fsm-calculator: "http://fsm-calculator.egov:8080/" - fsm: "http://fsm.egov:8080/" - vehicle: "http://vehicle.egov:8080" - vendor: "http://vendor.egov:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - -## kafka-v2 Azure <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -#kafka-v2: -# image: -# tag: "5.4.1" -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -## kafka-v2 SDC >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -#kafka-v2: -# image: -# tag: "5.4.1" -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt0 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt1 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt2 ## change the iqn with yours. -# zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" -# storage-size: "75Gi -# heapOptions: "-Xms704M -Xmx704M" -# memory_limits: 1408Mi -# lingerMs: "250" -# numberPartitions: "3" -# replicationFactor: "2" -# minInsyncReplicas: "1" -# offsetsReplicationFactor: "3" - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# zookeeper-v2 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#zookeeper-v2: -# image: -# tag: "5.4.1" -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - - ## Zookeeper JVM Heap Option -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -## zookeeper-v2 SDC <<<<<<<<<<<<<<<<< -#zookeeper-v2: -# image: -# tag: "5.4.1" -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt3 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt4 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt5 ## change the iqn with yours. - -# storage-size: 5Gi -# heapOptions: "-Xms256M -Xmx256M" -# resources: -# limits: -# cpu: 300m -# memory: 384Mi -# requests: -# cpu: 300m -# memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - memory: "2Gi" - limits: - memory: "2Gi" -## es-data-v1 Azure >>>>>>>>>>>>>>>>>>>>> -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# -# esJavaOpts: "-Xmx1g -Xms1g" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-data-v1 SDC<<<<<<<<<<<<<<< -#elasticsearch-data-v1: -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt17 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt19 ## change the iqn with yours. -# storage-size: 25Gi -# esJavaOpts: "-Xmx1g -Xms1g" -# storage-size: 25Gi -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - volumeId: "" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -## es-master-v1 Azure >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# azure: -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI -# - diskName: "diskName" ## add diskName -# diskURI: ## Azure diskURI - -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -## es-master-v1 SDC <<<<<<<<<<<<<<<<<<<< -#elasticsearch-master-v1: -# replicas: 3 -# image: -# tag: 6.6.2 -# persistence: -# enabled: true -# iscsi: -# targetPortal: 10.67.49.8:3260 ## change the targetPortal with yours. -# iqn: -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt14 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt15 ## change the iqn with yours. -# - iqn.2010-06.com.nutanix:kubernete-72b39064-fdbf-48d3-abfa-7a36c956d535-tgt16 ## change the iqn with yours. -# storage-size: 5Gi -# esJavaOpts: "-Xmx448m -Xms448m" -# resources: -# requests: -# memory: "896Mi" -# limits: -# memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/quickstart-config-secrets.yaml b/deploy-as-code/helm/environments/quickstart-config-secrets.yaml deleted file mode 100644 index 57d912d5a0..0000000000 --- a/deploy-as-code/helm/environments/quickstart-config-secrets.yaml +++ /dev/null @@ -1,67 +0,0 @@ -cluster-configs: - secrets: - db: - username: egovdbuser #local DB cred - password: postgres@4321 - flywayUsername: egovdbuser - flywayPassword: postgres@4321 - egov-enc-service: # use-enc keys to encrypt/decrypt users details - master-password: keiz0phashiNgoh7 - master-salt: Eegh8ut7 - master-initialvector: quooR4Oereiy - egov-location: # google maps key - gmapskey: AIzaSyADqpKqZOggMr33usQvZ5hml3tyWZ6SCMc - git-sync: # Read-only user - ssh: | - -----BEGIN RSA PRIVATE KEY----- - MIIJKQIBAAKCAgEAxN3yoWfXEl7227hAXUTpeN5SiGUe22sIlGSYk3fx2Zl1xW0t - B5Y/RfxG3KocwtGCmxq+eMur9ZZsP5B8qFguG1ZhJXRZrFTn8S6bmVSP1YBRv93O - wvGNiLrSkqeKTbAflj/347aGOyO6tG+lDFPtGDOWI8EXQNRDKQb7zxans9fdli1u - vdXEDEF5nqzso0CLOtWjnRcOdWOghOyKdHZLvDIqwMSDvOVcnWH/zUqjMqpQJItu - bCun9tvRGxU5eSdTXCR7bs5qvm0NJR2VdJFZJNnxy9i0iQrinpLNlmoWl0LEunns - vSI9nBd3s0/l0nVzNzyvstCnywR8BKj1QxbkYArtkEY/1kLkmjEo7KO9ahHOI5qG - Tx9oJsBVAtHfO5Q3q4laEmbl9t1UE7XSp/0RD4+jqSlVS4q/Z3+MLHKfNu3Pps4A - Zq1WmaMch5NxB9qo1zj6x7LENVkzX29urHhlOnhJKZG8A/2Iz6rqzZTwV5g1kxSJ - dbfLg7K++zgyaJzluchWo5KCidC2icORklwvdnoDpu6qKD7hZBf4LscIV36Mwr79 - z+EvTCrkaKjUTQMdc+mgzwRldHWgwRTZjkEIX13v8r5x9Pl1JuIttONhINurN3dn - woKGb9rFFfBaLqEMU7VAHZ20SO0E4na7b4v2nOwWixcOezIwYVl6V3zN6IcCAwEA - AQKCAgAFUqr4ykH6cS7jifvTicV2SyyYG4PWEvLMcFvfwOJ9K7UPfYA2ME3NqqCP - 3tmgOuH5J6P2yCsCHOsYXOPB+YBlpNRDmv3Btxn+X3A9mRe6ghmzwl+Qzc8x3ztK - U9VdfGGeQmSFd63xc2nc7xfbWXmTqfFpThM+4X5fYZz1YHtwVWncYaYY4+rFGhAb - xjkvwNMC6DvgR3tQmT0B2xNzSq+JiyG0zJtzRBBZAQlVl6sJ96jrFAoMSrHj7tWc - kdpX+EQ8vY/I0zP3qiMs2bvsxvFOGcZ76IQZIH44I2gDpSKvPFLtZ9aK1p4r1kaa - RpLEOgC/gZiOkS24Q4rG5XqcMcZC9mMlWHqUJGhYrZhEn0yCQEtQFwiaDbuwQ+eA - 1RJ4Lxm9sGFuM1TuqU+1hLNc2/alZtclq2R424yCjzkz00vPNF+TpOGDdlUMiLpe - 2kbgYyY/hXKrSl2dbWPe00bj0AfNhdDJgb8cDVf9lz/MniG3A/U2St4lKK4ULDgt - /BRwLJzYROP/p1NWNO3m18BvJRXt16dAsBAXy+49CVY+t3twZ4KNO+hzOC+T2bXs - RZWWZXBsSXcT8suCy8CpzsM2V6wmipjBEcTR8MOjBHa5XSSH/e7k4+c1mV2Kjdix - 5GHNEi/oYgseBlIo5SeDtgcVRRX8L07ttG7LjuKW2icrcQnWgQKCAQEA6AFeRdO4 - ajHavP9t9DZEQWs0Xl0xsa4E0BTOXCGvxOgr9mg5ZaVzy/O53aaT92Geb5LkWhJJ - 5STLLEl7C+7WDn4Tn4EOqS2BQVylzjuP7/5ljSuH2rNl45r2t88HU+PT6hhW1xw9 - UyNZ2dqITAHIGSpZLosjsb1i5GPcgxkNrRYBH96Zew9GQ87yIu9cI5FpQSA1ijiu - 6B9AozIGAkEBgHj98RgO16Wh6f9UsAyWgiyq67IP3f1cexzuH6sgPWFjvUv4+F7i - HDMZmtftA3sDfs4hFhe7PW0WcW/Ys2ucfjDVeqlOZrlLbDoUYEHZwb3/Ts+Xs5F5 - tRNtpKIPNrFvVwKCAQEA2To/WNk+7pZGZZQU/xyYHiyO9979TtkMnaXOF6Wr8bSD - UAm+4+fPBg3iKhqEOlf8Ldrz1Cc7boIJATx5RmFs+zuc8H9LU0GHp9S/AQ7xjmcG - Os6QmPI2dyQ5dFeKt1eRqZhcedAO1bsj3idnrbk64mfwfxFi86xX80oLBabmDba+ - w5cqjOfGHMfXiHebtUiuOLrxM8no3bAVpf9chzZODdSsLZT6J8Lep4A9pnPsYw+9 - vU1QgTYqk7sTL2ZTA963nm5IACrPBg866p98MRsdlagXtasduWBwnXNTnqM8nKX0 - /Wf90KtbN+ueep8/qWPF4QRZL/wj6y11nyvYIq0CUQKCAQA6dQXM8FDaKR+lWXLa - AsZl+V4jnLXFwEQkLenlGvPP2HQjTRWRQAQSUqH1cGB+B5HFKSzyaQNHgmLTENy5 - H/+9fRTyrrED/ZxA3NhGQ4m7/cyWqm47s9IrbENYAwkkoRYnOOTApLPq+9BK7R5E - kHpbpOj9qj9fLIn7ZBIO0kQ45X95CTyA3lNlCILIPKlpqNztdPEol6mygRVnSVZs - QPbg6RuLIPW0bl6CuDwdc76EpD6Yzq/izlD8EEkLn7Gq5Zwc+USNSFMOqe18r4Vf - yCIUVFnP2EDsdE0gXf8rDiVLQoC3vGstxOh1J5k0u8LjZz0qHXJq42/YKUIKJm9Q - 55pXAoIBAQCGgkfZd2Q9jnX2zjQWKBmVjZfVqpGFsmbac2HjSKXo3BL3i6FVNCQA - JralxZedHQA9ULfs5YIqkoCK8GxUBV3bT3WFgf0dh5U9ekHvoNY4jFjSLzhgTJMn - QRoGjXKKxsGel4ajsw6Mj/3MwO+1Jd5tdVj5BcYVBuHK901N6aPIWCFVsZQafiYx - ihlPGmkjXubqn+9dVyhHpZIyIKal3x2D+O3Ip9giqMsAQytpl5yHVqbxwh8Yc3b3 - 1T4y+pRq8A0ZIEabO+bHZMThpXHcYmL2WYic6GFWeX4iMNhVgdS1VxoVk8AZ5xFr - 1g1i9psQA4TzKaMkUGfZZ2PO9PI3vpORAoIBAQDJOh5OWRFZCgHwMTOumgxv/wof - CuhsAzJ4tQZ0kMWGMXh1JuBgnLOWn6SgNLhl1SErwx67ftNhfFIXJR7WkNJ7n8Oe - DY9NZtgq85Lm/THmdn07COFrQpDzhZIy0YYHc3EZL0EjOOz0vrYOJAnWphAdSbYt - P//GtFAuNQ6HYEX48XUJ3NgBzBbweS03jEQBdE1CiH4GIxqT1BEr+OgHjyCEynLA - z9biV2jCYKO6W2CsxsjVGqvEFkOcGz3OwPFQGYEM85W5piKKZnP8LoElIhpZ82gF - ZN2SXKC6SZumRAcRdloo5jq5Qg0JDo+ltxHLeyTU/eJyY7aIojsWHm5kUlbf - -----END RSA PRIVATE KEY----- - known-hosts: github.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ== diff --git a/deploy-as-code/helm/environments/quickstart-config.yaml b/deploy-as-code/helm/environments/quickstart-config.yaml deleted file mode 100644 index 054e0cebdf..0000000000 --- a/deploy-as-code/helm/environments/quickstart-config.yaml +++ /dev/null @@ -1,156 +0,0 @@ -global: - domain: quickstart.local.digit ## Add your Domain Name - setup: "quickstart" - -cluster-configs: - namespaces: - create: true #set this flag true for 1st time deployment, will create the respective namespaces. - values: [ backbone, cert-manager, egov, kafka-cluster, monitoring, playground, zookeeper-cluster ] - root-ingress: - cert-issuer: letsencrypt-prod - serviceName: digit-ui - appRoot: digit-ui - configmaps: - egov-config: - data: - db-host: postgres.egov ## Add db-host name - db-name: egov_ms ## Add db-name - db-url: "jdbc:postgresql://postgres.egov:5432/egov_ms" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "quickstart.local.digit" ## Add your Domain Name - egov-services-fqdn-name: "http://quickstart.local.digit/" ## Add your Domain Name - egov-state-level-tenant-id: "pg" ##Add tenant id example: pb - es-host: "elasticsearch-client-v1.es-cluster" - es-indexer-host: "http://elasticsearch-client-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - s3-assets-bucket: "(pg-egov-assets|egov-uat-assets)" ## Add s3-assets-bucket name - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - - egov-service-host: - data: - billing-service: http://billing-service.egov:8080/ - collection-services: http://collection-services.egov:8080/ - collection-search-indexer: http://collection-search-indexer.egov:8080/ - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - egov-common-masters: http://egov-common-masters.egov:8080/ - egov-apportion-service: http://egov-apportion-service.egov:8080/ - egf-master: http://egf-master.egov:8080/ - egf-instrument: http://egf-instrument.egov:8080/ - egov-accesscontrol: http://egov-accesscontrol.egov:8080/ - egov-user: http://egov-user.egov:8080/ - egov-location: http://egov-location.egov:8080/ - egov-filestore: http://egov-filestore.egov:8080/ - egov-localization: http://egov-localization.egov:8080/ - egov-idgen: http://egov-idgen.egov:8080/ - egov-otp: http://egov-otp.egov:8080/ - egov-mdms-service: http://egov-mdms-service.egov:8080/ - egov-mdms-create: http://egov-mdms-create.egov:8080/ - egov-enc-service: http://egov-enc-service.egov:8080/ - egov-workflow-v2: http://egov-workflow-v2.egov:8080/ - egov-searcher: http://egov-searcher.egov:8080/ - egov-data-uploader: http://egov-data-uploader.egov:8080/ - egov-indexer: http://egov-indexer.egov:8080/ - egov-hrms: http://egov-hrms.egov:8080/ - es-client: http://elasticsearch-client-v1.es-cluster:9200 - location: http://location.egov:8080/ - property-services: http://property-services.egov:8080/ - pt-calculator-v2: http://pt-calculator-v2.egov:8080/ - pt-services-v2: http://pt-services-v2.egov:8080/ - pdf-service: http://pdf-service.egov:8080/ - report: http://report.egov:8080/ - tl-services: http://tl-services.egov:8080/ - tl-workflow: http://tl-workflow.egov:8080/ - tl-calculator: http://tl-calculator.egov:8080/ - user-otp: http://user-otp.egov:8080/ - ws-calculator: http://ws-calculator.egov:8080/ - ws-services: http://ws-services.egov:8080/ - firenoc-services: http://firenoc-services.egov:8080/ - firenoc-calculator: http://firenoc-calculator.egov:8080/ - egov-user-event: http://egov-user-event.egov:8080/ - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - -nginx-ingress: - replicas: 1 - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - default-backend-service: "egov/nginx" - namespace: egov - - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml, file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml, file:///work-dir/configs/egov-persister/fsm-persister.yaml, file:///work-dir/configs/egov-persister/echallan.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "quickstart" - -zuul: - replicas: 1 - memory_limits: "512Mi" - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx256m -Xms256m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt" - -egov-mdms-service: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "quickstart" - -egov-indexer: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "quickstart" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/pgr-migration-batch-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml" - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pgr-migration-batch.yml, file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml, file:///work-dir/configs/egov-persister/fsm-persister.yaml, file:///work-dir/configs/egov-persister/echallan.yml,file:///work-dir/configs/egov-persister/egov-document-upload-persister.yml,file:///work-dir/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/configs/egov-persister/nss-persister.yml,file:///work-dir/configs/egov-persister/birth-death.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "quickstart" \ No newline at end of file diff --git a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml b/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml deleted file mode 100644 index 5f477728bd..0000000000 --- a/deploy-as-code/helm/environments/sanitation-qa-secrets.yaml +++ /dev/null @@ -1,71 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] - password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] - flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] - flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] - password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:Ltjuy6j9lAv14jYFz+aAjHsoEG0=,iv:Jokzsmrf4Ng7iwrhzjDT2AhgfAzghujRQntP0HwFkZc=,tag:zp8kq5vjmwwU471XrZkBmQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:plLsGSna3i99HP6cItdeaCKRSwjG5tWWRc/yJ1pGIk4PYICQshDeSA==,iv:VTBdjdOfFRB1LMqMFqzS+L+PCn53fsmg+Mud16OyK2U=,tag:ROLdsP8J/l7LKD/gCcY9SA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] - admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] - read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] - read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] - master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] - known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:jNk3oWWYpGnulA52AExvtk6XH/s=,iv:HJBJt0ULa6uRBhKojp6rIYh0FDf1+gRSTRVTtt1tlOo=,tag:8OVI2YzyCgTNMf0JbrQQrA==,type:str] - clientSecret: ENC[AES256_GCM,data:87SgqZoocll84SsgIHrHz0uHZcdMgKZkyDFJV2Y+ZbkKQ5ejcRBCEQ==,iv:kPPSMc0kiCuzaGx9GCDej47+8KFK63R0twnhYI3iOJo=,tag:YkyXudnkyUcUkujN2Wch+w==,type:str] - cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-09-26T16:11:43Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-11-23T11:38:14Z" - mac: ENC[AES256_GCM,data:F9lxx5KUFQzE7HJLjXtijQgQDXX0p8L8imlnk39gTMew1BeI8PlkHQw59AIjp0aKnbakQpoCHzrhQHOHWLy/CPJVefkFasCfSQVNt4mTny3IkBBR/M3Ye6g/Ohj0dn7feSoBMhBEa+47LlsvOJEgjh4zm7j+jeULvTHZIBTX7fU=,iv:oc1D1t3lI/H4Y4mvu9DS0Gpv0wCHx7OoznJkpJvwN0g=,tag:FCz+fqAaqpgYfUBOV4IjeQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation-qa.yaml b/deploy-as-code/helm/environments/sanitation-qa.yaml deleted file mode 100644 index 8363c220b4..0000000000 --- a/deploy-as-code/helm/environments/sanitation-qa.yaml +++ /dev/null @@ -1,741 +0,0 @@ -global: - domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, sanitation ] - data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - state-level-tenant-id: "pg" - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-upgrade" - es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - pqm-service: "http://pqm-service.sanitation:8080" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-service: "http://pqm-service.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-qa-filestore ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -estimate-service: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -individual: - namespace: works - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sanitation-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -pqm-service: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -pqm-anomaly-finder: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -inbox: - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - memory_limits: "512Mi" - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml" -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/sanitation-secrets.yaml b/deploy-as-code/helm/environments/sanitation-secrets.yaml deleted file mode 100644 index 940d15a053..0000000000 --- a/deploy-as-code/helm/environments/sanitation-secrets.yaml +++ /dev/null @@ -1,126 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] - password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] - flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] - flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] - password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:BbAOdX4eraGZG8XEeUk52JdTCzs=,iv:dY4wElIQE/w6OhExzH0NsZfubeL5+SQpu0oAd8T56/k=,tag:oHB9nkvpkyUwaoa9DH0OCg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:N3BgZRp7Y07WU5Laufl7x9EuRYhbzZc2/NHtZWepl8MCv1c/Go/mPg==,iv:1Z1gd885HzpFxkA8Y78gZd4J2cxdwp6a4QZwQlukSgg=,tag:EGbJhJQJ1fT8VeliD363dg==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] - account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] - admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] - read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] - read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] - master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] - master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] - known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] - si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:Pn/QWAyDeoNVOG/0iZbD+CXiOek=,iv:3YgQsS3lGYXrEZIqCSp0IdaeihCJBu6nC8NiLgoQgeY=,tag:Evk7P8vgpqq8Z67Gg9UiXw==,type:str] - clientSecret: ENC[AES256_GCM,data:9lKcBjsMuaUocc2KOl6fDOKUjCUxb9o5lkCG5XPcVa9a8GN6kKDeYQ==,iv:t1ryCnubco7Gp+ktbIqbGR3EKWpRERee541pQCPoASI=,tag:Nj2KqKm2sxZbOrY1i0a1PQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] - secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] - route: - receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] - group_by: - - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] - match: - alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] - group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] - group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] - repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] - api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] - channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] - username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] - title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] - text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] - templates: - - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-04-11T06:12:24Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-04T06:33:29Z" - mac: ENC[AES256_GCM,data:jrfasih7SE96SF73tYTK6H1WI0QoE25atirbR02TI7rzF3SUPzoIElv1oN4YzvZStApZZrFT+VSdr0ILzTbOWDJSCSBrhwGo0demi0wpDqxIbl1WYXTiMBzGATMdV8wxw0C+QfuoVE3Z/TMIomHqF2H0kXVQTqo5cSuBFisqetE=,iv:g8CBBM8qw1ZeD/a1m7sUxLTmJzh7dDDZVxtqcQBr1fQ=,tag:QRrVTDaKmS6OOQe55oBZrA==,type:str] - pgp: - - created_at: "2023-04-11T06:12:24Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 - L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo - HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 - vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 - HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd - 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc - kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 - 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE - igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L - MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ - LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== - =NBp6 - -----END PGP MESSAGE----- - fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml b/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml deleted file mode 100644 index 7340afeae7..0000000000 --- a/deploy-as-code/helm/environments/sanitation-uat-secrets.yaml +++ /dev/null @@ -1,129 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] - password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] - flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] - flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - - egov-notification-sms: - username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] - password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - - egov-filestore: - aws-key: ENC[AES256_GCM,data:x5LcCTRYCzu71f/BMP5PpZAMofg=,iv:zyZnKOyzL4rRalG6jWAq7CWkb6TeYb9LLy3hw1wZUxg=,tag:lfxwDeJYky3CMBCtI94oGw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:1D2mqDJfgQLnDvVx+RhCwkIfV+rXvxbbeexEsgOLmqYpYqOtfMKBkA==,iv:FGTpiY2F7tX7xrX9yyZMdpxLIq2Yw5RkbugW3FSqB3Y=,tag:Njx6l5y1iUyItM6UMxKp8Q==,type:str] - - egov-location: - gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - - pgadmin: - admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] - admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] - read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] - read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - - egov-enc-service: - master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] - master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] - master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - - git-sync: - ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] - known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - - kibana: - namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] - credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - - chatbot: - valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - - oauth2-proxy: - clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] - clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] - cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] - route: - receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] - group_by: - - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] - match: - alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] - group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] - group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] - repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] - api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] - channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] - username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] - title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] - text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] - templates: - - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-10-09T10:33:39Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-05T08:47:54Z" - mac: ENC[AES256_GCM,data:mi4U0M5XgrEsMHfFi3nVnUB6/WdImwwbpGos05HQw+7Uv5ywoMv+xBPKUjDcb0A4qEMZu5wgdIX7CYRCstJcPNg60ohpYjV51ML/78U+7ZYu/emEFdR2mzEcgUJK811Q0d4qGFLjKnU73jmDIJIVykKqWqwUOlFsbirWf83qnbk=,iv:sZLYQAlq43ryfsDfQ7ZoV8FIEBAY7HI3wUmXlij0ejQ=,tag:FMXbiik2f+v8WJ+HltpEMA==,type:str] - pgp: - - created_at: "2023-10-09T10:33:39Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB - ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W - Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 - 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj - W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle - ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 - MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL - nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== - =gDUX - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/sanitation-uat.yaml b/deploy-as-code/helm/environments/sanitation-uat.yaml deleted file mode 100644 index e1d66cfb38..0000000000 --- a/deploy-as-code/helm/environments/sanitation-uat.yaml +++ /dev/null @@ -1,809 +0,0 @@ -global: - domain: - unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, sanitation ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - mdms-service-v2: "http://mdms-v2.egov:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://health-mdms-v2.health:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - mdms-service-v2: "http://mdms-v2.egov:8080/" - pqm: "http://pqm.sanitation:8080" - pqm-service: "http://pqm-service.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - individual: "http://individual.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url: "http://minio.backbone:9000/" - aws.s3.url: "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-uat-filestore ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -estimate-service: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -fsm-calculator: - namespace: sanitation - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -individual: -namespace: works -tracing-enabled: true -java-enable-debug: true -state-level-tenant-id: "pg" -aadhaar-pattern: "\\d{12}" -mobile-pattern: "\\d+" -notification-sms-disabled-roles: "ORG_ADMIN" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - -vehicle: - namespace: sanitation - -pqm-scheduler: - namespace: sanitation - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - - -sanitation-ui: - namespace: sanitation - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -pqm-service: - namespace: sanitation - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -fsm: - namespace: sanitation - -pqm-anomaly-finder: - namespace: sanitation - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -vendor: - namespace: sanitation - -inbox: - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - memory_limits: "512Mi" - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml, file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map: '{}' - bs-service-map: '{}' - - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: - ap-south-1b ##REPLACE: add zone - - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: - ap-south-1b ##REPLACE: add zone - - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: - ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/sanitation.yaml b/deploy-as-code/helm/environments/sanitation.yaml deleted file mode 100644 index 7aa9806149..0000000000 --- a/deploy-as-code/helm/environments/sanitation.yaml +++ /dev/null @@ -1,721 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, sanitation ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, sanitation ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, sanitation ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - mdms-service-v2: "http://mdms-v2.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - pqm: "http://pqm.sanitation:8080" - pqm-service: "http://pqm-service.sanitation:8080" - pqm-anomaly-finder: "http://pqm-anomaly-finder.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - individual: "http://individual.egov:8080/" - -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -sanitation-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -fsm: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -pqm-service: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -pqm-anomaly-finder: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - java-debug: true - tracing-enabled: "true" - -inbox: - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - -pqm-cronjob: - user-name: "PQM_SERVICE_CRONJOB" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.sanitation:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.sanitation:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.sanitation:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 300Mi - heap: "-Xmx128m -Xms128m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -pqm-scheduler: - egov-state-level-tenant-id: "pg" - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx550m -Xms550m" - resources: - requests: - memory: "1Gi" - limits: - memory: "1Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - - -pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "dev_readonly" - - -playground: - replicas: 1 - images: - - egovio/playground:v2 - - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-dev-secrets.yaml deleted file mode 100644 index 54074ddad7..0000000000 --- a/deploy-as-code/helm/environments/unified-dev-secrets.yaml +++ /dev/null @@ -1,122 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] - password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] - flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] - flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] - password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] - account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] - admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] - read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] - read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] - master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] - master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] - known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] - si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] - clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] - secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] - route: - receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] - group_by: - - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] - match: - alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] - group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] - group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] - repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] - api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] - channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] - username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] - title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] - text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] - templates: - - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-04-11T06:12:24Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== - gcp_kms: [] - lastmodified: '2023-09-27T06:18:14Z' - mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] - pgp: - - created_at: '2023-04-11T06:12:24Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 - L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo - HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 - vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 - HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd - 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc - kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 - 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE - igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L - MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ - LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== - =NBp6 - -----END PGP MESSAGE----- - fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-dev.yaml b/deploy-as-code/helm/environments/unified-dev.yaml deleted file mode 100644 index 278ccc6ac8..0000000000 --- a/deploy-as-code/helm/environments/unified-dev.yaml +++ /dev/null @@ -1,856 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - project: "http://project.egov:8080/" - individual: "http://individual.egov:8080/" - household: "http://household.health:8080/" - product: "http://product.health:8080/" - facility: "http://facility.health:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - mdms-service-v2: "http://mdms-v2.egov:8080/" - health-project: 'http://health-project.health:8080/' - health-individual: 'http://health-individual.health:8080/' -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -workbench-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -storybook: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT StoryBook - ';" - -storybook-svg: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT SVG StoryBook - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: "unified-dev-bucket-s3" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-url-shortening: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-url-shortner-endpoint: "/eus/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "2" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -prometheus-postgres-exporter: - namespace: monitoring - host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - user: "unifieddev" - password: "digitCoredb08" - port: "5432" - database: 'unifieddevdb' - sslmode: disable - -mdms-v2: - memory_limits: 512Mi - -boundary-service: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/mukta-ifix-adapter-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -health-project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -health-individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx128m -Xms128m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -fsm: - memory_limits: 384Mi - heap: -Xmx384m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - -prometheus-blackbox-exporter: - namespace: monitoring -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - java-debug: "true" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx512m -Xms256m" - memory_limits: 768Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx2048m -Xms2048m" - resources: - requests: - memory: "3Gi" - cpu: "1000m" - limits: - memory: "3Gi" - cpu: "1000m" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - - -pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "unifiedread" - max-query-history: "50" - max-login-attempts: "15" - enable-save-password: "False" - persistence: - enabled: true - dataDirSize: "1Gi" - aws: - volumeId: "vol-0c86db1778f9a3b9a" - zone: ap-south-1b - -playground: - replicas: 1 - images: - - egovio/playground:v2 - - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml deleted file mode 100644 index f8d2348ce0..0000000000 --- a/deploy-as-code/helm/environments/unified-health-dev-secrets.yaml +++ /dev/null @@ -1,108 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:nwpCI9c4oqobrw==,iv:gX93oxvlfk6phIcpRWpKVXYiLx9fDhJcqtuP8GGgUyg=,tag:P1Bu6m24woLGsZ9w8c0cgA==,type:str] - password: ENC[AES256_GCM,data:HzBgRRZlV2T4f3hivw==,iv:JVh4FZuGoDexZ5XV6H1dqnv6WRU6jad7gNxG+6RD+iQ=,tag:8jvKBeyexrmqLk6w69j2aw==,type:str] - flywayUsername: ENC[AES256_GCM,data:cBbQtzBysPNEwQ==,iv:3IgeXRaQ/9dc27+acIQfMS6U+JgezkHuW9bdShNbpek=,tag:RwAE5Og/NAtjoWmejQTQoQ==,type:str] - flywayPassword: ENC[AES256_GCM,data:8rWw8pTNhQZQ7brh5Q==,iv:F2uwBHSuxDw4ReOzmV0qlFQCoGbXg+3YNlhucVdDxho=,tag:xJjhWS7BywjBaqngRMblYA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bQa3nu9fsQ==,iv:v+Qm4c3YdBuQSJqxZhktm7x29a+mbLwHyQC+dqzPxPc=,tag:7EWbZSkavAkF1cid9iA6SQ==,type:str] - password: ENC[AES256_GCM,data:QJTPLfp8VTo=,iv:cEyo1ZY8I+Vs7IslHaFSpIHFzorDq8Y5azujpCxNTGQ=,tag:5jy+aoeSLjiEhEDNFTzDPA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:jzjUoSq4wLdUzaaXKVJUDIn9gTw=,iv:aEg3rS9vPGiMhbFQB8VPH+Aalfc5j0rc5qg8jAo6oIs=,tag:Ch90e0CjgDC/jdNlogUKQQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:L8flKyKsLJbl7uoiwRy2VTmiLYdwIKwSha7p4nm+eMBFqltUjDXwhw==,iv:n6fliyJi7qGTSdCZi5VeTmlAFWWotwxaCMCCgJn2tQU=,tag:2bZFSbBXB+Rzfw2B37OYuw==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:/fTo+Zv20dZK2A+k8pLR,iv:aC6yKvKHY+KcuE3ngkM6iraFg9QG6lhilTq5Wr0KZD8=,tag:qapA1DZO8+UABE118X0Pmw==,type:str] - account-key: ENC[AES256_GCM,data:HRouu86mINit8e6PC9NAUAkFFBotnWzziCZ6Fx+D8lSksicJXVT/Q1lRfPDZ1yTKSIrtPhHezaeFGDLX2p0+1YaELgbb0vamWqSF/Mkdcyj+OsBJ/Ab6CA==,iv:fz1L7vdC0eEFHgVwxO3zZECJk6mspuyfOTvqLWHfE1c=,tag:KGmzmjEYTv8+jwM6EKI0+A==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:rMYdABW5C148da4FUgVuY7ZupBQdmiphtpqQBkHPf3xe03XiBgkz,iv:qGR75qqYakahSxFvRsZJkpNdQSS+Am6h8XfJSuDKVA0=,tag:cTMCTdNsrO3pyh8fxLJHgQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:NQFMHqFQLaRzGjmGCUhHGw==,iv:GLs3FwllF+ZyqjjlfstHhyaMB4DyhR0L/esxgQy26wk=,tag:2sVT1A1gQVqglXXv0WUZsQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:5by2kS7SfCvpfa3KASWF4ZE7a1rOXInJeX+AvL15Tgw=,iv:0tQnlUuMNFPhgAU1ysaHnjvdaztbK+WTUp/bIT4l2BY=,tag:z4088rVlJ3n3sFj2uImhsA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:vp73jqXWHZgy4RnzIxV4,iv:lSKFsWe8s60wFAmy+sUpuEsMuWCjp6RUig4Lr23gj/4=,tag:v3mF4wK9FsBWh3eKXFPT0A==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:RqQBQEfMrX0JllA=,iv:AD3mPZrwDu16ABCBEpTHLze100S7IYezwdrmAB2aEMI=,tag:snzLkWWznoshO2hOZckgKg==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:IG/X5GcND7w=,iv:jj4BLsWwDktw6QYBMVgugq+lkQXIOO5FvtZ819OClrY=,tag:3bbf/GWUdo2sG3xipIEuqA==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:EL9NKv9N,iv:7GTy0xl7hy0U+DQ2G6jLu6FXbzueGn5QlQblTTxP9gA=,tag:09YSZkG9V224iNFY4WOZKQ==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:uqlSMbvrmyU=,iv:a0d6/FtLMGjQ0OZnVgMdFoBqfPN5mf3BZwHSrJEnrQQ=,tag:BFP36kqGN7zI2B4exV1tog==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:arJ6vwxg51MGUNga9swPqVKOYtld403LVx4=,iv:VyPvIZ4HJjkJx76MyaXJ23tFLGrhA80rXc+6yo5W6Xs=,tag:XhocZ4xsKkHCCcFIprXsnQ==,type:str] - admin-password: ENC[AES256_GCM,data:Hd51DzFxqCom3ggX,iv:5yiXvn+Z3YsSkxjtmiPrpoc3MMPzq0TEEel8flaUD3Y=,tag:SD5Aggt0Y5TN8n0ag5ZW6A==,type:str] - read-email: ENC[AES256_GCM,data:65WyuUsEYXj4dG8AnN3tnvx54+7HZV3jKw==,iv:fIuVHfWt3+CmkvU/DBbq/g5Qo1hkC7LJ1W/AFrna+KI=,tag:Pgmy0FoT8EUCWVclC/h+qA==,type:str] - read-password: ENC[AES256_GCM,data:/3eWB2RF4pfFxaCS,iv:55LiBzBphNnyeNrO0u5ehVZUp6MMojcMOW0LBDPCii0=,tag:D0py/aHpJq4WwnZ9MjZPnw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:46bJ7nUvdV/M7CnWdPgBxQ==,iv:dx2wFvV4Ju5PZEj6GciLi2FFuOxhBtoShrfKHUQjAXY=,tag:YDVaak9VBXMiLprxAKp5Wg==,type:str] - master-salt: ENC[AES256_GCM,data:tYKf60n1mpE=,iv:PSk2Usy8trA1VbGG8W7LPu+3bzYhkm7AKcEGr1m4WCs=,tag:s7tkJEtxSLQkLMttG5RL8g==,type:str] - master-initialvector: ENC[AES256_GCM,data:MvqUjVVn2wSlsz2T,iv:BASbCJYjRPXlPpfsHrItQBDRXKmso3rtv0+pLi3loqk=,tag:gaZpiS85vBXx/o/Xg4JWpA==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:1MtNDbYpADWsK2L238HvvCy6As08q2Rs0qPUwpY+rVAP,iv:uIhxY/Dz9j7SANLQEUhnwnMMVmItU3M/+YJHV0GLTNw=,tag:b48wR+tQ4rbr+zUAnAw+Zg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:4zAytAbBZao=,iv:fHdEHzSCbGtB2pIEMHmLYsM3Xhk29py0GxqDj9jlln4=,tag:iIO1/UDGM4gWU6+kTSrnZg==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:Ib3op/+PYeZXOcVx9kqIs5dGIxM7bNmCCNsNr+VcpSFaxGuAZXEooKXAUFk6LDKR8Az+eJ/YDc6Se98y6pgjmgaBSppzk20av10wOPQCxK2mrhkI0YYp3l8N9dZcimAp5npulNHkOhXmt69TlE+NZOL+OFiE1GAsRz1OKfg2mhdLGfg0d1cPxm4UJmu1eMNK+yAFnUwu2dbz3Wgufv55D7amDXe5BxpG/hT+QHJ6G8yKwaaJRVW0XFS5MEL8mfzPzxtgkEfb+aD/CtrFiMn5LEN++qnoEjkUwflQT/2cKUwmExfvxlVlWD5RLUNk9bo2UZxxMeRFFcZOi48M6/B2FLdzn8yslkZrNlCk/8hP3beBKJV7Ddm93Pnn1TvLmRX1Do97EA23zqiOm8M1sEHxos6QYsIwuaQSJ/D21zEAob8ELbsXyY22bs+08xYj/UGeFvtbVEL/ODcIlV5D2CCMwaB9h5OaeyqHQgQ2/ow/IiqHOQUv3oLmn22XjD02QgauSu6zbPnBRYxddpooRk+HbeQQ122JIqh9JAxaBvmbvyKSfm9al5aEj12eyc90ruMMew1UjV7RyWfkp9D1/zwYMp2NQA5EOGZslXAbKc1mmdHunFQAeaxBnLQRK1dQR3fNoUlqq9rKC1edshOF+V7ks+XlnI/suA6iPM2OIdOwl4bUglxhzF+q7mrwrXILdxWbZ9wtpXig/d7G2KFKufWhzVdjAGwQYcYYQY+FtfnLfQcTCBb0HTjP0z30EGI70m8wtZw5p/0g4nM1IvuCefxXmGDB0V1tqVhrmDwiVSGwhyDXq02kctFnARu/G9YLw/6TRIjp4w4DmZHrV97rBDVOLTSD1ggVWONhAjAKffmK0u74dmdQrwhBiXzGrXsBwa5sjS2BRKpMJoEmrOAYhWvmGqLjjUpYRB4DNwwERHUoS7pMdHzOS5mFC5AZI1sCRUCgLua0vc+VwKSZorEHvl4Wv0TKTVBh/5Gc8JLb1oEEC0zX2n/bUW41B66WDRbbl4gZJshIo60upI0xGcNHBJcARjFSacqTjMS2Twi+3aQiHlzQaPQ1txV9+qLjU9T0ThkRl4cM3In08by+mN61wZyZF97JoM4cRZFs1IslqEZgI7eCb0ap44HX6F8ubpk20+SHTBDFtV9yx37SFwAWxg/2m/xMeebAlj3uCBGUQrBYjvUA9e3tT9SFuWEVKgiYHtaf3EnOpeID+3wZKnkSZb7YxZh0O/5B8h6qynkbuOWtPiK1xuQHdIO8NuBT0D71D7bKzQE+33l3Yx9EGKrowu24B3Mw0L7ohIDOin/HCO9Dd5LanO+GQxlbx80i6joUEy8HJS8dUgRpVC9UNr7zKHsNMIViiGqtPZQizFNYn++7mMFCknqBedwxp+UywSOO1FAzvOfoRwEda8yvKqiI/fLK/EnAnFj9Eh5vHwZ7xiXgPxtyLwio6XjFwJ07Z2MM5l3d2DdLbm+hzl3dxnCotWNQGuG40A8MiuZRZltk90mz6KCDm0/ahLtd6X6keteU+yLiVS/u6HkbtdJzSQGJ4tMthJ8WIRSCbYqLp9s5vu+7qIbNTxfw04qFnxUqgCTRjHXpdaANcMaFTSRApCMEsi/cGNtI6frTH2Try3TlKLXfzY5kXAqLrUZh6NKtKwD/ffNIN/iptEeg4rQ0luFlCJwLUQ6GS95ati3q3dd/KD96pykLDTM7gn+WtC3AbsK9uBauqB6nV0SrtGcKje40Wkanc4apANiRlYWRD9cE3cPGFcipwjY86qrhjzawG7hLB+rwIh4sDFfrY0InP2btpwysrEA1lMzlBNy/2et/V6IMfTd0LaJqcvafYZ62XCB4QHPANokE4tL9GtgOF8ezD6/SQFhuRDoZ2WpMEkZ9A+/oNUQCBM7cDrIAEoJ0zWOvl2+xSCruXZiqSwaNuaU1oSntxxBIM8IhKrD7u2iqr8AqOmnOqOoDdHj3oj7nri+0TTGFyHQ8Y2HuOTyDciGhWn2y3K7k8h+sEwk4jWxJ7TduuoQx+jbVPBknqfcGt++qmXeVyJfm4COwVtK6oituYcg2gaTN8aw0OK6QUyv0iCxu+zw5yC8AdWgCYzNoa5Vut/T/wZW9nAeFlol/pscSP/v4P5eETWIanAtr9lPDGUKSYYiNM/XDZLPyWXvLE8vsXuEr+oxSLggHm0R/49npPqyFimNUV/yaY4yspOqhSiVSdE6fW//Pbdtgm72C45Nd6kETyUErGqqKmM6qjngOfa8ALt+DS9gE0bDm9dni24Pi7VzRx4W7VC5q/KG8o7uzstAZwSlqObEK9d93TuYDpYIWvyJSKruz3rGxRA0jzFwiYOvY4cSnLCcc5j/ZLVtjFsEK5zY7Pa9zAo99+oSi/iLLOAhk/1GBSG4deSeeCiF6NvXVdswsRU+TVgyso9LCSw+hmrPvdiy+hJXN/lPFjqZRAop9vUkA8+Jayz9l50MqBX2e8gUykTe9EPFnb5hE2DLIsUa18wSgayZjrdr2+VYV6MDriauGEVFQP6xL0V3X95uxGDxs710ZeO1LI9+aCWQhUbQ7hqJy08rLK6uExlXdocP9hTcBI4Edh2k9J6z7/9Spy04HQLHxe6NL4z/zTkJRz3WO1B+vHbmSDUFly2eQ3J7bPtz6i+JWa5K5ocHfUoyRBN7USAecbKhu/fMnUvQ323IG5sCuxvVKG5BFBHmNqGpBusVIwQV4fp6FW4RdX1JnG8xZKkDE/FkBgm0PriEnlW3RJjNyyl/bMAYZ+CQgmOmmVP3aTxemVzVe60AreYi1pQe3bffbNdnyamhIoKs6irca92j2UIp4Fy3QyBdZnA+vEz4E1qPgP63EQZBSj31opumU4fmwoB4di7P1rXaO6Rz/Fpz/qnAHBq1a6X2s/fXzMi+hQ9qyO07by/lySN5D5OFmLNLYXoy2MUXjwv3D2nlHemxzJDnmPVWhJbeu00lrjoT4/zs8J0D2d15aYluWvZoBlNK4UQEoUBhE+LJGRm82CQdUvCI0nVrt/870QPP3nAnM+5amoe/zd90pFyR4BG/gj8+1VQoJ+qwEYZIcwNsM+Ivxr0souWB6xgXV0YcCHs3t6IHqbvNqreP34C/PaxeX0qUcdr/7KFfiJ5RvsuDWcicYntQCHhzkaaChBA5dAlcOQE+S7Z+2hRCgdYOWhP2X2thzaCfDGSIdtEyvuCKKACOuh3FyZ+sl+DGRCp33RpE7INU3uzBOrH5PYhnempUs6mtXyD3itLd5VxIt6E4FM++R4WwHXKLJvJEQK+U35cG7+wwEONRcnbALo6sPH+pvxDwF2v98QiRoCY/gfvXDIwJfbrE8DObe3ni5FGGrbUbk6JT1KHF86+cH+MUcOYwHGhxVm7CPOfF9qKcL5efXkcZutJizKmwvMVzNlbKlm5XqTGfz/k4FjnWoHTpBxwJLchlyQsSBrnP3nBYIIcQuFr+0d60fUe51deM+nxLIpXNl3NEWdoPoOVaG1IMELIlEEtZ+7bNmPDm1c5FlngnGh7DiBbB0F5KXCR5Wb3wLKrZ8njt5SxbuadixE+PqUCJXc92PhgC9nejVJArRNshgy0Rook/4gJ/O36WJPvS2mLuhh/pvgkZZhhESYsAn8Jeig+ZDl36+cj57WjzvFfYcmCIzTV2sLLLPYArpgoeZeZb13+O4x3f/1rkBuqNgcan71b7QxE+KPXEuEdu4QIy89UBO25+HnntBahCYc/Faa9qtCzuGh/c/L5ABbA242nWA2JKjkUN2x1vwz7dShoQV75myaC3SO1RqkF1e8nzsjZlN+RQ9SZ/Egnke+CgVOhEMTHoHTIh1RAtT9qlUnrE14iJQKo//UdIIBafUlpT6V7HuOdfKwa/Pd/70xeMAUbGl1Oh9Vfwy+wLN/x28wWfAR34n4bljzww6y1im5U47zKXFgW2ctCmJNdOIt9c4BZ7xCCxwPs9zl04UF5IttSI1VcLrtHfPJZS0DJj0pk5J/b0AFB2OyYrGCpZpiCqYaXbaMIg+W765LQ2dF25IYHg3neaWwUFX3IZ43x87aEqNfC0cxDHajdrMGuoeo8cpfEMvh/WxgdswHuZa5RAo9TtJG7N2RAV3n2oW+C2U4BVfl78Bo5yuFap1L8PwGAYX1hE5ubz4z43wo6u79Gwf7qlT2T+3jFLbi4Kbz3UeV5I/UfVewSVoRaHEJLBdxMzjzLeekcdo7KgjXX5h1rlGGlefu2ptmzKLyJzMZqzoKInv243A0fvdiZ3pFeyaNcTjHMFuAZZjhDh4DqTg/PGZSAboOEqxF7N7JU4D0culgnYhqYusy6mExYKP,iv:kEPfOn5qhc480InM4O9LCmMslEGNL5oaY9Jo+O6ADUc=,tag:g8aLBem2SMQRlmv54uNZTA==,type:str] - known-hosts: ENC[AES256_GCM,data:Ogz6kn5ARlLOCxvchQR2wUcmLz5gButmBOv+7ZuUW/WBLsxAbyqj3Zs3AK65LhhdrYNUh6p8jMPD2KrNx9F+jjy6LRByyBKzZEryz5JwbcbXyhHyqbBguQcVtImhQhhdB0cYtpqncEsxWZu0xcS3/XYYsq0FR51soP2aW0my77BVkw7hZ8Mdn3602vayPV6I7jQ+GiafJxww6jKkC6rjYue03b/IHjQJM8RcczTKMGLs1LsHdMdsDId81SI77HNpvlLjS4Af2cvfss1QZ2l7s7ZWQ1vBYcHb7mALAaEOybrbe6qKXjWZl4NxVuQ2td9TQZ2d8cj4bLq0XXnOBWS5OnSa8fAC3MNjaQnnlSEa2ByEwIDFCdAEs6VGUrdHuObgXdtXO83kfyYGWc4Z0yfD3HOUc8spau2vHuPXzT9DeRRx5Kv/HQQzrgOdDE+uiASOJm5WE0I02aahQrqdL2mCQC5BFbufegf7ckhgF/7QCQyrFVF4l14ifilvO6A9uYgIJFebLMrBhbTg6Z4h9xbAlMTH6WJGCIKH9C01j31xAINa+TqnLgS+x9B9yHHNzwGqs3LJCMYUJxS02rGJMd3hzUzDHbRTkhqq3/pKxLFfTR3jupnsq3aIuP28K53+XlKzE/FX61bVYhd7f8gHSiu4MyQNVEinOKIG9uoABNxhKOfmJtgfXKSNsOvb4huer3xR7Ee7TqoLG07hi2xGQmOCDLwL1nOeUvuyCIjg640gOxtRMEQ=,iv:waXsceFW+3WkcSyU0CNJlyajICVDUhrwTsLFGu7TJ/A=,tag:nr9Pv30/DKMgBV3mJLlvKw==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:KzAdXHplnYzx,iv:5UMyz1mzhw1bPE26eM4j+yaMO/kLtbLVhzfBbcCCMi4=,tag:xDRfb1m+r5b1DYbBNvVzqQ==,type:str] - si-microservice-password: ENC[AES256_GCM,data:2C1cEQwWEbd6zw7qaA==,iv:XJe2iPRN4fLJWt7d5kgvELjEq/h6eVDARoBBQAB9Hz8=,tag:Nzwwo3x5bnO3Z7HaruuSNg==,type:str] - mail-sender-password: ENC[AES256_GCM,data:IW/O6eBGxJObYec+RUCGn+g=,iv:FJRetFAyJgYIgG3IDzEHXtE6kPJQZ/hdGH9Dw8pxVJ8=,tag:PYK3rV/MlKu8+G5gcBWEkg==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:7WP/8D8jfjJRo7NYYkmdUHNPdON46EeMpksOOw==,iv:8kdM13I9U8KOy+1CKJikDrsHiYm5HW+TD7CDAXlGcSA=,tag:6ws8o8EvrNWicu3scDaXXg==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:gyuOoRvgk3ca/ZLVpBMhGQ==,iv:raDswqsZ8jiubc5PEQhroWK2+JpgQAeiVMUroVua5Vw=,tag:jach1d1HHrxJKisXYfm0lA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:rSmW9gIK+A==,iv:5HE7+aZpz0hRh4jV3dlBi8Y4JwGXen0nmdRsgFDv4W8=,tag:u5e46aZj2aTZ5lPUjjIs3Q==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:L3aW5wHMLA==,iv:jgXbyEkHpVRFLMdLt3/FJWi9uV2qviTqK7c5ipGYueU=,tag:llTj2KBxknvwiyJTqmg0iw==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:erhNuB5VU7DyvZ430So8,iv:rx87Q7sH3/wXbaDmnb2tlN2zc3mKucW4+FEx55MQPIY=,tag:N1z9BQ+c804rB96KiW1aaA==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:9173soI8/osecjonWZ155bG0ylLFERMDjs4aGZGXgjM=,iv:SwSAX/HOca5gaK+nLq/QOSMCD7nj9RayMa1By6GKp7U=,tag:nV+QDyL+nsRogDNRmOQ1/A==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:phSZvfrq,iv:Df6+6SN353iD781dlG4ch8tsxPgjUOwsNiLS25zoy7o=,tag:iYmDMHr29TEiS1Gvo0SENQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:JNg9klH7ZFY=,iv:bPLkQTUFyXOI1cSjM5IxaaWkFVRdvEr+0AyZrfVeCBc=,tag:UZlEn3Kd1Kf2AWw2PYCWgw==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:0PVjPJLu0aTz5zw=,iv:enlfrljM20c5G086pfeW9Kna3LplGH2CgXWe7ctKLTo=,tag:JWCnxMUVXExHs25rseijiw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:UG5JpgMbgplk,iv:+b1QEu2y9btdSSdUGWVMThLADdlhQrioU/AGk6pGmcA=,tag:w22Le6qOFlk0YkCqFDUEhw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:W893GnL9,iv:HnXjj4x10rawvgAaQCMxuQ5ODI/+6KEcWkoWymX5n1c=,tag:fs2XSVQ0iET6+gAS/rvhhw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:LPL+O0YRCdY2X4lA70OdFe871Ro=,iv:PVOjFdf2PB73vWk24X/I1lSnrg5iCKut1LYEJ4ZLA3s=,tag:m4tL59M2mbEPLmkbsN3wIw==,type:str] - clientSecret: ENC[AES256_GCM,data:rSsUotXkvAKPoCupJTO/VXPC8ugdZwd0SihZMqqhBeUuJ0pIKuBXWQ==,iv:Td+ScEFksaRMsU06mt7cDSFGrQ7w121Nvi1W4qFryE0=,tag:GWxqrrlI0nUCSchYKaqHtg==,type:str] - cookieSecret: ENC[AES256_GCM,data:6E/+7kOTwhKpJI1tY675voIm9FRU1sCv,iv:Mma+ILgL3iz6BczjGHggfBwY+FAfPb1ddg5g4L6QNZU=,tag:Sah+SIR18ouotL5XIp3IWA==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:dtCKbd6BqMqT/IRZWD6kkK4mm1s=,iv:a2di3OXB+n+/SEIhiBLjXuN4mLtxysypiSFaETBnTQo=,tag:dJolFzpCMxXgFrvcGyGYDg==,type:str] - secretkey: ENC[AES256_GCM,data:u3xTk0nnk/8iv3JEk6G8GmV37TYpepwmveHboNBzVbhzSaZWikdBlQ==,iv:BfjP4DHCkn7X81noATswh4P9uz2l3aODsw0+oZMjn98=,tag:AI+cCTvMoWuEhTI5Gmf1rw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:NyY=,iv:UznPqViLo2WQtdfjb9x4ZeikfyScgJFuW0IR8oJSBts=,tag:VA7Ylc+Gmy3QBk2z2654BA==,type:str] - route: - receiver: ENC[AES256_GCM,data:G/vKE29k4jXX9u8hbZN+6sYvTA==,iv:2hHgfHr/9ih4mZOHG3sjxU2+deyEel6dMkiJNLnbcao=,tag:JZSeUcbg/yoZs1MUarP1xg==,type:str] - group_by: - - ENC[AES256_GCM,data:CraLvro7H89X,iv:iAXhv8gOhMBGluNfuqA6CQo6Og5LQwGnfK6DpsPmwMk=,tag:0Rebyi1p8tNDh2nQeWToRw==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+hrmiDib+4YaIcMCi0aU5PbXpA==,iv:6KaqrbkbuQTt6s34LaFf7NNSKXt6DYLnwgxTyedfnsg=,tag:izzyOAYsP7Ns2+sS6rrpTg==,type:str] - match: - alertname: ENC[AES256_GCM,data:ajFoZp2FW1s=,iv:naL8WZhGKwwVr/3g88nC3d6AlvdfAZTVbzquP5GrvLo=,tag:aS6NMPlgVRDgYpQWotrwfw==,type:str] - group_wait: ENC[AES256_GCM,data:1JCH,iv:L+6dATlYrACJW3Vic0oRc7gSZj7Cmu0h5Pvdz0fUWpU=,tag:ZVzDZfnmFMb/0lGa06A3gQ==,type:str] - group_interval: ENC[AES256_GCM,data:b8Q=,iv:CMxaAvO9BjR8WvVqUMhsaMpffwEQj272nDccHRdkaCA=,tag:zoh5Ub7y8ZNWV1zKHXersg==,type:str] - repeat_interval: ENC[AES256_GCM,data:SMHx,iv:/WM5JgJkAuZgvDLrktMUYwlbRGq+FbrDp0+uJCtKCZM=,tag:xy1d/IKmTJJK5Y3oeQqyTg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:VmFH+LEN0CEekIpA3rQczzLL3w==,iv:tVu5uKEvsUndkjgI8C8LZlfNQm7NJFYsxhBdzF5xdM4=,tag:2k0EJo4D6hELMvQce/3VpQ==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:4ZSFoA==,iv:I/bhL7gd0kB0GhV7bIPZRHm7NLrrqm1cfWvkC43lA7M=,tag:BMleKyKwseOX/W1cMzTmfA==,type:bool] - api_url: ENC[AES256_GCM,data:7BY//UZi5muUaffbguQ2AQeJBZr61Xz8iKQOJIMxUuKWkQsrxJAQgeN8dmp/f1sLeE0r4FRbb8KgikyYWYkyJLWdS9dDyRQBHBCfgXwxvg==,iv:VtH44cAtiTr9SEMPbVXBh+clnm6wj83uK/WYkkmtF9A=,tag:f4rJTxlzfljA5nFt2j4yeQ==,type:str] - channel: ENC[AES256_GCM,data:Bp2uVjR3+mts3n2Q0RZA3jTnw34hdg==,iv:qrARYPL00Se1AIucwDUuUzebsFe6qNzZLCknFMeiN3I=,tag:SC1iaOiXoBgamMadBhB2Yg==,type:str] - username: ENC[AES256_GCM,data:8K1fRPAXC2fpGJmg,iv:oLYSSjExRffyqkdh/M45+37iNnuz/EtM+RnQ9aLlB48=,tag:ER253WEzvYP5JTKOta0zDg==,type:str] - title: ENC[AES256_GCM,data:1efs7AOKwbb0l4zSJC2BQp+L6Q3IjzZtL/Ot//wY9v9yFLfAwsI=,iv:XKa0VdrGBTgPXh53bFlUgVskw3p68h2cXUI1na4/G3M=,tag:2h/+PA6v9++BJaIU/tGkYw==,type:str] - text: ENC[AES256_GCM,data:GEWec2zG+rhpvTuoxZxMkh7utoBMvXyRa9iyVzCe0KoI1tcfwQ==,iv:XdcHN9B/JLk8U9zUyYE2+gTv10o2pmoJdRdJCd7J8GE=,tag:HxG/XJP8yTE7PWviQn/7KQ==,type:str] - templates: - - ENC[AES256_GCM,data:6xpa2yLfCCWa5eSUqXvVE2di51c+wUZgIcYOoaOjHThoeB5F8P6zUcHWxbfYk29aAZ3BSlu2rZmJXi2JwNmwMR8OVpo13qo=,iv:HF5gpxGunbJvmOF+j5cz3htYxynGzOwygxnDrzlH5qA=,tag:dzSJLwueBI1/8aBmn43wJQ==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/d83c3ae8-20df-418b-b8bb-5bdbe09e0f2c - created_at: "2022-09-28T09:15:01Z" - enc: AQICAHjLLYjluDKjmtCkFrD/SvMSzXz2qfLBk7YXh7tOUNbvYQF1RnX8PgVc0prZ9NSHOFH1AAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM1lUBt9xECYPu3PkYAgEQgDuU5exknrjAYISIHDi4K6OzumQ69QLsToZdR4oVg+qpOd3ZMYVHcIODHtyd9ECpBT/PMQA0aGQhO3AmBg== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-04T06:33:47Z" - mac: ENC[AES256_GCM,data:Ko8voOcQUK4izbBOBvu5h1np82RAsKUr4Y+UugN37p874T5fnnJ0SnIITEYGB0bsWr24yYirnQAnZ7QjvkDjxMdurHr7ewLZ5+chLas/4NzrwY4iqFsJqg2JxTURq3HmR5pCOry34vxTcJSxR3xoDQECOGsrpgVFla1g54QmZsg=,iv:WiJA2s02CyyL7DJQLsnznECDgArWzJhxbEAD5LyqYng=,tag:sX4fE0o4UVI+MhgpL46BeA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-dev.yaml b/deploy-as-code/helm/environments/unified-health-dev.yaml deleted file mode 100644 index 7e5ed04435..0000000000 --- a/deploy-as-code/helm/environments/unified-health-dev.yaml +++ /dev/null @@ -1,779 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: - [ - backbone, - cert-manager, - egov, - es-cluster, - kafka-cluster, - logging, - monitoring, - playground, - zookeeper-cluster, - health, - ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, health ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb?currentSchema=health - domain: 'https://unified-dev.digit.org' ## Add your Domain Name - egov-services-fqdn-name: 'https://unified-dev.digit.org/' ## Add your Domain Name - - egov-state-level-tenant-id: 'pg' - s3-assets-bucket: '(pg-egov-assets|egov-playground-assets)' - es-host: 'elasticsearch-data-v1.es-cluster' - es-indexer-host: 'http://elasticsearch-data-v1.es-cluster:9200/' - flyway-locations: 'filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa' - kafka-brokers: 'release-name-kafka-controller-headless.kafka-kraft:9092' - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: 'DEBUG' - mobile-validation-workaround: 'true' - serializers-timezone-in-ist: 'true' - server-tomcat-max-connections: '500' - server-tomcat-max-threads: '10' - sms-enabled: 'true' - spring-datasource-tomcat-initialSize: '1' - spring-datasource-tomcat-max-active: '2' - spring-jpa-show-sql: 'true' - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: 'true' - egov-bnd-freedownload-tenants: 'pg.testing' - egov-bnd-live-citizen-tenants: 'pg.testing' - - egov-service-host: - namespace: [ monitoring, health] - data: - asset-services: 'http://asset-services:8080/' - asset-services-maha: 'http://asset-services-maha:8080/' - billing-service: 'http://billing-service.egov:8080/' - collection-services: 'http://collection-services.egov:8080/' - collection-masters: 'http://collection-masters:8080/' - collection-search-indexer: 'http://collection-search-indexer:8080/' - citizen-indexer: 'http://citizen-indexer:8080/' - citizen-services: 'http://citizen-services:8080/' - dashboard-analytics: 'http://dashboard-analytics.egov:8080/' - dashboard-ingest: 'http://dashboard-ingest.egov:8080/' - demand-services: 'http://demand-services:8080/' - data-sync-employee: 'http://data-sync-employee:8080/' - egov-common-masters: 'http://egov-common-masters:8080/' - egf-masters: 'http://egf-masters:8080/' - egf-master: 'http://egf-master:8080/' - egf-instrument: 'http://egf-instrument:8080/' - egf-voucher: 'http://egf-voucher:8080/' - egf-bill: 'http://egf-bill:8080/' - egov-enc-service: 'http://egov-enc-service.egov:8080/' - egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' - egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' - egov-user: 'http://egov-user.egov:8080/' - egov-user-egov: 'http://egov-user.egov:8080/' - egov-location: 'http://egov-location.egov:8080/' - egov-filestore: 'http://egov-filestore.egov:8080/' - egov-localization: 'http://egov-localization.egov:8080/' - egov-idgen: 'http://egov-idgen.egov:8080/' - egov-otp: 'http://egov-otp.egov:8080/' - egov-common-workflows: 'http://egov-common-workflows:8080/' - egov-mdms-service: 'http://egov-mdms-service.egov:8080/' - egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' - egov-mdms-create: 'http://egov-mdms-create.egov:8080/' - egov-eis: 'http://egov-eis:8080/' - egov-workflow: 'http://egov-workflow.egov:8080/' - egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' - egov-searcher: 'http://egov-searcher.egov:8080/' - egov-data-uploader: 'http://egov-data-uploader.egov:8080/' - egov-indexer: 'http://egov-indexer.egov:8080/' - egov-hrms: 'http://egov-hrms.egov:8080/' - health-hrms: 'http://health-hrms.health:8080/' - es-client: 'http://elasticsearch-data-v1.es-cluster:9200' - hr-masters: 'http://hr-masters:8080/' - hr-employee: 'http://hr-employee:8080/' - hr-masters-v2: 'http://hr-masters-v2:8080/' - hr-employee-v2: 'http://hr-employee-v2:8080/' - hr-attendance: 'http://hr-attendance:8080/' - hr-leave: 'http://hr-leave:8080/' - hr-employee-movement: 'http://hr-employee-movement:8080/' - inventory-services: 'http://inventory-services:8080/' - lams-services: 'http://lams-services:8080/' - lcms-workflow: 'http://lcms-workflow:8080/' - lcms-services: 'http://lcms-services:8080/' - location: 'http://location:8080/' - performance-assessment: 'http://performance-assessment:8080/' - pt-property: 'http://pt-property:8080/' - pt-workflow: 'http://pt-workflow:8080/' - pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' - pt-calculator: 'http://pt-calculator:8080/' - pt-calculator-v2: 'http://pt-calculator-v2:8080/' - pt-services-v2: 'http://pt-services-v2:8080/' - property-services: 'http://property-services.egov:8080/' - pgr-master: 'http://pgr-master:8080/' - pgr-rest: 'http://pgr-rest:8080/' - pdf-service: 'http://pdf-service.egov:8080/' - report: 'http://report:8080/' - swm-services: 'http://swm-services:8080/' - tenant: 'http://tenant:8080/' - tl-masters: 'http://tl-masters:8080/' - tl-services: 'http://tl-services:8080/' - tl-workflow: 'http://tl-workflow:8080/' - tl-indexer: 'http://tl-indexer:8080/' - tl-calculator: 'http://tl-calculator:8080/' - user-otp: 'http://user-otp:8080/' - firenoc-services: 'http://firenoc-services:8080/' - firenoc-calculator: 'http://firenoc-calculator:8080/' - egov-apportion-service: 'http://egov-apportion-service:8080/' - bpa-services: 'http://bpa-services.egov:8080/' - bpa-calculator: 'http://bpa-calculator.egov:8080/' - rainmaker-pgr: 'http://rainmaker-pgr:8080/' - ws-calculator: 'http://ws-calculator.egov:8080/' - ws-services: 'http://ws-services.egov:8080/' - sw-services: 'http://sw-services.egov:8080/' - sw-calculator: 'http://sw-calculator.egov:8080/' - land-services: 'http://land-services.egov:8080/' - noc-services: 'http://noc-services.egov:8080/' - minio-url: 'https://minio-uat.digit.org/' - egov-user-chatbot: 'http://egov-user-chatbot:8080/' - zuul: 'http://zuul:8080/' - egov-url-shortening: 'http://egov-url-shortening.egov:8080/' - fsm-calculator: 'http://fsm-calculator.egov:8080/' - fsm: 'http://fsm.egov:8080/' - vehicle: 'http://vehicle.egov:8080' - vendor: 'http://vendor.egov:8080' - egov-edcr: 'http://egov-edcr.egov:8080/' - echallan-calculator: 'http://echallan-calculator.egov:8080/' - echallan-services: 'http://echallan-services.egov:8080/' - inbox: 'http://inbox.egov:8080/' - turn-io-adapter: 'http://turn-io-adapter.egov:8080/' - pgr-services: 'http://pgr-services.health:8080/' - birth-death-services: 'http://birth-death-services.egov:8080/' - egov-pdf: 'http://egov-pdf.egov:8080/' - health-registration-service: 'http://health-registration-service:8080/' - health-delivery-service: 'http://health-delivery-service:8080/' - project: 'http://project.egov:8080/' - product: 'http://product.health:8080/' - household: 'http://household.health:8080/' - individual: 'http://individual.egov:8080/' - stock: 'http://stock.health:8080/' - facility: 'http://facility.health:8080/' - service-request: 'http://service-request:8080/' - health-project: 'http://health-project.health:8080/' - health-individual: 'http://health-individual.health:8080/' -employee: - dashboard-url: 'https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))' - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - - -health-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: 'true' - minio.url: 'https://s3.amazonaws.com' - aws.s3.url: 'https://s3.amazonaws.com' - is-s3-enabled: 'true' - minio-enabled: false - allowed-file-formats-map: "{gz:{'application/gzip'},jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: 'jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx' - filestore-url-validity: 3600 - fixed-bucketname: health-egov-assets ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: 'true' - java-args: -Dspring.profiles.active=monitoring - heap: '-Xmx192m -Xms192m' - autocreate-new-seq: 'true' - -egov-notification-sms: - sms-provider-url: 'sms provider url' ## Add sms provider url - sms.provider.class: 'Generic' - sms.provider.contentType: 'application/x-www-form-urlencoded' - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: 'sms provider name' ## Add sms provider name - sms-sender: 'sms sender' ## Add sms sender - sms-sender-requesttype: 'GET' - sms-custom-config: 'true' - sms-extra-req-params: 'mtype=N&DR=Y' - sms-sender-req-param-name: 'sid' - sms-sender-username-req-param-name: 'User' - sms-sender-password-req-param-name: 'passwd' - sms-destination-mobile-req-param-name: 'mobilenumber' - sms-message-req-param-name: 'message' - sms-error-codes: '401,403,404,405,406,407,408,409,410,411,412,413,414' - -egov-user: - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - otp-validation: 'true' - citizen-otp-enabled: 'true' - employee-otp-enabled: 'false' - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: 'false' - roles-state-level: 'true' - citizen-registration-withlogin: 'true' - citizen-otp-fixed: '123456' - citizen-otp-fixed-enabled: 'true' - egov-state-level-tenant-id: 'default' - decryption-abac-enabled: 'false' - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: '+918744960111' - contact-card-whatsapp-name: 'mSeva Punjab' - valuefirst-whatsapp-number: '918744960111' - valuefirst-notification-assigned-templateid: '194781' - valuefirst-notification-resolved-templateid: '194783' - valuefirst-notification-rejected-templateid: '194785' - valuefirst-notification-reassigned-templateid: '194787' - valuefirst-notification-commented-templateid: '194789' - valuefirst-notification-welcome-templateid: '194791' - valuefirst-notification-root-templateid: '194795' - valuefirst-send-message-url: 'https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice' - - user-service-chatbot-citizen-passwrord: '123456' - -inbox: - service-map: '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' - bs-service-map: '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' - #W&S index names - water-es-index: water-services - sewerage-es-index: sewerage-services - -ws-services: - wcid-format: 'WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]' - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: 'true' - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: 'true' - -sw-services: - scid-format: 'SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]' - -egov-pg-service: - axis: true - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: '/work-dir/egov-mdms-data/data' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-mdms' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - mdms-folder: 'health-campaign-mdms' - masters-config-url: 'file:///work-dir/health-campaign-mdms/master-config.json' - java-args: -Dspring.profiles.active=monitoring - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - -egov-indexer: - heap: '-Xmx512m -Xms512m' - memory_limits: '768Mi' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: 'file:///work-dir/health-campaign-config/egov-indexer/error-queue.yml,file:///work-dir/health-campaign-config/egov-indexer/product-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/individual-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/household-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-task-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/stock-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/facility-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/project-staff-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/health-campaign-config/egov-indexer/pgr-services.yml,file:///work-dir/health-campaign-config/egov-indexer/service-request-indexer.yml' - -egov-persister: - replicas: 1 - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: 'file:///work-dir/health-campaign-config/egov-persister/audit-service-persister.yml,file:///work-dir/health-campaign-config/egov-persister/hrms-employee-persister.yml,file:///work-dir/health-campaign-config/egov-persister/product-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-persister.yml,file:///work-dir/health-campaign-config/egov-persister/individual-persister.yml,file:///work-dir/health-campaign-config/egov-persister/household-persister.yml,file:///work-dir/health-campaign-config/egov-persister/project-task-persister.yml,file:///work-dir/health-campaign-config/egov-persister/stock-persister.yml,file:///work-dir/health-campaign-config/egov-persister/facility-persister.yml,file:///work-dir/health-campaign-config/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/health/egov-persister/service-request-persister.yml,file:///work-dir/health-campaign-config/egov-persister/pgr-services-persister.yml,file:///work-dir/health-campaign-config/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - -egov-localization: - replicas: 1 - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: 'file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: 'file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-analytics/*.json' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: 'file:///work-dir/health-campaign-config/egov-dss-dashboards/dashboard-ingest/*.json' - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: '-Xmx750m -Xms750m' - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: 'master-national-dashboard' - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: '-Xmx512m -Xms512m' - tracing-enabled: 'true' - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: 'git@github.com:egovernments/health-campaign-config' ##### Change repo url with Your fork Repo url - branch: 'DEV' ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: 'file:///work-dir/health-campaign-config/reports/reportFileLocationsv1.txt' - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: '-Xmx128m -Xms128m' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: 'https://mohali-qa.egovernments.org/' - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -fsm: - memory_limits: 384Mi - heap: -Xmx384m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: 'egov/nginx' - namespace: egov - cert-issuer: 'letsencrypt-prod' - ssl-protocols: 'TLSv1.2 TLSv1.3' - ssl-ciphers: 'EECDH+CHACHA20:EECDH+AES' - ssl-ecdh-curve: 'X25519:prime256v1:secp521r1:secp384r1' - -cert-manager: - email: 'devops@egovernments.org' ### Add email-id which used by cert-manager for certificates validation. - -zuul: - replicas: 1 - custom-filter-property: 'false' - tracing-enabled: 'true' - memory_limits: 768Mi - heap: '-Xmx512m -Xms512m' - java-debug: 'true' - server-tomcat-max-threads: '350' - server-tomcat-max-connections: '1500' - egov-open-endpoints-whitelist: '/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality' - egov-mixed-mode-endpoints-whitelist: '/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search' - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: 'true' - receipt-search-paginate: 'true' - receipt-search-defaultsize: 30 - user-create-enabled: 'true' - heap: '-Xmx512m -Xms256m' - memory_limits: 768Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: 'https://jalandhar-qa.egovernments.org/' - mohali-erp-host: 'https://mohali-qa.egovernments.org/' - nayagaon-erp-host: 'https://nayagaon-qa.egovernments.org/' - amritsar-erp-host: 'https://amritsar-qa.egovernments.org/' - kharar-erp-host: 'https://kharar-qa.egovernments.org/' - zirakpur-erp-host: 'https://zirakpur-qa.egovernments.org/' - -finance-collections-voucher-consumer: - erp-env-name: 'qa' - erp-domain-name: 'egovernments.org' - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - - -health-project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -health-individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: 'true' - notification-email-enabled: 'false' - new-complaint-enabled: 'true' - reassign-complaint-enabled: 'true' - reopen-complaint-enabled: 'true' - comment-by-employee-notif-enabled: 'false' - notification-allowed-status: 'open,assigned,rejected,resolved' - -pgr-services: - namespace: health - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -property-services: - replicas: 1 - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - egov-idgen-ack-format: 'PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]' - egov-idgen-ptid-format: 'PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]' - egov-idgen-mutation-format: 'PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]' - egov-idgen-assm-format: 'PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]' - property-userevents-pay-link: 'digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId' - property-decryption-abac-enabled: 'true' - -pt-services-v2: - pt-userevents-pay-link: '/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId' - -pt-calculator-v2: - logging-level: 'DEBUG' - -tl-services: - heap: '-Xmx128m -Xms64m' - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: 'APP-[SEQ_EG_TL_APL]' - tl-license-num-format: 'MP-LEP-[SEQ_EG_PT_LN]' - tl-userevents-pay-link: 'citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId' - tl-payment-topic-name: 'egov.collection.payment-create' - host-link: 'https://egov-demo.egovernments.org/citizen/' - pdf-link: 'https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}' - tl-search-default-limit: '100' - -egov-workflow-v2: - logging-level: 'DEBUG' - java-args: -Dspring.profiles.active=monitoring - heap: '-Xmx192m -Xms192m' - memory_limits: 512Mi - workflow-statelevel: 'false' - host-link: 'https://egov-demo.egovernments.org/citizen/' - pdf-link: '/download/epass?tenantId={TENANTID}&ids={UUID}' - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - -health-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - -egov-weekly-impact-notifier: - mail-to-address: 'lata.naik@egovernments.org' - - mail-interval-in-secs: '604800' - schedule: '30 07 * * *' - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: 'egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1' - zookeeper-connect: 'zookeeper-v2.zookeeper-cluster:2181' - kafka-brokers: 'kafka-v2.kafka-cluster:9092' - -logging-config: - es-host: 'elasticsearch-client-v1.es-cluster' - es-port: '9200' - -jaeger: - host: 'jaeger-agent.monitoring' - port: '6831' - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: 'egov-services-logs' - egov-infra-log-topic: 'egov-infra-logs' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - state-level-tenant-id: 'pb' - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: '5.4.1' - persistence: - enabled: true - aws: - - volumeId: 'vol-005465716b9ca6a9e' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-03252f4474ddb7300' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-0945c7000265a6390' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: 'zookeeper-v2.zookeeper-cluster:2181/kafka-v2' - - heapOptions: '-Xms704M -Xmx704M' - memory_limits: 1408Mi - lingerMs: '250' - numberPartitions: '3' - replicationFactor: '2' - minInsyncReplicas: '1' - offsetsReplicationFactor: '3' - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: '5.4.1' - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: '5.4.1' - persistence: - enabled: true - aws: - - volumeId: 'vol-04ab05c5b41096c6a' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-0f7e8dcf98e087983' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-08a42f187f978e5f7' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: '-Xms256M -Xmx256M' - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: 'vol-093ea5986f5b46a71' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-046900000f8ffe60d' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-0a718b7e384a2870c' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: '-Xmx550m -Xms550m' - resources: - requests: - memory: '1Gi' - limits: - memory: '1Gi' - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: 'vol-0dfb25024c9e8f35e' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-0a83e7431f2d5a2c2' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: 'vol-03f793c66e07e9111' ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: '-Xmx448m -Xms448m' - resources: - requests: - memory: '896Mi' - limits: - memory: '896Mi' - -pgadmin: - dbUrl: 'unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com' - port: '5432' - environment: 'unified-dev' - maintenance-db-name: 'unifieddevdb' - db-admin-username: 'unifieddev' - db-read-username: 'dev_readonly' - -es-curator: - schedule: '45 18 * * *' - images: - - bobrik/curator:5.6.0 - es-host: 'elasticsearch-client-v1.es-cluster' - logs-cleanup-enabled: 'true' - jaeger-cleanup-enabled: 'true' - logs-to-retain: '7' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml deleted file mode 100644 index 73d127b9fe..0000000000 --- a/deploy-as-code/helm/environments/unified-health-qa-secrets.yaml +++ /dev/null @@ -1,71 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] - password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] - flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] - flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] - password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:RP1P19XQ93Gymb0yVp9HeX4+Ab0=,iv:afS7ffocVZvxU3WT+lQLCzvOq1o6Q2Z8kEPMdHYLwSU=,tag:1w1HfvnUxRw1ds06OIOwbA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:DnnmNC2wUDaOeDqiTQN6A+cNAZWi1tFgs9qyElqTZfTTpvDqBprRlw==,iv:5w/IYvtrpZFEWbS+zwuLFJuLt/nHAG7mgxvWTXBxmzU=,tag:00SXlRkwvCRbLVkYJOzv2w==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] - admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] - read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] - read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] - master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] - known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:U9rsNwn20caZ4MhndJ/haTpwo5w=,iv:8yE09RZIhs2KnB5Tn/jP58iyoZbfwU8X6YQ8KjbhoaQ=,tag:MeSM0Db73C46BsozPJfu7g==,type:str] - clientSecret: ENC[AES256_GCM,data:nd+UHk6I4gsyCLzbcNbo63QT7+FUZEtIBXOXA9zXUXIJxy9eYxjfhw==,iv:X+LW8tHbGGl9w76OSJeuCuA0b6XqIuntOWU9qSaUEBc=,tag:BrKbVr8cMEN7SWx0Nbhsig==,type:str] - cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-09-26T16:11:43Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-11-23T11:38:39Z" - mac: ENC[AES256_GCM,data:hJlk0W6G8nRQ2B9ruxhkkBMZROPihskQX5lW2otprG0+Ad1THVqTlYycVCc6UvFINrlkeNT4htwbBpIUiT7u28AtGB0BCPLjsb+wmlP936GfSUWJUpD3s2dAqgKKOXeCovweW0Ah4ExwPX1nMwOkXE5EgaPQ34Ag2/L1zn270Sg=,iv:LDhwwooegSCzgjOH71qf4hd8G5HNf6wNlWcsA3wsFRw=,tag:1d2VI+trqgibQK8r8pvpiA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-qa.yaml b/deploy-as-code/helm/environments/unified-health-qa.yaml deleted file mode 100644 index bc2d16e9ee..0000000000 --- a/deploy-as-code/helm/environments/unified-health-qa.yaml +++ /dev/null @@ -1,747 +0,0 @@ -global: - domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, health ] - data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb?currentSchema=health - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - state-level-tenant-id: "pg" - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-upgrade" - es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, health ] - data: - asset-services: 'http://asset-services:8080/' - asset-services-maha: 'http://asset-services-maha:8080/' - billing-service: 'http://billing-service.egov:8080/' - collection-services: 'http://collection-services.egov:8080/' - collection-masters: 'http://collection-masters:8080/' - collection-search-indexer: 'http://collection-search-indexer:8080/' - citizen-indexer: 'http://citizen-indexer:8080/' - citizen-services: 'http://citizen-services:8080/' - dashboard-analytics: 'http://dashboard-analytics.egov:8080/' - dashboard-ingest: 'http://dashboard-ingest.egov:8080/' - demand-services: 'http://demand-services:8080/' - data-sync-employee: 'http://data-sync-employee:8080/' - egov-common-masters: 'http://egov-common-masters:8080/' - egf-masters: 'http://egf-masters:8080/' - egf-master: 'http://egf-master:8080/' - egf-instrument: 'http://egf-instrument:8080/' - egf-voucher: 'http://egf-voucher:8080/' - egf-bill: 'http://egf-bill:8080/' - egov-enc-service: 'http://egov-enc-service.egov:8080/' - egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' - egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' - egov-user: 'http://egov-user.egov:8080/' - egov-user-egov: 'http://egov-user.egov:8080/' - egov-location: 'http://egov-location.egov:8080/' - egov-filestore: 'http://egov-filestore.egov:8080/' - egov-localization: 'http://egov-localization.egov:8080/' - egov-idgen: 'http://egov-idgen.egov:8080/' - mdms-service-v2: http://mdms-v2.egov:8080/ - egov-otp: 'http://egov-otp.egov:8080/' - egov-common-workflows: 'http://egov-common-workflows:8080/' - egov-mdms-service: 'http://egov-mdms-service.egov:8080/' - egov-mdms-service-test: 'http://egov-mdms-service-test.egov:8080/' - egov-mdms-create: 'http://egov-mdms-create.egov:8080/' - egov-eis: 'http://egov-eis:8080/' - egov-workflow: 'http://egov-workflow.egov:8080/' - egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' - egov-searcher: 'http://egov-searcher.egov:8080/' - egov-data-uploader: 'http://egov-data-uploader.egov:8080/' - egov-indexer: 'http://egov-indexer.egov:8080/' - egov-hrms: 'http://egov-hrms.egov:8080/' - es-client: 'http://elasticsearch-data-v1.es-cluster:9200' - hr-masters: 'http://hr-masters:8080/' - hr-employee: 'http://hr-employee:8080/' - hr-masters-v2: 'http://hr-masters-v2:8080/' - hr-employee-v2: 'http://hr-employee-v2:8080/' - hr-attendance: 'http://hr-attendance:8080/' - hr-leave: 'http://hr-leave:8080/' - hr-employee-movement: 'http://hr-employee-movement:8080/' - inventory-services: 'http://inventory-services:8080/' - lams-services: 'http://lams-services:8080/' - lcms-workflow: 'http://lcms-workflow:8080/' - lcms-services: 'http://lcms-services:8080/' - location: 'http://location:8080/' - performance-assessment: 'http://performance-assessment:8080/' - pt-property: 'http://pt-property:8080/' - pt-workflow: 'http://pt-workflow:8080/' - pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' - pt-calculator: 'http://pt-calculator:8080/' - pt-calculator-v2: 'http://pt-calculator-v2:8080/' - pt-services-v2: 'http://pt-services-v2:8080/' - property-services: 'http://property-services.egov:8080/' - pgr-master: 'http://pgr-master:8080/' - pgr-rest: 'http://pgr-rest:8080/' - pdf-service: 'http://pdf-service.egov:8080/' - report: 'http://report:8080/' - swm-services: 'http://swm-services:8080/' - tenant: 'http://tenant:8080/' - tl-masters: 'http://tl-masters:8080/' - tl-services: 'http://tl-services:8080/' - tl-workflow: 'http://tl-workflow:8080/' - tl-indexer: 'http://tl-indexer:8080/' - tl-calculator: 'http://tl-calculator:8080/' - user-otp: 'http://user-otp:8080/' - firenoc-services: 'http://firenoc-services:8080/' - firenoc-calculator: 'http://firenoc-calculator:8080/' - egov-apportion-service: 'http://egov-apportion-service:8080/' - bpa-services: 'http://bpa-services.egov:8080/' - bpa-calculator: 'http://bpa-calculator.egov:8080/' - rainmaker-pgr: 'http://rainmaker-pgr:8080/' - ws-calculator: 'http://ws-calculator.egov:8080/' - ws-services: 'http://ws-services.egov:8080/' - sw-services: 'http://sw-services.egov:8080/' - sw-calculator: 'http://sw-calculator.egov:8080/' - land-services: 'http://land-services.egov:8080/' - noc-services: 'http://noc-services.egov:8080/' - minio-url: 'https://minio-uat.digit.org/' - egov-user-chatbot: 'http://egov-user-chatbot:8080/' - zuul: 'http://zuul:8080/' - egov-url-shortening: 'http://egov-url-shortening.egov:8080/' - fsm-calculator: 'http://fsm-calculator.egov:8080/' - fsm: 'http://fsm.egov:8080/' - vehicle: 'http://vehicle.egov:8080' - vendor: 'http://vendor.egov:8080' - egov-edcr: 'http://egov-edcr.egov:8080/' - echallan-calculator: 'http://echallan-calculator.egov:8080/' - echallan-services: 'http://echallan-services.egov:8080/' - inbox: 'http://inbox.egov:8080/' - turn-io-adapter: 'http://turn-io-adapter.egov:8080/' - pgr-services: 'http://pgr-services.health:8080/' - birth-death-services: 'http://birth-death-services.egov:8080/' - egov-pdf: 'http://egov-pdf.egov:8080/' - health-registration-service: 'http://health-registration-service:8080/' - health-delivery-service: 'http://health-delivery-service:8080/' - project: 'http://project.egov:8080/' - product: 'http://product.health:8080/' - household: 'http://household.health:8080/' - individual: 'http://individual.egov:8080/' - stock: 'http://stock.health:8080/' - facility: 'http://facility.health:8080/' - service-request: 'http://service-request:8080/' - health-project: 'http://health-project.health:8080/' - health-individual: 'http://health-individual.health:8080/' -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -health-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-uat-filestore ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -health-project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -health-individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -pgr-services: - namespace: health - memory_limits: 512Mi - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml deleted file mode 100644 index 8715691a2e..0000000000 --- a/deploy-as-code/helm/environments/unified-health-uat-secrets.yaml +++ /dev/null @@ -1,123 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] - password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] - flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] - flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] - password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:8Qr2Fix+3UTvwxEzDrCf520imDA=,iv:CDO8Me7LN0IrdPkNFIoo9Ya1KgZ0qlshNeXAlCKg4Cc=,tag:RSaBvf+gDQkNVCUR3BWUXw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:LGi2v6jRQXYv8J7QivOL6FZFnoDaySbaJ+OJiU+KYxvoTWaEA+wPBQ==,iv:j4aWvYeDN3I7RsGC+GqAP3JZCLnM5kQPzT6vU9ICxZM=,tag:QDohLQ/JE1gnEV6+v0IBdA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] - admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] - read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] - read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] - master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] - master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] - known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] - credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] - clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] - cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] - hcm-moz-impl: - kubeconfig: ENC[AES256_GCM,data:nBw8gysBSfcxHtVSOgAa+F0Luy3vuwvZSJ5X6ID7yDGoPxsQt3iXL8C+H4zAW83pEw5CX/1cEElQ1wcXJC86nLofwC81ZttavCOhM89yag12AY2ZTcQlAbArQ99+png1tZI3VcJa5a3uGwiSRmU9PFsH5+miXmTNaVdorlVekW/8E2RSvKd1H5VAQ8WOQMTJoSMCdhK7LRB8pF9d4BdXbbrlC+tKOb+aMlzpGbPDBKlAjQ2Fapv+0SBzWnmRnlWmcrX0/VSvEPpx1G9evKpTDNR8Xo4gaR/PzGn9NNzpQNxPQOGPsphAioQ3lESNrRjYN8ErCl4nOR1SVazE+PMwGC8GzysCEl0ep7oKbqZnumbHbInoc+6Tsjot/KXG5ByZGLRx9/7+o84t8mMccdCeSGQiqqnbI8VCmfWVCjzNG2ND4KpF5fBo1eA2DaEI97XBY0/wZiKQEtPmfkpLwb6tbZ/f5AkAUT3wi1sIwi3MqpS0PbBIMia7OONdEw37MNmAn65yitz1Y8x4+6PeUo2j0kCXhThyfz8SSDOQquF9QxrhaSJTBHqDGD2WXe9LEg9YjUwoGFMRtc8ZWRS8Y33S4wwmlzZzxiKCaj/R50IyITrLqUow18bgrZxq1lY2Tb2ygWbGa0ix+XKFqCUBIOO7cwN66GyeLxFwnqjsnu2uHXioY42HHLIlbaMWtU1FGAcltAzDKQBLn2DGCg4BQXh9ycMijurO0MAlpibI4eDjb98agyisSrGEfSUH2k7fGls3v5uhJJOve/dL0oHkUi2LqnN8xwkRz5GtZJUIbJQCjIyKt5/YcGeMgYXSHXQxo+TpngVi27eouZd9J20IF7kn0cc8FHDgX9MmIH91BQ3UmTUogy3QfQHT3PKjMk2z/8/DtgOB3DUjJp1gsQivNeEoufgzXcaxXz3uyKCnzIyR8SIRbvY9U5uspLQJWjQcbHkvi2vSxLE64rsHI6OLH9OBMKAVluIxLMRrQXX2tzJG0c/Y9g+QxiSNVn7cIWzbdOlJsDz6qfD2HBZyfW6jjtymD/1NX7eCbnTw+iyDzFqZ/tKnnaj1vGak62/XGRwT0jrBt8td7N1Ebj/xMmLsd66nuSfF9TZXXVa3gWhqx9xQrXo5hLStQvNQt5UlvOZBhArVdp2gZ2hHNH2azSgLSf9HegZmLfil5H0Mt1uqqV/eZYo1PkgClNalzv/Bq/RO0ig53aIv6ko3xYUYZjhttYPxZ6q33KzDTJJG+2tC7h+XeMDfNKmb5MsuNA4b2znXAuz6g5DT0qgPVL6BnrR8ZER8C6FD0oA+xhc3faWlS4JkQIMtfXme2OQhG1rq2hSMzfG1kUfhFrtZjiyP0hRx47GEZbWeCOiFVRdjOQYq/+KxReSzxKAOEY6HEVwunxIA4Xe+bLXTs3VMJOdg9nPQBy0qwNVThtb5r01sghmDObPZnXRNbGUU5qi37dVHPy3iQSrL05Nwj2KOClRo54n9NbIB62bqvi51Gep+6qeL/KMo90XRQcWZgn/oZibZNovK8xmCvZ+QFeTJa8H+AdjaBeJWxc8DfLdGY0gHwFnZUrrBJv4YdLVnpXrbwbWaOrIDJ9ktej4v9ae/r2QS/4xzLryYK4gw6bp6A7uKGBeytYDfY8G3xK8jB50AD2sIBBPRpf/BwsORJGCHQCRGHfHXsKI3V6RF1Pi+7WDBndKQQMmyurfpsPY2rgLftTqc++39CjjGqt/kQ9ntgA//xl1ahdIxqCeMkFfsI+gxCXXN+Jdm7Ynu509wi9bb8R//G3UIReLkJkJv5xtl6DBLLLXzYdvBAR8Q6UHxihLX0yugxonXuFu0iED/OukAt6etmjgpITVidBwdo3FqC6mByk7BXk4QgKrulKnJKMqiIQt6ry920uOldiHzqeHJpdo+VbzSrUrKOonr+iWC+szl7gaWt7kz+7U0nxcwkZQXwAg1gTl2NG1ptaPyaeEFCT7eprmHgDKfiK0P8bI6gykZUo837zCHGttsHHWQC29pQdtHBIUW0NYwyIVkptswriA2t3Q78PSgjoWV8fN0dDO34CXdRJEfvBZqy0rp1Kyk6vesNg6kdi9xrAIm4B8yWs7DLxTcl4wRvdZziYB+0F1QzJ7fiqzbfVYgSy7VYcweGSskqJYYrfdphDQY6Dfqr6MUjNqvMKw3looNXZ0JuWq1Qbr/sUdZV3nVOVeKfZFweDK4Ft3mYBwk7Oh8UVPeE1NHOjxnFIGRLS9Hb1IFyqk4zwZ0IcF17PfDZquY9ar+TjKbwS3P7tCsJ73Qx6O1RUgUPhUJDOUbxn/uC0X69jzyzK/FpXVBKGnDZ71kMQlomhvbOTXP+e3pa8lsXfoKk/boghGw026tRHXtxANQsUvg43/TiKjDd71tfmm8k0/wvrN4gg7mA4m9wSzHgxRORWC0Ekda1esV9WkrCvgVd+hUBcO5QUr0d6GZHKjESI2oJnSZDT4ItbVVKplAaWpA6p2OPph7MYggntTYssQz4lP2JM8LPoZ3FBDaWtE0ti9FDV9WbaWPQshF1H0fvXVrLBshP5JMBNY7V9dlSAuJn9b5EP9I1YCqvUnCGJKTJlcCBtAggMk6ayxeU8hfhlI7qhCDfwzlcVbSysdvPwdWcJQY9IJJhMztDY4F0sJBoGA7Dbh5MPIF0YmuHVRTGy1M9rWM0dWBBUXjEJWb9uCrLYjltitKVW2E8+g+EPoY6Q2N+XEIKk+bd6fJToiJLVh9jKdAe9Sq9Qn1NySt3H61e2fgQn9fdbvPtZLYvDXBOjCdUcC1uL1MQUqW3vCgA7mvUSeRcDbEMaPBprOEYKy4+wJGIanpXDs/cqilo7My6yJZY1KXkyLFpXyB55L+2SWAf/MfxBVzOrQeh58tlqhHCyrAn22lUCRaGamklDRL7ygWxz41M4Juee+tZh7bSs8l1m6WQRmqtZRVRUAiKD1o60DWOYynIOfijSnzGBA68KxpHOhwR04c7aVoLKUqZfUn5+quImqsWonqFbS17oDet/4JVVoEsXOlTkLSyBJt6uur7DgEvhlmRcT4DcjeOCNfg6fjmoVa9+tiHEvFHhnuFMdtCdZHhv+vOHaPvxQeU2eNgFJmUtD/18NhXUbKWUH2mrA+brpWDLJBwFbERWQS8GD8tAFisRiryBuT9aIV3HHel6ficKLYdm4vVgHCo1h5C8eseubTfFWshj9BRty+VBB98u5eOVmYv/iiAdESzQu377VYqX8T3xe6aofPAmprLmeEElwoWUpZAwX+fhTfGozlpKndJCtgNxgVUe3eTTjZlhyywGabHn01V1ZbHaTR7QpBQKWPX8FVyaZfx56THB7n5fdnh8artPuDT20GBxrYejfcQUg6svDJ+MP+VoNZV6zDXxsiqCpeN7I0MAwow3gDAe1bPJWqcG93EyutoFnipbrv9IIAUv8XR6WQEosXy/ZyK+8kzyae57ugH8gkGo5eUaXTjlfXMWnd5FOGPukn4ADBzT9kheTJyXmgJwXZDbqMl/e719gM6sKflc6jlP/z1IVVwEM2m4jQE/+Tg1phEJSLJI6zJ4SzoFK9xdDlakgo9yP63/RPejFHryeVJJVajHVXfEZw4agaZVolLOhg30QXKms+J6GBzDUKBaO3ehuphU1yC8L8FBYIp3SB6VwgA9gjLZQ6qvczdSsebZgAx2Yw1shovsDnB3jksMRGVa0zEDGOCdLwOnNhOpJ/4ihb9UfoS1h+mY5HU67kNHPL7Uvr9zYAgjLEaTfh/qvVHrVohZSj9cxAa5NHFKphYZ3hKTCNpNZ0cEVrl6wI6oHzcLK2yxZcnIe2hCOfVIpFmoB9D75axF3a9lstQWy8aoiMwPvwOGpVokcOmJZUXyUuzMklAQ5qd24c8FyTzL1zaxAnYnmhSUE19fAqZV44WeIojTcpFrFEG8nf1tXzUvy1KZibIA/UvXK41rr07FeD4TSgYhUIRT8sy/L28+WNqZe74ZrNcJfhwYAUXLZyPojS,iv:hZ/WYNkgLj17HrACE7irq7vFze1Z99bS/D4Gax2FhQE=,tag:Wk4LwC6bcor1BZRNU5wZOA==,type:str] - githubusername: ENC[AES256_GCM,data:6elpmrWFJ+XRHvI=,iv:LKy7cITD+enV9FoLGpi1aOo1T1yc8HKrT8GQiy38+a0=,tag:e1DdQDlEQRwtyU6fNetcpg==,type:str] - githubpat: ENC[AES256_GCM,data:vTv7K9zqWteNuLxO113ov4btfY7xahqSyIVKhTa+YEZCK+D97G4WmZ9r1nOlkYCyd209odfGuyx96z8pwuGMz9RTnba5W6ToiaRs7n7DridkuCbvTYfqJ8tLg+RQ,iv:dOygd+QjLImMKuecK4cXAowzUmGSc4lsZ/3erE1eBv0=,tag:MA6LKcIEaqQRNP92KufepQ==,type:str] - dhis2user: ENC[AES256_GCM,data:JodZLOU=,iv:5b9QSaojlc3P7TGXq/kS7T+WyAWx2NdVz8I7MS57FAM=,tag:83O+P8+9Xz+8CpvB4IuYDw==,type:str] - dhis2pass: ENC[AES256_GCM,data:MHHsqW3AXoA=,iv:+tsavoR/G7BGBWcE99zulaFw8y6YXYg33BCX2B6X4yg=,tag:v5rW4utuMVRT6w6nJmn+jg==,type:str] - awskey: ENC[AES256_GCM,data:nsHGnr4nD8AQvjj466T9y72/qZo=,iv:b42Hw6M3TqMV4O5/teLWZqXbLuqIPtogEwxMuefOqQY=,tag:BoZyY/yMqQXnXMc+5m/3pQ==,type:str] - awssecretkey: ENC[AES256_GCM,data:Ra2F9b9NBKdCBudwxF2eMJXaHvhw0qiWJwxyvdwaBBtlzNwgPW6AaA==,iv:u8KbQkc9d+xlXCyqQyWjDlxYoD2I5pcrqyWRD90cdz0=,tag:Sst6smerbo3xVQf9FSdafA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] - route: - receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] - group_by: - - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] - match: - alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] - group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] - group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] - repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] - api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] - channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] - username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] - title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] - text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] - templates: - - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-10-09T10:33:39Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-05T08:42:12Z" - mac: ENC[AES256_GCM,data:52Ocui6/y0dHSXAdjfWFCWrjOVq8g2y/iQMPtaZcQSwTD10/Tm1/WSLZpVV1qoc7lUzDkj155gwCjyc0JGWLg8kpo/EJZLOIRLFuPnjHBqhGBTESq4mwnTHaoMGu0X0ntL7rKAgengeVx7uDeenoJvnjO3kN2ATj1HwQG6sqoEU=,iv:Dfucie575zm+3C9HIpv+2FbUgVRfA0NVe066PgEEKa4=,tag:KOKP/v0vYHObaB8BgnQ5Ug==,type:str] - pgp: - - created_at: "2023-10-09T10:33:39Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB - ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W - Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 - 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj - W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle - ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 - MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL - nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== - =gDUX - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-health-uat.yaml b/deploy-as-code/helm/environments/unified-health-uat.yaml deleted file mode 100644 index 53ea7da224..0000000000 --- a/deploy-as-code/helm/environments/unified-health-uat.yaml +++ /dev/null @@ -1,764 +0,0 @@ -global: - domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, health ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, health ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - health-db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - aws-cluster-ip: https://9F8FAAF2C4C747668E77131BAB0AF787.gr7.ap-south-1.eks.amazonaws.com │ - aws-cluster-name: arn:aws:eks:ap-south-1:349271159511:cluster/unified-uat │ - aws-region: ap-south-1 - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, health ] - data: - asset-services: 'http://asset-services:8080/' - asset-services-maha: 'http://asset-services-maha:8080/' - billing-service: 'http://billing-service.egov:8080/' - collection-services: 'http://collection-services.egov:8080/' - collection-masters: 'http://collection-masters:8080/' - collection-search-indexer: 'http://collection-search-indexer:8080/' - citizen-indexer: 'http://citizen-indexer:8080/' - citizen-services: 'http://citizen-services:8080/' - dashboard-analytics: 'http://dashboard-analytics.egov:8080/' - dashboard-ingest: 'http://dashboard-ingest.egov:8080/' - demand-services: 'http://demand-services:8080/' - data-sync-employee: 'http://data-sync-employee:8080/' - egov-common-masters: 'http://egov-common-masters:8080/' - egf-masters: 'http://egf-masters:8080/' - egf-master: 'http://egf-master:8080/' - egf-instrument: 'http://egf-instrument:8080/' - egf-voucher: 'http://egf-voucher:8080/' - egf-bill: 'http://egf-bill:8080/' - egov-enc-service: 'http://egov-enc-service.egov:8080/' - egf-voucher-workflow: 'http://egf-voucher-workflow:8080/' - egov-accesscontrol: 'http://egov-accesscontrol.egov:8080/' - egov-user: 'http://egov-user.egov:8080/' - egov-user-egov: 'http://egov-user.egov:8080/' - egov-location: 'http://egov-location.egov:8080/' - egov-filestore: 'http://egov-filestore.egov:8080/' - hcm-moz-impl: "http://hcm-moz-impl.health:8080/" - hcm-bff: "http://hcm-bff.health:8080/" - egov-localization: 'http://egov-localization.egov:8080/' - egov-idgen: 'http://egov-idgen.egov:8080/' - egov-otp: 'http://egov-otp.egov:8080/' - egov-common-workflows: 'http://egov-common-workflows:8080/' - egov-mdms-service: "http://health-mdms-v2.health:8080/" - egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test.egov:8080/" - egov-mdms-create: "http://egov-mdms-create.health:8080/" - egov-eis: 'http://egov-eis:8080/' - egov-workflow: 'http://egov-workflow.egov:8080/' - egov-workflow-v2: 'http://egov-workflow-v2.egov:8080/' - egov-searcher: 'http://egov-searcher.egov:8080/' - egov-data-uploader: 'http://egov-data-uploader.egov:8080/' - egov-indexer: 'http://egov-indexer.egov:8080/' - egov-hrms: 'http://egov-hrms.egov:8080/' - health-hrms: 'http://health-hrms.health:8080/' - es-client: 'http://elasticsearch-data-v1.es-cluster:9200' - hr-masters: 'http://hr-masters:8080/' - hr-employee: 'http://hr-employee:8080/' - hr-masters-v2: 'http://hr-masters-v2:8080/' - hr-employee-v2: 'http://hr-employee-v2:8080/' - hr-attendance: 'http://hr-attendance:8080/' - hr-leave: 'http://hr-leave:8080/' - hr-employee-movement: 'http://hr-employee-movement:8080/' - inventory-services: 'http://inventory-services:8080/' - lams-services: 'http://lams-services:8080/' - lcms-workflow: 'http://lcms-workflow:8080/' - lcms-services: 'http://lcms-services:8080/' - location: 'http://location:8080/' - performance-assessment: 'http://performance-assessment:8080/' - pt-property: 'http://pt-property:8080/' - pt-workflow: 'http://pt-workflow:8080/' - pt-tax-enrichment: 'http://pt-tax-enrichment:8080/' - pt-calculator: 'http://pt-calculator:8080/' - pt-calculator-v2: 'http://pt-calculator-v2:8080/' - pt-services-v2: 'http://pt-services-v2:8080/' - property-services: 'http://property-services.egov:8080/' - pgr-master: 'http://pgr-master:8080/' - pgr-rest: 'http://pgr-rest:8080/' - pdf-service: 'http://pdf-service.egov:8080/' - report: 'http://report:8080/' - swm-services: 'http://swm-services:8080/' - tenant: 'http://tenant:8080/' - tl-masters: 'http://tl-masters:8080/' - tl-services: 'http://tl-services:8080/' - tl-workflow: 'http://tl-workflow:8080/' - tl-indexer: 'http://tl-indexer:8080/' - tl-calculator: 'http://tl-calculator:8080/' - user-otp: 'http://user-otp:8080/' - firenoc-services: 'http://firenoc-services:8080/' - firenoc-calculator: 'http://firenoc-calculator:8080/' - egov-apportion-service: 'http://egov-apportion-service:8080/' - bpa-services: 'http://bpa-services.egov:8080/' - bpa-calculator: 'http://bpa-calculator.egov:8080/' - rainmaker-pgr: 'http://rainmaker-pgr:8080/' - ws-calculator: 'http://ws-calculator.egov:8080/' - ws-services: 'http://ws-services.egov:8080/' - sw-services: 'http://sw-services.egov:8080/' - sw-calculator: 'http://sw-calculator.egov:8080/' - land-services: 'http://land-services.egov:8080/' - noc-services: 'http://noc-services.egov:8080/' - minio-url: 'https://minio-uat.digit.org/' - egov-user-chatbot: 'http://egov-user-chatbot:8080/' - zuul: 'http://zuul:8080/' - egov-url-shortening: 'http://egov-url-shortening.egov:8080/' - fsm-calculator: 'http://fsm-calculator.egov:8080/' - fsm: 'http://fsm.egov:8080/' - vehicle: 'http://vehicle.egov:8080' - vendor: 'http://vendor.egov:8080' - egov-edcr: 'http://egov-edcr.egov:8080/' - echallan-calculator: 'http://echallan-calculator.egov:8080/' - echallan-services: 'http://echallan-services.egov:8080/' - inbox: 'http://inbox.egov:8080/' - turn-io-adapter: 'http://turn-io-adapter.egov:8080/' - pgr-services: 'http://pgr-services.health:8080/' - birth-death-services: 'http://birth-death-services.egov:8080/' - egov-pdf: 'http://egov-pdf.egov:8080/' - health-registration-service: 'http://health-registration-service:8080/' - health-delivery-service: 'http://health-delivery-service:8080/' - project: 'http://project.egov:8080/' - product: 'http://product.health:8080/' - household: 'http://household.health:8080/' - individual: 'http://individual.egov:8080/' - stock: 'http://stock.health:8080/' - facility: 'http://facility.health:8080/' - service-request: 'http://service-request:8080/' -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - s -health-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -health-mdms-v2: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "mz" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -health-mdms-v1: - replicas: 1 - memory_limits: "512Mi" - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-mdms-create: - heap: "-Xmx256m -Xms256m" - replicas: 1 - images: - - egovio/egov-mdms-create - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - git-repo-path: "file:///work-dir/egov-mdms-data/" - egov-repo-branch: "UNIFIED-UAT" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/health/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - replicas: 1 - memory_limits: 512Mi - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - -health-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: 'https://egov-demo.egovernments.org/employee/user/login' - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - mdmsHost: "egov-mdms-service" - mdmsSearchPath: "/egov-mdms-service/v1/_search" - mdmsLegacyHost: "egov-mdms-service-legacy" - mdmsLegacySearchPath: "egov-mdms-service-legacy/v1/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -hcm-moz-impl: - replicas: 1 - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" - # startDate: "28/08/2023" - # endDate: "22/09/2023" - # resources: - # requests: - # memory: "2Gi" - # limits: - # memory: "2Gi" diff --git a/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml deleted file mode 100644 index 54074ddad7..0000000000 --- a/deploy-as-code/helm/environments/unified-ifix-dev-secrets.yaml +++ /dev/null @@ -1,122 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] - password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] - flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] - flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] - password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] - account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] - admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] - read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] - read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] - master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] - master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] - known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] - si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] - clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] - secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] - route: - receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] - group_by: - - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] - match: - alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] - group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] - group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] - repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] - api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] - channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] - username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] - title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] - text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] - templates: - - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-04-11T06:12:24Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== - gcp_kms: [] - lastmodified: '2023-09-27T06:18:14Z' - mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] - pgp: - - created_at: '2023-04-11T06:12:24Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 - L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo - HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 - vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 - HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd - 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc - kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 - 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE - igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L - MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ - LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== - =NBp6 - -----END PGP MESSAGE----- - fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-ifix-dev.yaml b/deploy-as-code/helm/environments/unified-ifix-dev.yaml deleted file mode 100644 index 42969238e7..0000000000 --- a/deploy-as-code/helm/environments/unified-ifix-dev.yaml +++ /dev/null @@ -1,853 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, ifix ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ ifix, monitoring ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ ifix, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - project: "http://project.egov:8080/" - individual: "http://individual.egov:8080/" - household: "http://household.health:8080/" - product: "http://product.health:8080/" - facility: "http://facility.health:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - mdms-service-v2: "http://mdms-v2.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -workbench-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -storybook: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT StoryBook - ';" - -storybook-svg: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT SVG StoryBook - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: "unified-dev-bucket-s3" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-url-shortening: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-url-shortner-endpoint: "/eus/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "2" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -prometheus-postgres-exporter: - namespace: monitoring - host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - user: "unifieddev" - password: "digitCoredb08" - port: "5432" - database: 'unifieddevdb' - sslmode: disable - -mdms-v2: - memory_limits: 512Mi - -boundary-service: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx128m -Xms128m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -fsm: - memory_limits: 384Mi - heap: -Xmx384m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - -prometheus-blackbox-exporter: - namespace: monitoring -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - java-debug: "true" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# ifix >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -digit-exchange: - app-domain: "https://unified-dev.digit.org" - app-path: "/program-service/v1" - app-routes-program: "/program" - app-routes-on-program: "/on-program" - app-routes-sanction: "/sanction" - app-routes-on-sanction: "/on-sanction" - app-routes-allocation: "/allocation" - app-routes-on-allocation: "/on-allocation" - app-routes-disburse: "/disburse" - app-routes-on-disburse: "/on-disburse" - -program-service: - config-domain: "https://unified-dev.digit.org/" - config-idgen-idname: "ifix.program.number" - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx512m -Xms256m" - memory_limits: 768Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx2048m -Xms2048m" - resources: - requests: - memory: "3Gi" - cpu: "1000m" - limits: - memory: "3Gi" - cpu: "1000m" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - - -pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "unifiedread" - max-query-history: "50" - max-login-attempts: "15" - enable-save-password: "False" - persistence: - enabled: true - dataDirSize: "1Gi" - aws: - volumeId: "vol-0c86db1778f9a3b9a" - zone: ap-south-1b - -playground: - replicas: 1 - images: - - egovio/playground:v2 - - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml deleted file mode 100644 index 54074ddad7..0000000000 --- a/deploy-as-code/helm/environments/unified-ifix-qa-secrets.yaml +++ /dev/null @@ -1,122 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:CoMnhTpMg8lLMg==,iv:46jeLJ+4ZsTdgJXqwHeZwx4ADClVGDz2HsoUhzJB92k=,tag:lmCiX6fEjkOmbOaYCpliUg==,type:str] - password: ENC[AES256_GCM,data:fQ2WMPUKl/abvX4ndA==,iv:jbm+rrZt9R0btjP0COMFOAkFr4P/haEGbDObLFFdzuY=,tag:9FYArT8suA9MtUlCidxFmw==,type:str] - flywayUsername: ENC[AES256_GCM,data:kpY+RgXXB/F2rQ==,iv:KaWXDgEWn2OiizM05ObrTTNwaXdb4czU5uh9P9NRjog=,tag:V3jQlkOecJ/gDNzN79v7cg==,type:str] - flywayPassword: ENC[AES256_GCM,data:hiN+0sJb2aBLutnm3w==,iv:NFARzLe13ToWFn/y73mY9ZvHqLxgEzQR9RD5tykKWkg=,tag:03GuGsuph1Kq165Z74A/+Q==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:L3icVXu2Wg==,iv:2kEFqreJ3bminzRLh341h6EhLs9ScAJQTPBmHD0QqWA=,tag:L4CJ8F/WsDssnozc5Cu9+w==,type:str] - password: ENC[AES256_GCM,data:vZ2K5efWpt0=,iv:ItB+4nR0+HuuhXwoVkIfc1eKaDilsFDFw3L5xoDsf5o=,tag:11k8KKE5VC7str0Vyy3PVA==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:2EPenZ9s28lo99YCdkvq2Ycx8Rs=,iv:PqdUY72uGNIomxMeXxJm/ZMC1WtdoTEveaPXWas14/U=,tag:FPBMaB2Z4JuRIdylvB4AEw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:OxHR6dM1xRiNUXekA8ylGpVZufJt/4hEhyyML8YzxleOnufal/CG4w==,iv:yi+jP6dSNdM7psjDJ4VDO0XYJ1C91fWgmoCdWsEnsck=,tag:YL8vkfXQlr/xncXi88FUbQ==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:Q0QmFTE8OlYB5LsqL+h9,iv:8gluY6hNqdqXM3hF+x5PwE67MqSA/Cwl5+MzV2AjREY=,tag:Yf/XIl30B+NJbWbARTVnzA==,type:str] - account-key: ENC[AES256_GCM,data:09i1kEMsnmsJLwtJuCmJYQGBta2O3ROtoF1JNbMobyFzd1WmFsDpwGK1+cJpof1CTUcqDZqtcwY3f/2AsnqbIvyXL1IeeFYkVXaGv/po/UPqBTCIc7+9aw==,iv:LbaFSJ0qg+seZom8+OutfzKwWSq1/AQGV1w/guu7Fmw=,tag:umDup8m5S67JCCQMfhrLHQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:1yVdkkQkxBQFBow/TYYBS0bKLxpoMgAMgkxjWs7c9BIj6bY1sS2C,iv:5a6DFcZiQ418hVdVmgfldLWcoGqqrgMBB3hl1DwbeOQ=,tag:46zNeBbZIoycBMQraP3saA==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:aN5WKr2mAdbJiv+7bKdQMg==,iv:X3SQkG5g3jxVkpMukI76uXosIrvhSplNvMANYNWtvT4=,tag:4W24fjdwmLLKFNaFR50aMw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:lo/IG/Dyc5ldFoMP4YqOspqUcY7kR8k199nL6RUUPbg=,iv:E4woMdSW6gR9XRnlFCI3SKVE8oQO4vXI6oXx/H8Dx9s=,tag:pujwlOGYWe4SeETJ277OfA==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:suAifi5I3rcIhPikDZC/,iv:MAFirZKcNyZq8QvM0ugZyzdxaX78JPG2nLmuFIjIiRw=,tag:AP/t1XNGJuv8JHBPYopPPA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:3glbegCRYCRl/NI=,iv:twBS1f1P3OZVZuRSetWWk6ljgTALXDKKPsou3tXlA9M=,tag:8Le+Ds3L2M+Kd05cWxrAQQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:LB2CXGv39Gg=,iv:Es6EIw6uHQYFRV/O4Cz01UFiUC1Qd1XvP7kCHyu/zLE=,tag:MfvPRunc3SwawnQefWGylg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:NM8EcSZQ,iv:QfogBnUX/Tq6i2/oaprgBMdM9zs3/wlkweW1pB7KDHo=,tag:rXnvT3YL5OSJBrPG5iklvw==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:qG8R55cPD20=,iv:wJb3GAgs4dUn9Jv6srlu2reVYRZujjYYcfNmhkiQi4Q=,tag:qwuWyW4QWdRs0T+GDa/QnQ==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:/PWQU7+SEkQRFy2pruiwL8MdtnO2kYOQy3k=,iv:OYFMutuNmX6+UYrSED1B2zfP9fa/5s8rd5FvRuNyfQc=,tag:RxBmvAbY5jgM9HwLxhc6+A==,type:str] - admin-password: ENC[AES256_GCM,data:m2c5xdNIVKoNK1yR,iv:1YSz8MYKsbF1ZaC/sX9dAOF6uH5A7sUbxv70u0nG4AU=,tag:pnXD8ekdJemyUghVzBbwTQ==,type:str] - read-email: ENC[AES256_GCM,data:rSZhF+UENOREtv0RgPQH+7xhz1oIiRDECg==,iv:VjLK2uUO+7CId8q6BTq6oqseUgxyziCRiYgBVKnolvU=,tag:Loq8Wq+YLIqGhobFu8cRcQ==,type:str] - read-password: ENC[AES256_GCM,data:ufONb+ehLwa9O0Bb,iv:SE2rQjcW06AwufbVHG1gMV3fD3HmIfiJBC4WQP6K6Ac=,tag:sIMWOxLCg99ugndb2GctOQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:1Hv3hPp/ObGvVc2mZJOH+Q==,iv:7rW1lslsdlOoM9ru1/OQTlOCd9yMJ/t1y6oKcN4Pu5I=,tag:uLgpGHISpT2ZOTg3EZ5rmA==,type:str] - master-salt: ENC[AES256_GCM,data:VScRTs5kQa0=,iv:7GQVoeMe6ydWLTv2ew5pBwIJbMdwgVIzb+kEAVShg6w=,tag:w8ODjfQqmFX4HfC+eEQWiA==,type:str] - master-initialvector: ENC[AES256_GCM,data:Wb3udkAjjD0qCm+Z,iv:X7ImAZbESC5yG5BoXetmv0NBUliemZUv+GDFMuP8NVo=,tag:z1l4KIMBOpDTP1bzlEh90w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:N3yef21FDIJP8MHs4QkqQBDFSRHLeOwyJ8hoZ4PFdyi9,iv:qH5zTJq45EzaU4CBq/lhJD3IovwFWIHwS1xZ+tMcc0I=,tag:1EXALTegpOAhEpftGA7e4g==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:jKN50Xr4U4Y=,iv:ZaVJAyc1v8rZEofjnI7nyB+2vJqAWglw2q77htjg2pc=,tag:p2SRFfXMw7vN/2q0FPSRlA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data://hhyikcR9v9T4sevnx2MdwArxGh02gQcz9Z2oXBjbjNszrMjax/cYzs0N4sxHebiD5IQjxZnYRK4Vnnz1/Xh74OK/Un6XlS3GCN6X7I58d5HUw+9E0L7C8BnwTA/bCHRd5eDcJUoMkKEa5204ATpMwY9j4HlAVgtW0LZHjj7EFh2jUjYBH+j2BEPWvSNn1IukSSREc5j8jnuO4Qjt45cz0LNUgluVhH6NgQ6qk9hruR2zQ0kjkYO0q0zuvcpljp9IF1nQK4tW/nv4Hm9fPf40bn1hafs6kNDOMRDGiWD8sfI+Ghp0ZDG4nK7g0UijW6sE4Llj+sbm+gb133QcQ0CF3fWXh7730+uJodZjvQ9nBbZ+xiO3OMyIBmCU7udtrv5DtFDU7DprugnrPsqZjOzSeRK76X3GdmjVGyPHUS+4ehWEkldHpeVBRETUS3dBUNJXbzeYiAgoOhHFCGdgmdjPm6WtYG95Lou3flzqPTJACpR2joN0Hp1kT+NjpSUpE0JFUB8f/dcPsczDmQRO87Bz7F4CEQVlZz6nDKrS48DtNkr1cFqWQ7mzLkLGUQ5juQZVZqkC1TYuBjM5nJYP6pWc7Xq+qwGt0d5ValCE9mzJz11YlbkFEnrFmTBWVvy6yaaoTG4FcZf9OwOkz+WS1tr22FTLCZiRyL9b+UYLuLpJJg01K0K/4gk2ulCqf/npQosQzd8QjKidPDGOitamUBKz1eDsl9xFJWRO8h0v0TrCkbilXSnOyKBc0l/ena7nrJ7J45uDu2AasAKV+G2NpjSj4aS8EwTMtIR5koDEq1YGnAmiGBCeQQXRfvDVm/ytjMF2C9JM/LjHBAFyJ9e0bct5roweCqIuWevl/3EjV+bEHTClM1rBMlM/p9mVx0FLBQlxK3CI5Suu3AZpx39LTrwHyp0PZ37IyBsHLkMo94FFM4/hSwfrZlMWJw3Q9CApop/N4SXOFLeLhZH4H/Ie3q88qeuK6c2hWpKCYqEW5XkBtj50/bEygutdjR1OB2ain/g0t18WmOApH53rMJX4819HVgE0juxptlBvZ/8Syfc01LAWrSc85pyJqo+P7O6zVDFY11l2C+3mZfWDnGKH/R+951LHgtx7L/e1WW9wU+zLAuCWgtgYzAR/4xqWvk7zituSYK7arCT9/g1kl+lGPy/C8xo0NHZWWxBQLR+Hm/xyK0pI2qJcZ/ytP4GiQtW9qsCF+XGVyWaSacbtwJlnLornHacnbzN2RUcZVHtCG3NHG9lFsuk/+UXWxAIUtitELvYg/FcOkt3bdnsmFynE14n0eS2FJUWzibd5/wyuUhZBQg8tj7Ee+6p2DURqZfyQ1YEQ5ubd48QFyEhJLqKCWDypVPxHCw3ZpxHNzoJ4boiEq/c1CF5mN5VfXVGdITabvHQ/APhsXk+yb0jz6uks+JrOtIVmwf72YH56c/ADpup1vWJE8sppGz/6VjHJhsphIsCOvTnNzPDJ7KWiy+t8zZ+Vnpq08HCl9b198Plau+Py9mmhfVi/Tuk/SYkMuG3f4MCOxmMJYSm12HsjT/otEXDLEAwJmNFWx4UNeq/Cn9gDI1SJiwhhZdDdXkeLsAJ77blmiyhLd61p2+LeVJ5NZcpQ6QSsxpmMMBiL97bnwAX4eertSapTOp4l7cbPrmb61tdm9LEbz9VZiU1Vzp4yRvXuiSKx3RP2hCgPAMuANe1FnBVw3HDmQiBSv6hMJgsH+eHtFIdT6f6XvpGZb3plIADDyPq7vQAowrqwdgLGdVPr5472H+4x9HLFlVkU71gAt7o6NA+ly/T0i+gNfPFB2TrCe8p78mbSL2GtzfK5RGJkxLjxKC7wvzefyPSiZuKjjtlK0yiEW84vd8eivwDkdygUSXD7cxtGM30E7ktYOO+d9P9Qy/lPZy1J8gr6uiR54y2zKDa5PUfDj+251edxxOTQnrMbEaimMH5Blgkuy9+CiONTJoIYidGaKP5opB7gMT5zt5eXhcKE5G2lsTwdAMP1+sj4LSSukrm7snewgxpQsWEZYb3zakgrv1Uw+OSiklAKeHKmwElqSGFNnbtvcZs5aePYtfP2sCK+hd4z6KbWLjFKs1LgWaTHi7lnHqiMpZavgAWtyDSktKYr6hzFwbvsNKDvyneFyv+ih1lK+MiiZR6DoXCgNZuE8i9OUMRv0g9ATnbiYOVaOq4TpGONCKLOxSmHPZIDObYvJt1dFBbDXYYXj+nVYs4R1ZUQRFe8HGvdlA2LQ8qNSF/GBd5VId/fjctm8LaiGrFtwNhZYcHQ642zM9eyHpPdcyKxF4zf8L+jzCB3bMnspVGkEabnIjdJ+qSpsAznS9zaH4Z0M3DokbcaZtLNUXALxTYtiydEO5EEJdYruVmZE3eRib6/hEuNgeABE7GKsog1wLn8X0GvgNkrYG5RgvjBR/Jx/WAJZsZwEDPjxt3IRFM3xiy7N0dd37V52vHgxuydraf3BaRMzcaZDW+JmwkNulpnNSfxyg+sLezHjY9754xq/gqbaBOLWAxseo8F2ga5M6ynczt9auBrOxGMFSH6p6Kk3NxwEG3660jqRexulvFtjskwsrZ+KHndDyxMf3hdBXWLoiApM0YErLQcX/Qy4BEivosiT1fMEybGJw6C6SU1cWZCLXhRbl1QD8fBdgqcx70mQe+r5qMgTrZoNViGsrb6I8kgy8iF6JCU1xxMZ98gXn+eIHxbn2h2lLJKNVFx2PRPG7n3mHBvZ9PsUJRYFKENXxGD+IR37LSk1KuilOHDgAs7QIPJh7sNBlaXSGuccw5fgvm7WXXyQuPNukf+XU/FPJs9kIn6WswcisOR2zn9szrSycgnsmUdXoOhKJeq2rcPW4BgmvE0upfAgtSoX0VgjR/WjnTCGulmnyijLTaW0EKW1y8Pw0LteXvQxgmXLAvdwK02QWJ0MBVXqeFkw0BVB4NM4rJSMG6wQVuElCugyN5sToiL2dRc63wQBR5apzfKwgBFt1QlMpCEhNcSYWKSd95IOeBIG+kWq2xnz02wobpSwIiiv3gPlGzbf6a1cARtLAUkaXbW17Sexb/8a6m8qng/rAmMaD0plsEbFTABjgapNNM1+UrMI/4thNqJSQonXGcxRMQNf8Caibn9wqCdmCtiweELAwFGYqB2l0lIiUPjK060IjYT9zkCDTf+9KDq+IkT0YBL03fT/47mghfJcgW4+MdcrOVjeXXguPn1bviMm1YzDb6KssWOM9BX+QB8Yw4cnCGLCDL3GY3yajHRmPQ2Pk0VoqIu2rawK7E/Nyb50fT+Cqry5Aic9Ms2qlAExsbOqlmVoTEXbcN18BLCDaJ2C53FfXCst7WIiXgZRAk4CnW5ennSiYYl5ohJqUzcW1ekxXwpJVXrrEORLgJ2Y79vqIWRpEuySr6db/FZt9hPCyUgJUT5hjMNBpKxXUPZteMtACEhpDEv+WFyeR9ImA4kWCi4VG4fpZ88hPCta2klrBgGg4df1wcCCISeKT95u4gPFXryyXwmRu6/r22tJvPAl2yoNBeLWWxnVMx6k3CgjQ9nx8k3ynIWAumT4YQ5tfqdreEtt28UC/CWB/AJZ6FLIikeCOt1EreWVjfJn4/aZDF9+pAPwz5VLkurlROHeoW5S+kDjjzGETZ0+NL/EehyJj8dv8n4/ANRM1TNivo6MAZ09lYq5pJc8E7lDJIrQMQlauOV6F9U7O54fVQX8dYMS95YYeTfMlIgta6IiO6JZr4avC5qaC2sJ9RP9j3z9gwlWCBjnSwEVClTqjQdijU+ifcIQYlzXibjThArtVK8z3KndpMwiH7qmd7khkmThtUqINyb4zzSDdr+4uvvaOyLPDvYR6d/YDA6BewOHs9ha9CdzgFSERhs6ycI47Qzdg3yVRKtPjXyrFiFG+Q20pgDEDhN6++M7FlDYOGNj0bmD/6nsZ0AvQA9PdD+OvQmyR9mvHkuUWuvgB9IEx0BEWaQzYXlNMjW5omRkBcnodRZPQA0gco/BGrvXZ2Nb6DzBXtpJXrJEi7lOsdTjwL1cd9xMPNwgUZS1ocOTeM0fZ1QOPr7f5Mi9XtU62q8fq7JSZnS3n3z13Dzp7FA6XQtCZRLgO96zOt6n3GIzWRZ1OxsRo1AIFwkz8YczUFErvSDiSzS6qQHgmLeN5dkiadA8S0fh5ww/0tPugH1ZVgOXwf+OSJjNPXJfmEDxuimgr4wfrcqLEE5RRe+OmFtREzah7oqC9uwrWMP8HOCs+pVDEyKY3BiwbbeI7HheOwLMzQilnsHOiYqU5s2hx6BcHj3sJTtaSoGrBiAbFG8a2s2PxpwXdk0/ZgvqaUnwuD8HW,iv:4az6paBgg42+oyxr2cfWK1ozgYHKjCl7cm2CRkrMwns=,tag:HXfKJGS00uYxh/84UOQ9fA==,type:str] - known-hosts: ENC[AES256_GCM,data:Fpkvy+Uq3qrvfZJ1/c3v+M2jbFEfguTaPp5DcZzreFYtD5wg+KZqRGDIOtAvaibP09BFQWBXVvTvsN/nOzH5wwGgsNfbYHLyqppiZ3jjeq/AHZHkP97ryJPIxd30jLAl4xq61vXvPdBFJLWAZiQjQ/bEMlef+tXXcDIb9A4ITX+EehR/4m1ORdVqKxdjPDJFLeok/2znq2wsOHOqv+WikyXRBxtizQQt8TFIHZwuSkdJZ099IyX0ZPhuVen/HSR69FhnDBBezU0F7owRROaThOFUDnNZ7HNyajkdlkZgTX3qRaxH6M4JbcjJoQJjhg4SHmubkk/4tKdsxFdjHrPtGsXgl5P3Pf7tuzhKAhbApOeNmNtod7vnd8LaNFgT6eG8J3rO0VHxS4r9N2oK5vCNBBb8p/93jkSiCehPRA3aVAQcFns+MmpnMMObKGg2l7MvcwbxhQS43EwM6/LSfLUaRuq/gX35LWfT4FIMEL6bFdp7Rtyfaw3KaRn8dWn0Cs3cKmfCG/mZvRhixG3eilA1l2CT/0UM17gvc2EhU347jGyIok+cGxYtrmdy9TTzP8G7Xz4OKsn2yvLCMVwS9s4DwECnTN0TxfQhT/6ysJlpaVolm6u5jLqEV7AeDyzVOWgSUTZp7tbnQU4q4AiiRhz171JnjlHf/5qHVR/vmAEDlOAgrlrWQOn8vAxUtiNHx4m6gTkfzOGH1ccP5n6nS1HIPQONRPj2GLl1EPVUOVAv/JMTzzs=,iv:5WdOv8KuWTa+yH6AyUtgxmiV+m4I+HFvnLtcLaK6Y5E=,tag:+r5NcoRa2+VObWbeg8jqng==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:L/FvmC5Blsr0,iv:8lFzPNU4Iqc+YhHVw6mVbPd7x5ZaarofxFazeOGiu/0=,tag:EctwIOm6MGaYNNc2hbAA4Q==,type:str] - si-microservice-password: ENC[AES256_GCM,data:5hmJqOhgtHichiGVxg==,iv:N8iTa/u3Iy1VMqD37Q9ufBL2V9SA+vPupYivhG+vhrI=,tag:1V8WwZT3MZ3IZhmf5ciLTw==,type:str] - mail-sender-password: ENC[AES256_GCM,data:36WF8n9ze4QKObF0Jg3CqP4=,iv:oy9hQRFE/J06AhBwPhkGonf6JuaFZ06yseVyEJgRXI4=,tag:6TuDgMb8QVXSF/B2id0i8Q==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:DQzjWFH6ceeZA5iUzp7+volAel60532UFJ0izA==,iv:pHRXbPn1D2Co2BBIfb0COlteA/GjzYQy5+Hqc10OI5U=,tag:MlUHRTyNfirZ7XcxBUhH7g==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:wRfFjspMFGWWLLYSjXpeqg==,iv:S6EhIMdSfp1AQhbJiCP4y2yp9aJTpmU5vnDtms0ETZY=,tag:i2fOJMj1gYQNsdhXwgRmRA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:RnHrfo8/kQ==,iv:sAIprIq8XOhRsaKH+SFCw06axNAYW/axUOadQVLNwPQ=,tag:mMXDjn8EtEu46iShIEpCyg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:t52xY9bR2Q==,iv:odHhq5m2opvGYgUEv4fmOrV6oY90jbAKocDr5EEI918=,tag:x5VALhug1mCwYqsALtIvnQ==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:S9ifCzVp2BnA1xFDIiOP,iv:TMnWwXVZse2yqM71yucb6o0UKzXaEzAJvwc2GiLbD4E=,tag:vl7uTxBQ/x4/9ohPpd6GSQ==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:+SJGa+0ZmZfI3J05yccVFTaoZHWzE9eVYpsUWrHRNeY=,iv:iKPyLn+jFOoHOg973lhtbBqe7AQlwTOQwvrGk6tLuQ8=,tag:kBDIWqF+WtiylTatCwVZ6A==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:WV+UIYR6,iv:T0caZoLzcJEabfPS/yds9ElJzAnllOJz5EJkLKO7h1I=,tag:ZkrJz6OCEKTljfjJmbufRQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:5ybVD8eIQzM=,iv:nZ7UuCZkBoVMLMB3vo5MPxvN/I588h6uOEJA+0nYY5I=,tag:a8RTUPHeJWrsKpEtd0TFdQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:f3P2xGEpQUxttd0=,iv:oYe4evUgZYrOex3xn2cuJebQ6RCVYZjRF9Q+3i0Hnr4=,tag:zI9IGipsGZVVUZyIdK0g0w==,type:str] - valuefirst-password: ENC[AES256_GCM,data:cqyLZl/ePaRz,iv:c+b3tUIxfufjMBH7nzJz3VA92HkUWYo8FOLJwBMOS90=,tag:jXc3H42j3+Jfs+ax0PByvg==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:Q1ZLnxDH,iv:jGRGHJuDEgTVnZi4GLu3CBTJarV9PcLSnicCKkSCQvQ=,tag:rAp/FIG1nOoJC0AifwCQcw==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:eRAvYGXOqlhHf+JprSWB9MrZ6Ss=,iv:pcCA/vk/L0yZ3NRO4MloN82ig62qgCopxRyTCzPAzoc=,tag:b6QMgOk1RE6OPctXw/LacA==,type:str] - clientSecret: ENC[AES256_GCM,data:5oBpfAmPjXgX+T1rcy6tDcd9iURvme5hdsHX6cfwbxpestt0HartPg==,iv:aXSQ9HQpdhJ/g6Eu+K8NH2iYK2kitqYWScAILO81odA=,tag:s+vaPNP9D4n2+WcMAmM7RQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:YzFkq/q0st6zMtYhnhmEvmKf7u4Oz9V3,iv:scS70/ORu3JOui7xZdnbF9EJUT8XnIAy/3+OuajaFL4=,tag:0ecaEVCJOrXqL33lAn+sPQ==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:C/9NVhcFC8PEYSO4wssMEeIH53E=,iv:jFNQ6mYq2PAGOPcSRYZwbhjrQZDfvmNlvrBENz1uNww=,tag:SPt4dZcvy7qRK8RQElwyrw==,type:str] - secretkey: ENC[AES256_GCM,data:X4qt7gs0GK2cAlGqO8a7/ilxjC9h0NOYkSg32R2zuYrTqzRQLDEFlg==,iv:peb1sIJfSByHTFqhzu523xNT1TaSEeDsnR0D4uLlNb4=,tag:dEZLvSOeFItmgCiKVKxNWw==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:4dM=,iv:FIbtjeaV1SAyT5xZu3fNc8VG5hPiqR7gW8ipxaNguTY=,tag:cxpModU0GumiAriB/phq3A==,type:str] - route: - receiver: ENC[AES256_GCM,data:cO+Lz7VohdAYxaDsMraHb2giuA==,iv:qP1BrHsPlXicWsISX2FhcUJ5izrK/p3TcyBNH3cxI8o=,tag:pmZj7W0kUR+1Z8+41pi3SA==,type:str] - group_by: - - ENC[AES256_GCM,data:g/w79YygX9Mq,iv:zCmg6uNVh6uN8W5c7Ud3CS2Ec6hWi5M0SKd7EAZXuBc=,tag:MNBBUgGHHgQS7G5GCI66Bg==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:+x+5EM93ZU1WP1ydQ0FznnMPKg==,iv:SIKefMO8lWu/eKe0duHDn5YDrqJ3c+RcCKu/3+D0Jb8=,tag:vseyNic5u1JVi9q7GV35nw==,type:str] - match: - alertname: ENC[AES256_GCM,data:lWrm6B5mDw0=,iv:j4a2lAG4yPGPIz3BA0eVyJZwvijtX150gvUqmcPcfGA=,tag:tZr40o+Of5Ub7Ed3RQixuA==,type:str] - group_wait: ENC[AES256_GCM,data:1D3a,iv:JmXm0CaUQ7Rj/y45211Kc3VLqFdTSMlCJiexIw1zRWc=,tag:q2OABvTZmidkgbI7ysdSxg==,type:str] - group_interval: ENC[AES256_GCM,data:fxo=,iv:9fP1/OJnvfUxw7blVidBgrPHeNVr+YkM6Vhy5ezw5CQ=,tag:Fkw0/C+XvfotEZ5BLZsTqA==,type:str] - repeat_interval: ENC[AES256_GCM,data:W2ID,iv:Sz++RzlgdWhTRLJJjyMJmvSTkYdCKwRu3GQ5ek+YZKY=,tag:ORa1/s8Cm3NUqWsIG5tfXg==,type:str] - receivers: - - name: ENC[AES256_GCM,data:2Y7U7iE1RziPNEr7GdJXl8CMVA==,iv:umbKGa7UJ5lJywvnBst4VBhIm2WF4OB8Ykh7QtoCKRA=,tag:ZDHfEnbNmHcZ926BAXE1iw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:WkTC+w==,iv:LoqUBUvpg6+MSKzMr6kp4wloIVBc8AfyP5zwrhdCA54=,tag:Y1Cp+2hx1oef7O8d6Eu1tw==,type:bool] - api_url: ENC[AES256_GCM,data:9zLHjGuN/ennfHMUXHJOjl+H7sd3HHpvxLdim37wGXdeIyjFKojvOfSXuAsKADBQ1bLTx3w2v/sURyBeD/nq1ZWMTnTk7aARJDPGNiLP5A==,iv:mMCfBxM5iqypfm9QC7iyxNk9rVRVgdJdda3ZuvCJO64=,tag:ysDpXP91tF8OiVABCIf0OQ==,type:str] - channel: ENC[AES256_GCM,data:mYn201IHglUURUluTZCRwH1vHXsEPw==,iv:hQL3e+bUJmcEuTSGl9M+KyFAndXFCaO7f+jaGeR52x0=,tag:Ku0TPjzumFfRqXqbHqZtDg==,type:str] - username: ENC[AES256_GCM,data:n8sz5gSn6/Cdq/Bx,iv:mXEhh4L46MBQ4SlnDkfBy0KMnmZBffuI6apx1lhOs8Q=,tag:PMq5SmzCJTc5YLh00rfJ6Q==,type:str] - title: ENC[AES256_GCM,data:e2XFQRHcZ0tHEqmYMyD9RUFbjs/LmZVApsxmw9+lhTGp0qviyuw=,iv:Dtb0C68a60xkrz2mjITJFDP3GPvEe5p1RELVpfLiAUM=,tag:sojDG+UTIRgr1pBBhKdAlQ==,type:str] - text: ENC[AES256_GCM,data:FvwD1uvAtpHlJY0KJ/rR92XUPt/3JaaTvspOAeWevpIyGSpBMA==,iv:q0IMHI1YXZVbXtrK53nNN1g8py89sNMP9T9Zt7sX/jo=,tag:sTEB6BLFq3aKoJdMo77W5g==,type:str] - templates: - - ENC[AES256_GCM,data:IXPzIENX0kVgd1QPjDc1WTjnZM2BOTRPXbp/AXGQCZMgbzqHefP5bujdGKad9Ad6thccOwBVJF0fBAyx+J0XRQdpGKAYNOM=,iv:ay6R3Wg6y6Q/tQ0fJB+TGP70QD+58oT04brH/qFDLCM=,tag:48BD9un3pNcusWNYRTGCbw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: '2023-04-11T06:12:24Z' - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEnl3vKuiulVvdACmIjrOerAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMygJAIKOE3FL3EJm9AgEQgDvGqHGCiX7vbFH+FBvVbRy5v+0Y/WI4g+4RBH2ySp1g+6AuwJIVTObmVdgAgvyQbtL41mzufy2QY7lqKA== - gcp_kms: [] - lastmodified: '2023-09-27T06:18:14Z' - mac: ENC[AES256_GCM,data:NvUi+4a7ymmcRWaIDxn1VLDKOaT44NBs2jexNtY7DaVrToRsamKTod5BDF2kN3o5TFs6Zqeq2YbP2zmSIPWvs/OwZamUEQqb/ATwPConlzMRKMbD+j5DfTFubjYiDnAFTNeoQYAB58wvQjf1T1RGqZN/OOqrZnQJsa6AEU1Nczk=,iv:OKm7tk+xqba6fun8oi2PU/kOOvtOThtzp3BPOygx+ao=,tag:tTYt/7984vzF+nln9awJIw==,type:str] - pgp: - - created_at: '2023-04-11T06:12:24Z' - enc: | - -----BEGIN PGP MESSAGE----- - - hQGMA3QBUEHknBKFAQv8C7JFZHpg2efe9t2EYW0AtYoDfwGVu6sDD1v2MKwkYhe8 - L/H0bFb1fDavJRKIaZPhcR2LfeBisIUCCemDm55Rq6/0zpvQ4s22KH6Tr8qZwZfo - HIrFA15vgCpnmcgRNXJ/ZPWbIwMRMbE+gZ7rMMXDcpoRjf/sFBFD9qD5ErQS8W87 - vbPhqOIK7sbDCGLU6FAUUuK9hXqHrF1hzE4T7bg8MhK8GNVLhs6eufouzKfPbnk5 - HIEqGdvC+5VLvhm+WgFgO027CVNCO7FQZ5Dqb1XVjRMY7P8XlSWEpw2WEdxay1yd - 7HI+ridZHUDly6enq32hOUN0iK8+QimtgFW8yBwilKE6PInVxId3lyDaq3JAjnxc - kHuHnZp085wefjCXY0sIYo2POjukqo7oB4oghwXhTVXCLs6yoqNKf8Vjmmr+1zL8 - 5O5sNWI0MTx9B0WauSjcXLUHhcDDYrMQsxjpqo3vLpa7+VRtNTMNZI9Zz+vITUCE - igY8lsxMwwo5DM1VT5b51GgBCQIQ++dgAogwETbMwd0TvEjqQk7WmOEfNnYUvF+L - MWk1voRbV6OLUScsVGRc1k7qrjGTvCrEs1JWLTV5y9aRPFIlhvq3rC2jYMwqyfW/ - LDoEZdFZE7tlZWUmuQMpbyjF3WEsXQn+JA== - =NBp6 - -----END PGP MESSAGE----- - fp: 58BE5C4525DFE047D960AFF29E8891E02D93FD9F - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-ifix-qa.yaml b/deploy-as-code/helm/environments/unified-ifix-qa.yaml deleted file mode 100644 index 20ae00f7ad..0000000000 --- a/deploy-as-code/helm/environments/unified-ifix-qa.yaml +++ /dev/null @@ -1,835 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, ifix ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ ifix, monitoring ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets|egov-dev-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: release-name-kafka-controller-headless.kafka-kraft:9092 - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ ifix, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - project: "http://project.egov:8080/" - individual: "http://individual.egov:8080/" - household: "http://household.health:8080/" - product: "http://product.health:8080/" - facility: "http://facility.health:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" - mdms-service-v2: "http://mdms-v2.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -workbench-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -storybook: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT StoryBook - ';" - -storybook-svg: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - DIGIT SVG StoryBook - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: "unified-dev-bucket-s3" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-url-shortening: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-url-shortner-endpoint: "/eus/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "2" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -prometheus-postgres-exporter: - namespace: monitoring - host: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - user: "unifieddev" - password: "digitCoredb08" - port: "5432" - database: 'unifieddevdb' - sslmode: disable - -mdms-v2: - memory_limits: 512Mi - -boundary-service: - memory_limits: 512Mi - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/pqm-adhoctest.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/pqm-adhoctest.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx128m -Xms128m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -fsm: - memory_limits: 384Mi - heap: -Xmx384m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - -prometheus-blackbox-exporter: - namespace: monitoring -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - java-debug: "true" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/schema/v1/_create,/mdms-v2/v2/_create/common-masters.Sample,/mdms-v2/v2/_search/common-masters.Sample,/mdms-v2/v1/_search/common-masters.Sample,/mdms-v2/v2/_create,/mdms-v2/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v2/_create/common-masters.SampleTwo,/mdms-v2/v2/_search/common-masters.SampleTwo" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx512m -Xms256m" - memory_limits: 768Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx2048m -Xms2048m" - resources: - requests: - memory: "3Gi" - cpu: "1000m" - limits: - memory: "3Gi" - cpu: "1000m" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - - -pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "unifiedread" - max-query-history: "50" - max-login-attempts: "15" - enable-save-password: "False" - persistence: - enabled: true - dataDirSize: "1Gi" - aws: - volumeId: "vol-0c86db1778f9a3b9a" - zone: ap-south-1b - -playground: - replicas: 1 - images: - - egovio/playground:v2 - - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-qa-secrets.yaml deleted file mode 100644 index ad5905450b..0000000000 --- a/deploy-as-code/helm/environments/unified-qa-secrets.yaml +++ /dev/null @@ -1,97 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] - password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] - flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] - flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] - password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:ulrU7jET1IQknZw0395So0RygRE=,iv:Vyu5wzG3VSJiyPAqZ5akhfFkiP2enrcf+873zVN+D3U=,tag:bPIj8wGenus3XIglZG7l+Q==,type:str] - aws-secret-key: ENC[AES256_GCM,data:CbPT6R83xSOlDk6iZ+MkY5OTJqk2SY+PACUqLPlKTp6SOcMR8dx23w==,iv:0LVB13htQ/5brm83N4WIYVOw8AnXThaCpeKN/hrDG4E=,tag:FK5H82FqtpjDhMvBUYrAGA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] - admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] - read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] - read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] - master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] - known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:63LswFTU8hO4dPN23VUDw1SefcA=,iv:t6aRfonLQGwgw1eo9tf8KJ+8n9DfLIyBFCC6PU+2LH0=,tag:OkZTlZFIUOmsNtyg5DF58A==,type:str] - clientSecret: ENC[AES256_GCM,data:Z/jbNMxbVPTnHJIcHslxrzGh1K7JAlRwX/fXhdjwXWr3Yn0b6flDKg==,iv:/d6Ivz6TAiHx5mFPYqFoLTcBs2FxUnR2zGXiudPjxhM=,tag:2sMlXiDstzU7QRg8hHCODA==,type:str] - cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:2mo=,iv:eAPZwktBjdmKkNm6FtngryqHDVWN3CuELOAiVjIa4RE=,tag:Po9XVVZ+rS3/HL9kqG2yYw==,type:str] - route: - receiver: ENC[AES256_GCM,data:uNg7j4jIs27VvafcWoA/gKRNTQ==,iv:OOGxmKEKhdcgqkZyr/my8B2PTNt8nOtKr0+Cn8FT8HM=,tag:HGZmr/DUb7qXW3dwyEesCQ==,type:str] - group_by: - - ENC[AES256_GCM,data:UMYHY0EARikd,iv:vUPiIEHvF4Kj9eiwe8Q3/lPlraXuoVof5lz/p1ptSTY=,tag:NUz+5aZqlRUf299GETD5qg==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:hSmLKhIdIuzJqDZtMSG9ChCeDw==,iv:B6bR3P8hpvrSYgkVvlnXULseZeJ3OP1/Pm9yMm27FWo=,tag:X+FreSX4COYCo1DE1KzS4Q==,type:str] - match: - alertname: ENC[AES256_GCM,data:C53S2ZfIgKo=,iv:zi6Mg431sLhGHVD97xUC8Y6WXQD31ygMID7cshXF7pg=,tag:dwQymJBTHNUWcq91/pNkxg==,type:str] - group_wait: ENC[AES256_GCM,data:duaD,iv:Zx3lQF9iCLMh7tT3M/qVaIYNGTN2D++qnxzW/0WlgYE=,tag:NMmE4x8DWAU+XeG5fVsliw==,type:str] - group_interval: ENC[AES256_GCM,data:iaA=,iv:cfTvairmzmpO+i9UBHoHfri8SpTZDjru3QPepddPXhg=,tag:7hjNuCm1JeATqRkg5lE7vw==,type:str] - repeat_interval: ENC[AES256_GCM,data:OGKJ,iv:1t/J0JxpmkZuGwJirzIrhOKiP0fopifVykV9W9w92FA=,tag:HNmT2Q/BlcFvy6cJ3TLCbw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:nBL9oIOzPbD4qnAGWx90p6J1xg==,iv:cry0UsoDQYBL0EVUO9cPyyNuSIgOe70So3GQ5t/ahYY=,tag:+NBMieV/gKIkkOhzERZP8w==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:LbzvlA==,iv:y29Oy6D7xpGniaM6UTNHA9xuawGub6VTAnc0/DJjxlw=,tag:E1ObmtQy4zhcyZZe6rPm3w==,type:bool] - api_url: ENC[AES256_GCM,data:pn2fKrMNz4dXDjYAdLlXX0kFoPZ5ndZ/qilywg0TMcx+QpNNpYp1NISUq1JkC+GqkxtA+eDAbg+MgchV8byeip1Efg3pqOFbBZ29rFuWWg==,iv:4X7zcUCm9POeydd/nznnue5GvrNIXleE0eMsRs4fNeI=,tag:osHw4ebXaZV/tUULNer3Tg==,type:str] - channel: ENC[AES256_GCM,data:K6BHyvsAJyVYiqBo6CG22c6gIE3veQ==,iv:kL7JrFjlOr4jghEsaj2CRc40T5TUPE2mvT4gHO/XfNY=,tag:tzpx0e/fI3br+mIu8QqKOQ==,type:str] - username: ENC[AES256_GCM,data:C/yOOXZCPz1D5Hw7,iv:FKDzcjopFXDPajboisgHokdo2gNimoX/BUVWIB2H6kM=,tag:1b8j8nnLnRN0E9OB72tt5g==,type:str] - title: ENC[AES256_GCM,data:Jl3sUqACE7tv8+njQQ6YuVW7EdkDQxVMwH1ptkRBgJZDl3HkZMo=,iv:mcP4fSOWpDIaoKmN6YAjugEYx9rxiGUzrw20StE5e/8=,tag:dPgk9s67zk9cJ16B7mJNQA==,type:str] - text: ENC[AES256_GCM,data:83QUrTZvbJnwq0a+Q/HvaXL35areXuxGHLaI7DKClX8g4iMA6A==,iv:fhwhQkD7BjQDRtpoDxiQ5ca4G4ugEYDlygBh+lTtxdI=,tag:ih4jmpb8mST9aPb1VV0ynw==,type:str] - templates: - - ENC[AES256_GCM,data:iN1aHpMaouIxIGB244BCVYeYZ9G/ZEC6+CmpFWBmkXEkALyQovp5SFIib+OeQT/nYDAPiGDuwmjXqC6L/rItrTwTu3INgYA=,iv:cU5bwd9CQvp/ZumUO2+LCE16mfn0EnwLRp5LOEtOGso=,tag:4Gc3WAq7Y43J+8ZhtW707Q==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-09-26T16:11:43Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-11-23T11:39:06Z" - mac: ENC[AES256_GCM,data:XVozUuyRMdJBvezGJiEHPCDzTqGggN+pSaYWNmqt1k7Zna4vAYCIn3KtxMB7vVZ8DrOhdyOFm8sm22uUJPcc6LDQHBpL+qf5scJ1KUxGKf4/d+GZMSAXTyLN98xQO0pGeaesU47u3K/1ObjtOlBUkWSXBk2kNraIKyO9a1SWsDs=,iv:vUjP6+9bSbJrK301XvScvuTuXpXd4d/VKx1g1W3Gztw=,tag:y+1KiZjJDigCIDyE1wQKEA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-qa.yaml b/deploy-as-code/helm/environments/unified-qa.yaml deleted file mode 100644 index 4ad98665a8..0000000000 --- a/deploy-as-code/helm/environments/unified-qa.yaml +++ /dev/null @@ -1,789 +0,0 @@ -global: - domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring ] - data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-upgrade" - es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - project: "http://project.egov:8080/" - individual: "http://individual.egov:8080/" - household: "http://household.health:8080/" - product: "http://product.health:8080/" - facility: "http://facility.health:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - health-project: 'http://health-project.health:8080/' - health-individual: 'http://health-individual.health:8080/' - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - egov-user-event: "http://egov-user-event.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-qa-filestore ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - - -health-project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - -health-individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "true" - java-debug: true - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - memory_limits: "512Mi" - heap: "-Xmx512m -Xms512m" - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yml" -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/stock-persister.yml,file:///work-dir/configs/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/household-persister.yml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" - - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -ingress-nginx: - controller: - repository: quay.io/kubernetes-ingress-controller - image: nginx-ingress-controller - tag: "0.28.1" - # images: - # - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicaCount: 2 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-qa" - upstreams = [ "file:///dev/null" ] - -workbench-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pgadmin: - dbUrl: "unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-qa" - maintenance-db-name: "unifiedqadb" - db-admin-username: "unifiedqa" - db-read-username: "readonly" - max-query-history: "50" - max-login-attempts: "5" - enable-save-password: "False" - persistence: - enabled: true - dataDirSize: "1Gi" - aws: - volumeId: "vol-044ba5223b2c80479" - zone: ap-south-1b - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - -prometheus-postgres-exporter: - namespace: monitoring - host: "unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - user: "unifiedqa" - password: "DigitCoreQA2023" - port: "5432" - database: 'unifiedqadb' - sslmode: disable - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "my-cluster-kafka-bootstrap.cluster-kafka.svc:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-uat-secrets.yaml deleted file mode 100644 index 51f78101c7..0000000000 --- a/deploy-as-code/helm/environments/unified-uat-secrets.yaml +++ /dev/null @@ -1,115 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] - password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] - flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] - flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] - password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:Rlm3HhAJkxLvqE0aQliQ/kULTjI=,iv:E0EafGnD0PbZ4dpFDOBc8oSSBNHX3N/F1UJ6c3YB1U4=,tag:/fBQzRcW4j2smE+cxDbkGw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:LP+sQivgVzPvg2ztqLPrMS4ulRF0QuSz6zMvsPgX8G+S+JZ2zENkeg==,iv:klUwB2P48cYBJRqd0JK/mJG+8VahcY25rq3aFuArZUk=,tag:szZAkBCQ1jhFvaj27/5jmA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] - admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] - read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] - read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] - master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] - master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] - known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - kibana: - namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] - credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:KMLD6wYliMyfR6HRVJmJijZZ2ac=,iv:qz3YvcJ8cJ5vRrOQup8rAsV/Wlb1ly3HEa8+Cb9831A=,tag:MpUX6Zq6q+cstOL1cY+KnQ==,type:str] - clientSecret: ENC[AES256_GCM,data:MIR6xH4q6GhH1hMRncJwTf3jzpEQqdzDNsHO38i9LgMBwa5fxjSw5w==,iv:CAq7p0wNiY0LKQ7ZBdlTEpNhVbp5kIxVHeeyGkwF9Z4=,tag:cCZSpV5zYv6Yy4Dcm/8T4w==,type:str] - cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] - route: - receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] - group_by: - - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] - match: - alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] - group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] - group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] - repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] - api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] - channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] - username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] - title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] - text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] - templates: - - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-10-09T10:33:39Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-05T08:41:36Z" - mac: ENC[AES256_GCM,data:RHHP4fDWPWVgYJtwF+vlVdglfvaoYf4qiecLhU+GyxyyBZqmUJS70Skvky4T2uqLnr2GZS0CZsEe+CSiJtjBnazP8j1t09Am2NMzS7KNoUl+FVOKgBWhCXEfMjscoYfej02kXDjmMs6vm3TLASQfLAhbRXQBYW+CnNRr3LFXg/w=,iv:UMvwDTAofMKISY212OevQcprk3Hni1CXjxnR4pj1HSI=,tag:O70Bc1xoGMSgyjlTY60wIQ==,type:str] - pgp: - - created_at: "2023-10-09T10:33:39Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB - ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W - Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 - 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj - W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle - ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 - MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL - nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== - =gDUX - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-uat.yaml b/deploy-as-code/helm/environments/unified-uat.yaml deleted file mode 100644 index 594aebc7c9..0000000000 --- a/deploy-as-code/helm/environments/unified-uat.yaml +++ /dev/null @@ -1,802 +0,0 @@ -global: - domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ egov, monitoring ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ egov, monitoring ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - audit-service: "http://audit-service.egov:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://health-mdms-v2.health:8080/" - egov-mdms-service-legacy: "http://health-mdms-v1.health:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - project: "http://project.egov:8080/" - individual: "http://individual.egov:8080/" - household: "http://household.health:8080/" - product: "http://product.health:8080/" - facility: "http://facility.health:8080/" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - gov-user-event: "http://egov-user-event.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - namespace: egov - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -sanitation-ui: - namespace: sanitation - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -workbench-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-uat-filestore ## Add filestore bucket name - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-uat" - upstreams = [ "file:///dev/null" ] - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/audit-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/household-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/hcm-moz-impl-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/facility-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/health/egov-persister/referral-management-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-UAT/egov-persister/mdms-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-UAT" - -egov-mdms-service: - replicas: 1 - memory_limits: "512Mi" - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/health/egov-indexer/error-queue.yml,file:///work-dir/configs/health/egov-indexer/product-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-indexer.yml,file:///work-dir/configs/health/egov-indexer/individual-indexer.yml,file:///work-dir/configs/health/egov-indexer/household-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/health/egov-indexer/stock-indexer.yml,file:///work-dir/configs/health/egov-indexer/facility-indexer.yml,file:///work-dir/configs/health/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/health/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/health/egov-indexer/pgr-services.yml,file:///work-dir/configs/health/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-fsm.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/sanitation/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/sanitation/egov-indexer/fsm-inbox-indexer.yml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/health/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/health/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/health/egov-persister/mdms-persister.yml,file:///work-dir/configs/egov-persister/referral-management-persister.yml,file:///work-dir/configs/health/egov-persister/hcm-moz-impl-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/fsm-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - java-debug: true - state-level-tenant-id: "pg" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/health/reports/reportFileLocationsv1.txt" - -egov-location: - mdmsHost: "egov-mdms-service-legacy" - mdmsSearchPath: "egov-mdms-service-legacy/v1/_search" - -egov-localization: - replicas: 1 - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - -individual: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json" - - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -pgadmin: - dbUrl: "unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-uat" - maintenance-db-name: "unifieduatdb" - db-admin-username: "unifieduat" - db-read-username: "readonly" - max-query-history: "50" - max-login-attempts: "5" - enable-save-password: "False" - persistence: - enabled: true - dataDirSize: "1Gi" - aws: - volumeId: "vol-03858e4cedb7cf0bb" - zone: ap-south-1b - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/egov-mdms-service-legacy/v1/_search" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: '-Xmx256m -Xms256m' - memory_limits: 512Mi - mdmsHost: "egov-mdms-service" - mdmsSearchPath: "/egov-mdms-service/v1/_search" - mdmsLegacyHost: "egov-mdms-service-legacy" - mdmsLegacySearchPath: "egov-mdms-service-legacy/v1/_search" - -mdms-v2: - memory_limits: 512Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -prometheus-postgres-exporter: - namespace: monitoring - host: "unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - user: "unifieduat" - password: "DigitCoreUAT2023" - port: "5432" - database: 'unifieduatdb' - sslmode: disable - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml deleted file mode 100644 index 014f6ed045..0000000000 --- a/deploy-as-code/helm/environments/unified-urban-dev-secrets.yaml +++ /dev/null @@ -1,123 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:P7eJg7L6BHNkDw==,iv:V6c2oa4rgef4zVubyBVqfLzaBPqL37NkBHnS4ow3t4I=,tag:KPWWcyV2RRkz2dbEgIZvGw==,type:str] - password: ENC[AES256_GCM,data:rwmZvpS1UFgLuqEM8Q==,iv:ZdKLKhW5BNC9cv7xWyES91V9527IhyxDZFtrG8/RMnc=,tag:AGKY4AtnM71vZwQvV0v7UA==,type:str] - flywayUsername: ENC[AES256_GCM,data:SvFKmVr7KoATQw==,iv:lyzeqf80asZcscJbdEr3L/U8Ak8Xiwk0rA/n2tNDydQ=,tag:BV/qcv9YkdYejOk0nUYn2A==,type:str] - flywayPassword: ENC[AES256_GCM,data:6yLOXN8nBhFymxYSGg==,iv:BOK2G6uctHpllOoHuOw4Ypf7lQ3RjSJCOsUXpLEanFs=,tag:tidMqqG0Xywp7jcIwxrtJw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:w8dzx1VxegcyiuUkEkZUJ2q6sl8=,iv:tblebty94pl2+ByPoZu9L8U7cXEylYQUMAQlxTPvfvM=,tag:x44CUdAQGTiZJjyioLolCw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:AqwpqJ0eGdu7XR7sDDQnIQyOQna2tLAiSNO/ISpUStCBTbn52IB7iQ==,iv:SkYL0egyml+Ub8+QZzB+JF8eqPl27s6qE2yUszMN8/I=,tag:QRLPO7lsianWkI3v+GWTyA==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:IDNGiQ/UdJfodlpDksRd,iv:JXpOVDYms1HVVWGnxMwmpirVScnDTZt6OaPn2pb4hnY=,tag:tTDmD8PRBezzXFg876KG4g==,type:str] - account-key: ENC[AES256_GCM,data:bIk4upLfb+M4xzsW/pVEQQIRQzUHItnATMxoQw/a6q5iSeGOJxcbFoj/Yj5wN61AXFI1QgGqPUVyGTU4LFj4OvSb4Te/AL1bsqIgAppdEKxKu0YOXeWouQ==,iv:FIkApN+y2tCd4xzPb61DqfmFXAb9v5lYVRuPWUdUWLA=,tag:3dTtN+HvrA1+m9QjeeqZTQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7Oh3SrZgqF9uTGyFY1e2gERb4Q+xFgn0Ch5geYuq0oCkskBt+2DY,iv:R6kmwnTy5vIgbmrTh6ro3zQhfqKxxh9ziKmsCcPFNUY=,tag:0wt831cNMzBEI7xWPA5r/Q==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:rZ5weD43,iv:w1J3CFaON7TwZ6eX/hCzaRGwVU4zL44ImgRQTIm3K14=,tag:FhB+ULwj3L/Fv0fKNho+xg==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:7v9zmQRdhws=,iv:WIRN18PE2qY6tk9RlRlSBwZ82JoHikXU9OgZZJEb6tY=,tag:hGrLc397Bnd3BajNYAlcTg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:i56/L3PqmtdCHZxEA3vINmFUFo33Gun3FRI=,iv:BuHWeGoT/xf9OcAQPglN7tAUUseXE/dqhTaxXUvKzjE=,tag:SgoB8+KkKfTz0DWZEOytvQ==,type:str] - admin-password: ENC[AES256_GCM,data:OHYF/5vUzv6/uHSV,iv:yWkFCGcHjIdBXYVYQA8TCMcu/ThkJetHxYfnCn+Wiyg=,tag:O85S6LybYeOqFw4sJzMxHw==,type:str] - read-email: ENC[AES256_GCM,data:HAV68+XHfk+SO/Orbm0DquAOBcVF1/sKfg==,iv:8fJWgr0MVzM9l963+Z0/yHFjL7CY7vMbtuX9E4o8M+Q=,tag:dwOz9PoZcVUOyKVW9WupTA==,type:str] - read-password: ENC[AES256_GCM,data:oguc3wk49XcvhgPW,iv:a5riBFfT0rznHZDFC8eByvoAlc1KDAKeuLZhFdTSXPM=,tag:pkRyrUsPhq5VmYsL5cmPQw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:yd9we+lE5aD+kGmgJnVnCQ==,iv:nsPJQ8Njd1iHYIy3UE6WI8wAMvIkkmFtpISkQALXkB4=,tag:eK9XP11MN8o/vlnxR74DHQ==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:UsnTwEe1/Wyjj+U0EOLzHU5LIE+IQZ1DpL4NysUrAFsg,iv:mpri8EAFmGTrBSZrZvyl0zYeIB3tQ9xKZgkwsr2DI8c=,tag:HqO7yg20VlxOU6Tddex5UQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:a5BMvMf2IjWhmhBnsGyPLI2bTsM=,iv:fWLMqXrXUiWwZcr1MGWsbPhrTX7Bd6SdTMEXTasyxeo=,tag:QrrHesMKX94KmX+5Lg38PA==,type:str] - clientSecret: ENC[AES256_GCM,data:3zHTCC90vHQ3ub0eVazjHtRQ7T20P4eEx/CQ3gFRP/OryZZlskTZHg==,iv:uG+UjpJjTdKrDb9m6tK/v0+DwtVwN4P8IBX1ASbQUC8=,tag:UBFErKLD9o4ZT5DZVRYkzw==,type:str] - cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] - secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] - group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: - alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] - group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] - group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] - repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] - templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2020-11-10T06:48:05Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-04T06:34:09Z" - mac: ENC[AES256_GCM,data:/X1eVy13YhGzOOHGKBVTbcON219ClN8ypku3BOg2XslVUhr409fOM2uL7u/hdgSEzyct+/q8POJdzF+doqV+u9M4t6/IjPIrjTyjsJgtXlGws3bMxzGud35iDOytik5X3wt8L5CvLYm/JqwQ3Z20YnFwL3lc7J/2tUjztu9IdWo=,iv:HWSOIeUfZ0v86+Id6Q0BSzSz0bXRWWT2z6AgOJJAmQ4=,tag:w8KoXYHqUgIfe/UliqmO+g==,type:str] - pgp: - - created_at: "2020-11-10T06:48:05Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv - lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ - gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ - Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t - PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF - 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS - ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S - q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== - =msen - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-dev.yaml b/deploy-as-code/helm/environments/unified-urban-dev.yaml deleted file mode 100644 index 9de2115cce..0000000000 --- a/deploy-as-code/helm/environments/unified-urban-dev.yaml +++ /dev/null @@ -1,1028 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - namespace: urban - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] - - rbac: - - role: user - namespaces: [egov] - - role: admin - namespaces: [playground,kafka-cluster] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ urban ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v8.es-experimental" - es-indexer-host: "http://elasticsearch-data-v8.es-experimental:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - - egov-service-host: - namespace: [ monitoring, urban ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - urban-dashboard-analytics: http://urban-dashboard-analytics.urban:8080/ - urban-dashboard-ingest: http://urban-dashboard-ingest.urban:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - urban-egov-indexer: "http://urban-egov-indexer.urban:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location.egov:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.urban:8080/" - ws-services: "http://ws-services.urban:8080/" - sw-services: "http://sw-services.urban:8080/" - sw-calculator: "http://sw-calculator.urban:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - urban-national-dashboard-ingest: "http://urban-national-dashboard-ingest.urban:8080/" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -egov-filestore: - replicas: 2 - heap: "-Xmx1344m -Xms1344m" - memory_limits: 1536Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - fixed-bucketname: egov-rainmaker # Only for Dev & QA - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - hashids-salt: "randomsalt" - hashids-min-length: "5" - - -egov-idgen: - idformat-from-mdms: "true" - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - ingress: - enabled: true - - -egov-user: - replicas: 2 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "pb" - decryption-abac-enabled: "true" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744060444" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744060444" - valuefirst-notification-assigned-templateid: "205987" - valuefirst-notification-resolved-templateid: "205989" - valuefirst-notification-rejected-templateid: "205991" - valuefirst-notification-reassigned-templateid: "205993" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999" - valuefirst-notification-root-templateid: "206001" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - test-data-cleanup-enabled: true - -xstate-chatbot: - whatsapp-provider: "ValueFirst" - contact-card-whatsapp-number: "+918448098732" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918448098732" - valuefirst-notification-assigned-templateid: "3656031,4156319" - valuefirst-notification-resolved-templateid: "3656033,4156321" - valuefirst-notification-rejected-templateid: "3656037,4156323" - valuefirst-notification-reassigned-templateid: "3656039,4156325" - valuefirst-notification-commented-templateid: "205995" - valuefirst-notification-welcome-templateid: "205999,4156311" - valuefirst-notification-root-templateid: "206001,4156313" - valuefirst-notification-viewrecept-templateid: "3597461,4156327" - valuefirst-notification-pt-bill-templateid: "3595729,4156331" - valuefirst-notification-ws-bill-templateid: "3595727,4156329" - valuefirst-notification-owner-bill-success-templateid: "3595731,4156489" - valuefirst-notification-other-pt-bill-success-templateid: "3618673,4156315" - valuefirst-notification-other-ws-bill-success-templateid: "3618675,4156317" - valuefirst-notification-track-complaint-templateid: "4052381,4156335" - valuefirst-notification-lodge-complaint-templateid: "4052379,4156333" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - bill-supported-modules: "WS, PT" - pgr-version: "v1" - pgr-update-topic: "update-pgr-service" - information-image-filestoreid: "16dff22d-06dd-485d-a03d-6d11e8564dff" - open-search-image-filestoreid: "bd150c64-2188-44ba-b77e-3030475bddc8" - nlp-geoSearch: true - bill-search-limit: 3 - receipt-search-limit: 3 - complaint-search-limit: 3 - -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" - branch: "UNIFIED-DEV" - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - - - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - bpa-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$applicationNo?tenantId=$tenantId" - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -noc-services: - java-debug: true - -egov-indexer: - name: "urban-egov-indexer" - replicas: 1 - appType: "java-spring" - ingress: - context: "urban-egov-indexer" - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml" - healthChecks: - livenessProbePath: "/urban-egov-indexer/health" - readinessProbePath: "/urban-egov-indexer/health" - indexer-host: urban-egov-indexer - extraEnv: - app: | - - name: SERVER_CONTEXT_PATH - value: /urban-egov-indexer - - name: SERVER_SERVLET_CONTEXT_PATH - value: /urban-egov-indexer - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "b405e4d0-99ec-41b1-92e7-2ebda0321e0d" - -egov-persister: - replicas: 3 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-migration-batch.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pdf-filestoreid-update.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/property-services-migration-temp-config.yml,file:///work-dir/configs/egov-persister/assessment-persister-migration-temp.yml,file:///work-dir/configs/egov-persister/migration-batch-count-persister.yml,file:///work-dir/configs/egov-persister/land-persister.yml,file:///work-dir/configs/egov-persister/noc-persister.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/echallan.yml,file:///work-dir/configs/egov-persister/egov-document-upload-persister.yml,file:///work-dir/configs/egov-persister/egov-survey-service-persister.yml,file:///work-dir/configs/egov-persister/firenoc-calculator-persister.yml,file:///work-dir/configs/egov-persister/nss-persister.yml,file:///work-dir/configs/egov-persister/birth-death.yml,file:///work-dir/configs/egov-persister/bulk-bill-generator-ws.yml,file:///work-dir/configs/egov-persister/bulk-bill-generator-sw.yml,file:///work-dir/configs/egov-persister/audit-service-persister.yml,file:///work-dir/configs/egov-persister/pt-enc-audit-persister.yml,file:///work-dir/configs/egov-persister/ws-enc-audit-persister.yml,file:///work-dir/configs/egov-persister/sw-enc-audit-persister.yml" - persister-bulk-enabled: "false" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-localization: - replicas: 1 - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-searcher: - replicas: 2 - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml,file:///work-dir/configs/egov-searcher/propertyopensearch.yml,file:///work-dir/configs/egov-searcher/inboxpropertysearch.yml,file:///work-dir/configs/egov-searcher/wateropensearch.yml,file:///work-dir/configs/egov-searcher/sewerageopensearch.yml,file:///work-dir/configs/egov-searcher/inboxTLSearch.yml,file:///work-dir/configs/egov-searcher/inboxFSMSearch.yml,file:///work-dir/configs/egov-searcher/inboxNOCSearch.yml,file:///work-dir/configs/egov-searcher/inboxBPASearch.yml,file:///work-dir/configs/egov-searcher/inboxWSSearch.yml,file:///work-dir/configs/egov-searcher/inboxSWSearch.yml,file:///work-dir/configs/egov-searcher/inboxBillAmendmentWsSearch.yml,file:///work-dir/configs/egov-searcher/inboxBillAmendmentSwSearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - -egov-custom-consumer: - erp-host: "https://mohali-qa.digit.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -inbox: - service-map : '{"FSM":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"FSM_POST_PAY_SERVICE":{"searchPath":"http://fsm.egov:8080/fsm/v1/_search","dataRoot":"fsm","applNosParam":"applicationNos","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"FSM_VEHICLE_TRIP":{"searchPath":"http://vehicle.egov:8080/vehicle/trip/v1/_search","dataRoot":"vehicleTrip","applNosParam":"applicationNos","businessIdProperty":"applicationNo"},"PT.CREATE,PT.UPDATE,PT.MUTATION":{"searchPath":"http://property-services.egov:8080/property-services/property/_search","dataRoot":"Properties","applNosParam":"acknowldgementNumber","businessIdProperty":"acknowldgementNumber","applsStatusParam":"status"},"NewTL,DIRECTRENEWAL,EDITRENEWAL":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"BPA_LOW,BPA,BPA_OC,BPA_HIGH":{"searchPath":"http://bpa-services.egov:8080/bpa-services/v1/bpa/_search","dataRoot":"BPA","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"ARCHITECT,ENGINEER,STRUCTURALENGINEER,BUILDER,SUPERVISOR,TOWNPLANNER":{"searchPath":"http://tl-services.egov:8080/tl-services/v1/BPAREG/_search","dataRoot":"Licenses","applNosParam":"applicationNumber","businessIdProperty":"applicationNumber","applsStatusParam":"status"},"FIRE_NOC_SRV,FIRE_NOC_OFFLINE,AIRPORT_NOC_OFFLINE,AIRPORT_NOC_SRV":{"searchPath":"http://noc-services.egov:8080/noc-services/v1/noc/_search","dataRoot":"Noc","applNosParam":"applicationNo","businessIdProperty":"applicationNo","applsStatusParam":"status"},"NewWS1,ModifyWSConnection,DisconnectWSConnection":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"NewSW1,ModifySWConnection,DisconnectSWConnection":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","applNosParam":"applicationNumber","businessIdProperty":"applicationNo","applsStatusParam":"applicationStatus"},"WS.AMENDMENT,SW.AMENDMENT":{"searchPath":"http://billing-service.egov:8080/billing-service/amendment/_search","dataRoot":"Amendments","applNosParam":"consumerCode","businessIdProperty":"amendmentId","applsStatusParam":"status"}}' - bs-service-map : '{"WS":{"searchPath":"http://ws-services.egov:8080/ws-services/wc/_search","dataRoot":"WaterConnection","consumerCodeParam":"connectionNumber"},"SW":{"searchPath":"http://sw-services.egov:8080/sw-services/swc/_search","dataRoot":"SewerageConnections","consumerCodeParam":"connectionNumber"}}' - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_qa_db" - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - metrics: - enabled: true - serviceMonitor: - enabled: true - service: - annotations: - service.beta.kubernetes.io/aws-load-balancer-type: nlb - enabled: true - prometheusRule: - enabled: true - - -national-dashboard-ingest: - name: "urban-national-dashboard-ingest" - replicas: 1 - appType: "java-spring" - ingress: - context: "urban-national-dashboard-ingest" - heap: "-Xmx750m -Xms750m" - memory_limits: "850Mi" - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number","noOfPropertiesPaidToday":"number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - healthChecks: - livenessProbePath: "/urban-national-dashboard-ingest/health" - readinessProbePath: "/urban-national-dashboard-ingest/health" - extraEnv: - app: | - - name: SERVER_CONTEXT_PATH - value: /urban-national-dashboard-ingest - - name: SERVER_SERVLET_CONTEXT_PATH - value: /urban-national-dashboard-ingest - -cert-manager: - email: "nithin.dv@egovernments.org" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - -zuul: - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - eventlog-enabled: "true" - egov-open-endpoints-whitelist: "/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-url-shortening,/egov-searcher/property-services/propertyopensearch/_get,/egov-location/location/v11/boundarys/_search,/whatsapp-webhook/messages,/xstate-chatbot/message,/dashboard-ingest/ingest/upload,/edcr/rest/dcr/downloadfile,/xstate-chatbot/status,/xstate-chatbot/reminder,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/notification-sms/smsbounce/callback,/birth-death-services/birth/_viewcertdata,/inbox/v1/dss/_search" - egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files, /filestore/v1/files/id,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_fetchbill,/billing-service/bill/v2/_search,/collection-services/payments/_search,/pg-service/transaction/v1/_update,/pg-service/transaction/v1/_create,/pdf-service/v1/_create,/ws-services/wc/_search,/sw-services/swc/_search,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/FIRENOC/_search,/collection-services/payments/TL/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/turn-io-adapter/_transform,/egov-pdf/download/PAYMENT/consolidatedreceipt,/egov-user-event/v1/events/_search,/tl-services/v1/_search,/pgr-services/v2/request/_search,/echallan-services/eChallan/v1/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -billing-service: - replicas: 1 - java-enable-debug: "true" - tracing-enabled: true - -collection-services: - replicas: 2 - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - apportion-endpoint: /apportion-service/v2/bill/_apportion - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "digit.org" - -employee: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -dashboard-analytics: - name: "urban-dashboard-analytics" - replicas: 1 - appType: "java-spring" - ingress: - context: "urban-dashboard-analytics" - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - extraEnv: - app: | - - name: SERVER_CONTEXT_PATH - value: /urban-dashboard-analytics - - name: SERVER_SERVLET_CONTEXT_PATH - value: /urban-dashboard-analytics - -dashboard-ingest: - name: "urban-dashboard-ingest" - replicas: 1 - appType: "java-spring" - ingress: - context: "urban-dashboard-ingest" - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - extraEnv: - app: | - - name: SERVER_CONTEXT_PATH - value: /urban-dashboard-ingest - - name: SERVER_SERVLET_CONTEXT_PATH - value: /urban-dashboard-ingest - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -urban-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -dashboard: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -sanitation-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "false" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pgr-services: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - java-enable-debug: "true" - time-before-closing-complaint: "3600000" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId&businessService=$businessService" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_TL_APL]" - tl-license-num-format: "PB-TL-[cy:yyyy-MM-dd]-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=digit-ui/citizen/payment/my-bills/$businessService/$applicationNo?tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - tl-search-default-limit: "50" - -property-services: - replicas: 1 - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - employee-applink: "https://qa.digit.org/employee/user/login" - -pdf-service: - replicas: 3 - memory_limits: 1.5Gi - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-bill.json,file:///work-dir/configs/pdf-service/data-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/data-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment.json, file:///work-dir/configs/pdf-service/data-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/data-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/data-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/data-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/data-config/birth-certificate-pdf.json, file:///work-dir/configs/pdf-service/data-config/death-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-sewagedisconnection.json,file:///work-dir/configs/pdf-service/data-config/ws-waterdisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-seweragedisconnectionnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-sewerageconnectiondetails.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-metered.json,file:///work-dir/configs/pdf-service/data-config/ws-waterconnectiondetails-nonmetered.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-bill.json,file:///work-dir/configs/pdf-service/format-config/ws-onetime-receipt.json,file:///work-dir/configs/pdf-service/format-config/occupancy-certificate.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment.json, file:///work-dir/configs/pdf-service/format-config/bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json, file:///work-dir/configs/pdf-service/format-config/sewerage-bill-amendment-note.json, file:///work-dir/configs/pdf-service/format-config/mcollect-bill.json, file:///work-dir/configs/pdf-service/format-config/mcollect-challan.json,file:///work-dir/configs/pdf-service/format-config/birth-certificate.json, file:///work-dir/configs/pdf-service/format-config/death-certificate.json, file:///work-dir/configs/pdf-service/format-config/ws-sewagedisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnection.json, file:///work-dir/configs/pdf-service/format-config/ws-waterdisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-seweragedisconnectionnotice.json, file:///work-dir/configs/pdf-service/format-config/ws-sewerageconnectiondetails.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-metered.json, file:///work-dir/configs/pdf-service/format-config/ws-waterconnectiondetails-nonmetered.json" - persistence: - enabled: true - accessMode: ReadWriteOnce - size: "1Gi" - extraVolumes: | - - name: {{ template "common.name" . }} - persistentVolumeClaim: - claimName: {{ template "common.name" . }} - extraVolumeMounts: | - - mountPath: /mnt/pdf - name: {{ template "common.name" . }} - -efs: - nfs_server: "10.1.9.132" - nfs_path: "/" - - -egov-pdf: - replicas: 3 - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-data-v1.es-cluster" - es-port: "9200" - -echallan-services: - egov-idgen-challanNum-format: "PB-CH-[cy:yyyy-MM-dd]-[SEQ_EG_CH_APL]" - -jaeger: - host: "" - port: "" - sampler-type: "" - sampler-param: "" - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.0 - -pgadmin: - images: - - egovio/pgadmin:v0.1 - -pgadmin-config: - host: "egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com" - db-admin-username: "egov_qa" - db-read-username: "egovqa_readonly" - port: "5432" - env: "QA" - maintenance-db-name: "egov_qa_db" -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# egov-wordpress-portal >>>>>>>>>>>>>>>>> - -egov-wordpress-portal: - replicas: 1 - images: - - egovio/wordpress - db-host: prod-egov.mysql.database.azure.com - db-username: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50kojRv5BatVU6B2oxjr2IlhnQR4foH7GxtU1trgfom5A== - db-password: SUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D51JRc/Gepwka4zii7e7dw+dSUXPxnqcJGuM4ou3u3cPnUlFz8Z6nCRrjOKLt7t3D50GzpQL2kP76wJL2mW+XFJrKn7KGgDz7lV6FZN/e8IPEg== - db-name: egov_wp_portal_db - wordpress_siteurl: http://qa.egovernments.org - -#<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-enc-service: - state-level-tenant-id: "pb" - # <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0ce7714c3291e0284" - zone: ap-south-1a - - volumeId: "vol-000e8329af4f912f3" - zone: ap-south-1a - - volumeId: "vol-0b34d6132ba38816e" - zone: ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -kafka-connect: - image: - tag: "5.4.1" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# zookeeper-v2 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0f15d6515a5038ba1" - zone: ap-south-1a - - volumeId: "vol-0a78afd284cdf38f3" - zone: ap-south-1a - - volumeId: "vol-0885e513c59d5529b" - zone: ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# es-v1-cluster >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-021eb5ed56e94f8c6" - zone: ap-south-1a - - volumeId: "vol-0f758925f2ea2de71" - zone: ap-south-1a - - volumeId: "vol-0909c5b4411e8c54b" - zone: ap-south-1a - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - # cpu: "1000m" - memory: "2Gi" - limits: - # cpu: "1000m" - memory: "2Gi" - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-09a70a40a22a68679" - zone: ap-south-1a - - volumeId: "vol-09676d61dad41a85d" - zone: ap-south-1a - - volumeId: "vol-0a1821d70789c0fe5" - zone: ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - -es-curator-infra: - namespace: es-cluster - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-data-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" - -kuberhealthy: - deployment: - replicas: 1 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -oauth2-proxy: - config: - configFile: |- - email_domains = [ "*" ] - github_org = "egovernments" - github_team = "micro-service-qa,devops" - upstreams = [ "file:///dev/null" ] -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-finance: - replicas: 1 - dev_mode: true - filestore_beanname: microDiskFileStoreService - -# eGov-eDCR Tenants -edcrTenants: | - common.domain.name=qa.digit.org - tenant.qa.digit.org=state - client.id=punjab - tenant.amritsar-qa.digit.org=amritsar - tenant.jalandhar-qa.digit.org=jalandhar - ms.url=http://egov-filestore.egov:8080/ - filestoreservice.beanname=egovMicroServiceStore - mdms.enable=true - mdms.host=https://qa.digit.org - -microservice: | - indexer.host=http://egov-indexer.egov:8080/ - egov.services.egov-indexer.url=egov-indexer/index-operations/{edcr-create-application}/_index - edcr.indexer.data.push.required=true - egov.collection.version={{ index .Values "collection-version" }} - egov.default.services.endpoint=https://qa.digit.org/ - egov.hrms.service.endpoint=http://egov-hrms.egov:8080/ - egov.accesscontrol.service.endpoint=http://egov-accesscontrol.egov:8080/ - egov.hr.masters.service.endpoint=http://hr-masters.egov:8080/ - egov.user.service.endpoint=http://egov-user.egov:8080/ - egov.common.masters.endpoint=http://egov-common-masters.egov:8080/ - egov.billing.service.endpoint=http://billing-service.egov:8080/ - egov.collection.service.endpoint=http://collection-services.egov:8080/ - egov.egf.master.service.endpoint=http://egf-master.egov:8080/ - egov.egf.instrument.service.endpoint=http://egf-instrument.egov:8080/ - egov.mdms.service.endpoint=http://egov-mdms-service.egov:8080/ - egov.indexer.service.endpoint=http://egov-indexer.egov:8080/ - egov.services.billing.service.bill.generate=billing-service/bill/v2/_fetchbill - egov.filestore.service.endpoint=http://egov-filestore.egov:8080/ - -egov-edcr: - ingress: - enabled: true - zuul: true - context: "edcr" - -ws-services: - replicas: 1 - is-external-workflow-enabled: "true" - water-decryption-abac-enabled: "true" - -sw-services: - replicas: 1 - is-external-workflow-enabled: "true" - sewerage-decryption-abac-enabled: "true" - - -egf-instrument: - persistence-through-kafka: no - -# eGov-Finance Tenants -financeTenants: | - tenant.mohali-qa.digit.org=mohali - tenant.nayagaon-qa.digit.org=nayagaon - tenant.amritsar-qa.digit.org=amritsar - tenant.nawanshahr-qa.digit.org=nawanshahr - tenant.phagwara-qa.digit.org=phagwara - tenant.derabassi-qa.digit.org=derabassi - tenant.jalandhar-qa.digit.org=jalandhar - location.user.role=Collection Operator - collection.debitaccounthead.client.impl.class=org.egov.collection.integration.services.DebitAccountHeadDetailsServiceImpl - -# grafana >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -grafana: - initContainers: - gitSync: - enabled: true - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-DEV" -# minio >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -minio: - mode: distributed - persistence: - enabled: true - dataDirSize: 20G - aws: - - volumeId: "vol-085bf7c435e9eed0d" - zone: ap-south-1a - - volumeId: "vol-09ebb5d2741478244" - zone: ap-south-1a - - volumeId: "vol-02f3fdabc338c9b0b" - zone: ap-south-1a - - volumeId: "vol-0eb0b261285dcb652" - zone: ap-south-1a - ingress: - hostName: minio-egov-micro-qa.digit.org - -# nlp-engine >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -nlp-engine: - isSentenceRecognitionEnabled : "false" - -# airflow >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -airflow: - config: - AIRFLOW__WEBSERVER__BASE_URL: "https://qa.digit.org/airflow" - AIRFLOW__CORE__PLUGINS_FOLDER: "/opt/airflow/dags/repo/egov-national-dashboard-accelerator/plugins" -dags: - gitSync: - repo: "https://github.com/egovernments/utilities.git" - repoSubPath: "egov-national-dashboard-accelerator/dags" - branch: develop \ No newline at end of file diff --git a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml deleted file mode 100644 index 4d10acebf6..0000000000 --- a/deploy-as-code/helm/environments/unified-urban-qa-secrets.yaml +++ /dev/null @@ -1,71 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] - password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] - flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] - flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] - password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:SDoqgYTGoNhkwp9nfYdaC5ETStQ=,iv:3iYDfY/1vB2pxYfEWklsxebfr9PHiCts8OlZ45nlinI=,tag:h38e4ohxD+bXf0/R7FzLGQ==,type:str] - aws-secret-key: ENC[AES256_GCM,data:MPAhLsxrIRPiGZ0CYxfE8DjNISGntKybxDdT3ZDqsnHpHerI4FiSSg==,iv:9bLy/8wdnCCTomAeNX6AH0tJ+nE82Q1TBTqQfqJVBwI=,tag:o9RV2S+LF975f1t6uURJDA==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] - admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] - read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] - read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] - master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] - known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:b0Nm5XRP67SyAiS7iXbpFerrD+8=,iv:Ha5OkYoAKN1WawR4vC8rha3DfUMDLokA/efKl9ct0/U=,tag:e1Xxz1LdJBxI0rYXy2hcKQ==,type:str] - clientSecret: ENC[AES256_GCM,data:o2D8qcrn1hRnD6XrTrEEdJlE49yxw29sA4kEK74q0U0QQFNusL76aQ==,iv:K2hcTpvEwVk2rbzv0qFRrlShayr9q4pbNjyIeGXewy0=,tag:GYGpEmzahiGCP52cq91ibA==,type:str] - cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-09-26T16:11:43Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-11-23T11:39:30Z" - mac: ENC[AES256_GCM,data:rMvlfhPnEVtNxCgfqJfamHJBAD2yb2zHzL7Tvus7auhjjZHDhJ5BFIC0ws7PTQlBRcUw3yuQRS5sEWEPx2gqfzq6A0YtTL8/EQKUdYcTm5CWfu//t8lYSi0K3/9KW/87ShPbhtLXXVLwHJjk/JKhIxM0KLDaXRR8q6Xlb7dRhUs=,iv:mmtntSlbILibKX3PHV2vo7RGOUULAx0nR70rriiTubM=,tag:qyCz8fx9Wtmcd1zPGRg6ZQ==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml deleted file mode 100644 index bc3a47945f..0000000000 --- a/deploy-as-code/helm/environments/unified-urban-uat-secrets.yaml +++ /dev/null @@ -1,129 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] - password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] - flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] - flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - - egov-notification-sms: - username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] - password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - - egov-filestore: - aws-key: ENC[AES256_GCM,data:bQsqek4XG9uLH3Ny7EwZrEhhayE=,iv:uq+dBkCSItAbqcTsw08ZTxSEaomZ4z9OjNkx2yF32Bc=,tag:fxrDmM8LPWPSIrn9E4gfvw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:hImkLy6dTbS2WG4tpRN06fRj7V8Fk/ikg2KZDJ9qCLDkmEorYWauCg==,iv:D1Do/bAFSqo0lLNVx6bu2ZKDdRW+oEcRSHe+Tg7BKZE=,tag:AvoZ5H2wjaVzJDUKIUkpdA==,type:str] - - egov-location: - gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - - pgadmin: - admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] - admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] - read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] - read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - - egov-enc-service: - master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] - master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] - master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - - git-sync: - ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] - known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - - kibana: - namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] - credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - - chatbot: - valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - - oauth2-proxy: - clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] - clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] - cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] - route: - receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] - group_by: - - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] - match: - alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] - group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] - group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] - repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] - api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] - channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] - username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] - title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] - text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] - templates: - - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-10-09T10:33:39Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-05T08:56:01Z" - mac: ENC[AES256_GCM,data:pZ447xQUQE/UWSNbCwLKbGNLvcoVZAFvwjOZBLiKDwx3Vq7u1nWhHBLzkgoJqOScDp7YQJRwK9ktVxL2uIsxqQjIurqjJVcqvQgBYY2P62G5CTnfFtE70JWt2xHOhYjavdAXP2h6Tl3Mumu9v5PoA6BcDUcJgJuWA4+jh8I2Gl0=,iv:dfajK5YSQqZoalCyZaB+iAZB0GDwsK9T0BAHtfTLJJE=,tag:C9a758ZpBQ1J9nvZCFw3iQ==,type:str] - pgp: - - created_at: "2023-10-09T10:33:39Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB - ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W - Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 - 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj - W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle - ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 - MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL - nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== - =gDUX - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-urban-uat.yaml b/deploy-as-code/helm/environments/unified-urban-uat.yaml deleted file mode 100644 index bee3b7ce3e..0000000000 --- a/deploy-as-code/helm/environments/unified-urban-uat.yaml +++ /dev/null @@ -1,688 +0,0 @@ -global: - domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, urban ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, urban ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - egov-internal-microservice-user-uuid: 4fef6612-07a8-4751-97e9-0e0ac0687ebe - - egov-service-host: - namespace: [ monitoring, urban ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master:8080/" - egf-instrument: "http://egf-instrument:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location.egov:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.urban:8080/" - ws-services: "http://ws-services.urban:8080/" - sw-services: "http://sw-services.urban:8080/" - sw-calculator: "http://sw-calculator.urban:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus.egov:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -egov-filestore: - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - autocreate-new-seq: "true" - -egov-notification-sms: - sms-provider-url: "sms provider url" ## Add sms provider url - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'N', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms-gateway-to-use: "sms provider name" ## Add sms provider name - sms-sender: "sms sender" ## Add sms sender - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -egov-user: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" - -egov-persister: - replicas: 1 - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -pgr-services: - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-UAT" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx256m -Xms256m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.26.1 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - - -user-otp: - logging-level: "DEBUG" - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - - - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -playground: - replicas: 1 - images: - - egovio/playground:1.3 - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml b/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml deleted file mode 100644 index 0c20dfdfc0..0000000000 --- a/deploy-as-code/helm/environments/unified-works-dev-secrets.yaml +++ /dev/null @@ -1,123 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:P7eJg7L6BHNkDw==,iv:V6c2oa4rgef4zVubyBVqfLzaBPqL37NkBHnS4ow3t4I=,tag:KPWWcyV2RRkz2dbEgIZvGw==,type:str] - password: ENC[AES256_GCM,data:rwmZvpS1UFgLuqEM8Q==,iv:ZdKLKhW5BNC9cv7xWyES91V9527IhyxDZFtrG8/RMnc=,tag:AGKY4AtnM71vZwQvV0v7UA==,type:str] - flywayUsername: ENC[AES256_GCM,data:SvFKmVr7KoATQw==,iv:lyzeqf80asZcscJbdEr3L/U8Ak8Xiwk0rA/n2tNDydQ=,tag:BV/qcv9YkdYejOk0nUYn2A==,type:str] - flywayPassword: ENC[AES256_GCM,data:6yLOXN8nBhFymxYSGg==,iv:BOK2G6uctHpllOoHuOw4Ypf7lQ3RjSJCOsUXpLEanFs=,tag:tidMqqG0Xywp7jcIwxrtJw==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:bKHPhTR7hg==,iv:Vpr1zsgxHQrbmyYNWSaKbelhFRvKbiHzZGSE/EqQ6RE=,tag:xSkBD/bUOCthyLxeO2ADVA==,type:str] - password: ENC[AES256_GCM,data:/8Nx+iqA6LU=,iv:DbgjakTe8oYyfAUNuLJ2pVWUS4eh64ybXFvCctiN3Eo=,tag:33/GTlVEL7i/0PvvVnAwmQ==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:2PynZQBMfZf996NrF/DqPpGyM5Q=,iv:xYJHOjGzx+o0RNImrCTW2NtYvhQVr6PTvqqDLzUTpME=,tag:HOFeP0mKD6U6hwnrLNJTMw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:xHf/VojI21waAmYrs5ssmej9pqs3ctmiM+9gLldzy1J11mLwP6KcZQ==,iv:Ah7QSCS/Xjij/Ct9qkksXxE5dXb3wj0IVahXUMOhieM=,tag:0DK+pnicmyXqkEuNpI3LLw==,type:str] - egov-filestore-azure: - account-name: ENC[AES256_GCM,data:IDNGiQ/UdJfodlpDksRd,iv:JXpOVDYms1HVVWGnxMwmpirVScnDTZt6OaPn2pb4hnY=,tag:tTDmD8PRBezzXFg876KG4g==,type:str] - account-key: ENC[AES256_GCM,data:bIk4upLfb+M4xzsW/pVEQQIRQzUHItnATMxoQw/a6q5iSeGOJxcbFoj/Yj5wN61AXFI1QgGqPUVyGTU4LFj4OvSb4Te/AL1bsqIgAppdEKxKu0YOXeWouQ==,iv:FIkApN+y2tCd4xzPb61DqfmFXAb9v5lYVRuPWUdUWLA=,tag:3dTtN+HvrA1+m9QjeeqZTQ==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:7Oh3SrZgqF9uTGyFY1e2gERb4Q+xFgn0Ch5geYuq0oCkskBt+2DY,iv:R6kmwnTy5vIgbmrTh6ro3zQhfqKxxh9ziKmsCcPFNUY=,tag:0wt831cNMzBEI7xWPA5r/Q==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:iQCsd/TQg9R470HXxOYyfw==,iv:acB1ytqtW00eZHYn0JO48Gc2WTpTwFPgxcsn2VS0htg=,tag:R1vDil7+I5ZV8tYmGWKDUw==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:dUfcmBeRhFQNIfAyqpQDHw6ca378i4TtXWrEjacvWec=,iv:ybV8brU6DsPuPeMEJOU+p3bq0m11tgQZfDWT4OlPql8=,tag:nFStBXqGS6wDZJP63DaE1g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:a9SSDv6knIqg7TTAcRkt,iv:HCzcJ+axKjquhdzDuHANDLJdPwO+HZtiBj3fh82li50=,tag:AjDislnD0ai+g9y5sxgWBQ==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:PIIQQdXCZLLOH6g=,iv:x4GvV9L90Gf5D6Ce64fgcOXBq1d6lCzD4VHxB+Ws18M=,tag:pR271xq46ZHPsNEX9xdwlQ==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:3GKrCaheW48=,iv:at6gTDEdkjl9m1j8HTB6BF8ZU3UNSPFJEnhWwSFoggc=,tag:9MTmhgg6YAxzd8FyN6AfGg==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:rZ5weD43,iv:w1J3CFaON7TwZ6eX/hCzaRGwVU4zL44ImgRQTIm3K14=,tag:FhB+ULwj3L/Fv0fKNho+xg==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:7v9zmQRdhws=,iv:WIRN18PE2qY6tk9RlRlSBwZ82JoHikXU9OgZZJEb6tY=,tag:hGrLc397Bnd3BajNYAlcTg==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:i56/L3PqmtdCHZxEA3vINmFUFo33Gun3FRI=,iv:BuHWeGoT/xf9OcAQPglN7tAUUseXE/dqhTaxXUvKzjE=,tag:SgoB8+KkKfTz0DWZEOytvQ==,type:str] - admin-password: ENC[AES256_GCM,data:OHYF/5vUzv6/uHSV,iv:yWkFCGcHjIdBXYVYQA8TCMcu/ThkJetHxYfnCn+Wiyg=,tag:O85S6LybYeOqFw4sJzMxHw==,type:str] - read-email: ENC[AES256_GCM,data:HAV68+XHfk+SO/Orbm0DquAOBcVF1/sKfg==,iv:8fJWgr0MVzM9l963+Z0/yHFjL7CY7vMbtuX9E4o8M+Q=,tag:dwOz9PoZcVUOyKVW9WupTA==,type:str] - read-password: ENC[AES256_GCM,data:oguc3wk49XcvhgPW,iv:a5riBFfT0rznHZDFC8eByvoAlc1KDAKeuLZhFdTSXPM=,tag:pkRyrUsPhq5VmYsL5cmPQw==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:yd9we+lE5aD+kGmgJnVnCQ==,iv:nsPJQ8Njd1iHYIy3UE6WI8wAMvIkkmFtpISkQALXkB4=,tag:eK9XP11MN8o/vlnxR74DHQ==,type:str] - master-salt: ENC[AES256_GCM,data:FdaemV4VsX0=,iv:TOq7eBVowhwrhYQA8lTSUcX9z6t3N6QfeC2+HflLsFs=,tag:d6EujcRSKKFHrPZvPcBI4A==,type:str] - master-initialvector: ENC[AES256_GCM,data:aHuoiogt6IY6vvES,iv:OfANqGUPQmQJPw/Wiz/+DeH2BnC4iVkyEQZmO+Rh91c=,tag:tg+RuLeB7iPkmGsxCdbO+w==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:UsnTwEe1/Wyjj+U0EOLzHU5LIE+IQZ1DpL4NysUrAFsg,iv:mpri8EAFmGTrBSZrZvyl0zYeIB3tQ9xKZgkwsr2DI8c=,tag:HqO7yg20VlxOU6Tddex5UQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:/EQ50K6Yj/0=,iv:KGf17RHInujfu/D/IWhEtDnE6Q8eNjh1BTy+gWoiAR0=,tag:XXxo379t1pZ6d//VK/lhfA==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:SX85RlLYXjdBCMTPg+xvS3kQTyoHOtMZr6KCCH9+pt9IDDqHd4U4mbAVhTw6V2MUSVTAUA7rPB9p3KIoFE0ge+pNraK/XtZH0OBLo9Y5Mq028Kcbi3QRrT7/W5IF7lzu5SuEgh7lWtIGXzbWbH2/uL9ih+Px7xZweRMhcTefoSFYppJrFbFhUhN9wbmc8dNh8/6d51NdV1dPIVz7ss/Q1UuDfgkJBWEmOKlDEyaiyy8928yN67RmNRzoUDWdfnmXJiLuGoQ5ll1XrZPJ2XaV1sUmo4HPpymP5u1mOmYIWwbLfn+iMmT7ZushdlRPP7pDzTXl/vZVvQclho2HQputnAmhbYi2vACRgV1idNIa1zld1F1KCDJbPUesJzQd0Y0TWP2Rs9EmLGqBFpuO1lty8uCB3QOGhwrLkNVI2Rqb+rz6RD68g0xaO92BFUM5pcin7aQVtqmunDf8bFVO1Heupsc5K31Hbf0C+rJqp8O+2lPQRzd2fyMSWx0jnXBl7xlwRJ+qUJg+imuayLsuORkJdWmjBf5yYWvjR2xhm7Di6u5D8JXv3fVJAMauCvdaRxASYmi2UfLDEKkGLr4b64JmFan6BVyE5FB3XhH/uC6ijPFWquMsqYb8EmzkiN2V2X8nqWClC/BeLpZVvVp1qZIO8ZlHhGjbzNK8ZdX8SxWMgDuZr3i4JgoaEGxnKqm9mow07lyZoGbCpD/QeXNo4cJdrFGKmAoutnQRE4XGjPqbd+2GIuvnw3hFKIdQHI90zEQnYDOiT5gwNNv8Sy73bPKiFIdGutbMzeT5Ua+JANvhGwfdj1E4cP2lR6xnt2xMwDwLEJXvewGP9TEE2aDfYh5nVbw0se4hpNEJn7pUB8wFwD8hQfJ+cduaoXM6jyqh3p3GDufutulycuJ+AAjhXJFWf7/7T2o7m3K2ukoohQ/BartXcwmdO79FmIc3uh1g1LIjrc2mz7TBXCA6VDQBinebwid2PURSvIKhtftPgkQi6E0DzfVVrZ65ts6UIxzEvQL27pPEtFdlcPnUjgfvOM35hzzmsHGUDsbJTOuGOEcJd7H3sM6mnmN7iElGRzDet5VqJ9DqJH88fZiWhrx4qc3rgYcNGE8n1VbqXvJTZq7ukeeEKvCSeF+pHaKcs3qURdPqAz4X8pGQ4BFu2jn5J80dLPs0OOiYZxMiBDE0GK8YmtJRLPJmNBu40Wzt8aGaZQjz/ZqU4lcNQ8FzqDesAeYKSkHA3RzgqumTeh3aiflvJuzJNTtASKl1K3x99sR1X8Z6yhoibvYGryizhjYA3Ia3QlBvhdLnstYFgv0uzWjIH080iw4qlnzhE636VFcoFlCyBepe94gJ3l/KdkBeLOo8ScvJpq7DIm8Md/wIH7/6Q2kNKx9/ANeY1oBMho7s/XumCrFZSSdQAhPMKfLNHItkWJl7hG0AifRQg+aQRW3taxBrTH/jaKvKdbl0B8XGJpt/dahEjZLodYDdNo6jqm0SAYs4yflmh+J1YeINJxY8mK6zIpLmqrggVggR7dD5XhOSwSWJYypizJnWa9N62IdUlbfwmd1AtO+ahkosiJeZnlyT4GdS32iieS06OkAv0dnX20bqyuF3kkYiXjyGCCfflP6kREzBG92VHcJjrM4/Mbgg/naRQ0zrgMMR/Y64Rbu+En8LFLPmu/zXlJ9CKh2BUdtTP3GgV86MFR3R/ACmYvoWPdkrLWsyJBb380CSUjZMDSLmZQ5m4hULdInNSr4VxU6BGmSheDPRrXAtjVWVjIOFKcxcQt8RJowa1mame9v3tf4EnL28QQChUbMFYdayZvCLKObMPKXt0u+lNnJpbxSYIaV/jqD+qaeYmSoYd8+g1117K32wOn26BCfZDf1OCB6FH44UTftwbkXpSfpGm7vDO8S9leS3OeMqThG8MfKrC9JMPBBHrRpc2aMqpqwu1pmyAf0lS/Cam+VxBONfrbwC43WC47bR43T/Lo50Hyxoh2hFgRd4+Nz6m9px4fLJFnUBERO7dA4xpUS1jyHL77zaFFfvw0kXFgaLOO8AYEl/yrNT/LwWZgEKzgUEDWsAWhn+68qBNYmTNr9KoIZKrl/MRQbT5lj++7rlmRTWZuCAGYaaMLJnLln/3LFJCGPS+w5Bf46PQITJejKKkFEgPYX+/LFhOx6rAOwOkjZfj2aVPQfZrE3LeqhQ6GlIROeLUi8bHOLyv+KH/QXIylBjTDgsOQOXwKInBTM6fTfkNQ3dOr0QHurqxAFVBVsuqFEw56tqXb6vZ8OHs/T4+CAHPsmMyiRD23iyY7ynpGFdRLxX6+2bUBCjvecdMesZg0NYz5FsM3Y+lhjN97re9RAoHrA541WMqjs5lRMeXjPgNQfKximHD1jFUboBHQ8BqFC1+xQcaXUI/zz954XqNG4PgggBehGA6CgBWoanRgcXTEZPZ6XS3S6UOTz80fxEoRnWYba0ScckiP7npI8ddR24KdrSzTa4tXFEft/i3/37qUDAORieFfWZXHfz/xvgrpHtrQFj7CYlc/IadDrebt1v9bXkCvVuPamPBzRESmpWnPew9GujkUrRas3GPaOyWrNb/q6v7NRTr/93SBFdmr56FTbkxBAc4d95Ja59C/+wqL+DeIrarzB/iupnmsgUNatmsj8Qml3dHKlJqSZEVWaZASCqloM3bIkCUYzpxVbO/gbpaE5lnctLT8c9lzK/BpVzbz7GlYD/gI6/rGDV6OYRwTvZZrVPO6k8v+jD3vAGNXtPo/LQ07j4N3voyBaL5XR7s+/EmTfncK0ZlylyiTHOUzrZQ/oS+9W/5kQOwyz5YdOgl1Ny041bbzVFVvphpECJsCD4dUpOX7qIUtWnrMLrqFWko6kidrsSGQzEu7OHNcoLb3/AmH9WU7HUODbcUjH+w+h2aka1rvFHPoekGOLxmq4KPo64q9JbvZ64AxgyEAXljKCz32m/RXtE2hctaKMsvG3labYPEod8sCO8noK799XAEScOIwHbouCuWTO03syrPwFgGRRa9UJY39NId780b17jf+dOtPxjzltB6wp0IojfD0fCdEa1Cy8QJNQ6JhgLgyaVdNs7HchcMaJqGkOCDqsfxpoTx4vM2TN6U0eeRtK40dmU83M1bdL39Ig6Qs5sTxn2ENPbhIvEsCpVzCHFWs4Ed6w0iXkdYr83gRG98ZzTC76YgJ6hQXr31gsuk3c+TP89C11lep/dz7XpoNGQvxCrRUjkMf+ebOzmEhzDEE0v5qnIJPohLflEfoQmd1ISLR5WlKLyhFdvnr2y9ev0T6QldyJcqXoFJaL5wgBkNHCz+xHnbGPeArSxlkPuAl5QuJQfSbGN8OxL5qb1qOs1x+BE4fEaE2m+Bd6W7APBo9vpX21XeXFKgxWV2PoDqm9XYaDmMtr2qbrvnLOaOhUx8zkBGrWHWXSmtIZZ41KTAW4vjPMwBeUnZUfiP+bKHyNkhk+ah0MWpdHBiXmkritdZPs+Qbwwol3k6lUA07HA4VzPPHKgxskwV62k0ngXwIjRW61RUQgVkbOGYfjpqa4PH96MSTNy5oQqSKOZGFqtmnu8bQPbni6cGmlwQmv5zgaGeYdfNzZraAqbKa0lvtG7wScYB6eKAkZtPK4mrNDSLtEdr8Z4kJ+kuxVBtATNA1kaUDjvPidgH80Lh78xpUg6+RqKflubnZ6Gfi0OhPpKLdqYHPU22AEw8cIxTDLzYX6S3rZkXDk8QJfxxsgwuzyaCSO8/NxPdEz+/4+Nb1QrmWsEbR5kxITBx/pnllT1D1QxjSvapwFRX+f13HrI6FjV8THNm6yQ1UuQXkzyJb4xRJUJnvpDzOQPFTSMsrjhm01Hqx/gUeZ1Ep8MY22w07OF1i8VrqiqwTEsOQEivDw9EdJo14c11cMNdV0AB/S9AVWs30DTUwld9QUlVcX+56spGOja9Dr+onLmpYQnGUKTOY7UwLvwO3S4iu4GpszuoShGjeEKMzKaP5ITdrlt8nO1GyemWDw0TG6ioRy25hJWmnmocAAMB/5tyHFneGBrDnB0mahiyrs6cNjRLFf2VJ/IsyVPUZs4YDSQPlrjXpDMVrbvAOFAHkPCrJkX9cVzd0cZANw54+G95O1wuoS0MlFwYtnW3yWUdu+uIP1+ZPntKoI/AVD1UhH3PSq9BzVYAzKQZ6mrRN6YhBgqPZUODQmXeVHzuTX7FPT3MwPoZG1QBuNtbJgFUe3+cnWZxCfmIT4kwO+VmNji5FajHwWH4C+R3dimQCIZKlWCgtpWmG2u+HE3Rz/paximzLUmToqBYkB9c5i8wXL6trHyta9ml93BMhOmNtW9Lood2Uxr,iv:QoEP0IsOonMY8nnS8nOZPH+9BrsIXJyJI2Muav5G+lE=,tag:2qbNbl/qXuNkUogEDPDYGQ==,type:str] - known-hosts: ENC[AES256_GCM,data:p3ew1QDJyoUfC0r3p/gp2zh1uR63e8aZhF+m0CMyFKZttHCjHl5N0YnZueyEJ4clQe00L51wgIOQ57VB4uB63LhBhwrgjTIF8SY9XWLwWzL55FH2r029S8TBMOMan6PwzoRlpj+CBghgoIZUlcSrMtJdEkuz1E0is6Z9OXx+u81mhfQp8fRQvTCEjVua1dPsD0K1TUZRTUrUen6Nke9T2g31KCePI9Fd5GPRWhKiXaayTGD46mYetpzLJLmg38Boin+dpz5beGDco6Xs905U3l+jITe0UeVFtC65AdJqltzsYKCwbA/DscQ5TPmH59RcyaJPNvl+Q46I/mI+aWDYYXp70TIuxsnMepqPuA8bO6X6YFJ34SumSH0BGtDVosNzD5nvEUfq+tZCKncyo4eVHQo/ubn8yw895xHDi5EbDbx8BWAzh1wnPGKUcmBZBmYz2KOji21GTQkhfjZnXMxrS8Bq+0aNCzZEqLQECCkL1P1D1Uka4VqiH+vXChOLSb8jgE72TXC+1UJe9bsm3XVSf9mryy4ALvAj3GJpw7nzlq60nQdE2KOoLpCEIJbIE/CcMhTmu5QuZGhilmFTSRG7YJfhG8bpkxTfcrURXO6ure5VlebeZqS57AS5+rRWIq/orXYlYJIxuVFQpPvwTmyCZelT4vwahyV18obNFimdOvmV7wsqu8w2CsbwDNLJ0kdNtlnDbI1xutpjWZa2MkkWjYqJQY6ujssgVgXHoYdiw2zhkcc=,iv:51O/Rc/gIHwY8UWyHJB8C1K+jZiEEaQugHroJa4MllQ=,tag:fOBLnlvvrMvRM27F0dTuUA==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:bY+bZkzXrHkc,iv:kI/ksNe5nbMRc1Gc/m9d6Z5+c7MYUosqYctF8WVBzAY=,tag:uYhCcWbfmp354MB97Vhq3g==,type:str] - si-microservice-password: ENC[AES256_GCM,data:ladqAARE92xqATprWQ==,iv:0UwXRNaNFDPGyt1UnLwO4vc8EQx8FX8yWqocrdxsgt4=,tag:b5vyxJkvi76X7AvBegF4qA==,type:str] - mail-sender-password: ENC[AES256_GCM,data:eUWsjzFShr6pHdCls68zrbI=,iv:YAtIKu7iDCU6KBB9Ska+aRBcs7vbg9JPnRvtWb3Bw2g=,tag:527UjfqB848n8A2BmIFUOA==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:ooie9jRZwFiRdBjUhW8GEB4SfjHn+nsdOkcGaw==,iv:bBjzp5xl11dyvzfhmU4O6R4LVLNzEQY36mxlxAGD4+c=,tag:LW+AItc2atniNRDOXyR4qw==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:4z8yNLzjS1HVdY1VpHiSqw==,iv:8lRcl7tXzdiVB/d+S2BqIe8nU4764v+R/INlY0foqEw=,tag:Cbf4Sap01XcZr84izruEXA==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:Xn/pbv/QkA==,iv:bQydtw6BMlQoo3jOzGKISfo/N1Gt0WjGsYZfoB4q3pw=,tag:JuHzxQvI/rE+jG11XLpHFg==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:iwZW+nUBEA==,iv:sm8g+umA5O1owL1SsboLqINS71GMtJ69yF1i+Oetkfs=,tag:JXivJVUuHUPyhGfqVYxMlg==,type:str] - egov-edcr-bank-gateway: - edcr-pnb-mid: ENC[AES256_GCM,data:YbA4r9foPC7bDM3la3pb,iv:iJ2Fy6/5jxroo9SRyi4ylh6b2rExnRMjSK5K9/c1ON4=,tag:fmwBySi67Hh1bAjkGjhkBw==,type:str] - edcr-pnb-encryption-key: ENC[AES256_GCM,data:3A/SZqrEzYMVHmNue4TjJ4tlUqJXaxuY/TjY8JrMULk=,iv:VCixXxfd+eYsQTB0zXa2MOKeQdTKIoYOTkBC/yRhWqk=,tag:ZYkUbn628DZN4h3JHv2gnw==,type:str] - edcr-hdfc-key: ENC[AES256_GCM,data:b+j7tGXj,iv:/DtlBcoXK/aGGTlgk+cYUppKHv5iJaJMbSt02gdWKes=,tag:C3rZQ2GC6/Je60RyMqgPkQ==,type:str] - edcr-hdfc-salt: ENC[AES256_GCM,data:KdhnoultRxY=,iv:GOr5qbYhjy+hdehTlgudUpWH3AMv8ERhog3ZVCkFmSM=,tag:e5iOeX++DiT89CSZx5AS3Q==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:xquy9jlZf6habx0=,iv:Di+C8m0A/5Ao+NMeKUBEF27hOvu+Ui7JKEn8Lq2cpQo=,tag:+WoHNiQGehbp5HeVSN9tBw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:Lr4fJobnJMVb,iv:EQ3Fjo2QysAEqi3EyWypUZZnBg0iRfv5cuVwwG4PM1g=,tag:mT4B7WCTtFAvzYipzWGfXA==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:uOfQpY7o,iv:S1VgLViwACYWhuzEq429xyHqeExOF9t+ouxNlEqyJ7g=,tag:zLOIPT0/Bx7/36GDVqRx2Q==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:Jv9IB4M/+3E8m6iHHOXj3GK+Og4=,iv:IuDvZ+ppRY3NDopFM2ka4wtCsqc86qkUIcr+09fhU04=,tag:Cgyzu6hKyNbK0vuOQ97Z3Q==,type:str] - clientSecret: ENC[AES256_GCM,data:7V6OhyCGV2KpbSeu+WR3+/EPB+YXVpnMKoF3MxJ/KsH1SYW29j4Luw==,iv:KLKOd2sFFD0PJiDEceYTOuWoJqe8yCxV192VGNzX/Zc=,tag:pBfrHKtFWIBs993SCEiGWQ==,type:str] - cookieSecret: ENC[AES256_GCM,data:E/VmAxm2Bzpd3zbhG+/g8B8B/Th7Oh9n,iv:OCa5W2vjwN+KztXbAor7dGi3zvpi9749PhAti3vXMKc=,tag:zZXMeqNvzTbrGLvJSzverw==,type:str] - minio: - accesskey: ENC[AES256_GCM,data:p7bXlAsc/5hc0OO9SJp5m11T4a8=,iv:MMdLjWjWIJSFI+5W+iyfSKEJWoocTyHhaMvXY71v+8I=,tag:356W/Z5MtP6oRsGvmuVzaQ==,type:str] - secretkey: ENC[AES256_GCM,data:t98ZhuZG5cLq4BhxAEmN3cjrjP2xSZ8o56dk99xm4eqYjNkp41Segg==,iv:1tQPEO6QSAyfv96s9p3HhN/C8/xVTItPPqfpvTTzi0w=,tag:/Yr+yUXPAJw67oKqGrw8YA==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:roQ=,iv:qwKRm5ov/rYKFUuTCANflP6RjKSVEaiQ2ltwNiKQbOg=,tag:+aQIun04fqdaW5dYSKWSQQ==,type:str] - route: - receiver: ENC[AES256_GCM,data:g95iWpH+aMZrYvY2tnedxBOYAg==,iv:ztFKypuRA6qRmkHy3TjmLZGfInTxyaWsu4hkeSTuEI8=,tag:H1LtzhfiSkSJqNO5UTt2fA==,type:str] - group_by: - - ENC[AES256_GCM,data:f9LJa3kGg7qf,iv:dKcGE0aprQVmjqJPBQkDoQL5ElTZJPEC9iu5BuOJtMg=,tag:8KIY1YeWCmwVbo5UllJq3Q==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:cAZ66rs/laEOP9w2IkhYX/0xBQ==,iv:O87az+AOTgS5TlOcz6iYp3vAyrEcR2SSjvVwQU+JJTY=,tag:GpcEWjo0a+bNVNf2W5uiQg==,type:str] - match: - alertname: ENC[AES256_GCM,data:shPHDlxNEw8=,iv:jTDEJxRlypYPFPZVTzXAUA3H+zsy89NFIzBfKnr4ZRI=,tag:JbfuZ3Edusa2E8KRRPXoIg==,type:str] - group_wait: ENC[AES256_GCM,data:lCCl,iv:75PqYL2T1APq4ZXAV7IS1dd/ILn9d4WN0TAdNh73pKM=,tag:Yi4PrEQ5DCSPHMd6PscqFg==,type:str] - group_interval: ENC[AES256_GCM,data:XuI=,iv:leOm+07NIDyaPcx9u2U2mTKTeRHPLiFdz4sKrRGtTUw=,tag:EjCLgDPGihV5/j4V0Frebw==,type:str] - repeat_interval: ENC[AES256_GCM,data:rD9T,iv:fHolnCoioKcKt40549gGy1M5nCOdhvo7IQ4iVrXgk30=,tag:Uh1mbWlA61KoxAaV/aQ+GQ==,type:str] - receivers: - - name: ENC[AES256_GCM,data:dCjBbQlEpPvUFjW/MqBif7jm5Q==,iv:gwMKx8ebtF5wbQCPQBIX1nDH9+TPD5YVe0qJiEnhjGM=,tag:UdBW8RyCTalE1SJS/dxwWw==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:B4jQ2g==,iv:vlaR9WoEZBL7hxkDxldFMO9D7eqU7OAiHredr61iAEw=,tag:3zVAQVkDq80n2865+4+jkQ==,type:bool] - api_url: ENC[AES256_GCM,data:ed2rPVwD/73AqEi1SOKqaSJHd9jH2DR4vvzSw2z3H2cqETjRC4x+RnfualCkZgYBrGnFxeXRkTdgyUR7oKgEK7WtHhdFpH2Mdwu6rNhDjA==,iv:I/jRNic1ah/bjZTjJKtx/S8CmKdw2UYYtGnDvLbQzs8=,tag:G0on5YqeJYgZ9r6UywvXCA==,type:str] - channel: ENC[AES256_GCM,data:Y0hg/i5x6lcD/EXMNDgaYS0l7JDDNw==,iv:0TQivRBNB6mJOTr07/8ML7bTT3HabW7nV0BSmQnlzMo=,tag:EXidBq4DvBuB8/lfV2HO7w==,type:str] - username: ENC[AES256_GCM,data:+6GVawnm2qakCFr1,iv:CBSCyvDPV5lloz65GY8YljTKNYVg8TojCtE8x9Jk+FE=,tag:eIjNEnB88ICwiLz4byVXkQ==,type:str] - title: ENC[AES256_GCM,data:J7NyAudVUQzvt762gIuVE4IsbW2ZRDwABL2/4MXEtGVJj9ps3JU=,iv:OiHAYS71AS6Qjs06iofKrqqs3TbC1xOqlmfiuS28xXI=,tag:iOFMTTveGXV0KXOHRvs3/w==,type:str] - text: ENC[AES256_GCM,data:4qAygJzV1OTnMnFkLquPknyGW62hX7kJ02+fi/sjG4hotjZeNg==,iv:5vSCKuco1TkGTxenkYZ9nrZuHBS8tyWcDpCCaVSIoT8=,tag:AocVdYqCZJFkowFsqWvfYw==,type:str] - templates: - - ENC[AES256_GCM,data:foX+fbZ4SsGnAKDrF5W6LyzLzefr5tH1LV/47nXv/BPAHWoF7aebzGYGMFe5NjPO4k4DWUVTOg/Ez0eUOO5PxQToh/KvkNA=,iv:qcYBmOGF49DHWmNQF9khMRpwywLF28knpOH1bfazaEU=,tag:3IRkp+jlN+wFl4qRbHNTrw==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2020-11-10T06:48:05Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEkCaHUS5rBgOTSYF3KJCCLAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMpuUHqwmURtAwdOKHAgEQgDs7gNHFGN2+UnWe493tfMbEMio4ZKWliDRq37pf5abrPBri/ZJoCf5cPeN+zLXVqLWeBVxIjie+q5jusw== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-04T06:34:26Z" - mac: ENC[AES256_GCM,data:/mgRImLMAyWcPYdv9bZrP6EhwLP1rLLMUgHaW9Atrh8DU4AagzZMCSor+jYAeJfzSQXJwdsQIm1khpctszVmFTXnog4Zd6T8PgHmAnQsn0z4XPjCLs5vChIRVhHtTW7KQOtiymY3nX50fTws2+MeJ52Oe+Is6AH2NkVCxST7ML0=,iv:ipS/Jx2UEEjg3pFPPBYBP4TIEIXSovn1YNKK8Wqzo6k=,tag:lN+QaKvrmxRt1KXccKdGQA==,type:str] - pgp: - - created_at: "2020-11-10T06:48:05Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/ZV/gS6UA3zPiDMT9Rjbg0nSVhDmsqR8ki0bWvzfVEDzv - lXzcOnjuILj4TkTKc45Mq8rkyAiYMu1HbMXDnlK3NL2whq1v+OKEMrdWcdzpDhr/ - gu/E5uBX3+V9PwWWvpSUqBYKnl0iBz+MoUSx0kZnrRZ54lC/Rd9X/gRhN3pTqMn+ - Ihw6/6D6+7haqXtgAb2cdhVYG6O39RzKTO173AxK3fFYmzxXzSwBzJte0ZXapx8t - PfY0aNyWTdD9OQ5RxRj53YBCGqDjnKuvFqTwTAaapJ4hO6mpVnFY6zl9vneX89HF - 5fL+eC3tMXIqyF8e6kVWvLuYMWz5QSf+4VAlyoB99NJeAU1WMfycVvvdEYbTHqqS - ieWYJYkjC+TlwkmbZ/9XTleQdS6HwX3jzAcqCAdeK8hw7iGGAVXZYlG3iL0Yv05S - q/xbgdrRuywkK+g80ybEf+MQSSPsd5Q8dO6TFhaQ4Q== - =msen - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-dev.yaml b/deploy-as-code/helm/environments/unified-works-dev.yaml deleted file mode 100644 index 9eefee62fd..0000000000 --- a/deploy-as-code/helm/environments/unified-works-dev.yaml +++ /dev/null @@ -1,891 +0,0 @@ -global: - domain: unified-dev.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, works ] - data: - db-host: unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieddevdb ## Add db-name - db-url: jdbc:postgresql://unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieddevdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: "https://unified-dev.digit.org" ## Add your Domain Name - egov-services-fqdn-name: "https://unified-dev.digit.org/" ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, works ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-mdms-service-v2: "http://mdms-v2.egov:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - audit-service: "http://audit-service.egov:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - attendance-service: "http://attendance.works:8080/" - contract-service: "http://contracts.works:8080/" - muster-roll-service: "http://muster-roll.works:8080/" - project-management-system: "http://project.egov:8080/" - project: "http://project.egov:8080/" - estimate-service: "http://estimates.works:8080/" - organisation: "http://organisation.works:8080/" - bankaccounts: "http://bankaccounts.works:8080/" - expense-calculator: "http://expense-calculator.works:8080/" - expense: "http://expense.works:8080/" - ifms-jit: https://uat.odishatreasury.gov.in - ifms-adapter: "http://ifms-adapter.works:8080/" - works-management-service: "http://works-management-service.works:8080/" - individual: "http://individual.egov:8080/" - works-pdf: "http://works-pdf.works:8080/" - loi-service: "http://loi-service.works:8080/" - household: "http://household:8080/" - product: "http://product:8080/" - facility: "http://facility:8080/" - measurement: "http://measurement-service.works:8080/" - ifms-adapter: "http://ifms-adapter.works:8080/" - measurement-service: "http://measurement-service.works:8080/" - measurement-registry: "http://measurement-registry.works:8080/" - mukta-services: "http://mukta-services.works:8080/" - program-service: "http://program-service.ifix:8080/" - mukta-ifix-adapter: "http://mukta-ifix-adapter.works:8080/" -employee: - dashboard-url: "https://dashboard-pbuat.egovernments.org/s/w---s/app/kibana#/dashboard/4e687470-f3c7-11e8-8d09-b151e2b1cf8e?embed=true&_g=(refreshInterval%3A(pause%3A!f%2Cvalue%3A300000)%2Ctime%3A(from%3Anow-15m%2Cmode%3Aquick%2Cto%3Anow))" - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -works-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -attendance-service: - tracing-enabled: true - java-enable-debug: true - attendance-register-default-offset: 0 - attendance-register-default-limit: 10 - attendance-register-search-max-limit: 100 - attendance-individual-service-integration-required: false - attendance-staff-service-integration-required: false - attendance-document-id-verification-required: false - attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON,EMPLOYEE" - organisation-contact-details-update-topic: organisation.contact.details.update - contracts-revision-topic: "contracts-revision" - -bankaccounts: - tracing-enabled: true - java-enable-debug: true - bank-account-default-limit: 100 - bank-account-search-max-limit: 200 - -contract-service: - tracing-enabled: true - java-enable-debug: true - contract-default-offset: 0 - contract-default-limit: 10 - contract-search-max-limit: 50 - works-contract-service-code: "WORKS-CONTRACT" - contract-workflow-business-service: "CONTRACT" - contract-workflow-revision-business-service: "CONTRACT-REVISION" - contract-revision-measurement-validation: true - contract-revision-max-limit: 2 - contracts-revision-topic: "contracts-revision" - contract-workflow-module-name: "contract-service" - contract-cbo-url-host : "https://unified-dev.digit.org" - contract-cbo-url-endpoint : "/works-shg-app" - -expense-calculator: - tracing-enabled: true - java-enable-debug: true - -expenses-billing: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - bill-kafka-topic: "bill" - -loi-service: - tracing-enabled: true - workflow.loi.business.service.name: "loi-approval-4" - -inbox: - namespace: egov - service-map : '{}' - bs-service-map : '{}' - -muster-roll-service: - tracing-enabled: true - java-enable-debug: true - musterroll-default-offset: 0 - musterroll-default-limit: 100 - musterroll-search-max-limit: 200 - musterroll-workflow-business-service: "MR" - works-attendance-log-search-endpoint: "attendance/log/v1/_search" - works-attendance-register-search-endpoint: "attendance/v1/_search" - works-attendance-register-search-limit: 100 - muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" - works-individual-search-endpoint: "individual/v1/_search" - works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" - works-contract-service-code: "WORKS-CONTRACT" - notification-sms-enabled: "true" - -organisation: - tracing-enabled: true - java-enable-debug: true - org-default-limit: 100 - org-search-max-limit: 200 - egov-location-hierarchy-type: "ADMIN" - works-cbo-url-host: "https:/unified-dev.digit.org" - works-cbo-url-endpoint: "/works-shg-app" - organisation-contact-details-update-topic: organisation.contact.details.update - -mukta-ifix-adapter: - tracing-enabled: true - java-enable-debug: true - -expense: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" - -ifms-adapter: - tracing-enabled: true - java-enable-debug: true - payment-create-topic: "expense-payment-create" - egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" - ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" - ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" - egov-bill-search-limit: 10 - -ifms-cronjob-pa: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-va: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pis: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pag: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-fd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftps: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftfps: - user-name: "IFMS_CRONJOB" - -works-management-service: - heap: "-Xmx512m -Xms512m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - -works-inbox-service: - java-enable-debug: true - tracing-enabled: true - -works-shg-app: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ’;” - -citizen: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - - ';" - -chatbot: - kafka-topics-partition-count: 3 - kafka-topics-replication-factor: 2 - kafka-consumer-poll-ms: 10 - kafka-producer-linger-ms: 5 - - contact-card-whatsapp-number: "+918744960111" - contact-card-whatsapp-name: "mSeva Punjab" - valuefirst-whatsapp-number: "918744960111" - valuefirst-notification-assigned-templateid: "194781" - valuefirst-notification-resolved-templateid: "194783" - valuefirst-notification-rejected-templateid: "194785" - valuefirst-notification-reassigned-templateid: "194787" - valuefirst-notification-commented-templateid: "194789" - valuefirst-notification-welcome-templateid: "194791" - valuefirst-notification-root-templateid: "194795" - valuefirst-send-message-url: "https://api.myvaluefirst.com/psms/servlet/psms.JsonEservice" - - user-service-chatbot-citizen-passwrord: "123456" - - -measurement-service: - tracing-enabled: true - java-enable-debug: true - measurement-service-kafka-create-topic: "save-measurement-service-details" - measurement-service-kafka-update-topic: "update-measurement-service-details" - measurement-idgen-name: "mb.reference.number" - measurement-idgen-format: "MB/[fy:yyyy-yy]/[SEQ_MEASUREMENT_NUM]" - measurement-service-default-offset: 0 - measurement-service-default-limit: 10 - measurement-service-search-max-limit: 50 - - -measurement-registry: - tracing-enabled: true - java-enable-debug: true - measurement-kafka-create-topic: "save-measurement-details" - measurement-kafka-update-topic: "update-measurement-details" - measurement-idgen-name: "mb.reference.number" - measurement-idgen-format: "MB/[fy:yyyy-yy]/[SEQ_MEASUREMENT_NUM]" - mb-default-offset: 0 - mb-default-limit: 10 - mb-search-max-limit: 50 - - - -ws-services: - wcid-format: "WS/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -bpa-services: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - egov.idgen.bpa.applicationNum.format: PB-BP-[cy:yyyy-MM-dd]-[SEQ_EG_BP_APN] - -bpa-calculator: - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - java-debug: true - tracing-enabled: "true" - -sw-services: - scid-format: "SW/[CITY.CODE]/[fy:yyyy-yy]/[SEQ_EGOV_COMMON]" - is-external-workflow-enabled: "true" - -egov-pg-service: - axis: true - egov-pg-reconciliation-system-user-uuid: "db4fe8ed-c0e0-4c2a-829b-72296d8d156f" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-mdms-service: - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml" - -egov-persister: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - images: - - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/works/egov-persister/loi-service.yml,file:///work-dir/configs/works/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/individual-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-localization: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -egov-data-uploader: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -egov-searcher: - search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-analytics: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -dashboard-ingest: - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -national-dashboard-ingest: - heap: "-Xmx750m -Xms750m" - replicas: 1 - server-tomcat-max-threads: 25 - module-index-mapping: '{"PT": "pt-national-dashboard", "PGR": "pgr-national-dashboard", "WS": "ws-national-dashboard", "FIRENOC": "firenoc-national-dashboard", "TL": "tl-national-dashboard", "MCOLLECT": "mcollect-national-dashboard", "OBPS": "obps-national-dashboard", "COMMON": "common-national-dashboard", "BPA": "bpa-national-dashboard","BIRTH":"birth-cert-national-dashboard"}' - master-data-index: "master-national-dashboard" - module-fields-mapping: '{"PT":{"transactions":"array::number","todaysTotalApplications":"number","todaysClosedApplications":"number","assessments":"number","assessedProperties":"array::number","propertiesRegistered":"array::number","todaysCollection":"array::number","propertyTax":"array::number","cess":"array::number","rebate":"array::number","penalty":"array::number","interest":"array::number"},"TL":{"transactions":"number","todaysApplications":"number","todaysLicenseIssuedWithinSLA":"number","tlTax":"number","adhocPenalty":"number","adhocRebate":"number","todaysCollection":"array::number","todaysTradeLicenses":"array::number","applicationsMovedToday":"array::number"},"PGR":{"uniqueCitizens":"number","todaysComplaints":"array::number","todaysReopenedComplaints":"array::number","todaysOpenComplaints":"array::number","todaysAssignedComplaints":"array::number","todaysRejectedComplaints":"array::number","todaysReassignedComplaints":"array::number","todaysReassignRequestedComplaints":"array::number","todaysClosedComplaints":"array::number","todaysResolvedComplaints":"array::number","slaAchievement":"array::number","completionRate":"array::number","averageSolutionTime":"array::number"},"WS":{"transactions":"number","connectionsCreated":"array::number","todaysCollection":"array::number","sewerageConnections":"array::number","waterConnections":"array::number","pendingConnections":"array::number","slaCompliance":"number","todaysTotalApplications":"number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"MCOLLECT":{"numberOfCategories":"number","todaysCollection":"array::number","numberOfReceipts":"array::number","numberOfChallans":"array::number"},"OBPS":{"ocPlansScrutinized":"number","plansScrutinized":"number","ocSubmitted":"number","applicationsSubmitted":"number","ocIssued":"number","landAreaAppliedInSystemForBPA":"number","averageDaysToIssuePermit":"number","averageDaysToIssueOC":"number","todaysCollection":"array::number","permitsIssued":"array::number","todaysClosedApplicationsOC":"number","todaysCompletedApplicationsWithinSLAOC":"number","todaysClosedApplicationsPermit":"number","todaysCompletedApplicationsWithinSLAPermit":"number","slaComplianceOC":"number","slaCompliancePermit":"number","applicationsWithDeviation":"number","averageDeviation":"number","ocWithDeviation":"number"},"FIRENOC":{"todaysApplications":"array::number","todaysCollection":"array::number","nocIssuedToday":"array::number","provisionalNOCIssued":"array::number","actualNOCIssued":"array::number","avgDaysToIssueProvisionalNOC":"array::number","slaComplianceActual":"array::number","slaComplianceProvisional":"array::number","avgDaysToIssueActualNOC":"array::number","todaysClosedApplications":"number","todaysCompletedApplicationsWithinSLA":"number"},"COMMON":{"onboardedUlbsCount":"number","totalCitizensCount":"number","slaAchievement":"number","liveUlbsCount":"array::number","status":"string","totalLiveUlbsCount":"number","totalUlbCount":"number"},"BIRTH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfBirthsToday":"array::number"},"DEATH":{"todaysCollection":"array::number","numberOfCertificatesDownloadedToday":"array::number","numberOfDeathsToday":"array::number"}}' - master-module-fields-mapping: '{"PT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"PGR":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"TL":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"WS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"MCOLLECT":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"OBPS":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"FIRENOC":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"BIRTH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"},"DEATH":{"snoForMunicipalCorporation":"string","ulbName":"string","date":"string","budgetProposedForMunicipalCorporation":"number"}}' - module-allowed-groupby-fields-mapping: '{"PT":{"financialYear","usageCategory"},"WS":{"connectionType","channelType","usageType","paymentChannelType","taxHeads","meterType","duration"},"FIRENOC":{"applicationType","department","paymentMode","type","usageType"},"OBPS":{"paymentMode","riskType","occupancyType","subOccupancyType"},"PGR":{"status","channel","department","category"},"TL":{"tradeType","status"},"MCOLLECT":{"paymentMode","status","category","challanStatus"},"COMMON":{"serviceModuleCode"},"BIRTH":{"channel","gender","boundary"},"DEATH":{"channel","gender","boundary","age"}}' - -report: - heap: "-Xmx512m -Xms512m" - tracing-enabled: "true" - spring-datasource-tomcat-max-active: 5 - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - -pdf-service: - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - data-config-urls: "file:///work-dir/configs/pdf-service/data-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-receipt.json,file:///work-dir/configs/pdf-service/data-config/property-bill.json,file:///work-dir/configs/pdf-service/data-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit.json,file:///work-dir/configs/pdf-service/data-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/data-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/data-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/data-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/data-config/misc-receipt.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/data-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/data-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/data-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json,file:///work-dir/configs/pdf-service/data-config/fsm-receipt.json,file:///work-dir/configs/works/pdf-service/data-config/works-estimate.json,file:///work-dir/configs/works/pdf-service/data-config/project-detail.json,file:///work-dir/configs/works/pdf-service/data-config/estimate.json,file:///work-dir/configs/works/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/configs/works/pdf-service/data-config/work-order.json,file:///work-dir/configs/works/pdf-service/data-config/work-order-hindi.json" - format-config-urls: "file:///work-dir/configs/pdf-service/format-config/tradelicense-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-receipt.json,file:///work-dir/configs/pdf-service/format-config/property-bill.json,file:///work-dir/configs/pdf-service/format-config/tradelicense-bill.json,file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/passvehicle-certificate.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit.json,file:///work-dir/configs/pdf-service/format-config/ptmutationcertificate.json,file:///work-dir/configs/pdf-service/format-config/tlrenewalcertificate.json,file:///work-dir/configs/pdf-service/format-config/bpa-revocation.json,file:///work-dir/configs/pdf-service/format-config/buildingpermit-low.json,file:///work-dir/configs/pdf-service/format-config/misc-receipt.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationwater.json,file:///work-dir/configs/pdf-service/format-config/ws-sanctionletter.json,file:///work-dir/configs/pdf-service/format-config/ws-estimationnotice.json,file:///work-dir/configs/pdf-service/format-config/ws-applicationsewerage.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json,file:///work-dir/configs/pdf-service/format-config/fsm-receipt.json,file:///work-dir/configs/works/pdf-service/format-config/works-estimate.json,file:///work-dir/configs/works/pdf-service/format-config/project-detail.json,file:///work-dir/configs/works/pdf-service/format-config/estimate.json,file:///work-dir/configs/works/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/configs/works/pdf-service/format-config/work-order.json,file:///work-dir/configs/works/pdf-service/format-config/work-order-hindi.json" - -# >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -# financials >>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egf-master: - memory_limits: 512Mi - heap: "-Xmx128m -Xms128m" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -egov-custom-consumer: - erp-host: "https://mohali-qa.egovernments.org/" - -egov-apportion-service: - memory_limits: 256Mi - heap: -Xmx128m -Xms128m - -fsm: - memory_limits: 384Mi - heap: -Xmx384m -Xms256m - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -nginx-ingress: - images: - - quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.30.0 - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - -cert-manager: - email: "devops@egovernments.org" ### Add email-id which used by cert-manager for certificates validation. - - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx512m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -collection-services: - receiptnumber-servicebased: "true" - receipt-search-paginate: "true" - receipt-search-defaultsize: 30 - user-create-enabled: "true" - heap: "-Xmx512m -Xms256m" - memory_limits: 768Mi - -collection-receipt-voucher-consumer: - jalandhar-erp-host: "https://jalandhar-qa.egovernments.org/" - mohali-erp-host: "https://mohali-qa.egovernments.org/" - nayagaon-erp-host: "https://nayagaon-qa.egovernments.org/" - amritsar-erp-host: "https://amritsar-qa.egovernments.org/" - kharar-erp-host: "https://kharar-qa.egovernments.org/" - zirakpur-erp-host: "https://zirakpur-qa.egovernments.org/" - -finance-collections-voucher-consumer: - erp-env-name: "qa" - erp-domain-name: "egovernments.org" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - -# rainmaker-pgr >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -rainmaker-pgr: - notification-sms-enabled: "true" - notification-email-enabled: "false" - new-complaint-enabled: "true" - reassign-complaint-enabled: "true" - reopen-complaint-enabled: "true" - comment-by-employee-notif-enabled: "false" - notification-allowed-status: "open,assigned,rejected,resolved" - -property-services: - replicas: 1 - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - egov-idgen-ack-format: "PB-AC-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ACK]" - egov-idgen-ptid-format: "PB-PT-[cy:yyyy-MM-dd]-[SEQ_EG_PT_PTID]" - egov-idgen-mutation-format: "PB-MT-[CITY]-[SEQ_EG_PT_MUTATION]" - egov-idgen-assm-format: "PB-AS-[cy:yyyy-MM-dd]-[SEQ_EG_PT_ASSM]" - property-userevents-pay-link: "digit-ui/citizen/payment/my-bills/$businessService/$propertyId?tenantId=$tenantId" - property-decryption-abac-enabled: "true" - -pt-services-v2: - pt-userevents-pay-link: "/citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$consumerCode&tenantId=$tenantId" - -pt-calculator-v2: - logging-level: "DEBUG" - -estimates: - tracing-enabled: true - java-enable-debug: true - estimate-default-limit: 100 - estimate-search-max-limit: 200 - estimate-workflow-business-service: "ESTIMATE" - estimate-revision-workflow-business-service: "REVISION-ESTIMATE" - estimate-revision-measurement-validation: "true" - estimate-revision-max-limit: 3 - heap: "-Xmx512m -Xms512m" - memory_limits: 512Mi - -tl-services: - heap: "-Xmx128m -Xms64m" - memory_limits: 384Mi - java-args: -Dspring.profiles.active=monitoring - tl-application-num-format: "APP-[SEQ_EG_TL_APL]" - tl-license-num-format: "MP-LEP-[SEQ_EG_PT_LN]" - tl-userevents-pay-link: "citizen/otpLogin?mobileNo=$mobile&redirectTo=egov-common/pay?consumerCode=$applicationNo&tenantId=$tenantId" - tl-payment-topic-name: "egov.collection.payment-create" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "https://egov-demo.egovernments.org/egov-pdf/download/epass?tenantId={TENANTID}&uuid={UUID}" - tl-search-default-limit: "100" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - memory_limits: 512Mi - workflow-statelevel: "false" - host-link: "https://egov-demo.egovernments.org/citizen/" - pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - employee-applink: "https://egov-demo.egovernments.org/employee/user/login" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -egov-weekly-impact-notifier: - mail-to-address: "lata.naik@egovernments.org" - - mail-interval-in-secs: "604800" - schedule: "30 07 * * *" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "elasticsearch-client-v1.es-cluster" - es-port: "9200" - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "tl-services", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "tl-calculator", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-services-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "pt-calculator-v2", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "collection-services", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "billing-service", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-data-uploader", - "type": "probabilistic", - "param": 0.2 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "rainmaker-pgr", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -egov-enc-service: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - state-level-tenant-id: "pb" - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-005465716b9ca6a9e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03252f4474ddb7300" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0945c7000265a6390" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - memory_limits: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-04ab05c5b41096c6a" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0f7e8dcf98e087983" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-08a42f187f978e5f7" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-093ea5986f5b46a71" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-046900000f8ffe60d" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a718b7e384a2870c" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx550m -Xms550m" - resources: - requests: - memory: "1Gi" - limits: - memory: "1Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0dfb25024c9e8f35e" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-0a83e7431f2d5a2c2" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - volumeId: "vol-03f793c66e07e9111" ## add your respective volume id eg. vol-0085073c65f76dre5 - zone: ap-south-1b ## add your respective zone eg. ap-south-1a - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - memory: "896Mi" - limits: - memory: "896Mi" - - -pgadmin: - dbUrl: "unified-dev-db.czvokiourya9.ap-south-1.rds.amazonaws.com" - port: "5432" - environment: "unified-dev" - maintenance-db-name: "unifieddevdb" - db-admin-username: "unifieddev" - db-read-username: "dev_readonly" - - -playground: - replicas: 1 - images: - - egovio/playground:v2 - - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml b/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml deleted file mode 100644 index f50112de2c..0000000000 --- a/deploy-as-code/helm/environments/unified-works-qa-secrets.yaml +++ /dev/null @@ -1,71 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:Gv2SrVrJGUpP,iv:hmF2rQaLYr+IyVjDL7UAjYljv7dD33ix6dIBhHCkyvs=,tag:BrKO8bDZ72P/oqU72pr7hw==,type:str] - password: ENC[AES256_GCM,data:SHxAXhQEtpmXH1QHYuuS,iv:+5FeX0tFr91qrxIAsUtfa3ynY7FBtmArrSDFQ6/Ruok=,tag:IJdNCj5lhvlSp6H5qifwHw==,type:str] - flywayUsername: ENC[AES256_GCM,data:+8EBypiETeYp,iv:7A0bvR5uAZ8YsSrb8PZoZ/kPOF4ZYWAx2c+NwYVBks0=,tag:KKHM0H8NcFcX3etsnLgjRg==,type:str] - flywayPassword: ENC[AES256_GCM,data:lAZLE11GGeU9ewMVESa6,iv:vxgGjNOoiB9p6zAgdFuLeRiEZJRXLkTmXDib9/047A8=,tag:XnlGWdtQ7TXBK6XltOYSmA==,type:str] - egov-notification-sms: - username: ENC[AES256_GCM,data:9mKYfQ==,iv:kxjd45q0KziW/pOtQe7tBfdguPDsfVPxRzzCkNrf81A=,tag:mt7q0fM6zTpez+GGpZL+Ow==,type:str] - password: ENC[AES256_GCM,data:US7cgA==,iv:OxqgMDXXkkRSXrbY7bebRD6fPgs4d2F1OsBTOqce0EA=,tag:rQ87OAH4PkK76xOIRXTqbg==,type:str] - egov-filestore: - aws-key: ENC[AES256_GCM,data:E4DNPYHCvJc5ymH8iDJm9juMSr0=,iv:SV3SoDQxL2BaPutf53p7iCzup6oRbefVmkniYWA+zfM=,tag:eIigvkSUsBfLKDiipx698A==,type:str] - aws-secret-key: ENC[AES256_GCM,data:WEwi4htbp3WVRkYc7uYS/eQ8rrz9eM4re1Sls/uI87glE1uwkM+xfg==,iv:Teg6jzoiJLfheKxo6JvQP9Cq5uXeVa/B6oo4hsquW/k=,tag:ciYkzywrM+qIGF3QvdUFog==,type:str] - egov-location: - gmapskey: ENC[AES256_GCM,data:k+/tnIiVCAlwAvfiaC7v8Ff8Jg==,iv:u/xs8JYoZS8oVhUyY/ARO8Pxsmqr5OQtdvVMBwv9utk=,tag:5D826bbNw0QIG0LdAG6CpQ==,type:str] - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:5YgQ4g==,iv:FoG6PxsTK34WntEqGOv0aJ6yOMgZupRLqu3U/zx5Rwo=,tag:ZGOHko7oTGfYReCiwbVc/w==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:99KbwQ==,iv:J7jl0IukNGrBuRf/S5umVo80eCH4FdYeRYLu0uibs74=,tag:IdAZjhoJM4Q0JM1TvL3GPw==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:Q9gxSw==,iv:sp0ZdlaecT9dKbB2zoGJ39oJukplv5SIPJzaP0a3nNE=,tag:vFg8dsWgdWOiIcMlwyNSow==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:aC4lzA==,iv:Wnx6+1zSR1xNKYzT0hCt+wcv72etRm9wYQWTb+5WlFo=,tag:TB7D5wtWNL9dDPDVOfmIIA==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:/jNzkg==,iv:YVR/6Iv4xq7G7IyJ3XkwH+OOghg3i0b8HNtTv4ZCgu8=,tag:06ORUkPP+O56On2aJc3PeQ==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:mo1wFw==,iv:kpItdYZQfLgM+RCBX3zYP/fzOjOUpBiSFFKdhHqy4n0=,tag:fz2YUSMFRYAQFgSA47WfvA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:MIkAmA==,iv:brgH7qdmFNOS/whBeWKYMGLnHuvDlhF1Z/Vx8+ME9Fc=,tag:rQCZWTZlY4S03zTjngYiRw==,type:str] - pgadmin: - admin-email: ENC[AES256_GCM,data:RVaD3hjSNL7RYy10XA==,iv:0yKJtx8yC3CToqBWJ4d0qCn1FOmAweiKbGAMUPc0ob8=,tag:Q1i1/NwBMlbZE2zq/mSGdQ==,type:str] - admin-password: ENC[AES256_GCM,data:pFQv1g==,iv:MykVAKGXjBs0uDrwXJwGxZG0OSnY4bS7aoVaoyrCsDo=,tag:vQBSZydv5a2jdv9l/0zxqw==,type:str] - read-email: ENC[AES256_GCM,data:JAB/NYxsJuBwH7PdlA==,iv:Mho6Mj4+G7s74VvXhopfNIrzSMhWqqVx8b/zeX2U/44=,tag:ZxYyjSe9UN4ezQQH9iSN0Q==,type:str] - read-password: ENC[AES256_GCM,data:0NhYww==,iv:RAiedkroqmuuLURxADhlXAFk5M5DG8smUuqu7cg6FEs=,tag:ihqUIEixhs+5H+KY060ZSQ==,type:str] - egov-enc-service: - master-password: ENC[AES256_GCM,data:KcllKw==,iv:0MNs1h0+8KtgqX+jmoYN2lEgGV4eC8H+y62yJb1AM88=,tag:Jl3clscoc71kQRZdT3+r4Q==,type:str] - master-salt: ENC[AES256_GCM,data:8RckW1kScIA=,iv:Yr2gBIIYyFAlUF1FUL9TuEQZVmme5jQJRPg7OMTkq6I=,tag:rxFI4bIZ3F1GxVola7MKsQ==,type:str] - master-initialvector: ENC[AES256_GCM,data:z2+LnRlKUQNCBe7T,iv:Ks+WQ9t3vGVgo5PKDztxAjVil+dp0j9fELyS5xyNIEI=,tag:mZOmf/65JJpUm2r/GeTBaw==,type:str] - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:6OZeCvaW64O8,iv:xkdP+meUREezRwifpONSaS/3UFSui279NIvkClbpyXE=,tag:y3e/qCOlILjX0YgVboduyg==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:9KjyKg==,iv:t9jmfQNHrRe9zcHxM78l5unynN3V+3l/6uY0T60ZgyA=,tag:7OJWixoJkEMqncVQbg/A0g==,type:str] - git-sync: - ssh: ENC[AES256_GCM,data:NghuS7ZkVv34NCVjbOSOyYY6TgLgnp7NVGtflVyiK57Py5AQ6RtkTUbEGim6fHfScap+y1N+3CrJ3wOJ2ISgj9xGwtM2zHHNcspwm2cN2uGwz6WV7L2yJOfCasFN4dCZiASxS6tY26BM1NRu+k32y1PboEgqIKwcQtSMl8/yMpr3iMTDG3KJK1n9kXAd7i8NrMb1ytkANH9cHESWjpjQ0mFTTaSGMmKNJEzhz1a3UmN5xtv4ZpQNsCcIkSPmLwwtGIjrVlsQJN3erZlY7phonCLbLfRXVLhIbSpyyMsvwAHWB1c4BWUYzpwh6lXSPGyJjC3rkq7DN6f0dlTJJ/MPiHW+FV4yc4su4gNYyMGsUB3GE7jeQMOhQMGownCNi6+NXUmgFw7Lpq18b85dvJvB8S/5Bkb5u2lSeEp9hAoB0AM6Btyj3eE3flmzFl3+JzhnM/NVVni5W4xe7ZFTqcLxUzj3f/pEanl++H6g6Z+ibsZYZIhNCPZ4fL85Q99HdyR2sA4lHdQ7bYCyvA7sVUnrV5UFVKzpG7VxooULmvsZ8wpxYduL6gzygU6wxeDWhpZ32GFC+iiV7Y6KiHJuzARh899sHMBlSVrU1jtAcvUWmRJEAgYuj/gUD8VxDGs9bgAc8PWNGXHJQCBU/PlKh8gkP29hMbrQ06ZxBjxx3lnGK6XXij8r+mbcvBAVyDjgIbxsk6AYZ65q+MSJXHQANQwGMPI8arIqx15jmuiN9nkBpLxHfsRRnSJ2X5DicBCt0u1ELbG9ipG1sS7ZvHbDNJcEig0S32YfmIIKmKSd8An+sEMVYEPMqkyxhFkORJhblu8VEy1BYBCPJ7UWHeUMVJ8k8kArKZi32bHs299mbNSJanf1yC1jrhTSJL2He+5r+szbu2k8LjK4pgDrjqCzKLinTDFIC/SFcWIqYGCfIW5cTR4RfsEDNLwtYwe7SRueiTwRXQoURuWN4gTIpwZCBbpVAqEZ1GWo0/JKRmBfgF8MY2GkcQaHqttRjaY3VJslZKvvSfbk6oC779WfqworiuK9KQIH1RhpmiVBAHuXdpYaNZHKvW1tHh19+FYN4gIcZnwLuu3fqDtBrLwTPShUkagyRSdoubdNSP2noqZvGRkFmhMdhlYwO8tN+UEvdSgVYFTFH67O4ng9xUSlIOZLSQp529uWr2fEAJl4i3IpQOI5gQUKB/RdkK/Yv+YJwt0Luc9JKkx1VJ4qWl70cjIaAwJgdgT1S9SXdXPdvl7GgpHEdMZCWQxzYtxGTKk86U3pSMV1slHeX9/QtGCQ2uOfnWWRwdlb8BeTxjdeNDZXmPVMZ6Wm2yEceo+fSNMYV/v+fWU2kaQXqigiARVDKvJh5wkZo6iinyIT2uZGwl9GzsUM9ObJcHH77x/9oEo1erQfoGg05tGYaDOrFx/u1qzRT1pUeHzJuGwZ+KZJZtOmlWRBczaCJGzCKD988LsrsDILTNdmJ/Ik1NCrWx2ARsl+aB5vjKKJGVyZJR+9QQSdROPQspYoevlj7pOWZA67C+X1bi8QYBXTNLbSHEVzaaLMBvQxF0nMjQCpsyQ/xTGxKUxXM0zIMBAoLZTHTsghWl+RFl09evi5CwtC7QSqSNKJbhgWrmeVa6Irt8e0y5kqsWi5YlD4YgNgfb7pvNwjMKHaJtmzkoOiXYsoDaZbTxfPP7fLJna0eNZrINBFrQIgpmFtAG1rJt/CeICUjdWvS+Y+Vt4Wmo5pe9f7/mKGcoxrWoF4MxO0L0WFWTRYlk6T39mYL915Vd3a/26IxD8if5M3u77/NbeWhyGIIxy5PS5h7Bda0obyfM3eENNtfkwnys0RumDd6yxXEfn5xZM1Dsv6REA+I+B0Kfd5rUFdhbiw9loplmeqkIuyniItx8//uyGzaxOOGrZiQYflAlfXySlcQDolYM1gNAlLCEwZnoCiyi5fJoeSSGiTIXrZEJXgu/+DjprPBe0pxBFjeoYvQ9RLSxNLqnvKO4JGR9HnVGsJbuoew8WTqWgdEicauh3BIgA6Luz+4IebaaFygxu7Fpojloj9RX+7gM0Qj2dx1wbGZXZDZyuC8/x5IYhPcSo+2Z0DvsiXm+mcQw+hPgmtbMy767U8IlvEWMqUbFx9FUw2itVDwLSUexD7of9zy5LXYthqt47vm14r+yrqEvjI5L/rc+yacqdFXDKgF4hS/J62be/1AJ5iyggMugJg2ox2vadV3luq844gdUt4nL/vEw==,iv:HEfnfQtWzXtiVAnrZRHc4w4Vjni0LSA7P2ANtZ9BDuc=,tag:1Nhp5rHeAmHUywR1Mc0+Rg==,type:str] - known-hosts: ENC[AES256_GCM,data:nhI2opa68jSKRpQYdUPUGCxSLYXKZhUAEp3BkXBLt5sC0yYOjkO7WTEIhp6JztvIxyL2foUQuv80y5UAxndfIjbc0ItQECBnKp+p3xsWuXFAPHAyWErixKBa0PkiMovSNZgAzO/csvHNyVN6e3prvSyVCTijDKU+DwVDI9sutcMHlZOE46tN7rZ950ltaz07PBMaYT6slhtS0k0D0+pE1M1TJi2pLwpAnMerKHD+akmcqkQ9jImojA25RAuPu3BjVBSlHTdi0kHWlqF7U2t2JMJr4O9gdyQhpTKI1utynZZJV5Mv7mZCoOGftzjzCNF13+TNnn8FnXfjn/g8+MQghU6LtwaH3p1O+mQwBgLg4Ve+BxSii/ISFsGSyz6UDAzUENbHfMS0wzcr6kedTOTue0E03oUkOBtHiZQcxiU3OrlJkxmwPT5Mn0brWX7mKKYJKRkmzyiq1CLzuWfvH4aSmD6ykpqkV9qaav0Af8YLhHdmkHYyw0uDUE+Vnn9ijfeXnD7kJsG1mbUiGmzEv99KC0Y/9NEBbi/axVdGOtz806JKDXNqptLJ3v0lprFsrEG7wUcvXB1cLBuWRR9y4bXPTJuMuuUlhjQxNTZNvt/6pgfS1o8WV1HjJ7y7jloIgqlublRA7eRWAp5+c8Z8LGjBRLBI9R0FoDCOYtN+eLaVpQToUmlBsjUjHGtFHiU484GtYjeWr8ZJLwvrwzg7BuXuDht0QOUaM/NGqyQXimmMk1q1mIY=,iv:nOEFkApsJ52eBK2j7nl/1FeRxD0BuZ984qgNanfho8Y=,tag:SmuQkdUcryWwEL4ufN9SIQ==,type:str] - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:OJqCtA==,iv:WzoYAhAOwrij3mnnp6hUaeggCczRDRs6bmGmzQgy9uw=,tag:1oz2JNr3L4GjJABRj1ddfA==,type:str] - si-microservice-password: ENC[AES256_GCM,data:d7MxCA==,iv:f4Yb0sMpeZPX1OKykAen1kqapM12y74S4pIiBt6VBLg=,tag:ntTGuxMaFtG2MPexRAdiOQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:MsBdCg==,iv:PbcvDrcH8B1pJ0cW2dZle8sxbCmqV/w8hqPA+oabRL0=,tag:aTa3jgasmJ3YLnrMjJPULQ==,type:str] - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:eEEHTsy/zs+Y38+GtA==,iv:VptWs/DJd0aSkZgI+HAWBp1CJKblWB+RRWcpR8YQZAw=,tag:dgP4GXUcnCnXLAiiBCgJOQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:B/s15w==,iv:fVPC10JtioGqstIxZJ5g70b6B9BuQ2iTQHRI93OPYg8=,tag:OxBEZltD8h+ctOmUbQC45g==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:6jVLDw==,iv:36Zovka9ZC9zs0okw88g8+5/ld/CZEzsqrCfeKRHkZE=,tag:2dnY+KQ8myrQehHea0B+ig==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Xe5gbg==,iv:rjhHFja3fdbQ3X8ThIZPVgkCkWxNr76Az9ubOjL+udA=,tag:HB6bMlImnr3IhrDaB4sBWA==,type:str] - chatbot: - valuefirst-username: ENC[AES256_GCM,data:dMFYbw==,iv:MWnT1q23L63iWJ6EkBh6xSgI0P7zP8/MYTCihkuTQCQ=,tag:T9rDaKY0bbwC4MwKqVwXQw==,type:str] - valuefirst-password: ENC[AES256_GCM,data:dvfYWw==,iv:qC5K/dOu5BgLM2GpNt3lJPmMno+XSIQgVFKafqcGmQA=,tag:80XAMBzAnDiYxQzBqoDAAQ==,type:str] - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:xBaDDrKE,iv:fZYsVOE9MggfWAojCzIHQHv2Xhp85H5POWPYKtEiPyQ=,tag:Dw/8oUlsgzkzQG6CSmsxUQ==,type:str] - oauth2-proxy: - clientID: ENC[AES256_GCM,data:5A6q0glmodHx9s3rx4EhDAuYhL8=,iv:gmc5Vp8urSmR7v4tQnmHXkD/R4SfvqMuiyvBW4VKAdw=,tag:vlGXvsVOx64pv+23d+Wx1A==,type:str] - clientSecret: ENC[AES256_GCM,data:SFzkPN8A0OND8uHjbdCqPCTg777ocnXGYxSWnteLefmtuaLfLEsFLQ==,iv:OZRqnhjjmgYBZsNhZANXi3nAAjr704r4bWR0bsJo2VU=,tag:rWMIzE0DVRIxmQsFt+hHaw==,type:str] - cookieSecret: ENC[AES256_GCM,data:wZ0M2pfll/jzyTfcRbOHkdHboCKBKmwU,iv:BAiVxm0uF3mIibHcxnkzDXm4MNT8QtPXcP92sx6MnUc=,tag:LY3NIHafKMts4aFTGnYq1Q==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-09-26T16:11:43Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgFWeEnOwvQoaHKnIAgiY16IAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM2AGmEt8LSFOfbEPSAgEQgDtpBhww8wu69Y5JJAIjJsGbD+Pom6B1nKQBbUatICf9QqxXVaGTs57oBrsC8nXSIfyQfpZRAW5FR/DfZA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-11-23T11:40:08Z" - mac: ENC[AES256_GCM,data:wroLS5HZdx3z2Hx/xfBD9yCHpm3wrr1ryDPwH7tqldfaO5QAfA8kA8w01KNIDHWJCGoVsOQY62wuoR7gmEY08VDTLFElCdfKHpssQFqBWhyjCUMBMXK9pPgy9txAF8rei+sVdB5Wsl96Pd9dzEn0uJSYBneyKOom89BMbfIRO+0=,iv:iP3YmOrd0+w9cYixGMB/NbIGNwKsR01uLVS5d+PT7Mg=,tag:e6VrobiSp5FB7NrtqfaSBg==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-qa.yaml b/deploy-as-code/helm/environments/unified-works-qa.yaml deleted file mode 100644 index 7c175d7e53..0000000000 --- a/deploy-as-code/helm/environments/unified-works-qa.yaml +++ /dev/null @@ -1,779 +0,0 @@ -global: - domain: unified-qa.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, works ] - data: - db-host: unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifiedqadb ## Add db-name - db-url: jdbc:postgresql://unified-qa-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifiedqadb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-qa.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-qa.digit.org/ ## Add your Domain Name - state-level-tenant-id: "pg" - egov-state-level-tenant-id: "pg" - state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-upgrade" - es-indexer-host: "http://elasticsearch-data-v1.es-upgrade:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, works ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - mdms-service-v2: http://mdms-v2.egov:8080/ - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-mdms-service-v2: "http://mdms-v2.egov:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - audit-service: "http://audit-service.egov:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - attendance-service: "http://attendance.works:8080/" - contract-service: "http://contracts.works:8080/" - muster-roll-service: "http://muster-roll.works:8080/" - project-management-system: "http://project.egov:8080/" - project: "http://project.egov:8080/" - estimate-service: "http://estimates.works:8080/" - organisation: "http://organisation.works:8080/" - bankaccounts: "http://bankaccounts.works:8080/" - expense-calculator: "http://expense-calculator.works:8080/" - expense: "http://expense.works:8080/" - ifms-jit: https://uat.odishatreasury.gov.in - ifms-adapter: "http://ifms-adapter.works:8080/" - works-management-service: "http://works-management-service.works:8080/" - individual: "http://individual.egov:8080/" - works-pdf: "http://works-pdf.works:8080/" - loi-service: "http://loi-service.works:8080/" - household: "http://household:8080/" - product: "http://product:8080/" - facility: "http://facility:8080/" - measurement: "http://measurement-service.works:8080/" - ifms-adapter: "http://ifms-adapter.works:8080/" - measurement-service: "http://measurement-service.works:8080/" - measurement-registry: "http://measurement-registry.works:8080/" - mukta-services: "http://mukta-services.works:8080/" - -estimate-service: - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - estimate-default-limit: 100 - estimate-search-max-limit: 200 - estimate-workflow-business-service: "ESTIMATE" - estimate-revision-workflow-business-service: "REVISION-ESTIMATE" - estimate-revision-measurement-validation: "true" - estimate-revision-max-limit: 3 - -loi-service: - tracing-enabled: true - workflow.loi.business.service.name: "loi-approval-4" - -attendance-service: - tracing-enabled: true - java-enable-debug: true - attendance-register-default-offset: 0 - attendance-register-default-limit: 10 - attendance-register-search-max-limit: 100 - attendance-individual-service-integration-required: false - attendance-staff-service-integration-required: false - attendance-document-id-verification-required: false - attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON" - organisation-contact-details-update-topic: organisation.contact.details.update - contracts-revision-topic: "contracts-revision" - -contract-service: - tracing-enabled: true - java-enable-debug: true - contract-default-offset: 0 - contract-default-limit: 10 - contract-search-max-limit: 50 - works-contract-service-code: "WORKS-CONTRACT" - contract-workflow-business-service: "CONTRACT" - contract-workflow-revision-business-service: "CONTRACT-REVISION" - contracts-revision-topic: "contracts-revision" - contract-workflow-module-name: "contract-service" - contract-cbo-url-host : "https://works-qa.digit.org" - contract-cbo-url-endpoint : "/works-shg-app" - -# project-management-system: -# tracing-enabled: true -# java-enable-debug: true -# project-default-offset: 0 -# project-default-limit: 100 -# project-search-max-limit: 200 -# project-mdms-module: "works" -# egov-location-hierarchy-type: "ADMIN" - -project: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - project-mdms-module: "works" - egov-location-hierarchy-type: "ADMIN" - -muster-roll-service: - tracing-enabled: true - java-enable-debug: true - musterroll-default-offset: 0 - musterroll-default-limit: 100 - musterroll-search-max-limit: 200 - musterroll-workflow-business-service: "MR" - works-attendance-log-search-endpoint: "attendance/log/v1/_search" - works-attendance-register-search-endpoint: "attendance/v1/_search" - works-attendance-register-search-limit: 100 - muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" - works-individual-search-endpoint: "individual/v1/_search" - works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" - works-contract-service-code: "WORKS-CONTRACT" - notification-sms-enabled: "true" - -organisation: - tracing-enabled: true - java-enable-debug: true - org-default-limit: 100 - org-search-max-limit: 200 - egov-location-hierarchy-type: "ADMIN" - works-cbo-url-host: "https:/works-qa.digit.org" - works-cbo-url-endpoint: "/works-shg-app" - organisation-contact-details-update-topic: organisation.contact.details.update - -bankaccounts: - tracing-enabled: true - java-enable-debug: true - bank-account-default-limit: 100 - bank-account-search-max-limit: 200 - -individual: - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -works-management-service: - tracing-enabled: true - java-enable-debug: true - -inbox: - namespace: egov - memory_limits: 512Mi - heap: "-Xmx512m -Xms256m" - java-debug: true - tracing-enabled: "true" - service-map : '{}' - bs-service-map : '{}' - -ifms-adapter: - tracing-enabled: true - java-enable-debug: true - payment-create-topic: "expense-payment-create" - egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" - ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" - ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" - egov-bill-search-limit: 10 - -ifms-cronjob-pa: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-va: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pis: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pag: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-fd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftps: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftfps: - user-name: "IFMS_CRONJOB" - -expense-calculator: - tracing-enabled: true - java-enable-debug: true - -expenses-billing: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - bill-kafka-topic: "bill" - -expense: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" - -works-inbox-service: - java-enable-debug: true - tracing-enabled: true - -#########---core-services---######### - -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-QA/works/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" - -egov-mdms-service: - memory_limits: "512Mi" - heap: "-Xmx512m -Xms512m" - replicas: 1 - images: - - egovio/egov-mdms-service - mdms-path: "/work-dir/egov-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch - mdms-folder: "egov-mdms-data" - masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" - java-args: -Dspring.profiles.active=monitoring - -egov-filestore: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - volume: /opt/eGov/filestore - is-bucket-fixed: "true" - minio.url : "http://minio.backbone:9000/" - aws.s3.url : "https://s3.amazonaws.com" - is-s3-enabled: "true" - minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - fixed-bucketname: unified-qa-filestore ## Add filestore bucket name - -egov-user: - replicas: "1" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - state-level-tenant-id: "pg" - java-enable-debug: true - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-persister: - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/works/egov-persister/project-persister.yml,file:///work-dir/configs/works/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/sanitation/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/sanitation/egov-persister/pqm-persister.yaml,file:///work-dir/configs/works/egov-persister/individual-persister.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" -egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/sanitation/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/sanitation/egov-indexer/pqm-anomaly-finder-indexer.yml" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - java-enable-debug: true - heap: "-Xmx192m -Xms192m" - employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - memory_limits: 768Mi - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/pgr/servicedefinition/v1/_search,/pgr/servicecategories/v1/_search,/pgr/v1/otp/_send,/pgr-master/receivingmode/v1/_search,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/pgr-master/service/v1/_search,/egov-location/boundarys/getLocationByLocationName,/pgr-master/OTPConfig/_search,/pgr-master/serviceGroup/v1/_search,/egov-location/boundarys/isshapefileexist,/pgr/services/v1/_search,/hr-masters/hrconfigurations/_search,/collection-services/receipts/_view,/pgr-master/service/v2/_search,/pgr-master/servicedefinition/v1/_search,/citizen-services,/citizen-services/v1/requests/receipt/_create,/citizen-services/v1/pgresponse,/citizen-services/v1/requests/anonymous/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-mdms-service/v1/_reload,/egov-mdms-service/v1/_reloadobj,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/eus,/egov-url-shortening,/whatsapp-webhook/messages,/edcr/rest/dcr/downloadfile,/dashboard-ingest/ingest/upload,/egov-searcher/water-services/wateropensearch/_get,/egov-searcher/sewerage-services/sewerageopensearch/_get,/xstate-chatbot/status,/xstate-chatbot/reminder,/nlp-engine/fuzzy/city,/nlp-engine/fuzzy/locality,/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening,/mdms-v2/schema/v1/_search,/mdms-v2/v2/_search,/mdms-v2/v1/_search" - egov-mixed-mode-endpoints-whitelist: "/pgr/seva/v1/_create,/pgr/seva/v1/_search,/pgr/seva/v1/_count,/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-common-masters/departments/_search,/pt-property/property/propertytypes/_search,/pt-property/properties/_search,/pt-property/property/usages/_search,/egov-idgen/id/_generate,/egf-masters/financialyears/_search,/egov-common-workflows/process/_start,/egov-common-workflows/process/_search,/egov-common-workflows/tasks,/egov-common-workflows/tasks/{id}/_update,/user/_search,/billing-service/demand/_dues,/billing-service/bill/_generate,/billing-service/demand/_create,/wcms/masters/waterchargesconfig/_search,/wcms/masters/usagetypes/_search,/wcms/masters/pipesizes/_search,/wcms-connection/connection/_getbillingtypes,/wcms-connection/connection/_getconnectiontypes,/wcms/masters/sourcetypes/_search,/wcms/masters/supplytypes/_search,/wcms/masters/storagereservoirs/_search,/wcms/masters/treatmentplants/_search,/wcms/masters/documenttypes-applicationtypes/_search,/wcms/masters/donations/_search,/wcms/masters/nonmeterwaterrates/_search,/wcms-connection/connection/_create,/egov-common-masters/genders/_search,/egov-common-workflows/designations/_search,/access/v1/actions/mdms/_get,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/property-services/property/_search,/billing-service/bill/v2/_search,/egov-location/location/v11/boundarys/_search,/pg-service/transaction/v1/_create,/collection-services/payments/_search,/pdf-service/v1/_create,/billing-service/bill/v2/_fetchbill,/pg-service/transaction/v1/_update,/ws-services/wc/_search,/sw-services/swc/_search,/edcr/rest/dcr/scrutinydetails,/edcr/rest/dcr/occomparison,/egov-pdf/download/PAYMENT/consolidatedreceipt,/collection-services/payments/PT/_search,/collection-services/payments/WS/_search,/collection-services/payments/SW/_search,/collection-services/payments/WS.ONE_TIME_FEE/_search,/collection-services/payments/SW.ONE_TIME_FEE/_search,/turn-io-adapter/_transform,/egov-user-event/v1/events/_search" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -########################################## - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - egov-url-shorten-hashid-salt: "randomsalt" - egov-url-shorten-hashid-min-length: "5" -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" - - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -pdf-service: - replicas: 1 - memory_limits: 1.5Gi - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" - data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json,file:///work-dir/configs/pdf-service/data-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/data-config/deviation-statement.json,file:///work-dir/configs/pdf-service/data-config/measurement-book.json" - format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json,file:///work-dir/configs/pdf-service/format-config/detailed-estimate.json,file:///work-dir/configs/pdf-service/format-config/deviation-statement.json,file:///work-dir/configs/pdf-service/format-config/measurement-book.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-user-chatbot: - egov-state-level-tenant-id: "pg" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -works-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -works-shg-app: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "UNIFIED-QA" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - #metrics: - enabled: true - serviceMonitor: - enabled: true - service: - prometheusRule: - enabled: true - -cert-manager: - email: "devops-team@egov.org.in" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -inbox: - service-map : '{}' - bs-service-map : '{}' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "es-client.es-cluster" - es-port: "9200" - - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-048713dc21b8e4f6e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-07f64ad8ca99f8daf" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-04a5306e32b2ecfec" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0465e07d1c0f5b15a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00a73b33ef5efe981" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0606452427a946dac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-00f013288bd67ff28" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-08bedc5a9b489eddb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-01c26575f47f745c3" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-05da2f8e14795b34d" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0a3dfaac5a810e5bc" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-0edf1fd8608b184b7" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< diff --git a/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml b/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml deleted file mode 100644 index d6472e7f79..0000000000 --- a/deploy-as-code/helm/environments/unified-works-uat-secrets.yaml +++ /dev/null @@ -1,129 +0,0 @@ -cluster-configs: - secrets: - db: - username: ENC[AES256_GCM,data:ej6rw0sY0IbsrA==,iv:JTPS7Y8hf1QD5TVHb2xFok3vI+pdT2dBQDxY/U7FmmU=,tag:9Qq1Qh2PFWfWcEKFXp4nBg==,type:str] - password: ENC[AES256_GCM,data:ofy7mdAYN9/WYvWbuKT1NA==,iv:hzLGwom4+abebRWCHi6HFoUIKe4TXKYWupsUfC1kXzw=,tag:TE8yzhdpSYu1Rydf/3CQ0w==,type:str] - flywayUsername: ENC[AES256_GCM,data:/kHSwbPJmYoqmg==,iv:M6T0SP0yzW/aUHUUp7lC+XwmOai3xscihuTUUOuCHxw=,tag:Ifxy7ZY7taXcyNAj2O48PA==,type:str] - flywayPassword: ENC[AES256_GCM,data:NpOu/JClmmV2fWGbLdkOYg==,iv:kqgiVZ2EkpVpOryuWqcChzFktUfLcobxqFKFe6JDsWc=,tag:007e1E/Eiba+fEnv0d/vlg==,type:str] - - egov-notification-sms: - username: ENC[AES256_GCM,data:l9ePQw==,iv:aAEEQch3k48jZmDmIjyq6oqNVwrvQE+eR/8Lgp4RNJg=,tag:GUj4pGHjtr5xzUpjqOv4hQ==,type:str] - password: ENC[AES256_GCM,data:GMwFMg==,iv:ZhT5wA4VYLlAP0jyPRBbXIGRlfE+exr21wBxtjM32nk=,tag:8aZ/5Lw7z6qKBt3/eP806A==,type:str] - - egov-filestore: - aws-key: ENC[AES256_GCM,data:UUCDe28vk2pNLW12A0DpyHCVNuU=,iv:lLeWXfYYx1siT7kq7x4kMPiebO5tcZmhAQGiBNVuWdw=,tag:vxdABMYotBYHnpbCIBJXSg==,type:str] - aws-secret-key: ENC[AES256_GCM,data:mB9M+8qyKLizNcCfFE0LNDfGIPJA+D94fKjsIWE2RG0KJl4ALS1W9A==,iv:s9UPlD7BHuYLEpt5smwnOSW63kFrZ4FXVaArul9AQ74=,tag:QVQJE0+lVb9PsuB10JuXxw==,type:str] - - egov-location: - gmapskey: ENC[AES256_GCM,data:txaFu2KZyPolvoyuPlfAG2wxsA==,iv:zKBUJuCiv6DDAKWVEuuTLnJzvKp+vOH+DJbkqxI2mmc=,tag:jxmStDaWybBNIyZNKf5iNw==,type:str] - - egov-pg-service: - axis-merchant-id: ENC[AES256_GCM,data:VnkIRw==,iv:5DZr8LjNF7up66Zq/Y0fAAh+DOcTKQyxt2UDgRjLR6E=,tag:YXUgXNiZyWW+rBq681M0bQ==,type:str] - axis-merchant-secret-key: ENC[AES256_GCM,data:6RgpsQ==,iv:njaT4Sw8FBPs8cGKyfQMnBG704rzUsZpT1FRa9K/BZI=,tag:gmzHQXzwI6TuisCDbCdf/g==,type:str] - axis-merchant-user: ENC[AES256_GCM,data:6HZ7dA==,iv:Z2uWN+Q7EdrazwGIrxgYTUFv1AYPYSebADGPM8SgSzg=,tag:0CGBfgMg+vjC9zxMGBY6NA==,type:str] - axis-merchant-pwd: ENC[AES256_GCM,data:7TkLgQ==,iv:wKql/Xwy8o4n/ZcYnnwUB6kZ38CvWZUt1L7J+Lq3+Oc=,tag:RHHLHNEzFG0ybz75Fr2ndw==,type:str] - axis-merchant-access-code: ENC[AES256_GCM,data:jrxxGQ==,iv:0AwX2wdeZcf75vVS1a3J0ciM2ZHWZhuGNg+4byhuch0=,tag:2a+3eeWO9jrrSN3pekZrIw==,type:str] - payu-merchant-key: ENC[AES256_GCM,data:1TH2xA==,iv:74231+FYIltgfpzDYqO3l0cfjAn4DGlt1e+QmMmlfL0=,tag:gy6Tliyuov3hp8Uqaa01JA==,type:str] - payu-merchant-salt: ENC[AES256_GCM,data:1kTJQw==,iv:m3kdARQagkdwfktTIJt4a3EsLcPiUDbYhqOcAG0wsTQ=,tag:NaPWHTeMa52pHFbEFQ+zFw==,type:str] - - pgadmin: - admin-email: ENC[AES256_GCM,data:v18zdGvaj6CTEn3Tfw==,iv:Q3Dd0sq4jj7NOy8fmz/LRxTVcfKMn+Os9vEZFdihUjU=,tag:yeD8BUYH2y2iutPEBMTQ5A==,type:str] - admin-password: ENC[AES256_GCM,data:osIW9g==,iv:gq90oL7eIXMJ+zHBIvWi1HruINLzy9XrAEP17mR5ubY=,tag:0bort4rWHiuUnn21Jkj77w==,type:str] - read-email: ENC[AES256_GCM,data:Pm30twOkz69Z8aPI+w==,iv:daim3K0MKVxjhc0fPOmiWFkqpiCS9S+2wOnxgmOsfGA=,tag:CAvV5ciPjqXXZ08dtffukA==,type:str] - read-password: ENC[AES256_GCM,data:TFeaVQ==,iv:ZyEQvyxXk6Y0i92h+H37AvmC2SLbAr/nmbhJ0aqBPA4=,tag:iof7kAJGSjxoHRdnxVR23w==,type:str] - - egov-enc-service: - master-password: ENC[AES256_GCM,data:xaEkBg==,iv:93gKxhk6CP2lOM1lCOJ/nDASvVAv8qMHylRg5Fcq9Gs=,tag:S0dVn/sesvt2s3BNV9HalQ==,type:str] - master-salt: ENC[AES256_GCM,data:MLZ+TJHNz4U=,iv:DAIMTebB8XKTtnjsz89fuIfw/LO6fJT2I2sArXTq12Y=,tag:MgduB7B5dITT9TBXQGtlqg==,type:str] - master-initialvector: ENC[AES256_GCM,data:s9Qy8UK5+tZAwXAc,iv:FFOkXw0UeQDH1PDwW7ueOyXl1R0A9Jgcy1UOtjUxvdM=,tag:EQvzZinbs3wWI4WeIj/bqg==,type:str] - - egov-notification-mail: - mailsenderusername: ENC[AES256_GCM,data:zlTKuGmna+A5,iv:mG+mor9q1E1Q8tmANTWe1yA0p5RgQnfOrwUj/xW4Pmc=,tag:PpZ6LjH/JI3gqNTx9suizQ==,type:str] - mailsenderpassword: ENC[AES256_GCM,data:z6MOjA==,iv:OyrELzpAbnHCCutpuKKAThv8BGxI40da7b8XYlaIRc0=,tag:9Mrv38Q9j6M9RaGwBqFWsw==,type:str] - - git-sync: - ssh: ENC[AES256_GCM,data:9mHjsX/7w8ytjW+12IblHzIMbHxa59z8yP8yP9fm+kEIDvnKZ2YD5RAL4NpdnWQx2MGLSUDTDuRFGR9/vS7xzG+A56ReeEU007JRDdmKZNbIAnHXqXJE8rGSzaewzBq4HW981Zz3U9Gko6T9+ZrmB3KTYAVxROfirrlLFRjVycyT4YlrZiCnEbUqLqxJ+I7uHcINuT6YdrjAuyahvmGBfvzmRY5Uu6TJ4x6/QIo3zGDDs9wxoBP+qFu16InEaD+eaEGi0iJ4lewmcCrf6w/S4I8R65xECJSTE/w7se48lbvE7rXh6a5OrUTTx5rdoZ1BB0GtMHFnsW6icIEz5qUEnzG1HOFIYR+7cbC/F7OzckUcF1k7jUAPcZiSs3NXGJEJ4sw5JE29anQRi4LVN3+mTH1l5EccInWt0uSebXmaPl/ZvzmIV+Rx3wBjUeUeOpy9IuSd/ZkZoP6Iqxce2V73DCffbGpQ/azrpI3jD9D6RG41vYEYjKmDuiBgbiMw4qkxi8Tl0xNY1oj6IMp/ggl09LwkBlBOZXFnUqutGT5Mg44cDwyTxJNqx6RvDHVFRaPsU8Hc6pLItQNABj6IRlmKZC8ysfOYk87XMtXyV7Up63g+FvDFG0v4LOI3pS2Yu7EYATkEujeXRQR9I3X+AZhNzJw3alr69tywzGCmfd+QLH4pkoxkNgUtlKBbLewXKhwU0kfvvXv1YSbfrVh2+SXOkyVvOK/Xkcz2SQtSvL6UZ95gctFuI52ZO32GcyFdagt3KLcSn7EUJbcz8NRHV3KS0HSl+GbTEZpa0v+UJjJHUGuNkHybBsJWon6pFKJXmmugbSbtRuRn/BC/bmclbayBdSsTGxtnayA8V3dAizRd+6bveGpGAus+pjElBSJ8QTYN1YoXINxY6JABmzKZ8MHO+2JMx8fB+mjUC1cJAqQZQFgTqGgf34oZcxHv+9A4n5RK2LZqVQ4pclPvvDCihXviq5Xm/QaD6NyUTxyCuqqjTRnzIqQ1yxDc4bcxBJsFs66PGx8MQiX1wcp8D9oHVwsoiZFGuEHilwkIHBj83RTdqe1+2Her25ZkAQjfjRp2VW1krHzaQww1WaIVi6UaNrzUD2fiey7zSPWvK2TRRGLtUkDZ6w/VwWQVVbo6kmra2GlrY79ZuhgaCxcGf+d4DDA1KGvxM068QFh05ZgoqTRzHj7Sjt8TuClCMewQ06lQicUj43jsAUxsoPtSSjuAZ7dMSoJsXqpNywKtEIB/XTt4RYX/hoRkLfFnc74elkjK9a9ESjTQqjTsakV4puY4SpCmm/htsNf3bPfC7xCanBJW1TNYwJWMyt1XFwNLBxWgEsPZB692wWdeptoPF6hv7AqMoF5TRNMF/Q/WUk5NfyLUA7NdotsdRVzsXffxKU6RmLl/jZNVkwsHhGull+xV6rdUJ/mNHscrPxICXUfKmeKMnxblbHiKTj71nzDBiPCSPelu+rRAZcITbFwpfWguWRJqLQk3jlyqoukM2bNUgqoG81Rr8FzW1zP5iGY4KA/UtTaMPgiD3R/ijSElQRxx2+TJ3aJcmDtVnqiCsSQUw22UTM3HFEXNBg37j/oZPE+8n/XsZPnoTy2+vUBcSYVKiA+IDEjixmsniNGRP6Fl6BiupphXuoCrDWrY8UYAg0nNZJL1kg5Y/FFQzRnwOrPD3guVJWxE1jffMwgFuuhqgBHsfzBs70TCFI+xQ7spP8oOQasiNpEyx5Lz3B53uKxJinfN+2XpsZ/UWupQTgHdgYqvQpZZipK/T5cgAs7RnZ5PfWrwfgQxTuCiv7c8pVf2DqySplpMeorFKYv5+DtBDz4Bj+5ZknMuuMiYVWFBjUcpgX4oie8re0rHhc2aNTfd378DKZ6gqVq6awmvq3RXOtTIqQVha6VHGRr9DaTgw5EjScGZbdIzc7ti3U/aNk+KoVgkC/kYUdx0uXT4w1k+aRcXdRPDvWbEHuKh8EO7zJI+5nk7dWINaiEy4MucKSv5QYpy3fdjdBK8YtwaPZ3G/koGkfhglH3PU82jeokOLcMz60mMtCLBlyuWh5btnImwpZqdJoKs4czWFlekrzgYK6HCCiQOPak0ESbiUyvv9If8ul5u8hMahcyULrpiB1yxdtQeVa8hxDI2SaU5GEO0iXnkduhyG/BUsrRgizc0POHALETsjDVWtCTnmE6Xl0TyzijaMAICxNgDc/Wvv4VhRlbqX6XYS7902d4lFZ36Mw==,iv:PVbDvGj/v+Vdz205QUuykjYu1Jc/Z5TX42N6YwnGRnA=,tag:9WfuograxxJ0bNAk8MXOIw==,type:str] - known-hosts: ENC[AES256_GCM,data:doQ0KcXlAtGTfJ85fduFREfbCuGcQqvHNZuKLj647/psjig3Jn4GzsZsZYiTnR5CDA1KahsdO75JIZ1ZeILB0AomjSO4wC/U084caGTX4wgfx2BLK84/xRai24g2T08FdLZh+leWIbsSnO40EPh6yQ1DxCANboGeytAnVwfmE8GErSmZi+8/fOXlPCsUqFHOqQJgf313zMAB7jQE1uD7EtYehfxhzMs9wt4wILiKcGxNOE/pU9OFBo+/S+G0pgMTR6MCfNEk9frMss64a7oGTDWFOgdZLLtGJ89Y4JRBWXkgxIGtCI9jfZtmnN6KbNC+wuBEwf+PWBfde4YASejZF35p9me3NJ+Sa9v0qTdQnr285/FQF+QHhEWeyrfL+byDRGjjvY2BBQEYNm5vNyDLNFt+HDnKZxhqruIveSCGQ+dnkheVpKSSF3ZMr25SLuofGuBNPB07dFJLXbS/HWIHciXBPFMJL73hLFrbRZ4nt47XCi5FeIlGS1k/QRRxJWd3XU6cogUXH1davFkiVcWOxdVyxgPMu/W3OQMdc1qvn2Vx2WKtBWuAzSmrMoMaABwf3UC9LuNxKo9Tqs2IkewslKmSs/d6MlnF0MNOx6or2qJfWT6yXuMNRAcCJvtXZ/rfrZC9XTP7NTwknE5r9TV6ZTq5HoEeupt1cKweMm8L/jdmMqfeXXaGrcWC1k2Te7ahbmRyJUXzsiEKHTDiRYb41L/qC83YgtS+Fmsxy/U8pmDpAko=,iv:r/V+tY/DuDyYNXpbBlWFcuJecD29ZegPZMnKiRaZnlk=,tag:oNu+nJbTt56VLSVtrqtGsw==,type:str] - - kibana: - namespace: ENC[AES256_GCM,data:KvPlhTXpkr63Nw==,iv:uV0zXM0r2c3RbQN8Az+kDHipPkkIvlVbVF/eKfSQrfE=,tag:z8vghhxh3OHbunYHUDR+og==,type:str] - credentials: ENC[AES256_GCM,data:Q7DDow==,iv:Y3z+NlqHOVHzcsjKlIe5skwZMElA3cLA6/rFD7qnejA=,tag:D2YDDsoDTHrtE+se0xJBqg==,type:str] - - egov-si-microservice: - si-microservice-user: ENC[AES256_GCM,data:ehBZmA==,iv:FsuOCof761q+MhUX+oAeZ4aqXawZG0dcb58y8BMzVPI=,tag:Q9prmhE75GsLatfg756S/w==,type:str] - si-microservice-password: ENC[AES256_GCM,data:h+HJWA==,iv:Uss/9nutS9OA9SbNSY3a2KfyTtj/WOu89Al6ugHfsLk=,tag:JFoq9XWF6xfiPCiuRqDOtQ==,type:str] - mail-sender-password: ENC[AES256_GCM,data:QKEOoQ==,iv:OTmDkzYGrNB1Bikyy6LEYN2paU3P+1HSG7E0U3LvVSs=,tag:JS26n1YKD+c5YQ9/TZW68g==,type:str] - - egov-edcr-notification: - edcr-mail-username: ENC[AES256_GCM,data:0tHKhGpDmnaaYNWqbg==,iv:eYAVnNMfmOwRwNiAQNjFlh6UsDmThh9xsASbiBzDf2g=,tag:oF+9WaccvU8ychCvyyeGbQ==,type:str] - edcr-mail-password: ENC[AES256_GCM,data:vuoukQ==,iv:jJiRltz8Jb7nTFn2NafMoyRyrFB/1VKMLnajEAn9TQ8=,tag:SSf/VgiIZIcn0dYclPUlnw==,type:str] - edcr-sms-username: ENC[AES256_GCM,data:1tG13Q==,iv:59lLShjHOg+92yCWBDRH4p5r4N/7mxchS11qqQzIsq0=,tag:jeCuxR8V/b0KXjFjB52XOQ==,type:str] - edcr-sms-password: ENC[AES256_GCM,data:Vs5SKw==,iv:D6lU385Y5Q/uvO6wGJKY3RobgVxPs1bqUlP1bUCtSyI=,tag:ppmVJ659l5fBSp9ASWkpkQ==,type:str] - - chatbot: - valuefirst-username: ENC[AES256_GCM,data:wx1RVQ==,iv:orgcWbaBh0RCZT82Tw3dW3aj4wXrWSyrSUE986OSrdw=,tag:C5DfHk2u8epdjdNpHushPQ==,type:str] - valuefirst-password: ENC[AES256_GCM,data:ojdxRA==,iv:ORhuVDiYKV824iNfxlJ8TbNX8cexwpfVaXYYfiAoh+4=,tag:alQLRqsCsMQNMff+psgvjw==,type:str] - - egov-user-chatbot: - citizen-login-password-otp-fixed-value: ENC[AES256_GCM,data:H1tVDdUn,iv:9k3kytQ+2Kbzuktk4ZcMczaEjQUBAv8a1jsbpTH68bs=,tag:YJ6UyK90lrWJIjvwWPraKQ==,type:str] - - oauth2-proxy: - clientID: ENC[AES256_GCM,data:q/srZNVHpZ7pGBJL,iv:Pd7fBPIc8kHsfjbgAOvPtXN6Ka+ZVk5sWaulMXK9XLU=,tag:YejMYltv88eW8R9PDujikg==,type:str] - clientSecret: ENC[AES256_GCM,data:Lv3HIQML4LLq5dwYiNg8QtR5qZRWhhu++jIBn+SC/GyCEdHSHQ==,iv:JoaVRUHmKOmh3mkhmd7sIkqafkw0mwRZxLMTGFOwWFw=,tag:CeRQhgdapiVPp4KPAK6b2A==,type:str] - cookieSecret: ENC[AES256_GCM,data:FJSSc5SQkDPX+CK5/dR313+9Q7f4hLd5,iv:T47s0eEK1+pOE9gK1ArnXLj7rq7y7le6Mu3Bb/3MKBQ=,tag:LH/JfUfTjx6E8MIuMrbHmQ==,type:str] - alertmanager: - config: - global: - resolve_timeout: ENC[AES256_GCM,data:aGk=,iv:xjHLG2Rz9m2LsqrZMJZs3yOiXT3WSM+8EJTCAoy5ET0=,tag:L9FZA0pzHivNnevKvlaiNw==,type:str] - route: - receiver: ENC[AES256_GCM,data:/RyFHKwNxM3RCxomXymeYMjZXw==,iv:ZUMbLLr0s7olZDPexOO2IP6vTyk64myTtemMYcYzY34=,tag:uKZntWNcCAej0i55MhfyxA==,type:str] - group_by: - - ENC[AES256_GCM,data:zIgVE6c23+VH,iv:a7aG93obOGerh4OhB+vx9SRE8WL4jaKoDFUYTkX/pLk=,tag:UYdg7s8Mpcj4RNwsBPHINQ==,type:str] - routes: - - receiver: ENC[AES256_GCM,data:b2S1oaqfke0bR9bX3VBefBkLDw==,iv:Ka2wh3UxBsB9faXZTkI2YiSe9PPKkj5JzYmLp8dCCKE=,tag:muvDJ9QYYePciA5MHq5F0g==,type:str] - match: - alertname: ENC[AES256_GCM,data:K6il4fzvUQM=,iv:x6iw+4EpNAii+ydoj66xefO4LnICP9SfokprzjZNAPo=,tag:4RchRj5EY6OxAMmDM6wQGw==,type:str] - group_wait: ENC[AES256_GCM,data:DgZO,iv:UbIr2Q3t/JjXK91w8oLdGYISJWm0ogy7hVekzjDiZbw=,tag:hS3RP1bmY8iTQyZZ9E4Ujg==,type:str] - group_interval: ENC[AES256_GCM,data:sHE=,iv:KR9+m6FGWgNeV2e+aBCmGIaCB7Bpn7RtnrEWPMbZDPk=,tag:5pZi0h1t5nbKkorO+KEAtA==,type:str] - repeat_interval: ENC[AES256_GCM,data:FOG9,iv:ZHRN/lCZmqIi4XHup1ebWYKaMLrFLfGowy3OfN5D2PQ=,tag:mW1OtpB6GAb3H4tJ/X/EOw==,type:str] - receivers: - - name: ENC[AES256_GCM,data:lgh3kXh5WAPcNL1eL9G6VMsZ9w==,iv:RtPdpEgMiTt1eYoSUfwetT3JOIZ1q+xKmsBFb+DROLc=,tag:zlNBBFkvVrjV0mYq5gTR1g==,type:str] - slack_configs: - - send_resolved: ENC[AES256_GCM,data:1xcfdg==,iv:TrlrJSGK6tnzuBd9JUpn2P4qRI14ni2OuevSbNVKBEI=,tag:YRmQBP3lW8folA4ZimKQEA==,type:bool] - api_url: ENC[AES256_GCM,data:qYpe/zBlw0Yv6k/BPEnuCwoCHlIaV4Iy91rMt9XtciI+4oyPjTwbcl9WKllJV7r7efnmyZSykrZrXIavWaNlJ+RA4ezGAsSBaDn1wV9B9w==,iv:DS1Stz8TAu8t/MvK6/anYizLQaPE6TUaFvowvdqQWXs=,tag:2B/yA1YzDdmO6bMA7rvaKA==,type:str] - channel: ENC[AES256_GCM,data:W9w88Yl1sgyOGTuAct0hRt6lBEN/6Q==,iv:lXqvX3WOELON51vkgXwlQw2TFjR3KwclaGz6RIVnpfg=,tag:beOnMoQq0ADjzg7opSfsVw==,type:str] - username: ENC[AES256_GCM,data:iEf7gEUxVq/rKhA/,iv:XxdgnplqKwDux+C8ee0PDTayIEqeen1duIQL4mn8vO4=,tag:Q8NNrRPu8OC/GQXNORQiBQ==,type:str] - title: ENC[AES256_GCM,data:YnEsXj9g7AQfKVdUYb6sjIUxKhMs8C1R8vk4BlM3AdWU88YMUOI=,iv:/49xxo6YtDfM6fcPJ6b3uCbnt1tUVkxp2Zn1ppInx4Q=,tag:/hR+57T2V3ZqmGBaaSFa6w==,type:str] - text: ENC[AES256_GCM,data:xBv2i34Gd8tP9d2HJ69osMeVjDShR/RRKAz1CPgHiKn6pAbtIw==,iv:BU6eQDbNUxNeVi+fT4Tim9ttjUDRLAQYsRx2GX+tOfk=,tag:g9Mb4RQeOCvw3+In2/GqmQ==,type:str] - templates: - - ENC[AES256_GCM,data:YxP57dehdeCBJeYfbAebPyYHcH2nhwGx9UwCVBKNxn1FmzH62O9QvWBuMbbM8iZBgfMZ4p2qA9rwLIuL6aXC4xFHzFHd4Dw=,iv:oxC9a4q6DZn99j97YGkFjx7q28Bl9hlHzmj0H/U6GEw=,tag:pl6MRFasc4dKwGl+KuByVg==,type:str] -sops: - kms: - - arn: arn:aws:kms:ap-south-1:218381940040:key/9a3b0835-7713-4925-8b3d-da7e421d28d2 - created_at: "2023-10-09T10:33:39Z" - enc: AQICAHjEvQaNWs0Zj/laHQzVyaV/OAacQ3AJGQojIvVJeuwcQgEfIJkrwmm8m0wk/ND2O3LIAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMCK6ZOZGq9fjKSIF2AgEQgDv/xh0ZCHo2mT4A++2zNgW/DMjbjWy5MpFXW1lggnX6ZFKRpzd+pVhH08OIAXCDW4gOXVLuRcXK6ROmEA== - aws_profile: "" - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: [] - lastmodified: "2023-12-05T08:52:38Z" - mac: ENC[AES256_GCM,data:+GHEjF3GEN8t3+8tbqKppqaHLQPhBU6ZSOQ7X9LbZ4ehBxdIMtyW3Idrr0YmMPLecJH5LaXVsl+rdYKtvXYOWi4XXSwdfGb3tRs16HGGhbhzhJeltd7VqieecPUNBlN97fsNp04QWEu09K5MyBNlza4MahjWCbFBlkLzfNmSdz8=,iv:XdxzNxBiDj/R0Fvaa3RFd5rjmmEmSCLNgQCZfaoJRPg=,tag:41ONRfd9Vf2oyWsB6WtB/Q==,type:str] - pgp: - - created_at: "2023-10-09T10:33:39Z" - enc: | - -----BEGIN PGP MESSAGE----- - - hQEMA+gtFIQvidpKAQf/bebufq+I7lxP3wIQssZ5Lyb7cS505VhmHGFClSbHTEgB - ktMBmyNi6z2/rc0tG/l/yYc0ZE5VzrS07LA4HgN4wroy/T9DEZYuRB0TS9NORi2W - Cja3n6IxvFZXQKSrunVX+hPHXBBATzvgWZDs7I3BB1BXlJVv8STED+pk8KxFWAH5 - 3Xt4qD//yT6nDfAoFaKAJW3RpwlFCYU/Dh/OZDrHRRUHPES0WWn9QoSCnLghGDrj - W1Tna50PAUZAgK8j5uvgZNb5ykfRSfvP0noRwdPq65OyZ82TIW7JN/pOgu4rWhle - ho+RbM0RozQjLDd9nhxQBBPAbScAhe6TvtJCCH2EJNJeAbDt2i8giyyUYyJaq4N0 - MVUyoyH/UOGcSUhxcv+By/dunFTuxvOChPP1IusKQB4CFUBSNrl1cnMkOEAED1gL - nJTJMa6Wvh9KpvP17gO+UbTlhMmjQAd0N/ZF4FM3Lw== - =gDUX - -----END PGP MESSAGE----- - fp: B9FF61E01273EDF7DE298B52F4D6BD77E5C66196 - unencrypted_suffix: _unencrypted - version: 3.7.3 diff --git a/deploy-as-code/helm/environments/unified-works-uat.yaml b/deploy-as-code/helm/environments/unified-works-uat.yaml deleted file mode 100644 index fe016c8940..0000000000 --- a/deploy-as-code/helm/environments/unified-works-uat.yaml +++ /dev/null @@ -1,755 +0,0 @@ -global: - domain: unified-uat.digit.org ## Add your Domain Name "Eg: site.mydomain.com" Do not use the dummy domain - setup: fullsetup - -cluster-configs: - namespaces: - create: true - values: [ backbone, cert-manager, egov, es-cluster, kafka-cluster, logging, monitoring, playground, zookeeper-cluster, works ] - - root-ingress: - cert-issuer: letsencrypt-prod - configmaps: - egov-config: - namespace: [ monitoring, works ] - data: - db-host: unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432 ## Add db-host name eg: egov-demo.database.azure.com - db-name: unifieduatdb ## Add db-name - db-url: jdbc:postgresql://unified-uat-db.czvokiourya9.ap-south-1.rds.amazonaws.com:5432/unifieduatdb ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo - domain: unified-uat.digit.org ## Add your Domain Name - egov-services-fqdn-name: https://unified-uat.digit.org/ ## Add your Domain Name - - egov-state-level-tenant-id: "pg" - state-level-tenant-id: "pg" - s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" - es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" - flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" - kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" - kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 - logging-level-jdbc: "DEBUG" - mobile-validation-workaround: "true" - serializers-timezone-in-ist: "true" - server-tomcat-max-connections: "500" - server-tomcat-max-threads: "10" - sms-enabled: "true" - spring-datasource-tomcat-initialSize: "1" - spring-datasource-tomcat-max-active: "2" - spring-jpa-show-sql: "true" - timezone: Asia/Kolkata - tracer-errors-provideexceptionindetails: "true" - egov-bnd-freedownload-tenants: "pg.testing" - egov-bnd-live-citizen-tenants: "pg.testing" - - egov-service-host: - namespace: [ monitoring, works ] - data: - asset-services: "http://asset-services:8080/" - asset-services-maha: "http://asset-services-maha:8080/" - billing-service: "http://billing-service.egov:8080/" - collection-services: "http://collection-services.egov:8080/" - collection-masters: "http://collection-masters:8080/" - collection-search-indexer: "http://collection-search-indexer:8080/" - citizen-indexer: "http://citizen-indexer:8080/" - citizen-services: "http://citizen-services:8080/" - dashboard-analytics: http://dashboard-analytics.egov:8080/ - dashboard-ingest: http://dashboard-ingest.egov:8080/ - demand-services: "http://demand-services:8080/" - data-sync-employee: "http://data-sync-employee:8080/" - egov-common-masters: "http://egov-common-masters:8080/" - egf-masters: "http://egf-masters:8080/" - egf-master: "http://egf-master.egov:8080/" - egf-instrument: "http://egf-instrument.egov:8080/" - egf-voucher: "http://egf-voucher:8080/" - egf-bill: "http://egf-bill:8080/" - egov-enc-service: "http://egov-enc-service.egov:8080/" - egf-voucher-workflow: "http://egf-voucher-workflow:8080/" - egov-accesscontrol: "http://egov-accesscontrol.egov:8080/" - egov-user: "http://egov-user.egov:8080/" - egov-user-egov: "http://egov-user.egov:8080/" - egov-location: "http://egov-location.egov:8080/" - egov-filestore: "http://egov-filestore.egov:8080/" - egov-localization: "http://egov-localization.egov:8080/" - egov-idgen: "http://egov-idgen.egov:8080/" - egov-otp: "http://egov-otp.egov:8080/" - egov-common-workflows: "http://egov-common-workflows:8080/" - egov-mdms-service: "http://egov-mdms-service.egov:8080/" - egov-mdms-service-test: "http://egov-mdms-service-test:8080/" - egov-mdms-create: "http://egov-mdms-create:8080/" - egov-mdms-service-v2: "http://mdms-v2.egov:8080/" - egov-eis: "http://egov-eis:8080/" - egov-workflow: "http://egov-workflow.egov:8080/" - egov-workflow-v2: "http://egov-workflow-v2.egov:8080/" - egov-searcher: "http://egov-searcher.egov:8080/" - egov-data-uploader: "http://egov-data-uploader.egov:8080/" - egov-indexer: "http://egov-indexer.egov:8080/" - egov-hrms: "http://egov-hrms.egov:8080/" - es-client: "http://elasticsearch-data-v1.es-cluster:9200" - hr-masters: "http://hr-masters:8080/" - hr-employee: "http://hr-employee:8080/" - hr-masters-v2: "http://hr-masters-v2:8080/" - hr-employee-v2: "http://hr-employee-v2:8080/" - hr-attendance: "http://hr-attendance:8080/" - hr-leave: "http://hr-leave:8080/" - hr-employee-movement: "http://hr-employee-movement:8080/" - inventory-services: "http://inventory-services:8080/" - lams-services: "http://lams-services:8080/" - lcms-workflow: "http://lcms-workflow:8080/" - lcms-services: "http://lcms-services:8080/" - location: "http://location:8080/" - audit-service: "http://audit-service.egov:8080/" - performance-assessment: "http://performance-assessment:8080/" - pt-property: "http://pt-property:8080/" - pt-workflow: "http://pt-workflow:8080/" - pt-tax-enrichment: "http://pt-tax-enrichment:8080/" - pt-calculator: "http://pt-calculator:8080/" - pt-calculator-v2: "http://pt-calculator-v2:8080/" - pt-services-v2: "http://pt-services-v2:8080/" - property-services: "http://property-services.egov:8080/" - pgr-master: "http://pgr-master:8080/" - pgr-rest: "http://pgr-rest:8080/" - pdf-service: "http://pdf-service.egov:8080/" - report: "http://report.egov:8080/" - swm-services: "http://swm-services:8080/" - tenant: "http://tenant:8080/" - tl-masters: "http://tl-masters:8080/" - tl-services: "http://tl-services:8080/" - tl-workflow: "http://tl-workflow:8080/" - tl-indexer: "http://tl-indexer:8080/" - tl-calculator: "http://tl-calculator:8080/" - user-otp: "http://user-otp.egov:8080/" - firenoc-services: "http://firenoc-services:8080/" - firenoc-calculator: "http://firenoc-calculator:8080/" - egov-apportion-service: "http://egov-apportion-service:8080/" - bpa-services: "http://bpa-services.egov:8080/" - bpa-calculator: "http://bpa-calculator.egov:8080/" - rainmaker-pgr: "http://rainmaker-pgr:8080/" - ws-calculator: "http://ws-calculator.egov:8080/" - ws-services: "http://ws-services.egov:8080/" - sw-services: "http://sw-services.egov:8080/" - sw-calculator: "http://sw-calculator.egov:8080/" - land-services: "http://land-services.egov:8080/" - noc-services: "http://noc-services.egov:8080/" - minio-url: "https://minio-uat.digit.org/" - egov-user-chatbot: "http://egov-user-chatbot:8080/" - zuul: "http://zuul:8080/" - egov-url-shortening: "http://eus:8080/" - fsm-calculator: "http://fsm-calculator.sanitation:8080/" - fsm: "http://fsm.sanitation:8080/" - vehicle: "http://vehicle.sanitation:8080" - vendor: "http://vendor.sanitation:8080" - egov-edcr: "http://egov-edcr.egov:8080/" - echallan-calculator: http://echallan-calculator.egov:8080/ - echallan-services: http://echallan-services.egov:8080/ - inbox: "http://inbox.sanitation:8080/" - inbox: "http://inbox.egov:8080/" - turn-io-adapter: "http://turn-io-adapter.egov:8080/" - pgr-services: "http://pgr-services.egov:8080/" - birth-death-services: "http://birth-death-services.egov:8080/" - egov-pdf: "http://egov-pdf.egov:8080/" - attendance-service: "http://attendance.works:8080/" - contract-service: "http://contracts.works:8080/" - muster-roll-service: "http://muster-roll.works:8080/" - project-management-system: "http://project.egov:8080/" - project: "http://project.egov:8080/" - estimate-service: "http://estimates.works:8080/" - organisation: "http://organisation.works:8080/" - bankaccounts: "http://bankaccounts.works:8080/" - expense-calculator: "http://expense-calculator.works:8080/" - expense: "http://expense.works:8080/" - ifms-jit: https://uat.odishatreasury.gov.in - ifms-adapter: "http://ifms-adapter.works:8080/" - works-management-service: "http://works-management-service.works:8080/" - individual: "http://individual.egov:8080/" - works-pdf: "http://works-pdf.works:8080/" - loi-service: "http://loi-service.works:8080/" - household: "http://household:8080/" - product: "http://product:8080/" - facility: "http://facility:8080/" - measurement: "http://measurement-service.works:8080/" - ifms-adapter: "http://ifms-adapter.works:8080/" - measurement-service: "http://measurement-service.works:8080/" - measurement-registry: "http://measurement-registry.works:8080/" -estimate-service: - tracing-enabled: true - java-enable-debug: true - estimate-default-limit: 100 - estimate-search-max-limit: 200 - estimate-workflow-business-service: "ESTIMATE" - -loi-service: - tracing-enabled: true - workflow.loi.business.service.name: "loi-approval-4" - -attendance-service: - tracing-enabled: true - java-enable-debug: true - attendance-register-default-offset: 0 - attendance-register-default-limit: 10 - attendance-register-search-max-limit: 100 - attendance-individual-service-integration-required: false - attendance-staff-service-integration-required: false - attendance-document-id-verification-required: false - attendance-register-open-search-enabled-roles: "SUPERUSER,EMPLOYEE_COMMON" - organisation-contact-details-update-topic: organisation.contact.details.update - contracts-revision-topic: "contracts-revision" - -contract-service: - tracing-enabled: true - java-enable-debug: true - contract-default-offset: 0 - contract-default-limit: 10 - contract-search-max-limit: 50 - works-contract-service-code: "WORKS-CONTRACT" - contract-workflow-business-service: "CONTRACT" - contract-workflow-revision-business-service: "CONTRACT-REVISION" - contracts-revision-topic: "contracts-revision" - contract-workflow-module-name: "contract-service" - contract-cbo-url-host : "https://works-qa.digit.org" - contract-cbo-url-endpoint : "/works-shg-app" - -# project-management-system: -# tracing-enabled: true -# java-enable-debug: true -# project-default-offset: 0 -# project-default-limit: 100 -# project-search-max-limit: 200 -# project-mdms-module: "works" -# egov-location-hierarchy-type: "ADMIN" - -project: - tracing-enabled: true - java-enable-debug: true - project-default-offset: 0 - project-default-limit: 100 - project-search-max-limit: 200 - project-mdms-module: "works" - egov-location-hierarchy-type: "ADMIN" - -muster-roll-service: - tracing-enabled: true - java-enable-debug: true - musterroll-default-offset: 0 - musterroll-default-limit: 100 - musterroll-search-max-limit: 200 - musterroll-workflow-business-service: "MR" - works-attendance-log-search-endpoint: "attendance/log/v1/_search" - works-attendance-register-search-endpoint: "attendance/v1/_search" - works-attendance-register-search-limit: 100 - muster-restricted-search-roles: "ORG_ADMIN,ORG_STAFF" - works-individual-search-endpoint: "individual/v1/_search" - works-bankaccounts-search-endpoint: "bankaccount-service/bankaccount/v1/_search" - works-contract-service-code: "WORKS-CONTRACT" - notification-sms-enabled: "true" - -organisation: - tracing-enabled: true - java-enable-debug: true - org-default-limit: 100 - org-search-max-limit: 200 - egov-location-hierarchy-type: "ADMIN" - works-cbo-url-host: "https:/works-qa.digit.org" - works-cbo-url-endpoint: "/works-shg-app" - organisation-contact-details-update-topic: organisation.contact.details.update - -bankaccounts: - tracing-enabled: true - java-enable-debug: true - bank-account-default-limit: 100 - bank-account-search-max-limit: 200 - -individual: - tracing-enabled: true - java-enable-debug: true - state-level-tenant-id: "pg" - aadhaar-pattern: "\\d{12}" - mobile-pattern: "\\d+" - notification-sms-disabled-roles: "ORG_ADMIN" - -works-management-service: - tracing-enabled: true - java-enable-debug: true - -ifms-adapter: - tracing-enabled: true - java-enable-debug: true - payment-create-topic: "expense-payment-create" - egov-idgen-ifms-pi-reference-number: "ifms.pi.reference.number" - ifms-jit-authenticate-endpoint: "/webservices/jitfs/v1.0/authenticate" - ifms-jit-service-endpoint: "/webservices/jitfs/v1.0/get-jit-service-data" - egov-bill-search-limit: 10 - -ifms-cronjob-pa: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-va: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pis: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pag: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-pd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-fd: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftps: - user-name: "IFMS_CRONJOB" - -ifms-cronjob-ftfps: - user-name: "IFMS_CRONJOB" - -expense-calculator: - tracing-enabled: true - java-enable-debug: true - -expenses-billing: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - bill-kafka-topic: "bill" - -expense: - tracing-enabled: true - java-enable-debug: true - expense-billing-default-offset: 0 - expense-billing-default-limit: 100 - expense-billing-search-max-limit: 200 - business-workflow-status-map : "{'EXPENSE.WAGES':'true','EXPENSE.PURCHASE':'true','EXPENSE.SUPERVISION':'true'}" - -works-inbox-service: - java-enable-debug: true - tracing-enabled: true - -#########---core-services---######### - -audit-service: - persist-yml-path: "https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/project-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/works-configs/QA/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - -egov-mdms-service: - mdms-path: "/work-dir/works-mdms-data/data" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-mdms-data" - branch: "UNIFIED-UAT" - java-args: -Dspring.profiles.active=monitoring - masters-config-url: "file:///work-dir/works-mdms-data/master-config.json" - -egov-filestore: - is-s3-enabled: "true" - fixed-bucketname: "unified-uat-filestore" - minio-enabled: false - aws.s3.url : "https://s3.amazonaws.com" - is-bucket-fixed: "true" - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword','application/vnd.openxmlformats-officedocument.wordprocessingml.document'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" - filestore-url-validity: 3600 - -egov-user: - replicas: "1" - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - otp-validation: "true" - citizen-otp-enabled: "true" - employee-otp-enabled: "false" - access-token-validity: 10080 - refresh-token-validity: 20160 - default-password-expiry: 90 - mobile-number-validation: "false" - roles-state-level: "true" - citizen-registration-withlogin: "true" - citizen-otp-fixed: "123456" - citizen-otp-fixed-enabled: "true" - state-level-tenant-id: "pg" - java-enable-debug: true - -egov-idgen: - idformat-from-mdms: "true" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - autocreate-new-seq: "true" - -egov-persister: - persist-yml-path: "file:///work-dir/works-configs/egov-persister/estimate-service.yml,file:///work-dir/works-configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/works-configs/egov-persister/loi-service.yml,file:///work-dir/works-configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/works-configs/egov-persister/attendance-service-persister.yml,file:///work-dir/works-configs/egov-persister/muster-service-persister.yml,file:///work-dir/works-configs/egov-persister/project-persister.yml,file:///work-dir/works-configs/egov-persister/audit-service-persister.yml,file:///work-dir/works-configs/egov-persister/individual-persister.yml,file:///work-dir/works-configs/egov-persister/service-request-persister.yml,file:///work-dir/works-configs/egov-persister/contract-service-persister.yml,file:///work-dir/works-configs/egov-persister/expensebilling-service-persister.yml,file:///work-dir/works-configs/egov-persister/bankaccounts-persister.yml,file:///work-dir/works-configs/egov-persister/organisation-persister.yml,file:///work-dir/works-configs/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/works-configs/egov-persister/expense-bill-payment-persister.yaml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - -egov-indexer: - heap: "-Xmx512m -Xms512m" - memory_limits: "768Mi" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - egov-indexer-yaml-repo-path: "file:///work-dir/works-configs/egov-indexer/estimateservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/musterservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/individual-indexer.yml,file:///work-dir/works-configs/egov-indexer/project-indexer.yml,file:///work-dir/works-configs/egov-indexer/contractservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/organisationservices-indexer.yml,file:///work-dir/works-configs/egov-indexer/expensebill-indexer.yml,file:///work-dir/works-configs/egov-indexer/ifms-pi-indexer.yml" - -egov-workflow-v2: - logging-level: "DEBUG" - java-args: -Dspring.profiles.active=monitoring - heap: "-Xmx192m -Xms192m" - workflow-statelevel: "true" - wf-max-limit: "10000" - -egov-hrms: - java-args: -Dspring.profiles.active=monitoring - java-enable-debug: true - heap: "-Xmx192m -Xms192m" - employee-applink: "https://works-qa.digit.org/works-ui/employee/user/login" - -egov-notification-sms: - sms-provider-url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.url: "http://api.smscountry.com/SMSCwebservice_bulk.aspx" - sms.provider.class: "Generic" - sms.provider.contentType: "application/x-www-form-urlencoded" - sms-config-map: "{'User':'$username', 'passwd': '$password', 'sid':'$senderid', 'mobilenumber':'$mobileno', 'message':'$message', 'mtype':'LNG', 'DR':'N', 'smsservicetype':'singlemsg'}" - sms.senderid: "EGOVFS" - sms-gateway-to-use: "SMS_COUNTRY" - sms-sender: "SMSCOUNTRY" - sms-sender-requesttype: "GET" - sms-custom-config: "true" - sms-extra-req-params: "mtype=N&DR=Y" - sms-sender-req-param-name: "sid" - sms-sender-username-req-param-name: "User" - sms-sender-password-req-param-name: "passwd" - sms-destination-mobile-req-param-name: "mobilenumber" - sms-message-req-param-name: "message" - sms-error-codes: "401,403,404,405,406,407,408,409,410,411,412,413,414" - -# gateway >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -zuul: - memory_limits: 512Mi - heap: -Xmx256m -Xms256m - replicas: 1 - custom-filter-property: "false" - tracing-enabled: "true" - heap: "-Xmx704m -Xms512m" - server-tomcat-max-threads: "350" - server-tomcat-max-connections: "1500" - egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-location/boundarys/isshapefileexist,/hr-masters/hrconfigurations/_search,/egov-mdms-service/v1/_search,/egov-mdms-service/v1/_get,/egov-location/boundarys/getshapefile,/egov-indexer/index-operations/_index,/egov-indexer/index-operations/_reload,/egov-mdms-service-test/v1/_search,/egov-mdms-create/v1/_update,/egov-mdms-create/v1/_create,/egov-mdms-service-test/v1/_reload,/filestore/v1/files/url,/egov-url-shortening" - egov-mixed-mode-endpoints-whitelist: "/workflow/history/v1/_search,/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/egov-idgen/id/_generate,/access/v1/actions/mdms/_get,/egov-location/location/v11/boundarys/_search,/pdf-service/v1/_create,/user/_search" - eventlog-enabled: "true" - eventlog-topic: "zuul-event-log" - eventlog-whitelist: "/pt-calculator-v2,/pt-services-v2,/tl-services,/tl-calculator,/rainmaker-pgr,/billing-service,/collection-services,/pg-service" - -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - - -########################################## - -egov-url-shortening: - egov-url-shortner-endpoint: "/egov-url-shortening/shortener" - egov-url-shorten-hashid-salt: "randomsalt" - egov-url-shorten-hashid-min-length: "5" -# core >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> - -egov-common-workflows: - db-url: "jdbc:postgresql://egov-dev-db.ctm6jbmr5mnj.ap-south-1.rds.amazonaws.com:5432/egov_staging_db?currentSchema=egov_common_workflows" - - -egov-workflow: - heap: "-Xmx256m -Xms256m" - memory_limits: 512Mi - - -pdf-service: - replicas: 1 - memory_limits: 1.5Gi - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - data-config-urls: "file:///work-dir/works-configs/pdf-service/data-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/data-config/project-detail.json,file:///work-dir/works-configs/pdf-service/data-config/estimate.json,file:///work-dir/works-configs/pdf-service/data-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/data-config/work-order.json,file:///work-dir/works-configs/pdf-service/data-config/work-order-hindi.json" - format-config-urls: "file:///work-dir/works-configs/pdf-service/format-config/works-estimate.json,file:///work-dir/works-configs/pdf-service/format-config/project-detail.json,file:///work-dir/works-configs/pdf-service/format-config/estimate.json,file:///work-dir/works-configs/pdf-service/format-config/nominal-muster-roll.json,file:///work-dir/works-configs/pdf-service/format-config/work-order.json,file:///work-dir/works-configs/pdf-service/format-config/work-order-hindi.json" - -egov-searcher: - search-yaml-path: "file:///work-dir/works-configs/egov-searcher/inboxestimatesearch.yml" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - - -# web >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -egov-user-chatbot: - egov-state-level-tenant-id: "pg" - -digit-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - - ';" - -works-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -core-ui: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -works-shg-app: - custom-js-injection: | - sub_filter.conf: " - sub_filter '' ' - ';" - -dashboard-analytics: - config-schema-paths: "file:///work-dir/works-configs/egov-dss-dashboard/dashboard-analytics/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/works-configs" - branch: "UNIFIED-UAT" - -dashboard-ingest: - topic-incoming-collection: "dss-collection-update" - es-index-name: "dss-collection_v2" - es-push-direct: "true" - config-schema-paths: "file:///work-dir/configs/egov-dss-dashboards/dashboard-ingest/*.json" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - - -nginx-ingress: - replicas: 1 - default-backend-service: "egov/nginx" - namespace: egov - cert-issuer: "letsencrypt-prod" - ssl-protocols: "TLSv1.2 TLSv1.3" - ssl-ciphers: "EECDH+CHACHA20:EECDH+AES" - ssl-ecdh-curve: "X25519:prime256v1:secp521r1:secp384r1" - controller: - image: - repository: egovio/nginx-ingress-controller - tag: "0.26.1" - #metrics: - enabled: true - serviceMonitor: - enabled: true - service: - prometheusRule: - enabled: true - -cert-manager: - email: "devops-team@egov.org.in" - images: - - "quay.io/jetstack/cert-manager-controller:v0.10.1" - namespace: egov - - -# docs >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redoc: - replicas: 1 - images: - - egovio/redoc:v1.0.5 - service_type: LoadBalancer -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# reportinfra >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -report: - tracing-enabled: "true" - initContainers: - gitSync: - repo: "git@github.com:egovernments/configs" - branch: "staging" - report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" - spring-datasource-tomcat-max-active: 5 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -inbox: - service-map : '{}' - bs-service-map : '{}' -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# configMaps >>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-config: - data: "tickTime=2000\n initLimit=10\n syncLimit=5\n dataDir=/opt/zookeeper/data\n clientPort=2181\n autopurge.snapRetainCount=3\n autopurge.purgeInterval=1\n server.1=zookeeper-0.zookeeper:2888:3888" - -kafka-config: - topics: "egov.pgr.validated:1:1,egov.pgr.locationupdated:1:1,egov.pgr.workflowupdated:1:1,egov.pgr.saved:1:1,egov.pgr.indexing:1:1,egov.core.notification.email:1:1,egov.core.notification.sms:1:1,attendance-save-db:1:1,egov.employee:1:1,save-asset-db:1:1,update-asset-db:1:1,save-assetcategory-db:1:1,agreement-save-db:1:1,agreement-update-db:1:1,lams-workflow-start:1:1,lams-workflow-update:1:1,egov-common-holiday:1:1,egov.leaveopeningbalance-create:1:1,egov.leaveopeningbalance-update:1:1,egov-hr-leavetype:1:1,egov.leaveallotment-create:1:1,egov.leaveallotment-update:1:1,egov.designation-create:1:1,egov.designation-update:1:1,egov.position-create:1:1,egov.position-update:1:1,egov.egf.masters.validated.topic:1:1,egov.egf.masters.completed:1:1,egov.wcms.category-create:1:1,property-create-validated:1:1,property-create-tax-calculated:1:1,property-create-user-validated:1:1,property-create-workflow-started:1:1,property-create-workflow-updated:1:1,save-bill-db:1:1,update-bill-db:1:1,save-bill:1:1,update-bill:1:1,save-demand:1:1,update-demand:1:1,egov.collection.receipt-create:1:1,save-taxHeadMaster-db:1:1,update-taxHeadMaster:1:1,save-glCodeMaster-db:1:1,save-glCodeMaster:1:1,update-glCodeMaster-db:1:1,update-glCodeMaster:1:1,save-taxperiod-db:1:1,save-taxperiod:1:1,update-taxperiod-db:1:1,update-taxperiod:1:1,save-businessservicedetail-db:1:1,save-businessservicedetail:1:1,update-businessservicedetail-db:1:1,update-businessservicedetail:1:1,property-update-workflow-approved:1:1,property-update-user-validated:1:1,property-update-workflow-started:1:1,property-titletransfer-create-user-validated:1:1,property-titletransfer-update-user-validated:1:1,property-titletransfer-create-workflow-started:1:1,property-titletransfer-approved:1:1,property-titletransfer-workflow-updated:1:1,property-update-tax-calculated:1:1,property-update-validated:1:1,property-titletransfer-cretae-validated:1:1,property-titletransfer-update-validated:1:1,property-create-tax-generated:1:1,create-legacy-tradelicense-validated:1:1,egov.pgr.servicedefinition-create:1:1,demand-bill-update:1:1,egov.pgr.servicedefinition-update:1:1,egov-common-department-create:1:1,egov-common-department-update:1:1,egov.services.tl-services.create.legacy.tradelicense.validated:1:1,save-service-db:1:1,update-service-db:1:1,update-legacy-tradelicense-validated:1:1,tradelicense-validated:1:1,tradelicense-persisted:1:1,tradelicense-workflow-populated:1:1,demand-bill-update:1:1,egov.wcms.newconnection-create:1:1,egov.wcms.newconnection-update:1:1,update-newconn-workflow:1:1,initiated-newconn-workflow:1:1,works-offlinestatus-create-validated:1:1,works-offlinestatus-update-validated:1:1,works-contractor-create-validated:1:1,works-contractor-update-validated:1:1,works-letterofacceptance-create-validated:1:1,works-letterofacceptance-update-validated:1:1,works-measurementbook-create-update:1:1,works-revision-detailed-estimate-create-update:1:1,works-workorder-createupdate-validated:1:1,lcms-create-summon-validated:1:1,lcms-create-case:1:1,lcms-create-vakalatnama:1:1,lcms-parawisecomment-create:1:1,lcms-parawisecomment-update:1:1,lcms-assign-advocate:1:1,lcms-update-assign-advocate:1:1,lcms-advocate-create:1:1,lcms-advocate-update:1:1,advocate-payment-create:1:1,advocate-payment-update:1:1,lcms-opinion-create:1:1,lcms-opinion-update:1:1,legacy-case-create:1:1,legacy-hearing-create:1:1,legacy-case-voucher-create:1:1,legacy-case-advocate-create:1:1,lcms-hearingdetails-create:1:1,lcms-hearingdetails-update:1:1,lcms-notice-create:1:1,lcms-notice-update:1:1,lcms-register-create:1:1,lcms-register-update:1:1,lcms-evidence-create:1:1,lcms-evidence-update:1:1,lcms-agency-create:1:1,lcms-agency-update:1:1,lcms-personal-details-create:1:1,Lcms-event-create:1:1,lcms-create-summon-indexer:1:1,lcms-legacy-casecreate-indexer:1:1,works-abstract-estimate-createandupdate:1:1,works-detailed-estimate-createandupdate:1:1,works-revision-loa-create-update:1:1,works-sorrate-saveorupdate-validated:1:1,works-estimatetemplate-saveorupdate-validated:1:1,lcms-update-summon-validated:1:1,mdms.create.gitpushprocess:1:1,works-contractoradvance-saveorupdate-validated:1:1,works-qualitytesting-createandupdate:1:1,works-abstract-estimate-backupdate:1:1,works-detailedestimate-backupdate:1:1,works-abstract-estimate-backupdate-oncreate-detailedestimate:1:1,works-abstract-estimate-backupdate-oncancel-detailedestimate:1:1,works-detailedestimate-backupdate-oncreate-loa:1:1,works-detailedestimate-backupdate-oncancel-loa:1:1,swm-vehicleschedule-save-topic:1:1,works-projectcode-create:1:1,works-projectcode-update:1:1,works-masters-remarks-createandupdate:1:1,works-milestonetemplate-saveorupdate-validated:1:1,works-contractorbill-create-update:1:1,works-measurementbook-backupdate-for-billstatus:1:1,works-notice-createupdate-validated:1:1,works-milestone-saveorupdate-validated:1:1,works-trackmilestone-saveorupdate-validated:1:1,swm-shift-save-topic:1:1,swm-shift-update-topic:1:1,swm-shift-indexer-topic:1:1,works-letterofacceptance-backupdate-oncreate-workorder:1:1,works-letterofacceptance-backupdate-oncancel-workorder:1:1,works-loa-backupdate-oncreate-milestone:1:1,works-loa-backupdate-oncancel-milestone:1:1,works-loa-backupdate-oncreate-contractoradvance:1:1,works-loa-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-withallofflinestatusandworkorder:1:1,works-workorder-backupdate-oncreate-milestone:1:1,works-workorder-backupdate-oncancel-contractoradvance:1:1,works-loa-backupdate-onupdate-offlinestatus:1:1,works-workorder-backupdate-onupdate-offlinestatus:1:1,works-loa-backupdate-onupdate-withallofflinestatus:1:1,works-workorder-backupdate-onupdate-withallofflinestatus:1:1,works-loa-backupdate-oncreate-bill:1:1,works-loa-backupdate-oncancel-bill:1:1,works-loa-backupdate-oncreatemb:1:1,works-loa-backupdate-oncancelmb:1:1,works-loa-backupdate-oncreatembandnobill:1:1,works-loa-backupdate-oncreatembandbill:1:1,works-workorder-backupdate-oncreate-bill:1:1,works-workorder-backupdate-oncancel-bill:1:1,works-workorder-backupdate-oncreatembandnobill:1:1,works-workorder-backupdate-oncreatembandbill:1:1,egov.error:1:1,save-pt-property:1:1,update-pt-property:1:1,save-pt-billingslab:1:1,update-pt-billingslab:1:1,save-pg-txns:1:1,update-pg-txns:1:1,save-pg-txns-dump:1:1,update-pg-txns-dump:1:1,save-pt-drafts:1:1,update-pt-drafts:1:1,egov.collectionmasters.bankaccountservicemapping-create:1:1,bankaccountservicemapping-create:1:1,update-pt-property-index:1:1" - zookeeper-connect: "zookeeper-v2.zookeeper-cluster:2181" - kafka-brokers: "kafka-v2.kafka-cluster:9092" - -logging-config: - es-host: "es-client.es-cluster" - es-port: "9200" - - -jaeger: - host: "jaeger-agent.monitoring" - port: "6831" - sampler-type: const - sampler-param: 1 - collector: - samplingConfig: | - { - "service_strategies": [ - { - "service": "report-service", - "type": "probabilistic", - "param": 0.5 - }, - { - "service": "egov-hrms", - "type": "probabilistic", - "param": 0.5 - } - ], - "default_strategy": { - "type": "probabilistic", - "param": 0.05 - } - } -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# redis >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -redis: - replicas: 1 - images: - - egovio/redis:3.2 -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# fluent-bit >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -fluent-bit: - images: - - fluent/fluent-bit:1.0.6 - egov-services-log-topic: "egov-services-logs" - egov-infra-log-topic: "egov-infra-logs" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< - -# kafka-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -kafka-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0bec46e50ac05a91f" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add respective zone. - - volumeId: "vol-0964de4212976e85e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05fb98fc936a6ab2a" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - zookeeperHosts: "zookeeper-v2.zookeeper-cluster:2181/kafka-v2" - - heapOptions: "-Xms704M -Xmx704M" - resources: - limits: - cpu: 500m - memory: 1408Mi - requests: - cpu: 2000m - memory: 1408Mi - lingerMs: "250" - numberPartitions: "3" - replicationFactor: "2" - minInsyncReplicas: "1" - offsetsReplicationFactor: "3" - -### Kafka Connect <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< -kafka-connect: - image: - tag: "5.4.1" - - -# zookeeper-v2 AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>>> -zookeeper-v2: - image: - tag: "5.4.1" - persistence: - enabled: true - aws: - - volumeId: "vol-0e313d7e753227014" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-0870ef3a17b696f86" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-05eb8796bf85124eb" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - ## Zookeeper JVM Heap Option - heapOptions: "-Xms256M -Xmx256M" - resources: - limits: - cpu: 300m - memory: 384Mi - requests: - cpu: 300m - memory: 384Mi - - -# es-v1-cluster AWS >>>>>>>>>>>>>>>>>>>>>>>>>>>> -elasticsearch-data-v1: - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0f2ef2ce233105edd" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-06741bb21720bc60e" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - volumeId: "vol-00c7ae1dd0fe50347" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx1g -Xms1g" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "2000m" - memory: "2Gi" - -### es-master-v1 AWS >>>>>>>>>>>>>>>>>>>> - -elasticsearch-master-v1: - replicas: 3 - image: - tag: 6.6.2 - persistence: - enabled: true - aws: - - volumeId: "vol-0efd04ab8d0945340" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-008ba0157f38baae4" ## REPLACE: add volume id - zone: ap-south-1b ##REPLACE: add zone - - volumeId: "vol-05e0d3424583e11ac" ## REPLACE: add volume id - zone: ap-south-1b ## REPLACE: add zone - - esJavaOpts: "-Xmx448m -Xms448m" - resources: - requests: - cpu: "300m" - memory: "896Mi" - limits: - cpu: "500m" - memory: "896Mi" - -es-curator: - schedule: "45 18 * * *" - images: - - bobrik/curator:5.6.0 - es-host: "elasticsearch-client-v1.es-cluster" - logs-cleanup-enabled: "true" - jaeger-cleanup-enabled: "true" - logs-to-retain: "7" -# <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< From b9d249e9e34c2e526f95e44a86fa0d54a9bb5520 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Mon, 29 Jan 2024 15:03:50 +0530 Subject: [PATCH 698/742] Digit lts new (#2358) * added new env * added new env --------- Co-authored-by: Harish-egov From 61ebd3610ca9ad7e5adba34718045a10d78c2f50 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Mon, 29 Jan 2024 15:05:32 +0530 Subject: [PATCH 699/742] added new env --- .../environments/deploy-as-code/README.md | 62 - .../deploy-as-code/deployer/Dockerfile | 41 - .../deploy-as-code/deployer/cmd/deploy.go | 79 - .../deploy-as-code/deployer/cmd/root.go | 89 - .../configs/deployment_configurator.go | 1672 ----------------- .../deployer/digit_installer.go | 319 ---- .../deploy-as-code/deployer/full_installer.go | 893 --------- .../deploy-as-code/deployer/go.mod | 20 - .../deploy-as-code/deployer/go.sum | 206 -- .../deployer/internal/README.md | 14 - .../deployer/internal/app/_your_app_/.keep | 0 .../internal/pkg/_your_private_lib_/.keep | 0 .../deploy-as-code/deployer/main.go | 22 - .../deploy-as-code/deployer/pkg/README.md | 58 - .../deployer/pkg/cmd/deployer/deployer.go | 262 --- .../deployer/pkg/cmd/deployer/options.go | 38 - .../deployer/standalone_installer.go | 317 ---- 17 files changed, 4092 deletions(-) delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/README.md delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/main.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go delete mode 100644 deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go diff --git a/deploy-as-code/helm/environments/deploy-as-code/README.md b/deploy-as-code/helm/environments/deploy-as-code/README.md deleted file mode 100644 index 45d2767898..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/README.md +++ /dev/null @@ -1,62 +0,0 @@ - -# Digit Helm Deployment Common Chart - -The common library chart has templates which eases deployment of a service on to Digit with recommended platform defaults which can further be customized to service or environment needs while abstracting the need to know kubernetes manifest syntax. - -This helps us push defaults and changes to most, if not all, services deployed onto Digit. - -## Requirements - -The default values file [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) has defaults for all manifest files, which can be overrides by service values file or environment override file. - -The service template file [_service.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_service.yaml) used for generating a service manifest. - -The ingress template file [_ingress.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_ingress.yaml) used for generating ingress manifest. - -The deployment template file [_deployment.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/templates/_deployment.yaml) used for generating a deployment manifest. - -## Values template - -Parameter | Description | Default ---- | --- | --- -`namespace` | Default namespace for the service | `egov` -`replicas` | Number of Pods to be created | `1` -`httpPort` | Default port number for the service | `8080` -`appType` | Application Type to configure defaults for appType, "java-spring" only type with defaults for now. For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) | ` ` -`labels` | Labels for the service, for example,
`app: "egov-mdms-service"`
`group: "core"` | `''` -`ingress.enabled` | To add ingress controller for the service | `false` -`ingress.zuul` | When ingress is enabled, routes the request via Zuul API gateway | `false` -`ingress.context` | When ingress is enabled, exposes the following context path to the internet, example `user` | `` -`ingress.waf.enabled` | When ingress is enabled, Enable Web Application Firewall for the service | `true` -`image.pullPolicy` | To pull a Docker image from Docker repository, By default skip pulling an image if it already exists | `IfNotPresent` -`image.tag` | Docker image tag for the service | `latest` -`affinity.preferSpreadAcrossAZ` | To spread deployment replicas across multiple availability zones in cloud environment | `true` -`initContainers.dbMigration.enabled` | Add Flyway DB migration container for the service, requires schemaTable configuration! | `false` -`initContainers.dbMigration.schemaTable` | Schema table for the flyway db migration, required, if db migration enabled, | `''` -`initContainers.dbMigration.image.pullPolicy` | Pulls the DB migration docker images from Docker repository | `IfNotPresent` -`initContainers.dbMigration.image.tag` | Docker image tag for the initcontainer | `latest` -`initContainers.dbMigration.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "FLYWAY_USER"`
            `valueFrom:`
                `secretKeyRef:`
                        `name: db`
                        `key: flyway-username`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`initContainers.gitSync.enabled` | To add a gitSync init container which clones a repository using configured ssh read token | `false` -`initContainers.gitSync.repo` | Git repository to be checked out, required, if gitSync enabled, example, `git@github.com:egovernments/egov-mdms-data` | `''` -`initContainers.gitSync.branch` | Git repository branch to be checked out, required, if gitSync enabled, example, `master` | `''` -`gitSync.image.repository` | Docker image of the gitSync init container | `k8s.gcr.io/git-sync` -`gitSync.image.tag` | Docker image tag of the gitSync init container | `v3.1.1` -`gitSync.image.pullPolicy` | Docker image pull policy for gitSync init container | `IfNotPresent` -`gitSync.env` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`env: \|`
        `- name: "GIT_SYNC_REPO"`
            `value: "{{ .Values.initContainers.gitSync.repo }}"`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.enabled` | To enable/disable healthchecks [Liveness probes and Readiness probes] for a pod | `false` -`healthChecks.livenessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`livenessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.livenessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.livenessProbe.httpGet.path` | Context path of the service to check the liveness of a pod | `{{ .Values.healthChecks.livenessProbePath }}` -`healthChecks.livenessProbe.httpGet.port` | Port number of the service to check the liveness of a pod | `{{ .Values.httpPort }}` -`healthChecks.readinessProbe` | Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`readinessProbe: \|`
        `httpGet:`
                `path: "{{ .Values.healthChecks.readinessProbePath }}"`
        `initialDelaySeconds: 60`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`healthChecks.readinessProbe.httpGet.path` | Context path of the service to check the readiness of a pod | `{{ .Values.healthChecks.readinessProbePath }}` -`healthChecks.readinessProbe.httpGet.port` | Port number of the service to check the readiness of a pod | `{{ .Values.httpPort }}` -`lifecycle.preStop.exec.command` | Executes the command in the pod before stopping | `- sh`
`- -c`
`- "sleep 10"` -`memory_limits` | To set the memory limit for the pod | `512Mi` -`resources` | To set the resource limits for the pod. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `resources: \|`
    `{{- if eq .Values.appType "java-spring" -}}`
    `requests:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `limits:`
        `memory: {{ .Values.memory_limits \| quote }}`
    `{{- end -}}` -`extraEnv.java` | Allows the specification of additional environment variables for Java. Passed through the tpl function and thus to be configured a string | `For Eg:`
`java: \|`
        `- name: SPRING_DATASOURCE_URL`
            `valueFrom:`
                `configMapKeyRef:`
                    `name: egov-config`
                    `key: db-url`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`jaeger` | Jaeger API tracing environment variables to send traces to Jaeger Agent. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`jaeger: \|`
        `- name: JAEGER_AGENT_PORT`
            `port: 6831`
For more details check [values.yaml](https://github.com/egovernments/DIGIT-DevOps/blob/master/deploy-as-code/helm/charts/common/values.yaml) -`extraVolumes` | To add additional volumes to the service. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumes: \|`
    `- name: new-volume`
        `configMap:`
            `name: service-new-volume` -`extraVolumeMounts` | To mount additional volumes to the service in a desired mount path. Allows the specification of additional environment variables. Passed through the tpl function and thus to be configured a string | `For Eg:`
`extraVolumeMounts: \|`
    `- mountPath: /opt/service-path/file.conf`
        `configMap:`
            `name: new-volume`
            `subPath: file.conf` -`extraInitContainers` | Additional init containers, e. g. for providing themes, etc. Passed through the `tpl` function and thus to be configured a string | `""` -`extraContainers` | Additional sidecar containers, e. g. for a database proxy, such as Google's cloudsql-proxy. Passed through the `tpl` function and thus to be configured a string | `""` - diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile b/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile deleted file mode 100644 index a21992ed43..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ - -FROM golang:1.13-alpine as build - -ENV GO111MODULE=on -ENV GOCACHE=/tmp - -ARG WORK_DIR -WORKDIR /app - -COPY ${WORK_DIR}/go.mod . -COPY ${WORK_DIR}/go.sum . - -RUN go mod download - -COPY . . - -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build - - -# Create runtime image -FROM alpine:3 - -ARG KUBECTL_VERSION=v1.15.12 -ARG SOPS_VERSION=v3.5.0 -ARG HELM_VERSION=v3.2.1 - -WORKDIR /opt/egov - -RUN addgroup -S egov && adduser -S -G egov egov -COPY --chown=egov:egov --from=build /app/egov-deployer /opt/egov/ - -RUN chmod +x /opt/egov/egov-deployer -RUN wget https://storage.googleapis.com/kubernetes-release/release/$KUBECTL_VERSION/bin/linux/amd64/kubectl \ - && wget https://amazon-eks.s3-us-west-2.amazonaws.com/1.12.7/2019-03-27/bin/linux/amd64/aws-iam-authenticator \ - && wget -O sops https://github.com/mozilla/sops/releases/download/$SOPS_VERSION/sops-$SOPS_VERSION.linux \ - && wget -qO- https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar xvz \ - && chmod +x ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm \ - && mv ./kubectl ./aws-iam-authenticator ./sops ./linux-amd64/helm /usr/local/bin \ - && rm -rf ./linux-amd64 && rm -f /var/cache/apk/* - -# USER egov diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go deleted file mode 100644 index 97d2ad9643..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/deploy.go +++ /dev/null @@ -1,79 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package cmd - -import ( - "errors" - "fmt" - "deployer/pkg/cmd/deployer" - - "github.com/spf13/cobra" - "github.com/spf13/viper" -) - -var options deployer.Options - -// deployCmd represents the deploy command -var deployCmd = &cobra.Command{ - Use: "deploy [IMAGES]", - Short: "Deploy a comma separated list of images", - Long: `A longer description that spans multiple lines and likely contains examples -and usage of using your command. For example: - -Cobra is a CLI library for Go that empowers applications. -This application is a tool to generate the needed files -to quickly create a Cobra application.`, - - PreRunE: func(cmd *cobra.Command, args []string) error { - if len(args) < 1 { - return errors.New("At least require one image to deploy") - } - options.Images = args[0] - - return nil - }, - Run: func(cmd *cobra.Command, args []string) { - - options.ConfigDir = viper.GetString("helm-dir") - deployer.DeployCharts(options) - fmt.Println("options.ConfigDir: " + options.ConfigDir) - - }, -} - -func init() { - // deployCmd.Flags().StringVarP(&images, "images", "i", "", "Images to be deployed") - - deployCmd.Flags().String("helm-dir", "../../config-as-code", "Helm Charts / Configs directory") - viper.BindPFlag("helm-dir", deployCmd.Flags().Lookup("helm-dir")) - - deployCmd.Flags().StringVarP(&options.Environment, "environment", "e", "", "Environment override to be applied") - deployCmd.Flags().BoolVarP(&options.ClusterConfigs, "cluster-configs", "c", false, "Deploy cluster configs") - deployCmd.Flags().BoolVarP(&options.Print, "print", "p", false, "Print templates to stdout") - // deployCmd.MarkFlagRequired("images") - deployCmd.MarkFlagRequired("environment") - rootCmd.AddCommand(deployCmd) - - // Here you will define your flags and configuration settings. - - // Cobra supports Persistent Flags which will work for this command - // and all subcommands, e.g.: - // deployCmd.PersistentFlags().String("foo", "", "A help for foo") - - // Cobra supports local flags which will only run when this command - // is called directly, e.g.: - // deployCmd.Flags().BoolP("toggle", "t", false, "Help message for toggle") -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go deleted file mode 100644 index 8c617d8b37..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/cmd/root.go +++ /dev/null @@ -1,89 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package cmd - -import ( - "fmt" - "os" - - "github.com/spf13/cobra" - - homedir "github.com/mitchellh/go-homedir" - "github.com/spf13/viper" -) - -var cfgFile string - -// rootCmd represents the base command when called without any subcommands -var rootCmd = &cobra.Command{ - Use: "deployer", - Short: "A brief description of your application", - Long: `A longer description that spans multiple lines and likely contains -examples and usage of using your application. For example: - -Cobra is a CLI library for Go that empowers applications. -This application is a tool to generate the needed files -to quickly create a Cobra application.`, - // Uncomment the following line if your bare application - // has an action associated with it: - // Run: func(cmd *cobra.Command, args []string) { }, -} - -// Execute adds all child commands to the root command and sets flags appropriately. -// This is called by main.main(). It only needs to happen once to the rootCmd. -func Execute() { - if err := rootCmd.Execute(); err != nil { - fmt.Println(err) - os.Exit(1) - } -} - -func init() { - cobra.OnInitialize(initConfig) - - // Here you will define your flags and configuration settings. - // Cobra supports persistent flags, which, if defined here, - // will be global for your application. - - rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.deployer.yaml)") - -} - -// initConfig reads in config file and ENV variables if set. -func initConfig() { - if cfgFile != "" { - // Use config file from the flag. - viper.SetConfigFile(cfgFile) - } else { - // Find home directory. - home, err := homedir.Dir() - if err != nil { - fmt.Println(err) - os.Exit(1) - } - - // Search config in home directory with name ".deployer" (without extension). - viper.AddConfigPath(home) - viper.SetConfigName(".deployer") - } - - viper.AutomaticEnv() // read in environment variables that match - - // If a config file is found, read it in. - if err := viper.ReadInConfig(); err == nil { - fmt.Println("Using config file:", viper.ConfigFileUsed()) - } -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go deleted file mode 100644 index 6fd978bf19..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/configs/deployment_configurator.go +++ /dev/null @@ -1,1672 +0,0 @@ -package configs - -import ( - "fmt" - "io/ioutil" - "log" - "strings" - - yaml "gopkg.in/yaml.v3" -) - -var region = "ap-south-1b" - -// Quickstart kubeconfig struct -type Config struct { - APIVersion string `yaml:"apiVersion"` - Clusters []struct { - Cluster struct { - CertificateAuthorityData string `yaml:"certificate-authority-data"` - Server string `yaml:"server"` - } `yaml:"cluster"` - Name string `yaml:"name"` - } `yaml:"clusters"` - Contexts []struct { - Context struct { - Cluster string `yaml:"cluster"` - User string `yaml:"user"` - } `yaml:"context"` - Name string `yaml:"name"` - } `yaml:"contexts"` - CurrentContext string `yaml:"current-context"` - Kind string `yaml:"kind"` - Preferences struct { - } `yaml:"preferences"` - Users []struct { - Name string `yaml:"name"` - User struct { - ClientCertificateData string `yaml:"client-certificate-data"` - ClientKeyData string `yaml:"client-key-data"` - } `yaml:"user"` - } `yaml:"users"` -} - -// environment secret struct -type Secret struct { - ClusterConfigs struct { - Secrets struct { - Db struct { - Username string `yaml:"username"` - Password string `yaml:"password"` - FlywayUsername string `yaml:"flywayUsername"` - FlywayPassword string `yaml:"flywayPassword"` - } `yaml:"db"` - EgovNotificationSms struct { - Username string `yaml:"username"` - Password string `yaml:"password"` - } `yaml:"egov-notification-sms"` - EgovFilestore struct { - AwsKey string `yaml:"aws-key"` - AwsSecretKey string `yaml:"aws-secret-key"` - } `yaml:"egov-filestore"` - EgovLocation struct { - Gmapskey string `yaml:"gmapskey"` - } `yaml:"egov-location"` - EgovPgService struct { - AxisMerchantID string `yaml:"axis-merchant-id"` - AxisMerchantSecretKey string `yaml:"axis-merchant-secret-key"` - AxisMerchantUser string `yaml:"axis-merchant-user"` - AxisMerchantPwd string `yaml:"axis-merchant-pwd"` - AxisMerchantAccessCode string `yaml:"axis-merchant-access-code"` - PayuMerchantKey string `yaml:"payu-merchant-key"` - PayuMerchantSalt string `yaml:"payu-merchant-salt"` - } `yaml:"egov-pg-service"` - Pgadmin struct { - AdminEmail string `yaml:"admin-email"` - AdminPassword string `yaml:"admin-password"` - ReadEmail string `yaml:"read-email"` - ReadPassword string `yaml:"read-password"` - } `yaml:"pgadmin"` - EgovEncService struct { - MasterPassword string `yaml:"master-password"` - MasterSalt string `yaml:"master-salt"` - MasterInitialvector string `yaml:"master-initialvector"` - } `yaml:"egov-enc-service"` - EgovNotificationMail struct { - Mailsenderusername string `yaml:"mailsenderusername"` - Mailsenderpassword string `yaml:"mailsenderpassword"` - } `yaml:"egov-notification-mail"` - GitSync struct { - SSH string `yaml:"ssh"` - KnownHosts string `yaml:"known-hosts"` - } `yaml:"git-sync"` - Kibana struct { - Namespace string `yaml:"namespace"` - Credentials string `yaml:"credentials"` - } `yaml:"kibana"` - EgovSiMicroservice struct { - SiMicroserviceUser string `yaml:"si-microservice-user"` - SiMicroservicePassword string `yaml:"si-microservice-password"` - MailSenderPassword string `yaml:"mail-sender-password"` - } `yaml:"egov-si-microservice"` - EgovEdcrNotification struct { - EdcrMailUsername string `yaml:"edcr-mail-username"` - EdcrMailPassword string `yaml:"edcr-mail-password"` - EdcrSmsUsername string `yaml:"edcr-sms-username"` - EdcrSmsPassword string `yaml:"edcr-sms-password"` - } `yaml:"egov-edcr-notification"` - Chatbot struct { - ValuefirstUsername string `yaml:"valuefirst-username"` - ValuefirstPassword string `yaml:"valuefirst-password"` - } `yaml:"chatbot"` - EgovUserChatbot struct { - CitizenLoginPasswordOtpFixedValue string `yaml:"citizen-login-password-otp-fixed-value"` - } `yaml:"egov-user-chatbot"` - Oauth2Proxy struct { - ClientID string `yaml:"clientID"` - ClientSecret string `yaml:"clientSecret"` - CookieSecret string `yaml:"cookieSecret"` - } `yaml:"oauth2-proxy"` - } `yaml:"secrets"` - } `yaml:"cluster-configs"` -} - -//terrafrom struct -type Output struct { - Outputs struct { - ClusterEndpoint struct { - Value string `json:"value"` - } `json:"cluster_endpoint"` - DbInstanceEndpoint struct { - Value string `json:"value"` - } `json:"db_instance_endpoint"` - DbInstanceName struct { - Value string `json:"value"` - } `json:"db_instance_name"` - DbInstancePort struct { - Value int `json:"value"` - } `json:"db_instance_port"` - DbInstanceUsername struct { - Value string `json:"value"` - } `json:"db_instance_username"` - EsDataVolumeIds struct { - Value []string `json:"value"` - } `json:"es_data_volume_ids"` - EsMasterVolumeIds struct { - Value []string `json:"value"` - } `json:"es_master_volume_ids"` - KafkaVolIds struct { - Value []string `json:"value"` - } `json:"kafka_vol_ids"` - KubectlConfig struct { - Value string `json:"value"` - } `json:"kubectl_config"` - PrivateSubnets struct { - Value []string `json:"value"` - } `json:"private_subnets"` - PublicSubnets struct { - Value []string `json:"value"` - } `json:"public_subnets"` - VpcID struct { - Value string `json:"value"` - } `json:"vpc_id"` - ZookeeperVolumeIds struct { - Value []string `json:"value"` - } `json:"zookeeper_volume_ids"` - } `json:"outputs"` -} -type Quickstart struct { - Outputs struct { - PublicIP struct { - Value string `json:"value"` - } `json:"public_ip"` - } `json:"outputs"` - Resources []struct { - Instances []struct { - Attributes struct { - PrivateIP string `json:"private_ip"` - } `json:"attributes"` - } `json:"instances"` - } `json:"resources"` -} - -func DeployConfig(Config map[string]interface{}, kvids []string, zvids []string, esdids []string, esmids []string, modules []string, smsproceed string, fileproceed string, botproceed string, flag string) { - - file, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo.yaml") - if err != nil { - log.Printf("%v", err) - } - var data map[string]interface{} - ModData := make(map[string]interface{}) - err = yaml.Unmarshal(file, &data) - if err != nil { - log.Printf("%v", err) - } - for i := range data { - if i == "global" { - Global := data[i].(map[string]interface{}) - for j := range Global { - if j == "domain" { - Global[j] = Config["Domain"] - } - } - } - if i == "cluster-configs" { - // fmt.Println("found cluster-configs") - ClusterConfigs := data[i].(map[string]interface{}) - for j := range ClusterConfigs { - if j == "configmaps" { - // fmt.Println("found configmaps") - Configmaps := ClusterConfigs[j].(map[string]interface{}) - for k := range Configmaps { - if k == "egov-config" { - // fmt.Println("found egov-config") - EgovConfig := Configmaps[k].(map[string]interface{}) - for l := range EgovConfig { - if l == "data" { - // fmt.Println("found data") - Data := EgovConfig[l].(map[string]interface{}) - for m := range Data { - if m == "db-host" { - Host := Config["db-host"].(string) - provider := Host[:strings.IndexByte(Host, ':')] - Data[m] = provider - } - if m == "db-name" { - Data[m] = Config["db_name"] - } - if m == "db-url" { - url := fmt.Sprintf("jdbc:postgresql://%s/%s", Config["db-host"], Config["db_name"]) - Data[m] = url - } - if m == "domain" { - Data[m] = Config["Domain"] - } - if m == "egov-services-fqdn-name" { - fqdn := fmt.Sprintf("https://%s/", Config["Domain"]) - Data[m] = fqdn - } - if m == "s3-assets-bucket" { - - } - if m == "es-host" { - - } - if m == "es-indexer-host" { - - } - if m == "flyway-locations" { - - } - if m == "kafka-brokers" { - - } - if m == "kafka-infra-brokers" { - - } - if m == "logging-level-jdbc" { - - } - if m == "mobile-validation-workaround" { - - } - if m == "serializers-timezone-in-ist" { - - } - if m == "server-tomcat-max-connections" { - - } - if m == "server-tomcat-max-threads" { - - } - if m == "sms-enabled" { - - } - if m == "spring-datasource-tomcat-initialSize" { - - } - if m == "spring-datasource-tomcat-max-active" { - - } - if m == "spring-jpa-show-sql" { - - } - if m == "timezone" { - - } - if m == "tracer-errors-provideexceptionindetails" { - - } - } - } - } - } - - } - } - } - } - if i == "egov-mdms-service" || i == "egov-indexer" || i == "egov-persister" || i == "egov-data-uploader" || i == "egov-searcher" || i == "dashboard-analytics" || i == "dashboard-ingest" || i == "report" || i == "pdf-service" { - // fmt.Println("in mdms") - Service := data[i].(map[string]interface{}) - for j := range Service { - if j == "search-yaml-path" { - - } - if j == "config-schema-paths" { - - } - if j == "replicas" { - - } - if j == "mdms-path" { - - } - if j == "heap" { - - } - if j == "memory_limits" { - - } - if j == "mdms-path" { - - } - if j == "persist-yml-path" { - - } - if j == "initContainers" { - // fmt.Println("in init") - InitContainers := Service[j].(map[string]interface{}) - for k := range InitContainers { - if k == "gitSync" { - // fmt.Println("in git sync") - GitSync := InitContainers[k].(map[string]interface{}) - for l := range GitSync { - if l == "branch" { - GitSync[l] = Config["BranchName"] - } - if l == "repo" { - if data[i]=="egov-mdms-service"{ - GitSync[l]=Config["mdms-branch"] - }else{ - GitSync[l]=Config["configs-branch"] - } - } - } - } - } - } - if j == "mdms-folder" { - - } - if j == "masters-config-url" { - - } - if j == "java-args" { - - } - if j == "egov-indexer-yaml-repo-path" { - - } - } - } - if i == "cert-manager" { - CertManager := data[i].(map[string]interface{}) - for j := range CertManager { - if j == "email" { - CertManager[j] = "" - } - } - } - if i == "kafka-v2" { - KafkaV2 := data[i].(map[string]interface{}) - for j := range KafkaV2 { - if j == "persistence" { - Persistence := KafkaV2[j].(map[string]interface{}) - for k := range Persistence { - if k == "aws" { - Aws := Persistence[k].([]interface{}) - N := 0 - for l := range Aws { - Volume := Aws[l].(map[string]interface{}) - for m := range Volume { - if m == "volumeId" && N == l { - Volume[m] = kvids[l] - } - if m == "zone" { - Volume[m] = region - } - } - N++ - - } - } - } - } - } - } - if i == "zookeeper-v2" { - ZookeeperV2 := data[i].(map[string]interface{}) - for j := range ZookeeperV2 { - if j == "persistence" { - Persistence := ZookeeperV2[j].(map[string]interface{}) - for k := range Persistence { - if k == "aws" { - Aws := Persistence[k].([]interface{}) - N := 0 - for l := range Aws { - Volume := Aws[l].(map[string]interface{}) - for m := range Volume { - if m == "volumeId" && N == l { - Volume[m] = zvids[l] - } - if m == "zone" { - Volume[m] = region - } - } - N++ - - } - } - } - } - } - } - if i == "elasticsearch-data-v1" { - ElasticsearchDataV1 := data[i].(map[string]interface{}) - for j := range ElasticsearchDataV1 { - if j == "persistence" { - Persistence := ElasticsearchDataV1[j].(map[string]interface{}) - for k := range Persistence { - if k == "aws" { - Aws := Persistence[k].([]interface{}) - N := 0 - for l := range Aws { - NesteM := Aws[l].(map[string]interface{}) - for m := range NesteM { - if m == "volumeId" && N == l { - NesteM[m] = esdids[l] - } - if m == "zone" { - NesteM[m] = region - } - } - N++ - - } - } - } - } - } - } - if i == "elasticsearch-master-v1" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "persistence" { - nest := NestedMap[j].(map[string]interface{}) - for k := range nest { - if k == "aws" { - Neste := nest[k].([]interface{}) - N := 0 - for l := range Neste { - NesteM := Neste[l].(map[string]interface{}) - for m := range NesteM { - if m == "volumeId" && N == l { - NesteM[m] = esmids[l] - } - if m == "zone" { - NesteM[m] = region - } - } - N++ - - } - } - } - } - } - } - if i == "employee" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "dashboard-url" { - - } - if j == "custom-js-injection" { - - } - } - } - if i == "citizen" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "custom-js-injection" { - - } - } - } - if i == "digit-ui" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "custom-js-injection" { - } - } - } - if i == "egov-filestore" && fileproceed == "yes" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "volume" { - - } - if j == "is-bucket-fixed" { - - } - if j == "minio.url" { - - } - if j == "aws.s3.url" { - - } - if j == "is-s3-enabled" { - - } - if j == "minio-enabled" { - - } - if j == "allowed-file-formats-map" { - - } - if j == "llowed-file-formats" { - - } - if j == "filestore-url-validity" { - - } - if j == "fixed-bucketname" { - NestedMap[j] = Config["fixed-bucket"] - } - } - - } - if i == "egov-notification-sms" && smsproceed == "yes" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "sms-provider-url" { - NestedMap[j] = Config["sms-provider-url"] - } - if j == "sms.provider.class" { - - } - if j == "sms.provider.contentType" { - - } - if j == "sms-config-map" { - - } - if j == "sms-gateway-to-use" { - NestedMap[j] = Config["sms-gateway-to-use"] - } - if j == "sms-sender" { - NestedMap[j] = Config["sms-sender"] - } - if j == "sms-sender-requesttype" { - - } - if j == "sms-custom-config" { - - } - if j == "sms-extra-req-params" { - - } - if j == "sms-sender-req-param-name" { - - } - if j == "sms-sender-username-req-param-name" { - - } - if j == "sms-sender-password-req-param-name" { - - } - if j == "sms-destination-mobile-req-param-name" { - - } - if j == "sms-message-req-param-name" { - - } - if j == "sms-error-codes" { - - } - } - ModData["egov-notification-sms"] = data["egov-notification-sms"] - } - if i == "egov-user" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "heap" { - - } - if j == "memory_limits" { - - } - if j == "otp-validation" { - - } - if j == "citizen-otp-enabled" { - - } - if j == "employee-otp-enabled" { - - } - if j == "access-token-validity" { - - } - if j == "refresh-token-validity" { - - } - if j == "default-password-expiry" { - - } - if j == "mobile-number-validation" { - - } - if j == "roles-state-level" { - - } - if j == "zen-registration-withlogin" { - - } - if j == "citizen-otp-fixed" { - - } - if j == "citizen-otp-fixed-enabled" { - - } - if j == "egov-state-level-tenant-id" { - - } - if j == "decryption-abac-enabled" { - - } - } - } - if i == "chatbot" && botproceed == "yes" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "kafka-topics-partition-count" { - - } - if j == "kafka-topics-replication-factor" { - - } - if j == "kafka-consumer-poll-ms" { - - } - if j == "kafka-producer-linger-ms" { - - } - if j == "contact-card-whatsapp-number" { - - } - if j == "contact-card-whatsapp-name" { - - } - if j == "valuefirst-whatsapp-number" { - - } - if j == "valuefirst-notification-assigned-templateid" { - - } - if j == "valuefirst-notification-resolved-templateid" { - - } - if j == "valuefirst-notification-rejected-templateid" { - - } - if j == "valuefirst-notification-reassigned-templateid" { - - } - if j == "valuefirst-notification-commented-templateid" { - - } - if j == "valuefirst-notification-welcome-templateid" { - - } - if j == "valuefirst-notification-root-templateid" { - - } - if j == "valuefirst-send-message-url" { - - } - if j == "user-service-chatbot-citizen-passwrord" { - - } - } - ModData["chatbot"] = data["chatbot"] - } - if i == "bpa-services" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "memory_limits" { - - } - if j == "java-args" { - - } - if j == "java-debug" { - - } - if j == "tracing-enabled" { - - } - if j == "egov.idgen.bpa.applicationNum.format" { - - } - } - } - if i == "bpa-calculator" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "memory_limits" { - - } - if j == "java-args" { - - } - if j == "java-debug" { - - } - if j == "tracing-enabled" { - - } - } - } - if i == "ws-services" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "wcid-format" { - - } - } - } - if i == "sw-services" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "scid-format" { - - } - } - } - if i == "egov-pg-service" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "axis" { - - } - } - } - if i == "report" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "heap" { - - } - if j == "tracing-enabled" { - - } - if j == "spring-datasource-tomcat-max-active" { - - } - if j == "initContainers" { - NestedM := NestedMap[j].(map[string]interface{}) - for k := range NestedM { - if k == "gitSync" { - Neste := NestedM[k].(map[string]interface{}) - for l := range Neste { - if l == "repo" { - - } - if l == "branch" { - Neste[l] = Config["BranchName"] - } - } - } - } - } - if j == "report-locationsfile-path" { - - } - } - } - if i == "pdf-service" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "initContainers" { - NestedM := NestedMap[j].(map[string]interface{}) - for k := range NestedM { - if k == "gitSync" { - Neste := NestedM[k].(map[string]interface{}) - for l := range Neste { - if l == "repo" { - - } - if l == "branch" { - Neste[l] = Config["BranchName"] - } - } - } - } - } - if j == "data-config-urls" { - - } - if j == "format-config-urls" { - - } - - } - } - if i == "egf-master" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "db-url" { - - } - if j == "memory_limits" { - - } - if j == "heap" { - - } - - } - } - if i == "egov-custom-consumer" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "erp-host" { - - } - } - } - if i == "egov-apportion-service" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "memory_limits" { - - } - if j == "heap" { - - } - } - } - if i == "redoc" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "replicas" { - - } - if j == "images" { - - } - if j == "service_type" { - - } - } - } - if i == "redoc" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "images" { - - } - if j == "replicas" { - - } - if j == "default-backend-service" { - - } - if j == "namespace" { - - } - if j == "cert-issuer" { - - } - if j == "ssl-protocols" { - - } - if j == "ssl-ciphers" { - - } - if j == "ssl-ecdh-curve" { - - } - } - } - if i == "cert-manager" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "email" { - - } - } - } - if i == "zuul" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "replicas" { - - } - if j == "custom-filter-property" { - - } - if j == "tracing-enabled" { - - } - if j == "heap" { - - } - if j == "server-tomcat-max-threads" { - - } - if j == "server-tomcat-max-connections" { - - } - if j == "egov-open-endpoints-whitelist" { - - } - if j == "egov-mixed-mode-endpoints-whitelist" { - - } - } - } - if i == "collection-services" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "receiptnumber-servicebased" { - - } - if j == "receipt-search-paginate" { - - } - if j == "receipt-search-defaultsize" { - - } - if j == "user-create-enabled" { - - } - } - } - if i == "collection-receipt-voucher-consumer" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "jalandhar-erp-host" { - - } - if j == "mohali-erp-host" { - - } - if j == "nayagaon-erp-host" { - - } - if j == "amritsar-erp-host" { - - } - if j == "kharar-erp-host" { - - } - if j == "zirakpur-erp-host" { - - } - } - } - if i == "finance-collections-voucher-consumer" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "erp-env-name" { - - } - if j == "erp-domain-name" { - - } - } - } - if i == "rainmaker-pgr" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "notification-sms-enabled" { - - } - if j == "notification-email-enabled" { - - } - if j == "new-complaint-enabled" { - - } - if j == "reassign-complaint-enabled" { - - } - if j == "reopen-complaint-enabled" { - - } - if j == "comment-by-employee-notif-enabled" { - - } - if j == "notification-allowed-status" { - - } - } - } - if i == "pt-services-v2" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "pt-userevents-pay-link" { - - } - } - } - if i == "pt-calculator-v2" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "logging-level" { - - } - } - } - if i == "tl-services" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "heap" { - - } - if j == "memory_limits" { - - } - if j == "java-args" { - - } - if j == "tl-application-num-format" { - - } - if j == "tl-license-num-format" { - - } - if j == "tl-userevents-pay-link" { - - } - if j == "tl-payment-topic-name" { - - } - if j == "host-link" { - - } - if j == "pdf-link" { - - } - if j == "tl-search-default-limit" { - - } - } - } - if i == "egov-hrms" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "java-args" { - - } - if j == "heap" { - - } - if j == "employee-applink" { - - } - } - } - if i == "egov-weekly-impact-notifier" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "mail-to-address" { - - } - if j == "mail-interval-in-secs" { - - } - if j == "schedule" { - - } - } - } - if i == "kafka-config" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "topics" { - - } - if j == "zookeeper-connect" { - - } - if j == "kafka-brokers" { - - } - } - } - if i == "logging-config" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "es-host" { - - } - if j == "es-port" { - - } - } - } - if i == "jaeger-config" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "host" { - - } - if j == "port" { - - } - if j == "sampler-type" { - - } - if j == "sampler-param" { - - } - if j == "sampling-strategies" { - - } - } - } - if i == "redis" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "replicas" { - - } - if j == "images" { - - } - } - } - if i == "playground" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "replicas" { - - } - if j == "images" { - - } - } - } - if i == "fluent-bit" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "images" { - - } - if j == "egov-services-log-topic" { - - } - if j == "egov-infra-log-topic" { - - } - } - } - if i == "egov-workflow-v2" { - NestedMap := data[i].(map[string]interface{}) - for j := range NestedMap { - if j == "logging-level" { - - } - if j == "java-args" { - - } - if j == "heap" { - - } - if j == "workflow-statelevel" { - - } - if j == "host-link" { - - } - if j == "pdf-link" { - - } - } - } - } - ModData["global"] = data["global"] - ModData["cluster-configs"] = data["cluster-configs"] - ModData["employee"] = data["employee"] - ModData["citizen"] = data["citizen"] - ModData["digit-ui"] = data["digit-ui"] - ModData["egov-filestore"] = data["egov-filestore"] - ModData["egov-idgen"] = data["egov-idgen"] - ModData["egov-user"] = data["egov-user"] - ModData["egov-indexer"] = data["egov-indexer"] - ModData["egov-persister"] = data["egov-persister"] - ModData["egov-data-uploader"] = data["egov-data-uploader"] - ModData["egov-searcher"] = data["egov-searcher"] - ModData["report"] = data["report"] - ModData["pdf-service"] = data["pdf-service"] - ModData["egf-master"] = data["egf-master"] - ModData["egov-custom-consumer"] = data["egov-custom-consumer"] - ModData["egov-apportion-service"] = data["egov-apportion-service"] - ModData["redoc"] = data["redoc"] - ModData["nginx-ingress"] = data["nginx-ingress"] - ModData["cert-manager"] = data["cert-manager"] - ModData["zuul"] = data["zuul"] - ModData["collection-services"] = data["collection-services"] - ModData["collection-receipt-voucher-consumer"] = data["collection-receipt-voucher-consumer"] - ModData["finance-collections-voucher-consumer"] = data["finance-collections-voucher-consumer"] - ModData["egov-workflow-v2"] = data["egov-workflow-v2"] - ModData["egov-hrms"] = data["egov-hrms"] - ModData["egov-weekly-impact-notifier"] = data["egov-weekly-impact-notifier"] - ModData["kafka-config"] = data["kafka-config"] - ModData["logging-config"] = data["logging-config"] - ModData["jaeger-config"] = data["jaeger-config"] - ModData["redis"] = data["redis"] - ModData["playground"] = data["playground"] - ModData["fluent-bit"] = data["fluent-bit"] - ModData["kafka-v2"] = data["kafka-v2"] - ModData["zookeeper-v2"] = data["zookeeper-v2"] - ModData["elasticsearch-data-v1"] = data["elasticsearch-data-v1"] - ModData["elasticsearch-master-v1"] = data["elasticsearch-master-v1"] - ModData["es-curator"] = data["es-curator"] - for i := range modules { - if modules[i] == "m_pgr" { - ModData["egov-pg-service"] = data["egov-pg-service"] - ModData["rainmaker-pgr"] = data["rainmaker-pgr"] - } - if modules[i] == "m_property-tax" { - ModData["pt-services-v2"] = data["pt-services-v2"] - ModData["pt-calculator-v2"] = data["pt-calculator-v2"] - } - if modules[i] == "m_sewerage" { - ModData["sw-services"] = data["sw-services"] - } - if modules[i] == "m_bpa" { - ModData["bpa-services"] = data["bpa-services"] - ModData["bpa-calculator"] = data["bpa-calculator"] - } - if modules[i] == "m_trade-license" { - ModData["tl-services"] = data["tl-services"] - } - if modules[i] == "m_firenoc" { - - } - if modules[i] == "m_water-service" { - ModData["ws-services"] = data["ws-services"] - } - if modules[i] == "m_dss" { - ModData["dashboard-analytics"] = data["dashboard-analytics"] - ModData["dashboard-ingest"] = data["dashboard-ingest"] - } - if modules[i] == "m_fsm" { - - } - if modules[i] == "m_echallan" { - - } - if modules[i] == "m_edcr" { - - } - if modules[i] == "m_finance" { - - } - } - newfile, err := yaml.Marshal(&ModData) - if err != nil { - log.Printf("%v", err) - - } - filename := fmt.Sprintf("../../config-as-code/environments/%s.yaml", Config["file_name"]) - err = ioutil.WriteFile(filename, newfile, 0644) - if err != nil { - log.Printf("%v", err) - } -} - -//secrets config - -func SecretFile(cluster_name string,Ssh string,SecretConfig map[string]string) { - var sec Secret - secret, err := ioutil.ReadFile("DIGIT-DevOps/config-as-code/environments/egov-demo-secrets.yaml") - if err != nil { - log.Printf("%v", err) - } - err = yaml.Unmarshal(secret, &sec) - if err != nil { - log.Printf("%v", err) - } - eUsername := sec.ClusterConfigs.Secrets.Db.Username - fmt.Println(eUsername) - var Db_Username string - var Db_Password string - var Db_FlywayUsername string - var Db_FlywayPassword string - var EgovNotificationSms_Username string - var EgovNotificationSms_Password string - var EgovFilestore_AwsKey string - var EgovFilestore_AwsSecretKey string - var EgovLocation_Gmapskey string - var EgovPgService_AxisMerchantID string - var EgovPgService_AxisMerchantSecretKey string - var EgovPgService_AxisMerchantUser string - var EgovPgService_AxisMerchantPwd string - var EgovPgService_AxisMerchantAccessCode string - var EgovPgService_PayuMerchantKey string - var EgovPgService_PayuMerchantSalt string - var Pgadmin_AdminEmail string - var Pgadmin_AdminPassword string - var Pgadmin_ReadEmail string - var Pgadmin_ReadPassword string - var EgovEncService_MasterPassword string - var EgovEncService_MasterSalt string - var EgovEncService_MasterInitialvector string - var EgovNotificationMail_Mailsenderusername string - var EgovNotificationMail_Mailsenderpassword string - var Kibana_Namespace string - var Kibana_Credentials string - var EgovSiMicroservice_SiMicroserviceUser string - var EgovSiMicroservice_SiMicroservicePassword string - var EgovSiMicroservice_MailSenderPassword string - var EgovEdcrNotification_EdcrMailUsername string - var EgovEdcrNotification_EdcrMailPassword string - var EgovEdcrNotification_EdcrSmsUsername string - var EgovEdcrNotification_EdcrSmsPassword string - var Chatbot_ValuefirstUsername string - var Chatbot_ValuefirstPassword string - var EgovUserChatbot_CitizenLoginPasswordOtpFixedValue string - var Oauth2Proxy_ClientID string - var Oauth2Proxy_ClientSecret string - var Oauth2Proxy_CookieSecret string - - Username := sec.ClusterConfigs.Secrets.Db.Username - Password := sec.ClusterConfigs.Secrets.Db.Password - FlywayUsername := sec.ClusterConfigs.Secrets.Db.FlywayUsername - FlywayPassword := sec.ClusterConfigs.Secrets.Db.FlywayPassword - NotUsername := sec.ClusterConfigs.Secrets.EgovNotificationSms.Username - NotPassword := sec.ClusterConfigs.Secrets.EgovNotificationSms.Password - AwsKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey - AwsSecretKey := sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey - Gmapskey := sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey - AxisMerchantID := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID - AxisMerchantSecretKey := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey - AxisMerchantUser := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser - AxisMerchantPwd := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd - AxisMerchantAccessCode := sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode - PayuMerchantKey := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey - PayuMerchantSalt := sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt - AdminEmail := sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail - AdminPassword := sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword - ReadEmail := sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail - ReadPassword := sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword - MasterPassword := sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword - MasterSalt := sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt - MasterInitialvector := sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector - Mailsenderusername := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername - Mailsenderpassword := sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword - KnownHosts := sec.ClusterConfigs.Secrets.GitSync.KnownHosts - Namespace := sec.ClusterConfigs.Secrets.Kibana.Namespace - Credentials := sec.ClusterConfigs.Secrets.Kibana.Credentials - SiMicroserviceUser := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser - SiMicroservicePassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword - MailSenderPassword := sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword - EdcrMailUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername - EdcrMailPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword - EdcrSmsUsername := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername - EdcrSmsPassword := sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword - ValuefirstUsername := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername - ValuefirstPassword := sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword - CitizenLoginPasswordOtpFixedValue := sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue - ClientID := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID - ClientSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret - CookieSecret := sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret - - fmt.Println("Enter Db_Username:") - fmt.Scanln(&Db_Username) - if Db_Username != "" { - sec.ClusterConfigs.Secrets.Db.Username = Db_Username - } else { - sec.ClusterConfigs.Secrets.Db.Username = Username - } - fmt.Println("Enter Db_Password:") - fmt.Scanln(&Db_Password) - if Db_Password != "" { - sec.ClusterConfigs.Secrets.Db.Password = Db_Password - } else { - sec.ClusterConfigs.Secrets.Db.Password = Password - } - fmt.Println("Enter Db_FlywayUsername:") - fmt.Scanln(&Db_FlywayUsername) - if Db_FlywayUsername != "" { - sec.ClusterConfigs.Secrets.Db.FlywayUsername = Db_FlywayUsername - } else { - sec.ClusterConfigs.Secrets.Db.FlywayUsername = FlywayUsername - } - fmt.Println("Enter Db_FlywayPassword:") - fmt.Scanln(&Db_FlywayPassword) - if Db_FlywayPassword != "" { - sec.ClusterConfigs.Secrets.Db.FlywayPassword = Db_FlywayPassword - } else { - sec.ClusterConfigs.Secrets.Db.FlywayPassword = FlywayPassword - } - if SecretConfig["EgovNotificationSms_Username"] != "" { - sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = SecretConfig[EgovNotificationSms_Username] - } else { - sec.ClusterConfigs.Secrets.EgovNotificationSms.Username = NotUsername - } - fmt.Println("Enter EgovNotificationSms_Password:") - fmt.Scanln(&EgovNotificationSms_Password) - if EgovNotificationSms_Password != "" { - sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = EgovNotificationSms_Password - } else { - sec.ClusterConfigs.Secrets.EgovNotificationSms.Password = NotPassword - } - fmt.Println("Enter EgovFilestore_AwsKey:") - fmt.Scanln(&EgovFilestore_AwsKey) - if EgovFilestore_AwsKey != "" { - sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = EgovFilestore_AwsKey - } else { - sec.ClusterConfigs.Secrets.EgovFilestore.AwsKey = AwsKey - } - fmt.Println("Enter EgovFilestore_AwsSecretKey:") - fmt.Scanln(&EgovFilestore_AwsSecretKey) - if EgovFilestore_AwsSecretKey != "" { - sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = EgovFilestore_AwsSecretKey - } else { - sec.ClusterConfigs.Secrets.EgovFilestore.AwsSecretKey = AwsSecretKey - } - fmt.Println("Enter EgovLocation_Gmapskey:") - fmt.Scanln(&EgovLocation_Gmapskey) - if EgovLocation_Gmapskey != "" { - sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = EgovLocation_Gmapskey - } else { - sec.ClusterConfigs.Secrets.EgovLocation.Gmapskey = Gmapskey - } - fmt.Println("Enter EgovPgService_AxisMerchantID:") - fmt.Scanln(&EgovPgService_AxisMerchantID) - if EgovPgService_AxisMerchantID != "" { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = EgovPgService_AxisMerchantID - } else { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantID = AxisMerchantID - } - fmt.Println("Enter EgovPgService_AxisMerchantSecretKey:") - fmt.Scanln(&EgovPgService_AxisMerchantSecretKey) - if EgovPgService_AxisMerchantSecretKey != "" { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = EgovPgService_AxisMerchantSecretKey - } else { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantSecretKey = AxisMerchantSecretKey - } - fmt.Println("Enter EgovPgService_AxisMerchantUser:") - fmt.Scanln(&EgovPgService_AxisMerchantUser) - if EgovPgService_AxisMerchantUser != "" { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = EgovPgService_AxisMerchantUser - } else { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantUser = AxisMerchantUser - } - fmt.Println("Enter EgovPgService_AxisMerchantPwd:") - fmt.Scanln(&EgovPgService_AxisMerchantPwd) - if EgovPgService_AxisMerchantPwd != "" { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = EgovPgService_AxisMerchantPwd - } else { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantPwd = AxisMerchantPwd - } - fmt.Println("Enter EgovPgService_AxisMerchantAccessCode:") - fmt.Scanln(&EgovPgService_AxisMerchantAccessCode) - if EgovPgService_AxisMerchantAccessCode != "" { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = EgovPgService_AxisMerchantAccessCode - } else { - sec.ClusterConfigs.Secrets.EgovPgService.AxisMerchantAccessCode = AxisMerchantAccessCode - } - fmt.Println("Enter EgovPgService_PayuMerchantKey:") - fmt.Scanln(&EgovPgService_PayuMerchantKey) - if EgovPgService_PayuMerchantKey != "" { - sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = EgovPgService_PayuMerchantKey - } else { - sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantKey = PayuMerchantKey - } - fmt.Println("Enter EgovPgService_PayuMerchantSalt:") - fmt.Scanln(&EgovPgService_PayuMerchantSalt) - if EgovPgService_PayuMerchantSalt != "" { - sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = EgovPgService_PayuMerchantSalt - } else { - sec.ClusterConfigs.Secrets.EgovPgService.PayuMerchantSalt = PayuMerchantSalt - } - fmt.Println("Enter Pgadmin_AdminEmail:") - fmt.Scanln(&Pgadmin_AdminEmail) - if Pgadmin_AdminEmail != "" { - sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = Pgadmin_AdminEmail - } else { - sec.ClusterConfigs.Secrets.Pgadmin.AdminEmail = AdminEmail - } - fmt.Println("Enter Pgadmin_AdminPassword:") - fmt.Scanln(&Pgadmin_AdminPassword) - if Pgadmin_AdminPassword != "" { - sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = Pgadmin_AdminPassword - } else { - sec.ClusterConfigs.Secrets.Pgadmin.AdminPassword = AdminPassword - } - fmt.Println("Enter Pgadmin_ReadEmail:") - fmt.Scanln(&Pgadmin_ReadEmail) - if Pgadmin_ReadEmail != "" { - sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = Pgadmin_ReadEmail - } else { - sec.ClusterConfigs.Secrets.Pgadmin.ReadEmail = ReadEmail - } - fmt.Println("Enter Pgadmin_ReadPassword:") - fmt.Scanln(&Pgadmin_ReadPassword) - if Pgadmin_ReadPassword != "" { - sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = Pgadmin_ReadPassword - } else { - sec.ClusterConfigs.Secrets.Pgadmin.ReadPassword = ReadPassword - } - fmt.Println("Enter EgovEncService_MasterPassword:") - fmt.Scanln(&EgovEncService_MasterPassword) - if EgovEncService_MasterPassword != "" { - sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = EgovEncService_MasterPassword - } else { - sec.ClusterConfigs.Secrets.EgovEncService.MasterPassword = MasterPassword - } - fmt.Println("Enter EgovEncService_MasterSalt:") - fmt.Scanln(&EgovEncService_MasterSalt) - if EgovEncService_MasterSalt != "" { - sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = EgovEncService_MasterSalt - } else { - sec.ClusterConfigs.Secrets.EgovEncService.MasterSalt = MasterSalt - } - fmt.Println("Enter EgovEncService_MasterInitialvector:") - fmt.Scanln(&EgovEncService_MasterInitialvector) - if EgovEncService_MasterInitialvector != "" { - sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = EgovEncService_MasterInitialvector - } else { - sec.ClusterConfigs.Secrets.EgovEncService.MasterInitialvector = MasterInitialvector - } - fmt.Println("Enter EgovNotificationMail_Mailsenderusername:") - fmt.Scanln(&EgovNotificationMail_Mailsenderusername) - if EgovNotificationMail_Mailsenderusername != "" { - sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = EgovNotificationMail_Mailsenderusername - } else { - sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderusername = Mailsenderusername - } - fmt.Println("Enter EgovNotificationMail_Mailsenderpassword:") - fmt.Scanln(&EgovNotificationMail_Mailsenderpassword) - if EgovNotificationMail_Mailsenderpassword != "" { - sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = EgovNotificationMail_Mailsenderpassword - } else { - sec.ClusterConfigs.Secrets.EgovNotificationMail.Mailsenderpassword = Mailsenderpassword - } - sec.ClusterConfigs.Secrets.GitSync.SSH = Ssh - sec.ClusterConfigs.Secrets.GitSync.KnownHosts = KnownHosts - fmt.Println("Enter Kibana_Namespace:") - fmt.Scanln(&Kibana_Namespace) - if Kibana_Namespace != "" { - sec.ClusterConfigs.Secrets.Kibana.Namespace = Kibana_Namespace - } else { - sec.ClusterConfigs.Secrets.Kibana.Namespace = Namespace - } - fmt.Println("Enter Kibana_Credentials:") - fmt.Scanln(&Kibana_Credentials) - if Kibana_Credentials != "" { - sec.ClusterConfigs.Secrets.Kibana.Credentials = Kibana_Credentials - } else { - sec.ClusterConfigs.Secrets.Kibana.Credentials = Credentials - } - fmt.Println("Enter EgovSiMicroservice_SiMicroserviceUser:") - fmt.Scanln(&EgovSiMicroservice_SiMicroserviceUser) - if EgovSiMicroservice_SiMicroserviceUser != "" { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = EgovSiMicroservice_SiMicroserviceUser - } else { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroserviceUser = SiMicroserviceUser - } - fmt.Println("Enter EgovSiMicroservice_SiMicroservicePassword:") - fmt.Scanln(&EgovSiMicroservice_SiMicroservicePassword) - if EgovSiMicroservice_SiMicroservicePassword != "" { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = EgovSiMicroservice_SiMicroservicePassword - } else { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.SiMicroservicePassword = SiMicroservicePassword - } - fmt.Println("Enter EgovSiMicroservice_MailSenderPassword:") - fmt.Scanln(&EgovSiMicroservice_MailSenderPassword) - if EgovSiMicroservice_MailSenderPassword != "" { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = EgovSiMicroservice_MailSenderPassword - } else { - sec.ClusterConfigs.Secrets.EgovSiMicroservice.MailSenderPassword = MailSenderPassword - } - fmt.Println("Enter EgovEdcrNotification_EdcrMailUsername:") - fmt.Scanln(&EgovEdcrNotification_EdcrMailUsername) - if EgovEdcrNotification_EdcrMailUsername != "" { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EgovEdcrNotification_EdcrMailUsername - } else { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailUsername = EdcrMailUsername - } - fmt.Println("Enter EgovEdcrNotification_EdcrMailPassword:") - fmt.Scanln(&EgovEdcrNotification_EdcrMailPassword) - if EgovEdcrNotification_EdcrMailPassword != "" { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EgovEdcrNotification_EdcrMailPassword - } else { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrMailPassword = EdcrMailPassword - } - fmt.Println("Enter EgovEdcrNotification_EdcrSmsUsername:") - fmt.Scanln(&EgovEdcrNotification_EdcrSmsUsername) - if EgovEdcrNotification_EdcrSmsUsername != "" { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EgovEdcrNotification_EdcrSmsUsername - } else { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsUsername = EdcrSmsUsername - } - fmt.Println("Enter EgovEdcrNotification_EdcrSmsPassword:") - fmt.Scanln(&EgovEdcrNotification_EdcrSmsPassword) - if EgovEdcrNotification_EdcrSmsPassword != "" { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EgovEdcrNotification_EdcrSmsPassword - } else { - sec.ClusterConfigs.Secrets.EgovEdcrNotification.EdcrSmsPassword = EdcrSmsPassword - } - fmt.Println("Enter Chatbot_ValuefirstUsername:") - fmt.Scanln(&Chatbot_ValuefirstUsername) - if Chatbot_ValuefirstUsername != "" { - sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = Chatbot_ValuefirstUsername - } else { - sec.ClusterConfigs.Secrets.Chatbot.ValuefirstUsername = ValuefirstUsername - } - fmt.Println("Enter Chatbot_ValuefirstPassword:") - fmt.Scanln(&Chatbot_ValuefirstPassword) - if Chatbot_ValuefirstPassword != "" { - sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = Chatbot_ValuefirstPassword - } else { - sec.ClusterConfigs.Secrets.Chatbot.ValuefirstPassword = ValuefirstPassword - } - fmt.Println("Enter EgovUserChatbot_CitizenLoginPasswordOtpFixedValue:") - fmt.Scanln(&EgovUserChatbot_CitizenLoginPasswordOtpFixedValue) - if EgovUserChatbot_CitizenLoginPasswordOtpFixedValue != "" { - sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = EgovUserChatbot_CitizenLoginPasswordOtpFixedValue - } else { - sec.ClusterConfigs.Secrets.EgovUserChatbot.CitizenLoginPasswordOtpFixedValue = CitizenLoginPasswordOtpFixedValue - } - fmt.Println("Enter Oauth2Proxy_ClientID:") - fmt.Scanln(&Oauth2Proxy_ClientID) - if Oauth2Proxy_ClientID != "" { - sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = Oauth2Proxy_ClientID - } else { - sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientID = ClientID - } - fmt.Println("Enter Oauth2Proxy_ClientSecret:") - fmt.Scanln(&Oauth2Proxy_ClientSecret) - if Oauth2Proxy_ClientSecret != "" { - sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = Oauth2Proxy_ClientSecret - } else { - sec.ClusterConfigs.Secrets.Oauth2Proxy.ClientSecret = ClientSecret - } - fmt.Println("Enter Oauth2Proxy_CookieSecret:") - fmt.Scanln(&Oauth2Proxy_CookieSecret) - if Oauth2Proxy_CookieSecret != "" { - sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = Oauth2Proxy_CookieSecret - } else { - sec.ClusterConfigs.Secrets.Oauth2Proxy.CookieSecret = CookieSecret - } - secretsmar, err := yaml.Marshal(&sec) - if err != nil { - log.Printf("%v", err) - - } - secFilename := fmt.Sprintf("../../config-as-code/environments/%s-secrets.yaml", cluster_name) - err = ioutil.WriteFile(secFilename, secretsmar, 0644) - if err != nil { - log.Printf("%v", err) - } -} \ No newline at end of file diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go deleted file mode 100644 index bfa7667f1d..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/digit_installer.go +++ /dev/null @@ -1,319 +0,0 @@ -package main - -import ( - "bytes" - "container/list" - "errors" - "fmt" - "io" - "io/ioutil" - "log" - "os" - "os/exec" - "strings" - s "strings" - - "github.com/manifoldco/promptui" - "gopkg.in/yaml.v2" -) - -var Reset = "\033[0m" -var Red = "\033[31m" -var Green = "\033[32m" -var Yellow = "\033[33m" -var Blue = "\033[34m" -var Purple = "\033[35m" -var Cyan = "\033[36m" -var Gray = "\033[37m" -var White = "\033[97m" - -// Defining a struct to parse the yaml file -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - var versionfiles []string - var envfiles []string - var modules []string - var selectedMod []string - svclist := list.New() - set := NewSet() - var argStr string = "" - var releaseChartDir string = "../../config-as-code/product-release-charts/" - - fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") - const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." - // Get the Proceedual of the user - fmt.Println(string(Cyan), sPreReq) - //var proceedQuestion string - preReqConfirm := []string{"Yes", "No"} - var proceed string = "" - proceed, _ = sel(preReqConfirm, "Are you good to proceed?") - if proceed == "Yes" { - contextset := setClusterContext() - if contextset { - // Get the versions from the chart and display it to user to select - file, err := os.Open(releaseChartDir) - if err != nil { - log.Fatalf("failed opening directory: %s", err) - } - defer file.Close() - - prodList, _ := file.Readdirnames(0) // 0 to read all files and folders - - var product string = "" - product, _ = sel(prodList, "Which Product would you like to install, Please Select") - if product != "" { - files, err := ioutil.ReadDir(releaseChartDir + product) - if err != nil { - log.Fatal(err) - } - - for _, f := range files { - name := f.Name() - versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) - } - var version string = "" - version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") - if version != "" { - argFile := releaseChartDir + product + "/dependancy_chart-" + version + ".yaml" - - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } - - // Parse the yaml values - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return - } - - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - } - modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") - //if err == nil { - for result != "Exit" && err == nil { - selectedMod = append(selectedMod, result) - result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") - } - if selectedMod != nil { - for _, mod := range selectedMod { - getService(fullChart, mod, *set, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - - envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/environments/") - if err != nil { - log.Fatal(err) - } - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") && !s.Contains(filename, ".DS_Store") { - log.Println(filename) - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) - } - } - - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") - if env != "" { - confirm := []string{"Yes", "No"} - - var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) - var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) - - preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") - - if preview == "Yes" { - fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") - err := execCommand(previewDeployCmd) - if err == nil { - fmt.Println("You can now start actual deployment") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } else { - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } - - } - } - } - } - } - } - } - fmt.Println("") - endScript() -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} - -func execCommand(command string) error { - var err error - parts := strings.Fields(command) - //log.Println("Printing full command part", parts) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - cmd := exec.Command(head, args...) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - -func setClusterContext() bool { - var contextset bool = false - var kubeconfig string = "kubeConfig" - - validatepath := func(input string) error { - _, err := os.Stat(input) - if os.IsNotExist(err) { - return errors.New("The File does not exist in the given path") - } - return nil - } - - validatepath(kubeconfig) - - //kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") - - if kubeconfig != "" { - getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) - err := execCommand(getcontextcmd) - if err == nil { - context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") - if context != "" { - usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) - err := execCommand(usecontextcmd) - if err == nil { - contextset = true - } - } - } - } - return contextset -} - -func sel(items []string, label string) (string, error) { - var result string - var err error - prompt := promptui.Select{ - Label: label, - Items: items, - Size: 30, - } - _, result, err = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result, err -} - -func enterValue(validate promptui.ValidateFunc, label string) string { - var result string - prompt := promptui.Prompt{ - Label: label, - Validate: validate, - } - result, _ = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result -} - -func endScript() { - fmt.Println("Take your time, You can come back at any time ... Thank You!!!") - return -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go deleted file mode 100644 index 75dd8726fd..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/full_installer.go +++ /dev/null @@ -1,893 +0,0 @@ -package main - -import ( - "bytes" - "container/list" - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "encoding/pem" - "errors" - "fmt" - "io" - "io/ioutil" - "log" - "os" - "os/exec" - "strconv" - "strings" - - "github.com/jcelliott/lumber" - "github.com/manifoldco/promptui" - "golang.org/x/crypto/ssh" - yaml "gopkg.in/yaml.v3" - - //"bufio" - "deployer/configs" - "encoding/json" -) - -var cloudTemplate string // Which terraform template to choose -var repoDirRoot string -var selectedMod []string -var Flag string -var db_pswd string -var sshFile string -var cluster_name string -var SecretConfig map[string]string - -var Reset = "\033[0m" -var Red = "\033[31m" -var Green = "\033[32m" -var Yellow = "\033[33m" -var Blue = "\033[34m" -var Purple = "\033[35m" -var Cyan = "\033[36m" -var Gray = "\033[37m" -var White = "\033[97m" - -//Defining a struct to parse the yaml file -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - - var optedInfraType string // Infra types supported to deploy DIGIT - var servicesToDeploy string // Modules to be deployed - var number_of_worker_nodes int = 1 // No of VMs for the k8s worker nodes - var optedCloud string // Desired InfraType to deploy - var cloudLoginCredentials bool // Is there a valid cloud account and credentials - var isProductionSetup bool = false - - infraType := []string{ - "0. You have an existing kubernetes Cluster ready, you would like to leverage it to setup DIGIT on that", - "1. Pilot/POC (Just for a POC to Quickstart and explore)", - "2. DevTest Setup (To setup and build/customize and test)", - "3. Production: Bare Minimal (90% reliability), 10 gov services, 10 concurrent users/sec", - "4. Production: Medium (95% reliability), 50+ concurrent gov services 100 concurrent users/sec", - "5. Production: HA/DRS Setup (99.99% reliability), 50+ concurrent gov services 1000 concurrent users/sec", - "6. For custom options, use this calcualtor to determine the required nodes (https://docs.digit.org/Infra-calculator)"} - - cloudPlatforms := []string{ - "0. Local machine/Your Existing VM", - "1. AWS-EC2 - Quickstart with a Single EC2 Instace on AWS", - "2. On-prem/Private Cloud - Quickstart with Single VM", - "3. AWS-EKS - Production grade Elastic Kubernetes Service (EKS)", - "4. AZURE-AKS - Production grade Azure Kubernetes Service (AKS)", - "5. GOOGLE CLOUD - Production grade Google Kubernetes Engine (GKE)", - "6. On-prem/Privare Cloud - Production grade Kubernetes Cluster Setup"} - - fmt.Println(string(Green), "\n******* Welcome to DIGIT Server setup & Deployment !!! ******** \n\n *********\n https://docs.digit.org/Infra-calculator\n") - const sPreReq = "Pre-requsites (Please Read Carefully):\n\tDIGIT comprises of many microservices that are packaged as docker containers that can be run on any container supported platforms like dockercompose, kubernetes, etc. Here we'll have a setup a kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[Option a] Local/VM: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t\n\n Well! Let's get started with the DIGIT Setup process, if you want to abort any time press (Ctl+c), you can always come back and rerun the script." - fmt.Println(string(Cyan), sPreReq) - - preReqConfirm := []string{"Yes", "No"} - var proceed string = "" - proceed, _ = sel(preReqConfirm, "Are you good to proceed?") - if proceed == "Yes" { - optedInfraType, _ = sel(infraType, "Select the below suitable infra option for your usecase") - switch optedInfraType { - case infraType[0]: - number_of_worker_nodes = 0 - case infraType[1]: - number_of_worker_nodes = 1 - case infraType[2]: - number_of_worker_nodes = 1 - case infraType[3]: - number_of_worker_nodes = 3 //TBD - isProductionSetup = true - case infraType[4]: - number_of_worker_nodes = 4 //TBD - isProductionSetup = true - case infraType[5]: - number_of_worker_nodes = 5 //TBD - case infraType[6]: - number_of_worker_nodes, _ = strconv.Atoi(enterValue(nil, "How many VM/nodes are required based on the calculation")) - isProductionSetup = true - default: - number_of_worker_nodes = 0 - } - - servicesToDeploy = selectGovServicesToInstall() - - optedCloud, _ = sel(cloudPlatforms, "Choose the cloud type to provision the required servers for the selectdd gov stack services?") - - switch optedCloud { - case cloudPlatforms[1]: - var optedAccessType string - var aws_access_key string - var aws_secret_key string - var aws_session_key string - - cloudTemplate = "quickstart-aws-ec2" - - accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} - optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") - - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - - if optedAccessType == "Temprory Admin" { - - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) - - fmt.Println("\nInput the AWS Session Token") - fmt.Scanln(&aws_session_key) - - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") - } else if optedAccessType == "Root Admin" { - - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) - - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") - } else { - cloudLoginCredentials = awslogin("", "", "", "") - fmt.Println("Proceeding with the existing AWS profile configured") - } - case cloudPlatforms[2]: - //TBD - - case cloudPlatforms[3]: - var optedAccessType string - var aws_access_key string - var aws_secret_key string - var aws_session_key string - Flag = "aws" - cloudTemplate = "sample-aws" - - accessTypes := []string{"Root Admin", "Temprory Admin", "Already configured"} - optedAccessType, _ = sel(accessTypes, "Choose your AWS access type? eg: If your access is session based unlike root admin") - - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - - if optedAccessType == "Temprory Admin" { - - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) - - fmt.Println("\nInput the AWS Session Token") - fmt.Scanln(&aws_session_key) - - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, aws_session_key, "") - } else if optedAccessType == "Root Admin" { - - fmt.Println("Input the AWS access key id") - fmt.Scanln(&aws_access_key) - - fmt.Println("\nInput the AWS secret key") - fmt.Scanln(&aws_secret_key) - - cloudLoginCredentials = awslogin(aws_access_key, aws_secret_key, "", "") - } else { - cloudLoginCredentials = awslogin("", "", "", "") - fmt.Println("Proceeding with the existing AWS profile configured") - } - - case cloudPlatforms[4]: - cloudTemplate = "sample-azure" - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - azure_username := enterValue(nil, "Please enter your AZURE UserName") - azure_password := enterValue(nil, "Enter your AZURE Password") - cloudLoginCredentials = azurelogin(azure_username, azure_password) - - case cloudPlatforms[5]: - cloudTemplate = "sample-gcp" - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - - case cloudPlatforms[6]: - cloudTemplate = "sample-private-cloud" - fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - - default: - //fmt.Println("\n Great, you need to input your " + optedCloud + "credentials to provision the cloud resources ..\n") - //fmt.Println("Support for the " + optedCloud + "is still underway ... you need to wait") - } - } - - if cloudLoginCredentials { - fmt.Println(string(Green), "\n******* Let's proceed with cluster creation, please input the requested details below *********\n") - fmt.Println(string(Green), "Make sure that the cluster name is unique if you are trying consecutively, duplicate DNS/hosts file entry under digit.org domain could have been mapped already\n") - - cluster_name = enterValue(nil, "How do you want to name the Cluster? eg: your-name_dev or your-name_poc") - - // fmt.Println("How do you want to name the Cluster? \n eg: your-name_dev or your-name_poc") - // fmt.Scanln(&cluster_name) - - repoDirRoot = "DIGIT-DevOps" - gitCmd := "" - _, err := os.Stat(repoDirRoot) - if os.IsNotExist(err) { - gitCmd = fmt.Sprintf("git clone -b release https://github.com/egovernments/DIGIT-DevOps.git %s", repoDirRoot) - } else { - gitCmd = fmt.Sprintf("git -C %s pull", repoDirRoot) - } - execCommand(gitCmd) - - if !isProductionSetup { - - sshFile = "./digit-ssh.pem" - var keyName string = "digit-aws-vm" - pubKey, _, err := GetKeyPair(sshFile) - // to pick public ip and private ip from terraform state - - if err != nil { - log.Fatalf("Failed to generate SSH Key %s\n", err) - } else { - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) - - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) - - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"public_key=%s\" -var=\"key_name=%s\"", repoDirRoot, cloudTemplate, pubKey, keyName)) - //taking public ip and private ip from terraform.tfstate - quickState, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/quickstart-aws-ec2/terraform.tfstate") - if err != nil { - log.Printf("%v", err) - } - var quick configs.Quickstart - err = json.Unmarshal(quickState, &quick) - //publicip - ip := quick.Outputs.PublicIP.Value - //privateip - privateip := quick.Resources[0].Instances[0].Attributes.PrivateIP - createK3d(cluster_name, ip, keyName, privateip) - changePrivateIp(cluster_name, privateip) - - } - - } else { - db_pswd = enterValue(nil, "What should be the database password to be created, it should be 8 char min") - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s init", repoDirRoot, cloudTemplate)) - - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s plan -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) - - execSingleCommand(fmt.Sprintf("terraform -chdir=%s/infra-as-code/terraform/%s apply -auto-approve -var=\"cluster_name=%s\" -var=\"db_password=%s\" -var=\"number_of_worker_nodes=%d\"", repoDirRoot, cloudTemplate, cluster_name, db_pswd, number_of_worker_nodes)) - - //calling funtion to write config file - Configsfile() - //calling function to create secret file - envSecretsFile() - - } - } - contextset := setClusterContext() - if contextset { - deployCharts(servicesToDeploy, cluster_name) - } - - //terraform output to a file - //replace the env values with the tf output - //save the kubetconfig and set the currentcontext - //set dns in godaddy using the api's - fmt.Println("") - endScript() -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} - -// create a cluster in vm -func createK3d(clusterName string, publicIp string, keyName string, privateIp string) { - commands := []string{ - "mkdir ~/kube && sudo chmod 777 ~/kube", - "sudo k3d kubeconfig get k3s-default > " + clusterName + "_k3dconfig", - } - createClusterCmd := fmt.Sprintf("sudo k3d cluster create --api-port %s:6550 --k3s-server-arg --no-deploy=traefik --agents 2 -v /home/ubuntu/kube:/kube@agent[0,1] -v /home/ubuntu/kube:/kube@server[0] --port 8333:9000@loadbalancer --k3s-server-arg --tls-san=%s", privateIp, publicIp) - command := fmt.Sprintf("%s&&%s&&%s", commands[0], createClusterCmd, commands[1]) - execRemoteCommand("ubuntu", publicIp, sshFile, command) - copyConfig := fmt.Sprintf("scp ubuntu@%s:%s_k3dconfig .", publicIp, clusterName) - execCommand(copyConfig) -} - -//changes the private ip in k3dconfig -func changePrivateIp(clusterName string, privateIp string) { - path := fmt.Sprintf("%s_k3dconfig", clusterName) - file, err := ioutil.ReadFile(path) - if err != nil { - log.Printf("%v", err) - } - var con configs.Config - err = yaml.Unmarshal(file, &con) - if err != nil { - log.Printf("%v", err) - } - server := fmt.Sprintf("https://%s:6550", privateIp) - con.Clusters[0].Cluster.Server = server - newfile, err := yaml.Marshal(&con) - if err != nil { - log.Printf("%v", err) - - } - err = ioutil.WriteFile("new_k3dconfig", newfile, 0644) - if err != nil { - log.Printf("%v", err) - } - -} - -func execCommand(command string) error { - var err error - parts := strings.Fields(command) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - - log.Println(string(Blue), " ==> "+command) - cmd := exec.Command(head, args...) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - -func setClusterContext() bool { - - validatepath := func(input string) error { - _, err := os.Stat(input) - if os.IsNotExist(err) { - return errors.New("The File does not exist in the given path") - } - return nil - } - - var kubeconfig string - kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") - - if kubeconfig != "" { - getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) - err := execCommand(getcontextcmd) - if err == nil { - context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") - if context != "" { - usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) - err := execCommand(usecontextcmd) - if err == nil { - return true - } - } - } - } - return false -} - -func selectGovServicesToInstall() string { - - var versionfiles []string - var modules []string - svclist := list.New() - set := NewSet() - var argStr string = "" - var releaseChartDir string = "../../config-as-code/product-release-charts/" - - // Get the versions from the chart and display it to user to select - file, err := os.Open(releaseChartDir) - if err != nil { - log.Fatalf("failed opening directory: %s", err) - } - defer file.Close() - - prodList, _ := file.Readdirnames(0) // 0 to read all files and folders - - var optedProduct string = "" - optedProduct, _ = sel(prodList, "Choose the Gov stack services that you would you like to install") - - if optedProduct != "" { - files, err := ioutil.ReadDir(releaseChartDir + optedProduct) - if err != nil { - log.Fatal(err) - } - - for _, f := range files { - name := f.Name() - versionfiles = append(versionfiles, name[strings.Index(name, "-")+1:strings.Index(name, ".y")]) - } - var version string = "" - version, _ = sel(versionfiles, "Which version of the selected product would like to install?") - if version != "" { - argFile := releaseChartDir + optedProduct + "/dependancy_chart-" + version + ".yaml" - - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Preparing required services details =>", argFile, err) - return "" - } - - // Parse the yaml values - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Sourcing the the gov services matrix for your requirement => ", argFile, err) - return "" - } - - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - } - modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT's Gov services that you want to install, choose Exit to complete selection") - //if err == nil { - for result != "Exit" && err == nil { - selectedMod = append(selectedMod, result) - result, err = sel(modules, "Select the modules you want to install, you can select multiple if you wish, choose Exit to complete selection") - } - if selectedMod != nil { - for _, mod := range selectedMod { - getService(fullChart, mod, *set, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - } - } - } - return argStr -} - -func prepareDeploymentConfig(installType string) string { - - var targetConfig string = "" - - fmt.Sprintf("Now, you need to prepare the deployment configuration for the following infraType that you chose\n\t %s", installType) - - fmt.Sprintf("Prepare deployment configuration eessentially means the following, please read carefully and ensure it is available:\n\n\t 1. You need to specify your URL in which you want to application to be available\n\t 2. Depending the Gov services that you chose, following specific details should be configured\n\t\t\t 1. Notification services like SMS, Email, gateway details for OTPs, Notifications\n\t\t\t 2. Whatsapp Integration configuration for chartBot services\n\t\t\t 3. Payment Gateways if PT, TL services chosen for making the payment transactions\n\t\t\t 4. Google GeoCoding API credentials, for the location services\n\t\t\t 5.Your MDMS and configuration with your tenant and role access details\n\t 3. Your DB details \n\t 4. As per your Infra type and the actual cloud resource provisioning the Disk volumes should be mapped to the stateful services like ElasticService, Kafka, Zookeeper, etc") - - return targetConfig -} - -func deployCharts(argStr string, configFile string) { - - var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", configFile, argStr) - var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) - - confirm := []string{"Yes", "No"} - preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") - if preview == "Yes" { - fmt.Println("That's cool... preview is getting loaded. Please review it and cross check the kubernetes manifests before the deployment") - err := execCommand(previewDeployCmd) - if err == nil { - fmt.Println("You can now start actual deployment") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } else { - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } else { - endScript() - } - - } - -} - -func execRemoteCommand(user string, ip string, sshFileLocation string, command string) error { - var err error - sshPreFix := fmt.Sprintf("ssh %s@%s -i %s \"%s\" ", user, ip, sshFileLocation, command) - - cmd := exec.Command("sh", "-c", sshPreFix) - - log.Println(string(Blue), " ==> "+sshPreFix) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} -func execSingleCommand(command string) error { - var err error - - cmd := exec.Command("sh", "-c", command) - - log.Println(string(Blue), " ==> "+command) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - -// Cloud cloudLoginCredentials functions -func awslogin(accessKey string, secretKey string, sessionToken string, profile string) bool { - - var cloudLoginCredentials bool = false - var awslogincommand string = "" - - if accessKey != "" && secretKey != "" && sessionToken == "" { - awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey) - } else if sessionToken != "" { - awslogincommand = fmt.Sprintf("aws configure --profile digit-infra-aws set aws_access_key_id \"%s\" && aws configure --profile digit-infra-aws set aws_secret_access_key \"%s\" && aws configure --profile digit-infra-aws set aws_session_token \"%s\" && aws configure --profile digit-infra-aws set region \"ap-south-1\"", accessKey, secretKey, sessionToken) - } else { - awsProf := "" - profile := "" - awsProf = fmt.Sprintf("aws configure list-profiles") - out, err := execCommandWithOutput(awsProf) - if err != nil { - log.Printf("%s", err) - } - profList := strings.Fields(out) - profile, _ = sel(profList, "choose the profile with right access") - awslogincommand = fmt.Sprintf("aws configure --profile %s set region \"ap-south-1\"", profile) - // execCommand(fmt.Sprintf("aws configure list")) - - } - - log.Println(awslogincommand) - err := execSingleCommand(awslogincommand) - if err == nil { - cloudLoginCredentials = true - } - return cloudLoginCredentials -} - -func azurelogin(userName string, password string) bool { - - var cloudLoginCredentials bool = false - if userName != "" && password != "" { - azurelogincommand := fmt.Sprintf("az cloudLoginCredentials -u %s -p %s", userName, password) - err := execCommand(azurelogincommand) - if err == nil { - cloudLoginCredentials = true - } - } - return cloudLoginCredentials -} - -// Input functions - -func sel(items []string, label string) (string, error) { - var result string - var err error - prompt := promptui.Select{ - Label: label, - Items: items, - Size: 30, - } - _, result, err = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result, err -} - -func enterValue(validate promptui.ValidateFunc, label string) string { - var result string - prompt := promptui.Prompt{ - Label: label, - Validate: validate, - } - result, _ = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result -} - -func addDNS(dnsDomain string, dnsType string, dnsName string, dnsValue string) bool { - - var headers string = "Authorization: sso-key 3mM44UcBKoVvB2_Xspi4jKZqJSQUkdouMV4Ck:3pzZiuUPNxzZKu2FfUD9Sm" - - dnsCommand := fmt.Sprintf("curl -X PATCH \"https://api.godaddy.com/v1/domains/%s/records -H %s -H Content-Type: application/json --data-raw [{\"data\":\"%s\",\"name\":\"%s\",\"type\":\"%s\"}]", dnsDomain, headers, dnsValue, dnsName, dnsType) - fmt.Println(dnsCommand) - err := execSingleCommand(dnsCommand) - if err == nil { - return true - } else { - return false - } -} - -func GetKeyPair(file string) (string, string, error) { - // read keys from file - _, err := os.Stat(file) - if err == nil { - priv, err := ioutil.ReadFile(file) - if err != nil { - lumber.Debug("Failed to read file - %s", err) - goto genKeys - } - pub, err := ioutil.ReadFile(file + ".pub") - if err != nil { - lumber.Debug("Failed to read pub file - %s", err) - goto genKeys - } - return string(pub), string(priv), nil - } - - // generate keys and save to file -genKeys: - pub, priv, err := GenKeyPair() - err = ioutil.WriteFile(file, []byte(priv), 0600) - if err != nil { - return "", "", fmt.Errorf("Failed to write file - %s", err) - } - err = ioutil.WriteFile(file+".pub", []byte(pub), 0644) - if err != nil { - return "", "", fmt.Errorf("Failed to write pub file - %s", err) - } - - return pub, priv, nil -} - -func GenKeyPair() (string, string, error) { - privateKey, err := rsa.GenerateKey(rand.Reader, 2048) - if err != nil { - return "", "", err - } - - privateKeyPEM := &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(privateKey)} - var private bytes.Buffer - if err := pem.Encode(&private, privateKeyPEM); err != nil { - return "", "", err - } - - // generate public key - pub, err := ssh.NewPublicKey(&privateKey.PublicKey) - if err != nil { - return "", "", err - } - - public := ssh.MarshalAuthorizedKey(pub) - return string(public), private.String(), nil -} - -// below function can be used to store output of command to variable -func execCommandWithOutput(command string) (string, error) { - - parts := strings.Fields(command) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - - log.Println(string(Blue), " ==> "+command) - cmd := exec.Command(head, args...) - out, err := cmd.Output() - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - if err != nil { - log.Fatalf("%s", err) - } - return string(out), err -} - -// write configs to environment file -func Configsfile() { - Confirm := []string{"Yes", "No"} - var out configs.Output - State, err := ioutil.ReadFile("DIGIT-DevOps/infra-as-code/terraform/sample-aws/terraform.tfstate") - if err != nil { - log.Printf("%v", err) - } - err = json.Unmarshal(State, &out) - Config := make(map[string]interface{}) - Domain := enterValue(nil, "Enter a valid Domain name") - BranchName := enterValue(nil, "Enter Branch name") - Kvids := out.Outputs.KafkaVolIds.Value - Zvids := out.Outputs.ZookeeperVolumeIds.Value - Esdids := out.Outputs.EsDataVolumeIds.Value - Esmvids := out.Outputs.EsMasterVolumeIds.Value - con_branch := enterValue(nil, "Enter your configs git url") - mdms_branch := enterValue(nil, "Enter your mdms git url") - Config["Domain"] = Domain - Config["BranchName"] = BranchName - Config["db-host"] = out.Outputs.DbInstanceEndpoint.Value - Config["db_name"] = out.Outputs.DbInstanceName.Value - Config["configs-branch"]= con_branch - Config["mdms-branch"]= mdms_branch - println(out.Outputs.DbInstanceName.Value) - Config["file_name"] = cluster_name - smsproceed, _ := sel(Confirm, "Do You have your sms Gateway?") - if smsproceed == "Yes" { - SmsUrl := enterValue(nil, "Enter your SMS provider url") - SmsGateway := enterValue(nil, "Enter your SMS Gateway") - SmsSender := enterValue(nil, "Enter your SMS sender") - SmsUsername := enterValue(nil, "Enter EgovNotificationSms_Username") - - Config["sms-provider-url"] = SmsUrl - Config["sms-gateway-to-use"] = SmsGateway - Config["sms-sender"] = SmsSender - - SecretConfig["EgovNotificationSms_Username"]=SmsUsername - } - fileproceed, _ := sel(Confirm, "Do You need filestore?") - if fileproceed == "Yes" { - if Flag == "aws" { - bucket := enterValue(nil, "Enter the filestore bucket name") - Config["fixed-bucket"] = bucket - } - if Flag == "sdc" { - bucket := enterValue(nil, "Enter the filestore bucket name") - Config["fixed-bucket"] = bucket - } - } - botproceed, _ := sel(Confirm, "Do You need chatbot?") - configs.DeployConfig(Config, Kvids, Zvids, Esdids, Esmvids, selectedMod, smsproceed, fileproceed, botproceed, Flag) - -} - -// write to secrets -func envSecretsFile() { - generateSsh() - ssh := "" - ssh = fmt.Sprintf("cat private.pem") - Out, err := execCommandWithOutput(ssh) - if err != nil { - log.Printf("%s", err) - } - configs.SecretFile(cluster_name, Out,SecretConfig) -} - -// generate ssh key to configs file -func generateSsh() { - // generate key - privatekey, err := rsa.GenerateKey(rand.Reader, 2048) - if err != nil { - fmt.Printf("Cannot generate RSA keyn") - os.Exit(1) - } - publickey := &privatekey.PublicKey - - // dump private key to file - var privateKeyBytes []byte = x509.MarshalPKCS1PrivateKey(privatekey) - privateKeyBlock := &pem.Block{ - Type: "RSA PRIVATE KEY", - Bytes: privateKeyBytes, - } - privatePem, err := os.Create("private.pem") - if err != nil { - fmt.Printf("error when create private.pem: %s n", err) - os.Exit(1) - } - err = pem.Encode(privatePem, privateKeyBlock) - if err != nil { - fmt.Printf("error when encode private pem: %s n", err) - os.Exit(1) - } - - // dump public key to file - publicKeyBytes, err := x509.MarshalPKIXPublicKey(publickey) - if err != nil { - fmt.Printf("error when dumping publickey: %s n", err) - os.Exit(1) - } - publicKeyBlock := &pem.Block{ - Type: "PUBLIC KEY", - Bytes: publicKeyBytes, - } - publicPem, err := os.Create("public.pem") - if err != nil { - fmt.Printf("error when create public.pem: %s n", err) - os.Exit(1) - } - err = pem.Encode(publicPem, publicKeyBlock) - if err != nil { - fmt.Printf("error when encode public pem: %s n", err) - os.Exit(1) - } -} - -func endScript() { - fmt.Println("Take your time, You can come back at any time ... Thank for leveraging me :)!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a good day !!!") - return -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod deleted file mode 100644 index 4d7cba03c3..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.mod +++ /dev/null @@ -1,20 +0,0 @@ -module deployer - -go 1.13 - -require ( - github.com/bramvdbogaerde/go-scp v1.2.0 - github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 - github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a // indirect - github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a // indirect - github.com/manifoldco/promptui v0.9.0 - github.com/mattn/go-colorable v0.0.9 // indirect - github.com/mattn/go-isatty v0.0.4 // indirect - github.com/mitchellh/go-homedir v1.1.0 - github.com/spf13/cobra v0.0.5 - github.com/spf13/viper v1.6.1 - github.com/stretchr/testify v1.4.0 // indirect - golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a - gopkg.in/yaml.v2 v2.2.4 - gopkg.in/yaml.v3 v3.0.1 -) diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum b/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum deleted file mode 100644 index 7b7cdac3d4..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/go.sum +++ /dev/null @@ -1,206 +0,0 @@ -cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= -github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= -github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= -github.com/bramvdbogaerde/go-scp v1.2.0 h1:mNF1lCXQ6jQcxCBBuc2g/CQwVy/4QONaoD5Aqg9r+Zg= -github.com/bramvdbogaerde/go-scp v1.2.0/go.mod h1:s4ZldBoRAOgUg8IrRP2Urmq5qqd2yPXQTPshACY8vQ0= -github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/chzyer/logex v1.1.10 h1:Swpa1K6QvQznwJRcfTfQJmTE72DqScAa40E+fbHEXEE= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e h1:fY5BOSpyZCqRo5OhCuC+XN+r/bBCmeuuJtjz+bCNIf8= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 h1:q763qf9huN11kDQavWsoZXJNW3xEE4JJyHa5Q25/sd8= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= -github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= -github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= -github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= -github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= -github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= -github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= -github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25 h1:EFT6MH3igZK/dIVqgGbTqWVvkZ7wJ5iGN03SVtvvdd8= -github.com/jcelliott/lumber v0.0.0-20160324203708-dd349441af25/go.mod h1:sWkGw/wsaHtRsT9zGQ/WyJCotGWG/Anow/9hsAcBWRw= -github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a/go.mod h1:UJSiEoRfvx3hP73CvoARgeLjaIOjybY9vj8PUPPFGeU= -github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= -github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/lunixbochs/vtclean v0.0.0-20180621232353-2d01aacdc34a/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/magiconair/properties v1.8.1 h1:ZC2Vc7/ZFkGmsVC9KvOjumD+G5lXy2RtTKyzRKO2BQ4= -github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= -github.com/manifoldco/promptui v0.9.0 h1:3V4HzJk1TtXW1MTZMP7mdlwbBpIinw3HztaIlYthEiA= -github.com/manifoldco/promptui v0.9.0/go.mod h1:ka04sppxSGFAtxX0qhlYQjISsg9mR4GWtQEhdbn6Pgg= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= -github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= -github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= -github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= -github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= -github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= -github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2 h1:m8/z1t7/fwjysjQRYbP0RD+bUIF/8tJwPdEZsI83ACI= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.5 h1:f0B+LkLX6DtmRH1isoNA9VTtNUK9K8xYd28JNNfOv/s= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/jwalterweatherman v1.0.0 h1:XHEdyB+EcvlqZamSM4ZOMGlc93t6AcsBEu9Gc1vn7yk= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/spf13/viper v1.6.1 h1:VPZzIkznI1YhVMRi6vNFLHSwhnhReBfgTxIPccpfdZk= -github.com/spf13/viper v1.6.1/go.mod h1:t3iDnF5Jlj76alVNuyFBk5oUMCvsrkbvZK0WQdfDi5k= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= -github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= -github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= -github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= -go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 h1:VklqNMn3ovrHsnt90PveolxSbWFaJdECFbxSq0Mqo2M= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc= -golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= -golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= -golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be h1:vEDujvNQGv4jgYKudGeI/+DAX4Jffq6hpD55MmoEvKs= -golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg= -golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea h1:+WiDlPBBaO+h9vPNZi8uJ3k4BkKQB7Iow3aqwHVA5hI= -golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= -golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ= -golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -google.golang.org/appengine v1.1.0 h1:igQkv0AAhEIvTEpD5LIpAfav2eeVO9HBTjvKHVJPRSs= -google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= -google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= -google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= -gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/ini.v1 v1.51.0 h1:AQvPpx3LzTDM0AjnIRlVFwFFGC+npRopjZxLJj6gdno= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= -gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md deleted file mode 100644 index f00d95b5e0..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/README.md +++ /dev/null @@ -1,14 +0,0 @@ -# `/internal` - -Private application and library code. This is the code you don't want others importing in their applications or libraries. Note that this layout pattern is enforced by the Go compiler itself. See the Go 1.4 [`release notes`](https://golang.org/doc/go1.4#internalpackages) for more details. Note that you are not limited to the top level `internal` directory. You can have more than one `internal` directory at any level of your project tree. - -You can optionally add a bit of extra structure to your internal packages to separate your shared and non-shared internal code. It's not required (especially for smaller projects), but it's nice to have visual clues showing the intended package use. Your actual application code can go in the `/internal/app` directory (e.g., `/internal/app/myapp`) and the code shared by those apps in the `/internal/pkg` directory (e.g., `/internal/pkg/myprivlib`). - -Examples: - -* https://github.com/hashicorp/terraform/tree/master/internal -* https://github.com/influxdata/influxdb/tree/master/internal -* https://github.com/perkeep/perkeep/tree/master/internal -* https://github.com/jaegertracing/jaeger/tree/master/internal -* https://github.com/moby/moby/tree/master/internal -* https://github.com/satellity/satellity/tree/master/internal diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/app/_your_app_/.keep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep b/deploy-as-code/helm/environments/deploy-as-code/deployer/internal/pkg/_your_private_lib_/.keep deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go deleted file mode 100644 index 9031614abe..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/main.go +++ /dev/null @@ -1,22 +0,0 @@ -/* -Copyright © 2019 NAME HERE - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ -package main - -import "deployer/cmd" - -func main() { - cmd.Execute() -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md deleted file mode 100644 index 055207afc5..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/README.md +++ /dev/null @@ -1,58 +0,0 @@ -# `/pkg` - -Library code that's ok to use by external applications (e.g., `/pkg/mypubliclib`). Other projects will import these libraries expecting them to work, so think twice before you put something here :-) Note that the `internal` directory is a better way to ensure your private packages are not importable because it's enforced by Go. The `/pkg` directory is still a good way to explicitly communicate that the code in that directory is safe for use by others. The [`I'll take pkg over internal`](https://travisjeffery.com/b/2019/11/i-ll-take-pkg-over-internal/) blog post by Travis Jeffery provides a good overview of the `pkg` and `internal` directories and when it might make sense to use them. - -It's also a way to group Go code in one place when your root directory contains lots of non-Go components and directories making it easier to run various Go tools (as mentioned in these talks: [`Best Practices for Industrial Programming`](https://www.youtube.com/watch?v=PTE4VJIdHPg) from GopherCon EU 2018, [GopherCon 2018: Kat Zien - How Do You Structure Your Go Apps](https://www.youtube.com/watch?v=oL6JBUk6tj0) and [GoLab 2018 - Massimiliano Pippi - Project layout patterns in Go](https://www.youtube.com/watch?v=3gQa1LWwuzk)). - -Note that this is not a universally accepted pattern and for every popular repo that uses it you can find 10 that don't. It's up to you to decide if you want to use this pattern or not. Regardless of whether or not it's a good pattern more people will know what you mean than not. It is a bit confusing for new Go devs, but it's a pretty simple confusion to resolve and that's one of the goals for this project layout repo. - -Ok not to use it if your app project is really small and where an extra level of nesting doesn't add much value (unless you really want to). Think about it when it's getting big enough and your root directory gets pretty busy (especially if you have a lot of non-Go app components). - -Examples: - -* https://github.com/gogs/gogs/tree/master/pkg -* https://github.com/prometheus/prometheus/tree/master/pkg -* https://github.com/jaegertracing/jaeger/tree/master/pkg -* https://github.com/istio/istio/tree/master/pkg -* https://github.com/google/gvisor/tree/master/pkg -* https://github.com/google/syzkaller/tree/master/pkg -* https://github.com/perkeep/perkeep/tree/master/pkg -* https://github.com/minio/minio/tree/master/pkg -* https://github.com/heptio/ark/tree/master/pkg -* https://github.com/argoproj/argo/tree/master/pkg -* https://github.com/heptio/sonobuoy/tree/master/pkg -* https://github.com/helm/helm/tree/master/pkg -* https://github.com/kubernetes/kubernetes/tree/master/pkg -* https://github.com/kubernetes/kops/tree/master/pkg -* https://github.com/moby/moby/tree/master/pkg -* https://github.com/grafana/grafana/tree/master/pkg -* https://github.com/influxdata/influxdb/tree/master/pkg -* https://github.com/cockroachdb/cockroach/tree/master/pkg -* https://github.com/derekparker/delve/tree/master/pkg -* https://github.com/etcd-io/etcd/tree/master/pkg -* https://github.com/oklog/oklog/tree/master/pkg -* https://github.com/flynn/flynn/tree/master/pkg -* https://github.com/jesseduffield/lazygit/tree/master/pkg -* https://github.com/gopasspw/gopass/tree/master/pkg -* https://github.com/sourcegraph/sourcegraph/tree/master/pkg -* https://github.com/sosedoff/pgweb/tree/master/pkg -* https://github.com/GoogleContainerTools/skaffold/tree/master/pkg -* https://github.com/knative/serving/tree/master/pkg -* https://github.com/grafana/loki/tree/master/pkg -* https://github.com/bloomberg/goldpinger/tree/master/pkg -* https://github.com/crossplaneio/crossplane/tree/master/pkg -* https://github.com/Ne0nd0g/merlin/tree/master/pkg -* https://github.com/jenkins-x/jx/tree/master/pkg -* https://github.com/DataDog/datadog-agent/tree/master/pkg -* https://github.com/dapr/dapr/tree/master/pkg -* https://github.com/cortexproject/cortex/tree/master/pkg -* https://github.com/dexidp/dex/tree/master/pkg -* https://github.com/pusher/oauth2_proxy/tree/master/pkg -* https://github.com/pdfcpu/pdfcpu/tree/master/pkg -* https://github.com/weaveworks/kured -* https://github.com/weaveworks/footloose -* https://github.com/weaveworks/ignite -* https://github.com/tmrts/boilr/tree/master/pkg - - - diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go deleted file mode 100644 index 37a259d2b6..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/deployer.go +++ /dev/null @@ -1,262 +0,0 @@ -package deployer - -import ( - "bytes" - "fmt" - "io/ioutil" - "log" - "os" - "os/exec" - "path/filepath" - "strings" -) - -// DeployCharts deploys render all charts using helm template and deploy them using kubectl apply --recursive -func DeployCharts(options Options) { - - configDir, _ := filepath.Abs(options.ConfigDir) - var helmDir = configDir + "/helm" - log.Println(configDir) - log.Println("Helm Directory - " + helmDir) - - index := buildIndex(helmDir) - envOverrideFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s.yaml", options.Environment)) - - if options.ClusterConfigs && !options.Print { - envSecretFile := filepath.FromSlash(fmt.Sprintf(configDir+"/environments/%s-secrets.yaml", options.Environment)) - deployClusterConfigs(index, helmDir, envOverrideFile, envSecretFile) - } - - services := strings.Split(options.Images, ",") - for _, service := range services { - - var name, helmTemplate, args = "", "", make([]string, 0, 10) - - log.Printf("------------------------------------ DEPLOYING %s ------------------------------------", service) - repository, tag := getDockerComponents(service) - serviceChartDirectory, ok := index[repository] - - name = repository - args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) - args = append(args, fmt.Sprintf("--set name=%s", name)) - - if ok && serviceChartDirectory != "" { - log.Println(serviceChartDirectory) - } else { - log.Panicln("Service chart not found: " + repository) - } - - if tag == "" { - clusterImage := getImageTagFromCluster(name) - if clusterImage != "" { - _, tag = getDockerComponents(clusterImage) - args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) - args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) - log.Printf("Fetched image from cluster, %s:%s", repository, tag) - } - } else { - args = append(args, fmt.Sprintf("--set image.tag=%s", tag)) - args = append(args, fmt.Sprintf("--set initContainers.dbMigration.image.tag=%s", tag)) - } - - altServiceOverrideFile := filepath.FromSlash(fmt.Sprintf(serviceChartDirectory+"/%s-values.yaml", name)) - if _, err := os.Stat(altServiceOverrideFile); err == nil { - args = append(args, fmt.Sprintf("-f %s", altServiceOverrideFile)) - log.Printf("Applying values from %s-values.yaml", name) - } - - helmDepUpdate := "helm dep update" - execCommand(helmDepUpdate, serviceChartDirectory) - - if !options.Print { - tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") - if err != nil { - log.Panicln("Cannot create temporary directory", err) - } - - deployCrds(serviceChartDirectory) - // Clean up folder after function exists - defer os.RemoveAll(tmpDir) - args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - - log.Printf("Generating final manifests to directory : %s ", tmpDir) - helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - execCommand(helmTemplate, serviceChartDirectory) - - log.Println("Applying manifests to the cluster ") - kubeApplyCmd := "kubectl apply --recursive -f ." - out := execCommand(kubeApplyCmd, tmpDir) - log.Println(out.String()) - - } else { - helmTemplate = fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - log.Printf("Executing %s", helmTemplate) - out := execCommand(helmTemplate, serviceChartDirectory) - fmt.Println(out.String()) - } - - } - -} - -func deployCrds(serviceChartDirectory string) { - crdsDirectory := serviceChartDirectory + string(os.PathSeparator) + "crds" - if _, err := os.Stat(crdsDirectory); err == nil { - log.Println("CRDS Directory found, applying CRDS!") - applyCrds := fmt.Sprintf("kubectl apply --recursive -f %s", serviceChartDirectory+string(os.PathSeparator)+"crds") - - out := execCommandRaw(applyCrds, serviceChartDirectory, false) - log.Println(out.String()) - } - -} - -func getImageTagFromCluster(service string) (tag string) { - kubectlGetImageCmd := fmt.Sprintf("kubectl get deployments -l app=%s --all-namespaces -o=jsonpath={.items[*].spec.template.spec.containers[:1].image}", service) - - output := execCommandRaw(kubectlGetImageCmd, "", true) - return output.String() - -} - -func deployClusterConfigs(index map[string]string, configDir string, envOverrideFile string, envSecretFile string) { - - log.Println("------------------------------------ DEPLOYING CLUSTER CONFIGS ------------------------------------") - clusterConfigDir, ok := index["cluster-configs"] - - if ok && clusterConfigDir != "" { - fmt.Println(clusterConfigDir) - } else { - log.Panicln("Cluster configs not found") - } - - var args = make([]string, 0, 10) - - args = append(args, fmt.Sprintf("-f %s", envOverrideFile)) - - tmpDir, err := ioutil.TempDir(os.TempDir(), "helm-") - if err != nil { - log.Panicln("Failed to create temporary directory", err) - } - - tmpDecFile, err := ioutil.TempFile(tmpDir, "helm-dec-") - if err != nil { - log.Panicln("Failed to create temporary file", err) - } - // Clean up folder after function exists - defer os.RemoveAll(tmpDir) - args = append(args, fmt.Sprintf("--output-dir %s", tmpDir)) - fmt.Println("Before Trimming" + configDir) - - sopsDir := strings.Trim(configDir, "/helm") - fmt.Println("path to sops file: " + sopsDir) - if _, err := os.Stat(sopsDir + "/.sops.yaml"); os.IsNotExist(err) { - fmt.Println("Sops file not found") - fmt.Println(err) - args = append(args, fmt.Sprintf("-f %s", envSecretFile)) - } else { - sopsDecryptCmd := fmt.Sprintf("sops -d --output %s %s", tmpDecFile.Name(), envSecretFile) - execCommand(sopsDecryptCmd, configDir) - args = append(args, fmt.Sprintf("-f %s", tmpDecFile.Name())) - } - - helmTemplate := fmt.Sprintf("helm template %s .", strings.Join(args[:], " ")) - log.Println(helmTemplate) - execCommand(helmTemplate, clusterConfigDir) - - kubeApplyCmd := "kubectl apply --recursive -f ." - out := execCommandRaw(kubeApplyCmd, tmpDir+string(os.PathSeparator)+"cluster-configs"+string(os.PathSeparator)+"templates", false) - log.Println(out.String()) -} - -func getDockerComponents(image string) (repository string, tag string) { - image = strings.Trim(strings.Replace(image, "-db:", ":", 1), " ") - components := strings.Split(image, ":") - - if len(components) == 2 { - tag = components[1] - } - - domainComponents := strings.Split(components[0], "/") - repository = domainComponents[len(domainComponents)-1] - - return -} - -func getServiceChartDirectory(baseDirectory string, service string) (serviceChartDirectory string, err error) { - - err = filepath.Walk(baseDirectory, - func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if info.IsDir() && strings.EqualFold(info.Name(), service) { - serviceChartDirectory = path - } - return nil - }) - - return serviceChartDirectory, err -} - -func buildIndex(chartsDirectory string) (m map[string]string) { - m = make(map[string]string) - filepath.Walk(chartsDirectory, - func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - - if strings.Contains(info.Name(), "values.yaml") { - if strings.EqualFold(info.Name(), "values.yaml") { - addToMap(m, filepath.Base(filepath.Dir(path)), filepath.Dir(path)) - } else { - svc := strings.Replace(info.Name(), "-values.yaml", "", 1) - addToMap(m, svc, filepath.Dir(path)) - } - } - - return nil - }) - - return m - -} - -func addToMap(m map[string]string, k string, v string) { - if _, ok := m[k]; ok { - log.Printf("Duplicate service found %s! This will lead to undesired results, fix it! \n", k) - } - - m[k] = v -} - -func execCommand(command string, commandDirectory string) (out bytes.Buffer) { - return execCommandRaw(command, commandDirectory, false) -} - -func execCommandRaw(command string, commandDirectory string, suppressErrors bool) (out bytes.Buffer) { - var err error - parts := strings.Fields(command) - head := parts[0] - parts = parts[1:len(parts)] - - // fmt.Println(command) - cmd := exec.Command(head, parts...) - var output bytes.Buffer - var stderr bytes.Buffer - cmd.Stdout = &output - cmd.Stderr = &stderr - if commandDirectory != "" { - if _, err := os.Stat(commandDirectory); err == nil { - cmd.Dir = commandDirectory - } else { - log.Panicln("Error applying manifests ", err) - } - } - err = cmd.Run() - if err != nil && !suppressErrors { - log.Panicln(fmt.Sprint(err) + ": " + stderr.String()) - } - return output -} diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go deleted file mode 100644 index fb56ca7032..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/pkg/cmd/deployer/options.go +++ /dev/null @@ -1,38 +0,0 @@ -package deployer - -type Options struct { - ConfigDir string - Images string - Environment string - ClusterConfigs bool - Print bool -} - -// func (o *Options) SetImages(images string) { -// o.images = images -// } - -// func (o Options) Images() string { -// return o.images - -// } - -// func (o Options) Environment() string { -// return o.environment - -// } - -// func (o Options) ClusterConfigs() bool { -// return o.clusterConfigs - -// } - -// func (o Options) DryRun() bool { -// return o.dryRun - -// } - -// func (o Options) Print() bool { -// return o.print - -// } diff --git a/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go b/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go deleted file mode 100644 index 6a6dc52a7b..0000000000 --- a/deploy-as-code/helm/environments/deploy-as-code/deployer/standalone_installer.go +++ /dev/null @@ -1,317 +0,0 @@ -package main - -import ( - "bytes" - "container/list" - "errors" - "fmt" - "io" - "io/ioutil" - "log" - "os" - "os/exec" - "strings" - s "strings" - - "github.com/manifoldco/promptui" - "gopkg.in/yaml.v2" -) - -var Reset = "\033[0m" -var Red = "\033[31m" -var Green = "\033[32m" -var Yellow = "\033[33m" -var Blue = "\033[34m" -var Purple = "\033[35m" -var Cyan = "\033[36m" -var Gray = "\033[37m" -var White = "\033[97m" - -//Defining a struct to parse the yaml file -type Digit struct { - Version string `yaml:"version"` - Modules []struct { - Name string `yaml:"name"` - Services []string `yaml:"services"` - Dependencies []string `yaml:"dependencies,omitempty"` - } `yaml:"modules"` -} - -type Set struct { - set map[string]bool -} - -func NewSet() *Set { - return &Set{make(map[string]bool)} -} -func (set *Set) Add(i string) bool { - _, found := set.set[i] - set.set[i] = true - return !found //False if it existed already -} -func (set *Set) Get(i string) bool { - _, found := set.set[i] - return found -} - -func main() { - var versionfiles []string - var envfiles []string - var modules []string - var selectedMod []string - svclist := list.New() - set := NewSet() - var argStr string = "" - var releaseChartDir string = "../../config-as-code/product-release-charts/" - - fmt.Println(string(Green), "\n******* Welcome to DIGIT INSTALLATION!!! Please ensure the Pre-requsites before you proceed *********\n") - const sPreReq = "\bPre-requsites (Please Read Carefully):\n\tDIGIT Platform is a combination of multiple microservices that are packaged as docker containers that can be run on any supported infra like dockercompose, kubernetes, etc. Here we'll have a setup baselined for kubernetes.\nHence the following are mandatory to have it before you proceed.\n\t1. Kubernetes(K8s) Cluster.\n\t\t[a] Local: If you do not have k8s, using this link you can create k8s cluster on your local or on a VM.\n\t\t[b] Cloud: If you have your cloud account like AWS, Azure, GCP, SDC or NIC you can follow this link to create k8s.\n\t2. Post the k8s cluster creation you should get the Kubeconfig file, which you have saved in your local machine.\n\t3. Helm installed on your local, follow this link to install\n\t4. Target Env Deployment config file, refer here for the sample template and fill your env specific values.\n\t5. If you want to use encrypted values instead of plain-text for your sensitive configuration, install sops by using this link.\n\nWell! We are good to get started when all the above pre-requistes are met, if not abort it here (Ctl+c) set-it up, come back and rerun the script." - // Get the Proceedual of the user - fmt.Println(string(Cyan), sPreReq) - //var proceedQuestion string - preReqConfirm := []string{"Yes", "No"} - var proceed string = "" - proceed, _ = sel(preReqConfirm, "Are you good to proceed?") - if proceed == "Yes" { - contextset := setClusterContext() - if contextset { - // Get the versions from the chart and display it to user to select - file, err := os.Open(releaseChartDir) - if err != nil { - log.Fatalf("failed opening directory: %s", err) - } - defer file.Close() - - prodList, _ := file.Readdirnames(0) // 0 to read all files and folders - - var product string = "" - product, _ = sel(prodList, "Which Product would you like to install, Please Select") - if product != "" { - files, err := ioutil.ReadDir(releaseChartDir + product) - if err != nil { - log.Fatal(err) - } - - for _, f := range files { - name := f.Name() - versionfiles = append(versionfiles, name[s.Index(name, "-")+1:s.Index(name, ".y")]) - } - var version string = "" - version, _ = sel(versionfiles, "Which version of the product would like to install, Select below") - if version != "" { - argFile := releaseChartDir + product + "/dependancy_chart-" + version + ".yaml" - - // Decode the yaml file and assigning the values to a map - chartFile, err := ioutil.ReadFile(argFile) - if err != nil { - fmt.Println("\n\tERROR: Reading file =>", argFile, err) - return - } - - // Parse the yaml values - fullChart := Digit{} - err = yaml.Unmarshal(chartFile, &fullChart) - if err != nil { - fmt.Println("\n\tERROR: Parsing => ", argFile, err) - return - } - - // Mapping the images to servicename - var m = make(map[string][]string) - for _, s := range fullChart.Modules { - m[s.Name] = s.Services - if strings.Contains(s.Name, "m_") { - modules = append(modules, s.Name) - } - } - modules = append(modules, "Exit") - result, err := sel(modules, "Select the DIGIT modules that you want to install, choose Exit to complete selection") - //if err == nil { - for result != "Exit" && err == nil { - selectedMod = append(selectedMod, result) - result, err = sel(modules, "Select the modules you want to install, choose Exit to complete selection") - } - if selectedMod != nil { - for _, mod := range selectedMod { - getService(fullChart, mod, *set, svclist) - } - for element := svclist.Front(); element != nil; element = element.Next() { - imglist := m[element.Value.(string)] - imglistsize := len(imglist) - for i, service := range imglist { - argStr = argStr + service - if !(element.Next() == nil && i == imglistsize-1) { - argStr = argStr + "," - } - - } - } - - envfilesFromDir, err := ioutil.ReadDir("../../config-as-code/environments/") - if err != nil { - log.Fatal(err) - } - for _, envfile := range envfilesFromDir { - filename := envfile.Name() - if !s.Contains(filename, "secrets") && !s.Contains(filename,".DS_Store") { - log.Println(filename) - envfiles = append(envfiles, filename[0:s.Index(filename, ".yaml")]) - } - } - - // Choose the env - var env string = "" - env, err = sel(envfiles, "Choose the target env files that are identified from your local configs") - if env != "" { - confirm := []string{"Yes", "No"} - - var goDeployCmd string = fmt.Sprintf("go run main.go deploy -c -e %s %s", env, argStr) - var previewDeployCmd string = fmt.Sprintf("%s -p", goDeployCmd) - - preview, _ := sel(confirm, "Do you want to preview the k8s manifests before the actual Deployment") - - if preview == "Yes" { - fmt.Println("That's cool... The preview is getting loaded. Please review it and decide to proceed with the deployment") - err := execCommand(previewDeployCmd) - if err == nil { - fmt.Println("You can now start actual deployment") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } else { - consent, _ := sel(confirm, "Are we good to proceed with the actual deployment?") - if consent == "Yes" { - fmt.Println("Whola!, That's great... Sit back and wait for the deployment to complete in about 10 min") - err := execCommand(goDeployCmd) - if err == nil { - fmt.Println("We are done with the deployment. You can start using the services. Thank You!!!") - fmt.Println("Hope I made your life easy with the deployment ... Have a goodd day !!!") - return - } else { - fmt.Println("Something went wrong, refer the error\n") - fmt.Println(err) - } - } - - } - } - } - } - } - } - } - fmt.Println("") - endScript() -} - -func getService(fullChart Digit, service string, set Set, svclist *list.List) { - for _, s := range fullChart.Modules { - if s.Name == service { - if set.Add(service) { - svclist.PushFront(service) //Add services into the list - if s.Dependencies != nil { - for _, deps := range s.Dependencies { - getService(fullChart, deps, set, svclist) - } - } - } - } - } -} - -func execCommand(command string) error { - var err error - parts := strings.Fields(command) - //log.Println("Printing full command part", parts) - // The first part is the command, the rest are the args: - head := parts[0] - args := parts[1:len(parts)] - // Format the command - cmd := exec.Command(head, args...) - - var stdoutBuf, stderrBuf bytes.Buffer - cmd.Stdout = io.MultiWriter(os.Stdout, &stdoutBuf) - cmd.Stderr = io.MultiWriter(os.Stderr, &stderrBuf) - - err = cmd.Run() - if err != nil { - log.Fatalf("cmd.Run() failed with %s\n", err) - } - return err -} - -func setClusterContext() bool { - var contextset bool = false - var kubeconfig string = "" - - validatepath := func(input string) error { - _, err := os.Stat(input) - if os.IsNotExist(err) { - return errors.New("The File does not exist in the given path") - } - return nil - } - - kubeconfig = enterValue(validatepath, "Please enter the fully qualified path of your kubeconfig file") - - if kubeconfig != "" { - getcontextcmd := fmt.Sprintf("kubectl config get-contexts --kubeconfig=%s", kubeconfig) - err := execCommand(getcontextcmd) - if err == nil { - context := enterValue(nil, "Please enter the cluster context to be used from the avaliable contexts") - if context != "" { - usecontextcmd := fmt.Sprintf("kubectl config use-context %s --kubeconfig=%s", context, kubeconfig) - err := execCommand(usecontextcmd) - if err == nil { - contextset = true - } - } - } - } - return contextset -} - -func sel(items []string, label string) (string, error) { - var result string - var err error - prompt := promptui.Select{ - Label: label, - Items: items, - Size: 30, - } - _, result, err = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result, err -} - -func enterValue(validate promptui.ValidateFunc, label string) string { - var result string - prompt := promptui.Prompt{ - Label: label, - Validate: validate, - } - result, _ = prompt.Run() - - //if err != nil { - // fmt.Printf("Invalid Selection %v\n", err) - //} - return result -} - -func endScript() { - fmt.Println("Take your time, You can come back at any time ... Thank You!!!") - return -} From c42f6674e6b4c578216ff194021e5d413fcfbd6a Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 30 Jan 2024 12:49:23 +0530 Subject: [PATCH 700/742] added new new helm charts (#2362) Co-authored-by: Harish-egov --- .../backbone-services/cert-manager/.gitignore | 3 + .../cert-manager/.helmignore | 27 + .../backbone-services/cert-manager/Chart.yaml | 34 +- .../{README.md => README.template.md} | 98 +- .../cert-manager/crds/README.md | 18 + .../crds/crd-certificaterequests.yaml | 195 + .../cert-manager/crds/crd-certificates.yaml | 442 ++ .../cert-manager/crds/crd-challenges.yaml | 1123 +++++ .../cert-manager/crds/crd-issuers.yaml | 1370 ++++++ .../cert-manager/crds/crd-orders.yaml | 179 + .../cert-manager/crds/crds.yaml | 4178 ----------------- .../cert-manager/signkey_annotation.txt | 2 + .../cert-manager/templates/_helpers.tpl | 36 +- .../templates/cainjector-config.yaml | 18 + .../templates/cainjector-deployment.yaml | 32 +- .../cainjector-poddisruptionbudget.yaml | 29 + .../cainjector-psp-clusterrolebinding.yaml | 2 +- .../templates/cainjector-rbac.yaml | 17 +- .../templates/cainjector-serviceaccount.yaml | 3 + .../templates/controller-config.yaml | 18 + .../cert-manager/templates/deployment.yaml | 92 +- .../templates/networkpolicy-egress.yaml | 23 + .../templates/networkpolicy-webhooks.yaml | 25 + .../templates/poddisruptionbudget.yaml | 29 + .../cert-manager/templates/podmonitor.yaml | 50 + .../cert-manager/templates/rbac.yaml | 56 +- .../templates/serviceaccount.yaml | 3 + .../templates/servicemonitor.yaml | 15 +- .../templates/startupapicheck-job.yaml | 18 +- .../startupapicheck-serviceaccount.yaml | 3 + .../templates/webhook-config.yaml | 16 +- .../templates/webhook-deployment.yaml | 59 +- .../templates/webhook-mutating-webhook.yaml | 10 +- .../webhook-poddisruptionbudget.yaml | 29 + .../templates/webhook-psp-clusterrole.yaml | 2 +- .../templates/webhook-serviceaccount.yaml | 3 + .../templates/webhook-validating-webhook.yaml | 12 +- .../cert-manager/values.yaml | 406 +- .../elasticsearch-data-infra-v1-values.yaml | 2 +- ...es.yaml => elasticsearch-data-values.yaml} | 63 +- .../elasticsearch-master-infra-v1-values.yaml | 2 +- ....yaml => elasticsearch-master-values.yaml} | 34 +- .../elasticsearch/templates/_helpers.tpl | 42 +- .../templates/persistentvolume.yaml | 55 - .../templates/poddisruptionbudget.yaml | 2 +- .../elasticsearch/templates/secret-cert.yaml | 15 + .../elasticsearch/templates/secret.yaml | 21 + .../elasticsearch/templates/statefulset.yaml | 107 +- .../kafka-connect/values.yaml | 2 +- .../backbone-services/kafka-kraft/Chart.yaml | 4 +- .../backbone-services/kafka-kraft/values.yaml | 2 +- .../backbone-services/kibana/.helmignore | 2 + .../backbone-services/kibana/Chart.yaml | 12 + .../charts/backbone-services/kibana/Makefile | 1 + .../charts/backbone-services/kibana/README.md | 266 ++ .../kibana/templates/NOTES.txt | 6 + .../kibana/templates/_helpers.tpl | 36 + .../templates/configmap-helm-scripts.yaml | 176 + .../kibana/templates/configmap.yaml | 13 + .../kibana/templates/deployment.yaml | 201 + .../kibana/templates/ingress.yaml | 59 + .../kibana/templates/pre-install-job.yaml | 55 + .../kibana/templates/pre-install-role.yaml | 22 + .../templates/pre-install-rolebinding.yaml | 22 + .../templates/pre-install-serviceaccount.yaml | 14 + .../kibana/templates/service.yaml | 34 + .../backbone-services/postgres/values.yaml | 2 +- .../backbone-services/redis/values.yaml | 2 +- 68 files changed, 5457 insertions(+), 4492 deletions(-) create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/.gitignore create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore rename deploy-as-code/helm/charts/backbone-services/cert-manager/{README.md => README.template.md} (68%) create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/README.md create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificaterequests.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificates.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-challenges.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-issuers.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-orders.yaml delete mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/signkey_annotation.txt create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-config.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-poddisruptionbudget.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/controller-config.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-egress.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-webhooks.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/poddisruptionbudget.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/podmonitor.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-poddisruptionbudget.yaml rename deploy-as-code/helm/charts/backbone-services/elasticsearch/{elasticsearch-data-v1-values.yaml => elasticsearch-data-values.yaml} (81%) rename deploy-as-code/helm/charts/backbone-services/elasticsearch/{elasticsearch-master-v1-values.yaml => elasticsearch-master-values.yaml} (94%) delete mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret-cert.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/.helmignore create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/Chart.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/Makefile create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/README.md create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/NOTES.txt create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/_helpers.tpl create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap-helm-scripts.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/ingress.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-job.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-role.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/backbone-services/kibana/templates/service.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/.gitignore b/deploy-as-code/helm/charts/backbone-services/cert-manager/.gitignore new file mode 100644 index 0000000000..bd628ad107 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/.gitignore @@ -0,0 +1,3 @@ +*.tgz +charts/* +requirements.lock diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore b/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore new file mode 100644 index 0000000000..8842b30844 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/.helmignore @@ -0,0 +1,27 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +BUILD.bazel +Chart.template.yaml +README.template.md +OWNERS +cert-manager*.tgz diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml index f88c9b091e..649d105c9a 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/Chart.yaml @@ -1,19 +1,23 @@ -annotations: - artifacthub.io/prerelease: "false" apiVersion: v1 -appVersion: v1.7.3 +name: cert-manager +# The version and appVersion fields are set automatically by the release tool +version: v1.13.3 +appVersion: v1.13.3 +kubeVersion: ">= 1.22.0-0" description: A Helm chart for cert-manager -home: https://github.com/jetstack/cert-manager -icon: https://raw.githubusercontent.com/jetstack/cert-manager/master/logo/logo.png +home: https://github.com/cert-manager/cert-manager +icon: https://raw.githubusercontent.com/cert-manager/cert-manager/d53c0b9270f8cd90d908460d69502694e1838f5f/logo/logo-small.png keywords: -- cert-manager -- kube-lego -- letsencrypt -- tls -maintainers: -- email: cert-manager-maintainers@googlegroups.com - name: cert-manager-maintainers -name: cert-manager + - cert-manager + - kube-lego + - letsencrypt + - tls sources: -- https://github.com/jetstack/cert-manager -version: v1.7.3 + - https://github.com/cert-manager/cert-manager +maintainers: + - name: cert-manager-maintainers + email: cert-manager-maintainers@googlegroups.com + url: https://cert-manager.io +annotations: + artifacthub.io/license: Apache-2.0 + artifacthub.io/prerelease: "{{IS_PRERELEASE}}" diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/README.md b/deploy-as-code/helm/charts/backbone-services/cert-manager/README.template.md similarity index 68% rename from deploy-as-code/helm/charts/backbone-services/cert-manager/README.md rename to deploy-as-code/helm/charts/backbone-services/cert-manager/README.template.md index ca13f38158..fb62fb0753 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/README.md +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/README.template.md @@ -8,7 +8,7 @@ to renew certificates at an appropriate time before expiry. ## Prerequisites -- Kubernetes 1.18+ +- Kubernetes 1.22+ ## Installing the Chart @@ -19,7 +19,7 @@ Before installing the chart, you must first install the cert-manager CustomResou This is performed in a separate step to allow you to easily uninstall and reinstall cert-manager without deleting your installed custom resources. ```bash -$ kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.7.3/cert-manager.crds.yaml +$ kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/{{RELEASE_VERSION}}/cert-manager.crds.yaml ``` To install the chart with the release name `my-release`: @@ -29,7 +29,7 @@ To install the chart with the release name `my-release`: $ helm repo add jetstack https://charts.jetstack.io ## Install the cert-manager helm chart -$ helm install my-release --namespace cert-manager --version v1.7.3 jetstack/cert-manager +$ helm install my-release --namespace cert-manager --version {{RELEASE_VERSION}} jetstack/cert-manager ``` In order to begin issuing certificates, you will need to set up a ClusterIssuer @@ -65,7 +65,7 @@ If you want to completely uninstall cert-manager from your cluster, you will als delete the previously installed CustomResourceDefinition resources: ```console -$ kubectl delete -f https://github.com/jetstack/cert-manager/releases/download/v1.7.3/cert-manager.crds.yaml +$ kubectl delete -f https://github.com/cert-manager/cert-manager/releases/download/{{RELEASE_VERSION}}/cert-manager.crds.yaml ``` ## Configuration @@ -75,6 +75,7 @@ The following table lists the configurable parameters of the cert-manager chart | Parameter | Description | Default | | --------- | ----------- | ------- | | `global.imagePullSecrets` | Reference to one or more secrets to be used when pulling images | `[]` | +| `global.commonLabels` | Labels to apply to all resources | `{}` | | `global.rbac.create` | If `true`, create and use RBAC resources (includes sub-charts) | `true` | | `global.priorityClassName`| Priority class name for cert-manager and webhook pods | `""` | | `global.podSecurityPolicy.enabled` | If `true`, create and use PodSecurityPolicy (includes sub-charts) | `false` | @@ -85,11 +86,11 @@ The following table lists the configurable parameters of the cert-manager chart | `global.leaderElection.retryPeriod` | The duration the clients should wait between attempting acquisition and renewal of a leadership | | | `installCRDs` | If true, CRD resources will be installed as part of the Helm chart. If enabled, when uninstalling CRD resources will be deleted causing all installed custom resources to be DELETED | `false` | | `image.repository` | Image repository | `quay.io/jetstack/cert-manager-controller` | -| `image.tag` | Image tag | `v1.7.3` | +| `image.tag` | Image tag | `{{RELEASE_VERSION}}` | | `image.pullPolicy` | Image pull policy | `IfNotPresent` | | `replicaCount` | Number of cert-manager replicas | `1` | | `clusterResourceNamespace` | Override the namespace used to store DNS provider credentials etc. for ClusterIssuer resources | Same namespace as cert-manager pod | -| `featureGates` | Comma-separated list of feature gates to enable on the controller pod | `` | +| `featureGates` | Set of comma-separated key=value pairs that describe feature gates on the controller. Some feature gates may also have to be enabled on other components, and can be set supplying the `feature-gate` flag to `.extraArgs` | `` | | `extraArgs` | Optional flags for cert-manager | `[]` | | `extraEnv` | Optional environment variables for cert-manager | `[]` | | `serviceAccount.create` | If `true`, create a new service account | `true` | @@ -99,12 +100,19 @@ The following table lists the configurable parameters of the cert-manager chart | `volumes` | Optional volumes for cert-manager | `[]` | | `volumeMounts` | Optional volume mounts for cert-manager | `[]` | | `resources` | CPU/memory resource requests/limits | `{}` | -| `securityContext` | Optional security context. The yaml block should adhere to the [SecurityContext spec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#securitycontext-v1-core) | `{}` | -| `securityContext.enabled` | Deprecated (use `securityContext`) - Enable security context | `false` | -| `containerSecurityContext` | Security context to be set on the controller component container | `{}` | +| `securityContext` | Security context for the controller pod assignment | refer to [Default Security Contexts](#default-security-contexts) | +| `containerSecurityContext` | Security context to be set on the controller component container | refer to [Default Security Contexts](#default-security-contexts) | | `nodeSelector` | Node labels for pod assignment | `{}` | | `affinity` | Node affinity for pod assignment | `{}` | | `tolerations` | Node tolerations for pod assignment | `[]` | +| `topologySpreadConstraints` | Topology spread constraints for pod assignment | `[]` | +| `livenessProbe.enabled` | Enable or disable the liveness probe for the controller container in the controller Pod. See https://cert-manager.io/docs/installation/best-practice/ to learn about when you might want to enable this livenss probe. | `false` | +| `livenessProbe.initialDelaySeconds` | The liveness probe initial delay (in seconds) | `10` | +| `livenessProbe.periodSeconds` | The liveness probe period (in seconds) | `10` | +| `livenessProbe.timeoutSeconds` | The liveness probe timeout (in seconds) | `10` | +| `livenessProbe.periodSeconds` | The liveness probe period (in seconds) | `10` | +| `livenessProbe.successThreshold` | The liveness probe success threshold | `1` | +| `livenessProbe.failureThreshold` | The liveness probe failure threshold | `8` | | `ingressShim.defaultIssuerName` | Optional default issuer to use for ingress resources | | | `ingressShim.defaultIssuerKind` | Optional default issuer kind to use for ingress resources | | | `ingressShim.defaultIssuerGroup` | Optional default issuer group to use for ingress resources | | @@ -120,6 +128,9 @@ The following table lists the configurable parameters of the cert-manager chart | `prometheus.servicemonitor.honorLabels` | Enable label honoring for metrics scraped by Prometheus (see [Prometheus scrape config docs](https://prometheus.io/docs/prometheus/latest/configuration/configuration/#scrape_config) for details). By setting `honorLabels` to `true`, Prometheus will prefer label contents given by cert-manager on conflicts. Can be used to remove the "exported_namespace" label for example. | `false` | | `podAnnotations` | Annotations to add to the cert-manager pod | `{}` | | `deploymentAnnotations` | Annotations to add to the cert-manager deployment | `{}` | +| `podDisruptionBudget.enabled` | Adds a PodDisruptionBudget for the cert-manager deployment | `false` | +| `podDisruptionBudget.minAvailable` | Configures the minimum available pods for voluntary disruptions. Cannot used if `maxUnavailable` is set. | `1` | +| `podDisruptionBudget.maxUnavailable` | Configures the maximum unavailable pods for voluntary disruptions. Cannot used if `minAvailable` is set. | | | `podDnsPolicy` | Optional cert-manager pod [DNS policy](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-policy) | | | `podDnsConfig` | Optional cert-manager pod [DNS configurations](https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pods-dns-config) | | | `podLabels` | Labels to add to the cert-manager pod | `{}` | @@ -128,12 +139,20 @@ The following table lists the configurable parameters of the cert-manager chart | `http_proxy` | Value of the `HTTP_PROXY` environment variable in the cert-manager pod | | | `https_proxy` | Value of the `HTTPS_PROXY` environment variable in the cert-manager pod | | | `no_proxy` | Value of the `NO_PROXY` environment variable in the cert-manager pod | | +| `dns01RecursiveNameservers` | Comma separated string with host and port of the recursive nameservers cert-manager should query | `` | +| `dns01RecursiveNameserversOnly` | Forces cert-manager to only use the recursive nameservers for verification. | `false` | +| `enableCertificateOwnerRef` | When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted | `false` | +| `config` | ControllerConfiguration YAML used to configure flags for the controller. Generates a ConfigMap containing contents of the field. See `values.yaml` for example. | `{}` | +| `enableServiceLinks` | Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. | `false` | | `webhook.replicaCount` | Number of cert-manager webhook replicas | `1` | -| `webhook.timeoutSeconds` | Seconds the API server should wait the webhook to respond before treating the call as a failure. | `10` | +| `webhook.timeoutSeconds` | Seconds the API server should wait for the webhook to respond before treating the call as a failure. Value must be between 1 and 30 seconds. | `30` | | `webhook.podAnnotations` | Annotations to add to the webhook pods | `{}` | | `webhook.podLabels` | Labels to add to the cert-manager webhook pod | `{}` | | `webhook.serviceLabels` | Labels to add to the cert-manager webhook service | `{}` | | `webhook.deploymentAnnotations` | Annotations to add to the webhook deployment | `{}` | +| `webhook.podDisruptionBudget.enabled` | Adds a PodDisruptionBudget for the cert-manager deployment | `false` | +| `webhook.podDisruptionBudget.minAvailable` | Configures the minimum available pods for voluntary disruptions. Cannot used if `maxUnavailable` is set. | `1` | +| `webhook.podDisruptionBudget.maxUnavailable` | Configures the maximum unavailable pods for voluntary disruptions. Cannot used if `minAvailable` is set. | | | `webhook.mutatingWebhookConfigurationAnnotations` | Annotations to add to the mutating webhook configuration | `{}` | | `webhook.validatingWebhookConfigurationAnnotations` | Annotations to add to the validating webhook configuration | `{}` | | `webhook.serviceAnnotations` | Annotations to add to the webhook service | `{}` | @@ -145,14 +164,18 @@ The following table lists the configurable parameters of the cert-manager chart | `webhook.serviceAccount.automountServiceAccountToken` | Automount API credentials for the webhook Service Account | | | `webhook.resources` | CPU/memory resource requests/limits for the webhook pods | `{}` | | `webhook.nodeSelector` | Node labels for webhook pod assignment | `{}` | +| `webhook.networkPolicy.enabled` | Enable default network policies for webhooks egress and ingress traffic | `false` | +| `webhook.networkPolicy.ingress` | Sets ingress policy block. See NetworkPolicy documentation. See `values.yaml` for example. | `{}` | +| `webhook.networkPolicy.egress` | Sets ingress policy block. See NetworkPolicy documentation. See `values.yaml` for example. | `{}` | | `webhook.affinity` | Node affinity for webhook pod assignment | `{}` | | `webhook.tolerations` | Node tolerations for webhook pod assignment | `[]` | +| `webhook.topologySpreadConstraints` | Topology spread constraints for webhook pod assignment | `[]` | | `webhook.image.repository` | Webhook image repository | `quay.io/jetstack/cert-manager-webhook` | -| `webhook.image.tag` | Webhook image tag | `v1.7.3` | +| `webhook.image.tag` | Webhook image tag | `{{RELEASE_VERSION}}` | | `webhook.image.pullPolicy` | Webhook image pull policy | `IfNotPresent` | | `webhook.securePort` | The port that the webhook should listen on for requests. | `10250` | -| `webhook.securityContext` | Security context for webhook pod assignment | `{}` | -| `webhook.containerSecurityContext` | Security context to be set on the webhook component container | `{}` | +| `webhook.securityContext` | Security context for webhook pod assignment | refer to [Default Security Contexts](#default-security-contexts) | +| `webhook.containerSecurityContext` | Security context to be set on the webhook component container | refer to [Default Security Contexts](#default-security-contexts) | | `webhook.hostNetwork` | If `true`, run the Webhook on the host network. | `false` | | `webhook.serviceType` | The type of the `Service`. | `ClusterIP` | | `webhook.loadBalancerIP` | The specific load balancer IP to use (when `serviceType` is `LoadBalancer`). | | @@ -167,11 +190,15 @@ The following table lists the configurable parameters of the cert-manager chart | `webhook.readinessProbe.periodSeconds` | The readiness probe period (in seconds) | `5` | | `webhook.readinessProbe.successThreshold` | The readiness probe success threshold | `1` | | `webhook.readinessProbe.timeoutSeconds` | The readiness probe timeout (in seconds) | `1` | +| `webhook.enableServiceLinks` | Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. | `false` | | `cainjector.enabled` | Toggles whether the cainjector component should be installed (required for the webhook component to work) | `true` | | `cainjector.replicaCount` | Number of cert-manager cainjector replicas | `1` | | `cainjector.podAnnotations` | Annotations to add to the cainjector pods | `{}` | | `cainjector.podLabels` | Labels to add to the cert-manager cainjector pod | `{}` | | `cainjector.deploymentAnnotations` | Annotations to add to the cainjector deployment | `{}` | +| `cainjector.podDisruptionBudget.enabled` | Adds a PodDisruptionBudget for the cert-manager deployment | `false` | +| `cainjector.podDisruptionBudget.minAvailable` | Configures the minimum available pods for voluntary disruptions. Cannot used if `maxUnavailable` is set. | `1` | +| `cainjector.podDisruptionBudget.maxUnavailable` | Configures the maximum unavailable pods for voluntary disruptions. Cannot used if `minAvailable` is set. | | | `cainjector.extraArgs` | Optional flags for cert-manager cainjector component | `[]` | | `cainjector.serviceAccount.create` | If `true`, create a new service account for the cainjector component | `true` | | `cainjector.serviceAccount.name` | Service account for the cainjector component to be used. If not set and `cainjector.serviceAccount.create` is `true`, a name is generated using the fullname template | | @@ -181,30 +208,59 @@ The following table lists the configurable parameters of the cert-manager chart | `cainjector.nodeSelector` | Node labels for cainjector pod assignment | `{}` | | `cainjector.affinity` | Node affinity for cainjector pod assignment | `{}` | | `cainjector.tolerations` | Node tolerations for cainjector pod assignment | `[]` | +| `cainjector.topologySpreadConstraints` | Topology spread constraints for cainjector pod assignment | `[]` | | `cainjector.image.repository` | cainjector image repository | `quay.io/jetstack/cert-manager-cainjector` | -| `cainjector.image.tag` | cainjector image tag | `v1.7.3` | +| `cainjector.image.tag` | cainjector image tag | `{{RELEASE_VERSION}}` | | `cainjector.image.pullPolicy` | cainjector image pull policy | `IfNotPresent` | -| `cainjector.securityContext` | Security context for cainjector pod assignment | `{}` | -| `cainjector.containerSecurityContext` | Security context to be set on cainjector component container | `{}` | +| `cainjector.securityContext` | Security context for cainjector pod assignment | refer to [Default Security Contexts](#default-security-contexts) | +| `cainjector.containerSecurityContext` | Security context to be set on cainjector component container | refer to [Default Security Contexts](#default-security-contexts) | +| `cainjector.enableServiceLinks` | Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. | `false` | +| `acmesolver.image.repository` | acmesolver image repository | `quay.io/jetstack/cert-manager-acmesolver` | +| `acmesolver.image.tag` | acmesolver image tag | `{{RELEASE_VERSION}}` | +| `acmesolver.image.pullPolicy` | acmesolver image pull policy | `IfNotPresent` | | `startupapicheck.enabled` | Toggles whether the startupapicheck Job should be installed | `true` | -| `startupapicheck.securityContext` | Pod Security Context to be set on the startupapicheck component Pod | `{}` | +| `startupapicheck.securityContext` | Security context for startupapicheck pod assignment | refer to [Default Security Contexts](#default-security-contexts) | +| `startupapicheck.containerSecurityContext` | Security context to be set on startupapicheck component container | refer to [Default Security Contexts](#default-security-contexts) | | `startupapicheck.timeout` | Timeout for 'kubectl check api' command | `1m` | | `startupapicheck.backoffLimit` | Job backoffLimit | `4` | | `startupapicheck.jobAnnotations` | Optional additional annotations to add to the startupapicheck Job | `{}` | | `startupapicheck.podAnnotations` | Optional additional annotations to add to the startupapicheck Pods | `{}` | -| `startupapicheck.extraArgs` | Optional additional arguments for startupapicheck | `[]` | +| `startupapicheck.extraArgs` | Optional additional arguments for startupapicheck | `["-v"]` | | `startupapicheck.resources` | CPU/memory resource requests/limits for the startupapicheck pod | `{}` | | `startupapicheck.nodeSelector` | Node labels for startupapicheck pod assignment | `{}` | | `startupapicheck.affinity` | Node affinity for startupapicheck pod assignment | `{}` | | `startupapicheck.tolerations` | Node tolerations for startupapicheck pod assignment | `[]` | | `startupapicheck.podLabels` | Optional additional labels to add to the startupapicheck Pods | `{}` | | `startupapicheck.image.repository` | startupapicheck image repository | `quay.io/jetstack/cert-manager-ctl` | -| `startupapicheck.image.tag` | startupapicheck image tag | `v1.7.3` | +| `startupapicheck.image.tag` | startupapicheck image tag | `{{RELEASE_VERSION}}` | | `startupapicheck.image.pullPolicy` | startupapicheck image pull policy | `IfNotPresent` | | `startupapicheck.serviceAccount.create` | If `true`, create a new service account for the startupapicheck component | `true` | | `startupapicheck.serviceAccount.name` | Service account for the startupapicheck component to be used. If not set and `startupapicheck.serviceAccount.create` is `true`, a name is generated using the fullname template | | | `startupapicheck.serviceAccount.annotations` | Annotations to add to the service account for the startupapicheck component | | | `startupapicheck.serviceAccount.automountServiceAccountToken` | Automount API credentials for the startupapicheck Service Account | `true` | +| `startupapicheck.enableServiceLinks` | Indicates whether information about services should be injected into pod's environment variables, matching the syntax of Docker links. | `false` | +| `maxConcurrentChallenges` | The maximum number of challenges that can be scheduled as 'processing' at once | `60` | + +### Default Security Contexts + +The default pod-level and container-level security contexts, below, adhere to the [restricted](https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted) Pod Security Standards policies. + +Default pod-level securityContext: +```yaml +runAsNonRoot: true +seccompProfile: + type: RuntimeDefault +``` + +Default containerSecurityContext: +```yaml +allowPrivilegeEscalation: false +capabilities: + drop: + - ALL +``` + +### Assigning Values Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. @@ -213,8 +269,8 @@ Alternatively, a YAML file that specifies the values for the above parameters ca ```console $ helm install my-release -f values.yaml . ``` -> **Tip**: You can use the default [values.yaml](https://github.com/jetstack/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml) +> **Tip**: You can use the default [values.yaml](https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/values.yaml) ## Contributing -This chart is maintained at [github.com/jetstack/cert-manager](https://github.com/jetstack/cert-manager/tree/master/deploy/charts/cert-manager). +This chart is maintained at [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager/tree/master/deploy/charts/cert-manager). diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/README.md b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/README.md new file mode 100644 index 0000000000..328559e88e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/README.md @@ -0,0 +1,18 @@ +# CRDs source directory + +> **WARNING**: if you are an end-user, you do NOT need to use the files in this +> directory. These files are for **development purposes only**. + +This directory contains 'source code' used to build our CustomResourceDefinition +resources in a way that can be consumed by all our different deployment methods. + +This package exposes a number of different Bazel targets: + +* `templates`: the Helm templates for the CRD manifests +* `crds`: the templated CRD manifests (after running `helm template`) +* `crd.templated`: for each CRD type, the one CRD after running `helm template` +* `templated_files`: a filegroup containing all of the individual templated CRD files + +Most users should never utilise the files in this directory directly. Instead, Bazel +build targets in other packages (i.e. `//deploy/manifests`, `//deploy/charts` etc) +will be configured to automatically consume the appropriate artifact listed above. diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificaterequests.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificaterequests.yaml new file mode 100644 index 0000000000..74a527fb71 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificaterequests.yaml @@ -0,0 +1,195 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificaterequests.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels {{- include "labels" . | nindent 4 }} +spec: + group: cert-manager.io + names: + kind: CertificateRequest + listKind: CertificateRequestList + plural: certificaterequests + shortNames: + - cr + - crs + singular: certificaterequest + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Approved")].status + name: Approved + type: string + - jsonPath: .status.conditions[?(@.type=="Denied")].status + name: Denied + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + type: string + - jsonPath: .spec.username + name: Requestor + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `Ready` status condition and its `status.failureTime` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired state of the CertificateRequest resource. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + type: object + required: + - issuerRef + - request + properties: + duration: + description: Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute. + type: string + extra: + description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: object + additionalProperties: + type: array + items: + type: string + groups: + description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: array + items: + type: string + x-kubernetes-list-type: atomic + isCA: + description: "Requested basic constraints isCA value. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute. \n NOTE: If the CSR in the `Request` field has a BasicConstraints extension, it must have the same isCA value as specified here. \n If true, this will automatically add the `cert sign` usage to the list of requested `usages`." + type: boolean + issuerRef: + description: "Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace. \n The `name` field of the reference must always be specified." + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: "The PEM-encoded X.509 certificate signing request to be submitted to the issuer for signing. \n If the CSR has a BasicConstraints extension, its isCA attribute must match the `isCA` value of this CertificateRequest. If the CSR has a KeyUsage extension, its key usages must match the key usages in the `usages` field of this CertificateRequest. If the CSR has a ExtKeyUsage extension, its extended key usages must match the extended key usages in the `usages` field of this CertificateRequest." + type: string + format: byte + uid: + description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + usages: + description: "Requested key usages and extended key usages. \n NOTE: If the CSR in the `Request` field has uses the KeyUsage or ExtKeyUsage extension, these extensions must have the same values as specified here without any additional values. \n If unset, defaults to `digital signature` and `key encipherment`." + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + username: + description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. + type: string + status: + description: 'Status of the CertificateRequest. This is set and managed automatically. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: object + properties: + ca: + description: The PEM encoded X.509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. + type: string + format: byte + certificate: + description: The PEM encoded X.509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. + type: string + format: byte + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`, `InvalidRequest`, `Approved` and `Denied`. + type: array + items: + description: CertificateRequestCondition contains condition information for a CertificateRequest. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failureTime: + description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + served: true + storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificates.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificates.yaml new file mode 100644 index 0000000000..ed1ba8dccd --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-certificates.yaml @@ -0,0 +1,442 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: certificates.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels {{- include "labels" . | nindent 4 }} +spec: + group: cert-manager.io + names: + kind: Certificate + listKind: CertificateList + plural: certificates + shortNames: + - cert + - certs + singular: certificate + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .spec.secretName + name: Secret + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: "A Certificate resource should be created to ensure an up to date and signed X.509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Specification of the desired state of the Certificate resource. https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status + type: object + required: + - issuerRef + - secretName + properties: + additionalOutputFormats: + description: "Defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. \n This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option set on both the controller and webhook components." + type: array + items: + description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. + type: object + required: + - type + properties: + type: + description: Type is the name of the format type that should be written to the Certificate's target Secret. + type: string + enum: + - DER + - CombinedPEM + commonName: + description: "Requested common name X509 certificate subject attribute. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 NOTE: TLS clients will ignore this value when any subject alternative name is set (see https://tools.ietf.org/html/rfc6125#section-6.4.4). \n Should have a length of 64 characters or fewer to avoid generating invalid CSRs. Cannot be set if the `literalSubject` field is set." + type: string + dnsNames: + description: Requested DNS subject alternative names. + type: array + items: + type: string + duration: + description: "Requested 'duration' (i.e. lifetime) of the Certificate. Note that the issuer may choose to ignore the requested duration, just like any other requested attribute. \n If unset, this defaults to 90 days. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration." + type: string + emailAddresses: + description: Requested email subject alternative names. + type: array + items: + type: string + encodeUsagesInRequest: + description: "Whether the KeyUsage and ExtKeyUsage extensions should be set in the encoded CSR. \n This option defaults to true, and should only be disabled if the target issuer does not support CSRs with these X509 KeyUsage/ ExtKeyUsage extensions." + type: boolean + ipAddresses: + description: Requested IP address subject alternative names. + type: array + items: + type: string + isCA: + description: "Requested basic constraints isCA value. The isCA value is used to set the `isCA` field on the created CertificateRequest resources. Note that the issuer may choose to ignore the requested isCA value, just like any other requested attribute. \n If true, this will automatically add the `cert sign` usage to the list of requested `usages`." + type: boolean + issuerRef: + description: "Reference to the issuer responsible for issuing the certificate. If the issuer is namespace-scoped, it must be in the same namespace as the Certificate. If the issuer is cluster-scoped, it can be used from any namespace. \n The `name` field of the reference must always be specified." + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + keystores: + description: Additional keystore output formats to be stored in the Certificate's Secret. + type: object + properties: + jks: + description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + pkcs12: + description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. + type: object + required: + - create + - passwordSecretRef + properties: + create: + description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will be updated immediately. If the issuer provided a CA certificate, a file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority + type: boolean + passwordSecretRef: + description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + profile: + description: "Profile specifies the key and certificate encryption algorithms and the HMAC algorithm used to create the PKCS12 keystore. Default value is `LegacyRC2` for backward compatibility. \n If provided, allowed values are: `LegacyRC2`: Deprecated. Not supported by default in OpenSSL 3 or Java 20. `LegacyDES`: Less secure algorithm. Use this option for maximal compatibility. `Modern2023`: Secure algorithm. Use this option in case you have to always use secure algorithms (eg. because of company policy). Please note that the security of the algorithm is not that important in reality, because the unencrypted certificate and private key are also stored in the Secret." + type: string + enum: + - LegacyRC2 + - LegacyDES + - Modern2023 + literalSubject: + description: "Requested X.509 certificate subject, represented using the LDAP \"String Representation of a Distinguished Name\" [1]. Important: the LDAP string format also specifies the order of the attributes in the subject, this is important when issuing certs for LDAP authentication. Example: `CN=foo,DC=corp,DC=example,DC=com` More info [1]: https://datatracker.ietf.org/doc/html/rfc4514 More info: https://github.com/cert-manager/cert-manager/issues/3203 More info: https://github.com/cert-manager/cert-manager/issues/4424 \n Cannot be set if the `subject` or `commonName` field is set. This is an Alpha Feature and is only enabled with the `--feature-gates=LiteralCertificateSubject=true` option set on both the controller and webhook components." + type: string + nameConstraints: + description: "x.509 certificate NameConstraint extension which MUST NOT be used in a non-CA certificate. More Info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.10 \n This is an Alpha Feature and is only enabled with the `--feature-gates=NameConstraints=true` option set on both the controller and webhook components." + type: object + properties: + critical: + description: if true then the name constraints are marked critical. + type: boolean + excluded: + description: Excluded contains the constraints which must be disallowed. Any name matching a restriction in the excluded field is invalid regardless of information appearing in the permitted + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + permitted: + description: Permitted contains the constraints in which the names must be located. + type: object + properties: + dnsDomains: + description: DNSDomains is a list of DNS domains that are permitted or excluded. + type: array + items: + type: string + emailAddresses: + description: EmailAddresses is a list of Email Addresses that are permitted or excluded. + type: array + items: + type: string + ipRanges: + description: IPRanges is a list of IP Ranges that are permitted or excluded. This should be a valid CIDR notation. + type: array + items: + type: string + uriDomains: + description: URIDomains is a list of URI domains that are permitted or excluded. + type: array + items: + type: string + otherNames: + description: '`otherNames` is an escape hatch for SAN that allows any type. We currently restrict the support to string like otherNames, cf RFC 5280 p 37 Any UTF8 String valued otherName can be passed with by setting the keys oid: x.x.x.x and UTF8Value: somevalue for `otherName`. Most commonly this would be UPN set with oid: 1.3.6.1.4.1.311.20.2.3 You should ensure that any OID passed is valid for the UTF8String type as we do not explicitly validate this.' + type: array + items: + type: object + properties: + oid: + description: OID is the object identifier for the otherName SAN. The object identifier must be expressed as a dotted string, for example, "1.2.840.113556.1.4.221". + type: string + utf8Value: + description: utf8Value is the string value of the otherName SAN. The utf8Value accepts any valid UTF8 string to set as value for the otherName SAN. + type: string + privateKey: + description: Private key options. These include the key algorithm and size, the used encoding and the rotation policy. + type: object + properties: + algorithm: + description: "Algorithm is the private key algorithm of the corresponding private key for this certificate. \n If provided, allowed values are either `RSA`, `ECDSA` or `Ed25519`. If `algorithm` is specified and `size` is not provided, key size of 2048 will be used for `RSA` key algorithm and key size of 256 will be used for `ECDSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm." + type: string + enum: + - RSA + - ECDSA + - Ed25519 + encoding: + description: "The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. \n If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified." + type: string + enum: + - PKCS1 + - PKCS8 + rotationPolicy: + description: "RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. \n If set to `Never`, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to `Always`, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is `Never` for backward compatibility." + type: string + enum: + - Never + - Always + size: + description: "Size is the key bit size of the corresponding private key for this certificate. \n If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed." + type: integer + renewBefore: + description: "How long before the currently issued certificate's expiry cert-manager should renew the certificate. For example, if a certificate is valid for 60 minutes, and `renewBefore=10m`, cert-manager will begin to attempt to renew the certificate 50 minutes after it was issued (i.e. when there are 10 minutes remaining until the certificate is no longer valid). \n NOTE: The actual lifetime of the issued certificate is used to determine the renewal time. If an issuer returns a certificate with a different lifetime than the one requested, cert-manager will use the lifetime of the issued certificate. \n If unset, this defaults to 1/3 of the issued certificate's lifetime. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration." + type: string + revisionHistoryLimit: + description: "The maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. \n If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`." + type: integer + format: int32 + secretName: + description: Name of the Secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. The Secret resource lives in the same namespace as the Certificate resource. + type: string + secretTemplate: + description: Defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. + type: object + properties: + annotations: + description: Annotations is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + labels: + description: Labels is a key value map to be copied to the target Kubernetes Secret. + type: object + additionalProperties: + type: string + subject: + description: "Requested set of X509 certificate subject attributes. More info: https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.6 \n The common name attribute is specified separately in the `commonName` field. Cannot be set if the `literalSubject` field is set." + type: object + properties: + countries: + description: Countries to be used on the Certificate. + type: array + items: + type: string + localities: + description: Cities to be used on the Certificate. + type: array + items: + type: string + organizationalUnits: + description: Organizational Units to be used on the Certificate. + type: array + items: + type: string + organizations: + description: Organizations to be used on the Certificate. + type: array + items: + type: string + postalCodes: + description: Postal codes to be used on the Certificate. + type: array + items: + type: string + provinces: + description: State/Provinces to be used on the Certificate. + type: array + items: + type: string + serialNumber: + description: Serial number to be used on the Certificate. + type: string + streetAddresses: + description: Street addresses to be used on the Certificate. + type: array + items: + type: string + uris: + description: Requested URI subject alternative names. + type: array + items: + type: string + usages: + description: "Requested key usages and extended key usages. These usages are used to set the `usages` field on the created CertificateRequest resources. If `encodeUsagesInRequest` is unset or set to `true`, the usages will additionally be encoded in the `request` field which contains the CSR blob. \n If unset, defaults to `digital signature` and `key encipherment`." + type: array + items: + description: "KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 \n Valid KeyUsage values are as follows: \"signing\", \"digital signature\", \"content commitment\", \"key encipherment\", \"key agreement\", \"data encipherment\", \"cert sign\", \"crl sign\", \"encipher only\", \"decipher only\", \"any\", \"server auth\", \"client auth\", \"code signing\", \"email protection\", \"s/mime\", \"ipsec end system\", \"ipsec tunnel\", \"ipsec user\", \"timestamping\", \"ocsp signing\", \"microsoft sgc\", \"netscape sgc\"" + type: string + enum: + - signing + - digital signature + - content commitment + - key encipherment + - key agreement + - data encipherment + - cert sign + - crl sign + - encipher only + - decipher only + - any + - server auth + - client auth + - code signing + - email protection + - s/mime + - ipsec end system + - ipsec tunnel + - ipsec user + - timestamping + - ocsp signing + - microsoft sgc + - netscape sgc + status: + description: 'Status of the Certificate. This is set and managed automatically. Read-only. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status' + type: object + properties: + conditions: + description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. + type: array + items: + description: CertificateCondition contains condition information for an Certificate. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`, `Issuing`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + failedIssuanceAttempts: + description: The number of continuous failed issuance attempts up till now. This field gets removed (if set) on a successful issuance and gets set to 1 if unset and an issuance has failed. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). + type: integer + lastFailureTime: + description: LastFailureTime is set only if the lastest issuance for this Certificate failed and contains the time of the failure. If an issuance has failed, the delay till the next issuance will be calculated using formula time.Hour * 2 ^ (failedIssuanceAttempts - 1). If the latest issuance has succeeded this field will be unset. + type: string + format: date-time + nextPrivateKeySecretName: + description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. + type: string + notAfter: + description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. + type: string + format: date-time + notBefore: + description: The time after which the certificate stored in the secret named by this resource in `spec.secretName` is valid. + type: string + format: date-time + renewalTime: + description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. + type: string + format: date-time + revision: + description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." + type: integer + served: true + storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-challenges.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-challenges.yaml new file mode 100644 index 0000000000..d10cacdc47 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-challenges.yaml @@ -0,0 +1,1123 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: challenges.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels {{- include "labels" . | nindent 4 }} +spec: + group: acme.cert-manager.io + names: + kind: Challenge + listKind: ChallengeList + plural: challenges + singular: challenge + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.dnsName + name: Domain + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1 + schema: + openAPIV3Schema: + description: Challenge is a type to represent a Challenge request with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - authorizationURL + - dnsName + - issuerRef + - key + - solver + - token + - type + - url + properties: + authorizationURL: + description: The URL to the ACME Authorization resource that this challenge is a part of. + type: string + dnsName: + description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. + type: string + issuerRef: + description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + key: + description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' + type: string + solver: + description: Contains the domain solving configuration that should be used to solve this challenge resource. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' + type: string + clientSecretSecretRef: + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n This API may be extended in the future to support additional kinds of parent resources. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n Support for other resources is Implementation-Specific." + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. * Service: Port Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. Note that attaching Routes to Services as Parents is part of experimental Mesh support and is not supported for any other purpose. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + token: + description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. + type: string + type: + description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". + type: string + enum: + - HTTP-01 + - DNS-01 + url: + description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. + type: string + wildcard: + description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. + type: boolean + status: + type: object + properties: + presented: + description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). + type: boolean + processing: + description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. + type: boolean + reason: + description: Contains human readable information on why the Challenge is in the current state. + type: string + state: + description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + served: true + storage: true + subresources: + status: {} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-issuers.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-issuers.yaml new file mode 100644 index 0000000000..6d6e45b749 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-issuers.yaml @@ -0,0 +1,1370 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: issuers.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels {{- include "labels" . | nindent 4 }} +spec: + group: cert-manager.io + names: + kind: Issuer + listKind: IssuerList + plural: issuers + singular: issuer + categories: + - cert-manager + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=="Ready")].status + name: Ready + type: string + - jsonPath: .status.conditions[?(@.type=="Ready")].message + name: Status + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. + type: object + required: + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: Desired state of the Issuer resource. + type: object + properties: + acme: + description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. + type: object + required: + - privateKeySecretRef + - server + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which can be used to validate the certificate chain presented by the ACME server. Mutually exclusive with SkipTLSVerify; prefer using CABundle to prevent various kinds of security vulnerabilities. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. + type: string + format: byte + disableAccountKeyGeneration: + description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. + type: boolean + email: + description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. + type: string + enableDurationFeature: + description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. + type: boolean + externalAccountBinding: + description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. + type: object + required: + - keyID + - keySecretRef + properties: + keyAlgorithm: + description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' + type: string + enum: + - HS256 + - HS384 + - HS512 + keyID: + description: keyID is the ID of the CA key that the External Account is bound to. + type: string + keySecretRef: + description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + preferredChain: + description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' + type: string + maxLength: 64 + privateKeySecretRef: + description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + server: + description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' + type: string + skipTLSVerify: + description: 'INSECURE: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have the TLS certificate chain validated. Mutually exclusive with CABundle; prefer using CABundle to prevent various kinds of security vulnerabilities. Only enable this option in development environments. If CABundle and SkipTLSVerify are unset, the system certificate bundle inside the container is used to validate the TLS connection. Defaults to false.' + type: boolean + solvers: + description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' + type: array + items: + description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. + type: object + properties: + dns01: + description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. + type: object + properties: + acmeDNS: + description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. + type: object + required: + - accountSecretRef + - host + properties: + accountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + host: + type: string + akamai: + description: Use the Akamai DNS zone management API to manage DNS01 challenge records. + type: object + required: + - accessTokenSecretRef + - clientSecretSecretRef + - clientTokenSecretRef + - serviceConsumerDomain + properties: + accessTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientSecretSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + clientTokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceConsumerDomain: + type: string + azureDNS: + description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. + type: object + required: + - resourceGroupName + - subscriptionID + properties: + clientID: + description: 'Auth: Azure Service Principal: The ClientID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientSecret and TenantID must also be set.' + type: string + clientSecretSecretRef: + description: 'Auth: Azure Service Principal: A reference to a Secret containing the password associated with the Service Principal. If set, ClientID and TenantID must also be set.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + environment: + description: name of the Azure environment (default AzurePublicCloud) + type: string + enum: + - AzurePublicCloud + - AzureChinaCloud + - AzureGermanCloud + - AzureUSGovernmentCloud + hostedZoneName: + description: name of the DNS zone that should be used + type: string + managedIdentity: + description: 'Auth: Azure Workload Identity or Azure Managed Service Identity: Settings to enable Azure Workload Identity or Azure Managed Service Identity If set, ClientID, ClientSecret and TenantID must not be set.' + type: object + properties: + clientID: + description: client ID of the managed identity, can not be used at the same time as resourceID + type: string + resourceID: + description: resource ID of the managed identity, can not be used at the same time as clientID Cannot be used for Azure Managed Service Identity + type: string + resourceGroupName: + description: resource group the DNS zone is located in + type: string + subscriptionID: + description: ID of the Azure subscription + type: string + tenantID: + description: 'Auth: Azure Service Principal: The TenantID of the Azure Service Principal used to authenticate with Azure DNS. If set, ClientID and ClientSecret must also be set.' + type: string + cloudDNS: + description: Use the Google Cloud DNS API to manage DNS01 challenge records. + type: object + required: + - project + properties: + hostedZoneName: + description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. + type: string + project: + type: string + serviceAccountSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + cloudflare: + description: Use the Cloudflare API to manage DNS01 challenge records. + type: object + properties: + apiKeySecretRef: + description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + apiTokenSecretRef: + description: API token used to authenticate with Cloudflare. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + email: + description: Email of the account, only required when using API key based authentication. + type: string + cnameStrategy: + description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. + type: string + enum: + - None + - Follow + digitalocean: + description: Use the DigitalOcean DNS API to manage DNS01 challenge records. + type: object + required: + - tokenSecretRef + properties: + tokenSecretRef: + description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + rfc2136: + description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. + type: object + required: + - nameserver + properties: + nameserver: + description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. + type: string + tsigAlgorithm: + description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' + type: string + tsigKeyName: + description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. + type: string + tsigSecretSecretRef: + description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + route53: + description: Use the AWS Route53 API to manage DNS01 challenge records. + type: object + required: + - region + properties: + accessKeyID: + description: 'The AccessKeyID is used for authentication. Cannot be set when SecretAccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: string + accessKeyIDSecretRef: + description: 'The SecretAccessKey is used for authentication. If set, pull the AWS access key ID from a key within a Kubernetes Secret. Cannot be set when AccessKeyID is set. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + hostedZoneID: + description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. + type: string + region: + description: Always set the region when using AccessKeyID and SecretAccessKey + type: string + role: + description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata + type: string + secretAccessKeySecretRef: + description: 'The SecretAccessKey is used for authentication. If neither the Access Key nor Key ID are set, we fall-back to using env vars, shared credentials file or AWS Instance metadata, see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + webhook: + description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. + type: object + required: + - groupName + - solverName + properties: + config: + description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. + x-kubernetes-preserve-unknown-fields: true + groupName: + description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. + type: string + solverName: + description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. + type: string + http01: + description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. + type: object + properties: + gatewayHTTPRoute: + description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. + type: object + properties: + labels: + description: Custom labels that will be applied to HTTPRoutes created by cert-manager while solving HTTP-01 challenges. + type: object + additionalProperties: + type: string + parentRefs: + description: 'When solving an HTTP-01 challenge, cert-manager creates an HTTPRoute. cert-manager needs to know which parentRefs should be used when creating the HTTPRoute. Usually, the parentRef references a Gateway. See: https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways' + type: array + items: + description: "ParentReference identifies an API object (usually a Gateway) that can be considered a parent of this resource (usually a route). There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n This API may be extended in the future to support additional kinds of parent resources. \n The API object must be valid in the cluster; the Group and Kind must be registered in the cluster for this reference to be valid." + type: object + required: + - name + properties: + group: + description: "Group is the group of the referent. When unspecified, \"gateway.networking.k8s.io\" is inferred. To set the core API group (such as for a \"Service\" kind referent), Group must be explicitly set to \"\" (empty string). \n Support: Core" + type: string + default: gateway.networking.k8s.io + maxLength: 253 + pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + kind: + description: "Kind is kind of the referent. \n There are two kinds of parent resources with \"Core\" support: \n * Gateway (Gateway conformance profile) * Service (Mesh conformance profile, experimental, ClusterIP Services only) \n Support for other resources is Implementation-Specific." + type: string + default: Gateway + maxLength: 63 + minLength: 1 + pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$ + name: + description: "Name is the name of the referent. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + namespace: + description: "Namespace is the namespace of the referent. When unspecified, this refers to the local namespace of the Route. \n Note that there are specific rules for ParentRefs which cross namespace boundaries. Cross-namespace references are only valid if they are explicitly allowed by something in the namespace they are referring to. For example: Gateway has the AllowedRoutes field, and ReferenceGrant provides a generic way to enable any other kind of cross-namespace reference. \n ParentRefs from a Route to a Service in the same namespace are \"producer\" routes, which apply default routing rules to inbound connections from any namespace to the Service. \n ParentRefs from a Route to a Service in a different namespace are \"consumer\" routes, and these routing rules are only applied to outbound connections originating from the same namespace as the Route, for which the intended destination of the connections are a Service targeted as a ParentRef of the Route. \n Support: Core" + type: string + maxLength: 63 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ + port: + description: "Port is the network port this Route targets. It can be interpreted differently based on the type of parent resource. \n When the parent resource is a Gateway, this targets all listeners listening on the specified port that also support this kind of Route(and select this Route). It's not recommended to set `Port` unless the networking behaviors specified in a Route must apply to a specific port as opposed to a listener(s) whose port(s) may be changed. When both Port and SectionName are specified, the name and port of the selected listener must match both specified values. \n When the parent resource is a Service, this targets a specific port in the Service spec. When both Port (experimental) and SectionName are specified, the name and port of the selected port must match both specified values. \n Implementations MAY choose to support other parent resources. Implementations supporting other types of parent resources MUST clearly document how/if Port is interpreted. \n For the purpose of status, an attachment is considered successful as long as the parent resource accepts it partially. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Extended \n " + type: integer + format: int32 + maximum: 65535 + minimum: 1 + sectionName: + description: "SectionName is the name of a section within the target resource. In the following resources, SectionName is interpreted as the following: \n * Gateway: Listener Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. * Service: Port Name. When both Port (experimental) and SectionName are specified, the name and port of the selected listener must match both specified values. Note that attaching Routes to Services as Parents is part of experimental Mesh support and is not supported for any other purpose. \n Implementations MAY choose to support attaching Routes to other resources. If that is the case, they MUST clearly document how SectionName is interpreted. \n When unspecified (empty string), this will reference the entire resource. For the purpose of status, an attachment is considered successful if at least one section in the parent resource accepts it. For example, Gateway listeners can restrict which Routes can attach to them by Route kind, namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from the referencing Route, the Route MUST be considered successfully attached. If no Gateway listeners accept attachment from this Route, the Route MUST be considered detached from the Gateway. \n Support: Core" + type: string + maxLength: 253 + minLength: 1 + pattern: ^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$ + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + ingress: + description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. + type: object + properties: + class: + description: This field configures the annotation `kubernetes.io/ingress.class` when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressClassName: + description: This field configures the field `ingressClassName` on the created Ingress resources used to solve ACME challenges that use this challenge solver. This is the recommended way of configuring the ingress class. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + ingressTemplate: + description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver ingress. + type: object + additionalProperties: + type: string + name: + description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. Only one of `class`, `name` or `ingressClassName` may be specified. + type: string + podTemplate: + description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. + type: object + properties: + metadata: + description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. + type: object + properties: + annotations: + description: Annotations that should be added to the create ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + labels: + description: Labels that should be added to the created ACME HTTP01 solver pods. + type: object + additionalProperties: + type: string + spec: + description: PodSpec defines overrides for the HTTP01 challenge solver pod. Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. All other fields will be ignored. + type: object + properties: + affinity: + description: If specified, the pod's scheduling constraints + type: object + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the pod. + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. + type: array + items: + description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). + type: object + required: + - preference + - weight + properties: + preference: + description: A node selector term, associated with the corresponding weight. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + weight: + description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. + type: object + required: + - nodeSelectorTerms + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. The terms are ORed. + type: array + items: + description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. + type: object + properties: + matchExpressions: + description: A list of node selector requirements by node's labels. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchFields: + description: A list of node selector requirements by node's fields. + type: array + items: + description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: The label key that the selector applies to. + type: string + operator: + description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + type: string + values: + description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. + type: array + items: + type: string + x-kubernetes-map-type: atomic + x-kubernetes-map-type: atomic + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. + type: array + items: + description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) + type: object + required: + - podAffinityTerm + - weight + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated with the corresponding weight. + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + weight: + description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. + type: integer + format: int32 + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. + type: array + items: + description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running + type: object + required: + - topologyKey + properties: + labelSelector: + description: A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + matchLabelKeys: + description: MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + mismatchLabelKeys: + description: MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + type: array + items: + type: string + x-kubernetes-list-type: atomic + namespaceSelector: + description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. + type: object + properties: + matchExpressions: + description: matchExpressions is a list of label selector requirements. The requirements are ANDed. + type: array + items: + description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. + type: object + required: + - key + - operator + properties: + key: + description: key is the label key that the selector applies to. + type: string + operator: + description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. + type: array + items: + type: string + matchLabels: + description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + additionalProperties: + type: string + x-kubernetes-map-type: atomic + namespaces: + description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace". + type: array + items: + type: string + topologyKey: + description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. + type: string + imagePullSecrets: + description: If specified, the pod's imagePullSecrets + type: array + items: + description: LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. + type: object + properties: + name: + description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?' + type: string + x-kubernetes-map-type: atomic + nodeSelector: + description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + type: object + additionalProperties: + type: string + priorityClassName: + description: If specified, the pod's priorityClassName. + type: string + serviceAccountName: + description: If specified, the pod's service account + type: string + tolerations: + description: If specified, the pod's tolerations. + type: array + items: + description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . + type: object + properties: + effect: + description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. + type: integer + format: int64 + value: + description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. + type: string + serviceType: + description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. + type: string + selector: + description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. + type: object + properties: + dnsNames: + description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + dnsZones: + description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. + type: array + items: + type: string + matchLabels: + description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. + type: object + additionalProperties: + type: string + ca: + description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. + type: object + required: + - secretName + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. + type: array + items: + type: string + issuingCertificateURLs: + description: IssuingCertificateURLs is a list of URLs which this issuer should embed into certificates it creates. See https://www.rfc-editor.org/rfc/rfc5280#section-4.2.2.1 for more details. As an example, such a URL might be "http://ca.domain.com/ca.crt". + type: array + items: + type: string + ocspServers: + description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". + type: array + items: + type: string + secretName: + description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. + type: string + selfSigned: + description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. + type: object + properties: + crlDistributionPoints: + description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. + type: array + items: + type: string + vault: + description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. + type: object + required: + - auth + - path + - server + properties: + auth: + description: Auth configures how cert-manager authenticates with the Vault server. + type: object + properties: + appRole: + description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. + type: object + required: + - path + - roleId + - secretRef + properties: + path: + description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' + type: string + roleId: + description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. + type: string + secretRef: + description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + kubernetes: + description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. + type: object + required: + - role + properties: + mountPath: + description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. + type: string + role: + description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. + type: string + secretRef: + description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + serviceAccountRef: + description: A reference to a service account that will be used to request a bound token (also known as "projected token"). Compared to using "secretRef", using this field means that you don't rely on statically bound tokens. To use this field, you must configure an RBAC rule to let cert-manager request a token. + type: object + required: + - name + properties: + name: + description: Name of the ServiceAccount used to request a token. + type: string + tokenSecretRef: + description: TokenSecretRef authenticates with Vault by presenting a token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by Vault. Only used if using HTTPS to connect to Vault and ignored for HTTP connections. Mutually exclusive with CABundleSecretRef. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. + type: string + format: byte + caBundleSecretRef: + description: Reference to a Secret containing a bundle of PEM-encoded CAs to use when verifying the certificate chain presented by Vault when using HTTPS. Mutually exclusive with CABundle. If neither CABundle nor CABundleSecretRef are defined, the certificate bundle in the cert-manager controller container is used to validate the TLS connection. If no key for the Secret is specified, cert-manager will default to 'ca.crt'. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + namespace: + description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' + type: string + path: + description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' + type: string + server: + description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' + type: string + venafi: + description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. + type: object + required: + - zone + properties: + cloud: + description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - apiTokenSecretRef + properties: + apiTokenSecretRef: + description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. + type: object + required: + - name + properties: + key: + description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. + type: string + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". + type: string + tpp: + description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. + type: object + required: + - credentialsRef + - url + properties: + caBundle: + description: Base64-encoded bundle of PEM CAs which will be used to validate the certificate chain presented by the TPP server. Only used if using HTTPS; ignored for HTTP. If undefined, the certificate bundle in the cert-manager controller container is used to validate the chain. + type: string + format: byte + credentialsRef: + description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. + type: object + required: + - name + properties: + name: + description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + type: string + url: + description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' + type: string + zone: + description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. + type: string + status: + description: Status of the Issuer. This is set and managed automatically. + type: object + properties: + acme: + description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. + type: object + properties: + lastPrivateKeyHash: + description: LastPrivateKeyHash is a hash of the private key associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + lastRegisteredEmail: + description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer + type: string + uri: + description: URI is the unique account identifier, which can also be used to retrieve account details from the CA + type: string + conditions: + description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. + type: array + items: + description: IssuerCondition contains condition information for an Issuer. + type: object + required: + - status + - type + properties: + lastTransitionTime: + description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. + type: string + format: date-time + message: + description: Message is a human readable description of the details of the last transition, complementing reason. + type: string + observedGeneration: + description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. + type: integer + format: int64 + reason: + description: Reason is a brief machine readable explanation for the condition's last transition. + type: string + status: + description: Status of the condition, one of (`True`, `False`, `Unknown`). + type: string + enum: + - "True" + - "False" + - Unknown + type: + description: Type of the condition, known values are (`Ready`). + type: string + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + served: true + storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-orders.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-orders.yaml new file mode 100644 index 0000000000..b3ba3f17a4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crd-orders.yaml @@ -0,0 +1,179 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: orders.acme.cert-manager.io + labels: + app: 'cert-manager' + app.kubernetes.io/name: 'cert-manager' + app.kubernetes.io/instance: 'cert-manager' + # Generated labels {{- include "labels" . | nindent 4 }} +spec: + group: acme.cert-manager.io + names: + kind: Order + listKind: OrderList + plural: orders + singular: order + categories: + - cert-manager + - cert-manager-acme + scope: Namespaced + versions: + - name: v1 + subresources: + status: {} + additionalPrinterColumns: + - jsonPath: .status.state + name: State + type: string + - jsonPath: .spec.issuerRef.name + name: Issuer + priority: 1 + type: string + - jsonPath: .status.reason + name: Reason + priority: 1 + type: string + - jsonPath: .metadata.creationTimestamp + description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. + name: Age + type: date + schema: + openAPIV3Schema: + description: Order is a type to represent an Order with an ACME server + type: object + required: + - metadata + - spec + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + required: + - issuerRef + - request + properties: + commonName: + description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. + type: string + dnsNames: + description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + duration: + description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. + type: string + ipAddresses: + description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. + type: array + items: + type: string + issuerRef: + description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. + type: object + required: + - name + properties: + group: + description: Group of the resource being referred to. + type: string + kind: + description: Kind of the resource being referred to. + type: string + name: + description: Name of the resource being referred to. + type: string + request: + description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. + type: string + format: byte + status: + type: object + properties: + authorizations: + description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. + type: array + items: + description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. + type: object + required: + - url + properties: + challenges: + description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. + type: array + items: + description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. + type: object + required: + - token + - type + - url + properties: + token: + description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. + type: string + type: + description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. + type: string + url: + description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. + type: string + identifier: + description: Identifier is the DNS name to be validated as part of this authorization + type: string + initialState: + description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL is the URL of the Authorization that must be completed + type: string + wildcard: + description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. + type: boolean + certificate: + description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. + type: string + format: byte + failureTime: + description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. + type: string + format: date-time + finalizeURL: + description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. + type: string + reason: + description: Reason optionally provides more information about a why the order is in the current state. + type: string + state: + description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' + type: string + enum: + - valid + - ready + - pending + - processing + - invalid + - expired + - errored + url: + description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. + type: string + served: true + storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml deleted file mode 100644 index 4b6c418a91..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/crds/crds.yaml +++ /dev/null @@ -1,4178 +0,0 @@ -# Copyright 2022 The cert-manager Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificaterequests.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: cert-manager.io - names: - kind: CertificateRequest - listKind: CertificateRequestList - plural: certificaterequests - shortNames: - - cr - - crs - singular: certificaterequest - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Approved")].status - name: Approved - type: string - - jsonPath: .status.conditions[?(@.type=="Denied")].status - name: Denied - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - type: string - - jsonPath: .spec.username - name: Requestor - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: "A CertificateRequest is used to request a signed certificate from one of the configured issuers. \n All fields within the CertificateRequest's `spec` are immutable after creation. A CertificateRequest will either succeed or fail, as denoted by its `status.state` field. \n A CertificateRequest is a one-shot resource, meaning it represents a single point in time request for a certificate and cannot be re-used." - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the CertificateRequest resource. - type: object - required: - - issuerRef - - request - properties: - duration: - description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. - type: string - extra: - description: Extra contains extra attributes of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: object - additionalProperties: - type: array - items: - type: string - groups: - description: Groups contains group membership of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: array - items: - type: string - x-kubernetes-list-type: atomic - isCA: - description: IsCA will request to mark the certificate as valid for certificate signing when submitting to the issuer. This will automatically add the `cert sign` usage to the list of `usages`. - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this CertificateRequest. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the CertificateRequest will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. The group field refers to the API group of the issuer which defaults to `cert-manager.io` if empty. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - request: - description: The PEM-encoded x509 certificate signing request to be submitted to the CA for signing. - type: string - format: byte - uid: - description: UID contains the uid of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: string - usages: - description: Usages is the set of x509 usages that are requested for the certificate. If usages are set they SHOULD be encoded inside the CSR spec Defaults to `digital signature` and `key encipherment` if not specified. - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - username: - description: Username contains the name of the user that created the CertificateRequest. Populated by the cert-manager webhook on creation and immutable. - type: string - status: - description: Status of the CertificateRequest. This is set and managed automatically. - type: object - properties: - ca: - description: The PEM encoded x509 certificate of the signer, also known as the CA (Certificate Authority). This is set on a best-effort basis by different issuers. If not set, the CA is assumed to be unknown/not available. - type: string - format: byte - certificate: - description: The PEM encoded x509 certificate resulting from the certificate signing request. If not set, the CertificateRequest has either not been completed or has failed. More information on failure can be found by checking the `conditions` field. - type: string - format: byte - conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready` and `InvalidRequest`. - type: array - items: - description: CertificateRequestCondition contains condition information for a CertificateRequest. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details of the last transition, complementing reason. - type: string - reason: - description: Reason is a brief machine readable explanation for the condition's last transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`, `InvalidRequest`, `Approved`, `Denied`). - type: string - failureTime: - description: FailureTime stores the time that this CertificateRequest failed. This is used to influence garbage collection and back-off. - type: string - format: date-time - served: true - storage: true ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: certificates.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: cert-manager.io - names: - kind: Certificate - listKind: CertificateList - plural: certificates - shortNames: - - cert - - certs - singular: certificate - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .spec.secretName - name: Secret - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: "A Certificate resource should be created to ensure an up to date and signed x509 certificate is stored in the Kubernetes Secret resource named in `spec.secretName`. \n The stored certificate will be renewed before it expires (as configured by `spec.renewBefore`)." - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the Certificate resource. - type: object - required: - - issuerRef - - secretName - properties: - additionalOutputFormats: - description: AdditionalOutputFormats defines extra output formats of the private key and signed certificate chain to be written to this Certificate's target Secret. This is an Alpha Feature and is only enabled with the `--feature-gates=AdditionalCertificateOutputFormats=true` option on both the controller and webhook components. - type: array - items: - description: CertificateAdditionalOutputFormat defines an additional output format of a Certificate resource. These contain supplementary data formats of the signed certificate chain and paired private key. - type: object - required: - - type - properties: - type: - description: Type is the name of the format type that should be written to the Certificate's target Secret. - type: string - enum: - - DER - - CombinedPEM - commonName: - description: 'CommonName is a common name to be used on the Certificate. The CommonName should have a length of 64 characters or fewer to avoid generating invalid CSRs. This value is ignored by TLS clients when any subject alt name is set. This is x509 behaviour: https://tools.ietf.org/html/rfc6125#section-6.4.4' - type: string - dnsNames: - description: DNSNames is a list of DNS subjectAltNames to be set on the Certificate. - type: array - items: - type: string - duration: - description: The requested 'duration' (i.e. lifetime) of the Certificate. This option may be ignored/overridden by some issuer types. If unset this defaults to 90 days. Certificate will be renewed either 2/3 through its duration or `renewBefore` period before its expiry, whichever is later. Minimum accepted duration is 1 hour. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration - type: string - emailAddresses: - description: EmailAddresses is a list of email subjectAltNames to be set on the Certificate. - type: array - items: - type: string - encodeUsagesInRequest: - description: EncodeUsagesInRequest controls whether key usages should be present in the CertificateRequest - type: boolean - ipAddresses: - description: IPAddresses is a list of IP address subjectAltNames to be set on the Certificate. - type: array - items: - type: string - isCA: - description: IsCA will mark this Certificate as valid for certificate signing. This will automatically add the `cert sign` usage to the list of `usages`. - type: boolean - issuerRef: - description: IssuerRef is a reference to the issuer for this certificate. If the `kind` field is not set, or set to `Issuer`, an Issuer resource with the given name in the same namespace as the Certificate will be used. If the `kind` field is set to `ClusterIssuer`, a ClusterIssuer with the provided name will be used. The `name` field in this stanza is required at all times. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - keystores: - description: Keystores configures additional keystore output formats stored in the `secretName` Secret resource. - type: object - properties: - jks: - description: JKS configures options for storing a JKS keystore in the `spec.secretName` Secret resource. - type: object - required: - - create - - passwordSecretRef - properties: - create: - description: Create enables JKS keystore creation for the Certificate. If true, a file named `keystore.jks` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.jks` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority - type: boolean - passwordSecretRef: - description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the JKS keystore. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - pkcs12: - description: PKCS12 configures options for storing a PKCS12 keystore in the `spec.secretName` Secret resource. - type: object - required: - - create - - passwordSecretRef - properties: - create: - description: Create enables PKCS12 keystore creation for the Certificate. If true, a file named `keystore.p12` will be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef`. The keystore file will only be updated upon re-issuance. A file named `truststore.p12` will also be created in the target Secret resource, encrypted using the password stored in `passwordSecretRef` containing the issuing Certificate Authority - type: boolean - passwordSecretRef: - description: PasswordSecretRef is a reference to a key in a Secret resource containing the password used to encrypt the PKCS12 keystore. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - privateKey: - description: Options to control private keys used for the Certificate. - type: object - properties: - algorithm: - description: Algorithm is the private key algorithm of the corresponding private key for this certificate. If provided, allowed values are either `RSA`,`Ed25519` or `ECDSA` If `algorithm` is specified and `size` is not provided, key size of 256 will be used for `ECDSA` key algorithm and key size of 2048 will be used for `RSA` key algorithm. key size is ignored when using the `Ed25519` key algorithm. - type: string - enum: - - RSA - - ECDSA - - Ed25519 - encoding: - description: The private key cryptography standards (PKCS) encoding for this certificate's private key to be encoded in. If provided, allowed values are `PKCS1` and `PKCS8` standing for PKCS#1 and PKCS#8, respectively. Defaults to `PKCS1` if not specified. - type: string - enum: - - PKCS1 - - PKCS8 - rotationPolicy: - description: RotationPolicy controls how private keys should be regenerated when a re-issuance is being processed. If set to Never, a private key will only be generated if one does not already exist in the target `spec.secretName`. If one does exists but it does not have the correct algorithm or size, a warning will be raised to await user intervention. If set to Always, a private key matching the specified requirements will be generated whenever a re-issuance occurs. Default is 'Never' for backward compatibility. - type: string - size: - description: Size is the key bit size of the corresponding private key for this certificate. If `algorithm` is set to `RSA`, valid values are `2048`, `4096` or `8192`, and will default to `2048` if not specified. If `algorithm` is set to `ECDSA`, valid values are `256`, `384` or `521`, and will default to `256` if not specified. If `algorithm` is set to `Ed25519`, Size is ignored. No other values are allowed. - type: integer - renewBefore: - description: How long before the currently issued certificate's expiry cert-manager should renew the certificate. The default is 2/3 of the issued certificate's duration. Minimum accepted value is 5 minutes. Value must be in units accepted by Go time.ParseDuration https://golang.org/pkg/time/#ParseDuration - type: string - revisionHistoryLimit: - description: revisionHistoryLimit is the maximum number of CertificateRequest revisions that are maintained in the Certificate's history. Each revision represents a single `CertificateRequest` created by this Certificate, either when it was created, renewed, or Spec was changed. Revisions will be removed by oldest first if the number of revisions exceeds this number. If set, revisionHistoryLimit must be a value of `1` or greater. If unset (`nil`), revisions will not be garbage collected. Default value is `nil`. - type: integer - format: int32 - secretName: - description: SecretName is the name of the secret resource that will be automatically created and managed by this Certificate resource. It will be populated with a private key and certificate, signed by the denoted issuer. - type: string - secretTemplate: - description: SecretTemplate defines annotations and labels to be copied to the Certificate's Secret. Labels and annotations on the Secret will be changed as they appear on the SecretTemplate when added or removed. SecretTemplate annotations are added in conjunction with, and cannot overwrite, the base set of annotations cert-manager sets on the Certificate's Secret. - type: object - properties: - annotations: - description: Annotations is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - labels: - description: Labels is a key value map to be copied to the target Kubernetes Secret. - type: object - additionalProperties: - type: string - subject: - description: Full X509 name specification (https://golang.org/pkg/crypto/x509/pkix/#Name). - type: object - properties: - countries: - description: Countries to be used on the Certificate. - type: array - items: - type: string - localities: - description: Cities to be used on the Certificate. - type: array - items: - type: string - organizationalUnits: - description: Organizational Units to be used on the Certificate. - type: array - items: - type: string - organizations: - description: Organizations to be used on the Certificate. - type: array - items: - type: string - postalCodes: - description: Postal codes to be used on the Certificate. - type: array - items: - type: string - provinces: - description: State/Provinces to be used on the Certificate. - type: array - items: - type: string - serialNumber: - description: Serial number to be used on the Certificate. - type: string - streetAddresses: - description: Street addresses to be used on the Certificate. - type: array - items: - type: string - uris: - description: URIs is a list of URI subjectAltNames to be set on the Certificate. - type: array - items: - type: string - usages: - description: Usages is the set of x509 usages that are requested for the certificate. Defaults to `digital signature` and `key encipherment` if not specified. - type: array - items: - description: 'KeyUsage specifies valid usage contexts for keys. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid KeyUsage values are as follows: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"' - type: string - enum: - - signing - - digital signature - - content commitment - - key encipherment - - key agreement - - data encipherment - - cert sign - - crl sign - - encipher only - - decipher only - - any - - server auth - - client auth - - code signing - - email protection - - s/mime - - ipsec end system - - ipsec tunnel - - ipsec user - - timestamping - - ocsp signing - - microsoft sgc - - netscape sgc - status: - description: Status of the Certificate. This is set and managed automatically. - type: object - properties: - conditions: - description: List of status conditions to indicate the status of certificates. Known condition types are `Ready` and `Issuing`. - type: array - items: - description: CertificateCondition contains condition information for an Certificate. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details of the last transition, complementing reason. - type: string - observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Certificate. - type: integer - format: int64 - reason: - description: Reason is a brief machine readable explanation for the condition's last transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`, `Issuing`). - type: string - lastFailureTime: - description: LastFailureTime is the time as recorded by the Certificate controller of the most recent failure to complete a CertificateRequest for this Certificate resource. If set, cert-manager will not re-request another Certificate until 1 hour has elapsed from this time. - type: string - format: date-time - nextPrivateKeySecretName: - description: The name of the Secret resource containing the private key to be used for the next certificate iteration. The keymanager controller will automatically set this field if the `Issuing` condition is set to `True`. It will automatically unset this field when the Issuing condition is not set or False. - type: string - notAfter: - description: The expiration time of the certificate stored in the secret named by this resource in `spec.secretName`. - type: string - format: date-time - notBefore: - description: The time after which the certificate stored in the secret named by this resource in spec.secretName is valid. - type: string - format: date-time - renewalTime: - description: RenewalTime is the time at which the certificate will be next renewed. If not set, no upcoming renewal is scheduled. - type: string - format: date-time - revision: - description: "The current 'revision' of the certificate as issued. \n When a CertificateRequest resource is created, it will have the `cert-manager.io/certificate-revision` set to one greater than the current value of this field. \n Upon issuance, this field will be set to the value of the annotation on the CertificateRequest resource used to issue the certificate. \n Persisting the value on the CertificateRequest resource allows the certificates controller to know whether a request is part of an old issuance or if it is part of the ongoing revision's issuance by checking if the revision value in the annotation is greater than this field." - type: integer - served: true - storage: true ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: challenges.acme.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: acme.cert-manager.io - names: - kind: Challenge - listKind: ChallengeList - plural: challenges - singular: challenge - categories: - - cert-manager - - cert-manager-acme - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - - jsonPath: .spec.dnsName - name: Domain - type: string - - jsonPath: .status.reason - name: Reason - priority: 1 - type: string - - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1 - schema: - openAPIV3Schema: - description: Challenge is a type to represent a Challenge request with an ACME server - type: object - required: - - metadata - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - required: - - authorizationURL - - dnsName - - issuerRef - - key - - solver - - token - - type - - url - properties: - authorizationURL: - description: The URL to the ACME Authorization resource that this challenge is a part of. - type: string - dnsName: - description: dnsName is the identifier that this challenge is for, e.g. example.com. If the requested DNSName is a 'wildcard', this field MUST be set to the non-wildcard domain, e.g. for `*.example.com`, it must be `example.com`. - type: string - issuerRef: - description: References a properly configured ACME-type Issuer which should be used to create this Challenge. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Challenge will be marked as failed. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - key: - description: 'The ACME challenge key for this challenge For HTTP01 challenges, this is the value that must be responded with to complete the HTTP01 challenge in the format: `.`. For DNS01 challenges, this is the base64 encoded SHA256 sum of the `.` text that must be set as the TXT record content.' - type: string - solver: - description: Contains the domain solving configuration that should be used to solve this challenge resource. - type: object - properties: - dns01: - description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientSecretSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: if both this and ClientSecret are left unset MSI will be used - type: string - clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - rfc2136: - description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - webhook: - description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. - type: object - additionalProperties: - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. - type: string - ingressTemplate: - description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . - type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. - type: object - additionalProperties: - type: string - token: - description: The ACME challenge token for this challenge. This is the raw value returned from the ACME server. - type: string - type: - description: The type of ACME challenge this resource represents. One of "HTTP-01" or "DNS-01". - type: string - enum: - - HTTP-01 - - DNS-01 - url: - description: The URL of the ACME Challenge resource for this challenge. This can be used to lookup details about the status of this challenge. - type: string - wildcard: - description: wildcard will be true if this challenge is for a wildcard identifier, for example '*.example.com'. - type: boolean - status: - type: object - properties: - presented: - description: presented will be set to true if the challenge values for this challenge are currently 'presented'. This *does not* imply the self check is passing. Only that the values have been 'submitted' for the appropriate challenge mechanism (i.e. the DNS01 TXT record has been presented, or the HTTP01 configuration has been configured). - type: boolean - processing: - description: Used to denote whether this challenge should be processed or not. This field will only be set to true by the 'scheduling' component. It will only be set to false by the 'challenges' controller, after the challenge has reached a final state or timed out. If this field is set to false, the challenge controller will not take any more action. - type: boolean - reason: - description: Contains human readable information on why the Challenge is in the current state. - type: string - state: - description: Contains the current 'state' of the challenge. If not set, the state of the challenge is unknown. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - served: true - storage: true - subresources: - status: {} ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: clusterissuers.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: cert-manager.io - names: - kind: ClusterIssuer - listKind: ClusterIssuerList - plural: clusterissuers - singular: clusterissuer - categories: - - cert-manager - scope: Cluster - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: A ClusterIssuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is similar to an Issuer, however it is cluster-scoped and therefore can be referenced by resources that exist in *any* namespace, not just the same namespace as the referent. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the ClusterIssuer resource. - type: object - properties: - acme: - description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. - type: object - required: - - privateKeySecretRef - - server - properties: - disableAccountKeyGeneration: - description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. - type: boolean - email: - description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. - type: string - enableDurationFeature: - description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. - type: boolean - externalAccountBinding: - description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. - type: object - required: - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - preferredChain: - description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' - type: string - maxLength: 64 - privateKeySecretRef: - description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - server: - description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' - type: string - skipTLSVerify: - description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. - type: boolean - solvers: - description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' - type: array - items: - description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. - type: object - properties: - dns01: - description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientSecretSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: if both this and ClientSecret are left unset MSI will be used - type: string - clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - rfc2136: - description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - webhook: - description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. - type: object - additionalProperties: - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. - type: string - ingressTemplate: - description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . - type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. - type: object - additionalProperties: - type: string - ca: - description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. - type: object - required: - - secretName - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. - type: array - items: - type: string - ocspServers: - description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. - type: string - selfSigned: - description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. - type: array - items: - type: string - vault: - description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. - type: object - required: - - auth - - path - - server - properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' - type: string - roleId: - description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. - type: string - secretRef: - description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - kubernetes: - description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - caBundle: - description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. - type: string - format: byte - namespace: - description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' - type: string - path: - description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' - type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - venafi: - description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. - type: object - required: - - zone - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - url: - description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - url: - description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. - type: string - status: - description: Status of the ClusterIssuer. This is set and managed automatically. - type: object - properties: - acme: - description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. - type: object - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also be used to retrieve account details from the CA - type: string - conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. - type: array - items: - description: IssuerCondition contains condition information for an Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details of the last transition, complementing reason. - type: string - observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. - type: integer - format: int64 - reason: - description: Reason is a brief machine readable explanation for the condition's last transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`). - type: string - served: true - storage: true ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: issuers.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: cert-manager.io - names: - kind: Issuer - listKind: IssuerList - plural: issuers - singular: issuer - categories: - - cert-manager - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.conditions[?(@.type=="Ready")].status - name: Ready - type: string - - jsonPath: .status.conditions[?(@.type=="Ready")].message - name: Status - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: An Issuer represents a certificate issuing authority which can be referenced as part of `issuerRef` fields. It is scoped to a single namespace and can therefore only be referenced by resources within the same namespace. - type: object - required: - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: Desired state of the Issuer resource. - type: object - properties: - acme: - description: ACME configures this issuer to communicate with a RFC8555 (ACME) server to obtain signed x509 certificates. - type: object - required: - - privateKeySecretRef - - server - properties: - disableAccountKeyGeneration: - description: Enables or disables generating a new ACME account key. If true, the Issuer resource will *not* request a new account but will expect the account key to be supplied via an existing secret. If false, the cert-manager system will generate a new ACME account key for the Issuer. Defaults to false. - type: boolean - email: - description: Email is the email address to be associated with the ACME account. This field is optional, but it is strongly recommended to be set. It will be used to contact you in case of issues with your account or certificates, including expiry notification emails. This field may be updated after the account is initially registered. - type: string - enableDurationFeature: - description: Enables requesting a Not After date on certificates that matches the duration of the certificate. This is not supported by all ACME servers like Let's Encrypt. If set to true when the ACME server does not support it it will create an error on the Order. Defaults to false. - type: boolean - externalAccountBinding: - description: ExternalAccountBinding is a reference to a CA external account of the ACME server. If set, upon registration cert-manager will attempt to associate the given external account credentials with the registered ACME account. - type: object - required: - - keyID - - keySecretRef - properties: - keyAlgorithm: - description: 'Deprecated: keyAlgorithm field exists for historical compatibility reasons and should not be used. The algorithm is now hardcoded to HS256 in golang/x/crypto/acme.' - type: string - enum: - - HS256 - - HS384 - - HS512 - keyID: - description: keyID is the ID of the CA key that the External Account is bound to. - type: string - keySecretRef: - description: keySecretRef is a Secret Key Selector referencing a data item in a Kubernetes Secret which holds the symmetric MAC key of the External Account Binding. The `key` is the index string that is paired with the key data in the Secret and should not be confused with the key data itself, or indeed with the External Account Binding keyID above. The secret key stored in the Secret **must** be un-padded, base64 URL encoded data. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - preferredChain: - description: 'PreferredChain is the chain to use if the ACME server outputs multiple. PreferredChain is no guarantee that this one gets delivered by the ACME endpoint. For example, for Let''s Encrypt''s DST crosssign you would use: "DST Root CA X3" or "ISRG Root X1" for the newer Let''s Encrypt root CA. This value picks the first certificate bundle in the ACME alternative chains that has a certificate with this value as its issuer''s CN' - type: string - maxLength: 64 - privateKeySecretRef: - description: PrivateKey is the name of a Kubernetes Secret resource that will be used to store the automatically generated ACME account private key. Optionally, a `key` may be specified to select a specific entry within the named Secret resource. If `key` is not specified, a default of `tls.key` will be used. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - server: - description: 'Server is the URL used to access the ACME server''s ''directory'' endpoint. For example, for Let''s Encrypt''s staging endpoint, you would use: "https://acme-staging-v02.api.letsencrypt.org/directory". Only ACME v2 endpoints (i.e. RFC 8555) are supported.' - type: string - skipTLSVerify: - description: Enables or disables validation of the ACME server TLS certificate. If true, requests to the ACME server will not have their TLS certificate validated (i.e. insecure connections will be allowed). Only enable this option in development environments. The cert-manager system installed roots will be used to verify connections to the ACME server if this is false. Defaults to false. - type: boolean - solvers: - description: 'Solvers is a list of challenge solvers that will be used to solve ACME challenges for the matching domains. Solver configurations must be provided in order to obtain certificates from an ACME server. For more information, see: https://cert-manager.io/docs/configuration/acme/' - type: array - items: - description: An ACMEChallengeSolver describes how to solve ACME challenges for the issuer it is part of. A selector may be provided to use different solving strategies for different DNS names. Only one of HTTP01 or DNS01 must be provided. - type: object - properties: - dns01: - description: Configures cert-manager to attempt to complete authorizations by performing the DNS01 challenge flow. - type: object - properties: - acmeDNS: - description: Use the 'ACME DNS' (https://github.com/joohoi/acme-dns) API to manage DNS01 challenge records. - type: object - required: - - accountSecretRef - - host - properties: - accountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - host: - type: string - akamai: - description: Use the Akamai DNS zone management API to manage DNS01 challenge records. - type: object - required: - - accessTokenSecretRef - - clientSecretSecretRef - - clientTokenSecretRef - - serviceConsumerDomain - properties: - accessTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientSecretSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - clientTokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - serviceConsumerDomain: - type: string - azureDNS: - description: Use the Microsoft Azure DNS API to manage DNS01 challenge records. - type: object - required: - - resourceGroupName - - subscriptionID - properties: - clientID: - description: if both this and ClientSecret are left unset MSI will be used - type: string - clientSecretSecretRef: - description: if both this and ClientID are left unset MSI will be used - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - environment: - description: name of the Azure environment (default AzurePublicCloud) - type: string - enum: - - AzurePublicCloud - - AzureChinaCloud - - AzureGermanCloud - - AzureUSGovernmentCloud - hostedZoneName: - description: name of the DNS zone that should be used - type: string - managedIdentity: - description: managed identity configuration, can not be used at the same time as clientID, clientSecretSecretRef or tenantID - type: object - properties: - clientID: - description: client ID of the managed identity, can not be used at the same time as resourceID - type: string - resourceID: - description: resource ID of the managed identity, can not be used at the same time as clientID - type: string - resourceGroupName: - description: resource group the DNS zone is located in - type: string - subscriptionID: - description: ID of the Azure subscription - type: string - tenantID: - description: when specifying ClientID and ClientSecret then this field is also needed - type: string - cloudDNS: - description: Use the Google Cloud DNS API to manage DNS01 challenge records. - type: object - required: - - project - properties: - hostedZoneName: - description: HostedZoneName is an optional field that tells cert-manager in which Cloud DNS zone the challenge record has to be created. If left empty cert-manager will automatically choose a zone. - type: string - project: - type: string - serviceAccountSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - cloudflare: - description: Use the Cloudflare API to manage DNS01 challenge records. - type: object - properties: - apiKeySecretRef: - description: 'API key to use to authenticate with Cloudflare. Note: using an API token to authenticate is now the recommended method as it allows greater control of permissions.' - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - apiTokenSecretRef: - description: API token used to authenticate with Cloudflare. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - email: - description: Email of the account, only required when using API key based authentication. - type: string - cnameStrategy: - description: CNAMEStrategy configures how the DNS01 provider should handle CNAME records when found in DNS zones. - type: string - enum: - - None - - Follow - digitalocean: - description: Use the DigitalOcean DNS API to manage DNS01 challenge records. - type: object - required: - - tokenSecretRef - properties: - tokenSecretRef: - description: A reference to a specific 'key' within a Secret resource. In some instances, `key` is a required field. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - rfc2136: - description: Use RFC2136 ("Dynamic Updates in the Domain Name System") (https://datatracker.ietf.org/doc/rfc2136/) to manage DNS01 challenge records. - type: object - required: - - nameserver - properties: - nameserver: - description: The IP address or hostname of an authoritative DNS server supporting RFC2136 in the form host:port. If the host is an IPv6 address it must be enclosed in square brackets (e.g [2001:db8::1]) ; port is optional. This field is required. - type: string - tsigAlgorithm: - description: 'The TSIG Algorithm configured in the DNS supporting RFC2136. Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are defined. Supported values are (case-insensitive): ``HMACMD5`` (default), ``HMACSHA1``, ``HMACSHA256`` or ``HMACSHA512``.' - type: string - tsigKeyName: - description: The TSIG Key name configured in the DNS. If ``tsigSecretSecretRef`` is defined, this field is required. - type: string - tsigSecretSecretRef: - description: The name of the secret containing the TSIG value. If ``tsigKeyName`` is defined, this field is required. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - route53: - description: Use the AWS Route53 API to manage DNS01 challenge records. - type: object - required: - - region - properties: - accessKeyID: - description: 'The AccessKeyID is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata see: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials' - type: string - hostedZoneID: - description: If set, the provider will manage only this zone in Route53 and will not do an lookup using the route53:ListHostedZonesByName api call. - type: string - region: - description: Always set the region when using AccessKeyID and SecretAccessKey - type: string - role: - description: Role is a Role ARN which the Route53 provider will assume using either the explicit credentials AccessKeyID/SecretAccessKey or the inferred credentials from environment variables, shared credentials file or AWS Instance metadata - type: string - secretAccessKeySecretRef: - description: The SecretAccessKey is used for authentication. If not set we fall-back to using env vars, shared credentials file or AWS Instance metadata https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - webhook: - description: Configure an external webhook based DNS01 challenge solver to manage DNS01 challenge records. - type: object - required: - - groupName - - solverName - properties: - config: - description: Additional configuration that should be passed to the webhook apiserver when challenges are processed. This can contain arbitrary JSON data. Secret values should not be specified in this stanza. If secret values are needed (e.g. credentials for a DNS service), you should use a SecretKeySelector to reference a Secret resource. For details on the schema of this field, consult the webhook provider implementation's documentation. - x-kubernetes-preserve-unknown-fields: true - groupName: - description: The API group name that should be used when POSTing ChallengePayload resources to the webhook apiserver. This should be the same as the GroupName specified in the webhook provider implementation. - type: string - solverName: - description: The name of the solver to use, as defined in the webhook provider implementation. This will typically be the name of the provider, e.g. 'cloudflare'. - type: string - http01: - description: Configures cert-manager to attempt to complete authorizations by performing the HTTP01 challenge flow. It is not possible to obtain certificates for wildcard domain names (e.g. `*.example.com`) using the HTTP01 challenge mechanism. - type: object - properties: - gatewayHTTPRoute: - description: The Gateway API is a sig-network community API that models service networking in Kubernetes (https://gateway-api.sigs.k8s.io/). The Gateway solver will create HTTPRoutes with the specified labels in the same namespace as the challenge. This solver is experimental, and fields / behaviour may change in the future. - type: object - properties: - labels: - description: The labels that cert-manager will use when creating the temporary HTTPRoute needed for solving the HTTP-01 challenge. These labels must match the label selector of at least one Gateway. - type: object - additionalProperties: - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - ingress: - description: The ingress based HTTP01 challenge solver will solve challenges by creating or modifying Ingress resources in order to route requests for '/.well-known/acme-challenge/XYZ' to 'challenge solver' pods that are provisioned by cert-manager for each Challenge to be completed. - type: object - properties: - class: - description: The ingress class to use when creating Ingress resources to solve ACME challenges that use this challenge solver. Only one of 'class' or 'name' may be specified. - type: string - ingressTemplate: - description: Optional ingress template used to configure the ACME challenge solver ingress used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the ingress used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver ingress. - type: object - additionalProperties: - type: string - name: - description: The name of the ingress resource that should have ACME challenge solving routes inserted into it in order to solve HTTP01 challenges. This is typically used in conjunction with ingress controllers like ingress-gce, which maintains a 1:1 mapping between external IPs and ingress resources. - type: string - podTemplate: - description: Optional pod template used to configure the ACME challenge solver pods used for HTTP01 challenges. - type: object - properties: - metadata: - description: ObjectMeta overrides for the pod used to solve HTTP01 challenges. Only the 'labels' and 'annotations' fields may be set. If labels or annotations overlap with in-built values, the values here will override the in-built values. - type: object - properties: - annotations: - description: Annotations that should be added to the create ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - labels: - description: Labels that should be added to the created ACME HTTP01 solver pods. - type: object - additionalProperties: - type: string - spec: - description: PodSpec defines overrides for the HTTP01 challenge solver pod. Only the 'priorityClassName', 'nodeSelector', 'affinity', 'serviceAccountName' and 'tolerations' fields are supported currently. All other fields will be ignored. - type: object - properties: - affinity: - description: If specified, the pod's scheduling constraints - type: object - properties: - nodeAffinity: - description: Describes node affinity scheduling rules for the pod. - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. - type: array - items: - description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). - type: object - required: - - preference - - weight - properties: - preference: - description: A node selector term, associated with the corresponding weight. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - weight: - description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. - type: object - required: - - nodeSelectorTerms - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. The terms are ORed. - type: array - items: - description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. - type: object - properties: - matchExpressions: - description: A list of node selector requirements by node's labels. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchFields: - description: A list of node selector requirements by node's fields. - type: array - items: - description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: The label key that the selector applies to. - type: string - operator: - description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - type: string - values: - description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. - type: array - items: - type: string - podAffinity: - description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - podAntiAffinity: - description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - type: object - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. - type: array - items: - description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) - type: object - required: - - podAffinityTerm - - weight - properties: - podAffinityTerm: - description: Required. A pod affinity term, associated with the corresponding weight. - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - weight: - description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. - type: integer - format: int32 - requiredDuringSchedulingIgnoredDuringExecution: - description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. - type: array - items: - description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key matches that of any node on which a pod of the set of pods is running - type: object - required: - - topologyKey - properties: - labelSelector: - description: A label query over a set of resources, in this case pods. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaceSelector: - description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces. This field is beta-level and is only honored when PodAffinityNamespaceSelector feature is enabled. - type: object - properties: - matchExpressions: - description: matchExpressions is a list of label selector requirements. The requirements are ANDed. - type: array - items: - description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. - type: object - required: - - key - - operator - properties: - key: - description: key is the label key that the selector applies to. - type: string - operator: - description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. - type: array - items: - type: string - matchLabels: - description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - additionalProperties: - type: string - namespaces: - description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace" - type: array - items: - type: string - topologyKey: - description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. - type: string - nodeSelector: - description: 'NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node''s labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' - type: object - additionalProperties: - type: string - priorityClassName: - description: If specified, the pod's priorityClassName. - type: string - serviceAccountName: - description: If specified, the pod's service account - type: string - tolerations: - description: If specified, the pod's tolerations. - type: array - items: - description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . - type: object - properties: - effect: - description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. - type: integer - format: int64 - value: - description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. - type: string - serviceType: - description: Optional service type for Kubernetes solver service. Supported values are NodePort or ClusterIP. If unset, defaults to NodePort. - type: string - selector: - description: Selector selects a set of DNSNames on the Certificate resource that should be solved using this challenge solver. If not specified, the solver will be treated as the 'default' solver with the lowest priority, i.e. if any other solver has a more specific match, it will be used instead. - type: object - properties: - dnsNames: - description: List of DNSNames that this solver will be used to solve. If specified and a match is found, a dnsNames selector will take precedence over a dnsZones selector. If multiple solvers match with the same dnsNames value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - dnsZones: - description: List of DNSZones that this solver will be used to solve. The most specific DNS zone match specified here will take precedence over other DNS zone matches, so a solver specifying sys.example.com will be selected over one specifying example.com for the domain www.sys.example.com. If multiple solvers match with the same dnsZones value, the solver with the most matching labels in matchLabels will be selected. If neither has more matches, the solver defined earlier in the list will be selected. - type: array - items: - type: string - matchLabels: - description: A label selector that is used to refine the set of certificate's that this challenge solver will apply to. - type: object - additionalProperties: - type: string - ca: - description: CA configures this issuer to sign certificates using a signing CA keypair stored in a Secret resource. This is used to build internal PKIs that are managed by cert-manager. - type: object - required: - - secretName - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set, certificates will be issued without distribution points set. - type: array - items: - type: string - ocspServers: - description: The OCSP server list is an X.509 v3 extension that defines a list of URLs of OCSP responders. The OCSP responders can be queried for the revocation status of an issued certificate. If not set, the certificate will be issued with no OCSP servers set. For example, an OCSP server URL could be "http://ocsp.int-x3.letsencrypt.org". - type: array - items: - type: string - secretName: - description: SecretName is the name of the secret used to sign Certificates issued by this Issuer. - type: string - selfSigned: - description: SelfSigned configures this issuer to 'self sign' certificates using the private key used to create the CertificateRequest object. - type: object - properties: - crlDistributionPoints: - description: The CRL distribution points is an X.509 v3 certificate extension which identifies the location of the CRL from which the revocation of this certificate can be checked. If not set certificate will be issued without CDP. Values are strings. - type: array - items: - type: string - vault: - description: Vault configures this issuer to sign certificates using a HashiCorp Vault PKI backend. - type: object - required: - - auth - - path - - server - properties: - auth: - description: Auth configures how cert-manager authenticates with the Vault server. - type: object - properties: - appRole: - description: AppRole authenticates with Vault using the App Role auth mechanism, with the role and secret stored in a Kubernetes Secret resource. - type: object - required: - - path - - roleId - - secretRef - properties: - path: - description: 'Path where the App Role authentication backend is mounted in Vault, e.g: "approle"' - type: string - roleId: - description: RoleID configured in the App Role authentication backend when setting up the authentication backend in Vault. - type: string - secretRef: - description: Reference to a key in a Secret that contains the App Role secret used to authenticate with Vault. The `key` field must be specified and denotes which entry within the Secret resource is used as the app role secret. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - kubernetes: - description: Kubernetes authenticates with Vault by passing the ServiceAccount token stored in the named Secret resource to the Vault server. - type: object - required: - - role - - secretRef - properties: - mountPath: - description: The Vault mountPath here is the mount path to use when authenticating with Vault. For example, setting a value to `/v1/auth/foo`, will use the path `/v1/auth/foo/login` to authenticate with Vault. If unspecified, the default value "/v1/auth/kubernetes" will be used. - type: string - role: - description: A required field containing the Vault Role to assume. A Role binds a Kubernetes ServiceAccount with a set of Vault policies. - type: string - secretRef: - description: The required Secret field containing a Kubernetes ServiceAccount JWT used for authenticating with Vault. Use of 'ambient credentials' is not supported. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - tokenSecretRef: - description: TokenSecretRef authenticates with Vault by presenting a token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - caBundle: - description: PEM-encoded CA bundle (base64-encoded) used to validate Vault server certificate. Only used if the Server URL is using HTTPS protocol. This parameter is ignored for plain HTTP protocol connection. If not set the system root certificates are used to validate the TLS connection. - type: string - format: byte - namespace: - description: 'Name of the vault namespace. Namespaces is a set of features within Vault Enterprise that allows Vault environments to support Secure Multi-tenancy. e.g: "ns1" More about namespaces can be found here https://www.vaultproject.io/docs/enterprise/namespaces' - type: string - path: - description: 'Path is the mount path of the Vault PKI backend''s `sign` endpoint, e.g: "my_pki_mount/sign/my-role-name".' - type: string - server: - description: 'Server is the connection address for the Vault server, e.g: "https://vault.example.com:8200".' - type: string - venafi: - description: Venafi configures this issuer to sign certificates using a Venafi TPP or Venafi Cloud policy zone. - type: object - required: - - zone - properties: - cloud: - description: Cloud specifies the Venafi cloud configuration settings. Only one of TPP or Cloud may be specified. - type: object - required: - - apiTokenSecretRef - properties: - apiTokenSecretRef: - description: APITokenSecretRef is a secret key selector for the Venafi Cloud API token. - type: object - required: - - name - properties: - key: - description: The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be defaulted, in others it may be required. - type: string - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - url: - description: URL is the base URL for Venafi Cloud. Defaults to "https://api.venafi.cloud/v1". - type: string - tpp: - description: TPP specifies Trust Protection Platform configuration settings. Only one of TPP or Cloud may be specified. - type: object - required: - - credentialsRef - - url - properties: - caBundle: - description: CABundle is a PEM encoded TLS certificate to use to verify connections to the TPP instance. If specified, system roots will not be used and the issuing CA for the TPP instance must be verifiable using the provided root. If not specified, the connection will be verified using the cert-manager system root certificates. - type: string - format: byte - credentialsRef: - description: CredentialsRef is a reference to a Secret containing the username and password for the TPP server. The secret must contain two keys, 'username' and 'password'. - type: object - required: - - name - properties: - name: - description: 'Name of the resource being referred to. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' - type: string - url: - description: 'URL is the base URL for the vedsdk endpoint of the Venafi TPP instance, for example: "https://tpp.example.com/vedsdk".' - type: string - zone: - description: Zone is the Venafi Policy Zone to use for this issuer. All requests made to the Venafi platform will be restricted by the named zone policy. This field is required. - type: string - status: - description: Status of the Issuer. This is set and managed automatically. - type: object - properties: - acme: - description: ACME specific status options. This field should only be set if the Issuer is configured to use an ACME server to issue certificates. - type: object - properties: - lastRegisteredEmail: - description: LastRegisteredEmail is the email associated with the latest registered ACME account, in order to track changes made to registered account associated with the Issuer - type: string - uri: - description: URI is the unique account identifier, which can also be used to retrieve account details from the CA - type: string - conditions: - description: List of status conditions to indicate the status of a CertificateRequest. Known condition types are `Ready`. - type: array - items: - description: IssuerCondition contains condition information for an Issuer. - type: object - required: - - status - - type - properties: - lastTransitionTime: - description: LastTransitionTime is the timestamp corresponding to the last status change of this condition. - type: string - format: date-time - message: - description: Message is a human readable description of the details of the last transition, complementing reason. - type: string - observedGeneration: - description: If set, this represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date with respect to the current state of the Issuer. - type: integer - format: int64 - reason: - description: Reason is a brief machine readable explanation for the condition's last transition. - type: string - status: - description: Status of the condition, one of (`True`, `False`, `Unknown`). - type: string - enum: - - "True" - - "False" - - Unknown - type: - description: Type of the condition, known values are (`Ready`). - type: string - served: true - storage: true ---- -# Source: cert-manager/templates/templates.out -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: orders.acme.cert-manager.io - annotations: - cert-manager.io/inject-ca-from-secret: 'cert-manager/cert-manager-webhook-ca' - labels: - app: 'cert-manager' - app.kubernetes.io/name: 'cert-manager' - app.kubernetes.io/instance: 'cert-manager' - # Generated labels - app.kubernetes.io/version: "v1.7.3" -spec: - group: acme.cert-manager.io - names: - kind: Order - listKind: OrderList - plural: orders - singular: order - categories: - - cert-manager - - cert-manager-acme - scope: Namespaced - versions: - - name: v1 - subresources: - status: {} - additionalPrinterColumns: - - jsonPath: .status.state - name: State - type: string - - jsonPath: .spec.issuerRef.name - name: Issuer - priority: 1 - type: string - - jsonPath: .status.reason - name: Reason - priority: 1 - type: string - - jsonPath: .metadata.creationTimestamp - description: CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. - name: Age - type: date - schema: - openAPIV3Schema: - description: Order is a type to represent an Order with an ACME server - type: object - required: - - metadata - - spec - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - type: object - required: - - issuerRef - - request - properties: - commonName: - description: CommonName is the common name as specified on the DER encoded CSR. If specified, this value must also be present in `dnsNames` or `ipAddresses`. This field must match the corresponding field on the DER encoded CSR. - type: string - dnsNames: - description: DNSNames is a list of DNS names that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. - type: array - items: - type: string - duration: - description: Duration is the duration for the not after date for the requested certificate. this is set on order creation as pe the ACME spec. - type: string - ipAddresses: - description: IPAddresses is a list of IP addresses that should be included as part of the Order validation process. This field must match the corresponding field on the DER encoded CSR. - type: array - items: - type: string - issuerRef: - description: IssuerRef references a properly configured ACME-type Issuer which should be used to create this Order. If the Issuer does not exist, processing will be retried. If the Issuer is not an 'ACME' Issuer, an error will be returned and the Order will be marked as failed. - type: object - required: - - name - properties: - group: - description: Group of the resource being referred to. - type: string - kind: - description: Kind of the resource being referred to. - type: string - name: - description: Name of the resource being referred to. - type: string - request: - description: Certificate signing request bytes in DER encoding. This will be used when finalizing the order. This field must be set on the order. - type: string - format: byte - status: - type: object - properties: - authorizations: - description: Authorizations contains data returned from the ACME server on what authorizations must be completed in order to validate the DNS names specified on the Order. - type: array - items: - description: ACMEAuthorization contains data returned from the ACME server on an authorization that must be completed in order validate a DNS name on an ACME Order resource. - type: object - required: - - url - properties: - challenges: - description: Challenges specifies the challenge types offered by the ACME server. One of these challenge types will be selected when validating the DNS name and an appropriate Challenge resource will be created to perform the ACME challenge process. - type: array - items: - description: Challenge specifies a challenge offered by the ACME server for an Order. An appropriate Challenge resource can be created to perform the ACME challenge process. - type: object - required: - - token - - type - - url - properties: - token: - description: Token is the token that must be presented for this challenge. This is used to compute the 'key' that must also be presented. - type: string - type: - description: Type is the type of challenge being offered, e.g. 'http-01', 'dns-01', 'tls-sni-01', etc. This is the raw value retrieved from the ACME server. Only 'http-01' and 'dns-01' are supported by cert-manager, other values will be ignored. - type: string - url: - description: URL is the URL of this challenge. It can be used to retrieve additional metadata about the Challenge from the ACME server. - type: string - identifier: - description: Identifier is the DNS name to be validated as part of this authorization - type: string - initialState: - description: InitialState is the initial state of the ACME authorization when first fetched from the ACME server. If an Authorization is already 'valid', the Order controller will not create a Challenge resource for the authorization. This will occur when working with an ACME server that enables 'authz reuse' (such as Let's Encrypt's production endpoint). If not set and 'identifier' is set, the state is assumed to be pending and a Challenge will be created. - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: URL is the URL of the Authorization that must be completed - type: string - wildcard: - description: Wildcard will be true if this authorization is for a wildcard DNS name. If this is true, the identifier will be the *non-wildcard* version of the DNS name. For example, if '*.example.com' is the DNS name being validated, this field will be 'true' and the 'identifier' field will be 'example.com'. - type: boolean - certificate: - description: Certificate is a copy of the PEM encoded certificate for this Order. This field will be populated after the order has been successfully finalized with the ACME server, and the order has transitioned to the 'valid' state. - type: string - format: byte - failureTime: - description: FailureTime stores the time that this order failed. This is used to influence garbage collection and back-off. - type: string - format: date-time - finalizeURL: - description: FinalizeURL of the Order. This is used to obtain certificates for this order once it has been completed. - type: string - reason: - description: Reason optionally provides more information about a why the order is in the current state. - type: string - state: - description: State contains the current state of this Order resource. States 'success' and 'expired' are 'final' - type: string - enum: - - valid - - ready - - pending - - processing - - invalid - - expired - - errored - url: - description: URL of the Order. This will initially be empty when the resource is first created. The Order controller will populate this field when the Order is first processed. This field will be immutable after it is initially set. - type: string - served: true - storage: true diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/signkey_annotation.txt b/deploy-as-code/helm/charts/backbone-services/cert-manager/signkey_annotation.txt new file mode 100644 index 0000000000..13f5c8cd11 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/signkey_annotation.txt @@ -0,0 +1,2 @@ +fingerprint: 1020CF3C033D4F35BAE1C19E1226061C665DF13E +url: https://cert-manager.io/public-keys/cert-manager-keyring-2021-09-20-1020CF3C033D4F35BAE1C19E1226061C665DF13E.gpg diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl index 2d930e5532..e267d75075 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/_helpers.tpl @@ -11,6 +11,10 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). */}} {{- define "cert-manager.fullname" -}} +{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -22,6 +26,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- end -}} {{- end -}} {{- end -}} +{{- end -}} {{/* Create the name of the service account to use @@ -58,7 +63,7 @@ If release name contains chart name it will be used as a full name. {{- end -}} {{- define "webhook.caRef" -}} -{{ .Values.namespace }}/{{ template "webhook.fullname" . }}-ca +{{- template "cert-manager.namespace" }}/{{ template "webhook.fullname" . }}-ca {{- end -}} {{/* @@ -156,4 +161,33 @@ app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} app.kubernetes.io/managed-by: {{ .Release.Service }} helm.sh/chart: {{ include "chartName" . }} {{- end -}} +{{- if .Values.global.commonLabels}} +{{ toYaml .Values.global.commonLabels }} +{{- end }} {{- end -}} + +{{/* +Namespace for all resources to be installed into +If not defined in values file then the helm release namespace is used +By default this is not set so the helm release namespace will be used + +This gets around an problem within helm discussed here +https://github.com/helm/helm/issues/5358 +*/}} +{{- define "cert-manager.namespace" -}} + {{ .Values.namespace | default .Release.Namespace }} +{{- end -}} + +{{/* +Util function for generating the image URL based on the provided options. +IMPORTANT: This function is standarized across all charts in the cert-manager GH organization. +Any changes to this function should also be made in cert-manager, trust-manager, approver-policy, ... +See https://github.com/cert-manager/cert-manager/issues/6329 for a list of linked PRs. +*/}} +{{- define "image" -}} +{{- $defaultTag := index . 1 -}} +{{- with index . 0 -}} +{{- if .registry -}}{{ printf "%s/%s" .registry .repository }}{{- else -}}{{- .repository -}}{{- end -}} +{{- if .digest -}}{{ printf "@%s" .digest }}{{- else -}}{{ printf ":%s" (default $defaultTag .tag) }}{{- end -}} +{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-config.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-config.yaml new file mode 100644 index 0000000000..5e0450ef56 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-config.yaml @@ -0,0 +1,18 @@ +{{- if .Values.cainjector.config -}} +{{- $_ := .Values.cainjector.config.apiVersion | required ".Values.cainjector.config.apiVersion must be set !" -}} +{{- $_ := .Values.cainjector.config.kind | required ".Values.cainjector.config.kind must be set !" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.name }} + namespace: {{ .Values.namespace }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +data: + config.yaml: | + {{- .Values.cainjector.config | toYaml | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml index c1c591c142..eef35c617e 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-deployment.yaml @@ -16,6 +16,9 @@ metadata: {{- end }} spec: replicas: {{ .Values.cainjector.replicaCount }} + {{- if ne (quote .Values.global.revisionHistoryLimit) (quote "") }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- end }} selector: matchLabels: app.kubernetes.io/name: {{ include "cainjector.name" . }} @@ -42,6 +45,10 @@ spec: {{- end }} spec: serviceAccountName: {{ template "cainjector.serviceAccountName" . }} + {{- if hasKey .Values.cainjector "automountServiceAccountToken" }} + automountServiceAccountToken: {{ .Values.cainjector.automountServiceAccountToken }} + {{- end }} + enableServiceLinks: {{ .Values.cainjector.enableServiceLinks }} {{- with .Values.global.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} @@ -49,16 +56,12 @@ spec: securityContext: {{- toYaml . | nindent 8 }} {{- end }} - imagePullSecrets: - - name: docker-registry-secret containers: - - name: {{ .Chart.Name }} - {{- with .Values.cainjector.image }} - image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" - {{- end }} + - name: {{ .Chart.Name }}-cainjector + image: "{{ template "image" (tuple .Values.cainjector.image $.Chart.AppVersion) }}" imagePullPolicy: {{ .Values.cainjector.image.pullPolicy }} args: - {{- if .Values.global.logLevel }} + {{- if ne (quote .Values.global.logLevel) (quote "") }} - --v={{ .Values.global.logLevel }} {{- end }} {{- with .Values.global.leaderElection }} @@ -73,6 +76,9 @@ spec: - --leader-election-retry-period={{ .retryPeriod }} {{- end }} {{- end }} + {{- with .Values.cainjector.featureGates}} + - --feature-gates={{ . }} + {{- end}} {{- with .Values.cainjector.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} @@ -89,6 +95,10 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.cainjector.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.cainjector.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -101,4 +111,12 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.cainjector.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.cainjector.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-poddisruptionbudget.yaml new file mode 100644 index 0000000000..6a7d60913f --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-poddisruptionbudget.yaml @@ -0,0 +1,29 @@ +{{- if .Values.cainjector.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "cainjector.fullname" . }} + namespace: {{ include "cert-manager.namespace" . }} + labels: + app: {{ include "cainjector.name" . }} + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + {{- include "labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "cainjector.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "cainjector" + + {{- if not (or (hasKey .Values.cainjector.podDisruptionBudget "minAvailable") (hasKey .Values.cainjector.podDisruptionBudget "maxUnavailable")) }} + minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set + {{- end }} + {{- if hasKey .Values.cainjector.podDisruptionBudget "minAvailable" }} + minAvailable: {{ .Values.cainjector.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if hasKey .Values.cainjector.podDisruptionBudget "maxUnavailable" }} + maxUnavailable: {{ .Values.cainjector.podDisruptionBudget.maxUnavailable }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml index ce4f278f60..e2bfa26bb5 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-psp-clusterrolebinding.yaml @@ -17,6 +17,6 @@ roleRef: subjects: - kind: ServiceAccount name: {{ template "cainjector.serviceAccountName" . }} - namespace: {{ .Values.namespace }} + namespace: {{ include "cert-manager.namespace" . }} {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml index a3b10485de..a7cf0ac428 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-rbac.yaml @@ -22,16 +22,13 @@ rules: verbs: ["get", "create", "update", "patch"] - apiGroups: ["admissionregistration.k8s.io"] resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"] - verbs: ["get", "list", "watch", "update"] + verbs: ["get", "list", "watch", "update", "patch"] - apiGroups: ["apiregistration.k8s.io"] resources: ["apiservices"] - verbs: ["get", "list", "watch", "update"] + verbs: ["get", "list", "watch", "update", "patch"] - apiGroups: ["apiextensions.k8s.io"] resources: ["customresourcedefinitions"] - verbs: ["get", "list", "watch", "update"] - - apiGroups: ["auditregistration.k8s.io"] - resources: ["auditsinks"] - verbs: ["get", "list", "watch", "update"] + verbs: ["get", "list", "watch", "update", "patch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -71,14 +68,6 @@ rules: # see cmd/cainjector/start.go#L113 # cert-manager-cainjector-leader-election-core is used by the SecretBased injector controller # see cmd/cainjector/start.go#L137 - # See also: https://github.com/kubernetes-sigs/controller-runtime/pull/1144#discussion_r480173688 - - apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] - verbs: ["get", "update", "patch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] - apiGroups: ["coordination.k8s.io"] resources: ["leases"] resourceNames: ["cert-manager-cainjector-leader-election", "cert-manager-cainjector-leader-election-core"] diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml index 30a4f60b96..0eb4c2ec94 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/cainjector-serviceaccount.yaml @@ -16,6 +16,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "cainjector" {{- include "labels" . | nindent 4 }} + {{- with .Values.cainjector.serviceAccount.labels }} + {{ toYaml . | nindent 4 }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 2 }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/controller-config.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/controller-config.yaml new file mode 100644 index 0000000000..e4a3293d35 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/controller-config.yaml @@ -0,0 +1,18 @@ +{{- if .Values.config -}} +{{- $_ := .Values.config.apiVersion | required ".Values.config.apiVersion must be set !" -}} +{{- $_ := .Values.config.kind | required ".Values.config.kind must be set !" -}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "cert-manager.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +data: + config.yaml: | + {{- .Values.config | toYaml | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml index b0ead32ce8..fd39d7ba90 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/deployment.yaml @@ -15,6 +15,9 @@ metadata: {{- end }} spec: replicas: {{ .Values.replicaCount }} + {{- if ne (quote .Values.global.revisionHistoryLimit) (quote "") }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- end }} selector: matchLabels: app.kubernetes.io/name: {{ template "cert-manager.name" . }} @@ -49,36 +52,40 @@ spec: {{- end }} spec: serviceAccountName: {{ template "cert-manager.serviceAccountName" . }} + {{- if hasKey .Values "automountServiceAccountToken" }} + automountServiceAccountToken: {{ .Values.automountServiceAccountToken }} + {{- end }} + enableServiceLinks: {{ .Values.enableServiceLinks }} {{- with .Values.global.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} - {{- $enabledDefined := gt (len (keys (pick .Values.securityContext "enabled"))) 0 }} - {{- $legacyEnabledExplicitlyOff := and $enabledDefined (not .Values.securityContext.enabled) }} - {{- if and .Values.securityContext (not $legacyEnabledExplicitlyOff) }} + {{- with .Values.securityContext }} securityContext: - {{- if .Values.securityContext.enabled }} - {{/* support legacy securityContext.enabled and its two parameters */}} - fsGroup: {{ default 1001 .Values.securityContext.fsGroup }} - runAsUser: {{ default 1001 .Values.securityContext.runAsUser }} - {{- else }} - {{/* this is the way forward: support an arbitrary yaml block */}} - {{- toYaml .Values.securityContext | nindent 8 }} - {{- end }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.volumes }} + {{- if or .Values.volumes .Values.config}} volumes: + {{- if .Values.config }} + - name: config + configMap: + name: {{ include "cert-manager.fullname" . }} + {{- end }} + {{ with .Values.volumes }} {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} containers: - - name: {{ .Chart.Name }} - {{- with .Values.image }} - image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" - {{- end }} + - name: {{ .Chart.Name }}-controller + image: "{{ template "image" (tuple .Values.image $.Chart.AppVersion) }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: - {{- if .Values.global.logLevel }} + {{- if ne (quote .Values.global.logLevel) (quote "") }} - --v={{ .Values.global.logLevel }} {{- end }} + {{- if .Values.config }} + - --config=/var/cert-manager/config/config.yaml + {{- end }} + {{- $config := default .Values.config "" }} {{- if .Values.clusterResourceNamespace }} - --cluster-resource-namespace={{ .Values.clusterResourceNamespace }} {{- else }} @@ -96,6 +103,9 @@ spec: - --leader-election-retry-period={{ .retryPeriod }} {{- end }} {{- end }} + {{- with .Values.acmesolver.image }} + - --acme-http01-solver-image={{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}} + {{- end }} {{- with .Values.extraArgs }} {{- toYaml . | nindent 10 }} {{- end }} @@ -113,16 +123,42 @@ spec: {{- if .Values.featureGates }} - --feature-gates={{ .Values.featureGates }} {{- end }} + {{- if .Values.maxConcurrentChallenges }} + - --max-concurrent-challenges={{ .Values.maxConcurrentChallenges }} + {{- end }} + {{- if .Values.enableCertificateOwnerRef }} + - --enable-certificate-owner-ref=true + {{- end }} + {{- if .Values.dns01RecursiveNameserversOnly }} + - --dns01-recursive-nameservers-only=true + {{- end }} + {{- with .Values.dns01RecursiveNameservers }} + - --dns01-recursive-nameservers={{ . }} + {{- end }} ports: - containerPort: 9402 + name: http-metrics + protocol: TCP + - containerPort: 9403 + name: http-healthz protocol: TCP {{- with .Values.containerSecurityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} + {{- if or .Values.config .Values.volumeMounts }} + volumeMounts: + {{- if .Values.config}} + - name: config + mountPath: /var/cert-manager/config + {{- end }} + {{- with .Values.volumeMounts }} {{- with .Values.volumeMounts }} + volumeMounts: + {{- with .Values.volumeMounts }} volumeMounts: {{- toYaml . | nindent 12 }} + {{- end }} {{- end }} env: - name: POD_NAMESPACE @@ -148,6 +184,24 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + + {{- with .Values.livenessProbe }} + {{- if .enabled }} + # LivenessProbe settings are based on those used for the Kubernetes + # controller-manager. See: + # https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 + livenessProbe: + httpGet: + port: http-healthz + path: /livez + scheme: HTTP + initialDelaySeconds: {{ .initialDelaySeconds }} + periodSeconds: {{ .periodSeconds }} + timeoutSeconds: {{ .timeoutSeconds }} + successThreshold: {{ .successThreshold }} + failureThreshold: {{ .failureThreshold }} + {{- end }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -160,6 +214,10 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} {{- with .Values.podDnsPolicy }} dnsPolicy: {{ . }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-egress.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-egress.yaml new file mode 100644 index 0000000000..af1f0e1c45 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-egress.yaml @@ -0,0 +1,23 @@ +{{- if .Values.webhook.networkPolicy.enabled }} +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "webhook.fullname" . }}-allow-egress + namespace: {{ .Values.namespace }} +spec: + egress: + {{- with .Values.webhook.networkPolicy.egress }} + {{- toYaml . | nindent 2 }} + {{- end }} + podSelector: + matchLabels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- with .Values.webhook.podLabels }} + {{- toYaml . | nindent 6 }} + {{- end }} + policyTypes: + - Egress +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-webhooks.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-webhooks.yaml new file mode 100644 index 0000000000..77ddef3cd4 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/networkpolicy-webhooks.yaml @@ -0,0 +1,25 @@ +{{- if .Values.webhook.networkPolicy.enabled }} + +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: {{ template "webhook.fullname" . }}-allow-ingress + namespace: {{ .Values.namespace }} +spec: + ingress: + {{- with .Values.webhook.networkPolicy.ingress }} + {{- toYaml . | nindent 2 }} + {{- end }} + podSelector: + matchLabels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- with .Values.webhook.podLabels }} + {{- toYaml . | nindent 6 }} + {{- end }} + policyTypes: + - Ingress + +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/poddisruptionbudget.yaml new file mode 100644 index 0000000000..8beffcb79f --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/poddisruptionbudget.yaml @@ -0,0 +1,29 @@ +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "cert-manager.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + + {{- if not (or (hasKey .Values.podDisruptionBudget "minAvailable") (hasKey .Values.podDisruptionBudget "maxUnavailable")) }} + minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set + {{- end }} + {{- if hasKey .Values.podDisruptionBudget "minAvailable" }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if hasKey .Values.podDisruptionBudget "maxUnavailable" }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/podmonitor.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/podmonitor.yaml new file mode 100644 index 0000000000..0dc553f8cd --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/podmonitor.yaml @@ -0,0 +1,50 @@ +{{- if and .Values.prometheus.enabled (and .Values.prometheus.podmonitor.enabled .Values.prometheus.servicemonitor.enabled) }} +{{- fail "Either .Values.prometheus.podmonitor.enabled or .Values.prometheus.servicemonitor.enabled can be enabled at a time, but not both." }} +{{- else if and .Values.prometheus.enabled .Values.prometheus.podmonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: {{ template "cert-manager.fullname" . }} +{{- if .Values.prometheus.podmonitor.namespace }} + namespace: {{ .Values.prometheus.podmonitor.namespace }} +{{- else }} + namespace: {{ .Values.namespace }} +{{- end }} + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + prometheus: {{ .Values.prometheus.podmonitor.prometheusInstance }} + {{- with .Values.prometheus.podmonitor.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- if .Values.prometheus.podmonitor.annotations }} + annotations: + {{- with .Values.prometheus.podmonitor.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} +spec: + jobLabel: {{ template "cert-manager.fullname" . }} + selector: + matchLabels: + app.kubernetes.io/name: {{ template "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" +{{- if .Values.prometheus.podmonitor.namespace }} + namespaceSelector: + matchNames: + - {{ include "cert-manager.namespace" . }} +{{- end }} + podMetricsEndpoints: + - port: http-metrics + path: {{ .Values.prometheus.podmonitor.path }} + interval: {{ .Values.prometheus.podmonitor.interval }} + scrapeTimeout: {{ .Values.prometheus.podmonitor.scrapeTimeout }} + honorLabels: {{ .Values.prometheus.podmonitor.honorLabels }} + {{- with .Values.prometheus.servicemonitor.endpointAdditionalProperties }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml index 1a8a73e43c..048e4f1c80 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/rbac.yaml @@ -11,15 +11,6 @@ metadata: app.kubernetes.io/component: "controller" {{- include "labels" . | nindent 4 }} rules: - # Used for leader election by the controller - # See also: https://github.com/kubernetes-sigs/controller-runtime/pull/1144#discussion_r480173688 - - apiGroups: [""] - resources: ["configmaps"] - resourceNames: ["cert-manager-controller"] - verbs: ["get", "update", "patch"] - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["create"] - apiGroups: ["coordination.k8s.io"] resources: ["leases"] resourceNames: ["cert-manager-controller"] @@ -69,7 +60,7 @@ metadata: rules: - apiGroups: ["cert-manager.io"] resources: ["issuers", "issuers/status"] - verbs: ["update"] + verbs: ["update", "patch"] - apiGroups: ["cert-manager.io"] resources: ["issuers"] verbs: ["get", "list", "watch"] @@ -79,7 +70,6 @@ rules: - apiGroups: [""] resources: ["events"] verbs: ["create", "patch"] - --- # ClusterIssuer controller role @@ -96,7 +86,7 @@ metadata: rules: - apiGroups: ["cert-manager.io"] resources: ["clusterissuers", "clusterissuers/status"] - verbs: ["update"] + verbs: ["update", "patch"] - apiGroups: ["cert-manager.io"] resources: ["clusterissuers"] verbs: ["get", "list", "watch"] @@ -123,7 +113,7 @@ metadata: rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificates/status", "certificaterequests", "certificaterequests/status"] - verbs: ["update"] + verbs: ["update", "patch"] - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "clusterissuers", "issuers"] verbs: ["get", "list", "watch"] @@ -159,7 +149,7 @@ metadata: rules: - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "orders/status"] - verbs: ["update"] + verbs: ["update", "patch"] - apiGroups: ["acme.cert-manager.io"] resources: ["orders", "challenges"] verbs: ["get", "list", "watch"] @@ -199,7 +189,7 @@ rules: # Use to update challenge resource status - apiGroups: ["acme.cert-manager.io"] resources: ["challenges", "challenges/status"] - verbs: ["update"] + verbs: ["update", "patch"] # Used to watch challenge resources - apiGroups: ["acme.cert-manager.io"] resources: ["challenges"] @@ -223,7 +213,7 @@ rules: - apiGroups: ["networking.k8s.io"] resources: ["ingresses"] verbs: ["get", "list", "watch", "create", "delete", "update"] - - apiGroups: [ "networking.x-k8s.io" ] + - apiGroups: [ "gateway.networking.k8s.io" ] resources: [ "httproutes" ] verbs: ["get", "list", "watch", "create", "delete", "update"] # We require the ability to specify a custom hostname when we are creating @@ -272,10 +262,10 @@ rules: - apiGroups: ["networking.k8s.io"] resources: ["ingresses/finalizers"] verbs: ["update"] - - apiGroups: ["networking.x-k8s.io"] + - apiGroups: ["gateway.networking.k8s.io"] resources: ["gateways", "httproutes"] verbs: ["get", "list", "watch"] - - apiGroups: ["networking.x-k8s.io"] + - apiGroups: ["gateway.networking.k8s.io"] resources: ["gateways/finalizers", "httproutes/finalizers"] verbs: ["update"] - apiGroups: [""] @@ -408,6 +398,26 @@ subjects: namespace: {{ .Values.namespace }} kind: ServiceAccount +{{- if .Values.global.rbac.aggregateClusterRoles }} +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "cert-manager.fullname" . }}-cluster-view + labels: + app: {{ include "cert-manager.name" . }} + app.kubernetes.io/name: {{ include "cert-manager.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "controller" + {{- include "labels" . | nindent 4 }} + rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" +rules: + - apiGroups: ["cert-manager.io"] + resources: ["clusterissuers"] + verbs: ["get", "list", "watch"] + +{{- end }} --- apiVersion: rbac.authorization.k8s.io/v1 @@ -420,9 +430,12 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "controller" {{- include "labels" . | nindent 4 }} + {{- if .Values.global.rbac.aggregateClusterRoles }} rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-cluster-reader: "true" + {{- end }} rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "issuers"] @@ -444,12 +457,17 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "controller" {{- include "labels" . | nindent 4 }} + {{- if .Values.global.rbac.aggregateClusterRoles }} rbac.authorization.k8s.io/aggregate-to-edit: "true" rbac.authorization.k8s.io/aggregate-to-admin: "true" + {{- end }} rules: - apiGroups: ["cert-manager.io"] resources: ["certificates", "certificaterequests", "issuers"] verbs: ["create", "delete", "deletecollection", "patch", "update"] + - apiGroups: ["cert-manager.io"] + resources: ["certificates/status"] + verbs: ["update"] - apiGroups: ["acme.cert-manager.io"] resources: ["challenges", "orders"] verbs: ["create", "delete", "deletecollection", "patch", "update"] @@ -515,7 +533,7 @@ rules: verbs: ["get", "list", "watch", "update"] - apiGroups: ["certificates.k8s.io"] resources: ["certificatesigningrequests/status"] - verbs: ["update"] + verbs: ["update", "patch"] - apiGroups: ["certificates.k8s.io"] resources: ["signers"] resourceNames: ["issuers.cert-manager.io/*", "clusterissuers.cert-manager.io/*"] diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml index 873ad932e5..15d2f71d44 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/serviceaccount.yaml @@ -19,4 +19,7 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "controller" {{- include "labels" . | nindent 4 }} + {{- with .Values.serviceAccount.labels }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml index 249bcededa..adf2ffaa6e 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/servicemonitor.yaml @@ -1,4 +1,6 @@ -{{- if and .Values.prometheus.enabled .Values.prometheus.servicemonitor.enabled }} +{{- if and .Values.prometheus.enabled (and .Values.prometheus.podmonitor.enabled .Values.prometheus.servicemonitor.enabled) }} +{{- fail "Either .Values.prometheus.podmonitor.enabled or .Values.prometheus.servicemonitor.enabled can be enabled at a time, but not both." }} +{{- else if and .Values.prometheus.enabled .Values.prometheus.servicemonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -18,6 +20,12 @@ metadata: {{- with .Values.prometheus.servicemonitor.labels }} {{- toYaml . | nindent 4 }} {{- end }} +{{- if .Values.prometheus.servicemonitor.annotations }} + annotations: + {{- with .Values.prometheus.servicemonitor.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} spec: jobLabel: {{ template "cert-manager.fullname" . }} selector: @@ -28,7 +36,7 @@ spec: {{- if .Values.prometheus.servicemonitor.namespace }} namespaceSelector: matchNames: - - {{ .Values.namespace }} + - {{ include "cert-manager.namespace" . }} {{- end }} endpoints: - targetPort: {{ .Values.prometheus.servicemonitor.targetPort }} @@ -36,4 +44,7 @@ spec: interval: {{ .Values.prometheus.servicemonitor.interval }} scrapeTimeout: {{ .Values.prometheus.servicemonitor.scrapeTimeout }} honorLabels: {{ .Values.prometheus.servicemonitor.honorLabels }} + {{- with .Values.prometheus.servicemonitor.endpointAdditionalProperties }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml index b5b23350df..74d45d5f9a 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-job.yaml @@ -34,6 +34,10 @@ spec: spec: restartPolicy: OnFailure serviceAccountName: {{ template "startupapicheck.serviceAccountName" . }} + {{- if hasKey .Values.startupapicheck "automountServiceAccountToken" }} + automountServiceAccountToken: {{ .Values.startupapicheck.automountServiceAccountToken }} + {{- end }} + enableServiceLinks: {{ .Values.startupapicheck.enableServiceLinks }} {{- with .Values.global.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} @@ -42,10 +46,8 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} containers: - - name: {{ .Chart.Name }} - {{- with .Values.startupapicheck.image }} - image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" - {{- end }} + - name: {{ .Chart.Name }}-startupapicheck + image: "{{ template "image" (tuple .Values.startupapicheck.image $.Chart.AppVersion) }}" imagePullPolicy: {{ .Values.startupapicheck.image.pullPolicy }} args: - check @@ -62,6 +64,10 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- with .Values.startupapicheck.volumeMounts }} + volumeMounts: + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.startupapicheck.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -74,4 +80,8 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.startupapicheck.volumes }} + volumes: + {{- toYaml . | nindent 8 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml index 981ec43460..056e615933 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/startupapicheck-serviceaccount.yaml @@ -16,6 +16,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "startupapicheck" {{- include "labels" . | nindent 4 }} + {{- with .Values.startupapicheck.serviceAccount.labels }} + {{ toYaml . | nindent 4 }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 2 }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml index 1998074209..35a266dba8 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-config.yaml @@ -1,12 +1,6 @@ {{- if .Values.webhook.config -}} - {{- if not .Values.webhook.config.apiVersion -}} - {{- fail "webhook.config.apiVersion must be set" -}} - {{- end -}} - - {{- if not .Values.webhook.config.kind -}} - {{- fail "webhook.config.kind must be set" -}} - {{- end -}} -{{- end -}} +{{- $_ := .Values.webhook.config.apiVersion | required ".Values.webhook.config.apiVersion must be set !" -}} +{{- $_ := .Values.webhook.config.kind | required ".Values.webhook.config.kind must be set !" -}} apiVersion: v1 kind: ConfigMap metadata: @@ -17,8 +11,8 @@ metadata: app.kubernetes.io/name: {{ include "webhook.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} data: - {{- if .Values.webhook.config }} config.yaml: | - {{ .Values.webhook.config | toYaml | nindent 4 }} - {{- end }} + {{- .Values.webhook.config | toYaml | nindent 4 }} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml index 07924a3d1c..be59772541 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-deployment.yaml @@ -15,6 +15,9 @@ metadata: {{- end }} spec: replicas: {{ .Values.webhook.replicaCount }} + {{- if ne (quote .Values.global.revisionHistoryLimit) (quote "") }} + revisionHistoryLimit: {{ .Values.global.revisionHistoryLimit }} + {{- end }} selector: matchLabels: app.kubernetes.io/name: {{ include "webhook.name" . }} @@ -41,6 +44,10 @@ spec: {{- end }} spec: serviceAccountName: {{ template "webhook.serviceAccountName" . }} + {{- if hasKey .Values.webhook "automountServiceAccountToken" }} + automountServiceAccountToken: {{ .Values.webhook.automountServiceAccountToken }} + {{- end }} + enableServiceLinks: {{ .Values.webhook.enableServiceLinks }} {{- with .Values.global.priorityClassName }} priorityClassName: {{ . | quote }} {{- end }} @@ -51,16 +58,15 @@ spec: {{- if .Values.webhook.hostNetwork }} hostNetwork: true {{- end }} - imagePullSecrets: - - name: docker-registry-secret + {{- if .Values.webhook.hostNetwork }} + dnsPolicy: ClusterFirstWithHostNet + {{- end }} containers: - - name: {{ .Chart.Name }} - {{- with .Values.webhook.image }} - image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}" - {{- end }} + - name: {{ .Chart.Name }}-webhook + image: "{{ template "image" (tuple .Values.webhook.image $.Chart.AppVersion) }}" imagePullPolicy: {{ .Values.webhook.image.pullPolicy }} args: - {{- if .Values.global.logLevel }} + {{- if ne (quote .Values.global.logLevel) (quote "") }} - --v={{ .Values.global.logLevel }} {{- end }} {{- if .Values.webhook.config }} @@ -70,11 +76,19 @@ spec: {{ if not $config.securePort -}} - --secure-port={{ .Values.webhook.securePort }} {{- end }} + {{- if .Values.webhook.featureGates }} + - --feature-gates={{ .Values.webhook.featureGates }} + {{- end }} {{- $tlsConfig := default $config.tlsConfig "" }} {{ if or (not $config.tlsConfig) (and (not $tlsConfig.dynamic) (not $tlsConfig.filesystem) ) -}} - --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE) - --dynamic-serving-ca-secret-name={{ template "webhook.fullname" . }}-ca - - --dynamic-serving-dns-names={{ template "webhook.fullname" . }},{{ template "webhook.fullname" . }}.{{ .Values.namespace }},{{ template "webhook.fullname" . }}.{{ .Values.namespace }}.svc{{ if .Values.webhook.url.host }},{{ .Values.webhook.url.host }}{{ end }} + - --dynamic-serving-dns-names={{ template "webhook.fullname" . }} + - --dynamic-serving-dns-names={{ template "webhook.fullname" . }}.$(POD_NAMESPACE) + - --dynamic-serving-dns-names={{ template "webhook.fullname" . }}.$(POD_NAMESPACE).svc + {{ if .Values.webhook.url.host }} + - --dynamic-serving-dns-names={{ .Values.webhook.url.host }} + {{- end }} {{- end }} {{- with .Values.webhook.extraArgs }} {{- toYaml . | nindent 10 }} @@ -89,6 +103,13 @@ spec: {{- else }} containerPort: 6443 {{- end }} + - name: healthcheck + protocol: TCP + {{- if $config.healthzPort }} + containerPort: {{ $config.healthzPort }} + {{- else }} + containerPort: 6080 + {{- end }} livenessProbe: httpGet: path: /livez @@ -130,10 +151,19 @@ spec: resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- if or .Values.webhook.config .Values.webhook.volumeMounts }} + volumeMounts: {{- if .Values.webhook.config }} + {{- if .Values.webhook.config }} + volumeMounts: + {{- if .Values.webhook.config }} volumeMounts: - name: config mountPath: /var/cert-manager/config + {{- end }} + {{- if .Values.webhook.volumeMounts }} + {{- toYaml .Values.webhook.volumeMounts | nindent 12 }} + {{- end }} {{- end }} {{- with .Values.webhook.nodeSelector }} nodeSelector: @@ -147,9 +177,22 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- with .Values.webhook.topologySpreadConstraints }} + topologySpreadConstraints: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if or .Values.webhook.config .Values.webhook.volumes }} + volumes: + {{- if .Values.webhook.config }} {{- if .Values.webhook.config }} + volumes: + {{- if .Values.webhook.config }} volumes: - name: config configMap: name: {{ include "webhook.fullname" . }} + {{- end }} + {{- if .Values.webhook.volumes }} + {{- toYaml .Values.webhook.volumes | nindent 8 }} + {{- end }} {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml index bf26b33c23..63e117dce4 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-mutating-webhook.yaml @@ -15,17 +15,19 @@ metadata: {{- end }} webhooks: - name: webhook.cert-manager.io + {{- with .Values.webhook.mutatingWebhookConfiguration.namespaceSelector }} + namespaceSelector: + {{- toYaml . | nindent 6 }} + {{- end }} rules: - apiGroups: - "cert-manager.io" - - "acme.cert-manager.io" apiVersions: - "v1" operations: - CREATE - - UPDATE resources: - - "*/*" + - "certificaterequests" admissionReviewVersions: ["v1"] # This webhook only accepts v1 cert-manager resources. # Equivalent matchPolicy ensures that non-v1 resource requests are sent to @@ -43,4 +45,4 @@ webhooks: name: {{ template "webhook.fullname" . }} namespace: {{ .Values.namespace }} path: /mutate - {{- end }} + {{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-poddisruptionbudget.yaml new file mode 100644 index 0000000000..b294dd8043 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-poddisruptionbudget.yaml @@ -0,0 +1,29 @@ +{{- if .Values.webhook.podDisruptionBudget.enabled }} +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: {{ include "webhook.fullname" . }} + namespace: {{ .Values.namespace }} + labels: + app: {{ include "webhook.name" . }} + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + {{- include "labels" . | nindent 4 }} +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ include "webhook.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/component: "webhook" + + {{- if not (or (hasKey .Values.webhook.podDisruptionBudget "minAvailable") (hasKey .Values.webhook.podDisruptionBudget "maxUnavailable")) }} + minAvailable: 1 # Default value because minAvailable and maxUnavailable are not set + {{- end }} + {{- if hasKey .Values.webhook.podDisruptionBudget "minAvailable" }} + minAvailable: {{ .Values.webhook.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if hasKey .Values.webhook.podDisruptionBudget "maxUnavailable" }} + maxUnavailable: {{ .Values.webhook.podDisruptionBudget.maxUnavailable }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml index 2a8808e7dc..f6fa4c55e5 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-psp-clusterrole.yaml @@ -15,4 +15,4 @@ rules: verbs: ['use'] resourceNames: - {{ template "webhook.fullname" . }} -{{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml index 67af6e20c6..0560e18a38 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-serviceaccount.yaml @@ -15,6 +15,9 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: "webhook" {{- include "labels" . | nindent 4 }} + {{- with .Values.webhook.serviceAccount.labels }} + {{ toYaml . | nindent 4 }} + {{- end }} {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 2 }} diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml index 5d0e348413..a47a035370 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/templates/webhook-validating-webhook.yaml @@ -15,16 +15,10 @@ metadata: {{- end }} webhooks: - name: webhook.cert-manager.io + {{- with .Values.webhook.validatingWebhookConfiguration.namespaceSelector }} namespaceSelector: - matchExpressions: - - key: "cert-manager.io/disable-validation" - operator: "NotIn" - values: - - "true" - - key: "name" - operator: "NotIn" - values: - - {{ .Values.namespace }} + {{- toYaml . | nindent 6 }} + {{- end }} rules: - apiGroups: - "cert-manager.io" diff --git a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml index d604971c04..137995cffb 100644 --- a/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/cert-manager/values.yaml @@ -1,23 +1,31 @@ - # Default values for cert-manager. # This is a YAML-formatted file. # Declare variables to be passed into your templates. -name: cert-manager -namespace: egov -replicaCount: 1 -fullnameOverride: cert-manager - global: - ## Reference to one or more secrets to be used when pulling images - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## + # Reference to one or more secrets to be used when pulling images + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ imagePullSecrets: [] # - name: "image-pull-secret" + # Labels to apply to all resources + # Please note that this does not add labels to the resources created dynamically by the controllers. + # For these resources, you have to add the labels in the template in the cert-manager custom resource: + # eg. podTemplate/ ingressTemplate in ACMEChallengeSolverHTTP01Ingress + # ref: https://cert-manager.io/docs/reference/api-docs/#acme.cert-manager.io/v1.ACMEChallengeSolverHTTP01Ingress + # eg. secretTemplate in CertificateSpec + # ref: https://cert-manager.io/docs/reference/api-docs/#cert-manager.io/v1.CertificateSpec + commonLabels: {} + # team_name: dev + + # The number of old ReplicaSets to retain to allow rollback (If not set, default Kubernetes value is set to 10) + # revisionHistoryLimit: 1 + # Optional priority class to be used for the cert-manager pods priorityClassName: "" rbac: create: true + # Aggregate ClusterRoles to Kubernetes default user-facing roles. Ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles + aggregateClusterRoles: true podSecurityPolicy: enabled: false @@ -27,7 +35,7 @@ global: logLevel: 2 leaderElection: - # Override the namespace used to store the ConfigMap for leader election + # Override the namespace used for the leader election lease namespace: "kube-system" # The duration that non-leader candidates will wait after observing a @@ -45,8 +53,9 @@ global: # renewal of a leadership. # retryPeriod: 15s -installCRDs: true +installCRDs: false +fullnameOverride: "cert-manager" clusterIssuer: stage: @@ -62,17 +71,28 @@ clusterIssuer: email: sre-staff@egovernments.org secretName: letsencrypt-prod - strategy: {} # type: RollingUpdate # rollingUpdate: # maxSurge: 0 # maxUnavailable: 1 +podDisruptionBudget: + enabled: false + + # minAvailable and maxUnavailable can either be set to an integer (e.g. 1) + # or a percentage value (e.g. 25%) + # if neither minAvailable or maxUnavailable is set, we default to `minAvailable: 1` + # minAvailable: 1 + # maxUnavailable: 1 + # Comma separated list of feature gates that should be enabled on the # controller pod. featureGates: "" +# The maximum number of challenges that can be scheduled as 'processing' at once +maxConcurrentChallenges: 60 + image: repository: quay.io/jetstack/cert-manager-controller # You can manage a registry with @@ -92,8 +112,10 @@ image: # used. This namespace will not be automatically created by the Helm chart. clusterResourceNamespace: "" -updateStrategy: OnDelete - +# This namespace allows you to define where the services will be installed into +# if not set then they will use the namespace of the release +# This is helpful when installing cert manager as a chart dependency (sub chart) +namespace: "egov" serviceAccount: name: cert-manager @@ -105,14 +127,65 @@ serviceAccount: # Optional additional annotations to add to the controller's ServiceAccount # annotations: {} # Automount API credentials for a Service Account. + # Optional additional labels to add to the controller's ServiceAccount + # labels: {} automountServiceAccountToken: true +# Automounting API credentials for a particular pod +# automountServiceAccountToken: true + +# When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted +enableCertificateOwnerRef: false + +# Used to configure options for the controller pod. +# This allows setting options that'd usually be provided via flags. +# An APIVersion and Kind must be specified in your values.yaml file. +# Flags will override options that are set here. +config: +# apiVersion: controller.config.cert-manager.io/v1alpha1 +# kind: ControllerConfiguration +# logging: +# verbosity: 2 +# format: text +# leaderElectionConfig: +# namespace: kube-system +# kubernetesAPIQPS: 9000 +# kubernetesAPIBurst: 9000 +# numberOfConcurrentWorkers: 200 +# featureGates: +# AdditionalCertificateOutputFormats: true +# DisallowInsecureCSRUsageDefinition: true +# ExperimentalCertificateSigningRequestControllers: true +# ExperimentalGatewayAPISupport: true +# LiteralCertificateSubject: true +# SecretsFilteredCaching: true +# ServerSideApply: true +# StableCertificateRequestName: true +# UseCertificateRequestBasicConstraints: true +# ValidateCAA: true +# metricsTLSConfig: +# dynamic: +# secretNamespace: "cert-manager" +# secretName: "cert-manager-metrics-ca" +# dnsNames: +# - cert-manager-metrics +# - cert-manager-metrics.cert-manager +# - cert-manager-metrics.cert-manager.svc + +# Setting Nameservers for DNS01 Self Check +# See: https://cert-manager.io/docs/configuration/acme/dns01/#setting-nameservers-for-dns01-self-check + +# Comma separated string with host and port of the recursive nameservers cert-manager should query +dns01RecursiveNameservers: "" + +# Forces cert-manager to only use the recursive nameservers for verification. +# Enabling this option could cause the DNS01 self check to take longer due to caching performed by the recursive nameservers +dns01RecursiveNameserversOnly: false + # Additional command line flags to pass to cert-manager controller binary. # To see all available flags run docker run quay.io/jetstack/cert-manager-controller: --help extraArgs: [] - # When this flag is enabled, secrets will be automatically removed when the certificate resource is deleted - # - --enable-certificate-owner-ref=true - # Use this flag to enabled or disable arbitrary controllers, for example, disable the CertificiateRequests approver + # Use this flag to enable or disable arbitrary controllers, for example, disable the CertificiateRequests approver # - --controllers=*,-certificaterequests-approver extraEnv: [] @@ -128,26 +201,17 @@ resources: {} # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: runAsNonRoot: true -# legacy securityContext parameter format: if enabled is set to true, only fsGroup and runAsUser are supported -# securityContext: -# enabled: false -# fsGroup: 1001 -# runAsUser: 1001 -# to support additional securityContext parameters, omit the `enabled` parameter and simply specify the parameters -# you want to set, e.g. -# securityContext: -# fsGroup: 1000 -# runAsUser: 1000 -# runAsNonRoot: true + seccompProfile: + type: RuntimeDefault # Container Security Context to be set on the controller component container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -containerSecurityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true +containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true volumes: [] @@ -179,7 +243,8 @@ podLabels: {} # - "1.1.1.1" # - "8.8.8.8" -nodeSelector: {} +nodeSelector: + kubernetes.io/os: linux ingressShim: {} # defaultIssuerName: "" @@ -196,14 +261,26 @@ prometheus: interval: 60s scrapeTimeout: 30s labels: {} + annotations: {} honorLabels: false - + endpointAdditionalProperties: {} + # Note: Enabling both PodMonitor and ServiceMonitor is mutually exclusive, enabling both will result in a error. + podmonitor: + enabled: false + prometheusInstance: default + path: /metrics + interval: 60s + scrapeTimeout: 30s + labels: {} + annotations: {} + honorLabels: false + endpointAdditionalProperties: {} # Use these variables to configure the HTTP_PROXY environment variables # http_proxy: "http://proxy:8080" # https_proxy: "https://proxy:8080" # no_proxy: 127.0.0.1,localhost -# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#affinity-v1-core +# A Kubernetes Affinity, if required; see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#affinity-v1-core # for example: # affinity: # nodeAffinity: @@ -216,7 +293,7 @@ prometheus: # - master affinity: {} -# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#toleration-v1-core +# A list of Kubernetes Tolerations, if required; see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#toleration-v1-core # for example: # tolerations: # - key: foo.bar.com/role @@ -225,9 +302,56 @@ affinity: {} # effect: NoSchedule tolerations: [] +# A list of Kubernetes TopologySpreadConstraints, if required; see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.27/#topologyspreadconstraint-v1-core +# for example: +# topologySpreadConstraints: +# - maxSkew: 2 +# topologyKey: topology.kubernetes.io/zone +# whenUnsatisfiable: ScheduleAnyway +# labelSelector: +# matchLabels: +# app.kubernetes.io/instance: cert-manager +# app.kubernetes.io/component: controller +topologySpreadConstraints: [] + +# LivenessProbe settings for the controller container of the controller Pod. +# +# Enabled by default, because we want to enable the clock-skew liveness probe that +# restarts the controller in case of a skew between the system clock and the monotonic clock. +# LivenessProbe durations and thresholds are based on those used for the Kubernetes +# controller-manager. See: +# https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245 +livenessProbe: + enabled: true + initialDelaySeconds: 10 + periodSeconds: 10 + timeoutSeconds: 15 + successThreshold: 1 + failureThreshold: 8 + +# enableServiceLinks indicates whether information about services should be +# injected into pod's environment variables, matching the syntax of Docker +# links. +enableServiceLinks: false + webhook: replicaCount: 1 - timeoutSeconds: 10 + + # Seconds the API server should wait for the webhook to respond before treating the call as a failure. + # Value must be between 1 and 30 seconds. See: + # https://kubernetes.io/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1/ + # + # We set the default to the maximum value of 30 seconds. Here's why: + # Users sometimes report that the connection between the K8S API server and + # the cert-manager webhook server times out. + # If *this* timeout is reached, the error message will be "context deadline exceeded", + # which doesn't help the user diagnose what phase of the HTTPS connection timed out. + # For example, it could be during DNS resolution, TCP connection, TLS + # negotiation, HTTP negotiation, or slow HTTP response from the webhook + # server. + # So by setting this timeout to its maximum value the underlying timeout error + # message has more chance of being returned to the end user. + timeoutSeconds: 30 # Used to configure options for the webhook pod. # This allows setting options that'd usually be provided via flags. @@ -256,15 +380,26 @@ webhook: # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + + podDisruptionBudget: + enabled: false + + # minAvailable and maxUnavailable can either be set to an integer (e.g. 1) + # or a percentage value (e.g. 25%) + # if neither minAvailable or maxUnavailable is set, we default to `minAvailable: 1` + # minAvailable: 1 + # maxUnavailable: 1 # Container Security Context to be set on the webhook component container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - containerSecurityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true # Optional additional annotations to add to the webhook Deployment # deploymentAnnotations: {} @@ -281,12 +416,37 @@ webhook: # Optional additional annotations to add to the webhook ValidatingWebhookConfiguration # validatingWebhookConfigurationAnnotations: {} + validatingWebhookConfiguration: + # Configure spec.namespaceSelector for validating webhooks. + namespaceSelector: + matchExpressions: + - key: "cert-manager.io/disable-validation" + operator: "NotIn" + values: + - "true" + + mutatingWebhookConfiguration: + # Configure spec.namespaceSelector for mutating webhooks. + namespaceSelector: {} + # matchLabels: + # key: value + # matchExpressions: + # - key: kubernetes.io/metadata.name + # operator: NotIn + # values: + # - kube-system + + # Additional command line flags to pass to cert-manager webhook binary. # To see all available flags run docker run quay.io/jetstack/cert-manager-webhook: --help extraArgs: [] # Path to a file containing a WebhookConfiguration object used to configure the webhook # - --config= + # Comma separated list of feature gates that should be enabled on the + # webhook pod. + featureGates: "" + resources: {} # requests: # cpu: 10m @@ -308,12 +468,15 @@ webhook: successThreshold: 1 timeoutSeconds: 1 - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux affinity: {} tolerations: [] + topologySpreadConstraints: [] + # Optional additional labels to add to the Webhook Pods podLabels: {} @@ -343,9 +506,14 @@ webhook: # name: "" # Optional additional annotations to add to the controller's ServiceAccount # annotations: {} + # Optional additional labels to add to the webhook's ServiceAccount + # labels: {} # Automount API credentials for a Service Account. automountServiceAccountToken: true + # Automounting API credentials for a particular pod + # automountServiceAccountToken: true + # The port that the webhook should listen on for requests. # In GKE private clusters, by default kubernetes apiservers are allowed to # talk to the cluster nodes only on 443 and 10250. so configuring @@ -375,10 +543,56 @@ webhook: url: {} # host: + # Enables default network policies for webhooks. + networkPolicy: + enabled: false + ingress: + - from: + - ipBlock: + cidr: 0.0.0.0/0 + egress: + - ports: + - port: 80 + protocol: TCP + - port: 443 + protocol: TCP + - port: 53 + protocol: TCP + - port: 53 + protocol: UDP + # On OpenShift and OKD, the Kubernetes API server listens on + # port 6443. + - port: 6443 + protocol: TCP + to: + - ipBlock: + cidr: 0.0.0.0/0 + + volumes: [] + volumeMounts: [] + + # enableServiceLinks indicates whether information about services should be + # injected into pod's environment variables, matching the syntax of Docker + # links. + enableServiceLinks: false + cainjector: enabled: true replicaCount: 1 + # Used to configure options for the cainjector pod. + # This allows setting options that'd usually be provided via flags. + # An APIVersion and Kind must be specified in your values.yaml file. + # Flags will override options that are set here. + config: + # apiVersion: cainjector.config.cert-manager.io/v1alpha1 + # kind: CAInjectorConfiguration + # logging: + # verbosity: 2 + # format: text + # leaderElectionConfig: + # namespace: kube-system + strategy: {} # type: RollingUpdate # rollingUpdate: @@ -389,15 +603,26 @@ cainjector: # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + + podDisruptionBudget: + enabled: false + + # minAvailable and maxUnavailable can either be set to an integer (e.g. 1) + # or a percentage value (e.g. 25%) + # if neither minAvailable or maxUnavailable is set, we default to `minAvailable: 1` + # minAvailable: 1 + # maxUnavailable: 1 # Container Security Context to be set on the cainjector component container # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - containerSecurityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true # Optional additional annotations to add to the cainjector Deployment @@ -412,17 +637,24 @@ cainjector: # Enable profiling for cainjector # - --enable-profiling=true + # Comma separated list of feature gates that should be enabled on the + # cainjector pod. + featureGates: "" + resources: {} # requests: # cpu: 10m # memory: 32Mi - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux affinity: {} tolerations: [] + topologySpreadConstraints: [] + # Optional additional labels to add to the CA Injector Pods podLabels: {} @@ -450,22 +682,60 @@ cainjector: # Optional additional annotations to add to the controller's ServiceAccount # annotations: {} # Automount API credentials for a Service Account. + # Optional additional labels to add to the cainjector's ServiceAccount + # labels: {} automountServiceAccountToken: true + # Automounting API credentials for a particular pod + # automountServiceAccountToken: true + + volumes: [] + volumeMounts: [] + + # enableServiceLinks indicates whether information about services should be + # injected into pod's environment variables, matching the syntax of Docker + # links. + enableServiceLinks: false + +acmesolver: + image: + repository: quay.io/jetstack/cert-manager-acmesolver + # You can manage a registry with + # registry: quay.io + # repository: jetstack/cert-manager-acmesolver + + # Override the image tag to deploy by setting this variable. + # If no value is set, the chart's appVersion will be used. + # tag: canary + + # Setting a digest will override any tag + # digest: sha256:0e072dddd1f7f8fc8909a2ca6f65e76c5f0d2fcfb8be47935ae3457e8bbceb20 + # This startupapicheck is a Helm post-install hook that waits for the webhook # endpoints to become available. # The check is implemented using a Kubernetes Job- if you are injecting mesh # sidecar proxies into cert-manager pods, you probably want to ensure that they # are not injected into this Job's pod. Otherwise the installation may time out # due to the Job never being completed because the sidecar proxy does not exit. -# See https://github.com/jetstack/cert-manager/pull/4414 for context. +# See https://github.com/cert-manager/cert-manager/pull/4414 for context. startupapicheck: - enabled: true + enabled: false # Pod Security Context to be set on the startupapicheck component Pod # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ securityContext: runAsNonRoot: true + seccompProfile: + type: RuntimeDefault + + # Container Security Context to be set on the controller component container + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + containerSecurityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true # Timeout for 'kubectl check api' command timeout: 1m @@ -484,14 +754,20 @@ startupapicheck: # Additional command line flags to pass to startupapicheck binary. # To see all available flags run docker run quay.io/jetstack/cert-manager-ctl: --help - extraArgs: [] + # + # We enable verbose logging by default so that if startupapicheck fails, users + # can know what exactly caused the failure. Verbose logs include details of + # the webhook URL, IP address and TCP connect errors for example. + extraArgs: + - -v resources: {} # requests: # cpu: 10m # memory: 32Mi - nodeSelector: {} + nodeSelector: + kubernetes.io/os: linux affinity: {} @@ -501,7 +777,7 @@ startupapicheck: podLabels: {} image: - repository: quay.io/jetstack/cert-manager-ctl + repository: quay.io/jetstack/cert-manager-startupapicheck # You can manage a registry with # registry: quay.io # repository: jetstack/cert-manager-ctl @@ -522,6 +798,9 @@ startupapicheck: helm.sh/hook-weight: "-5" helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded + # Automounting API credentials for a particular pod + # automountServiceAccountToken: true + serviceAccount: # Specifies whether a service account should be created create: true @@ -538,3 +817,14 @@ startupapicheck: # Automount API credentials for a Service Account. automountServiceAccountToken: true + + # Optional additional labels to add to the startupapicheck's ServiceAccount + # labels: {} + + volumes: [] + volumeMounts: [] + + # enableServiceLinks indicates whether information about services should be + # injected into pod's environment variables, matching the syntax of Docker + # links. + enableServiceLinks: false diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml index 9975f3f427..f1cc61bfd3 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-infra-v1-values.yaml @@ -1,7 +1,7 @@ name: elasticsearch-data-infra-v1 namespace: es-cluster-infra -replicas: 3 +replicas: 1 image: pullPolicy: IfNotPresent diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-values.yaml similarity index 81% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-values.yaml index a4373b91b2..f5f8243b77 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-v1-values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-data-values.yaml @@ -1,26 +1,25 @@ -name: elasticsearch-data-v1 +name: elasticsearch-data namespace: es-cluster replicas: 3 image: pullPolicy: IfNotPresent repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 + tag: 8.11.3 -clusterName: "elasticsearch-v1" +clusterName: "elasticsearch" nodeGroup: "data" # The service that non master groups will try to connect to when joining the cluster # This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-v1" +masterService: "elasticsearch-master" # Elasticsearch roles that will be applied to this nodeGroup # These will be set as environment variables. E.g. node.master=true roles: - master: "false" - ingest: "true" - data: "true" + - ingest + - data minimumMasterNodes: 2 @@ -45,16 +44,43 @@ extraEnvs: value: "/usr/share/elasticsearch/data" - name: path.logs value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" +# - name: gateway.expected_master_nodes +# value: "2" - name: gateway.expected_data_nodes value: "1" - name: gateway.recover_after_time value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" +# - name: gateway.recover_after_master_nodes +# value: "2" - name: gateway.recover_after_data_nodes - value: "1" + value: "1" + - name: ELASTIC_PASSWORD + valueFrom: + secretKeyRef: + name: elasticsearch-master-credentials + key: password + - name: xpack.security.enabled + value: "true" + - name: xpack.security.transport.ssl.enabled + value: "true" + - name: xpack.security.http.ssl.enabled + value: "true" + - name: xpack.security.transport.ssl.verification_mode + value: "certificate" + - name: xpack.security.transport.ssl.key + value: "/usr/share/elasticsearch/config/certs/tls.key" + - name: xpack.security.transport.ssl.certificate + value: "/usr/share/elasticsearch/config/certs/tls.crt" + - name: xpack.security.transport.ssl.certificate_authorities + value: "/usr/share/elasticsearch/config/certs/ca.crt" + - name: xpack.security.http.ssl.key + value: "/usr/share/elasticsearch/config/certs/tls.key" + - name: xpack.security.http.ssl.certificate + value: "/usr/share/elasticsearch/config/certs/tls.crt" + - name: xpack.security.http.ssl.certificate_authorities + value: "/usr/share/elasticsearch/config/certs/ca.crt" + +createCert: false # Allows you to load environment variables from kubernetes secret or config map envFrom: [] @@ -66,10 +92,10 @@ envFrom: [] # A list of secrets and their paths to mount inside the pod # This is useful for mounting certificates for security and for mounting # the X-Pack license -secretMounts: [] -# - name: elastic-certificates -# secretName: elastic-certificates -# path: /usr/share/elasticsearch/config/certs +secretMounts: + - name: elastic-certificates + secretName: elasticsearch-master-certs + path: /usr/share/elasticsearch/config/certs podAnnotations: {} # iam.amazonaws.com/role: es-cluster @@ -177,10 +203,13 @@ nodeAffinity: {} # the same time when bootstrapping the cluster podManagementPolicy: "Parallel" -protocol: http +protocol: https httpPort: 9200 transportPort: 9300 +secret: + enabled: false + service: labels: {} labelsHeadless: {} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml index abbbe5a8f1..d4b7c75592 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-infra-v1-values.yaml @@ -1,7 +1,7 @@ name: elasticsearch-master-infra-v1 namespace: es-cluster-infra -replicas: 3 +replicas: 2 image: pullPolicy: IfNotPresent diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-values.yaml similarity index 94% rename from deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml rename to deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-values.yaml index e2874bfdb7..8d970c7cfd 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-v1-values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/elasticsearch-master-values.yaml @@ -1,27 +1,24 @@ -name: elasticsearch-master-v1 +name: elasticsearch-master namespace: es-cluster replicas: 3 image: pullPolicy: IfNotPresent repository: docker.elastic.co/elasticsearch/elasticsearch - tag: 6.4.2 + tag: 8.11.3 -clusterName: "elasticsearch-v1" +clusterName: "elasticsearch" nodeGroup: "master" # The service that non master groups will try to connect to when joining the cluster # This should be set to clusterName + "-" + nodeGroup for your master group -masterService: "elasticsearch-master-v1" +masterService: "elasticsearch-master" # Elasticsearch roles that will be applied to this nodeGroup # These will be set as environment variables. E.g. node.master=true roles: - master: "true" - ingest: "false" - data: "false" - + - master minimumMasterNodes: 2 esMajorVersion: "" @@ -45,16 +42,22 @@ extraEnvs: value: "/usr/share/elasticsearch/data" - name: path.logs value: "/usr/share/elasticsearch/logs" - - name: gateway.expected_master_nodes - value: "2" +# - name: gateway.expected_master_nodes +# value: "2" - name: gateway.expected_data_nodes value: "1" - name: gateway.recover_after_time value: "5m" - - name: gateway.recover_after_master_nodes - value: "2" +# - name: gateway.recover_after_master_nodes +# value: "2" - name: gateway.recover_after_data_nodes - value: "1" + value: "1" +# - name: xpack.security.enabled +# value: "false" +# - name: xpack.security.audit.enabled +# value: "false" + +createCert: true # Allows you to load environment variables from kubernetes secret or config map envFrom: [] @@ -175,10 +178,13 @@ nodeAffinity: {} # the same time when bootstrapping the cluster podManagementPolicy: "Parallel" -protocol: http +protocol: https httpPort: 9200 transportPort: 9300 +secret: + enabled: true + service: labels: {} labelsHeadless: {} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl index 3e7ac57fbd..a107c5399a 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/_helpers.tpl @@ -8,6 +8,46 @@ {{- end }} {{- end }} +{{- define "elasticsearch.roles" -}} +{{- range $.Values.roles -}} +{{ . }}, +{{- end -}} +{{- end -}} + +{{/* +Generate certificates when the secret doesn't exist +*/}} +{{- define "elasticsearch.gen-certs" -}} +{{- $certs := lookup "v1" "Secret" "es-cluster-v8" ( printf "%s-certs" (include "name" . ) ) -}} +{{- if $certs -}} +tls.crt: {{ index $certs.data "tls.crt" }} +tls.key: {{ index $certs.data "tls.key" }} +ca.crt: {{ index $certs.data "ca.crt" }} +{{- else -}} +{{- $altNames := list ( include "elasticsearch.masterService" . ) ( printf "%s.es-cluster-v8" (include "elasticsearch.masterService" .) ) ( printf "%s.es-cluster-v8.svc" (include "elasticsearch.masterService" .) ) -}} +{{- $ca := genCA "elasticsearch-ca" 365 -}} +{{- $cert := genSignedCert ( include "elasticsearch.masterService" . ) nil $altNames 365 $ca -}} +tls.crt: {{ $cert.Cert | toString | b64enc }} +tls.key: {{ $cert.Key | toString | b64enc }} +ca.crt: {{ $ca.Cert | toString | b64enc }} +{{- end -}} +{{- end -}} + +{{- define "elasticsearch.masterService" -}} +{{- if empty .Values.masterService -}} +{{- if empty .Values.fullnameOverride -}} +{{- if empty .Values.nameOverride -}} +{{ .Values.clusterName }}-master +{{- else -}} +{{ .Values.nameOverride }}-master +{{- end -}} +{{- else -}} +{{ .Values.fullnameOverride }} +{{- end -}} +{{- else -}} +{{ .Values.masterService }} +{{- end -}} +{{- end -}} {{- define "elasticsearch.endpoints" -}} {{- $replicas := int (toString (.Values.replicas)) }} @@ -25,7 +65,7 @@ {{- if and (contains "docker.elastic.co/elasticsearch/elasticsearch" .Values.image.repository) (not (eq $version 0)) -}} {{ $version }} {{- else -}} -7 +8 {{- end -}} {{- end -}} {{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml deleted file mode 100644 index be2fa2a2ac..0000000000 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/persistentvolume.yaml +++ /dev/null @@ -1,55 +0,0 @@ -{{- $envOverrides := index .Values (tpl (default .Chart.Name .Values.name) .) -}} -{{- $baseValues := .Values | deepCopy -}} -{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} -{{- with mustMergeOverwrite . $values -}} -{{- if .Values.persistence.enabled }} -{{- range $idx, $v := until (int .Values.replicas) }} -apiVersion: v1 -kind: PersistentVolume -metadata: - name: "es-storage-{{ template "name" $ }}-{{ $idx }}" - labels: - app: {{ template "name" $ }} -{{- if $.Values.persistence.aws }} - failure-domain.beta.kubernetes.io/zone: {{ index $.Values "persistence" "aws" $idx "zone" }} - topology.kubernetes.io/zone: {{ index $.Values "persistence" "aws" $idx "zone" }} -{{- end }} -spec: - capacity: - storage: {{ $.Values.persistence.dataDirSize | quote }} - accessModes: - - ReadWriteOnce - persistentVolumeReclaimPolicy: Retain - claimRef: - namespace: {{ $.Values.namespace }} - name: "es-storage-{{ template "name" $ }}-{{ $idx }}" -{{- if $.Values.persistence.aws }} - awsElasticBlockStore: - volumeID: {{ index $.Values "persistence" "aws" $idx "volumeId" }} - fsType: ext4 -{{- end }} -{{- if $.Values.persistence.azure }} - azureDisk: - cachingMode: ReadWrite - diskName: {{ index $.Values "persistence" "azure" $idx "diskName" }} - diskURI: {{ index $.Values "persistence" "azure" $idx "diskUri" }} - kind: Managed - fsType: ext4 -{{- end }} -{{- if $.Values.persistence.openstack }} - cinder: - fsType: "ext4" - volumeID: {{ index $.Values "persistence" "openstack" $idx }} -{{- end }} -{{- if $.Values.persistence.iscsi }} - iscsi: - targetPortal: {{ index $.Values "persistence" "iscsi" "targetPortal" }} - iqn: {{ index $.Values "persistence" "iscsi" "iqn" $idx }} - lun: 0 - fsType: 'ext4' - readOnly: true -{{- end }} ---- -{{- end }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml index 317137fad0..6582bcfcec 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/poddisruptionbudget.yaml @@ -1,5 +1,5 @@ {{- if .Values.maxUnavailable }} -apiVersion: policy/v1beta1 +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: "{{ template "name" . }}-pdb" diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret-cert.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret-cert.yaml new file mode 100644 index 0000000000..9109a71ec8 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret-cert.yaml @@ -0,0 +1,15 @@ +{{- if .Values.createCert }} +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: {{ template "name" . }}-certs + namespace: {{ .Values.namespace }} + labels: + app: "{{ template "name" . }}" + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +data: +{{ ( include "elasticsearch.gen-certs" . ) | indent 2 }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret.yaml new file mode 100644 index 0000000000..9285ef6543 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/secret.yaml @@ -0,0 +1,21 @@ +{{- if .Values.secret.enabled -}} +{{- $passwordValue := (randAlphaNum 24) | b64enc | quote }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "name" . }}-credentials + namespace: {{ .Values.namespace }} + labels: + app: "{{ template "name" . }}" + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +type: Opaque +data: + username: {{ "elastic" | b64enc }} + {{- if .Values.secret.password }} + password: {{ .Values.secret.password | b64enc }} + {{- else }} + password: {{ $passwordValue }} + {{- end }} +{{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml index 4a8dc64fb0..013d259433 100644 --- a/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml +++ b/deploy-as-code/helm/charts/backbone-services/elasticsearch/templates/statefulset.yaml @@ -114,6 +114,11 @@ spec: configMap: name: {{ template "name" . }}-config {{- end }} + {{- if .Values.createCert }} + - name: elasticsearch-certs + secret: + secretName: {{ template "name" . }}-certs + {{- end }} {{- if .Values.keystore }} - name: keystore emptyDir: {} @@ -150,6 +155,8 @@ spec: {{- end }} {{ if .Values.keystore }} - name: keystore + securityContext: +{{ toYaml .Values.securityContext | indent 10 }} image: {{ template "common.image" (dict "Values" .Values "repository" .Values.image.repository "tag" .Values.image.tag) }} imagePullPolicy: "{{ .Values.image.pullPolicy }}" command: @@ -195,8 +202,6 @@ spec: {{ toYaml .Values.extraInitContainers | indent 6 }} {{- end }} {{- end }} - imagePullSecrets: - - name: docker-registry-secret containers: - name: "elasticsearch" securityContext: @@ -206,26 +211,45 @@ spec: readinessProbe: exec: command: - - sh + - bash - -c - | - #!/usr/bin/env bash -e - # If the node is starting up wait for the cluster to be ready (request params: '{{ .Values.clusterHealthCheckParams }}' ) + set -e + + # Exit if ELASTIC_PASSWORD in unset + if [ -z "${ELASTIC_PASSWORD}" ]; then + echo "ELASTIC_PASSWORD variable is missing, exiting" + exit 1 + fi + + # If the node is starting up wait for the cluster to be ready (request params: "{{ .Values.clusterHealthCheckParams }}" ) # Once it has started only check that the node itself is responding START_FILE=/tmp/.es_start_file - if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then - BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" - else - BASIC_AUTH='' - fi + # Disable nss cache to avoid filling dentry cache when calling curl + # This is required with Elasticsearch Docker using nss < 3.52 + export NSS_SDB_USE_CACHE=no + + http () { + local path="${1}" + local args="${2}" + set -- -XGET -s + + if [ "$args" != "" ]; then + set -- "$@" $args + fi + + set -- "$@" -u "elastic:${ELASTIC_PASSWORD}" + + curl --output /dev/null -k "$@" "{{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path}" + } if [ -f "${START_FILE}" ]; then echo 'Elasticsearch is already running, lets check the node is healthy' - HTTP_CODE=$(curl -XGET -s -k ${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/) + HTTP_CODE=$(http "/" "-w %{http_code}") RC=$? if [[ ${RC} -ne 0 ]]; then - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" + echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with RC ${RC}" exit ${RC} fi # ready if HTTP code 200, 503 is tolerable if ES version is 6.x @@ -234,13 +258,13 @@ spec: elif [[ ${HTTP_CODE} == "503" && "{{ include "elasticsearch.esMajorVersion" . }}" == "6" ]]; then exit 0 else - echo "curl -XGET -s -k \${BASIC_AUTH} -o /dev/null -w '%{http_code}' {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" + echo "curl --output /dev/null -k -XGET -s -w '%{http_code}' \${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/ failed with HTTP code ${HTTP_CODE}" exit 1 fi else echo 'Waiting for elasticsearch cluster to become ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' - if curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }} ; then + if http "/_cluster/health?{{ .Values.clusterHealthCheckParams }}" "--fail" ; then touch ${START_FILE} exit 0 else @@ -261,31 +285,57 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name - {{- if eq .Values.roles.master "true" }} - {{- if ge (int (include "elasticsearch.esMajorVersion" .)) 7 }} + {{- if has "master" .Values.roles }} - name: cluster.initial_master_nodes value: "{{ template "elasticsearch.endpoints" . }}" - {{- else }} - - name: discovery.zen.minimum_master_nodes - value: "{{ .Values.minimumMasterNodes }}" {{- end }} + {{- if gt (len (include "elasticsearch.roles" .)) 0 }} + - name: node.roles + value: "{{ template "elasticsearch.roles" . }}" {{- end }} {{- if lt (int (include "elasticsearch.esMajorVersion" .)) 7 }} - name: discovery.zen.ping.unicast.hosts - value: {{ .Values.masterService | quote }} + value: "{{ template "elasticsearch.masterService" . }}-headless" {{- else }} - name: discovery.seed_hosts - value: {{ .Values.masterService | quote }} + value: "{{ template "elasticsearch.masterService" . }}-headless" {{- end }} - name: cluster.name value: {{ .Values.clusterName | quote }} - name: network.host - value: {{ .Values.networkHost | quote }} + value: {{ .Values.networkHost | quote }} + {{- if .Values.secret.enabled }} + - name: ELASTIC_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "name" . }}-credentials + key: password + {{- end }} - name: ES_JAVA_OPTS value: {{ .Values.esJavaOpts | quote }} - {{- range $role, $enabled := .Values.roles }} - - name: node.{{ $role }} - value: {{ $enabled | quote }} + {{- if .Values.createCert }} + - name: xpack.security.enabled + value: "true" + - name: xpack.security.transport.ssl.enabled + value: "true" + - name: xpack.security.enrollment.enabled + value: "true" + - name: xpack.security.http.ssl.enabled + value: "true" + - name: xpack.security.transport.ssl.verification_mode + value: "certificate" + - name: xpack.security.transport.ssl.key + value: "/usr/share/elasticsearch/config/certs/tls.key" + - name: xpack.security.transport.ssl.certificate + value: "/usr/share/elasticsearch/config/certs/tls.crt" + - name: xpack.security.transport.ssl.certificate_authorities + value: "/usr/share/elasticsearch/config/certs/ca.crt" + - name: xpack.security.http.ssl.key + value: "/usr/share/elasticsearch/config/certs/tls.key" + - name: xpack.security.http.ssl.certificate + value: "/usr/share/elasticsearch/config/certs/tls.crt" + - name: xpack.security.http.ssl.certificate_authorities + value: "/usr/share/elasticsearch/config/certs/ca.crt" {{- end }} {{- if .Values.extraEnvs }} {{ toYaml .Values.extraEnvs | indent 10 }} @@ -299,6 +349,11 @@ spec: - name: "es-storage" mountPath: /usr/share/elasticsearch/data {{- end }} + {{- if .Values.createCert }} + - name: elasticsearch-certs + mountPath: /usr/share/elasticsearch/config/certs + readOnly: true + {{- end }} {{ if .Values.keystore }} - name: keystore mountPath: /usr/share/elasticsearch/config/elasticsearch.keystore @@ -327,7 +382,7 @@ spec: {{- end }} {{- end }} {{- if .Values.masterTerminationFix }} - {{- if eq .Values.roles.master "true" }} + {{- if has "master" .Values.roles }} # This sidecar will prevent slow master re-election # https://github.com/elastic/helm-charts/issues/63 - name: elasticsearch-master-graceful-termination-handler diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml index df4f5032bc..4297e9b041 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-connect/values.yaml @@ -11,7 +11,7 @@ initContainers: {} # Container Configs image: repository: cp-kafka-connect - tag: 5.2.2 + tag: latest replicas: "1" httpPort: 8083 diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml index a9403bba14..f14baeaffe 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/Chart.yaml @@ -10,13 +10,13 @@ annotations: - name: kafka-exporter image: docker.io/bitnami/kafka-exporter:1.7.0-debian-11-r132 - name: kafka - image: docker.io/bitnami/kafka:3.6.0-debian-11-r0 + image: docker.io/bitnami/kafka:3.6.1-debian-11-r0 - name: kubectl image: docker.io/bitnami/kubectl:1.28.2-debian-11-r16 - name: os-shell image: docker.io/bitnami/os-shell:11-debian-11-r90 apiVersion: v2 -appVersion: 3.6.0 +appVersion: 3.6.1 # dependencies: # - condition: zookeeper.enabled # name: zookeeper diff --git a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml index 1f89099ffe..f26026ec71 100644 --- a/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/kafka-kraft/values.yaml @@ -81,7 +81,7 @@ diagnosticMode: image: registry: docker.io repository: bitnami/kafka - tag: 3.6.0-debian-11-r0 + tag: 3.6.1-debian-11-r0 digest: "" ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/.helmignore b/deploy-as-code/helm/charts/backbone-services/kibana/.helmignore new file mode 100644 index 0000000000..e12c0b4b91 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/.helmignore @@ -0,0 +1,2 @@ +tests/ +.pytest_cache/ diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/Chart.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/Chart.yaml new file mode 100644 index 0000000000..fd4cc44728 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/Chart.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +description: Official Elastic helm chart for Kibana +home: https://github.com/elastic/helm-charts +maintainers: + - email: helm-charts@elastic.co + name: Elastic +name: kibana +version: 8.5.1 +appVersion: 8.5.1 +sources: + - https://github.com/elastic/kibana +icon: https://helm.elastic.co/icons/kibana.png diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/Makefile b/deploy-as-code/helm/charts/backbone-services/kibana/Makefile new file mode 100644 index 0000000000..22218a1f62 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/Makefile @@ -0,0 +1 @@ +include ../helpers/common.mk diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/README.md b/deploy-as-code/helm/charts/backbone-services/kibana/README.md new file mode 100644 index 0000000000..f8603dccd3 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/README.md @@ -0,0 +1,266 @@ +# Kibana Helm Chart + +[![Build Status](https://img.shields.io/jenkins/s/https/devops-ci.elastic.co/job/elastic+helm-charts+main.svg)](https://devops-ci.elastic.co/job/elastic+helm-charts+main/) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/elastic)](https://artifacthub.io/packages/search?repo=elastic) + +This Helm chart is a lightweight way to configure and run our official +[Kibana Docker image][]. + +> **Warning** +> When it comes to running the Elastic on Kubernetes infrastructure, we +> recommend [Elastic Cloud on Kubernetes][] (ECK) as the best way to run and manage +> the Elastic Stack. +> +> ECK offers many operational benefits for both our basic-tier and our +> enterprise-tier customers, such as spinning up cluster nodes that were lost on +> failed infrastructure, seamless upgrades, rolling cluster changes, and much +> much more. +> +> With the release of the Elastic Stack Helm charts for Elastic version 8.5.1, +> we are handing over the ongoing maintenance of our Elastic Stack Helm charts +> to the community and contributors. This repository will finally be archived +> after 6 months time. Elastic Stacks deployed on Kubernetes through Helm charts +> will still be fully supported under EOL limitations. +> +> Since we want to provide an even better experience for our customers by +> running the Elastic Stack on Kubernetes, we will continue maintaining the +> Helm charts applicable to ECK Custom Resources. These charts can be found in +> the [ECK repository][eck-charts]. +> +> Helm charts will currently be maintained for ECK Enterprise-tier customers, +> however, we encourage the community to engage with the existing Helm charts +> for the Elastic Stack and continue supporting their ongoing maintenance. +> +> See for more details. + + + + + +- [Requirements](#requirements) +- [Installing](#installing) + - [Install a released version using the Helm repository](#install-a-released-version-using-the-helm-repository) + - [Install a development version using the main branch](#install-a-development-version-using-the-main-branch) +- [Upgrading](#upgrading) +- [Usage notes](#usage-notes) +- [Configuration](#configuration) +- [FAQ](#faq) + - [How to deploy this chart on a specific K8S distribution?](#how-to-deploy-this-chart-on-a-specific-k8s-distribution) + - [How to use Kibana with security (authentication and TLS) enabled?](#how-to-use-kibana-with-security-authentication-and-tls-enabled) + - [How to install plugins?](#how-to-install-plugins) + - [How to import objects post-deployment?](#how-to-import-objects-post-deployment) +- [Contributing](#contributing) + + + + + + +## Requirements + +See [supported configurations][] for more details. + + +## Installing + +### Install a released version using the Helm repository + +* Add the Elastic Helm charts repo: +`helm repo add elastic https://helm.elastic.co` + +* Install it: `helm install kibana elastic/kibana` + + +### Install a development version using the main branch + +* Clone the git repo: `git clone git@github.com:elastic/helm-charts.git` + +* Install it: `helm install kibana ./helm-charts/kibana --set imageTag=8.5.1` + +## Upgrading + +Please always check [CHANGELOG.md][] and [BREAKING_CHANGES.md][] before +upgrading to a new chart version. + + +## Usage notes + +* Automated testing of this chart is currently only run against GKE (Google +Kubernetes Engine). + +* This repo includes several [examples][] of configurations that can be used +as a reference. They are also used in the automated testing of this chart. + + +## Configuration + +| Parameter | Description | Default | +|-------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------| +| `affinity` | Configurable [affinity][] | `{}` | +| `annotations` | Configurable [annotations][] on the deployment object | `{}` | +| `automountToken` | Whether or not to automount the service account token in the Pod | `true` | +| `elasticsearchHosts` | The URLs used to connect to Elasticsearch | `https://elasticsearch-master:9200` | +| `elasticsearchCertificateSecret` | The name of the K8S [secret][kubernetes secrets] that contains the Elasticsearch certificate | `elasticsearch-master-certs` | +| `elasticsearchCertificateAuthoritiesFile` | The name of the certificate file into the `elasticsearchCertificateSecret` K8S `secret` | `ca.crt` | +| `elasticsearchCredentialSecret` | The name of the K8S [secret][kubernetes secrets] that contains the Elasticsearch credentials | `elasticsearch-master-credentials` | +| `envFrom` | Templatable string to be passed to the [environment from variables][] which will be appended to the `envFrom:` definition for the container | `[]` | +| `extraContainers` | Templatable string of additional containers to be passed to the `tpl` function | `[]` | +| `extraEnvs` | Extra [environment variables][] which will be appended to the `env:` definition for the container | see [values.yaml][] | +| `extraInitContainers` | Templatable string of additional containers to be passed to the `tpl` function | `[]` | +| `extraVolumeMounts` | Configuration for additional `volumeMounts` | `[]` | +| `extraVolumes` | Configuration for additional `volumes` | `[]` | +| `fullnameOverride` | Overrides the full name of the resources. If not set the name will default to " `.Release.Name` - `.Values.nameOverride orChart.Name` " | `""` | +| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | +| `hostAliases` | Configurable [hostAliases][] | `[]` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service | `5601` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy][]value | `IfNotPresent` | +| `imagePullSecrets` | Configuration for [imagePullSecrets][] so that you can use a private registry for your image | `[]` | +| `imageTag` | The Kibana Docker image tag | `8.5.1` | +| `image` | The Kibana Docker image | `docker.elastic.co/kibana/kibana` | +| `ingress` | Configurable [ingress][] to expose the Kibana service. | see [values.yaml][] | +| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml` See [values.yaml][] for an example of the formatting | `{}` | +| `labels` | Configurable [labels][] applied to all Kibana pods | `{}` | +| `lifecycle` | Allows you to add [lifecycle hooks][]. See [values.yaml][] for an example of the formatting | `{}` | +| `nameOverride` | Overrides the chart name for resources. If not set the name will default to `.Chart.Name` | `""` | +| `nodeSelector` | Configurable [nodeSelector][] so that you can target specific nodes for your Kibana instances | `{}` | +| `podAnnotations` | Configurable [annotations][] applied to all Kibana pods | `{}` | +| `podSecurityContext` | Allows you to set the [securityContext][] for the pod | see [values.yaml][] | +| `priorityClassName` | The name of the [PriorityClass][]. No default is supplied as the PriorityClass must be created first | `""` | +| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | +| `readinessProbe` | Configuration for the readiness [probe][] | see [values.yaml][] | +| `replicas` | Kubernetes replica count for the Deployment (i.e. how many pods) | `1` | +| `resources` | Allows you to set the [resources][] for the Deployment | see [values.yaml][] | +| `secretMounts` | Allows you easily mount a secret as a file inside the Deployment. Useful for mounting certificates and other secrets. See [values.yaml][] for an example | `[]` | +| `securityContext` | Allows you to set the [securityContext][] for the container | see [values.yaml][] | +| `serverHost` | The [server.host][] Kibana setting. This is set explicitly so that the default always matches what comes with the Docker image | `0.0.0.0` | +| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount][] for the pod | `[]` | +| `service` | Configurable [service][] to expose the Kibana service. | see [values.yaml][] | +| `tolerations` | Configurable [tolerations][]) | `[]` | +| `updateStrategy` | Allows you to change the default [updateStrategy][] for the Deployment. A [standard upgrade][] of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `type: Recreate` | + +## FAQ + +### How to deploy this chart on a specific K8S distribution? + +This chart is highly tested with [GKE][], but some K8S distribution also +requires specific configurations. + +We provide examples of configuration for the following K8S providers: + +- [OpenShift][] + +### How to use Kibana with security (authentication and TLS) enabled? + +Starting with 8.x the [default Elasticsearch Helm chart][] is automatically +configured with security enabled (authentification and TLS). + +As the Elasticsearch credentials and certificates are available in some +[Kubernetes secrets][] generated by the Elasticsearch chart, the Kibana chart is +configured to read these secrets to configure the secure connection to +Elasticsearch (The secrets names can be overrided in the chart +[values][values.yaml]). + +Therefore, Kibana is automatically configured to required authentication. You +can connect to Kibana with the `elastic` user account that comes from +Elasticsearch. The password can be find in the `elasticsearchCredentialSecret` +(see the [chart notes][]). + +:warning: Note that in production, the `elastic` user should only be used to +create new users. + +This Helm chart can also use existing [Kubernetes secrets][] to set up TLS +certificates. These secrets should be created outside of this chart and accessed +using the [environment variables][] and volumes. + +An example can be found in [examples/security][]. + +### How to install plugins? + +The recommended way to install plugins into our Docker images is to create a +custom Docker image. + +The Dockerfile would look something like this: + +``` +ARG kibana_version +FROM docker.elastic.co/kibana/kibana:${kibana_version} + +RUN bin/kibana-plugin install +``` + +And then updating the `image` in values to point to your custom image. + +There are a couple of reasons we recommend this: + +1. Tying the availability of Kibana to the download service to install plugins +is not a great idea or something that we recommend. Especially in Kubernetes +where it is normal and expected for a container to be moved to another host at +random times. +2. Mutating the state of a running Docker image (by installing plugins) goes +against the best practices of containers and immutable infrastructure. + +### How to import objects post-deployment? + +You can use `postStart` [lifecycle hooks][] to run code triggered after a +container is created. + +Here is an example of `postStart` hook to import an index-pattern and a +dashboard: + +```yaml +lifecycle: + postStart: + exec: + command: + - bash + - -c + - | + #!/bin/bash + # Import a dashboard + KB_URL=http://localhost:5601 + while [[ "$(curl -s -o /dev/null -w '%{http_code}\n' -L $KB_URL)" != "200" ]]; do sleep 1; done + curl -XPOST "$KB_URL/api/kibana/dashboards/import" -H "Content-Type: application/json" -H 'kbn-xsrf: true' -d'{"objects":[{"type":"index-pattern","id":"my-pattern","attributes":{"title":"my-pattern-*"}},{"type":"dashboard","id":"my-dashboard","attributes":{"title":"Look at my dashboard"}}]}' +``` + + +## Contributing + +Please check [CONTRIBUTING.md][] before any contribution or for any questions +about our development and testing process. + +[affinity]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +[annotations]: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ +[BREAKING_CHANGES.md]: https://github.com/elastic/helm-charts/blob/main/BREAKING_CHANGES.md +[CHANGELOG.md]: https://github.com/elastic/helm-charts/blob/main/CHANGELOG.md +[chart notes]: https://github.com/elastic/helm-charts/tree/main/kibana/templates/NOTES.txt +[CONTRIBUTING.md]: https://github.com/elastic/helm-charts/blob/main/CONTRIBUTING.md +[default elasticsearch helm chart]: https://github.com/elastic/helm-charts/tree/main/elasticsearch/README.md#default +[eck-charts]: https://github.com/elastic/cloud-on-k8s/tree/master/deploy +[elastic cloud on kubernetes]: https://github.com/elastic/cloud-on-k8s +[environment from variables]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables +[environment variables]: https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config +[examples]: https://github.com/elastic/helm-charts/tree/main/kibana/examples +[examples/security]: https://github.com/elastic/helm-charts/tree/main/kibana/examples/security +[gke]: https://cloud.google.com/kubernetes-engine +[helm]: https://helm.sh +[hostAliases]: https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/ +[imagePullPolicy]: https://kubernetes.io/docs/concepts/containers/images/#updating-images +[imagePullSecrets]: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret +[ingress]: https://kubernetes.io/docs/concepts/services-networking/ingress/ +[kibana docker image]: https://www.elastic.co/guide/en/kibana/current/docker.html +[kubernetes secrets]: https://kubernetes.io/docs/concepts/configuration/secret/ +[labels]: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ +[lifecycle hooks]: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/ +[nodeSelector]: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector +[openshift]: https://github.com/elastic/helm-charts/tree/main/kibana/examples/openshift +[priorityClass]: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +[probe]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/ +[resources]: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ +[securityContext]: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod +[server.host]: https://www.elastic.co/guide/en/kibana/current/settings.html +[service]: https://kubernetes.io/docs/concepts/services-networking/service/ +[serviceAccount]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ +[standard upgrade]: https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html +[supported configurations]: https://github.com/elastic/helm-charts/tree/main/README.md#supported-configurations +[tolerations]: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +[updateStrategy]: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment +[values.yaml]: https://github.com/elastic/helm-charts/tree/main/kibana/values.yaml diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/NOTES.txt b/deploy-as-code/helm/charts/backbone-services/kibana/templates/NOTES.txt new file mode 100644 index 0000000000..98997b3064 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/NOTES.txt @@ -0,0 +1,6 @@ +1. Watch all containers come up. + $ kubectl get pods --namespace={{ .Release.Namespace }} -l release={{ .Release.Name }} -w +2. Retrieve the elastic user's password. + $ kubectl get secrets --namespace={{ .Release.Namespace }} {{ .Values.elasticsearchCredentialSecret }} -ojsonpath='{.data.password}' | base64 -d +3. Retrieve the kibana service account token. + $ kubectl get secrets --namespace={{ .Release.Namespace }} {{ template "kibana.fullname" . }}-es-token -ojsonpath='{.data.token}' | base64 -d diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/_helpers.tpl b/deploy-as-code/helm/charts/backbone-services/kibana/templates/_helpers.tpl new file mode 100644 index 0000000000..763fff131d --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/_helpers.tpl @@ -0,0 +1,36 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "kibana.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "kibana.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Release.Name .Values.nameOverride -}} +{{- printf "%s-%s" $name .Chart.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "kibana.labels" -}} +app: {{ .Chart.Name }} +release: {{ .Release.Name | quote }} +heritage: {{ .Release.Service }} +{{- if .Values.labels }} +{{ toYaml .Values.labels }} +{{- end }} +{{- end -}} + +{{- define "kibana.home_dir" -}} +/usr/share/kibana +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap-helm-scripts.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap-helm-scripts.yaml new file mode 100644 index 0000000000..a0f29d61b6 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap-helm-scripts.yaml @@ -0,0 +1,176 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kibana.fullname" . }}-helm-scripts + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade,post-delete + "helm.sh/hook-delete-policy": hook-succeeded + {{- if .Values.annotations }} + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +data: + manage-es-token.js: | + const https = require('https'); + const fs = require('fs'); + + // Read environment variables + function getEnvVar(name) { + if (!process.env[name]) { + throw new Error(name + ' environment variable is missing') + } + return process.env[name] + } + + // Elasticsearch API + const esPath = '_security/service/elastic/kibana/credential/token/{{ template "kibana.fullname" . }}'; + const esUrl = '{{ .Values.elasticsearchHosts }}' + '/' + esPath + const esUsername = getEnvVar('ELASTICSEARCH_USERNAME'); + const esPassword = getEnvVar('ELASTICSEARCH_PASSWORD'); + const esAuth = esUsername + ':' + esPassword; + const esCaFile = getEnvVar('ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES'); + const esCa = fs.readFileSync(esCaFile); + + // Kubernetes API + const k8sHostname = getEnvVar('KUBERNETES_SERVICE_HOST'); + const k8sPort = getEnvVar('KUBERNETES_SERVICE_PORT_HTTPS'); + const k8sPostSecretPath = 'api/v1/namespaces/{{ .Values.namespace }}/secrets'; + const k8sDeleteSecretPath = 'api/v1/namespaces/{{ .Values.namespace }}/secrets/{{ template "kibana.fullname" . }}-es-token'; + const k8sPostSecretUrl = `https://${k8sHostname}:${k8sPort}/${k8sPostSecretPath}`; + const k8sDeleteSecretUrl = `https://${k8sHostname}:${k8sPort}/${k8sDeleteSecretPath}`; + const k8sBearer = fs.readFileSync('/run/secrets/kubernetes.io/serviceaccount/token'); + const k8sCa = fs.readFileSync('/run/secrets/kubernetes.io/serviceaccount/ca.crt'); + + // Post Data + const esTokenDeleteOptions = { + method: 'DELETE', + auth: esAuth, + ca: esCa, + }; + const esTokenCreateOptions = { + method: 'POST', + auth: esAuth, + ca: esCa, + }; + const secretCreateOptions = { + method: 'POST', + ca: k8sCa, + headers: { + 'Authorization': 'Bearer ' + k8sBearer, + 'Accept': 'application/json', + 'Content-Type': 'application/json', + } + }; + const secretDeleteOptions = { + method: 'DELETE', + ca: k8sCa, + headers: { + 'Authorization': 'Bearer ' + k8sBearer, + 'Accept': 'application/json', + 'Content-Type': 'application/json', + } + }; + + // With thanks to https://stackoverflow.com/questions/57332374/how-to-chain-http-request + function requestPromise(url, httpsOptions, extraOptions = {}) { + return new Promise((resolve, reject) => { + const request = https.request(url, httpsOptions, response => { + + console.log('statusCode:', response.statusCode); + + let isSuccess = undefined; + + if (typeof(extraOptions.extraStatusCode) != "undefined" && extraOptions.extraStatusCode != null) { + isSuccess = response.statusCode >= 200 && response.statusCode < 300 || response.statusCode == extraOptions.extraStatusCode; + } else { + isSuccess = response.statusCode >= 200 && response.statusCode < 300; + } + + let data = ''; + response.on('data', chunk => data += chunk); // accumulate data + response.once('end', () => isSuccess ? resolve(data) : reject(data)); // resolve promise here + }); + + request.once('error', err => { + // This won't log anything for e.g. an HTTP 404 or 500 response, + // since from HTTP's point-of-view we successfully received a + // response. + console.log(`${httpsOptions.method} ${httpsOptions.path} failed: `, err.message || err); + reject(err); // if promise is not already resolved, then we can reject it here + }); + + if (typeof(extraOptions.payload) != "undefined") { + request.write(extraOptions.payload); + } + request.end(); + }); + } + + function createEsToken() { + // Chaining requests + console.log('Cleaning previous token'); + // 404 status code is accepted if there is no previous token to clean + return requestPromise(esUrl, esTokenDeleteOptions, {extraStatusCode: 404}).then(() => { + console.log('Creating new token'); + return requestPromise(esUrl, esTokenCreateOptions).then(response => { + const body = JSON.parse(response); + const token = body.token.value + + // Encode the token in base64 + const base64Token = Buffer.from(token, 'utf8').toString('base64'); + + // Prepare the k8s secret + const secretData = JSON.stringify({ + "apiVersion": "v1", + "kind": "Secret", + "metadata": { + "namespace": "{{ .Values.namespace }}", + "name": "{{ template "kibana.fullname" . }}-es-token", + }, + "type": "Opaque", + "data": { + "token": base64Token, + } + }) + + // Create the k8s secret + console.log('Creating K8S secret'); + return requestPromise(k8sPostSecretUrl, secretCreateOptions, {payload: secretData}) + }); + }); + } + + function cleanEsToken() { + // Chaining requests + console.log('Cleaning token'); + return requestPromise(esUrl, esTokenDeleteOptions).then(() => { + // Create the k8s secret + console.log('Delete K8S secret'); + return requestPromise(k8sDeleteSecretUrl, secretDeleteOptions) + }); + } + + const command = process.argv[2]; + switch (command) { + case 'create': + console.log('Creating a new Elasticsearch token for Kibana') + createEsToken().catch(err => { + console.error(err); + process.exit(1); + }); + break; + case 'clean': + console.log('Cleaning the Kibana Elasticsearch token') + cleanEsToken().catch(err => { + console.error(err); + process.exit(1); + }); + break; + default: + console.log('Unknown command'); + process.exit(1); + } diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap.yaml new file mode 100644 index 0000000000..98977a8405 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/configmap.yaml @@ -0,0 +1,13 @@ +{{- if .Values.kibanaConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kibana.fullname" . }}-config + labels: {{ include "kibana.labels" . | nindent 4 }} +data: +{{- range $path, $config := .Values.kibanaConfig }} + {{ $path }}: | +{{ tpl $config $ | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/deployment.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/deployment.yaml new file mode 100644 index 0000000000..c7e1d4ca1e --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/deployment.yaml @@ -0,0 +1,201 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "kibana.fullname" . }} + namespace: {{.Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + {{- if .Values.annotations }} + annotations: + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + replicas: {{ .Values.replicas }} + strategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + selector: + matchLabels: + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{/* This forces a restart if the configmap has changed */}} + {{- if .Values.kibanaConfig }} + configchecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} + {{- end }} + spec: + automountServiceAccountToken: {{ .Values.automountToken }} +{{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} +{{- end }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 8 }} + {{- if .Values.serviceAccount }} + serviceAccount: {{ .Values.serviceAccount }} + {{- end }} + {{- if .Values.hostAliases }} + hostAliases: {{ toYaml .Values.hostAliases | nindent 6 }} + {{- end }} + volumes: + - name: kibana-tokens + emptyDir: {} + - name: elasticsearch-certs + secret: + secretName: {{ .Values.elasticsearchCertificateSecret }} + {{- if .Values.kibanaConfig }} + - name: kibanaconfig + configMap: + name: {{ template "kibana.fullname" . }}-config + {{- end }} + {{- range .Values.secretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- if .Values.extraVolumes }} +{{ toYaml .Values.extraVolumes | indent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + initContainers: + {{- if .Values.extraInitContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraInitContainers) }} +{{ tpl .Values.extraInitContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraInitContainers | indent 6 }} + {{- end }} + {{- end }} + containers: + - name: kibana + securityContext: +{{ toYaml .Values.securityContext | indent 10 }} + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + env: + {{- if .Values.elasticsearchURL }} + - name: ELASTICSEARCH_URL + value: "{{ .Values.elasticsearchURL }}" + {{- else if .Values.elasticsearchHosts }} + - name: ELASTICSEARCH_HOSTS + value: "{{ .Values.elasticsearchHosts }}" + {{- end }} + - name: ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES + value: "{{ template "kibana.home_dir" . }}/config/certs/{{ .Values.elasticsearchCertificateAuthoritiesFile }}" + - name: SERVER_HOST + value: "{{ .Values.serverHost }}" + - name: ELASTICSEARCH_SERVICEACCOUNTTOKEN + valueFrom: + secretKeyRef: + name: {{ template "kibana.fullname" . }}-es-token + key: token + optional: false + - name: SERVER_REWRITEBASEPATH + value: "true" + - name: SERVER_BASEPATH + value: "{{ .Values.serverBasePath }}" +{{- if .Values.extraEnvs }} +{{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} +{{- if .Values.envFrom }} + envFrom: +{{ toYaml .Values.envFrom | indent 10 }} +{{- end }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 10 }} + exec: + command: + - bash + - -c + - | + #!/usr/bin/env bash -e + + # Disable nss cache to avoid filling dentry cache when calling curl + # This is required with Kibana Docker using nss < 3.52 + export NSS_SDB_USE_CACHE=no + + http () { + local path="${1}" + set -- -XGET -s --fail -L + + if [ -n "${ELASTICSEARCH_USERNAME}" ] && [ -n "${ELASTICSEARCH_PASSWORD}" ]; then + set -- "$@" -u "${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD}" + fi + + STATUS=$(curl --output /dev/null --write-out "%{http_code}" -k "$@" "{{ .Values.protocol }}://localhost:{{ .Values.httpPort }}${path}") + if [[ "${STATUS}" -eq 200 ]]; then + exit 0 + fi + + echo "Error: Got HTTP code ${STATUS} but expected a 200" + exit 1 + } + + http "{{ .Values.healthCheckPath }}" + ports: + - containerPort: {{ .Values.httpPort }} +{{- if .Values.lifecycle }} + lifecycle: +{{ toYaml .Values.lifecycle | indent 10 }} +{{- end }} + resources: +{{ toYaml .Values.resources | indent 10 }} + volumeMounts: + - name: elasticsearch-certs + mountPath: {{ template "kibana.home_dir" . }}/config/certs + readOnly: true + - name: kibana-tokens + mountPath: {{ template "kibana.home_dir" . }}/config/tokens + readOnly: true + {{- range .Values.secretMounts }} + - name: {{ .name }} + mountPath: {{ .path }} + {{- if .subPath }} + subPath: {{ .subPath }} + {{- end }} + {{- end }} + {{- range $path, $config := .Values.kibanaConfig }} + - name: kibanaconfig + mountPath: {{ template "kibana.home_dir" . }}/config/{{ $path }} + subPath: {{ $path }} + {{- end -}} + {{- if .Values.extraVolumeMounts }} +{{ toYaml .Values.extraVolumeMounts | indent 10 }} + {{- end }} + {{- if .Values.extraContainers }} + # Currently some extra blocks accept strings + # to continue with backwards compatibility this is being kept + # whilst also allowing for yaml to be specified too. + {{- if eq "string" (printf "%T" .Values.extraContainers) }} +{{ tpl .Values.extraContainers . | indent 6 }} + {{- else }} +{{ toYaml .Values.extraContainers | indent 6 }} + {{- end }} + {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/ingress.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/ingress.yaml new file mode 100644 index 0000000000..153d22c67c --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/ingress.yaml @@ -0,0 +1,59 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "kibana.fullname" . -}} +{{- $httpPort := .Values.httpPort -}} +{{- $pathtype := .Values.ingress.pathtype -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- if .ingressPath }} + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- else }} +{{ toYaml .Values.ingress.tls | indent 4 }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + {{- if $ingressPath }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ $httpPort }} + {{- else }} + - host: {{ .host }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + pathType: {{ $pathtype }} + backend: + service: + name: {{ $fullName }} + port: + number: {{ .servicePort | default $httpPort }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-job.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-job.yaml new file mode 100644 index 0000000000..f988e81c49 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-job.yaml @@ -0,0 +1,55 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: pre-install-{{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded + {{- if .Values.annotations }} + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +spec: + backoffLimit: 20 + template: + spec: + restartPolicy: Never + containers: + - name: create-kibana-token + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + command: ["{{ template "kibana.home_dir" . }}/node/bin/node"] + args: + - {{ template "kibana.home_dir" . }}/helm-scripts/manage-es-token.js + - create + env: + - name: "ELASTICSEARCH_USERNAME" + valueFrom: + secretKeyRef: + name: {{ .Values.elasticsearchCredentialSecret }} + key: username + - name: "ELASTICSEARCH_PASSWORD" + valueFrom: + secretKeyRef: + name: {{ .Values.elasticsearchCredentialSecret }} + key: password + - name: ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES + value: "{{ template "kibana.home_dir" . }}/config/certs/{{ .Values.elasticsearchCertificateAuthoritiesFile }}" + volumeMounts: + - name: elasticsearch-certs + mountPath: {{ template "kibana.home_dir" . }}/config/certs + readOnly: true + - name: kibana-helm-scripts + mountPath: {{ template "kibana.home_dir" . }}/helm-scripts + serviceAccount: pre-install-{{ template "kibana.fullname" . }} + volumes: + - name: elasticsearch-certs + secret: + secretName: {{ .Values.elasticsearchCertificateSecret }} + - name: kibana-helm-scripts + configMap: + name: {{ template "kibana.fullname" . }}-helm-scripts + defaultMode: 0755 diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-role.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-role.yaml new file mode 100644 index 0000000000..aa24df1a20 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-role.yaml @@ -0,0 +1,22 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: pre-install-{{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded + {{- if .Values.annotations }} + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - create + - update diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-rolebinding.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-rolebinding.yaml new file mode 100644 index 0000000000..0db18e488d --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-rolebinding.yaml @@ -0,0 +1,22 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: pre-install-{{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded + {{- if .Values.annotations }} + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} +subjects: + - kind: ServiceAccount + name: pre-install-{{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace | quote }} +roleRef: + kind: Role + name: pre-install-{{ template "kibana.fullname" . }} + apiGroup: rbac.authorization.k8s.io diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-serviceaccount.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-serviceaccount.yaml new file mode 100644 index 0000000000..b13d43376a --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/pre-install-serviceaccount.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: pre-install-{{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} + annotations: + "helm.sh/hook": pre-install,pre-upgrade + "helm.sh/hook-delete-policy": hook-succeeded + {{- if .Values.annotations }} + {{- range $key, $value := .Values.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} diff --git a/deploy-as-code/helm/charts/backbone-services/kibana/templates/service.yaml b/deploy-as-code/helm/charts/backbone-services/kibana/templates/service.yaml new file mode 100644 index 0000000000..2ab6dfaf47 --- /dev/null +++ b/deploy-as-code/helm/charts/backbone-services/kibana/templates/service.yaml @@ -0,0 +1,34 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "kibana.fullname" . }} + namespace: {{ .Values.namespace }} + labels: {{ include "kibana.labels" . | nindent 4 }} +{{- if .Values.service.labels }} +{{ toYaml .Values.service.labels | indent 4}} +{{- end }} +{{- with .Values.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} +{{- end }} +{{- with .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{ toYaml . | indent 4 }} +{{- end }} + ports: + - port: {{ .Values.service.port }} +{{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} +{{- end }} + protocol: TCP + name: {{ .Values.service.httpPortName | default "http" }} + targetPort: {{ .Values.httpPort }} + selector: + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} diff --git a/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml b/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml index 4b78045824..992a27329f 100644 --- a/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/postgres/values.yaml @@ -5,7 +5,7 @@ namespace: monitoring image: repository: "docker.io/postgres" - tag: "9.6" + tag: "14" replicas: "1" httpPort: 5432 diff --git a/deploy-as-code/helm/charts/backbone-services/redis/values.yaml b/deploy-as-code/helm/charts/backbone-services/redis/values.yaml index 6f4ad7465b..47a84dc7c0 100644 --- a/deploy-as-code/helm/charts/backbone-services/redis/values.yaml +++ b/deploy-as-code/helm/charts/backbone-services/redis/values.yaml @@ -11,6 +11,6 @@ labels: image: repository: "redis" pullPolicy: IfNotPresent - tag: "3.2" + tag: "7.2" replicas: "1" httpPort: 6379 \ No newline at end of file From d684ffd6ff1ad1a77719f13243987c12c98b0645 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 11:56:59 +0530 Subject: [PATCH 701/742] updated filestore and db secrets (#2415) Co-authored-by: Harish-egov --- .../helm/environments/digit-lts-secrets.yaml | 18 ++++++++---------- .../helm/environments/digit-lts.yaml | 6 +++--- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts-secrets.yaml b/deploy-as-code/helm/environments/digit-lts-secrets.yaml index 30c722ee87..e9a108dd77 100644 --- a/deploy-as-code/helm/environments/digit-lts-secrets.yaml +++ b/deploy-as-code/helm/environments/digit-lts-secrets.yaml @@ -2,20 +2,18 @@ cluster-configs: secrets: #ENC[AES256_GCM,data:t9gJfeEA/w2/66EXW9thqVYaJu+V+jN5010zY60tmDMUvIE=,iv:zzT0SnoEhSIXb9kwHiyC4z8puy/elgTJLUfNtNkwgQY=,tag:I0ErW7LFz7xu2Oe1+Ow3lg==,type:comment] db: - username: ENC[AES256_GCM,data:oOg/YdfqOYoz+JOqDw==,iv:lrnCSzZDyR9J+m5OHP7Br1rsJMHvc6CsSgMm8EE1As0=,tag:GltwQuo3KJiIqT5HgiN6WA==,type:str] - #ENC[AES256_GCM,data:vBlfJyw6hA1FpmC+L+ChAJh09cJNc7XYi9L9Y8DzjA==,iv:a0A/52Zw4S+Yg99n5tX2AvZ2aB307Te+siaCSmYH3gg=,tag:08k4a5hX3KbHi1iSkVD8wQ==,type:comment] - password: ENC[AES256_GCM,data:YeK7R4Opyd9GDw==,iv:cbSXf+s5cG1n5UlAXZ3/+FzHooGyPOg3MhZvpzxHX0A=,tag:a/5L8/8DmAb3YzpeHXqfSg==,type:str] - flywayUsername: ENC[AES256_GCM,data:CWJbuQiNX+6opnijuQ==,iv:Ko+TgKZG41MFJiE1LAOLTq7HATqFClcLbbvG2F7M6Co=,tag:7vgP3/Od8bXGqpJy2kPx0Q==,type:str] - #ENC[AES256_GCM,data:vBlfJyw6hA1FpmC+L+ChAJh09cJNc7XYi9L9Y8DzjA==,iv:a0A/52Zw4S+Yg99n5tX2AvZ2aB307Te+siaCSmYH3gg=,tag:08k4a5hX3KbHi1iSkVD8wQ==,type:comment] - flywayPassword: ENC[AES256_GCM,data:xEauLrWpa/cp6g==,iv:TvGCf0UZGTKasTGx9ILeuyeQKXrgzqSQ/kv1X5Ufqtk=,tag:98pIqHW7ns1jt1ax9+aM1w==,type:str] + username: ENC[AES256_GCM,data:UWAo3WzolRc=,iv:Xcw8sxqaolmzkEtwBZFr6iyCixLVPEcMU+ZwqfCmEzw=,tag:q29NIVIp/rowP3Y38WH6Vg==,type:str] + password: ENC[AES256_GCM,data:60BqHrFYIbCGxA==,iv:wUfBOLEGpVJCFSOX41kuOX+00pj75LjGHKsUBpme25U=,tag:IOpY4ePbhhePQUH2dKDzIA==,type:str] + flywayUsername: ENC[AES256_GCM,data:ic6lEvFNjVw=,iv:nynBGn+i/Yk7IbHnVC2qiVyPGY90G5LPrnWJaiW74r0=,tag:DaKzSlD7v0yW762zVBKAkg==,type:str] + flywayPassword: ENC[AES256_GCM,data:KCSVofzf7d2AiA==,iv:Vqcabm8XD01cZHOWWFpjCsAjtgjH3SSU+PnvIVFQd6Y=,tag:q1Yn2ZTxzcySNHhj1E4rQQ==,type:str] #ENC[AES256_GCM,data:COeSC0wn0WO1GB9ds7De8MnoWRPTRdszdRoNG1r/ljL+qqyts9GKhh72ApFn22+otr8mh0/t5+RLpvO68po=,iv:v9mOmr0CF3016gZEKYGsq3Ldl/ffimJo4r+URHzIPq0=,tag:siuYXC1KeF715GsoyQ6W5Q==,type:comment] egov-notification-sms: username: ENC[AES256_GCM,data:RwfYWA==,iv:rfQeqRB4P3Wn95UWdQhj69hQAaOY85v87FGAIU+PU9Y=,tag:veNKZG4DUZ2LlKqk4mqxng==,type:str] password: ENC[AES256_GCM,data:SOjqKw==,iv:WxuL37b7r1F08Zftxvc290uud7aqbhDhyHzGtArTkiI=,tag:n3Dp2hmFlFMymLr8crpUrA==,type:str] #ENC[AES256_GCM,data:jd2wusYzkI4vU531dUfGVEPXnje0PQFLuq0wNcyQ7jm3yj4zf1SuspT2eVykbe/CmCKXmvqgHrGh9um/zO4o8vKkZw2ceIM2aIJ7eSOvkUT0yrzIAhIY43hFQSbTdX1K,iv:fHQaPxX/HGpPSjzBxCnrR81tXuAl+pYFrkiHIFF7f4I=,tag:NFgO2B7hy1VbFxtr/NC6bA==,type:comment] egov-filestore: - aws-key: ENC[AES256_GCM,data:EcAYQuerKq65rw==,iv:WX23RCCl/cNm8ZBJY0QGcFi1tqbmctTqljgUeeDEah8=,tag:68ZwiwiccmgolSNhOwkJWw==,type:str] - aws-secret-key: ENC[AES256_GCM,data:fwF1TTuOBeWfkA==,iv:rV5gsQCA0gS85j5LpZXDu6xzcXvzbgc1YYi/4YYKcew=,tag:w9SKsUB0UDJET2PIhzjIOw==,type:str] + aws-key: ENC[AES256_GCM,data:/u6/ph0Rbe/4VuoarIxNI164p6U=,iv:UL8AMYDLC18gYdKCMw0mqLfVJZTsIdDK5jYnIv4Ntzk=,tag:8UQ7P6EAotqz+pjuRTgJVA==,type:str] + aws-secret-key: ENC[AES256_GCM,data:sHsBNGAcrm111iUfdxAWG4KZm8Zg1yR/hH+NpDTAIyB3m/QgkKUM+A==,iv:0NN97wNwidjxImRmGxPtiZqblIBDo8Uo121G2X4lf40=,tag:HtynV4ZDT50ykZuf+mmTwA==,type:str] #ENC[AES256_GCM,data:OOXKAovA5EbWRK6Fu+jWvantUnh3o9m4NUCEcZdpsS7CD/0KHdPIUvNuwg==,iv:YRzlLqKwlLDTgRykledCVDdKbRoxGsvSSvIP3k6jxQ0=,tag:PYa4m1SEcKSZPB1oBtTnCg==,type:comment] egov-location: gmapskey: ENC[AES256_GCM,data:KHlI/Z1q9Oeqg1pYiEzeOYMn5w==,iv:0xvAiDB90wxs1Vesmh1fzHIZKSZnCHE/GqpACkfAL6Y=,tag:pMlGJYUhvH64gxGnoITCZg==,type:str] @@ -84,8 +82,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2024-01-29T09:24:47Z" - mac: ENC[AES256_GCM,data:/b/bQ05kfEEEh1Jj5K1pU3lisDZTwhD1UwoF/6tsVVDdj0hQChSpUtK33T2kgkXkYQeblS48SyOFQXvR8u8nZBAhGfNeQk7w05TclS/qQHg9qdFnDsv2pnQPEA6y43HROQHjqiJ2zUyUQGq14v42fAUYD4EUHfS/LtjG7OmCVDc=,iv:uYqPmpaGrHC2D7VoC7HyFm8207aE43ATFBHKyIsB/4s=,tag:4YS9TgUTgSbRwF5aQRdW7w==,type:str] + lastmodified: "2024-02-13T06:24:31Z" + mac: ENC[AES256_GCM,data:QcWerTVYuf6AtI96vzqkyRF3X4kEwGZikrCOJm2/a+D7DsXpLztyjDzBczKoZ1hmWFKiaxKC9vfC5f+xRVqCNvWAIATov8YfSiyOCSlSkPOqbTGcQe1EvJ6sfuNaPI0H1QmekYko/qznBsixz+mk8w5PvNXISo6MIhNNHwx+K/8=,iv:tYUqkG/7jGj/z7Zt5Rpjk9OcPzUYn3FjJECUhK1cLas=,tag:dEUqoeKmSR9sA26gZ6dsew==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 7a7a988948..e3b6aee47b 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -13,9 +13,9 @@ cluster-configs: egov-config: namespace: [ egov, monitoring ] data: - db-host: ## Add db-host name eg: egov-demo.database.azure.com - db-name: ## Add db-name - db-url: jdbc:postgresql:/// ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo + db-host: "postgresql-lts.egov:5432" ## Add db-host name eg: egov-demo.database.azure.co + db-name: "postgres" ## Add db-name + db-url: "jdbc:postgresql://postgresql-lts.egov:5432/postgres" ## example: jdbc:postgresql://egov-demo.postgres.database.azure.com:5432/egov_demo domain: digit-lts.digit.org ## Add your Domain Name egov-services-fqdn-name: https://digit-lts.digit.org/ ## Add your Domain Name From 12d31366a51ea2f14f48d6a6c44fdd2699ead6ec Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:01:22 +0530 Subject: [PATCH 702/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 4a039038f3..b90b89d374 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: [ egov, works, health, urban, sanitation, ifix ] + namespace: egov name: db-service port: 5432 targetPort: 5432 @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, works, health, urban, sanitation ] + namespace: egov name: db egov-notification-sms: From f8a28c928e6bf5ddd66aa4883973a47cf5f49602 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:04:42 +0530 Subject: [PATCH 703/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index b90b89d374..5e8ee4a416 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: egov + namespace: [ egov, works ] name: db-service port: 5432 targetPort: 5432 @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: egov + namespace: [ egov, works ] name: db egov-notification-sms: From 094d27c8904974a94ce33af2da43312d18c922a7 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:07:05 +0530 Subject: [PATCH 704/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 5e8ee4a416..85222d6603 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -80,7 +80,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov, health, urban ] + namespace: [ egov, works ] name: git-creds kibana: From d74be94b5e8d8dbef2d1f8ce99c9757c09c43c90 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:15:31 +0530 Subject: [PATCH 705/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 85222d6603..367073fb60 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: [ egov, works ] + namespace: [ egov, monitoring ] name: db-service port: 5432 targetPort: 5432 @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, works ] + namespace: [ egov, moonitoring ] name: db egov-notification-sms: From fac9bc0536fec61e044497eb9dc0f7f15ae73f67 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:18:00 +0530 Subject: [PATCH 706/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 367073fb60..427ce1abe6 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, moonitoring ] + namespace: [ egov, monitoring ] name: db egov-notification-sms: From bf801caf53de54c26b14006d8d43ae76131ce9e2 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:24:14 +0530 Subject: [PATCH 707/742] Update db-secret.yaml --- .../charts/cluster-configs/templates/secrets/db-secret.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml index 748b0b729d..faa48b76f4 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/db-secret.yaml @@ -1,19 +1,17 @@ {{- with index .Values "cluster-configs" "secrets" "db" }} {{- if index . "password" }} --- -{{- range $ns := .namespace }} apiVersion: v1 kind: Secret metadata: - name: {{ index $.Values "cluster-configs" "secrets" "db" "name" }} - namespace: {{ $ns }} + name: {{ .name }} + namespace: {{ .namespace }} type: Opaque data: username: {{ index $.Values "cluster-configs" "secrets" "db" "username" | b64enc | quote }} password: {{ index $.Values "cluster-configs" "secrets" "db" "password" | b64enc | quote }} flyway-username: {{ index $.Values "cluster-configs" "secrets" "db" "flywayUsername" | b64enc | quote }} flyway-password: {{ index $.Values "cluster-configs" "secrets" "db" "flywayPassword" | b64enc | quote }} -{{- end }} --- {{- end }} {{- end }} From dd01debbe6f54782429781efd52510889385fce0 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:24:55 +0530 Subject: [PATCH 708/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 427ce1abe6..383603023e 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -1,6 +1,6 @@ cluster-configs: db: - namespace: [ egov, monitoring ] + namespace: egov name: db-service port: 5432 targetPort: 5432 @@ -40,7 +40,7 @@ cluster-configs: secrets: db: - namespace: [ egov, monitoring ] + namespace: egov name: db egov-notification-sms: From 24f6558d85c36069f610e21e1a90454e5f6e87bf Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:35:24 +0530 Subject: [PATCH 709/742] Update git-sync-secret.yaml --- .../cluster-configs/templates/secrets/git-sync-secret.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml index c0c8cf21a6..a0238bcee7 100644 --- a/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/templates/secrets/git-sync-secret.yaml @@ -1,17 +1,15 @@ {{- with index .Values "cluster-configs" "secrets" "git-sync" }} {{- if index . "ssh" }} --- -{{- range $ns := .namespace }} apiVersion: v1 kind: Secret metadata: - name: {{ index $.Values "cluster-configs" "secrets" "git-sync" "name" }} - namespace: {{ $ns }} + name: {{ .name }} + namespace: {{ .namespace }} type: Opaque data: ssh: {{ index $.Values "cluster-configs" "secrets" "git-sync" "ssh" | b64enc | quote }} known_hosts: {{ index $.Values "cluster-configs" "secrets" "git-sync" "known-hosts" | b64enc | quote }} -{{- end }} --- {{- end }} {{- end }} From d4448c66c4727dff444719f16fa7300559aad3a5 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:35:56 +0530 Subject: [PATCH 710/742] Update values.yaml --- deploy-as-code/helm/charts/cluster-configs/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/cluster-configs/values.yaml b/deploy-as-code/helm/charts/cluster-configs/values.yaml index 383603023e..d4f67d3955 100644 --- a/deploy-as-code/helm/charts/cluster-configs/values.yaml +++ b/deploy-as-code/helm/charts/cluster-configs/values.yaml @@ -80,7 +80,7 @@ cluster-configs: name: home-isolation-notification-mail git-sync: - namespace: [ egov, works ] + namespace: egov name: git-creds kibana: From d61c1f84eb02c3621b9cf9246e6a08ddabb2a02f Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Tue, 13 Feb 2024 12:43:25 +0530 Subject: [PATCH 711/742] updated filestore and db secrets --- deploy-as-code/helm/environments/digit-lts-secrets.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts-secrets.yaml b/deploy-as-code/helm/environments/digit-lts-secrets.yaml index e9a108dd77..a6d830ea84 100644 --- a/deploy-as-code/helm/environments/digit-lts-secrets.yaml +++ b/deploy-as-code/helm/environments/digit-lts-secrets.yaml @@ -43,7 +43,7 @@ cluster-configs: mailsenderpassword: ENC[AES256_GCM,data:daWyGg==,iv:BWe1H2pRIGmnwUGfSPMu0bOdkC0yQSr2FDLfGvJn5zU=,tag:OhR394GFmmvVKeJBXWXfbA==,type:str] #ENC[AES256_GCM,data:9KTX/3XVOnYUEkm1JTtE2V2MY4ZRPIWT+eUGH5efWVMHcBotXKZUqgEhFGYW2iXj6SiBXzkNyo9coKSf3++IyAtHtfPN33s3boRxaBJD5fGg4BVnZfHy7pNQRRjqHLxRLP2cpv73tosiMUV7FJQTsbJThRVape/SRllp1jI8ZSo0HwqxFRn/2kCAZeqoNM6vkxFg0Ugb,iv:vEXZaEcvRLNQMmBqSwxJ8f10A2JojhfVPNdJiGRMxkw=,tag:SeKRT+zS6DlSRr6iFPHAOg==,type:comment] git-sync: - ssh: ENC[AES256_GCM,data:gQVLjdq7Umlbeda7E+BL785krYlNpLRe+lOp71hYnYEOBfC5Qs7l9gKjQZ0x+J1D0icwj9Z0I9zgk6SBKe44ibKlWc1uHBzfRphzAvS4ih+b8rp2QiUpPh0HQ3tEYRBm5hAj3F/vDGzcSE4lG1xu0zQiX+kdqT5cXtza65ycieesOGR00yflR4jZQDSgKE6JG2kCvYXHG3EIb6lea6mavRWBKG5YHq6xfmKyf8/0myui8E6Sp32ixZGEVynTnfbqEuFajHD1beWTiBZbo9M6gyJyFmYl0+Z442ZgTJT1M1u1EZzRY2I6GKyatKehIoaeCsILeFK13IqyYCSq6wGeDMPuogWmsDZgUR5dBpqyHBIdLfuZH0PYfaLKGHOFgzCo4DuUc2iResO0C52bLhQ5tY1OA8euuF+6ojrVan5fmJQ/BR7XtkMfN/OboHhRh7zQi8INrnu4e0hb93vcaaJE637x7bA0QXGPbCcDkiCgPJx6iAWEljG90NSbmFwzghhJPyya2DyGQP/MjegloBx6PBvlLfLeRUxsMPbOaLh4SC1VbrGv1zvuAs2M9lOqXVc3rl4H279F0bBclVeLYz4wi0npkiwFhDexrbW/vOp85iitBnDfyyxUn2HRcmVkIuvsUdycqOCg3+hiHsRDUGfOWpuevOo1LV4d7C4PeHodcPg4pq6lIWGnfUKjaacVX+46/f0nTlBeoED1Lsrd4iFMU+8AxRKg36vENv0CsYt0uXXIVM3bte4cfh+vVDvKigdQ6owJRbp4mnfdT/ppiUyKlsya3fdjx6lKWz9c1Tu+eSevExgas1eiSsnxyn4EEmLKaboV/kIG8uSZ4eBO8Ne7oCwQBhblGNudB97YUrTGZ2rX87M5Wm1t2hPuEnD9KMI2XPSh03XYq44VQkWdaeciS2sSk0YNaXx9j8vU7+486YaII1ZOk5hBoU2Y6G0E7bHwSlRVA8tkT1haKB/Ev2jia1EjZxHsvLYwZYGmJH+0HndGi3xzZSkQCz9xS5EMEY2TIqyl3yApaHQEB9nhUKCVvWB3/nMyEVH+76dQr+dy8j4v7BLISYaDaryrhipz7UdpKJN9NHb012/Q6xBpWJwMiPsKwh83V0+MF0rBk1HBxoIaLPHgDtKDrOMRHHDtFT/PnaJklnlR3qWUaSuF+YA543vygqsb9JsvKNj1eH5wIEFWJSEJABqjsi4Uk79gqL89WRmhd8bBwPBxukbhrMNC8/RDLitp3ZbsaE/nmOUKiCnWXeEoqlbErODpfD2Lamf7hRmAc5DW8+YDE2ap3hdNrnTeWzW4u7oU0gGmDAReMTbaXWtkedHvVBI+e/TzG+3dnWHaSZE0f/mtREl2t8cCeUOKWLO7ZJNgO1Gy+HYdWE6j54gxMVhIfBEHOw8lcH+8p48ecPfbT8afqJaw/5txUoLxFmxFRM5qvK4KIOX+QNFf4dBdCoGRm2h1z3bqv5BJDSHz/2kNU+9MdpX6aZF6u/0pLNK6LHMQvXnzmMyz8zMTgAc4hpuB2iR8bLVdyC1KfX9S4cO6pm5VWSI6g1vu4zWXIHUmVDZH1lRjkeTH2iqWEkdZ3cYIeFTpEnFwrvrbiMCsOA0iCclaynCTboT7ltqccyPOpY39o9NsCuJV+QAcsGJKiNlFeDucUfOX/Gg/v7pD0HhMbna+e9/WkPReQjR2iA/zX81868+2avTlKjDO7QTXWH3RvBvu/LwA7EDk+M7GnKKvOfhvk+wHMqL+dAKKz31DkIhv9vwYl9uLIeF70jbnZfnALjyjAok8Xcee+zAyPfK8OrU23n1LgkhxZy0vOdh6gjSWcAhuxGfuloHvFcL4M7vhbHew1fb4+boZweG+SeDkLrquddvPvzQ0mQ1MPtUXKHRT6WjnqQA5gK42O/cP7cLXkg75Z5s2vQkEKWU6r9Aq6nB6kD5DOwEQ5k4dhDaW0QfYw066yDFTz2AdheYW6m5mXo558FokBNeS/talMnMXckbvHQYQI7Cb7Ix0bgTSUErwf96lUnOYeKC3te5Zgx3fjZOUsAptUAMA//I9C5JmEFlrznoH5dl8Jf2Jsq9BMnay6wF1Ln6GYCnrnnGGm/DSEMe4tbepzRIuhk6rYVDzYSFKcmufoTurxXuHaTrUkRskWzCVSpnYMraC0gV0ANS7ntUHbzsY3jtAYCXS76Tu028kUG8iFcXINYbG5MDMVp4ZD0rr3sQWBIvuJOi8dGg3QITsSQ==,iv:0qW6/vJJjzO42eT8ZLRBp9r6FaOGVHQyXbXq+AVMElc=,tag:WznlLE8q+Q0gmev9hhmwHw==,type:str] + ssh: ENC[AES256_GCM,data:gtHHCkQLZ0iuBUOuLU8wlYr2/m0/4l2OVX5y9sBzAKktyFwWhdfp+gUQ6helBIH7XKchJjA1rzudMOvFBfPLkeE04Xf7P0sD2Y6OigWUv+OlofQZwA0MvH//SihYOd+2llUuTS+XrmSrXSryj9QRibx3B2Kw6KZ27OfPHUS93gBheqYB86eAvsxb/+B4U2E1Okg1yl0jMvAWAQHW9h5SsEfpCPOaNjjhPqEHHGg5FVY8lr7RxwKxTZd+S2tvuoIkkG4qvpqIlyOglPCSM5cmbjIy9HV/4DJOlCStXvSDsvhnY96KaFi6BaoOn9d8y+6NZFzbUcGNpBY1yTUbXpXSAUatt/Lv5+ZUwLCibrt0jhpmZMKKHBxZqEGD4FRhoWWZXSc35FkWRCgWLcQgTVDZCv2SAr5RMW7zgRp9lEtpS/ox38iHlBrZR4UvbtyXeFTSDsiufJiJHh9mR2r8AucW2obYUISnHVsUJvAK0KrG+pegPz9SZRaMoh6ZrNWU0vTIvk86QFyR9k70UakJiz9YjpkgfHRx+AS3OvGzlveaA1akkmD73wh6G470r3odH6bobAagmLqjW/rDhZKxRUaYrYAfqGtKo/Dj09fg1C9U5c2YUI22MGpoMX26HACrkc4vWH3Y8gt473dGpVqIherjVypob1bCpJLeUuAO6t/U+H66QjEjifQeguD5O4Ehcteykxvlit+uJnIMxBT/GsznQ69F25YJfD9NhZ6JIggONA4HxFUdl9/jyusyYujMfsq6FcCHf8oAwhz9dFM/LTJuGW8XJ+/KGnSt7GVCmKCUwaOGhOQ5FY1W8U0m9PfZcY4MgASsoUFXg4nv6ldOjGjtI1+wlnme2bG1mA1it7EVvEUiRSYaP7Vb32CPy1EKX5h9JmKaGFPquvatvncMuqtOpTC6sCob2Ed7ucKtf9lPUEAEBF1/j3lL+EukfHK7DczXIvV+2bLFzcHk281WtN/Qs6319hWw32kK2HxGN9nd+swuKmRFxijEwkgxKHhe03IfC9QBYE7O+nCdo+RzDYlQeU1LA4Q4VC3fVSTbblz/utqkFNQejgT/3BDcSsQQN96rEQeL2vLn0b0J0IHrbe3mwdGiyCrfExXY1S502ZX/ADSEBfDTNgbYrnVmhcAhU2Bd4VhgKCW+n/wv+ZRKht76qrEWKbWvwEWDwuTKcFJhR6BEI//Oax77QrYRJz/lHMg3xB285Hc5COeCDJTUO2IqmXMuJJz94F6u2p2TvIuZdUBWA8n/2wpKb3AvGJL6yLTZRXvqa4u0CYHXQAytmmRfJ4oHighysFDSCH6F8+UcHgTcdsMMBDGwBOxU5HPuM7PjYwTI05NQRX1/kXYkvuCiW3vo8SK/Zvs+H5aYiMlNh8yG2cgcagZxVsJzYgdvbQud2WPM7jPDJYc4G7Ca/gwuCA1WxTqz1S8rJ0AFFAmPrQ7A8tD7RhxWBgTwFZ2kdGwVdiyvgUHw+HrVt16e/XkUa9g59ZfEugev8Q76qZk6+az8LvWf4+n+wckwVO9h55H5a0lTb4kmFGNPsP4y0g7W9rdIVdhNU2JZzO7WAD2kPFO5Ef4Sw2vgdFp3hkgjTaj/X3In9hqwP1Hd5Zc/lMHQVKQ/jNPqvf4ym4gVHrF9ve9XOqRr9HjJZE9xeWZoem133ioWq0tqfQY/Nw9wWgY/pIUOaFMwBm8cGPVLVkihip5L0373HVxaSVeHYlGP6scZhks4abJHGoTZXe8acUQ0lBYLz6y/FAgsr0c10ahkMxyRvgKlt5kFhurToi9CSciJODCYZcJJBJc+vqGZrYkSXi+kJPYKe+uLpdnu5c/RgmHG6Msq4iZxuvn6PQ2+X1h+kgcvr9n0hgjLNcZJhD9zjfrqofexjHqsxdhhMGDRo2aKBBsvRDU5unTfDlkGjURrKX7ucv2eSY9rynPwvrBaoPSzcs0wmE/vGsYirH/T8fCC21D3TzYp54qVmC2B9YjTq/PoanVGZQ4e6x2ZNE9u3qoMrV5rkHv+aTLXp6NnnMLWkiF4aTk6VDTjGbP1kOKIHcCTJo7lOr3pH3Bl8X0YYrp6sYEA3/0Z1tpREQ6TxhvdRZjswONeGYD8fXqiu1b+FKLB/nPk1+AWlKqEv1ZFyu0Hu7ksQLN4A9SndYibDdYBI3/Szu/6+rDfgnP9dc/rWrruTmpdPzh8tWVv98NP9q5Jk3/trzcHti7gydF9WjYlEkidb/Q0SOEl/Q==,iv:+5hoGuQnC4gnrwpu+RWGW68IgZMA/BlgU/peNV4K8CU=,tag:2iw/ylZUZZHnHBxYbSnGnA==,type:str] known-hosts: ENC[AES256_GCM,data:Fk6rZyK9i+B3RyvXgO42YxFq3iJ/aRIaS9fKgXQBml5ucRBm8tazNQxKjWHZSCwuVYwbEWBtadFSohLDUbn4W0tuz1HWAe8krdNbwKvbSBZsncXAdrE/F1oDMeWYTMaZYQ4BJiy2mZTx8FIemWjf6Nk7eCSksItEQgwTdS8/aWIHUIfTHy6avlYvHf7UszuMiJHYUB4bTtpNUGTjkEQ6ztSMTUjNs9uNsNWxAHyDxYhACg+HQjHR3BPhbPnHkr0gfIMDsYwlbt0UJ467wS2bUpWad0pnRM4s9oZDczlOrPDj3EGApzs2JdF8hJXteuEJzCmiqeGCQElgz3Xr2mSU/YssQKmmUFf+K2YMcthABAK9K3NQmIMnK9asF1ETo2Rnp0QcGKzEPlr1KIaD4rABSthQwmLgQjsrO0j20dmL6jQZOZ/kfZPLEZXjShkBbNo2RzPZxmoziUq1xMCW+KexTi8lTPLNbJw619Og0V/En4QnkZKDde0EZFl6x2uMUehYemFSk0eAinu7zCHKAZwQ8Y1OemMh5U6+a9xu8elvAZq30zvvDs30AqeXzbf8F/PqoLYNtWt8xeir46x733E072G6rWwa1xtDyXQY3m2Gb88TflDL8WQabjZxklz2sT2QoaTQ/nu2gUZGFZ6gLKWuoD6w0pTF0taciTEjq+pewqIpFalZ6n/oW+qPkM+MAKP8sa9ZZ5COBaN5qmpKGVPOL5BaAGDn4MfbQqVMeJ/OmuSrgSA=,iv:zFWkVDxM9SIAeHwO6f4FaBREc5FwrELM7SRqaJ07Dg8=,tag:0mscqaJX/hIn3+QwMaUBZA==,type:str] #ENC[AES256_GCM,data:B7wn3/uVKH1SdPqAks3ZE3qW+w==,iv:SfkeU0LEBDiBt03Slsg/MPsfUfaIrnApWqkqrf4V2u0=,tag:JDnabUeWAmVPUCAMlkjSLg==,type:comment] kibana: @@ -82,8 +82,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2024-02-13T06:24:31Z" - mac: ENC[AES256_GCM,data:QcWerTVYuf6AtI96vzqkyRF3X4kEwGZikrCOJm2/a+D7DsXpLztyjDzBczKoZ1hmWFKiaxKC9vfC5f+xRVqCNvWAIATov8YfSiyOCSlSkPOqbTGcQe1EvJ6sfuNaPI0H1QmekYko/qznBsixz+mk8w5PvNXISo6MIhNNHwx+K/8=,iv:tYUqkG/7jGj/z7Zt5Rpjk9OcPzUYn3FjJECUhK1cLas=,tag:dEUqoeKmSR9sA26gZ6dsew==,type:str] + lastmodified: "2024-02-13T07:13:14Z" + mac: ENC[AES256_GCM,data:WK5JjO88eRR9opoR1qWbDkQws9hgX0X9M11gLxV7uoERxtCoWBMQiD4DnSLJmsY9XXbnrOJniTBHQF7rjhW5D3jufpTiN5HL7k2AG2mOjlCBKlQls00+J3aFuKqW/JwKboZHV6m2babj1F8aDhitgFfiuUDW9peMh974dqmUJMQ=,iv:/jphGD6Fi49P5WX2fk2CyUyK0KaMmfcryVUyKUc0DD4=,tag:c2hjhMTF0C74z1s/4qSDxA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 From f1012c8d1c2a647d3168d716dc377b0be0cf877c Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 12:48:57 +0530 Subject: [PATCH 712/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index e3b6aee47b..3b551fb5a6 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -266,6 +266,7 @@ egov-pg-service: # >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> egov-mdms-service: + memory_limits: "512Mi" replicas: 1 images: - egovio/egov-mdms-service From 03bdfea1618b38ce35aaf5ab41db7d25ed2db2bc Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 13:56:52 +0530 Subject: [PATCH 713/742] Update values.yaml --- .../helm/charts/core-services/egov-url-shortening/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 1e47cadcaa..99af2df1e9 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -30,7 +30,7 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" server-context: "/eus" - +memory_limits: "512Mi" # Additional Container Envs env: | {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} From cc4b82efa5c367f6b4c544d4f1257df3e2844eff Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 13:59:54 +0530 Subject: [PATCH 714/742] Update values.yaml --- .../helm/charts/health-services/service-request/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index 8eae35491d..a541782552 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -3,7 +3,7 @@ labels: app: "service-request" group: "rainmaker" -namespace: health +namespace: egov # Ingress Configs ingress: namespace: egov @@ -61,4 +61,4 @@ env: | - name: SECURITY_BASIC_ENABLED value: "false" - name: MANAGEMENT_SECURITY_ENABLED - value: "false" \ No newline at end of file + value: "false" From 87f2130adbffe1af3df2347ad772e0ca09561aaa Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 14:02:41 +0530 Subject: [PATCH 715/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 3b551fb5a6..06d2b824d5 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -174,7 +174,7 @@ egov-filestore: allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 - fixed-bucketname: filestore bucket name ## Add filestore bucket name + fixed-bucketname: unified-dev-bucket-s3 ## Add filestore bucket name egov-idgen: idformat-from-mdms: "true" From 290981a33b60edf3e74e26d392a91f5b3bff6913 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 14:42:31 +0530 Subject: [PATCH 716/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 06d2b824d5..33a086caee 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -165,6 +165,7 @@ citizen: ';" egov-filestore: + memory_limits: "512Mi" volume: /opt/eGov/filestore is-bucket-fixed: "true" minio.url : "http://minio.backbone:9000/" From 84ca6798a57cc40311b53b78bc847b1f1b3bd4e0 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 14:59:45 +0530 Subject: [PATCH 717/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 33a086caee..0e75ff279b 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -291,14 +291,23 @@ egov-indexer: egov-persister: replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi images: - egovio/egov-persister - persist-yml-path: "file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml" + persist-yml-path: "file:///work-dir/configs/fsm/egov-persister/fsm-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/fsm/egov-persister/vendor-persister.yaml,file:///work-dir/configs/fsm/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/pt-mutation-calculator-persister.yml,file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/tradelicense.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/chatbot.yml,file:///work-dir/configs/egov-persister/fsm-persister.yaml,file:///work-dir/configs/egov-persister/vehicle-persister.yaml,file:///work-dir/configs/egov-persister/vendor-persister.yaml,file:///work-dir/configs/egov-persister/fsm-calculator-persister.yaml,file:///work-dir/configs/egov-persister/mdms-persister.yml,file:///work-dir/configs/works/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/audit-service-persister.yml,file:///work-dir/configs/works/egov-persister/bankaccounts-persister.yml,file:///work-dir/configs/works/egov-persister/btr-persister.yml,file:///work-dir/configs/works/egov-persister/contract-service-persister.yml,file:///work-dir/configs/works/egov-persister/estimate-service.yml,file:///work-dir/configs/works/egov-persister/expence-calculator-service-persister.yml,file:///work-dir/configs/works/egov-persister/expense-bill-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expense-billarray-payment-persister.yaml,file:///work-dir/configs/works/egov-persister/expensebilling-service-persister.yml,file:///work-dir/configs/works/egov-persister/muster-service-persister.yml,file:///work-dir/configs/works/egov-persister/organisation-persister.yml,file:///work-dir/configs/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/product-persister.yml,file:///work-dir/configs/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/household-persister.yml,file:///work-dir/configs/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/stock-persister.yml,file:///work-dir/configs/health/egov-persister/facility-persister.yml,file:///work-dir/configs/egov-persister/service-request-persister.yml,file:///work-dir/configs/health/egov-persister/service-request-persister.yml,file:///work-dir/configs/egov-persister/pgr-services-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-persister.yml,file:///work-dir/configs/works/egov-persister/measurement-service-persister.yml,file:///work-dir/configs/egov-persister/pqm-persister.yaml,file:///work-dir/configs/health/egov-persister/referral-management-persister.yml,file:///work-dir/configs/egov-persister/pqm-anomaly-finder-persister.yaml,file:///work-dir/configs/egov-persister/boundary-persister.yml,file:///work-dir/configs/health/egov-persister/individual-persister.yml,file:///work-dir/configs/health/egov-persister/project-persister.yml,file:///work-dir/configs/health/egov-persister/project-task-persister.yml,file:///work-dir/configs/health/egov-persister/attendance-service-persister.yml,file:///work-dir/configs/works/egov-persister/mukta-ifix-adapter-persister.yml,file:///work-dir/configs/health/egov-persister/hrms-employee-persister.yml" initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - + branch: "UNIFIED-DEV" + +audit-service: + persist-yml-path: "https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/attendance-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/muster-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/estimate-service.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/contract-service-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/bankaccounts-persister.yml,https://raw.githubusercontent.com/egovernments/configs/UNIFIED-DEV/works/egov-persister/expense-bill-payment-persister.yaml" + initContainers: + gitSync: + repo: "git@github.com:egovernments/configs" + branch: "UNIFIED-DEV" + pgr-services: memory_limits: 512Mi From b1cd69c7818390a4f1cfeb3268620d983d8f948c Mon Sep 17 00:00:00 2001 From: aaradhya-egov <137176709+aaradhya-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 16:27:29 +0530 Subject: [PATCH 718/742] added indexer username and password (#2416) --- .../helm/charts/core-services/egov-indexer/values.yaml | 10 ++++++++++ deploy-as-code/helm/environments/digit-lts.yaml | 4 ++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml index 561222c74f..dc22e32b90 100644 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml @@ -66,3 +66,13 @@ env: | configMapKeyRef: name: egov-config key: egov-state-level-tenant-id + - name: EGOV_INDEXER_ES_USERNAME + valueFrom: + secretKeyRef: + name: elasticsearch-master-credentials + key: username + - name: EGOV_INDEXER_ES_PASSWORD + valueFrom: + secretKeyRef: + name: elasticsearch-master-credentials + key: password \ No newline at end of file diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 0e75ff279b..2e2edcaec4 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -286,8 +286,8 @@ egov-indexer: initContainers: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url - branch: "UAT" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml" + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yaml" egov-persister: replicas: 1 From a014c87ecd3670ec17f7bd22ce78809cd03244d1 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 13 Feb 2024 17:07:03 +0530 Subject: [PATCH 719/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 2e2edcaec4..fca7f44a6b 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -287,7 +287,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yaml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yml" egov-persister: replicas: 1 From 4346ce645f53b2c0601240da8ce83de079bace49 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Wed, 14 Feb 2024 12:08:11 +0530 Subject: [PATCH 720/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index fca7f44a6b..08f6a4f4a9 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -275,7 +275,7 @@ egov-mdms-service: initContainers: gitSync: repo: "git@github.com:egovernments/egov-mdms-data" ##### Change repo url with Your fork Repo url - branch: "UNIFIED-QA" ##### Change repo branch with Your fork Repo branch + branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch mdms-folder: "egov-mdms-data" masters-config-url: "file:///work-dir/egov-mdms-data/master-config.json" java-args: -Dspring.profiles.active=monitoring From 42db7accafeb0930fab40df6ec7fbf80f5b276a5 Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 14 Feb 2024 14:12:59 +0530 Subject: [PATCH 721/742] updated services config in the env file --- .../egov-url-shortening/values.yaml | 2 +- .../helm/environments/digit-lts.yaml | 24 +++++++++++++++++-- 2 files changed, 23 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 99af2df1e9..1e47cadcaa 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -30,7 +30,7 @@ tracing-enabled: true heap: "-Xmx192m -Xms192m" java-args: "-Dspring.profiles.active=monitoring" server-context: "/eus" -memory_limits: "512Mi" + # Additional Container Envs env: | {{- if index .Values "global" "tracer-errors-provideexceptionindetails" }} diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 08f6a4f4a9..7d14f3f9be 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -163,6 +163,13 @@ citizen: sub_filter '' ' + +egov-url-shortening: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-url-shortner-endpoint: "/eus/shortener" + hashids-salt: "randomsalt" + hashids-min-length: "2" ';" egov-filestore: memory_limits: "512Mi" @@ -177,11 +184,22 @@ egov-filestore: filestore-url-validity: 3600 fixed-bucketname: unified-dev-bucket-s3 ## Add filestore bucket name +egov-enc-service: + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + state-level-tenant-id: "pb" + egov-idgen: idformat-from-mdms: "true" java-args: -Dspring.profiles.active=monitoring + heap: "-Xmx192m -Xms192m" autocreate-new-seq: "true" +egov-localization: + replicas: 1 + heap: "-Xmx256m -Xms256m" + memory_limits: 512Mi + egov-notification-sms: sms-provider-url: "sms provider url" ## Add sms provider url sms.provider.class: "Generic" @@ -217,7 +235,7 @@ egov-user: citizen-otp-fixed: "123456" citizen-otp-fixed-enabled: "true" egov-state-level-tenant-id: "in" - decryption-abac-enabled: "false" + decryption-abac-enabled: "true" chatbot: kafka-topics-partition-count: 3 @@ -473,7 +491,9 @@ tl-services: egov-workflow-v2: logging-level: "DEBUG" java-args: -Dspring.profiles.active=monitoring - workflow-statelevel: "true" + heap: "-Xmx192m -Xms192m" + memory_limits: 512Mi + workflow-statelevel: "false" host-link: "https://egov-demo.egovernments.org/citizen/" pdf-link: "/download/epass?tenantId={TENANTID}&ids={UUID}" From 8214149fa80fac150203980732648bddc5bd14b3 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Wed, 14 Feb 2024 14:54:17 +0530 Subject: [PATCH 722/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 7d14f3f9be..12b8e9bf89 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -163,14 +163,15 @@ citizen: sub_filter '' ' - + ';" + egov-url-shortening: heap: "-Xmx256m -Xms256m" memory_limits: 512Mi egov-url-shortner-endpoint: "/eus/shortener" hashids-salt: "randomsalt" hashids-min-length: "2" - ';" + egov-filestore: memory_limits: "512Mi" volume: /opt/eGov/filestore From 07fa3e73dd5c49cf2e2371f0a91296bcee81409a Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Wed, 14 Feb 2024 14:57:10 +0530 Subject: [PATCH 723/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 12b8e9bf89..c9458be820 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -328,6 +328,7 @@ audit-service: branch: "UNIFIED-DEV" pgr-services: + namespace: egov memory_limits: 512Mi egov-data-uploader: From 6e92056699058d6823f3e0f3374a3b4cc82b2086 Mon Sep 17 00:00:00 2001 From: Rishabh-egov <137171925+Rishabh-egov@users.noreply.github.com> Date: Tue, 27 Feb 2024 12:14:07 +0530 Subject: [PATCH 724/742] Spring cloud gateway helm (#2458) * [DPG-2011] Added helm files for spring-cloud-gateway * Updated the spring gateway-k8-discovery --- .../core-services/gateway/gateway/Chart.yaml | 26 +++ .../gateway/gateway/templates/deployment.yaml | 2 + .../gateway/gateway/templates/role.yaml | 24 +++ .../gateway/templates/rolebinding.yaml | 21 +++ .../gateway/gateway/templates/service.yaml | 2 + .../gateway/templates/serviceaccount.yaml | 15 ++ .../core-services/gateway/gateway/values.yaml | 155 ++++++++++++++++++ 7 files changed, 245 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml new file mode 100644 index 0000000000..ec60b919cc --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: gateway +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: + - name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml new file mode 100644 index 0000000000..43d0282ccc --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml @@ -0,0 +1,24 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Chart.Name }} + namespace: {{ .Values.namespace }} +rules: + - apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml new file mode 100644 index 0000000000..f7533720e4 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml @@ -0,0 +1,21 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Chart.Name }} + namespace: {{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Chart.Name }} +subjects: + - kind: ServiceAccount + name: {{ .Values.serviceAccount }} + namespace: {{ .Values.namespace }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml new file mode 100644 index 0000000000..07a1644844 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +{{- if or .Values.serviceAccount -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Values.serviceAccount }} + namespace: {{ .Values.namespace }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml new file mode 100644 index 0000000000..38e80443ce --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml @@ -0,0 +1,155 @@ +# Common Labels +labels: + app: "gateway" + group: "gateway" + +serviceAccount: gateway +namespace: egov + +# Init Containers Configs +initContainers: + extraInitContainers: | + - name: "gateway-kubernetes-discovery" + image: "{{ .Values.global.containerRegistry }}/spring-cloud-gateway-dc88c9111d-2" + env: + - name: "OUTPUT_FILE_PATH" + value: "/etc/gateway/application.yaml" + - name: "NAMESPACE" + value: "egov" + volumeMounts: + - name: zuul-routes + mountPath: /etc/zuul + +extraVolumes: | + - name: zuul-routes + emptyDir: {} + +extraVolumeMounts: | + - name: zuul-routes + mountPath: "/etc/zuul" + +# Container Configs +image: + repository: "gateway" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health" + readinessProbePath: "/health" +custom-filter-property: "false" +posthook-config: "" +prehook-config: "" +heap: "-Xmx192m -Xms192m" +appType: "java-spring" +tracing-enabled: true +server-tomcat-max-threads: "350" +server-tomcat-max-connections: "1500" +java-args: "" +egov-open-endpoints-whitelist: "/user/oauth/token,/user-otp/v1/_send,/otp/v1/_validate,/user/citizen/_create,/localization/messages,/localization/messages/v1/_search,/user/password/nologin/_update,/tenant/v1/tenant/_search,/egov-location/boundarys,/egov-location/boundarys/boundariesByBndryTypeNameAndHierarchyTypeName,/egov-location/boundarys/getLocationByLocationName,/egov-mdms-service/v1/_search,/egov-location/location/v11/geography/_search,/filestore/v1/files/url,/pt-calculator-v2/billing-slab/_search,/egov-searcher/property-services/propertyopensearch/_get,/edcr/rest/dcr/downloadfile" +egov-mixed-mode-endpoints-whitelist: "/filestore/v1/files/id,/filestore/v1/files,/filestore/v1/files/tag,/user/_search,/access/v1/actions/mdms/_get,/tl-services/v1/_search,/tl-services/v1/BPAREG/_search,/tl-services/v1/BPAREG/_create,/tl-services/v1/BPAREG/_update,/tl-calculator/v1/BPAREG/_getbill,/bpa-services/bpa/appl/_search,/edcr/rest/dcr/scrutinize,/edcr/rest/dcr/scrutinydetails" +eventlog-enabled: "false" +eventlog-topic: "springGateway-event-log" +eventlog-urls-whitelist: "" +home-isolation-chatbot-router-enabled: false + +# Additional Container Envs +env: | + - name: URL_LISTS + value: "/pt-services-v2/property/_create:http://rainmaker-custom-service:8000/customization/protected/punjab-pt/property/_create|/pt-services-v2/property/_update:http://rainmaker-custom-service:8000/customization/protected/punjab-pt/property/_update|/pt-calculator-v2/propertytax/_estimate:http://rainmaker-custom-service:8000/customization/protected/punjab-pt/pt-calculator-v2/_estimate" + - name: CUSTOM_FILTER_PROPERTY + value: {{ index .Values "custom-filter-property" | quote }} + - name: CUSTOM_FILTER_POSTHOOKS + value: "true" + - name: CUSTOM_FILTER_PREHOOKS + value: "true" + - name: URL_POSTHOOK_LISTS + value: {{ index .Values "posthook-config" | quote }} + - name: URL_PREHOOK_LISTS + value: {{ index .Values "prehook-config" | quote }} + - name: GATEWAY_ROUTES_TL_CALCULATOR_URL + value: http://tl-calculator:8080/ + - name: SERVER_PORT + value: "8080" + {{- if index .Values "java-debug" }} + - name: JAVA_ENABLE_DEBUG + value: {{ index .Values "java-debug" | quote }} + {{- else }} + - name: JAVA_ENABLE_DEBUG + value: "false" + {{- end }} + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: SPRING_KAFKA_CONSUMER_GROUP_ID + value: egov-api-gateway + - name: SPRING_KAFKA_PRODUCER_KEY_SERIALIZER + value: org.apache.kafka.common.serialization.StringSerializer + - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER + value: org.springframework.kafka.support.serializer.JsonSerializer + - name: EGOV_CUSTOM_ASYNC_FILTER_TOPIC + value: res-custom-filter + - name: EGOV_OPEN_ENDPOINTS_WHITELIST + value: {{ index .Values "egov-open-endpoints-whitelist" | quote }} + - name: EGOV_MIXED_MODE_ENDPOINTS_WHITELIST + value: {{ index .Values "egov-mixed-mode-endpoints-whitelist" | quote }} + - name: EVENTLOG_ENABLED + value: {{ index .Values "eventlog-enabled" | quote }} + - name: EVENTLOG_TOPIC + value: {{ index .Values "eventlog-topic" | quote }} + - name: EVENTLOG_URLS_WHITELIST + value: {{ index .Values "eventlog-whitelist" | quote }} + - name: EGOV_AUTHORIZE_ACCESS_CONTROL_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-accesscontrol + - name: EGOV_AUTH_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user + - name: GATEWAY_HOST_CONNECT_TIMEOUT_MILLIS + value: "20000" + - name: GATEWAY_HOST_SOCKET_TIMEOUT_MILLIS + value: "60000" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + key: state-level-tenant-id + name: egov-config + - name: GATEWAY_ROUTES_FILEPATH + value: "file:/etc/gateway/application.yaml" + {{- if index .Values "home-isolation-chatbot-router-enabled" }} + - name: HOME_ISOLATION_CHATBOT_ROUTER_ENABLED + value: {{ index .Values "home-isolation-chatbot-router-enabled" | quote }} + - name: CHATBOT_CONTEXT_PATH + value: "/whatsapp-webhook" + - name: EGOV_USER_ISOLATION_SERVICE_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: egov-user-enc + - name: HOME_ISOLATION_CHATBOT_HOST + valueFrom: + configMapKeyRef: + name: egov-service-host + key: home-isolation-chatbot + {{- end }} + - name: SPRING_REDIS_HOST + {{- if index .Values "cluster-configs" "configmaps" "egov-service-host" "data" "redis-host" }} + valueFrom: + configMapKeyRef: + name: egov-service-host + key: redis-host + {{- else }} + value: "redis.backbone" + {{- end }} \ No newline at end of file From 8fb81cc191fe215a454890bfb07521222a43836e Mon Sep 17 00:00:00 2001 From: Rishabh-egov Date: Tue, 27 Feb 2024 13:51:51 +0530 Subject: [PATCH 725/742] moved gateway folder to core-services --- .../helm/charts/core-services/gateway/{gateway => }/Chart.yaml | 0 .../core-services/gateway/{gateway => }/templates/deployment.yaml | 0 .../core-services/gateway/{gateway => }/templates/role.yaml | 0 .../gateway/{gateway => }/templates/rolebinding.yaml | 0 .../core-services/gateway/{gateway => }/templates/service.yaml | 0 .../gateway/{gateway => }/templates/serviceaccount.yaml | 0 .../helm/charts/core-services/gateway/{gateway => }/values.yaml | 0 7 files changed, 0 insertions(+), 0 deletions(-) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/Chart.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/templates/deployment.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/templates/role.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/templates/rolebinding.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/templates/service.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/templates/serviceaccount.yaml (100%) rename deploy-as-code/helm/charts/core-services/gateway/{gateway => }/values.yaml (100%) diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml b/deploy-as-code/helm/charts/core-services/gateway/Chart.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/Chart.yaml rename to deploy-as-code/helm/charts/core-services/gateway/Chart.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/gateway/templates/deployment.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/templates/deployment.yaml rename to deploy-as-code/helm/charts/core-services/gateway/templates/deployment.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml b/deploy-as-code/helm/charts/core-services/gateway/templates/role.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/templates/role.yaml rename to deploy-as-code/helm/charts/core-services/gateway/templates/role.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/gateway/templates/rolebinding.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/templates/rolebinding.yaml rename to deploy-as-code/helm/charts/core-services/gateway/templates/rolebinding.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml b/deploy-as-code/helm/charts/core-services/gateway/templates/service.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/templates/service.yaml rename to deploy-as-code/helm/charts/core-services/gateway/templates/service.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/core-services/gateway/templates/serviceaccount.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/templates/serviceaccount.yaml rename to deploy-as-code/helm/charts/core-services/gateway/templates/serviceaccount.yaml diff --git a/deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml similarity index 100% rename from deploy-as-code/helm/charts/core-services/gateway/gateway/values.yaml rename to deploy-as-code/helm/charts/core-services/gateway/values.yaml From 3c0e1bbcf4df6768792343a59b25a90fca063a6f Mon Sep 17 00:00:00 2001 From: Rishabh-egov Date: Tue, 27 Feb 2024 14:07:02 +0530 Subject: [PATCH 726/742] [core-2.9-lts] fixed double quotes in values --- deploy-as-code/helm/charts/core-services/gateway/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index 38e80443ce..ddf1a730be 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -10,7 +10,7 @@ namespace: egov initContainers: extraInitContainers: | - name: "gateway-kubernetes-discovery" - image: "{{ .Values.global.containerRegistry }}/spring-cloud-gateway-dc88c9111d-2" + image: "{{ .Values.global.containerRegistry }}"/spring-cloud-gateway-dc88c9111d-2 env: - name: "OUTPUT_FILE_PATH" value: "/etc/gateway/application.yaml" From 0a126e18768dd375502c936642ba3e23a6e14bde Mon Sep 17 00:00:00 2001 From: Rishabh-egov Date: Tue, 27 Feb 2024 14:13:42 +0530 Subject: [PATCH 727/742] [core-2.9-lts] fixed trailing space --- deploy-as-code/helm/charts/core-services/gateway/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index ddf1a730be..fe548cd0eb 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -10,7 +10,7 @@ namespace: egov initContainers: extraInitContainers: | - name: "gateway-kubernetes-discovery" - image: "{{ .Values.global.containerRegistry }}"/spring-cloud-gateway-dc88c9111d-2 + image: "{{ .Values.global.containerRegistry }}"/spring-cloud-gateway-dc88c9111d-2 env: - name: "OUTPUT_FILE_PATH" value: "/etc/gateway/application.yaml" From d420f0048b9680d5a05d453e123d94dc9cf02764 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 27 Feb 2024 14:23:50 +0530 Subject: [PATCH 728/742] Update values.yaml --- deploy-as-code/helm/charts/core-services/gateway/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index fe548cd0eb..126f9eed0c 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -10,7 +10,7 @@ namespace: egov initContainers: extraInitContainers: | - name: "gateway-kubernetes-discovery" - image: "{{ .Values.global.containerRegistry }}"/spring-cloud-gateway-dc88c9111d-2 + image: {{ .Values.global.containerRegistry }}/spring-cloud-gateway-dc88c9111d-2 env: - name: "OUTPUT_FILE_PATH" value: "/etc/gateway/application.yaml" @@ -152,4 +152,4 @@ env: | key: redis-host {{- else }} value: "redis.backbone" - {{- end }} \ No newline at end of file + {{- end }} From 1083dc050c0f928302bb3b603e9a467f2abb295d Mon Sep 17 00:00:00 2001 From: Rishabh-egov Date: Tue, 27 Feb 2024 15:03:55 +0530 Subject: [PATCH 729/742] [core-2.9-lts] fixed configd --- .../helm/charts/core-services/gateway/values.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index 126f9eed0c..72274da801 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -10,10 +10,10 @@ namespace: egov initContainers: extraInitContainers: | - name: "gateway-kubernetes-discovery" - image: {{ .Values.global.containerRegistry }}/spring-cloud-gateway-dc88c9111d-2 + image: {{ .Values.global.containerRegistry }}/gateway-kubernetes-discovery:spring-cloud-gateway-dc88c9111d-2 env: - name: "OUTPUT_FILE_PATH" - value: "/etc/gateway/application.yaml" + value: "/etc/zuul/application.yaml" - name: "NAMESPACE" value: "egov" volumeMounts: @@ -124,7 +124,7 @@ env: | - name: STATE_LEVEL_TENANT_ID valueFrom: configMapKeyRef: - key: state-level-tenant-id + key: egov-state-level-tenant-id name: egov-config - name: GATEWAY_ROUTES_FILEPATH value: "file:/etc/gateway/application.yaml" From 89254f3226f58094793c1b22b414eacbfdb3b6a4 Mon Sep 17 00:00:00 2001 From: Rishabh-egov Date: Tue, 27 Feb 2024 16:11:01 +0530 Subject: [PATCH 730/742] [core-2.9-lts] updated k8-discovery image --- deploy-as-code/helm/charts/core-services/gateway/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index 72274da801..04f191459b 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -10,7 +10,7 @@ namespace: egov initContainers: extraInitContainers: | - name: "gateway-kubernetes-discovery" - image: {{ .Values.global.containerRegistry }}/gateway-kubernetes-discovery:spring-cloud-gateway-dc88c9111d-2 + image: {{ .Values.global.containerRegistry }}/gateway-kubernetes-discovery:spring-cloud-gateway-a1805991e4-3 env: - name: "OUTPUT_FILE_PATH" value: "/etc/zuul/application.yaml" From ea2cc9ebdeffbae66a9a68660b82195b117a3569 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Tue, 27 Feb 2024 17:55:05 +0530 Subject: [PATCH 731/742] Update values.yaml --- .../helm/charts/health-services/service-request/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index a541782552..71186500e0 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -41,9 +41,9 @@ env: | - name: SPRING_KAFKA_PRODUCER_VALUE_SERIALIZER value: org.springframework.kafka.support.serializer.JsonSerializer - name: EGOV_SERVICE_DEFINITION_CREATE_TOPIC - value: save-service-definition-health + value: save-service-definition - name: EGOV_SERVICE_CREATE_TOPIC - value: save-service-health + value: save-service - name: EGOV_SERVICE_REQUEST_DEFAULT_OFFSET value: "0" - name: EGOV_SERVICE_REQUEST_DEFAULT_LIMIT From 50f7803cef7baaee4a90fabed631940301f071ec Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Wed, 28 Feb 2024 10:51:28 +0530 Subject: [PATCH 732/742] updated memory size for some services and changed the filestore secrets --- .../helm/charts/core-services/egov-pg-service/values.yaml | 3 ++- .../charts/core-services/internal-gateway/values.yaml | 3 ++- .../charts/health-services/service-request/values.yaml | 3 ++- deploy-as-code/helm/environments/digit-lts-secrets.yaml | 8 ++++---- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml index 2083062cfe..dd16bda267 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pg-service/values.yaml @@ -36,7 +36,8 @@ ccavenue-url: "" ccavenue-url-status: "" ccavenue-url-redirect: "" ccavenue-url-cancel: "" -heap: "-Xmx192m -Xms192m" +memory_limits: "512Mi" +heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" java-debug: "true" diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml index 4d305224b1..035325f1c1 100644 --- a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml @@ -39,7 +39,8 @@ healthChecks: custom-filter-property: "false" posthook-config: "" prehook-config: "" -heap: "-Xmx192m -Xms192m" +memory_limits: "768Mi" +heap: "-Xmx512m -Xms512m" appType: "java-spring" tracing-enabled: true server-tomcat-max-threads: "350" diff --git a/deploy-as-code/helm/charts/health-services/service-request/values.yaml b/deploy-as-code/helm/charts/health-services/service-request/values.yaml index 71186500e0..2fe11e417e 100644 --- a/deploy-as-code/helm/charts/health-services/service-request/values.yaml +++ b/deploy-as-code/helm/charts/health-services/service-request/values.yaml @@ -29,7 +29,8 @@ healthChecks: readinessProbePath: "/service-request/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +memory_limits: "512Mi" +heap: "-Xmx256m -Xms256m" java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs diff --git a/deploy-as-code/helm/environments/digit-lts-secrets.yaml b/deploy-as-code/helm/environments/digit-lts-secrets.yaml index a6d830ea84..95b7ba0e09 100644 --- a/deploy-as-code/helm/environments/digit-lts-secrets.yaml +++ b/deploy-as-code/helm/environments/digit-lts-secrets.yaml @@ -12,8 +12,8 @@ cluster-configs: password: ENC[AES256_GCM,data:SOjqKw==,iv:WxuL37b7r1F08Zftxvc290uud7aqbhDhyHzGtArTkiI=,tag:n3Dp2hmFlFMymLr8crpUrA==,type:str] #ENC[AES256_GCM,data:jd2wusYzkI4vU531dUfGVEPXnje0PQFLuq0wNcyQ7jm3yj4zf1SuspT2eVykbe/CmCKXmvqgHrGh9um/zO4o8vKkZw2ceIM2aIJ7eSOvkUT0yrzIAhIY43hFQSbTdX1K,iv:fHQaPxX/HGpPSjzBxCnrR81tXuAl+pYFrkiHIFF7f4I=,tag:NFgO2B7hy1VbFxtr/NC6bA==,type:comment] egov-filestore: - aws-key: ENC[AES256_GCM,data:/u6/ph0Rbe/4VuoarIxNI164p6U=,iv:UL8AMYDLC18gYdKCMw0mqLfVJZTsIdDK5jYnIv4Ntzk=,tag:8UQ7P6EAotqz+pjuRTgJVA==,type:str] - aws-secret-key: ENC[AES256_GCM,data:sHsBNGAcrm111iUfdxAWG4KZm8Zg1yR/hH+NpDTAIyB3m/QgkKUM+A==,iv:0NN97wNwidjxImRmGxPtiZqblIBDo8Uo121G2X4lf40=,tag:HtynV4ZDT50ykZuf+mmTwA==,type:str] + aws-key: ENC[AES256_GCM,data:BKuRUai/Ols7Gt9ApM1SA8u5+K4=,iv:qh2rqqnqN12Eg7YR5311KtVJiwz9CYNFOST8fdpajaU=,tag:jdSo+pO3SZbfMma1W+xCWw==,type:str] + aws-secret-key: ENC[AES256_GCM,data:DsDcLVGx+8bgassx8F7aZWekHtSljrIRg3ClsER4Xfl9vC596oUzdg==,iv:NXDnt8FGkqWc6MswzBg4VQmQ/U1iO77/9gZS5T5MafI=,tag:iGN6lz0MJsM3jZckQ1fe0A==,type:str] #ENC[AES256_GCM,data:OOXKAovA5EbWRK6Fu+jWvantUnh3o9m4NUCEcZdpsS7CD/0KHdPIUvNuwg==,iv:YRzlLqKwlLDTgRykledCVDdKbRoxGsvSSvIP3k6jxQ0=,tag:PYa4m1SEcKSZPB1oBtTnCg==,type:comment] egov-location: gmapskey: ENC[AES256_GCM,data:KHlI/Z1q9Oeqg1pYiEzeOYMn5w==,iv:0xvAiDB90wxs1Vesmh1fzHIZKSZnCHE/GqpACkfAL6Y=,tag:pMlGJYUhvH64gxGnoITCZg==,type:str] @@ -82,8 +82,8 @@ sops: azure_kv: [] hc_vault: [] age: [] - lastmodified: "2024-02-13T07:13:14Z" - mac: ENC[AES256_GCM,data:WK5JjO88eRR9opoR1qWbDkQws9hgX0X9M11gLxV7uoERxtCoWBMQiD4DnSLJmsY9XXbnrOJniTBHQF7rjhW5D3jufpTiN5HL7k2AG2mOjlCBKlQls00+J3aFuKqW/JwKboZHV6m2babj1F8aDhitgFfiuUDW9peMh974dqmUJMQ=,iv:/jphGD6Fi49P5WX2fk2CyUyK0KaMmfcryVUyKUc0DD4=,tag:c2hjhMTF0C74z1s/4qSDxA==,type:str] + lastmodified: "2024-02-28T05:20:58Z" + mac: ENC[AES256_GCM,data:T/Y6oNG3LUPmErY6gLpNVB66zWxL8GAzFJi1mMby07uhauBuHLfMru5Vxz/CApdFOCv0bp+5Ppl/YzbKDdJYgF4osmMVWmYS71LaXBN5hIyXsTtQPPi7JDgRq6e3RYZNpBqjOWnDbU/bJRXSzOHN+hrnO5KWPmEgIKbDwYCatAQ=,iv:Uzkq9j+j40scHVLHwoaOG5JApSe9e1dQn8/jlgBH2c4=,tag:eSiYMyhTS54UJQv8RgEQ2A==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.7.3 From 9c00e99065bccdddfa824bffb269b7c08f46421e Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 29 Feb 2024 11:01:21 +0530 Subject: [PATCH 733/742] Update values.yaml --- deploy-as-code/helm/charts/core-services/gateway/values.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/core-services/gateway/values.yaml b/deploy-as-code/helm/charts/core-services/gateway/values.yaml index 04f191459b..58f41685c6 100644 --- a/deploy-as-code/helm/charts/core-services/gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/gateway/values.yaml @@ -39,7 +39,7 @@ healthChecks: custom-filter-property: "false" posthook-config: "" prehook-config: "" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx512m -Xms512m" appType: "java-spring" tracing-enabled: true server-tomcat-max-threads: "350" @@ -51,6 +51,7 @@ eventlog-enabled: "false" eventlog-topic: "springGateway-event-log" eventlog-urls-whitelist: "" home-isolation-chatbot-router-enabled: false +memory_limits: "768Mi" # Additional Container Envs env: | From 54018e4f35d1552535f5d07fa43d93950992d2cf Mon Sep 17 00:00:00 2001 From: Harish-egov Date: Thu, 29 Feb 2024 15:21:21 +0530 Subject: [PATCH 734/742] updated memory size for all core services --- .../helm/charts/core-services/audit-service/values.yaml | 3 ++- .../helm/charts/core-services/boundary-service/values.yaml | 3 ++- .../helm/charts/core-services/chatbot/chatbot-values.yaml | 3 ++- .../helm/charts/core-services/egov-accesscontrol/values.yaml | 3 ++- .../helm/charts/core-services/egov-common-masters/values.yaml | 3 ++- .../helm/charts/core-services/egov-data-uploader/values.yaml | 3 ++- .../charts/core-services/egov-document-uploader/values.yaml | 3 ++- .../helm/charts/core-services/egov-enc-service/values.yaml | 1 + .../helm/charts/core-services/egov-filestore/values.yaml | 3 ++- .../helm/charts/core-services/egov-idgen/values.yaml | 3 ++- .../core-services/egov-index-custom-consumer/values.yaml | 3 ++- .../helm/charts/core-services/egov-indexer/values.yaml | 3 ++- .../helm/charts/core-services/egov-location/values.yaml | 3 ++- .../helm/charts/core-services/egov-mdms-service/values.yaml | 3 ++- .../charts/core-services/egov-notification-mail/values.yaml | 3 ++- .../charts/core-services/egov-notification-sms/values.yaml | 3 ++- deploy-as-code/helm/charts/core-services/egov-otp/values.yaml | 3 ++- deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml | 3 ++- .../helm/charts/core-services/egov-persister/values.yaml | 2 +- .../helm/charts/core-services/egov-searcher/values.yaml | 3 ++- .../core-services/egov-telemetry-kafka-streams/values.yaml | 3 ++- .../helm/charts/core-services/egov-url-shortening/values.yaml | 3 ++- .../helm/charts/core-services/egov-user-chatbot/values.yaml | 3 ++- .../helm/charts/core-services/egov-user-event/values.yaml | 3 ++- .../helm/charts/core-services/egov-user/egov-user-values.yaml | 3 ++- .../helm/charts/core-services/egov-workflow-v2/values.yaml | 3 ++- .../helm/charts/core-services/egov-workflow/values.yaml | 3 ++- .../helm/charts/core-services/internal-gateway/values.yaml | 4 ++-- deploy-as-code/helm/charts/core-services/mailbot/values.yaml | 3 ++- .../core-services/national-dashboard-ingest/values.yaml | 3 ++- .../helm/charts/core-services/nlp-engine/values.yaml | 3 ++- .../helm/charts/core-services/pdf-service/values.yaml | 3 ++- deploy-as-code/helm/charts/core-services/report/values.yaml | 3 ++- .../helm/charts/core-services/telemetry/values.yaml | 2 ++ deploy-as-code/helm/charts/core-services/user-otp/values.yaml | 3 ++- .../helm/charts/core-services/xstate-chatbot/values.yaml | 2 ++ deploy-as-code/helm/charts/core-services/zuul/values.yaml | 3 ++- 37 files changed, 72 insertions(+), 35 deletions(-) diff --git a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml index b1b4835cb8..e4e927b23b 100644 --- a/deploy-as-code/helm/charts/core-services/audit-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/audit-service/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/audit-service/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml index 2ca6fc194c..5a60e4a553 100644 --- a/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/boundary-service/values.yaml @@ -26,7 +26,8 @@ healthChecks: readinessProbePath: "/boundary-service/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx512m -Xms512m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" kafka-topics-create-boundary: "create-boundary-entity" kafka-topics-update-boundary: "update-boundary-entity" diff --git a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml index 1c7d88d181..884c50a194 100644 --- a/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml +++ b/deploy-as-code/helm/charts/core-services/chatbot/chatbot-values.yaml @@ -26,7 +26,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml index 8c55a28ed9..181c26484d 100644 --- a/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-accesscontrol/values.yaml @@ -22,7 +22,8 @@ healthChecks: readinessProbePath: "/access/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml index 9da2f2b906..b6dc4fe094 100644 --- a/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-common-masters/values.yaml @@ -23,7 +23,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml index 899ac4e9ad..9386f7c369 100644 --- a/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-data-uploader/values.yaml @@ -22,7 +22,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi upload-json-path: "" template-download-prefix: "" internal-file-folder-path: "" diff --git a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml index a42f47c37a..4e08f45afe 100644 --- a/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-document-uploader/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/egov-document-uploader/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml index f357a4e41b..cb652d09c3 100644 --- a/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-enc-service/values.yaml @@ -32,6 +32,7 @@ healthChecks: livenessProbePath: "/egov-enc-service/health" readinessProbePath: "/egov-enc-service/health" heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" master-password-provider: software diff --git a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml index 51c0e5b603..5dc1cc2f87 100644 --- a/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-filestore/values.yaml @@ -28,7 +28,8 @@ appType: "java-spring" tracing-enabled: true is-bucket-fixed: "true" fixed-bucketname: "unified-dev-bucket-s3" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi file-storage-mount-path: "/filestore" is-nfs-enabled: false is-s3-enabled: true diff --git a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml index 2429c17713..b117f68979 100644 --- a/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-idgen/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/egov-idgen/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" idformat-from-mdms: "false" autocreate-new-seq: "false" diff --git a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml index 902bc1341d..4ed72d9d77 100644 --- a/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-index-custom-consumer/values.yaml @@ -12,7 +12,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml index dc22e32b90..952c4306e5 100644 --- a/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-indexer/values.yaml @@ -32,7 +32,8 @@ healthChecks: appType: "java-spring" tracing-enabled: true egov-indexer-yaml-repo-path: "file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/tradelicense-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi indexer-host: "egov-indexer" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml index 6b7f9267af..f5fe4e0815 100644 --- a/deploy-as-code/helm/charts/core-services/egov-location/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-location/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/egov-location/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" gmaps: true # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml index ce422599d9..df36c8de9e 100644 --- a/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-mdms-service/values.yaml @@ -26,7 +26,8 @@ healthChecks: readinessProbePath: "/egov-mdms-service/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" mdms-path: "/work-dir/egov-mdms-data/data" mdms-git-url: "" diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml index 7e7986e075..04dc0182d2 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-mail/values.yaml @@ -13,7 +13,8 @@ replicas: "1" appType: "java-spring" tracing-enabled: true username: "egov-testing@egovernments.org" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml index eb4dae3e0f..c3b20ac199 100644 --- a/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-notification-sms/values.yaml @@ -26,7 +26,8 @@ sms.print.response: false sms.success.codes: "200,201,202" sms.verify.responseContains: "SMS message(s) sent" sms.error.codes: "401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml index 9a5537ba3a..738df140c7 100644 --- a/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-otp/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/otp/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml index 38ca0f0906..a55b6b8a82 100644 --- a/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-pdf/values.yaml @@ -13,7 +13,8 @@ ingress: image: repository: "egov-pdf" replicas: "1" - +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | - name: EGOV_MDMS_HOST diff --git a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml index b94827fc08..9caae7d728 100644 --- a/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-persister/values.yaml @@ -21,7 +21,7 @@ healthChecks: appType: "java-spring" tracing-enabled: true persist-yml-path: "file:///work-dir/configs/egov-persister/apportion-persister.yml,file:///work-dir/configs/egov-persister/property-services-registry.yml,file:///work-dir/configs/egov-persister/billing-services-persist.yml,file:///work-dir/configs/egov-persister/egf-bill.yaml,file:///work-dir/configs/egov-persister/egov-user-event-persister.yml,file:///work-dir/configs/egov-persister/egov-workflow-v2-persister.yml,file:///work-dir/configs/egov-persister/firenoc_persiter.yaml,file:///work-dir/configs/egov-persister/hrms-employee-persister.yml,file:///work-dir/configs/egov-persister/pdf-generator.yml,file:///work-dir/configs/egov-persister/pg-service-persister.yml,file:///work-dir/configs/egov-persister/pgr.v3.yml,file:///work-dir/configs/egov-persister/property-services.yml,file:///work-dir/configs/egov-persister/pt-calculator-v2-persister.yml,file:///work-dir/configs/egov-persister/pt-drafts.yml,file:///work-dir/configs/egov-persister/pt-persist.yml,file:///work-dir/configs/egov-persister/tl-billing-slab-persister.yml,file:///work-dir/configs/egov-persister/tl-calculation-persister.yml,file:///work-dir/configs/egov-persister/tradelicense-persister-bpachanges.yml,file:///work-dir/configs/egov-persister/uploader-persister.yml,file:///work-dir/configs/egov-persister/collection-migration-persister.yml,file:///work-dir/configs/egov-persister/water-persist.yml,file:///work-dir/configs/egov-persister/water-meter.yml,file:///work-dir/configs/egov-persister/assessment-persister.yml,file:///work-dir/configs/egov-persister/sewerage-persist.yml,file:///work-dir/configs/egov-persister/bpa-persister.yml" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" memory_limits: 512Mi java-args: "" diff --git a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml index 903efa0831..73290b330e 100644 --- a/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-searcher/values.yaml @@ -23,7 +23,8 @@ replicas: "1" appType: "java-spring" tracing-enabled: true search-yaml-path: "file:///work-dir/configs/egov-searcher/rainmaker-pgr-v2.yml,file:///work-dir/configs/egov-searcher/weekly-impact-emailer-searcher.yml,file:///work-dir/configs/egov-searcher/PTDemandBasedSearcher.yml,file:///work-dir/configs/egov-searcher/bill-genie.yml,file:///work-dir/configs/egov-searcher/rainmaker-tl.yml,file:///work-dir/configs/egov-searcher/localitySearcher.yml" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml index d8392c7722..cf2c586a43 100644 --- a/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-telemetry-kafka-streams/values.yaml @@ -12,7 +12,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml index 1e47cadcaa..c67039aede 100644 --- a/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-url-shortening/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/eus/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" server-context: "/eus" diff --git a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml index c9d97610ff..9f09d3eade 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user-chatbot/values.yaml @@ -28,7 +28,8 @@ roles-state-level: "true" citizen-registration-withlogin: "true" citizen-otp-fixed: "123456" citizen-otp-fixed-enabled: "true" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml b/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml index 03d8101bb9..a48ca65b46 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user-event/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/egov-user-event/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml index c179385aa4..5a7fb42e1a 100644 --- a/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-user/egov-user-values.yaml @@ -41,7 +41,8 @@ roles-state-level: "true" citizen-registration-withlogin: "true" citizen-otp-fixed: "123456" citizen-otp-fixed-enabled: "true" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml index 40df12c081..093b18753d 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow-v2/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/egov-workflow-v2/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" workflow-statelevel: "true" diff --git a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml index badcd91271..8de052b590 100644 --- a/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml +++ b/deploy-as-code/helm/charts/core-services/egov-workflow/values.yaml @@ -17,7 +17,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml index 035325f1c1..1068151ef2 100644 --- a/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml +++ b/deploy-as-code/helm/charts/core-services/internal-gateway/values.yaml @@ -39,8 +39,8 @@ healthChecks: custom-filter-property: "false" posthook-config: "" prehook-config: "" -memory_limits: "768Mi" -heap: "-Xmx512m -Xms512m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi appType: "java-spring" tracing-enabled: true server-tomcat-max-threads: "350" diff --git a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml index 0434481379..ce7213fb82 100644 --- a/deploy-as-code/helm/charts/core-services/mailbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/mailbot/values.yaml @@ -22,7 +22,8 @@ healthChecks: enabled: true livenessProbePath: "/mailbot/actuator/health" readinessProbePath: "/mailbot/actuator/health" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" config-paths: "file:///work-dir/configs/mailbot/case-management.yaml" cache-expiry-email: "10" diff --git a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml index ba5f7852bd..24cb94078d 100644 --- a/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml +++ b/deploy-as-code/helm/charts/core-services/national-dashboard-ingest/values.yaml @@ -27,7 +27,8 @@ healthChecks: readinessProbePath: "/national-dashboard/health" appType: "java-spring" tracing-enabled: true -heap: "-Xmx64m -Xms64m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "-Dspring.profiles.active=monitoring" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml index a22130adb6..c55b1c0db8 100644 --- a/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml +++ b/deploy-as-code/helm/charts/core-services/nlp-engine/values.yaml @@ -15,7 +15,8 @@ image: replicas: "1" appType: "java-spring" tracing-enabled: true - +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | - name: DEFAULT_LOCALISATION_TENANT diff --git a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml index 77ff7b5fb0..24241304ff 100644 --- a/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml +++ b/deploy-as-code/helm/charts/core-services/pdf-service/values.yaml @@ -29,7 +29,8 @@ appType: "java-spring" tracing-enabled: true data-config-urls: "file:///work-dir/configs/pdf-service/data-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/data-config/pt-receipt.json,file:///work-dir/configs/pdf-service/data-config/tl-receipt.json,file:///work-dir/configs/pdf-service/data-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/data-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/data-config/tlapplication.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/data-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/data-config/tlcertificate.json" format-config-urls: "file:///work-dir/configs/pdf-service/format-config/firenoc-receipt.json,file:///work-dir/configs/pdf-service/format-config/pt-receipt.json,file:///work-dir/configs/pdf-service/format-config/tl-receipt.json,file:///work-dir/configs/pdf-service/format-config/consolidatedbill.json,file:///work-dir/configs/pdf-service/format-config/consolidatedreceipt.json,file:///work-dir/configs/pdf-service/format-config/tlapplication.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedacknowlegment.json,file:///work-dir/configs/pdf-service/format-config/ws-consolidatedsewerageconnection.json,file:///work-dir/configs/pdf-service/format-config/tlcertificate.json" - +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | - name: NODE_ENV diff --git a/deploy-as-code/helm/charts/core-services/report/values.yaml b/deploy-as-code/helm/charts/core-services/report/values.yaml index 97931fa789..874675d8c8 100644 --- a/deploy-as-code/helm/charts/core-services/report/values.yaml +++ b/deploy-as-code/helm/charts/core-services/report/values.yaml @@ -26,7 +26,8 @@ healthChecks: readinessProbePath: "/report/health" tracing-enabled: "true" report-locationsfile-path: "file:///work-dir/configs/reports/reportFileLocationsv1.txt" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi spring-datasource-tomcat-max-active: "5" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml index 5b4674aa8d..29b26db7dd 100644 --- a/deploy-as-code/helm/charts/core-services/telemetry/values.yaml +++ b/deploy-as-code/helm/charts/core-services/telemetry/values.yaml @@ -17,6 +17,8 @@ image: replicas: "1" httpPort: 9001 tracing-enabled: true +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/user-otp/values.yaml b/deploy-as-code/helm/charts/core-services/user-otp/values.yaml index 5bf9d2d415..577e86db01 100644 --- a/deploy-as-code/helm/charts/core-services/user-otp/values.yaml +++ b/deploy-as-code/helm/charts/core-services/user-otp/values.yaml @@ -22,7 +22,8 @@ healthChecks: replicas: "1" appType: "java-spring" tracing-enabled: true -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi java-args: "" # Additional Container Envs diff --git a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml index 9d9b5e80b7..51d121bd60 100644 --- a/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml +++ b/deploy-as-code/helm/charts/core-services/xstate-chatbot/values.yaml @@ -26,6 +26,8 @@ image: repository: "xstate-chatbot" replicas: "1" tracing-enabled: true +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi # Additional Container Envs env: | diff --git a/deploy-as-code/helm/charts/core-services/zuul/values.yaml b/deploy-as-code/helm/charts/core-services/zuul/values.yaml index 769714f0a0..1960abeda9 100644 --- a/deploy-as-code/helm/charts/core-services/zuul/values.yaml +++ b/deploy-as-code/helm/charts/core-services/zuul/values.yaml @@ -39,7 +39,8 @@ healthChecks: custom-filter-property: "false" posthook-config: "" prehook-config: "" -heap: "-Xmx192m -Xms192m" +heap: "-Xmx256m -Xms256m" +memory_limits: 512Mi appType: "java-spring" tracing-enabled: true server-tomcat-max-threads: "350" From 5e7d377f72e6f65fb00d6f367b2b2c6f1eede847 Mon Sep 17 00:00:00 2001 From: Harish S <119594385+Harish-egov@users.noreply.github.com> Date: Thu, 29 Feb 2024 16:34:53 +0530 Subject: [PATCH 735/742] Update values.yaml --- deploy-as-code/helm/charts/common/values.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/deploy-as-code/helm/charts/common/values.yaml b/deploy-as-code/helm/charts/common/values.yaml index d69924198f..334796b515 100644 --- a/deploy-as-code/helm/charts/common/values.yaml +++ b/deploy-as-code/helm/charts/common/values.yaml @@ -61,6 +61,8 @@ initContainers: secretKeyRef: name: db key: flyway-password + - name: JAVA_ENABLE_DEBUG + value: "TRUE" - name: "FLYWAY_LOCATIONS" valueFrom: configMapKeyRef: From ea43bf00d649acb81ce414a9279e97629a9269e4 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Thu, 29 Feb 2024 17:38:11 +0530 Subject: [PATCH 736/742] Update _ingress.yaml --- deploy-as-code/helm/charts/common/templates/_ingress.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/charts/common/templates/_ingress.yaml b/deploy-as-code/helm/charts/common/templates/_ingress.yaml index 645d59aa9b..a7572ef8a6 100644 --- a/deploy-as-code/helm/charts/common/templates/_ingress.yaml +++ b/deploy-as-code/helm/charts/common/templates/_ingress.yaml @@ -36,7 +36,7 @@ spec: - backend: {{- if .Values.ingress.zuul }} service: - name: zuul + name: gateway port: number: 8080 {{ else }} From 4e6296344b1ce7b430e6f7887a8555c145c42d00 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Fri, 1 Mar 2024 15:02:22 +0530 Subject: [PATCH 737/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index c9458be820..a5c902339b 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -180,7 +180,7 @@ egov-filestore: aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" filestore-url-validity: 3600 fixed-bucketname: unified-dev-bucket-s3 ## Add filestore bucket name From 946816ee62e029d15ab581ee04561ebd16e7de06 Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Fri, 1 Mar 2024 16:14:43 +0530 Subject: [PATCH 738/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index a5c902339b..369a96b15d 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -306,7 +306,7 @@ egov-indexer: gitSync: repo: "git@github.com:egovernments/configs" ##### Change repo url with Your fork Repo url branch: "UNIFIED-DEV" ##### Change repo branch with Your fork Repo branch - egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yml" + egov-indexer-yaml-repo-path: "file:///work-dir/configs/fsm/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/fsm/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/privacy-audit.yaml,file:///work-dir/configs/egov-indexer/billingservices-indexer.yml,file:///work-dir/configs/egov-indexer/collection-indexer.yml,file:///work-dir/configs/egov-indexer/egov-telemetry-indexer.yml,file:///work-dir/configs/egov-indexer/egov-uploader-indexer.yml,file:///work-dir/configs/egov-indexer/error-queue.yml,file:///work-dir/configs/egov-indexer/finance-rolloutadotpion-indexer.yml,file:///work-dir/configs/egov-indexer/payment-indexer.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml,file:///work-dir/configs/egov-indexer/rainmaker-pgr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-pt-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-tl-indexer.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry.yaml,file:///work-dir/configs/egov-indexer/water-service.yml,file:///work-dir/configs/egov-indexer/water-services-meter.yml,file:///work-dir/configs/egov-indexer/sewerage-service.yml,file:///work-dir/configs/egov-indexer/property-services.yml,file:///work-dir/configs/egov-indexer/chatbot-telemetry-v2.yaml,file:///work-dir/configs/egov-indexer/egov-vehicle.yaml,file:///work-dir/configs/egov-indexer/egov-vendor.yaml,file:///work-dir/configs/egov-indexer/egov-url-shortening-indexer.yaml,file:///work-dir/configs/egov-indexer/fire-noc-service.yml,file:///work-dir/configs/egov-indexer/egov-echallan.yml,file:///work-dir/configs/egov-indexer/egov-bpa-indexer.yml,file:///work-dir/configs/egov-indexer/edcr-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-birth-indexer.yml,file:///work-dir/configs/egov-indexer/rainmaker-death-indexer.yml,file:///work-dir/configs/egov-indexer/ws-event-indexer.yml,file:///work-dir/configs/egov-indexer/egov-error-queue-indexer.yml,file:///work-dir/configs/egov-indexer/citizen-feedback-indexer.yml,file:///work-dir/configs/egov-indexer/egov-fsm.yml,file:///work-dir/configs/egov-indexer/fsm-inbox-indexer.yml,file:///work-dir/configs/works/egov-indexer/contractservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/estimateservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensebill-indexer.yml,file:///work-dir/configs/works/egov-indexer/individual-indexer.yml,file:///work-dir/configs/works/egov-indexer/musterservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/organisationservices-indexer.yml,file:///work-dir/configs/works/egov-indexer/project-indexer.yml,file:///work-dir/configs/egov-indexer/product-indexer.yml,file:///work-dir/configs/egov-indexer/individual-indexer.yml,file:///work-dir/configs/egov-indexer/household-indexer.yml,file:///work-dir/configs/egov-indexer/project-task-indexer.yml,file:///work-dir/configs/egov-indexer/stock-indexer.yml,file:///work-dir/configs/egov-indexer/facility-indexer.yml,file:///work-dir/configs/egov-indexer/project-staff-indexer.yml,file:///work-dir/configs/egov-indexer/service-request-indexer.yml,file:///work-dir/configs/works/egov-indexer/measurement-indexer.yml,file:///work-dir/configs/works/egov-indexer/ifms-pi-indexer.yml,file:///work-dir/configs/works/egov-indexer/expensepayment-indexer.yml,file:///work-dir/configs/egov-indexer/egov-pqm-service.yml,file:///work-dir/configs/egov-indexer/pqm-service-indexer.yml,file:///work-dir/configs/egov-indexer/pqm-anomaly-finder-indexer.yml,file:///work-dir/configs/egov-indexer/sample.yml,file:///work-dir/configs/egov-indexer/pgr-services.yml" egov-persister: replicas: 1 From 8e17b411e4b0cc28587bfa3af40fbb6953fd7d0e Mon Sep 17 00:00:00 2001 From: SriPadma8997-egov <112681948+SriPadma8997-egov@users.noreply.github.com> Date: Fri, 1 Mar 2024 17:14:27 +0530 Subject: [PATCH 739/742] Update digit-lts.yaml --- deploy-as-code/helm/environments/digit-lts.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 369a96b15d..b71f3863da 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -22,7 +22,7 @@ cluster-configs: egov-state-level-tenant-id: "pg" s3-assets-bucket: "(pg-egov-assets|egov-playground-assets)" es-host: "elasticsearch-data-v1.es-cluster" - es-indexer-host: "http://elasticsearch-data-v1.es-cluster:9200/" + es-indexer-host: "https://elasticsearch-data.es-cluster:9200/" flyway-locations: "filesystem:/flyway/sql,filesystem:/flyway/seed,filesystem:/flyway/qa" kafka-brokers: "release-name-kafka-controller-headless.kafka-kraft:9092" kafka-infra-brokers: kafka-v2-infra.kafka-cluster:9092 From 1469afc239bee1b6c9d0a5b97c4356bc8a65eadb Mon Sep 17 00:00:00 2001 From: Varun Reddy <155146627+varunreddy-egov@users.noreply.github.com> Date: Tue, 5 Mar 2024 11:56:12 +0530 Subject: [PATCH 740/742] Added helm charts for internal-gateway-scg (#2488) --- .../internal-gateway-scg/Chart.yaml | 26 ++++++++ .../templates/deployment.yaml | 2 + .../internal-gateway-scg/templates/role.yaml | 24 +++++++ .../templates/rolebinding.yaml | 21 ++++++ .../templates/service.yaml | 2 + .../templates/serviceaccount.yaml | 15 +++++ .../internal-gateway-scg/values.yaml | 66 +++++++++++++++++++ 7 files changed, 156 insertions(+) create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/Chart.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/deployment.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/role.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/rolebinding.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/service.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/serviceaccount.yaml create mode 100644 deploy-as-code/helm/charts/core-services/internal-gateway-scg/values.yaml diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/Chart.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/Chart.yaml new file mode 100644 index 0000000000..4f59682e41 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/Chart.yaml @@ -0,0 +1,26 @@ +apiVersion: v2 +name: internal-gateway-scg +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. +appVersion: 1.16.0 + +dependencies: +- name: common + version: 0.0.5 + repository: file://../../common diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/deployment.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/deployment.yaml new file mode 100644 index 0000000000..3455c00058 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/deployment.yaml @@ -0,0 +1,2 @@ +# deployment.yaml +{{- template "common.deployment" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/role.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/role.yaml new file mode 100644 index 0000000000..8566522a47 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/role.yaml @@ -0,0 +1,24 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Chart.Name }} + namespace: {{ .Values.namespace }} +rules: +- apiGroups: + - "" + resources: + - services + - endpoints + - pods + verbs: + - get + - list + - watch +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/rolebinding.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/rolebinding.yaml new file mode 100644 index 0000000000..2f0751eba6 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/rolebinding.yaml @@ -0,0 +1,21 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Chart.Name }} + namespace: {{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ .Chart.Name }} +subjects: +- kind: ServiceAccount + name: {{ .Values.serviceAccount }} + namespace: {{ .Values.namespace }} +{{- end -}} diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/service.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/service.yaml new file mode 100644 index 0000000000..7356445764 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/service.yaml @@ -0,0 +1,2 @@ +# service.yaml +{{- template "common.service" . -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/serviceaccount.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/serviceaccount.yaml new file mode 100644 index 0000000000..844a49d608 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/templates/serviceaccount.yaml @@ -0,0 +1,15 @@ +{{- $envOverrides := index .Values (tpl .Chart.Name .) -}} +{{- $baseValues := .Values | deepCopy -}} +{{- $values := dict "Values" (mustMergeOverwrite $baseValues $envOverrides) -}} +{{- with mustMergeOverwrite . $values }} +{{- if or .Values.serviceAccount -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: {{ .Chart.Name }} + group: gateway + name: {{ .Values.serviceAccount }} + namespace: {{ .Values.namespace }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/deploy-as-code/helm/charts/core-services/internal-gateway-scg/values.yaml b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/values.yaml new file mode 100644 index 0000000000..dc560db979 --- /dev/null +++ b/deploy-as-code/helm/charts/core-services/internal-gateway-scg/values.yaml @@ -0,0 +1,66 @@ +# Common Labels +labels: + app: "internal-gateway-scg" + group: "gateway" + +serviceAccount: internal-gateway-scg +namespace: egov + +# Ingress Configs +ingress: + enabled: true + zuul: true + context: "internal-gateway-scg" + +# Init Containers Configs +initContainers: {} + +# Container Configs +image: + repository: "internal-gateway-scg" +replicas: "1" +healthChecks: + enabled: true + livenessProbePath: "/health" + readinessProbePath: "/health" +custom-filter-property: "false" +posthook-config: "" +prehook-config: "" +heap: "-Xmx192m -Xms192m" +appType: "java-spring" +tracing-enabled: true +server-tomcat-max-threads: "350" +server-tomcat-max-connections: "1500" +java-args: "" +eventlog-enabled: "false" +#eventlog-topic: "zuul-event-log" +eventlog-urls-whitelist: "" +home-isolation-chatbot-router-enabled: false + +# Additional Container Envs +env: | + - name: SERVER_PORT + value: "8080" + - name: JAVA_OPTS + value: {{ index .Values "heap" | quote }} + - name: ZUUL_HOST_CONNECT_TIMEOUT_MILLIS + value: "20000" + - name: ZUUL_HOST_SOCKET_TIMEOUT_MILLIS + value: "60000" + {{- if index .Values "tracing-enabled" }} + - name: TRACER_OPENTRACING_ENABLED + value: "true" + {{- end }} + - name: SECURITY_BASIC_ENABLED + value: "false" + - name: MANAGEMENT_SECURITY_ENABLED + value: "false" + - name: JAVA_ARGS + value: {{ index .Values "java-args" | quote }} + - name: EGOV_SERVICE_CONFIG_PATH + value: "https://raw.githubusercontent.com/egovernments/configs/central-instance/internal-gateway.json" + - name: STATE_LEVEL_TENANT_ID + valueFrom: + configMapKeyRef: + name: egov-config + key: egov-state-level-tenant-id \ No newline at end of file From e1d8e63041cae1d9aa16e9d1e16b5da2c8aafdb2 Mon Sep 17 00:00:00 2001 From: mustakim172737 <162281093+mustakim172737@users.noreply.github.com> Date: Tue, 5 Mar 2024 12:43:14 +0530 Subject: [PATCH 741/742] Update digit-lts.yaml added csv and docs file formates to filestore --- deploy-as-code/helm/environments/digit-lts.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index b71f3863da..131a0a1f63 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -180,8 +180,9 @@ egov-filestore: aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" - allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" +allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx,csv" + filestore-url-validity: 3600 fixed-bucketname: unified-dev-bucket-s3 ## Add filestore bucket name From 499bcc28d0ed7a18b3c972fa54a001ea1693b02b Mon Sep 17 00:00:00 2001 From: mustakim172737 <162281093+mustakim172737@users.noreply.github.com> Date: Tue, 5 Mar 2024 14:07:03 +0530 Subject: [PATCH 742/742] Update digit-lts.yaml zip file added --- deploy-as-code/helm/environments/digit-lts.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy-as-code/helm/environments/digit-lts.yaml b/deploy-as-code/helm/environments/digit-lts.yaml index 131a0a1f63..973550cc69 100644 --- a/deploy-as-code/helm/environments/digit-lts.yaml +++ b/deploy-as-code/helm/environments/digit-lts.yaml @@ -180,8 +180,8 @@ egov-filestore: aws.s3.url : "https://s3.amazonaws.com" is-s3-enabled: "true" minio-enabled: false - allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'}}" -allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx,csv" + allowed-file-formats-map: "{jpg:{'image/jpg','image/jpeg'},jpeg:{'image/jpeg','image/jpg'},png:{'image/png'},pdf:{'application/pdf'},odt:{'application/vnd.oasis.opendocument.text'},ods:{'application/vnd.oasis.opendocument.spreadsheet'},docx:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},doc:{'application/x-tika-msoffice','application/x-tika-ooxml','application/vnd.oasis.opendocument.text','application/msword'},dxf:{'text/plain','application/dxf','application/octet-stream','image/vnd.dxf','image/vnd.dxf; format=ascii','image/vnd.dxf; format=binary','image/vnd.dxb'},csv:{'text/plain','text/csv'},txt:{'text/plain'},xlsx:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel','application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/zip'},xls:{'application/x-tika-ooxml','application/x-tika-msoffice','application/vnd.ms-excel'},zip:{application/zip}}" +allowed-file-formats: "jpg,jpeg,png,doc,docx,pdf,odt,ods,text,dxf,xls,xlsx,csv,zip" filestore-url-validity: 3600 fixed-bucketname: unified-dev-bucket-s3 ## Add filestore bucket name